Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    BORN Ontario child registry data breach affects 3.4 million people

Featured Deal: Get started in AI or make your own with this $19.97 course bundle

Latest Buyer's Guide:    Best VPNs to unblock Stan outside Australia in 2023

Generic User Avatar

Need Help With usw9.prmsrvs.com on Chrome.exe

Started by glanko , Sep 21 2023 05:20 AM

  • Please log in to reply
29 replies to this topic

#1 glanko

glanko

  • Avatar image
  • Members
  • 17 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Indonesia
  • Local time:08:24 AM

Posted 21 September 2023 - 05:20 AM

Hello, I have a problem with a malicious virus or malware on my computer. Whenever I log in to my Windows and open Chrome, Avast displays this message. I tried to run a scan with Avast but had no luck. Can anyone help me with my problem? Many thanks for considering my request. 

Attached File  messageImage_1695291546565.jpg   50.37KB   0 downloads


BC AdBot (Login to Remove)

 

#2 dennis_l

dennis_l

  • Avatar image
  • Malware Response Team
  • 2,423 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:UK
  • Local time:02:24 AM

Posted 21 September 2023 - 05:22 AM

Hi glanko ,
My name is Dennis and I will assist you with your computer problems.
Please read through these guidelines before we start.

  • Back up any important data, as a precaution before starting this process.
  • If you are unsure about anything then please ask. This makes the task much easier in the long run.
  • Do not run any other tools or make changes to your system during the removal process.
  • Please do not start a new topic and keep all replies in this thread.
  • Follow the instructions in the sequence advised.
  • Copy and paste the logs into the reply. I will advise if anything needs to be added as an attachment.
  • Here at Bleeping Computer we are mostly volunteers, so please be patient with us. I’ll try to respond within 24 hours. You will be advised if it is expected to be longer than 48 hours.
  • Please let me know if you are going to be delayed in responding. If you do not reply after 5 days, I’ll assume you do not want to continue and will close the topic.
  • Sometimes things might seem to be resolved, but there may still need to be more checks necessary, so please wait until I give the all clear.

Firstly I'd like you to follow the steps outlined here: Preparation Guide
Section 6 covers how to download and run the Farbar Recovery Scan Tool (FRST).
Note: If you receive a warning about the download, it is a false positive and you can safely ignore it.
Please copy and paste both FRST logs into your reply. If you get an error message advising that the content is too long, you should post 2 separate replies.

Dennis

 


#3 glanko

glanko
  • Topic Starter

  • Avatar image
  • Members
  • 17 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Indonesia
  • Local time:08:24 AM

Posted 21 September 2023 - 05:35 AM

Hello Dennis, nice to meet you! here is my FRST logs. Just tell me when you need Addition logs too. 
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2023
Ran by Gemilang (administrator) on LAPTOP-IG4RR8R0 (ASUSTeK COMPUTER INC. ASUS TUF Gaming F15 FX506HCB_FX506HCB) (21-09-2023 17:26:09)
Running from C:\Users\Gemilang\Downloads\FRST64.exe
Loaded Profiles: Gemilang
Platform: Microsoft Windows 11 Pro Version 22H2 22621.2283 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe <6>
(ASUSACCI\ArmouryCrateControlInterface.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ACCIMonitor.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusOSD.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <6>
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) [File not signed] C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\adskflex.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\DenoiseAIPlugin\ArmouryCrate.DenoiseAI.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.259_0\DiscoverySrv.exe
(C:\Program Files\CleanMyPC\CleanMyPCService.exe ->) (MacPaw, Inc. -> MacPaw Inc.) C:\Program Files\CleanMyPC\ReminderSystem.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Microsoft Corporation) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <7>
(C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\msedgewebview2.exe <13>
(C:\Users\Gemilang\AppData\Local\LINE\bin\current\LINE.exe ->) (LINE Corporation -> LINE Corporation) C:\Users\Gemilang\AppData\Local\LINE\Data\plugin\LineCall\1.0.0.692\LineCall.exe
(C:\Users\Gemilang\AppData\Local\LINE\bin\current\LINE.exe ->) (LINE Corporation -> LINE Corporation) C:\Users\Gemilang\AppData\Local\LINE\Data\plugin\LineMediaPlayer\1.2.0.504\LineMediaPlayer.exe <2>
(C:\Users\Gemilang\AppData\Local\WebEx\WebexHost.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Gemilang\AppData\Local\WebEx\WebEx64\Meetings\atmgr.exe
(DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_597623a539cfcca8\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_597623a539cfcca8\igfxEMN.exe
(explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Gemilang\AppData\Local\WebEx\WebexHost.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\Gemilang\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\80.0.1.0\crashpad_handler.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <74>
(explorer.exe ->) (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe
(explorer.exe ->) (Snap Inc. -> Snap Inc) C:\Program Files\Snap Inc\Snap Camera\Snap Camera.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(LINE Corporation -> LINE Corporation) C:\Users\Gemilang\AppData\Local\LINE\bin\current\LINE.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.191.0912.0001\Microsoft.SharePoint.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\PgBouncer\bin\pgbouncer.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe
(services.exe ->) (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\bin\httpd.exe <2>
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) [File not signed] C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\11.0.0.4854\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (ETH Zürich -> ETH Zürich) C:\Program Files\SafeExamBrowser\Service\SafeExamBrowser.Service.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe <2>
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_597623a539cfcca8\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_74e28d819fb21cc3\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_4d9e9544615ee129\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_f866bf1588e6868a\WMIRegistrationService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (MacPaw, Inc. -> MacPaw Inc.) C:\Program Files\CleanMyPC\CleanMyPCService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_01c2aa330b469c4a\IntelCpHDCPSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvamig.inf_amd64_e3377401dd616a66\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_179f26ff7cd32d0f\RtkAudUService64.exe <3>
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files\Common Files\Zoom\Support\CptService.exe
(sihost.exe ->) (04797BBC-C7BB-462F-9B66-331C81E27C0E -> TranslucentTB Open Source Developers) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2023.1.0.0_x64__v826wp6bftszj\TranslucentTB.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2336.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ) C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.6.10.0_x64__qmba6cd70vzyy\ArmouryCrate.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (H.D.S. Hungary) [File not signed] C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [6607584 2022-03-07] (Adobe Inc. -> Adobe Systems Inc.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [256408 2023-09-19] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [149680 2022-03-07] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" [64360992 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe [55747872 2023-09-06] (Google LLC -> Google, Inc.)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2587568 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe [55747872 2023-09-06] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2587568 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe [3772512 2022-10-26] (Skutta, Kristjan -> )
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Run: [f.lux] => C:\Users\Gemilang\AppData\Local\FluxSoftware\Flux\flux.exe [1525880 2023-05-19] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Run: [Snap Camera] => C:\Program Files\Snap Inc\Snap Camera\Snap Camera.exe [65508216 2022-07-25] (Snap Inc. -> Snap Inc)
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\Gemilang\AppData\Local\WhatsApp\Update.exe [2254048 2023-03-10] (WhatsApp LLC -> )
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Gemilang\AppData\Local\WebEx\WebexHost.exe [8078432 2023-08-16] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Run: [GoogleChromeAutoLaunch_BE73F2B5F9E1C5FF36A1C35A954710F1] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3219744 2023-09-09] (Google LLC -> Google LLC)
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe [55747872 2023-09-06] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Run: [LINE] => C:\Users\Gemilang\AppData\Local\LINE\bin\LineLauncher.exe [1811104 2023-09-19] (LINE Corporation -> LINE Corporation)
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-951395627-451568364-1154128064-1006\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe [55747872 2023-09-06] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-951395627-451568364-1154128064-500\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2587568 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-951395627-451568364-1154128064-500\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe [55747872 2023-09-06] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe [55747872 2023-09-06] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2022-03-03] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\116.0.5845.188\Installer\chrmstp.exe [2023-09-13] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-951395627-451568364-1154128064-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0EBC74EF-D7E8-4C71-B74D-65C493746E45} - System32\Tasks\0k5gyk\uiacye\wcl32b\8061vv\ch9obp\gv6xcb\yc3dex\l2xjrq\9q8q30\t6wfja\jvcfmh\uadojg\hf6cch\b2g06o\t2hnfr\cgaqfe\5vxbl6 => %localappdata%\Catawba.exe  "tgbnhyhtgbnhyttgbnhyttgbnhyptgbnhy:tgbnhy/tgbnhy/tgbnhywtgbnhywtgbnhywtgbnhy.tgbnhyftgbnhyotgbnhyntgbnhyttgbnhyetgbnhyntgbnhyotgbnhyttgbnhystgbnhyutgbnhy.tgbnhyctgbnhyotgbnhymtgbnhy/tgbnhyle2qp0qp2qtgbnhyp3qp0c9c1ltgbnhye8leqphtmltgbnhyL2shEWR9IqtgbnhyVBHQoiukZ0" (No File) <==== ATTENTION
Task: {2088BC70-4DAA-48D0-871D-7AB65319538A} - System32\Tasks\1t8v7n\l2tjnx\7auokl\687xl3\z9jmoh\vr2uzp\0tybme\txmh4v\36hx1z\oph9d7\jl14v5\cyhl7j\16sw5m\sr3s5c\lh36mc\9s6hev\8nlq4n => %localappdata%\brooches.exe  (No File) <==== ATTENTION
Task: {D71D304C-DC3D-4144-86B6-324552FAC08E} - System32\Tasks\47qjxe\8566kz\fznvm5\dfixxe\6p62t4\ntaoqs\3gzjra\qoqley\8ci4l6\ir522d\9n8txq\afffbt\9z194s\cczhi7\pjiadh\ul6e69\n6t0xd => %PROGRAMFILES(x86)%\Botas\abed.exe  (No File) <==== ATTENTION
Task: {A4853274-B062-4A5A-875F-00E84F41BC58} - System32\Tasks\9dinme\q3ambz\itwk4j\mt5lbp\8ne09c\eooqhs\782jd2\q59wq4\1edtbb\ekdgrz\nah251\mokab1\mtnqen\zgu6wd\e3cnhb\8wyq1n\da5qye => %localappdata%\Catawba.exe  "tgbnhyhtgbnhyttgbnhyttgbnhyptgbnhy:tgbnhy/tgbnhy/tgbnhywtgbnhywtgbnhywtgbnhy.tgbnhyftgbnhyotgbnhyntgbnhyttgbnhyetgbnhyntgbnhyotgbnhyttgbnhystgbnhyutgbnhy.tgbnhyctgbnhyotgbnhymtgbnhy/tgbnhyle2qp0qp2qtgbnhyp3qp0c9c1ltgbnhye8leqphtmltgbnhyL2shEWR9IqtgbnhyVBHQoiukZ0" (No File) <==== ATTENTION
Task: {7C31F7C4-07DF-4795-8F5B-5FA1FFEE6906} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {A718428A-8BF3-4903-ACD3-5B5935A614EE} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {A536AA04-E886-45DC-8431-88F1065AF598} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FD2287EC-EF96-4E54-B6E3-0F0364508B35} - System32\Tasks\Apple Diagnostics => C:\Users\Gemilang\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe [0 2023-08-19] () [symlink -> ]
Task: {2A94F5B7-F03C-4D93-ABD7-900A6F5828AD} - System32\Tasks\ASC_SkipUac_gemil => "C:\Program Files (x86)\Advanced SystemCare Pro\ASC.exe"  /SkipUac (No File)
Task: {86B7E84C-57BC-494F-85BF-37569DE74AC9} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusHotkey.exe [291408 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B439E448-6F4F-4F60-9716-B86E2CD7E0EE} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSoftwareManager\AsusUpdateChecker.exe [797776 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {799371C3-D08F-4E7C-91D5-A6D54534AAC7} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [309608 2022-09-27] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {98DACA27-E3A0-46A3-826E-CD4933D666DA} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1858920 2022-09-27] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {E54279E2-0D7E-40F5-BB54-6B85316279D5} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2022-01-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {24D12A98-6FBF-4A5D-B690-FFA1EF4D3F11} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2022-01-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {41BB7C64-AF7F-4CC0-9B4F-D09F7A73A699} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [43797544 2022-09-01] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {291F967A-2AC3-4B10-9B27-6AF378753593} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (No File)
Task: {4A926F9A-EA11-4474-B8F5-86AA7DA687D8} - System32\Tasks\ASUSSmartDisplayControl => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [149680 2022-03-07] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {3516782A-AFCC-4E42-847D-4FA2DF3EFA86} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4082808 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {D1B142C2-6383-492E-8F3B-0E25B782219F} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4947352 2023-09-19] (Avast Software s.r.o. -> AVAST Software)
Task: {E58EE50D-6F09-4462-8F6F-9A23B623AA75} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-09-19] (Avast Software s.r.o. -> Avast Software)
Task: {A9FEFE4C-2505-4095-A204-503B9993B5E8} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.259_0\WatchDog.exe [937000 2023-07-27] (Bitdefender SRL -> Bitdefender)
Task: {09EC3258-43EC-4F06-A3F1-150DEA995213} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-04-12] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {936BFCEB-8CEA-40E2-81AF-FC1424FC2C8E} - System32\Tasks\CCleanerSkipUAC - Gemilang => C:\Program Files\CCleaner\CCleaner64.exe [35874816 2022-03-16] (Piriform Software Ltd) [File not signed]
Task: {0051CCE0-6883-48B2-982F-6588E89523D7} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\Driver Booster\Scheduler.exe [156696 2022-01-20] (IObit CO., LTD -> IObit)
Task: {5F68CA97-9CC8-4DC8-8C39-AE45F0DA6DB0} - System32\Tasks\Driver Booster SkipUAC (gemil) => C:\Program Files (x86)\Driver Booster\DriverBooster.exe [8641536 2022-02-22] (IObit) [File not signed]
Task: {70D79F22-BA6E-4466-AA74-814F3CB63E86} - System32\Tasks\Driver Booster SkipUAC (Gemilang) => C:\Program Files (x86)\Driver Booster\DriverBooster.exe [8641536 2022-02-22] (IObit) [File not signed]
Task: {ADF9A43A-60AC-49E9-ADD4-64AB292705DE} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\Driver Booster\AutoUpdate.exe [82680 2020-05-30] (IObit) [File not signed]
Task: {3A306A40-704D-4C79-9BAD-274AC267D047} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2022-01-18] (Google Inc -> Google Inc.)
Task: {A573E252-9B0A-4559-AAB2-70EEDBAEDDA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2022-01-18] (Google Inc -> Google Inc.)
Task: {FFBA804E-54EC-41D6-B47F-EB7CB4D1CE61} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Gemilang => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [6181888 2022-12-12] (H.D.S. Hungary) [File not signed]
Task: {D64DF579-8045-4D20-823F-39B9F1F7CE95} - System32\Tasks\m0am5a\fl0j9f\itg3t9\4cwo3d\hreyo3\ghcat5\zqt7jt\azgviq\7wj9j0\ppmvk5\vdc6it\y8awzt\87g874\057s9v\a2socn\5d9dca\yydm4m => %localappdata%\toppled.exe  "tgbnhyhtgbnhyttgbnhyttgbnhyptgbnhy:tgbnhy/tgbnhy/tgbnhywtgbnhywtgbnhywtgbnhy.tgbnhyftgbnhyotgbnhyntgbnhyttgbnhyetgbnhyntgbnhyotgbnhyttgbnhystgbnhyutgbnhy.tgbnhyctgbnhyotgbnhymtgbnhy/tgbnhyle2qp0qp2qtgbnhyp3qp0c9c1ltgbnhye8leqphtmltgbnhyL2shEWR9IqtgbnhyVBHQoiukZ0" (No File) <==== ATTENTION
Task: {97150913-4DCC-40BE-A7AE-71DE813694DA} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe  /Run (No File)
Task: {9E8B9F44-B23C-4FD1-9314-66901446A435} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26974720 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A74780AD-EDF6-4FF4-AFDA-1806C5F47946} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26974720 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {523AE669-05EE-48EC-997B-CF5AB7DC31D4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160952 2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {539A3443-3E32-457B-B95B-5D5BC5D9F511} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160952 2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {3CF0FFE5-B9CD-4BA1-8644-1795B7D2FA8A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169136 2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {FE71E641-2118-4CDE-A092-B03AE445AF31} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4413368 2023-09-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D741A01-9338-4A8E-A98C-BD8285333911} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\UCPD velocity => C:\WINDOWS\system32\UCPDMgr.exe [58880 2023-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File)
Task: {2B631737-D5C3-4C4F-AA25-88A99027CB1F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-09-19] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {AC77A1E4-5973-440F-95F8-ADCC139A3A8B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {7F5415DE-409C-4F75-B283-950FDEC62A92} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {3DC52AFE-92BD-4022-9E3A-FF185F95B511} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {318CD897-FD16-4C53-B202-64C71D518BE9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FF565B15-819C-45A9-8459-5E2FE89A7E30} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {80C3B502-684D-4746-A561-6952530A1FBE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ACCF1016-C48B-4514-AE81-FEC34C96B296} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D1E58DA8-1796-46E0-923D-C1D11DCD8470} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5862E987-4A7A-41DC-9F2B-8283D2F52C89} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5994F67A-E1CB-4014-A5D9-A12B40DE5700} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {156E1772-F8FC-4D13-B749-0C7CF804BF09} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {42275048-2444-4D45-BB3D-96F94D3CDE33} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130208 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {88D27365-239D-46F9-BEE8-98736B95C994} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-951395627-451568364-1154128064-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130208 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {62FD47B3-8102-4A9A-93D0-AAE9DC3D7748} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-951395627-451568364-1154128064-1006 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130208 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1163EC5-C3ED-4130-AAF3-159784AA2B06} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-951395627-451568364-1154128064-500 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130208 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A455BFF-AF14-4106-ABAA-616CD019E4E7} - System32\Tasks\Opera GX scheduled Autoupdate 1695082761 => C:\Users\Gemilang\AppData\Local\Programs\Opera GX\launcher.exe [2686880 2023-09-14] (Opera Norway AS -> Opera Software)
Task: {8D96FBC0-9974-407B-84BA-F0F42490A928} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_179f26ff7cd32d0f\RtkAudUService64.exe [1616744 2022-10-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0990094c-56a1-46b3-885a-978925f65090}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7789122f-a994-4082-863f-609b1b8e6f53}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b71c6bf0-30af-4da2-ad31-fad9c41edee3}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
 
Edge: 
=======
Edge Profile: C:\Users\Gemilang\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-19]
Edge Extension: (EndNote Click - Formerly Kopernio) - C:\Users\Gemilang\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jaleebmaoohbjjohjlfmihkkopgfibne [2022-03-24]
Edge Extension: (Edge relevant text changes) - C:\Users\Gemilang\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-04]
Edge HKU\S-1-5-21-951395627-451568364-1154128064-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx <not found>
Edge HKLM-x32\...\Edge\Extension: [jaleebmaoohbjjohjlfmihkkopgfibne]
 
FireFox:
========
FF DefaultProfile: ckzvzo2z.default
FF ProfilePath: C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\ckzvzo2z.default [2022-05-28]
FF ProfilePath: C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\zof674gf.default-release [2023-09-20]
FF Homepage: Mozilla\Firefox\Profiles\zof674gf.default-release -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170902&iDate=2022-02-28 12:38:04&bName=
FF Extension: (Grammarly for Firefox) - C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\zof674gf.default-release\Extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi [2022-05-17]
FF Extension: (Browsec VPN - Free VPN for Firefox) - C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\zof674gf.default-release\Extensions\browsec@browsec.com.xpi [2022-04-22]
FF Extension: (AdBlock — best ad blocker) - C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\zof674gf.default-release\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2022-05-06]
FF Extension: (Japan Style - Kanagawa Great Wave HI RES) - C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\zof674gf.default-release\Extensions\{3ed642ce-554e-4329-ae49-12ee7717d491}.xpi [2022-03-23]
FF Extension: (Rainbow Beach) - C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\zof674gf.default-release\Extensions\{abb6cef7-ef9b-499c-b6d9-6c1917b5469a}.xpi [2022-03-23]
FF Extension: (Dracula Dark Theme) - C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\zof674gf.default-release\Extensions\{b743f56d-1cc1-4048-8ba6-f9c2ab7aa54d}.xpi [2022-03-23]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\zof674gf.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-05-17]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Gemilang\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Gemilang\AppData\Roaming\IDM\idmmzcc5 [2022-03-30] [Legacy] [not signed]
FF HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-09] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default [2023-09-21]
CHR Notifications: Default -> hxxps://kampusmerdeka.kemdikbud.go.id; hxxps://session.satupersen.net; hxxps://www.duolingo.com
CHR Extension: (Easy Auto Refresh) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2022-03-23]
CHR Extension: (Touch VPN - Secure and unlimited VPN proxy) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2023-09-13]
CHR Extension: (Adblock for Youtube™) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2023-05-25]
CHR Extension: (Mendeley Web Importer) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2023-08-30]
CHR Extension: (Dark Reader) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2023-08-13]
CHR Extension: (WA Web Plus for WhatsApp™) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekcgkejcjdcmonfpmnljobemcbpnkamh [2023-09-19]
CHR Extension: (Video Downloader Professional) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2023-04-20]
CHR Extension: (Quizit.online) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbihgipgiggdfncfhinohincfbieonkf [2022-03-23]
CHR Extension: (Google Docs Offline) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-23]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-09-21]
CHR Extension: (VPN Free - Betternet Unlimited VPN Proxy) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2023-09-16]
CHR Extension: (Picture-in-Picture Extension (by Google)) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgfoiooedgoejojocmhlaklaeopbecg [2023-08-31]
CHR Extension: (Zoho Vault) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpcodhieompeloncfnbekccinhapdb [2023-08-10]
CHR Extension: (Find & Replace for Text Editing) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\jajhdmnpiocpbpnlpejbgmpijgmoknnl [2023-05-17]
CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-09-15]
CHR Extension: (Ride the Wave) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldfofogdaicbefckdloiahgnajmcicnc [2023-04-26]
CHR Extension: (Application launcher for Drive (by Google)) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-19]
CHR Extension: (Video DownloadHelper) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2023-08-26]
CHR Extension: (IDM Integration Module) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2023-09-13]
CHR Extension: (Save Image As PNG) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkokmeaibnajheohncaamjggkanfbphi [2022-03-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-22]
CHR Extension: (Custom Cursor for Chrome™) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogdlpmhglpejoiomcodnpjnfgcpmgale [2023-09-01]
CHR Extension: (Browsec VPN - Free VPN for Chrome) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2023-09-12]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2023-09-17]
CHR Profile: C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-10]
CHR Profile: C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-03-10]
CHR Notifications: Profile 2 -> hxxps://meet.google.com
CHR Extension: (Google Docs Offline) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-16]
CHR Profile: C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 3 [2023-09-08]
CHR Extension: (EndNote Click - Formerly Kopernio) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fjgncogppolhfdpijihbpfmeohpaadpc [2022-12-21]
CHR Extension: (Google Docs Offline) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-21]
CHR Profile: C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 4 [2023-07-10]
CHR Extension: (EndNote Click - Formerly Kopernio) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fjgncogppolhfdpijihbpfmeohpaadpc [2023-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-20]
CHR Profile: C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 5 [2023-03-10]
CHR Extension: (Google Docs Offline) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-21]
CHR Profile: C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 6 [2023-07-03]
CHR Extension: (Google Docs Offline) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-10]
CHR Profile: C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\System Profile [2023-08-23]
CHR HKLM\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKU\S-1-5-21-951395627-451568364-1154128064-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKU\S-1-5-21-951395627-451568364-1154128064-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-951395627-451568364-1154128064-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fjgncogppolhfdpijihbpfmeohpaadpc] - hxxps://click.endnote.com/extensions/chrome/update-manifest.xml
CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18673448 2021-03-29] (Autodesk, Inc. -> Autodesk) [File not signed]
R2 AdskNLM; C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe [1201488 2021-02-25] (Flexera Software LLC -> Flexera)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3966432 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103264 2022-10-08] (Apple Inc. -> Apple Inc.)
R2 ArmouryCrateControlInterface; C:\WINDOWS\System32\ASUSACCI\ArmouryCrateControlInterface.exe [1181232 2023-06-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [399984 2023-02-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2022-01-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\AsusAppService\AsusAppService.exe [1177208 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [558104 2022-10-12] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkNear\AsusLinkNear.exe [1630288 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkRemote\AsusLinkRemote.exe [772688 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2022-01-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusOptimization.exe [473168 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [650208 2022-03-23] (ASUSTeK COMPUTER INC. -> ASUS)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSoftwareManager\AsusSoftwareManager.exe [1111120 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSwitch\AsusSwitch.exe [641104 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4082808 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [832632 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8904088 2023-09-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [587672 2023-09-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [588184 2023-09-19] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-09-19] (Avast Software s.r.o. -> AVAST Software)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe [1092656 2022-03-16] (AOMEI International Network Limited -> AOMEI International Network Limited)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2560552 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 CleanMyPCService; C:\Program Files\CleanMyPC\CleanMyPCService.exe [491688 2021-11-30] (MacPaw, Inc. -> MacPaw Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12857344 2023-09-07] (Microsoft Corporation -> Microsoft Corporation)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [429352 2022-11-23] (DTS, Inc. -> DTS Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.191.0912.0001\FileSyncHelper.exe [3513264 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
S2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_5f98233769cf65a5\AS\IAS\IntelAudioService.exe [539992 2023-08-29] (Intel Corporation -> Intel)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4209512 2022-12-26] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [46416 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.191.0912.0001\OneDriveUpdaterService.exe [3850144 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
R2 PEMHTTPD; C:\Program Files (x86)\edb\pem\httpd\apache\bin\httpd.exe [25088 2021-10-22] (Apache Software Foundation) [File not signed]
R2 pgbouncer; C:\Program Files (x86)\PgBouncer\bin\pgbouncer.exe [2380030 2021-11-12] () [File not signed]
S2 postgresql-x64-14; C:\Program Files\PostgreSQL\14\bin\pg_ctl.exe [118272 2022-03-23] (PostgreSQL Global Development Group) [File not signed]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [659496 2023-07-27] (Bitdefender SRL -> Bitdefender)
R2 RefreshRateService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe [40672 2021-09-10] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek Computer Inc.)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1665648 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 SafeExamBrowser; C:\Program Files\SafeExamBrowser\Service\SafeExamBrowser.Service.exe [405760 2022-11-15] (ETH Zürich -> ETH Zürich)
S4 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402352 2023-09-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvamig.inf_amd64_e3377401dd616a66\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvamig.inf_amd64_e3377401dd616a66\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
R2 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\Gemilang\AppData\Roaming\Zoom"
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [172928 2022-04-01] (AOMEI International Network Limited -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [32176 2022-04-01] (AOMEI International Network Limited -> )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [49256 2022-10-12] (ASUSTeK COMPUTER INC. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_314b5cb6bf57f471\AsusPTPFilter.sys [116712 2021-12-02] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemAnalysis\AsusSAIO.sys [49208 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31528 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238496 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [392880 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297880 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-09-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [272576 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559184 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [946160 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [705480 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212680 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319568 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusWmiAcpi.sys [48760 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321784 2022-04-12] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2022-11-04] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-11-04] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [33424 2021-07-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2021-08-12] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_1308f85f1b0adf27\iaLPSS2_I2C_TGL.sys [204440 2021-08-12] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1605320 2022-12-23] (Intel Corporation -> Intel Corporation)
R3 IGO_VSD; C:\WINDOWS\system32\drivers\igovsd.sys [42344 2021-07-05] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_5d49b801c1e48609\IntcUSB.sys [941976 2023-08-29] (Intel Corporation -> Intel® Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88760 2022-09-01] (Intel Corporation -> Intel Corporation)
R3 MTKBTFilterX64; C:\WINDOWS\system32\DRIVERS\mtkbtfilterx.sys [280040 2022-08-17] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1681752 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [237592 2023-08-29] (NVIDIA Corporation -> NVIDIA Corporation)
R1 ReasonCamFilter; C:\WINDOWS\System32\DRIVERS\ReasonCamFilter.sys [49992 2022-12-03] (Reason CyberSecurity Inc. -> Reason Software Company)
R3 rt25cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_1b566be7bbea37fc\rt25cx21x64.sys [742288 2023-08-29] (Realtek Semiconductor Corp. -> Realtek)
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows ® Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S4 UCPD; C:\WINDOWS\System32\drivers\UCPD.sys [29184 2023-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55872 2023-09-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [574872 2023-09-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-19] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; no ImagePath
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2023-09-21 17:26 - 2023-09-21 17:26 - 000067194 _____ C:\Users\Gemilang\Downloads\FRST.txt
2023-09-21 17:25 - 2023-09-21 17:26 - 000000000 ____D C:\FRST
2023-09-21 17:25 - 2023-09-21 17:25 - 002382848 _____ (Farbar) C:\Users\Gemilang\Downloads\FRST64.exe
2023-09-19 14:31 - 2023-09-19 14:31 - 000690101 _____ C:\Users\Gemilang\Downloads\Marvels.Spider.Man.Miles.Morales.v1.0.Plus.22.Trainer-FLiNG.zip
2023-09-19 14:31 - 2022-11-19 08:44 - 001103360 _____ (3DMGAME) C:\Users\Gemilang\Desktop\Marvels Spider Man Miles Morales v1.0 Plus 22 Trainer.exe
2023-09-19 07:50 - 2023-09-19 07:50 - 000057936 _____ C:\ProgramData\agent.uninstall.1695084519.bdinstall.v2.bin
2023-09-19 07:50 - 2023-09-19 07:50 - 000002162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2023-09-19 07:50 - 2023-09-19 07:50 - 000002150 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2023-09-19 07:50 - 2023-09-19 07:50 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Avast Software
2023-09-19 07:49 - 2023-09-19 07:49 - 000463140 _____ C:\ProgramData\cl.uninstall.1695084527.bdinstall.v2.bin
2023-09-19 07:48 - 2023-09-19 07:48 - 000313240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-09-19 07:48 - 2023-09-19 07:48 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-09-19 07:48 - 2023-09-19 07:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-09-19 07:48 - 2023-09-19 07:48 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2023-09-19 07:47 - 2023-09-19 07:47 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2023-09-19 07:47 - 2023-09-19 07:47 - 000000000 ____D C:\Program Files\Avast Software
2023-09-19 07:41 - 2023-09-19 07:41 - 000263576 _____ (AVAST Software) C:\Users\Gemilang\Downloads\avast_free_antivirus_setup_online.exe
2023-09-19 07:40 - 2023-09-21 17:10 - 000000000 ___HD C:\Users\Gemilang\.opera
2023-09-19 07:39 - 2023-09-19 07:39 - 000683380 _____ C:\ProgramData\cl.1695083781.bdinstall.v2.bin
2023-09-19 07:39 - 2023-09-19 07:39 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2023-09-19 07:38 - 2023-09-19 07:38 - 000000000 ____D C:\ProgramData\Gemma
2023-09-19 07:38 - 2023-09-19 07:38 - 000000000 ____D C:\ProgramData\Atc
2023-09-19 07:37 - 2023-09-19 07:38 - 000000000 ____D C:\ProgramData\BDLogging
2023-09-19 07:37 - 2023-09-19 07:37 - 000000000 ____D C:\WINDOWS\system32\elambkup
2023-09-19 07:37 - 2023-09-19 07:37 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Bitdefender Security App
2023-09-19 07:36 - 2023-09-19 10:24 - 000000000 ____D C:\Program Files\Bitdefender
2023-09-19 07:36 - 2023-09-19 07:49 - 000000000 ____D C:\ProgramData\Bitdefender
2023-09-19 07:36 - 2023-09-19 07:36 - 000091604 _____ C:\ProgramData\agent.update.1695083776.bdinstall.v2.bin
2023-09-19 07:28 - 2023-09-19 07:36 - 000003854 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2023-09-19 07:26 - 2023-09-19 07:36 - 000000000 ____D C:\Program Files\Bitdefender Agent
2023-09-19 07:26 - 2023-09-19 07:26 - 000143476 _____ C:\ProgramData\agent.1695083184.bdinstall.v2.bin
2023-09-19 07:26 - 2023-09-19 07:26 - 000000000 ____D C:\Users\Gemilang\AppData\Local\mbam
2023-09-19 07:26 - 2023-09-19 07:26 - 000000000 ____D C:\Users\Gemilang\AppData\Local\Bitdefender
2023-09-19 07:26 - 2023-09-19 07:26 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2023-09-19 07:21 - 2023-09-19 07:50 - 000000000 ___HD C:\Program Files (x86)\Klan
2023-09-19 07:21 - 2023-09-19 07:30 - 000000000 ____D C:\Program Files (x86)\draped
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\w4agpq
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\rkn1wb
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\obs510
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\m0am5a
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\c1cupu
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\aqlv93
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\akio5d
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\9itdhj
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\9dinme
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\47qjxe
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\2r2ljl
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\1t8v7n
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\0k5gyk
2023-09-19 07:19 - 2023-09-19 07:21 - 000000000 ____D C:\Users\Gemilang\AppData\Local\Opera Software
2023-09-19 07:19 - 2023-09-19 07:19 - 000004246 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1695082761
2023-09-19 07:18 - 2023-09-19 07:21 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Opera Software
2023-09-19 07:16 - 2023-09-19 07:16 - 000000000 ____D C:\Users\Gemilang\AppData\Local\AdvinstAnalytics
2023-09-19 07:03 - 2023-09-19 14:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-16 15:19 - 2023-09-19 20:05 - 000000000 ____D C:\Users\Gemilang\Documents\Marvel's Spider-Man Miles Morales
2023-09-16 15:14 - 2023-09-16 15:14 - 000667466 _____ C:\Users\Gemilang\Downloads\Resume - Gemilang.pdf
2023-09-16 15:12 - 2023-09-16 15:13 - 000059173 _____ C:\Users\Gemilang\Downloads\Cover Letter - Oliver Wyman.pdf
2023-09-16 14:49 - 2023-09-16 14:49 - 000001669 _____ C:\Users\Public\Desktop\Marvel’s Spider-Man - Miles Morales.lnk
2023-09-12 13:32 - 2023-09-12 13:32 - 000109638 _____ C:\Users\Gemilang\Downloads\CV - Aprieza Nurizki (2).pdf
2023-09-08 05:08 - 2023-09-08 05:08 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2023-09-07 16:13 - 2023-09-07 16:13 - 000620911 _____ C:\Users\Gemilang\Downloads\CV & Academic Transcript - Gemilang Ananda Nizola.pdf
2023-09-06 06:12 - 2023-09-06 06:12 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-09-02 07:21 - 2023-09-01 09:51 - 001243422 _____ C:\Users\Gemilang\Downloads\Dark Side of Fast Fashion - Only For Sharing.pdf
2023-08-30 13:47 - 2023-09-16 15:19 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Insomniac Games
2023-08-30 13:47 - 2023-09-15 16:41 - 000000000 ____D C:\Users\Gemilang\Documents\Marvel's Spider-Man Remastered
2023-08-30 13:47 - 2023-08-30 13:47 - 000000000 ____D C:\Users\Gemilang\.insomniac
2023-08-30 10:33 - 2023-08-30 10:33 - 000059041 _____ C:\Users\Gemilang\Downloads\Cover Letter - BCG - Workflow Associate.pdf
2023-08-29 07:18 - 2023-08-29 07:18 - 002167816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 001621512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 001538072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 001487480 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 001226872 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 001195024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000992264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000920600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000849088 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-08-29 07:18 - 2023-08-29 07:18 - 000849088 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-08-29 07:18 - 2023-08-29 07:18 - 000776216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-08-29 07:18 - 2023-08-29 07:18 - 000769048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000713920 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-08-29 07:18 - 2023-08-29 07:18 - 000713920 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-08-29 07:18 - 2023-08-29 07:18 - 000668680 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000653504 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000653504 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000637120 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000637120 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000503928 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000459384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-08-29 07:17 - 2023-08-29 07:17 - 014520856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-08-29 07:17 - 2023-08-29 07:17 - 012066840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-08-29 07:17 - 2023-08-29 07:17 - 006738024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-08-29 07:17 - 2023-08-29 07:17 - 006190728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-08-29 07:17 - 2023-08-29 07:17 - 005845000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-08-29 07:17 - 2023-08-29 07:17 - 005550728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-08-29 07:17 - 2023-08-29 07:17 - 003483272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-08-29 07:17 - 2023-08-29 07:17 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-08-29 07:17 - 2023-08-29 07:17 - 000108142 _____ C:\WINDOWS\system32\nvinfo.pb
2023-08-26 13:31 - 2023-08-26 13:31 - 000001866 _____ C:\Users\Public\Desktop\There Is No Game - Wrong Dimension.lnk
2023-08-26 13:31 - 2023-08-26 13:31 - 000000000 ____D C:\Users\Gemilang\AppData\LocalLow\DrawMeAPixel
2023-08-26 13:31 - 2023-08-26 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\There Is No Game - Wrong Dimension [GOG.com]
2023-08-26 12:59 - 2023-08-26 12:59 - 001168168 _____ C:\Users\Gemilang\Downloads\star-wars-jedi-fallen-order-save-3.rar
2023-08-26 08:16 - 2023-08-26 08:16 - 002568303 _____ C:\Users\Gemilang\Downloads\star_wars_jedi_fallen_order__trainer_5_v1010.zip
2023-08-25 20:11 - 2023-08-25 20:11 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2023-08-24 12:08 - 2023-08-24 12:08 - 000060275 _____ C:\Users\Gemilang\Downloads\Cover Letter - JPMorgan Chase & Co.pdf
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2023-09-21 17:26 - 2022-05-07 12:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-21 17:20 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-21 17:12 - 2022-11-04 11:21 - 000850308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-21 17:12 - 2022-05-07 12:22 - 000000000 ____D C:\WINDOWS\INF
2023-09-21 17:11 - 2022-05-07 12:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-21 17:11 - 2021-07-27 07:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-21 17:09 - 2022-11-04 11:19 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-951395627-451568364-1154128064-1006
2023-09-21 17:09 - 2022-11-04 11:19 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-951395627-451568364-1154128064-1001
2023-09-21 17:09 - 2022-11-04 11:19 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-951395627-451568364-1154128064-500
2023-09-21 17:09 - 2022-11-04 11:19 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-09-21 17:09 - 2022-03-23 14:27 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-09-21 17:09 - 2022-03-23 12:23 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-21 17:08 - 2022-11-04 11:19 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F5FB1FDB-9AD5-4AE6-ABD4-04AB64761167}
2023-09-21 17:08 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-21 17:08 - 2022-03-23 22:28 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2023-09-21 17:08 - 2022-01-18 13:30 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-21 17:08 - 2022-01-18 12:41 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-21 17:07 - 2022-11-04 11:19 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2023-09-21 17:06 - 2023-08-19 08:19 - 000000000 ___RD C:\Users\Gemilang\iCloudDrive
2023-09-21 17:05 - 2022-11-04 11:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-21 17:05 - 2022-11-04 10:50 - 000000000 ____D C:\WINDOWS\system32\ASUSACCI
2023-09-21 17:05 - 2022-07-13 12:00 - 000000000 ____D C:\Users\Gemilang\AppData\Local\WebEx
2023-09-21 17:05 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-09-21 17:05 - 2022-04-01 21:08 - 000000432 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2023-09-21 17:05 - 2022-04-01 21:08 - 000000416 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2023-09-21 17:05 - 2022-03-24 07:29 - 000000000 ____D C:\ProgramData\Avast Software
2023-09-21 17:05 - 2022-01-18 13:23 - 000000000 __SHD C:\Users\Gemilang\IntelGraphicsProfiles
2023-09-21 17:05 - 2022-01-18 12:37 - 000000000 ___HD C:\Intel
2023-09-21 17:05 - 2021-07-27 07:57 - 000012288 ___SH C:\DumpStack.log.tmp
2023-09-21 05:35 - 2022-11-04 11:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-21 05:35 - 2022-05-07 12:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-09-21 05:35 - 2022-01-18 13:23 - 000000000 ____D C:\Users\Gemilang\AppData\Local\D3DSCache
2023-09-20 20:17 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\Registration
2023-09-20 20:12 - 2022-01-18 12:43 - 000000000 ____D C:\Program Files\ASUS
2023-09-19 14:10 - 2022-03-23 16:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-19 13:22 - 2022-03-23 10:42 - 000000000 ____D C:\Program Files (x86)\Steam
2023-09-19 12:27 - 2022-03-23 16:27 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-19 10:28 - 2022-03-24 08:02 - 000000000 ____D C:\Users\Gemilang\AppData\Local\Avast Software
2023-09-19 10:18 - 2023-08-04 16:14 - 000000000 ____D C:\Users\Gemilang\Desktop\uTorrent Pro 3.6.0 Build 46682.kuyhAa
2023-09-19 07:58 - 2021-07-27 07:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-09-19 07:49 - 2022-01-18 13:23 - 000000000 ____D C:\Users\Gemilang\AppData\Local\Packages
2023-09-19 07:49 - 2021-07-27 08:00 - 000000000 ____D C:\ProgramData\Packages
2023-09-19 07:48 - 2022-05-07 12:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-09-19 07:48 - 2022-05-07 12:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-09-19 07:40 - 2022-11-04 11:01 - 000000000 ____D C:\Users\Gemilang
2023-09-19 07:35 - 2022-03-22 20:34 - 000918960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-09-19 07:34 - 2021-06-05 19:10 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2023-09-19 07:30 - 2023-08-04 16:14 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\uTorrent
2023-09-19 07:30 - 2022-12-03 14:35 - 000000000 ____D C:\Program Files\Cheat Engine 7.4
2023-09-19 07:30 - 2022-10-27 11:12 - 000000000 ____D C:\Users\Gemilang\Front
2023-09-19 07:30 - 2022-03-23 07:23 - 000000000 ____D C:\Program Files (x86)\Advanced SystemCare Pro
2023-09-19 07:25 - 2022-03-23 07:11 - 000000000 ____D C:\Program Files\CCleaner
2023-09-19 07:25 - 2022-03-22 20:43 - 000000000 ____D C:\Users\Gemilang\AppData\Local\CrashDumps
2023-09-19 07:03 - 2022-11-04 11:19 - 000003714 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-19 07:03 - 2022-11-04 11:19 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-09-19 07:03 - 2021-07-27 08:00 - 000000000 ____D C:\Program Files\Microsoft Office
2023-09-16 14:49 - 2023-01-11 15:00 - 000000000 ____D C:\Games
2023-09-16 06:34 - 2022-12-23 13:35 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\vlc
2023-09-15 11:11 - 2023-01-05 10:32 - 000700568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-15 11:10 - 2022-05-07 14:39 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-09-15 11:10 - 2022-05-07 14:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\UUS
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-15 08:43 - 2022-03-23 10:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-15 08:40 - 2022-05-07 12:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-15 08:40 - 2022-03-23 10:49 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-15 08:38 - 2022-11-04 11:18 - 003210752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-09-15 08:37 - 2022-10-20 08:36 - 000095848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-09-15 08:37 - 2022-10-20 08:36 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-09-15 08:37 - 2022-05-16 20:47 - 000000000 ____D C:\XboxGames
2023-09-15 08:37 - 2022-03-30 12:50 - 002688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-09-15 08:37 - 2022-03-30 12:50 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-09-15 08:36 - 2022-03-30 12:50 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-09-15 08:36 - 2022-03-30 12:50 - 000210536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-09-15 08:36 - 2022-03-30 12:50 - 000181864 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-09-14 11:06 - 2023-08-19 08:19 - 000002830 _____ C:\WINDOWS\system32\Tasks\Apple Diagnostics
2023-09-14 11:06 - 2023-07-29 12:30 - 000002508 _____ C:\WINDOWS\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0
2023-09-14 11:06 - 2022-11-04 11:19 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-09-14 11:06 - 2022-11-04 11:19 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-14 11:06 - 2022-11-04 11:19 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-14 11:06 - 2022-11-04 11:19 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000003116 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2023-09-14 11:06 - 2022-11-04 11:19 - 000003034 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2023-09-14 11:06 - 2022-11-04 11:19 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000002954 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt
2023-09-14 11:06 - 2022-11-04 11:19 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000002596 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2023-09-14 11:06 - 2022-11-04 11:19 - 000002552 _____ C:\WINDOWS\system32\Tasks\ASUSSmartDisplayControl
2023-09-14 11:06 - 2022-11-04 11:19 - 000002550 _____ C:\WINDOWS\system32\Tasks\Driver Booster Scheduler
2023-09-14 11:06 - 2022-11-04 11:19 - 000002536 _____ C:\WINDOWS\system32\Tasks\Driver Booster Update
2023-09-14 11:06 - 2022-11-04 11:19 - 000002526 _____ C:\WINDOWS\system32\Tasks\ASC_SkipUac_gemil
2023-09-14 11:06 - 2022-11-04 11:19 - 000002452 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2023-09-14 11:06 - 2022-11-04 11:19 - 000002382 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Gemilang)
2023-09-14 11:06 - 2022-11-04 11:19 - 000002370 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (gemil)
2023-09-14 11:06 - 2022-11-04 11:19 - 000002260 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Gemilang
2023-09-13 19:27 - 2022-01-18 13:30 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-12 16:15 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-09-07 08:54 - 2022-03-23 16:27 - 000000000 ____D C:\Users\Gemilang\AppData\LocalLow\Mozilla
2023-09-06 06:11 - 2023-08-19 10:06 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-09-06 06:11 - 2023-08-19 10:06 - 000002082 _____ C:\Users\Gemilang\Desktop\Google Slides.lnk
2023-09-06 06:11 - 2023-08-19 10:06 - 000002082 _____ C:\Users\Gemilang\Desktop\Google Sheets.lnk
2023-09-06 06:11 - 2023-08-19 10:06 - 000002070 _____ C:\Users\Gemilang\Desktop\Google Docs.lnk
2023-09-06 06:11 - 2023-08-19 10:06 - 000002046 _____ C:\Users\Gemilang\Desktop\Google Drive.lnk
2023-09-02 09:44 - 2022-03-28 12:07 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Microsoft\Word
2023-09-02 08:07 - 2022-01-18 13:33 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Microsoft\Excel
2023-09-02 08:01 - 2022-03-23 06:18 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Microsoft\Office
2023-08-31 16:09 - 2022-11-04 13:18 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Microsoft\Forms
2023-08-30 10:35 - 2023-08-16 11:45 - 000157195 _____ C:\Users\Gemilang\Desktop\CV - Gemilang.pdf
2023-08-30 10:34 - 2023-05-14 10:28 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2023-08-30 10:34 - 2022-03-25 21:16 - 000003358 _____ C:\WINDOWS\system32\Drivers\etc\hosts.rollback
2023-08-30 07:54 - 2022-03-22 20:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-08-29 07:17 - 2022-10-14 06:14 - 007858112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-08-29 07:16 - 2022-09-01 11:56 - 000237592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpcf.sys
2023-08-29 07:15 - 2022-09-01 06:11 - 001681752 _____ (MediaTek Inc.) C:\WINDOWS\system32\Drivers\mtkwl6ex.sys
2023-08-29 07:15 - 2022-09-01 06:11 - 000575496 _____ (MediaTek Inc.) C:\WINDOWS\system32\mtkihvx.dll
2023-08-26 13:30 - 2023-01-08 14:34 - 000000000 ____D C:\GOG Games
2023-08-26 10:26 - 2023-08-03 09:23 - 001144148 _____ C:\Users\Gemilang\Desktop\SaveGame00.sav
2023-08-25 20:11 - 2022-03-24 08:37 - 000000000 ____D C:\Program Files\Common Files\Zoom
2023-08-25 20:11 - 2022-03-24 08:33 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Zoom
2023-08-23 16:46 - 2022-01-18 12:37 - 000000000 ____D C:\ProgramData\ASUS
2023-08-22 21:04 - 2023-08-16 12:07 - 000191401 _____ C:\Users\Gemilang\Downloads\Universitas Indonesia_Industrial Engineering_Gemilang Ananda Nizola.pdf
 
==================== Files in the root of some directories ========
 
2022-03-23 15:52 - 2022-11-03 10:44 - 000000000 _____ () C:\Users\Gemilang\AppData\Roaming\Spyder.launch.pyw.log
2022-03-23 22:28 - 2022-03-23 22:28 - 000000410 _____ () C:\Users\Gemilang\AppData\Local\oobelibMkey.log
2021-11-24 17:48 - 2021-11-24 17:48 - 000193912 _____ (NirSoft) C:\Users\Gemilang\AppData\Local\SoundVolumeView.exe
2021-11-24 17:23 - 2021-11-24 17:23 - 000143224 _____ (NirSoft) C:\Users\Gemilang\AppData\Local\SoundVolumeView64.exe
2021-11-20 23:06 - 2021-11-20 23:06 - 000138680 _____ (Microsoft Corporation) C:\Users\Gemilang\AppData\Local\WebView2Loader.dll
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

#4 dennis_l

dennis_l

  • Avatar image
  • Malware Response Team
  • 2,423 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:UK
  • Local time:02:24 AM

Posted 21 September 2023 - 05:40 AM

Please post the Addition.txt contents now, as I need to check both logs.

Thanks


#5 glanko

glanko
  • Topic Starter

  • Avatar image
  • Members
  • 17 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Indonesia
  • Local time:08:24 AM

Posted 21 September 2023 - 05:45 AM

okaay here is the Addition.txt. To be clear, I'm not an English native speaker and have very little computer knowledge, so pardon me in advance if there is some computer term I don't quite understand. Don't worry, I will ask everything that I don't understand.
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2023
Ran by Gemilang (21-09-2023 17:26:56)
Running from C:\Users\Gemilang\Downloads
Microsoft Windows 11 Pro Version 22H2 22621.2283 (X64) (2022-11-04 04:19:16)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-951395627-451568364-1154128064-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-951395627-451568364-1154128064-503 - Limited - Disabled)
Gemilang (S-1-5-21-951395627-451568364-1154128064-1001 - Administrator - Enabled) => C:\Users\Gemilang
Guest (S-1-5-21-951395627-451568364-1154128064-501 - Limited - Disabled)
postgres (S-1-5-21-951395627-451568364-1154128064-1006 - Limited - Enabled) => C:\Users\postgres
WDAGUtilityAccount (S-1-5-21-951395627-451568364-1154128064-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\uTorrent) (Version: 3.6.0.46682 - BitTorrent Inc.)
3uTools (HKLM-x32\...\3uTools) (Version: 2.63.003 - ShangHai ZhangZheng Network Technology Co., Ltd.)
4K Video Downloader (HKLM\...\{2660FFAF-658A-461D-BD8C-2FDDEC282A95}) (Version: 4.19.2.4690 - Open Media LLC)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 22.001.20085 - Adobe)
Adobe After Effects 2022 (HKLM-x32\...\AEFT_22_2_1) (Version: 22.2.1 - Adobe Inc.)
Adobe Animate 2022 (HKLM-x32\...\FLPR_22_0_4) (Version: 22.0.4 - Adobe Inc.)
Adobe Audition 2022 (HKLM-x32\...\AUDT_22_2) (Version: 22.2 - Adobe Inc.)
Adobe Bridge 2022 (HKLM-x32\...\KBRG_12_0) (Version: 12.0 - Adobe Inc.)
Adobe Character Animator 2022 (HKLM-x32\...\CHAR_22_2) (Version: 22.2 - Adobe Inc.)
Adobe Dimension (HKLM-x32\...\ESHR_3_4_5) (Version: 3.4.5 - Adobe Inc.)
Adobe Dreamweaver 2021 (HKLM-x32\...\DRWV_21_2) (Version: 21.2 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.61 - Adobe Inc.)
Adobe Illustrator 2022 (HKLM-x32\...\ILST_26_1) (Version: 26.1 - Adobe Inc.)
Adobe InCopy 2022 (HKLM-x32\...\AICY_17_1) (Version: 17.1 - Adobe Inc.)
Adobe InDesign 2022 (HKLM-x32\...\IDSN_17_1) (Version: 17.1 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_5_1) (Version: 5.1 - Adobe Inc.)
Adobe Media Encoder 2022 (HKLM-x32\...\AME_22_0) (Version: 22.0 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_2_2) (Version: 23.2.2.325 - Adobe Inc.)
Adobe Prelude 2022 (HKLM-x32\...\PRLD_22_0) (Version: 22.0 - Adobe Inc.)
Adobe Premiere Pro 2022 (HKLM-x32\...\PPRO_22_2) (Version: 22.2 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601052}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe RoboHelp 2020 (HKLM-x32\...\RBHP_2020_5_0) (Version: 2020.5.0.71 - Adobe Inc.)
AI Noise Cancelation Audio Software (HKLM-x32\...\{ab5f014e-883d-470d-bc2d-127ef91e5611}) (Version: 2.0.3 - ASUSTek Computer Inc.)
AI Noise Cancelation Audio Software SDK (HKLM\...\{9B441197-6389-46FC-BE60-56C8B6E5ADE9}) (Version: 1.0.6 - ASUSTeK COMPUTER INC.)
AOMEI Backupper (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: 6.9.1 - AOMEI International Network Limited.)
AOMEI Partition Assistant 9.6.1 (HKLM-x32\...\AOMEI Partition Assistant_is1) (Version: 9.6.1 - RePack 9649)
Aplikasi Microsoft 365 untuk perusahaan - id-id (HKLM\...\O365ProPlusRetail - id-id) (Version: 16.0.16827.20080 - Microsoft Corporation)
Apple Mobile Device Support (HKLM\...\{44325855-D4CA-4994-A27A-39FE50CE6A8E}) (Version: 16.0.0.30 - Apple Inc.)
ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 5.4.8 - ASUS)
ASUS Aac_GmAcc HAL (HKLM\...\{998249B1-6913-447E-AA37-F445B8CA33D0}) (Version: 1.0.0.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_GmAcc HAL (HKLM-x32\...\{fd4cf3d0-9937-417e-89b4-56658158819a}) (Version: 1.0.0.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.5.1.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{abfbf014-002d-46b1-9257-522cc3b507f0}) (Version: 2.5.1.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.2.12.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{fe2996bf-7174-4ad7-af8c-3e8e510c8263}) (Version: 1.2.12.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.3.26.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{b351ae91-a5dd-4741-8830-883dddd22eb7}) (Version: 1.3.26.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.20 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 3.1.1.0 - ASUSTeK Computer Inc.)
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.1.48.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{79497ebd-229a-42ac-9410-87264af2e929}) (Version: 1.1.48.0 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.35 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{193a2068-8738-4276-ab1b-9133f9403487}) (Version: 1.0.35 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{B8F984F2-7887-4DD2-8D96-F9A4BC5A4AC5}) (Version: 1.1.0.45 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{559342ce-3e0f-4daf-bd9f-dfb67f065c28}) (Version: 1.1.0.45 - ASUSTek COMPUTER INC.) Hidden
ASUS Smart Display Control (HKLM-x32\...\{8714A8D1-0F08-4681-9DF6-A8C4607A58B4}) (Version: 1.8.0 - ASUSTek COMPUTER INC.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.103 - ASUSTeK Computer Inc.) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.28 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.28 - ASUS)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.06.14 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{7818852d-4182-406d-946b-7b54067ff419}) (Version: 3.06.14 - ASUSTeK Computer Inc.)
AutoCAD 2022 Help - English (HKLM\...\{28B89EEF-5134-0409-0100-CF3F3A09B77D}) (Version: 24.1.51.0 - Autodesk) Hidden
AutoCAD Open in Desktop (HKLM\...\{1C66A0B0-784E-4777-97B3-93F843D1C8CF}) (Version: 1.0.20.0 - Autodesk)
Autodesk AutoCAD 2022 - English (HKLM\...\{1E7D4EF7-A28E-3D3E-BA3C-C6FAE4AAB2E0}) (Version: 24.1.51.0 - Autodesk, Inc.)
Autodesk Desktop Connect Service (HKLM\...\{FC772454-BB19-0000-0810-44B459520227}) (Version: 8.1.0 - Autodesk)
Autodesk Guided Tutorial Plugin (HKLM\...\{B3AFC608-D811-0003-0840-21FB25B48D6E}) (Version: 8.4.0 - Autodesk)
Autodesk Inventor Content Center Libraries 2022 (Desktop Content) (HKLM\...\{B46DECD1-2664-4EF1-0000-22D71E81877C}) (Version: 26.0.15300.0000 - Autodesk,Inc.) Hidden
Autodesk Inventor Professional 2022 - English (HKLM\...\{15FAE334-7AC7-3147-BA02-CD075026EA49}) (Version: 26.0.15300.0000 - Autodesk, Inc.)
Autodesk Inventor Professional 2022 (HKLM\...\{7F4DD591-2664-0001-0000-7107D70F3DB4}) (Version: 26.20.28700.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2022 English Language Pack (HKLM\...\{7F4DD591-2664-0001-1033-7107D70F3DB4}) (Version: 26.20.28700.0000 - Autodesk) Hidden
Autodesk Material Library 2022 (HKLM-x32\...\{A9221A68-5AD0-4215-B54F-CB5DBA4FB27C}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2022 (HKLM-x32\...\{6256584F-B04B-41D4-8A59-44E70940C473}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2022 (HKLM-x32\...\{490259AE-1021-4BED-B74B-162151EC45C7}) (Version: 20.3.7.0 - Autodesk)
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.18.0.0 - Autodesk, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.8.6078 - Avast Software)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.7.0.1064 - BlueStack Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\BlueStacks X) (Version: 0.15.1.8 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cheat Engine 7.4 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
Cisco Webex Meetings (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\ActiveTouchMeetingClient) (Version: 42.7.2 - Cisco Webex LLC)
CleanMyPC 1.12.1 (HKLM\...\CleanMyPC_is1) (Version: 1.12.1 - RePack 9649)
CPUID CPU-Z 2.00 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.00 - CPUID, Inc.)
Discord (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Discord) (Version: 1.0.9004 - Discord Inc.)
Docs (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\333a815699e4057996ab80cae2c7ea65) (Version: 1.0 - Google\Chrome)
Driver Booster 9.2.0.178 (HKLM-x32\...\Driver Booster_is1) (Version: 9.2.0.178 - RePack 9649)
EndNote 20 (HKLM-x32\...\{86B3F2D6-AC2B-0020-8AE1-F2F77F781B0C}) (Version: 20.2.1.15749 - Clarivate Analytics)
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
f.lux (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Flux) (Version: 4.124 - f.lux Software LLC)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Gmail (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\79bb58570c5d3b2050e404bfc69ffb46) (Version: 1.0 - Google\Chrome)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 116.0.5845.188 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 80.0.1.0 - Google LLC)
Google Drive (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\e5afe625fe30ea62a3d7213e099a286b) (Version: 1.0 - Google\Chrome)
Google Earth Pro (HKLM\...\{F27DBA46-80E1-4858-9285-19198FFFBF3D}) (Version: 7.3.6.9345 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Hard Disk Sentinel 6.01.9 (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 6.01.9 - LR)
iCloud Outlook (HKLM\...\{AC76D136-36CC-4606-8361-4939FE5D2381}) (Version: 14.2.0.108 - Apple Inc.)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Language Pack 1.0-5 (HKLM\...\Language Pack 1.0-5) (Version: 1.0-5 - EnterpriseDB)
Language Pack 2.0-1 (HKLM\...\Language Pack 2.0-1) (Version: 2.0-1 - EnterpriseDB)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LINE (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\LINE) (Version: 8.3.0.3189 - LINE Corporation)
LINGO 18.0/x64 (HKLM\...\{C76711E3-5FEB-4A14-B19C-DF20A270D78A}) (Version: 18.0 - Lindo Systems Inc)
MathType 7 (HKLM-x32\...\DSMT7) (Version: 7.4.9 - WIRIS)
Mendeley Reference Manager 2.90.0 (HKLM\...\b4b58389-01e4-5dfd-9842-aad36733657a) (Version: 2.90.0 - Mendeley)
Microsoft .NET Core Host - 3.1.10 (x64) (HKLM\...\{52B42932-15C1-45D4-8904-FC3117EEE69B}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Host - 3.1.22 (x64) (HKLM\...\{B343AEBD-9A5A-40B7-A032-81163019A913}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.10 (x64) (HKLM\...\{752B4412-A129-4CB2-AD96-B6D97EAD3090}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.22 (x64) (HKLM\...\{87DE9382-0F95-4768-98B8-BB5C1AB2B94F}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.10 (x64) (HKLM\...\{396D7BC8-E3C8-4B3E-8C60-D50D94FDF09D}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.10 (x64) (HKLM-x32\...\{4714dd0a-ebab-4f59-a708-f8d7a793b3f5}) (Version: 3.1.10.29419 - Microsoft Corporation)
Microsoft .NET Core Runtime - 3.1.22 (x64) (HKLM\...\{44D628C6-14F5-48F2-89F9-6C0A5FF2B9F0}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.10 (x64) (HKLM\...\{0222FFF1-57A3-48A6-9AD2-0D6B5D0172B3}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.0 (x64) (HKLM\...\{BE6438FD-8DCE-46CF-9678-825A064DAAAA}) (Version: 56.3.50341 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.10 (x64) (HKLM\...\{A93C4E12-1BAB-4CFB-ADBC-9CE0B93176FF}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.0 (x64) (HKLM\...\{F8BC94FF-FF0C-4226-AE0A-811960F93DF7}) (Version: 56.3.50341 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.10 (x64) (HKLM\...\{A2A39CB9-677D-4299-8537-C00B99F3D4A4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.0 (x64) (HKLM\...\{A17DDA5A-F944-4E22-B578-FB860C604D21}) (Version: 56.3.50341 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16827.20080 - Microsoft Corporation)
Microsoft 365 - id-id (HKLM\...\O365HomePremRetail - id-id) (Version: 16.0.16827.20080 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.16827.20080 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.10 - Shared Framework (HKLM-x32\...\{6efe3294-03d8-4977-9c67-9f57ab075130}) (Version: 3.1.10.20520 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.10 Shared Framework (x64) (HKLM\...\{7BEAA207-E3EB-3948-BBB3-336B04D8A2F1}) (Version: 3.1.10.20520 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.36 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.31 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{5F9345E2-76B2-4639-AD3B-DB2ABC716930}) (Version: 17.1.0.1 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.191.0912.0001 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.16827.20080 - Microsoft Corporation)
Microsoft OneNote - id-id (HKLM\...\OneNoteFreeRetail - id-id) (Version: 16.0.16827.20080 - Microsoft Corporation)
Microsoft Project - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.16827.20080 - Microsoft Corporation)
Microsoft Project - id-id (HKLM\...\ProjectPro2019Retail - id-id) (Version: 16.0.16827.20080 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Teams) (Version: 1.6.00.21970 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{AF47B488-9780-4AB5-A97E-762E28013CA6}) (Version: 5.71.0.0 - Microsoft Corporation)
Microsoft Visio - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.16827.20080 - Microsoft Corporation)
Microsoft Visio - id-id (HKLM\...\VisioPro2019Retail - id-id) (Version: 16.0.16827.20080 - Microsoft Corporation)
Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.22 (x64) (HKLM\...\{D5C6F442-F51D-4D15-82C1-61E3435BA3C8}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.22 (x64) (HKLM-x32\...\{68de94b9-46ac-495e-a96b-de484c02f5b3}) (Version: 3.1.22.30721 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM\...\{3EC7701F-54F2-491D-AFD1-0395F465BC5A}) (Version: 48.43.48870 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM-x32\...\{ff748137-9c9a-4056-be0a-48c7e465453c}) (Version: 6.0.10.31726 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.0 (x64) (HKLM\...\{192E20E1-D873-40DC-9D0B-0E46E651C583}) (Version: 56.3.50353 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.0 (x64) (HKLM-x32\...\{01b47e23-4226-4094-9c19-400f12efee57}) (Version: 7.0.0.31819 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minitab 20 (HKLM\...\{336CC890-F3BC-4B96-AEFF-817A9311BC32}) (Version: 20.4.0.0 - Minitab, LLC) Hidden
Minitab Modules - 1.1.0.0 (HKLM\...\Minitab Modules 1.1.0.0) (Version: 1.1.0.0 - Minitab, LLC)
Minitab Modules (HKLM\...\{3D40BE5D-6F15-40CC-9C78-49E0F18AEEF3}) (Version: 1.1.0.0 - Minitab, LLC) Hidden
Minitab Statistical Software (x64) - 20.4.0.0 (HKLM\...\Minitab 20 20.4.0.0) (Version: 20.4.0.0 - Minitab, LLC)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 117.0.1 (x64 en-US)) (Version: 117.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 98.0.1 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.6 - Notepad++ Team)
Npgsql 3.2.6 (HKLM-x32\...\Npgsql 3.2.6-3) (Version: 3.2.6-3 - EnterpriseDB)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 496.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.49 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16827.20014 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16827.20056 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20302 - Microsoft Corporation) Hidden
PEM-HTTPD 2.4.51 (HKLM-x32\...\PEM-HTTPD 2.4.51-1) (Version: 2.4.51-1 - EnterpriseDB)
PgBouncer 1.16.1 (HKLM-x32\...\PgBouncer 1.16.1-1) (Version: 1.16.1-1 - EnterpriseDB)
pgJDBC 42.2.18 (HKLM-x32\...\pgJDBC 42.2.18-1) (Version: 42.2.18-1 - EnterpriseDB)
PostgreSQL 14  (HKLM\...\PostgreSQL 14) (Version: 14 - PostgreSQL Global Development Group)
PowerToys (Preview) (HKLM\...\{A15ACEAE-DA57-4B2D-9703-0F4903BD47E6}) (Version: 0.65.0 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKLM-x32\...\{264f3d27-62de-4965-9989-61dbca983fb9}) (Version: 0.65.0 - Microsoft Corporation)
psqlODBC 13.00.0000 (HKLM\...\psqlODBC 13.00.0000-2) (Version: 13.00.0000-2 - EnterpriseDB)
psqlODBC_x64 (HKLM\...\{3F8971B0-061B-4163-9D3F-EA94151B2FCF}) (Version: 09.06.0504 - PostgreSQL Global Development Group)
R for Windows 4.1.3 (HKLM\...\R for Windows 4.1.3_is1) (Version: 4.1.3 - R Core Team)
R for Windows 4.2.2 (HKLM\...\R for Windows 4.2.2_is1) (Version: 4.2.2 - R Core Team)
RefreshRateService (HKLM-x32\...\{7E5E84CB-B190-4658-A4DC-166779C329D1}) (Version: 2.1.0 - ASUSTeK COMPUTER INC.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: 1.0.21.3540 - Clarivate Analytics)
Revo Uninstaller 4.5.5 (HKLM\...\Revo Uninstaller_is1) (Version: 4.5.5 - RePack 9649)
REX Framework (HKLM\...\{A24E5DBF-7C6F-4589-AE67-2D1049C4308E}) (Version: 22.0.0.4732 - Autodesk, Inc.) Hidden
REX Inventor (HKLM\...\{E275D930-1604-48A1-AFE2-051611A24D0C}) (Version: 22.0.0.4732 - Autodesk, Inc.) Hidden
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.1.5.0 - ASUSTek COMPUTER INC.)
RSA Engine (HKLM\...\{ADAA8BDF-54E8-42DF-9ABB-BDC12511B176}) (Version: 22.0.0.8230 - Autodesk, Inc.) Hidden
Safe Exam Browser (HKLM-x32\...\{9f9bd00b-6aa3-4355-89b6-0cb3e06bf552}) (Version: 3.4.1.505 - ETH Zürich)
Safe Exam Browser (x64) (HKLM\...\{0362300A-104C-4D80-A876-D184992AFA3F}) (Version: 3.4.1.505 - ETH Zürich) Hidden
ScummVM 2.7.0 (HKLM\...\ScummVM_is1) (Version: 2.7.0 - The ScummVM Team)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 15.0.0 - ShareX Team)
Sheets (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\5a39133f85c99212399815cb52a21d58) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\9b651c49b5cead03e7253b5fd1eaaf22) (Version: 1.0 - Google\Chrome)
Snap Camera 1.20.0 (HKLM-x32\...\{024A6CF5-627D-497F-980B-B9A6EC5C40AF}_is1) (Version: 1.20.0 - Snap Inc.)
Spider-Man: Miles Morales (HKLM-x32\...\Spider-Man: Miles Morales_is1) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tableau 2020.1 (20201.20.0427.1803) (HKLM\...\{B799E038-5677-465E-BBBD-AD9893164071}) (Version: 20.1.649 - Tableau Software) Hidden
Tableau 2020.1 (20201.20.0427.1803) (HKLM-x32\...\{d735f49a-acac-43df-ba88-d7586215c7b9}) (Version: 20.1.649 - Tableau Software)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.32771 - Microsoft Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.44.0 - TechPowerUp)
Telegram Desktop version 4.2 (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.2 - Telegram FZ-LLC)
The Henry Stickmin Collection (HKLM-x32\...\The Henry Stickmin Collection_is1) (Version:  - )
There Is No Game : Wrong Dimension (HKLM-x32\...\1271319284_is1) (Version: v1.0.33 - GOG.com)
Those Games (HKLM-x32\...\Those Games_is1) (Version:  - )
TP-Link TL-WN725N Driver (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 2.1.0 - TP-Link)
TreeSize 8.3.0.1658 (HKLM\...\TreeSize_is1) (Version: 8.3.0.1658 - LRepacks)
uTorrent v3.6.0.46682 (HKLM-x32\...\uTorrent_is1) (Version: 3.6.0.46682 - BitTorrent Inc. (RePack by Dodakaedr))
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WARRIORS OROCHI 3 UDE (HKLM-x32\...\WARRIORS OROCHI 3 UDE_is1) (Version: 0.0.0 - DODI-Repacks)
Webex (HKLM\...\{5CC80054-A009-5663-B923-1150326C6939}) (Version: 42.7.0.22904 - Cisco Systems, Inc)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Wondershare Filmora 10.1.20.16 (HKLM\...\Wondershare Filmora_is1) (Version: 10.1.20.16 - LRepacks)
YouTube (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\cf16dcc87e2e62563ce2a395b28b42fe) (Version: 1.0 - Google\Chrome)
Zoom (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\ZoomUMX) (Version: 5.15.7 (20303) - Zoom Video Communications, Inc.)
 
Packages:
=========
Adobe Acrobat DC -> C:\Program Files\Adobe\Acrobat DC [2022-03-24] ()
Adobe XD -> C:\Program Files\WindowsApps\Adobe.XD_49.0.12.14_x64__pc75e8sa7ep4e [2022-03-23] (Adobe Inc.)
Adobe-Fresco -> C:\Program Files\WindowsApps\Adobe.Fresco_3.2.1.756_x64__pc75e8sa7ep4e [2022-03-24] (Adobe Inc.)
AppleInc.iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa [2023-09-01] (Apple Inc.) [Startup Task]
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5185.0_x64__8j3eq9eme6ctt [2023-09-15] (INTEL CORP) [Startup Task]
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.6.10.0_x64__qmba6cd70vzyy [2023-08-27] (ASUSTeK COMPUTER INC.)
AURA Creator -> C:\Program Files\WindowsApps\B9ECED6F.AURACreator_3.6.9.0_x64__qmba6cd70vzyy [2023-06-17] (ASUSTeK COMPUTER INC.)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Corporation)
DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.11.14.0_x64__t5j2fzbtdg37r [2023-03-31] (DTS, Inc.)
freda epub ebook reader -> C:\Program Files\WindowsApps\5957Turnipsoft.freda_5.0.4.0_x64__ypmq2qh89vmny [2023-09-02] (Turnipsoft)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-21] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-09-15] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.20.3002.0_x64__8wekyb3d8bbwe [2023-09-21] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.3.7.0_x64__8wekyb3d8bbwe [2023-09-12] (Microsoft Studios)
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy [2023-07-28] (ASUSTeK COMPUTER INC.)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-03-28] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-10] (NVIDIA Corp.)
Power BI Desktop -> C:\Program Files\WindowsApps\Microsoft.MicrosoftPowerBIDesktop_2.121.762.0_x64__8wekyb3d8bbwe [2023-09-21] (Microsoft Corporation)
PowerToys ImageResizer Context Menu -> C:\Program Files\PowerToys\modules\ImageResizer [2023-02-05] (Microsoft)
PowerToys PowerRename Context Menu -> C:\Program Files\PowerToys\modules\PowerRename [2023-02-05] (Microsoft)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.39.282.0_x64__dt26b99r8h8gj [2023-05-10] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-25] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0 [2023-09-03] (Spotify AB) [Startup Task]
Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_4.9.7.0_x64__t4vj0pshhgkwm [2023-09-15] (Telegram Messenger LLP) [Startup Task]
TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2023.1.0.0_x64__v826wp6bftszj [2023-07-12] (Charles Milette) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2023-09-19] (Twitter Inc.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2336.7.0_x64__cv1g1gvanyjgm [2023-09-15] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-09-15] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2022-03-23] (win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\RxAppCtrl.Ocx (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Gemilang\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23199.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\Gemilang\AppData\Local\WebEx\WebEx64\Meetings\atucfobj.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2022\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{36B27788-A8BB-4698-A756-DF9F11F64F84}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{3f5d0051-61b8-0f45-6166-996cfb4f914f}\localserver32 -> C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\RxAppDocView.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{45769bcc-e8fd-42d0-947e-02beef77a1f5}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MarkdownPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\RxAppDocView.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\RxTest.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{65570159-E729-471B-854A-6A8C60CC3CE5} -> [iCloud Drive] => C:\Users\Gemilang\iCloudDrive [2023-08-19 08:19]
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DtCp.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\RxAppCtrl.Ocx (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\UCxTextBtn.Ocx (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\UCxTextBtn.Ocx (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2022\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{8BC8AFC2-4E7C-4695-818E-8C1FFDCEA2AF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.StlThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2022\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{afbd5a44-2520-4ae0-9224-6cfce8fe4400}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MonacoPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\Inventor.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{BFEE99B4-B74D-4348-BCA5-E757029647FF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodeThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\RxApprenticeServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Gemilang\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{ddee2b8a-6807-48a6-bb20-2338174ff779}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\RxInventorUtilities.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2022\en-US\acadficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E31E89F4-48B6-424D-B32F-7F1ABA791230} -> [iCloud Photos] => C:\Users\Gemilang\Pictures\iCloud Photos\Photos [2023-08-19 08:19]
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{ec52dea8-7c9f-4130-a77b-1737d0418507}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodePreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DTInterop.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F4363F9D-3BBA-46AC-ABFE-F27977981DA8}\localserver32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\ApprenticeServerHost.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\InvResc.dll (Autodesk, Inc. -> Autodesk)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\InvTXTStack.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DTInterop.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2021-03-03] (Tonec Inc. -> Tonec FZE)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-06] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-06] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-06] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-06] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-19] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2021-01-29] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.191.0912.0001\FileSyncShell64.dll [2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2021-01-29] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-09-26] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-06] (Google LLC -> Google, Inc.)
ContextMenuHandlers2: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2022-12-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2022-12-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerToys.PowerRenameExt.dll [2022-12-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.191.0912.0001\FileSyncShell64.dll [2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-06] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.191.0912.0001\FileSyncShell64.dll [2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-06] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvamig.inf_amd64_e3377401dd616a66\nvshext.dll [2023-08-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6_S-1-5-21-951395627-451568364-1154128064-1001: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} => C:\Program Files\Autodesk\Inventor 2022\Bin\DtBridge.dll [2021-10-25] (Autodesk, Inc. -> Autodesk, Inc.)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2011-05-13] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2011-05-13] (Electronic Arts -> On2.com)
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\Gemilang\Front\SQL Shell (psql).lnk -> C:\Program Files\PostgreSQL\14\scripts\runpsql.bat ()
Shortcut: C:\Users\Gemilang\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
ShortcutWithArgument: C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 3" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 3" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 3" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 3" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 3" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 3" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Gemilang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Gemilang (University) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"
 
==================== Loaded Modules (Whitelisted) =============
 
2022-11-19 08:13 - 2022-09-01 09:47 - 000522240 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ac_node_addon\prebuilds\win32-ia32\node.napi.node
2022-11-19 08:13 - 2022-09-01 09:47 - 000520192 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2022-11-19 08:13 - 2022-09-01 09:47 - 000483328 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\node-system-fonts\build\Release\system-fonts.node
2022-11-19 08:13 - 2022-09-01 09:47 - 000510464 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2022-11-19 08:13 - 2022-09-01 09:47 - 000786432 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\usb-detection\prebuilds\win32-ia32\node.napi.node
2022-04-01 21:07 - 2021-06-22 14:41 - 000014336 _____ () [File not signed] C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\libamcbconsole.dll
2022-11-19 08:13 - 2022-06-08 10:33 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2022-03-23 17:03 - 2021-10-22 16:56 - 000122880 _____ () [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\bin\pcre.dll
2022-03-23 17:17 - 2016-01-07 12:29 - 002528264 _____ () [File not signed] C:\Program Files (x86)\PgBouncer\bin\libevent-2-0-5.dll
2022-03-23 17:03 - 2021-10-22 18:45 - 000161792 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\bin\libapr-1.dll
2022-03-23 17:03 - 2021-10-22 18:45 - 000029696 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\bin\libapriconv-1.dll
2022-03-23 17:03 - 2021-10-22 18:45 - 000228352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\bin\libaprutil-1.dll
2022-03-23 17:03 - 2021-10-22 18:46 - 000372224 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\bin\libhttpd.dll
2022-03-23 17:03 - 2021-10-22 18:33 - 000014336 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_access_compat.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000012800 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_actions.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000017920 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_alias.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_allowmethods.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_asis.so
2022-03-23 17:03 - 2021-10-22 18:32 - 000016896 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_auth_basic.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_authn_core.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000012800 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_authn_file.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000020480 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_authz_core.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000014848 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_authz_groupfile.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000014848 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_authz_host.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_authz_user.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000032768 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_autoindex.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000022528 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_cgi.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000014336 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_dir.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000012800 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_env.so
2022-03-23 17:03 - 2021-10-22 18:34 - 000041472 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_include.so
2022-03-23 17:03 - 2021-10-22 18:34 - 000026624 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_isapi.so
2022-03-23 17:03 - 2021-10-22 18:34 - 000027136 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_log_config.so
2022-03-23 17:03 - 2021-10-22 18:34 - 000019456 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_mime.so
2022-03-23 17:03 - 2021-10-22 18:34 - 000031232 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_negotiation.so
2022-03-23 17:03 - 2021-10-22 18:34 - 000015872 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_setenvif.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000023552 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_socache_shmcb.so
2023-09-19 20:27 - 2023-09-19 20:27 - 001030144 _____ (Microsoft Corporation) [File not signed] C:\Users\Gemilang\AppData\Local\LINE\bin\current\dbghelp.dll
2022-03-23 07:17 - 2022-03-23 07:17 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\Fusion\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_none_ffd3ce2ff7491d9e\8.0\8.0.50727.6229\vcomp.dll
2022-03-23 17:17 - 2021-09-20 17:59 - 002112000 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\PgBouncer\bin\libcrypto-1_1.dll
2022-03-23 17:17 - 2021-09-20 17:59 - 000505344 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\PgBouncer\bin\libssl-1_1.dll
2022-03-27 19:58 - 2022-07-25 23:02 - 003409408 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Snap Inc\Snap Camera\libcrypto-1_1-x64.dll
2022-03-27 19:58 - 2022-07-25 23:02 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Snap Inc\Snap Camera\libssl-1_1-x64.dll
2023-08-07 15:01 - 2023-08-07 15:01 - 002506752 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Gemilang\AppData\Local\LINE\Data\plugin\LineMediaPlayer\1.2.0.504\libcrypto-1_1.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
 
==================== Association (Whitelisted) =================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-951395627-451568364-1154128064-1001\Software\Classes\regfile:  <==== ATTENTION
HKU\S-1-5-21-951395627-451568364-1154128064-1001\Software\Classes\.reg:  =>  <==== ATTENTION
HKU\S-1-5-21-951395627-451568364-1154128064-1001\Software\Classes\.bat:  =>  <==== ATTENTION
HKU\S-1-5-21-951395627-451568364-1154128064-1001\Software\Classes\.cmd:  =>  <==== ATTENTION
HKU\S-1-5-21-951395627-451568364-1154128064-1001\Software\Classes\.scr: AutoCADScriptFile => 
 
==================== Internet Explorer (Whitelisted) ==========
 
SearchScopes: HKU\S-1-5-21-951395627-451568364-1154128064-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: No Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\sharepoint.com -> hxxps://slb001-files.sharepoint.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2021-06-05 19:08 - 2023-08-30 10:34 - 000003358 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 license.piriform.com
0.0.0.0 license-api.ccleaner.com
0.0.0.0 www.ccleaner.com
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
127.0.0.1 rosettastone.com
127.0.0.1 launch.rosettastone.com
127.0.0.1 amp.rosettastone.com
127.0.0.1 resources.rosettastone.com
127.0.0.1 updates.rosettastone.com
0.0.0.0 www.aomeitech.com
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
109.94.209.70      fitgirl-repacks-site.org        # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks-site.org    # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
109.94.209.70      fitgirlrepacks.pro              # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.pro          # Fake FitGirl site
109.94.209.70      fitgirlrepacks.in               # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.in           # Fake FitGirl site
109.94.209.70      fitgirlrepacks.co               # Fake FitGirl site
109.94.209.70      fitgirl-repacks.cc              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.to              # Fake FitGirl site
109.94.209.70      fitgirl-repack.com              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.website         # Fake FitGirl site
109.94.209.70      fitgirlrepack.games             # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.co           # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.cc          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.to          # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.com          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.website     # Fake FitGirl site
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\PostgreSQL\14\bin;C:\Program Files\PostgreSQL\14\lib;;C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1;C:\Program Files\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\LINGO64_18\
HKU\S-1-5-21-951395627-451568364-1154128064-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-951395627-451568364-1154128064-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-951395627-451568364-1154128064-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\startupreg: Adobe CCXProcess => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
MSCONFIG\startupreg: CiscoMeetingDaemon => C:\Users\Gemilang\AppData\Local\WebEx\WebexHost.exe  /daemon /runFrom=autorun
MSCONFIG\startupreg: CiscoSpark => C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk
MSCONFIG\startupreg: com.squirrel.Teams.Teams => C:\Users\Gemilang\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"  
MSCONFIG\startupreg: Riot Vanguard => C:\Program Files\Riot Vanguard\vgtray.exe
HKLM\...\StartupApproved\Run: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run: => "Bdagent"
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_BE73F2B5F9E1C5FF36A1C35A954710F1"
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\StartupApproved\Run: => "GoogleDriveFS"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{161C8E50-FEB1-444F-BC03-DBF409A7D7B2}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{EEC16079-3E8A-4857-B0A1-22D5F0996AC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{2A25E36D-356D-40C8-8F8C-BB43AA44F2DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{49342FEA-39A2-4125-9451-E1CCB8511CB5}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{EAA950F6-7FA2-4037-ACDC-279D2F35E6C2}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{3909B37F-1303-4ED3-8CC6-B4282875DEB0}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{D671B26D-3C8C-4713-B644-D05FED6EAF56}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{B9E65163-B660-4591-8DC1-1F46AE975D38}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{8D46FEA0-109E-4AE5-A227-8A39DAE530F9}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{E2C387C9-DB7F-40C8-9547-0F4FCE54FDF0}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{16726B73-5B2E-4476-8CDB-90C5D2AC3F8C}] => (Allow) C:\Program Files\Autodesk\Desktop Connect\forever\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [{AB68F1D4-3E48-4362-BB37-91C759A340D7}] => (Allow) C:\Users\Gemilang\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7F2D708D-C6B3-4F07-87CD-F5A06B1A3B81}] => (Allow) C:\Users\Gemilang\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{54BD4E8E-C7DE-41FC-8A34-1E6FE6353237}] => (Allow) C:\Users\Gemilang\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7D548736-0ADE-471B-88FA-27B3F979884C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Soundpad\Soundpad.exe (Arthur Lepp -> Leppsoft)
FirewallRules: [{1F6B01FA-750E-4982-B48A-138ED08A974D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Soundpad\Soundpad.exe (Arthur Lepp -> Leppsoft)
FirewallRules: [{232294EF-A9FC-4298-9B9C-C441EFF89C23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{D66D82A5-19DF-46BF-B239-66B82D7F71E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{603A629C-4EA1-4D0B-8D61-C0521174985C}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{D616E3E0-1A7B-4C3A-821A-138B2AD3CD13}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5049C013-BC2A-4574-BF5C-3FADC20CE3E6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E2A66B30-EAA3-4E76-8705-803C3B449635}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{4020DCD9-9CC7-4AFE-9C00-5B9BB146BE55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{C466E1C2-5081-49E7-98EA-FB4D4D912F90}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FFBC7DEF-C059-4178-95F6-711EA7532623}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D6542950-36E3-4B0D-AA73-62815C14E68E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FFB353D9-7A31-4FA3-8151-95E344209720}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{847C68C0-D187-4084-8074-CD55DFBC5182}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{9E0BD86B-2F2A-4068-8F10-35CA06FA2233}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1DDBF8CB-EDAF-48D7-B6F0-7DECB9FF38EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E1E21A62-1677-4AED-9D19-3AF912016DA1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BF8AE65B-49BD-45B9-A650-0BCAACF8249D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BFAD42D8-C8B3-48BE-BD2A-328B1D703020}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EC3EB195-F943-42D8-812E-E5B32F8AA185}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F77E024-FAF4-4311-AFAD-A652D6EDED56}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{A5001983-5911-4333-855E-539F46B10B29}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{0A501412-C1C4-4183-9999-864AC82206FC}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{1ADD811D-2DA1-412C-BD14-E900519C714F}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{AE2B98D5-4764-424D-ACC0-9E18B1D163DA}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{B1B12B00-F502-449B-8FD7-384BB0982BF5}] => (Allow) LPort=80
FirewallRules: [{84C81114-FD5F-4F42-A736-D9412D711224}] => (Allow) LPort=27015
FirewallRules: [{3FF4C3B8-3D03-4601-B274-1B1972C5FE02}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5124C688-5B7B-4938-A121-F9AE8CA6F636}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E9096474-32BF-4E37-A899-4F33A35098FD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E1839A84-2555-4752-80EC-B83C99968066}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8ED30367-E189-48C1-8F29-3C3172AF91C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{7F82EF69-D231-46D8-8124-EF6873E5739F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{5885752F-FEE7-4D50-9ADA-8F33FC560C83}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA562442-141D-4B85-88DA-D7218CF9FB93}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8B8F1D64-302A-464A-81CF-1ED5EB5A3BAC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2DEC091A-4D8E-4C9B-B30D-1D0A71628AC0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{18FBC924-A0A2-4DD8-AE42-D41F6DE6E683}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{59DB37CA-1F05-48D1-9BA3-635CCDB56293}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{94E9A7C9-B01D-43DB-9BF7-D6AD7780820A}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{CA11F82E-34F0-4499-9497-2E58898B2787}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{7E78F329-D48B-4B95-A976-C3DEB35ECA0F}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{9160104A-3474-49B4-8EEA-C9AE637248B6}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{D3DAA3D5-D049-412D-8BF8-282C91D3F4FC}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{95325AA0-E38F-42C5-902F-579C5CEF2857}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{58C4752E-8804-4452-B554-1C1202E1C66F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5D1E2CFB-6235-47EC-BF2D-C4AFC511CB2B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5F10042D-0223-426D-8CA8-029E0BE9A1D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{37A2F7DA-83FD-449E-B0D1-647457F7D15A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1EA035BB-38E0-4C9D-93A4-13DAF778A134}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1863B743-7D18-4C3A-B701-6B1BBA9CFEF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E6526D23-1C06-4919-B8D8-40C8F2B14FBE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1661AC89-35A4-4689-A32C-DE10EA827914}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4BFA7158-64A8-454E-BF02-3E2B101988C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EAF31836-89AA-4F6B-AAB3-9E799B06D7B5}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6EBF1E77-99A9-4DA4-A14E-75B9F89EDB56}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D26BC514-BC38-4604-9997-13D643579E3D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A2AA048C-A9AB-4BC2-9DC9-519102476A14}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{781A0F12-C465-42C9-BB0F-CA3B6A0B4DF1}] => (Allow) C:\Program Files (x86)\Botas\Catawba.exe => No File
FirewallRules: [{E8F14475-F3FD-4878-9FF0-8B843183E477}] => (Allow) C:\Program Files (x86)\Klan\Catawba.exe => No File
FirewallRules: [{D71CE86E-6FD3-4279-BF23-6DF7264480CA}] => (Allow) C:\Program Files (x86)\istanbul\Statuettes.exe => No File
FirewallRules: [{14C6BD61-BDDF-463B-B2FE-DBBB5A07C051}] => (Allow) C:\Program Files (x86)\Klan\Statuettes.exe => No File
FirewallRules: [{873758A5-E799-4DE2-A63E-2D91D69264D8}] => (Allow) C:\Users\Gemilang\AppData\Local\Catawba.exe => No File
FirewallRules: [{C41B75BD-0CA0-4C6E-855B-E57E4CE47459}] => (Allow) C:\Users\Gemilang\AppData\Local\Statuettes.exe => No File
FirewallRules: [{41DD04A8-FBB2-4ADF-A585-302F7851721C}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{438DB360-D46E-4327-B40B-6F1E34563D81}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B7E4752E-9CC7-4820-A058-AED4290F7FA1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9539BC5E-59E7-47B3-ACA8-74D7AF67A6E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{04D156DD-F776-451D-AFB7-212DA357B739}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3BF6AA1F-D98A-4083-AD02-697DB8ED08D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{251C6EA2-B074-47D8-953E-570F1E8A412D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BBB700BF-D74B-4E58-833B-AF9825BE30C0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5D9D702B-22B8-4384-8711-DAB5B19247F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9C79BF2F-2702-4FEC-AED8-A6A033F3C920}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B9B16E1A-9980-4F87-B0A7-7F2B003FB1B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1A9AD3A7-E03D-40E9-8655-C0407FDC2153}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{78B2095A-3A78-4ECE-8BC5-A511EA90FEE6}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{B14B47DF-AE2B-49E8-B630-261B41E2AB9E}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{AE1136E3-36A6-4FEE-816A-A79165551006}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{D336593A-E3AA-49BD-B4DD-490636BFB078}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{65EE208F-1EAB-46F2-A7BD-FD189C0095BF}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{62A1FD3B-1AB5-4F2B-8516-3A8FF3DFF929}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{7C19A411-F69E-4738-954E-1930849AB11B}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> )
 
==================== Restore Points =========================
 
19-09-2023 07:00:02 Windows Update
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (09/20/2023 08:31:18 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: LAPTOP-IG4RR8R0)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).
 
Error: (09/19/2023 09:43:16 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (09/19/2023 09:43:16 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (09/19/2023 09:43:16 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (09/19/2023 09:43:16 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (09/19/2023 07:17:00 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: LAPTOP-IG4RR8R0)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).
 
Error: (09/19/2023 07:08:38 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-IG4RR8R0)
Description: Faulting application name: taskmgr.exe, version: 10.0.22621.2215, time stamp: 0x72360ae0
Faulting module name: ntdll.dll, version: 10.0.22621.2215, time stamp: 0x7a9f67f2
Exception code: 0xc0000409
Fault offset: 0x000000000008ea6f
Faulting process id: 0x0x15d0
Faulting application start time: 0x0x1d9ea8d6ee834bf
Faulting application path: C:\WINDOWS\system32\taskmgr.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 87d954d8-2ac0-41f2-bdeb-1e2a1fc9808a
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/19/2023 07:07:55 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-IG4RR8R0)
Description: Faulting application name: taskmgr.exe, version: 10.0.22621.2215, time stamp: 0x72360ae0
Faulting module name: DUI70.dll, version: 10.0.22621.608, time stamp: 0x9c45d8b0
Exception code: 0xc0000005
Fault offset: 0x0000000000020017
Faulting process id: 0x0x74b8
Faulting application start time: 0x0x1d9ea8d5543e568
Faulting application path: C:\WINDOWS\system32\taskmgr.exe
Faulting module path: C:\WINDOWS\system32\DUI70.dll
Report Id: 70f267cb-d171-479d-b92a-5b0b66b07829
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (09/21/2023 05:09:15 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-IG4RR8R0)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.
 
Error: (09/21/2023 05:05:19 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Intel® Audio Service service terminated with the following service-specific error: 
The operation completed successfully.
 
Error: (09/21/2023 05:05:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The postgresql-x64-14 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (09/21/2023 05:05:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the postgresql-x64-14 service to connect.
 
Error: (09/21/2023 05:35:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Autodesk Desktop Licensing Service service failed to start due to the following error: 
The service did not start due to a logon failure.
 
Error: (09/21/2023 05:35:38 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The AdskLicensingService service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: 
The request is not supported.
 
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (09/21/2023 05:35:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Autodesk Desktop Licensing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (09/21/2023 05:35:29 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-IG4RR8R0)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.
 
 
Windows Defender:
================
Date: 2023-09-19 09:31:29
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: VirTool:Win32/DefenderTamperingRestore
Severity: Severe
Category: Tool
Path: regkeyvalue:_hklm\software\policies\microsoft\windows defender\real-time protection\\DisableBehaviorMonitoring
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.397.1205.0, AS: 1.397.1205.0, NIS: 0.0.0.0
Engine Version: AM: 1.1.23080.2005, NIS: 0.0.0.0 
 
Date: 2023-09-19 09:30:56
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Backdoor:Win32/Bladabindi!rfn
Severity: Severe
Category: Backdoor
Path: file:_C:\Program Files\Common Files\Adobe\Adobe XD\XD_sp.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\Avast Software\Avast\AvastSvc.exe
Security intelligence Version: AV: 1.397.1205.0, AS: 1.397.1205.0, NIS: 0.0.0.0
Engine Version: AM: 1.1.23080.2005, NIS: 0.0.0.0 
Event[0]
 
Date: 2023-09-19 07:56:30
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.361.555.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19000.8
Error code: 0x80070102
Error description: The wait operation timed out.  
 
Date: 2023-09-19 07:56:30
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.361.555.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19000.8
Error code: 0x80070102
Error description: The wait operation timed out.  
 
Date: 2023-09-19 07:35:31
Description: 
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070422
Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. 
 
Date: 2023-09-19 07:34:56
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.361.555.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19000.8
Error code: 0x80090305
Error description: The requested security package does not exist  
 
Date: 2023-09-19 07:34:56
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.361.555.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19000.8
Error code: 0x80090305
Error description: The requested security package does not exist  
 
CodeIntegrity:
===============
Date: 2023-09-21 17:21:16
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. 
 
Date: 2023-09-21 17:20:31
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. 
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends International, LLC. FX506HCB.313 03/03/2023
Motherboard: ASUSTeK COMPUTER INC. FX506HCB
Processor: 11th Gen Intel® Core™ i7-11600H @ 2.90GHz
Percentage of memory in use: 72%
Total physical RAM: 16122.84 MB
Available physical RAM: 4494.09 MB
Total Virtual: 32245.69 MB
Available Virtual: 16086.76 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:453.45 GB) (Free:43.97 GB) (Model: NVMe INTEL SSDPEKNU512GZ) (Protected) NTFS
 
\\?\Volume{58afd141-928a-413b-b6cf-94061cb99c2b}\ (RECOVERY) (Fixed) (Total:1.03 GB) (Free:0.18 GB) NTFS
\\?\Volume{ef2ad8ca-e567-474f-b631-8f0b86d4893e}\ (RESTORE) (Fixed) (Total:22 GB) (Free:6.6 GB) NTFS
\\?\Volume{76a7575b-224d-428a-a4d3-03f0abe10568}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.14 GB) FAT32
\\?\Volume{95b0e598-5cef-289f-7c39-1efdc41a6154}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{074b25c3-0749-4680-a951-09cec6ceee29}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D19BBC6F)
 
Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.
 
==================== End of Addition.txt =======================

#6 dennis_l

dennis_l

  • Avatar image
  • Malware Response Team
  • 2,423 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:UK
  • Local time:02:24 AM

Posted 21 September 2023 - 05:53 AM

That's fine.
Please give me some time to examine your logs and I will get back to you as soon as possible.


#7 glanko

glanko
  • Topic Starter

  • Avatar image
  • Members
  • 17 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Indonesia
  • Local time:08:24 AM

Posted 21 September 2023 - 06:15 AM

Alright, take your time!


#8 dennis_l

dennis_l

  • Avatar image
  • Malware Response Team
  • 2,423 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:UK
  • Local time:02:24 AM

Posted 21 September 2023 - 07:58 AM

Unfortunately there is evidence that illegal software may be present on your computer. I need to request that you completely uninstall any programs that you do not have a valid Product Key for, including any "cracked" software. If you prefer to leave these on your computer, please let me know and I will have to close the topic.
If you are willing to uninstall these items, I'd like you to please proceed as follows, after removal.
ESET Online Scanner

  • Download ESET Online Scanner from here and save it to your Desktop.
  • Right click the esetonlinescanner.exe file you downloaded and select Run as administrator.
  • Select your desired language from the drop-down menu and click Get started.
  • Click Yes if a User Account window appears.
  • In the Terms of use screen, click Accept if you agree to the Terms of use.
  • Click Get started in the welcome screen.
  • Select your preference for the Customer Experience Improvement Program and the Detection feedback system.Click Continue.
  • Click Computer scan, in the Welcome back screen.
  • Choose Full scan on the next screen.
  • Select Enable ESET to detect and quarantine potentially unwanted applications.Then click Start scan
  • Please note that this process can take several hours to complete.
  • At the end of the scan, the Found and resolved detections screen may be displayed. You can click View detailed results to view specific information. Click Continue.
  • On the following screen click Save scan log and save it to your Desktop as ESETScan.txt. Click Continue.
  • ESET Online Scanner will now ask if you wish to turn on the Periodic Scan feature. I suggest that you do not do this for now Click Continue
  • You are offered a 30 day trial of ESET Internet Security on the next screen. Click Continue
  • On the next screen, you can leave feedback about the program if you wish.
  • There is an option to delete the application's data on closing, but we can but we can do this later.
  • If you left feedback, click Submit and Close. If not, click Close.
  • Copy and paste the contents of the ESETScan.txt file in your next reply.

Then please run a new FRST scan and copy and paste both FRST logs into your reply. If you get an error message advising that the content is too long, you should post 2 separate replies.
To recap, I would like to see the following in your next reply please.

  • Confirmation that any illegal software has been removed.
  • ESETScan.txt
  • FRST.txt
  • Addition.txt

Dennis


#9 glanko

glanko
  • Topic Starter

  • Avatar image
  • Members
  • 17 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Indonesia
  • Local time:08:24 AM

Posted 21 September 2023 - 08:05 AM

So for the pirated program, to be honest, I don't really know which one because most of them I got from my friends (they installed it on my PC). It will be helpful if you can point out some program that seems "cracked". After that I will uninstall it and do the ESET Scan.

 


#10 dennis_l

dennis_l

  • Avatar image
  • Malware Response Team
  • 2,423 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:UK
  • Local time:02:24 AM

Posted 21 September 2023 - 08:37 AM

These programs may be pirated, so it would be helpful if you could uninstall them.

CleanMyPC 1.12.1
Driver Booster 9.2.0.178
Revo Uninstaller 4.5.5
TreeSize 8.3.0.1658
uTorrent v3.6.0.46682
WARRIORS OROCHI 3 UDE
Wondershare Filmora 10.1.20.16
AOMEI Partition Assistant 9.6.1

If there are any others, ESET should detect them.
Thanks for your co-operation.


#11 glanko

glanko
  • Topic Starter

  • Avatar image
  • Members
  • 17 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Indonesia
  • Local time:08:24 AM

Posted 21 September 2023 - 08:58 AM

Alright, I will uninstall them later. Unfortunately, it's evening, and I will be away from my PC tomorrow. I will get back to you with the scan results on Saturday. Thank you for the assistance so far and see you soon! Have a nice day!


#12 dennis_l

dennis_l

  • Avatar image
  • Malware Response Team
  • 2,423 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:UK
  • Local time:02:24 AM

Posted 21 September 2023 - 09:07 AM

Thanks.

Once we have the ESET scan results and new FRST logs, I can prepare a script to get things cleaned up.

There's no rush, so please take your time and send the information when you are ready.


#13 glanko

glanko
  • Topic Starter

  • Avatar image
  • Members
  • 17 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Indonesia
  • Local time:08:24 AM

Posted 23 September 2023 - 12:06 AM

Hello again Dennis! I have completed my scan with ET and here is the result

21/09/2023 22:16:32
Files scanned: 879787
Detected files: 6
Cleaned files: 6
Total scan time 00:54:07
Scan status: Finished
C:\Program Files\Cheat Engine 7.4\dbk64.sys Win64/HackTool.CheatEngine.A potentially unsafe application cleaned by deleting
 
C:\Program Files\Cheat Engine 7.4\tiny.dat Win32/GameTool.IC potentially unsafe application cleaned by deleting
 
C:\Users\Gemilang\AppData\Local\Temp\nsbEB1C.tmp\believers.exe NSIS/Adware.Runner.Q trojan cleaned by deleting
 
C:\Users\Gemilang\AppData\Roaming\uTorrent\secur32.dll Win32/HackTool.Patcher.LS potentially unsafe application cleaned by deleting
 
C:\Users\Gemilang\Desktop\Marvels Spider Man Miles Morales v1.0 Plus 22 Trainer.exe a variant of Win64/GameHack.CT potentially unsafe application cleaned by deleting
 
C:\Windows\Installer\132b2d.msi Win32/Microleaves.B potentially unwanted application cleaned by deleting

#14 glanko

glanko
  • Topic Starter

  • Avatar image
  • Members
  • 17 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Indonesia
  • Local time:08:24 AM

Posted 23 September 2023 - 12:11 AM

Actually after the scan and when today I started my computer, the prmsrvs.com is gone. I don't know if it is just temporary and need a few testing to make sure it's really gone. by the way, I always found out a hidden folder called .opera at my downloads folder. I keep deleting them but it seem they always resurface. any ideas to get rid of that? thank you and here is the log 
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2023
Ran by Gemilang (administrator) on LAPTOP-IG4RR8R0 (ASUSTeK COMPUTER INC. ASUS TUF Gaming F15 FX506HCB_FX506HCB) (23-09-2023 12:06:48)
Running from C:\Users\Gemilang\Downloads\FRST64.exe
Loaded Profiles: Gemilang
Platform: Microsoft Windows 11 Pro Version 22H2 22621.2283 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe <6>
(ASUSACCI\ArmouryCrateControlInterface.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ACCIMonitor.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) [File not signed] C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\adskflex.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusOSD.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\DenoiseAIPlugin\ArmouryCrate.DenoiseAI.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.259_0\DiscoverySrv.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Microsoft Corporation) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <6>
(C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\msedgewebview2.exe <7>
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.36\msedgewebview2.exe <6>
(C:\Users\Gemilang\AppData\Local\LINE\bin\current\LINE.exe ->) (LINE Corporation -> LINE Corporation) C:\Users\Gemilang\AppData\Local\LINE\Data\plugin\LineCall\1.0.0.692\LineCall.exe
(C:\Users\Gemilang\AppData\Local\LINE\bin\current\LINE.exe ->) (LINE Corporation -> LINE Corporation) C:\Users\Gemilang\AppData\Local\LINE\Data\plugin\LineMediaPlayer\1.2.0.504\LineMediaPlayer.exe <2>
(C:\Users\Gemilang\AppData\Local\WebEx\WebexHost.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Gemilang\AppData\Local\WebEx\WebEx64\Meetings\atmgr.exe
(DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_597623a539cfcca8\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_597623a539cfcca8\igfxEMN.exe
(explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Gemilang\AppData\Local\WebEx\WebexHost.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\Gemilang\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\80.0.1.0\crashpad_handler.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <57>
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2306.15.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe
(explorer.exe ->) (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe
(explorer.exe ->) (Snap Inc. -> Snap Inc) C:\Program Files\Snap Inc\Snap Camera\Snap Camera.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(LINE Corporation -> LINE Corporation) C:\Users\Gemilang\AppData\Local\LINE\bin\current\LINE.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.191.0912.0001\Microsoft.SharePoint.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\PgBouncer\bin\pgbouncer.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe
(services.exe ->) (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\bin\httpd.exe <2>
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) [File not signed] C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\11.0.0.4854\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (ETH Zürich -> ETH Zürich) C:\Program Files\SafeExamBrowser\Service\SafeExamBrowser.Service.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe <2>
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_597623a539cfcca8\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_74e28d819fb21cc3\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_4d9e9544615ee129\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_f866bf1588e6868a\WMIRegistrationService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_01c2aa330b469c4a\IntelCpHDCPSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvamig.inf_amd64_e3377401dd616a66\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_179f26ff7cd32d0f\RtkAudUService64.exe <3>
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files\Common Files\Zoom\Support\CptService.exe
(sihost.exe ->) (04797BBC-C7BB-462F-9B66-331C81E27C0E -> TranslucentTB Open Source Developers) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2023.1.0.0_x64__v826wp6bftszj\TranslucentTB.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2337.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (H.D.S. Hungary) [File not signed] C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.7272.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.7272.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [6607584 2022-03-07] (Adobe Inc. -> Adobe Systems Inc.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [256408 2023-09-19] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [149680 2022-03-07] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.36\Installer\setup.exe [3793448 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2587568 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2587568 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe [3772512 2022-10-26] (Skutta, Kristjan -> )
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Run: [f.lux] => C:\Users\Gemilang\AppData\Local\FluxSoftware\Flux\flux.exe [1525880 2023-05-19] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Run: [Snap Camera] => C:\Program Files\Snap Inc\Snap Camera\Snap Camera.exe [65508216 2022-07-25] (Snap Inc. -> Snap Inc)
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\Gemilang\AppData\Local\WhatsApp\Update.exe [2254048 2023-03-10] (WhatsApp LLC -> )
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Gemilang\AppData\Local\WebEx\WebexHost.exe [8078432 2023-09-06] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Run: [GoogleChromeAutoLaunch_BE73F2B5F9E1C5FF36A1C35A954710F1] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3219744 2023-09-09] (Google LLC -> Google LLC)
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Run: [LINE] => C:\Users\Gemilang\AppData\Local\LINE\bin\LineLauncher.exe [1811104 2023-09-19] (LINE Corporation -> LINE Corporation)
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-951395627-451568364-1154128064-1006\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-951395627-451568364-1154128064-500\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2587568 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-951395627-451568364-1154128064-500\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-23] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2022-03-03] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\116.0.5845.188\Installer\chrmstp.exe [2023-09-13] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-951395627-451568364-1154128064-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0EBC74EF-D7E8-4C71-B74D-65C493746E45} - System32\Tasks\0k5gyk\uiacye\wcl32b\8061vv\ch9obp\gv6xcb\yc3dex\l2xjrq\9q8q30\t6wfja\jvcfmh\uadojg\hf6cch\b2g06o\t2hnfr\cgaqfe\5vxbl6 => %localappdata%\Catawba.exe  "tgbnhyhtgbnhyttgbnhyttgbnhyptgbnhy:tgbnhy/tgbnhy/tgbnhywtgbnhywtgbnhywtgbnhy.tgbnhyftgbnhyotgbnhyntgbnhyttgbnhyetgbnhyntgbnhyotgbnhyttgbnhystgbnhyutgbnhy.tgbnhyctgbnhyotgbnhymtgbnhy/tgbnhyle2qp0qp2qtgbnhyp3qp0c9c1ltgbnhye8leqphtmltgbnhyL2shEWR9IqtgbnhyVBHQoiukZ0" (No File) <==== ATTENTION
Task: {2088BC70-4DAA-48D0-871D-7AB65319538A} - System32\Tasks\1t8v7n\l2tjnx\7auokl\687xl3\z9jmoh\vr2uzp\0tybme\txmh4v\36hx1z\oph9d7\jl14v5\cyhl7j\16sw5m\sr3s5c\lh36mc\9s6hev\8nlq4n => %localappdata%\brooches.exe  (No File) <==== ATTENTION
Task: {D71D304C-DC3D-4144-86B6-324552FAC08E} - System32\Tasks\47qjxe\8566kz\fznvm5\dfixxe\6p62t4\ntaoqs\3gzjra\qoqley\8ci4l6\ir522d\9n8txq\afffbt\9z194s\cczhi7\pjiadh\ul6e69\n6t0xd => %PROGRAMFILES(x86)%\Botas\abed.exe  (No File) <==== ATTENTION
Task: {A4853274-B062-4A5A-875F-00E84F41BC58} - System32\Tasks\9dinme\q3ambz\itwk4j\mt5lbp\8ne09c\eooqhs\782jd2\q59wq4\1edtbb\ekdgrz\nah251\mokab1\mtnqen\zgu6wd\e3cnhb\8wyq1n\da5qye => %localappdata%\Catawba.exe  "tgbnhyhtgbnhyttgbnhyttgbnhyptgbnhy:tgbnhy/tgbnhy/tgbnhywtgbnhywtgbnhywtgbnhy.tgbnhyftgbnhyotgbnhyntgbnhyttgbnhyetgbnhyntgbnhyotgbnhyttgbnhystgbnhyutgbnhy.tgbnhyctgbnhyotgbnhymtgbnhy/tgbnhyle2qp0qp2qtgbnhyp3qp0c9c1ltgbnhye8leqphtmltgbnhyL2shEWR9IqtgbnhyVBHQoiukZ0" (No File) <==== ATTENTION
Task: {7C31F7C4-07DF-4795-8F5B-5FA1FFEE6906} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {A718428A-8BF3-4903-ACD3-5B5935A614EE} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {A536AA04-E886-45DC-8431-88F1065AF598} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FD2287EC-EF96-4E54-B6E3-0F0364508B35} - System32\Tasks\Apple Diagnostics => C:\Users\Gemilang\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe [0 2023-08-19] () [symlink -> ]
Task: {2A94F5B7-F03C-4D93-ABD7-900A6F5828AD} - System32\Tasks\ASC_SkipUac_gemil => "C:\Program Files (x86)\Advanced SystemCare Pro\ASC.exe"  /SkipUac (No File)
Task: {86B7E84C-57BC-494F-85BF-37569DE74AC9} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusHotkey.exe [291408 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B439E448-6F4F-4F60-9716-B86E2CD7E0EE} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSoftwareManager\AsusUpdateChecker.exe [797776 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {799371C3-D08F-4E7C-91D5-A6D54534AAC7} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [309608 2022-09-27] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {98DACA27-E3A0-46A3-826E-CD4933D666DA} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1858920 2022-09-27] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {E54279E2-0D7E-40F5-BB54-6B85316279D5} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2022-01-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {24D12A98-6FBF-4A5D-B690-FFA1EF4D3F11} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2022-01-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {41BB7C64-AF7F-4CC0-9B4F-D09F7A73A699} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [43797544 2022-09-01] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {291F967A-2AC3-4B10-9B27-6AF378753593} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (No File)
Task: {4A926F9A-EA11-4474-B8F5-86AA7DA687D8} - System32\Tasks\ASUSSmartDisplayControl => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [149680 2022-03-07] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {3516782A-AFCC-4E42-847D-4FA2DF3EFA86} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4082808 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {D1B142C2-6383-492E-8F3B-0E25B782219F} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4947352 2023-09-19] (Avast Software s.r.o. -> AVAST Software)
Task: {E58EE50D-6F09-4462-8F6F-9A23B623AA75} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-09-19] (Avast Software s.r.o. -> Avast Software)
Task: {A9FEFE4C-2505-4095-A204-503B9993B5E8} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.259_0\WatchDog.exe [937000 2023-07-27] (Bitdefender SRL -> Bitdefender)
Task: {09EC3258-43EC-4F06-A3F1-150DEA995213} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-04-12] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {936BFCEB-8CEA-40E2-81AF-FC1424FC2C8E} - System32\Tasks\CCleanerSkipUAC - Gemilang => C:\Program Files\CCleaner\CCleaner64.exe [35874816 2022-03-16] (Piriform Software Ltd) [File not signed]
Task: {70D79F22-BA6E-4466-AA74-814F3CB63E86} - System32\Tasks\Driver Booster SkipUAC (Gemilang) => "C:\Program Files (x86)\Driver Booster\DriverBooster.exe"  /skipuac (No File)
Task: {3A306A40-704D-4C79-9BAD-274AC267D047} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2022-01-18] (Google Inc -> Google Inc.)
Task: {A573E252-9B0A-4559-AAB2-70EEDBAEDDA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2022-01-18] (Google Inc -> Google Inc.)
Task: {FFBA804E-54EC-41D6-B47F-EB7CB4D1CE61} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Gemilang => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [6181888 2022-12-12] (H.D.S. Hungary) [File not signed]
Task: {D64DF579-8045-4D20-823F-39B9F1F7CE95} - System32\Tasks\m0am5a\fl0j9f\itg3t9\4cwo3d\hreyo3\ghcat5\zqt7jt\azgviq\7wj9j0\ppmvk5\vdc6it\y8awzt\87g874\057s9v\a2socn\5d9dca\yydm4m => %localappdata%\toppled.exe  "tgbnhyhtgbnhyttgbnhyttgbnhyptgbnhy:tgbnhy/tgbnhy/tgbnhywtgbnhywtgbnhywtgbnhy.tgbnhyftgbnhyotgbnhyntgbnhyttgbnhyetgbnhyntgbnhyotgbnhyttgbnhystgbnhyutgbnhy.tgbnhyctgbnhyotgbnhymtgbnhy/tgbnhyle2qp0qp2qtgbnhyp3qp0c9c1ltgbnhye8leqphtmltgbnhyL2shEWR9IqtgbnhyVBHQoiukZ0" (No File) <==== ATTENTION
Task: {97150913-4DCC-40BE-A7AE-71DE813694DA} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe  /Run (No File)
Task: {A7D93A7F-17B7-44A8-8A34-06DEE3E013FD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26974720 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {20D34C52-2717-4CA7-A6A4-ABAD36B536FB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26974720 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {78E12CBF-D6F4-4757-A398-82280772339B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160848 2023-09-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {18817FF3-BC8A-4B30-BF5F-55740E5880B8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160848 2023-09-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {960718E8-08EE-4E83-8820-9EF20D761716} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169136 2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {601031FB-51D6-4FED-8912-FFCBA9130F19} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4413368 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D741A01-9338-4A8E-A98C-BD8285333911} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\UCPD velocity => C:\WINDOWS\system32\UCPDMgr.exe [58880 2023-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File)
Task: {2B631737-D5C3-4C4F-AA25-88A99027CB1F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-09-19] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {AC77A1E4-5973-440F-95F8-ADCC139A3A8B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {7F5415DE-409C-4F75-B283-950FDEC62A92} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {3DC52AFE-92BD-4022-9E3A-FF185F95B511} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {318CD897-FD16-4C53-B202-64C71D518BE9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FF565B15-819C-45A9-8459-5E2FE89A7E30} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {80C3B502-684D-4746-A561-6952530A1FBE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ACCF1016-C48B-4514-AE81-FEC34C96B296} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D1E58DA8-1796-46E0-923D-C1D11DCD8470} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5862E987-4A7A-41DC-9F2B-8283D2F52C89} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5994F67A-E1CB-4014-A5D9-A12B40DE5700} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {156E1772-F8FC-4D13-B749-0C7CF804BF09} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {42275048-2444-4D45-BB3D-96F94D3CDE33} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130208 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {88D27365-239D-46F9-BEE8-98736B95C994} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-951395627-451568364-1154128064-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130208 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {62FD47B3-8102-4A9A-93D0-AAE9DC3D7748} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-951395627-451568364-1154128064-1006 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130208 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1163EC5-C3ED-4130-AAF3-159784AA2B06} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-951395627-451568364-1154128064-500 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130208 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A455BFF-AF14-4106-ABAA-616CD019E4E7} - System32\Tasks\Opera GX scheduled Autoupdate 1695082761 => C:\Users\Gemilang\AppData\Local\Programs\Opera GX\launcher.exe [2686880 2023-09-14] (Opera Norway AS -> Opera Software)
Task: {8D96FBC0-9974-407B-84BA-F0F42490A928} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_179f26ff7cd32d0f\RtkAudUService64.exe [1616744 2022-10-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0990094c-56a1-46b3-885a-978925f65090}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7789122f-a994-4082-863f-609b1b8e6f53}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b71c6bf0-30af-4da2-ad31-fad9c41edee3}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
 
Edge: 
=======
Edge Profile: C:\Users\Gemilang\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-19]
Edge Extension: (EndNote Click - Formerly Kopernio) - C:\Users\Gemilang\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jaleebmaoohbjjohjlfmihkkopgfibne [2022-03-24]
Edge Extension: (Edge relevant text changes) - C:\Users\Gemilang\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-04]
Edge HKU\S-1-5-21-951395627-451568364-1154128064-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx <not found>
Edge HKLM-x32\...\Edge\Extension: [jaleebmaoohbjjohjlfmihkkopgfibne]
 
FireFox:
========
FF DefaultProfile: ckzvzo2z.default
FF ProfilePath: C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\ckzvzo2z.default [2022-05-28]
FF ProfilePath: C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\zof674gf.default-release [2023-09-20]
FF Homepage: Mozilla\Firefox\Profiles\zof674gf.default-release -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170902&iDate=2022-02-28 12:38:04&bName=
FF Extension: (Grammarly for Firefox) - C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\zof674gf.default-release\Extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi [2022-05-17]
FF Extension: (Browsec VPN - Free VPN for Firefox) - C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\zof674gf.default-release\Extensions\browsec@browsec.com.xpi [2022-04-22]
FF Extension: (AdBlock — best ad blocker) - C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\zof674gf.default-release\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2022-05-06]
FF Extension: (Japan Style - Kanagawa Great Wave HI RES) - C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\zof674gf.default-release\Extensions\{3ed642ce-554e-4329-ae49-12ee7717d491}.xpi [2022-03-23]
FF Extension: (Rainbow Beach) - C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\zof674gf.default-release\Extensions\{abb6cef7-ef9b-499c-b6d9-6c1917b5469a}.xpi [2022-03-23]
FF Extension: (Dracula Dark Theme) - C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\zof674gf.default-release\Extensions\{b743f56d-1cc1-4048-8ba6-f9c2ab7aa54d}.xpi [2022-03-23]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Gemilang\AppData\Roaming\Mozilla\Firefox\Profiles\zof674gf.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-05-17]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Gemilang\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Gemilang\AppData\Roaming\IDM\idmmzcc5 [2022-03-30] [Legacy] [not signed]
FF HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-09] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default [2023-09-23]
CHR Notifications: Default -> hxxps://kampusmerdeka.kemdikbud.go.id; hxxps://session.satupersen.net; hxxps://www.duolingo.com
CHR Extension: (Easy Auto Refresh) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2022-03-23]
CHR Extension: (Touch VPN - Secure and unlimited VPN proxy) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2023-09-13]
CHR Extension: (Adblock for Youtube™) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2023-05-25]
CHR Extension: (Mendeley Web Importer) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2023-08-30]
CHR Extension: (Dark Reader) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2023-08-13]
CHR Extension: (WA Web Plus by Elbruz Technologies) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekcgkejcjdcmonfpmnljobemcbpnkamh [2023-09-23]
CHR Extension: (Video Downloader Professional) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2023-04-20]
CHR Extension: (Quizit.online) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbihgipgiggdfncfhinohincfbieonkf [2022-03-23]
CHR Extension: (Google Docs Offline) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-23]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-09-21]
CHR Extension: (VPN Free - Betternet Unlimited VPN Proxy) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2023-09-16]
CHR Extension: (Picture-in-Picture Extension (by Google)) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgfoiooedgoejojocmhlaklaeopbecg [2023-08-31]
CHR Extension: (Zoho Vault) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpcodhieompeloncfnbekccinhapdb [2023-08-10]
CHR Extension: (Find & Replace for Text Editing) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\jajhdmnpiocpbpnlpejbgmpijgmoknnl [2023-05-17]
CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-09-23]
CHR Extension: (Ride the Wave) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldfofogdaicbefckdloiahgnajmcicnc [2023-04-26]
CHR Extension: (Application launcher for Drive (by Google)) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-19]
CHR Extension: (Video DownloadHelper) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2023-08-26]
CHR Extension: (IDM Integration Module) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2023-09-13]
CHR Extension: (Save Image As PNG) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkokmeaibnajheohncaamjggkanfbphi [2022-03-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-22]
CHR Extension: (Custom Cursor for Chrome™) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogdlpmhglpejoiomcodnpjnfgcpmgale [2023-09-01]
CHR Extension: (Browsec VPN - Free VPN for Chrome) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2023-09-12]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2023-09-17]
CHR Profile: C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-10]
CHR Profile: C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-03-10]
CHR Notifications: Profile 2 -> hxxps://meet.google.com
CHR Extension: (Google Docs Offline) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-16]
CHR Profile: C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 3 [2023-09-08]
CHR Extension: (EndNote Click - Formerly Kopernio) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fjgncogppolhfdpijihbpfmeohpaadpc [2022-12-21]
CHR Extension: (Google Docs Offline) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-21]
CHR Profile: C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 4 [2023-07-10]
CHR Extension: (EndNote Click - Formerly Kopernio) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fjgncogppolhfdpijihbpfmeohpaadpc [2023-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-20]
CHR Profile: C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 5 [2023-03-10]
CHR Extension: (Google Docs Offline) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-21]
CHR Profile: C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 6 [2023-07-03]
CHR Extension: (Google Docs Offline) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-10]
CHR Profile: C:\Users\Gemilang\AppData\Local\Google\Chrome\User Data\System Profile [2023-08-23]
CHR HKLM\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKU\S-1-5-21-951395627-451568364-1154128064-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKU\S-1-5-21-951395627-451568364-1154128064-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-951395627-451568364-1154128064-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fjgncogppolhfdpijihbpfmeohpaadpc] - hxxps://click.endnote.com/extensions/chrome/update-manifest.xml
CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18673448 2021-03-29] (Autodesk, Inc. -> Autodesk) [File not signed]
R2 AdskNLM; C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe [1201488 2021-02-25] (Flexera Software LLC -> Flexera)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3966432 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103264 2022-10-08] (Apple Inc. -> Apple Inc.)
R2 ArmouryCrateControlInterface; C:\WINDOWS\System32\ASUSACCI\ArmouryCrateControlInterface.exe [1181232 2023-06-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [399984 2023-02-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2022-01-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\AsusAppService\AsusAppService.exe [1177208 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [558104 2022-10-12] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkNear\AsusLinkNear.exe [1630288 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkRemote\AsusLinkRemote.exe [772688 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2022-01-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusOptimization.exe [473168 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [650208 2022-03-23] (ASUSTeK COMPUTER INC. -> ASUS)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSoftwareManager\AsusSoftwareManager.exe [1111120 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSwitch\AsusSwitch.exe [641104 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4082808 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [832632 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8904088 2023-09-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [587672 2023-09-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [588184 2023-09-19] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-09-19] (Avast Software s.r.o. -> AVAST Software)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe [1092656 2022-03-16] (AOMEI International Network Limited -> AOMEI International Network Limited)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2560552 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12857344 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [429352 2022-11-23] (DTS, Inc. -> DTS Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.191.0912.0001\FileSyncHelper.exe [3513264 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
S2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_5f98233769cf65a5\AS\IAS\IntelAudioService.exe [539992 2023-08-29] (Intel Corporation -> Intel)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4209512 2022-12-26] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [46416 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.191.0912.0001\OneDriveUpdaterService.exe [3850144 2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
R2 PEMHTTPD; C:\Program Files (x86)\edb\pem\httpd\apache\bin\httpd.exe [25088 2021-10-22] (Apache Software Foundation) [File not signed]
R2 pgbouncer; C:\Program Files (x86)\PgBouncer\bin\pgbouncer.exe [2380030 2021-11-12] () [File not signed]
S2 postgresql-x64-14; C:\Program Files\PostgreSQL\14\bin\pg_ctl.exe [118272 2022-03-23] (PostgreSQL Global Development Group) [File not signed]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [659496 2023-07-27] (Bitdefender SRL -> Bitdefender)
R2 RefreshRateService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe [40672 2021-09-10] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek Computer Inc.)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1665648 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 SafeExamBrowser; C:\Program Files\SafeExamBrowser\Service\SafeExamBrowser.Service.exe [405760 2022-11-15] (ETH Zürich -> ETH Zürich)
S4 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402352 2023-09-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvamig.inf_amd64_e3377401dd616a66\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvamig.inf_amd64_e3377401dd616a66\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
R2 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\Gemilang\AppData\Roaming\Zoom"
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [172928 2022-04-01] (AOMEI International Network Limited -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [32176 2022-04-01] (AOMEI International Network Limited -> )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [49256 2022-10-12] (ASUSTeK COMPUTER INC. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_314b5cb6bf57f471\AsusPTPFilter.sys [116712 2021-12-02] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemAnalysis\AsusSAIO.sys [49208 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31528 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238496 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [392880 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297880 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-09-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [272576 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559184 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [946160 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [705480 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212680 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319568 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusWmiAcpi.sys [48760 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321784 2022-04-12] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2022-11-04] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-11-04] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [33424 2021-07-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2021-08-12] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_1308f85f1b0adf27\iaLPSS2_I2C_TGL.sys [204440 2021-08-12] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1605320 2022-12-23] (Intel Corporation -> Intel Corporation)
R3 IGO_VSD; C:\WINDOWS\system32\drivers\igovsd.sys [42344 2021-07-05] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_5d49b801c1e48609\IntcUSB.sys [941976 2023-08-29] (Intel Corporation -> Intel® Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88760 2022-09-01] (Intel Corporation -> Intel Corporation)
R3 MTKBTFilterX64; C:\WINDOWS\system32\DRIVERS\mtkbtfilterx.sys [280040 2022-08-17] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1681752 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [237592 2023-08-29] (NVIDIA Corporation -> NVIDIA Corporation)
R1 ReasonCamFilter; C:\WINDOWS\System32\DRIVERS\ReasonCamFilter.sys [49992 2022-12-03] (Reason CyberSecurity Inc. -> Reason Software Company)
R3 rt25cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_1b566be7bbea37fc\rt25cx21x64.sys [742288 2023-08-29] (Realtek Semiconductor Corp. -> Realtek)
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows ® Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S4 UCPD; C:\WINDOWS\System32\drivers\UCPD.sys [29184 2023-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55872 2023-09-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [574872 2023-09-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-19] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; no ImagePath
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2023-09-23 11:57 - 2023-09-23 12:00 - 000095495 _____ C:\Users\Gemilang\Desktop\Cover Letter - Gemilang Ananda Nizola .pdf
2023-09-23 11:57 - 2023-09-23 11:57 - 000495502 _____ C:\Users\Gemilang\Desktop\garet.zip
2023-09-21 22:19 - 2023-09-21 22:20 - 000116978 _____ C:\Users\Gemilang\Downloads\Addition.txt
2023-09-21 22:16 - 2023-09-21 22:16 - 000001798 _____ C:\Users\Gemilang\Desktop\ESETScan.txt
2023-09-21 21:09 - 2023-09-21 21:09 - 015274968 _____ (ESET) C:\Users\Gemilang\Downloads\esetonlinescanner.exe
2023-09-21 21:07 - 2023-09-21 21:11 - 000001383 _____ C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-09-21 21:07 - 2023-09-21 21:11 - 000001277 _____ C:\Users\Gemilang\Desktop\ESET Online Scanner.lnk
2023-09-21 21:07 - 2023-09-21 21:07 - 000000000 ____D C:\Users\Gemilang\AppData\Local\ESET
2023-09-21 17:26 - 2023-09-23 12:07 - 000067081 _____ C:\Users\Gemilang\Downloads\FRST.txt
2023-09-21 17:25 - 2023-09-23 12:07 - 000000000 ____D C:\FRST
2023-09-21 17:25 - 2023-09-21 17:25 - 002382848 _____ (Farbar) C:\Users\Gemilang\Downloads\FRST64.exe
2023-09-19 14:31 - 2023-09-19 14:31 - 000690101 _____ C:\Users\Gemilang\Downloads\Marvels.Spider.Man.Miles.Morales.v1.0.Plus.22.Trainer-FLiNG.zip
2023-09-19 07:50 - 2023-09-19 07:50 - 000057936 _____ C:\ProgramData\agent.uninstall.1695084519.bdinstall.v2.bin
2023-09-19 07:50 - 2023-09-19 07:50 - 000002162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2023-09-19 07:50 - 2023-09-19 07:50 - 000002150 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2023-09-19 07:50 - 2023-09-19 07:50 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Avast Software
2023-09-19 07:49 - 2023-09-19 07:49 - 000463140 _____ C:\ProgramData\cl.uninstall.1695084527.bdinstall.v2.bin
2023-09-19 07:48 - 2023-09-19 07:48 - 000313240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-09-19 07:48 - 2023-09-19 07:48 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-09-19 07:48 - 2023-09-19 07:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-09-19 07:48 - 2023-09-19 07:48 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2023-09-19 07:47 - 2023-09-19 07:47 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2023-09-19 07:47 - 2023-09-19 07:47 - 000000000 ____D C:\Program Files\Avast Software
2023-09-19 07:41 - 2023-09-19 07:41 - 000263576 _____ (AVAST Software) C:\Users\Gemilang\Downloads\avast_free_antivirus_setup_online.exe
2023-09-19 07:40 - 2023-09-23 11:50 - 000000000 ___HD C:\Users\Gemilang\.opera
2023-09-19 07:39 - 2023-09-19 07:39 - 000683380 _____ C:\ProgramData\cl.1695083781.bdinstall.v2.bin
2023-09-19 07:39 - 2023-09-19 07:39 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2023-09-19 07:38 - 2023-09-19 07:38 - 000000000 ____D C:\ProgramData\Gemma
2023-09-19 07:38 - 2023-09-19 07:38 - 000000000 ____D C:\ProgramData\Atc
2023-09-19 07:37 - 2023-09-19 07:38 - 000000000 ____D C:\ProgramData\BDLogging
2023-09-19 07:37 - 2023-09-19 07:37 - 000000000 ____D C:\WINDOWS\system32\elambkup
2023-09-19 07:37 - 2023-09-19 07:37 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Bitdefender Security App
2023-09-19 07:36 - 2023-09-19 10:24 - 000000000 ____D C:\Program Files\Bitdefender
2023-09-19 07:36 - 2023-09-19 07:49 - 000000000 ____D C:\ProgramData\Bitdefender
2023-09-19 07:36 - 2023-09-19 07:36 - 000091604 _____ C:\ProgramData\agent.update.1695083776.bdinstall.v2.bin
2023-09-19 07:28 - 2023-09-19 07:36 - 000003854 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2023-09-19 07:26 - 2023-09-19 07:36 - 000000000 ____D C:\Program Files\Bitdefender Agent
2023-09-19 07:26 - 2023-09-19 07:26 - 000143476 _____ C:\ProgramData\agent.1695083184.bdinstall.v2.bin
2023-09-19 07:26 - 2023-09-19 07:26 - 000000000 ____D C:\Users\Gemilang\AppData\Local\mbam
2023-09-19 07:26 - 2023-09-19 07:26 - 000000000 ____D C:\Users\Gemilang\AppData\Local\Bitdefender
2023-09-19 07:26 - 2023-09-19 07:26 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2023-09-19 07:21 - 2023-09-19 07:50 - 000000000 ___HD C:\Program Files (x86)\Klan
2023-09-19 07:21 - 2023-09-19 07:30 - 000000000 ____D C:\Program Files (x86)\draped
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\w4agpq
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\rkn1wb
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\obs510
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\m0am5a
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\c1cupu
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\aqlv93
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\akio5d
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\9itdhj
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\9dinme
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\47qjxe
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\2r2ljl
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\1t8v7n
2023-09-19 07:21 - 2023-09-19 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\0k5gyk
2023-09-19 07:19 - 2023-09-19 07:21 - 000000000 ____D C:\Users\Gemilang\AppData\Local\Opera Software
2023-09-19 07:19 - 2023-09-19 07:19 - 000004246 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1695082761
2023-09-19 07:18 - 2023-09-19 07:21 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Opera Software
2023-09-19 07:16 - 2023-09-19 07:16 - 000000000 ____D C:\Users\Gemilang\AppData\Local\AdvinstAnalytics
2023-09-19 07:03 - 2023-09-19 14:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-16 15:19 - 2023-09-19 20:05 - 000000000 ____D C:\Users\Gemilang\Documents\Marvel's Spider-Man Miles Morales
2023-09-16 15:14 - 2023-09-16 15:14 - 000667466 _____ C:\Users\Gemilang\Downloads\Resume - Gemilang.pdf
2023-09-16 15:12 - 2023-09-16 15:13 - 000059173 _____ C:\Users\Gemilang\Downloads\Cover Letter - Oliver Wyman.pdf
2023-09-12 13:32 - 2023-09-12 13:32 - 000109638 _____ C:\Users\Gemilang\Downloads\CV - Aprieza Nurizki (2).pdf
2023-09-08 05:08 - 2023-09-08 05:08 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2023-09-07 16:13 - 2023-09-07 16:13 - 000620911 _____ C:\Users\Gemilang\Downloads\CV & Academic Transcript - Gemilang Ananda Nizola.pdf
2023-09-06 06:12 - 2023-09-06 06:12 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-09-02 07:21 - 2023-09-01 09:51 - 001243422 _____ C:\Users\Gemilang\Downloads\Dark Side of Fast Fashion - Only For Sharing.pdf
2023-08-30 13:47 - 2023-09-16 15:19 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Insomniac Games
2023-08-30 13:47 - 2023-09-15 16:41 - 000000000 ____D C:\Users\Gemilang\Documents\Marvel's Spider-Man Remastered
2023-08-30 13:47 - 2023-08-30 13:47 - 000000000 ____D C:\Users\Gemilang\.insomniac
2023-08-30 10:33 - 2023-08-30 10:33 - 000059041 _____ C:\Users\Gemilang\Downloads\Cover Letter - BCG - Workflow Associate.pdf
2023-08-29 07:18 - 2023-08-29 07:18 - 002167816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 001621512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 001538072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 001487480 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 001226872 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 001195024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000992264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000920600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000849088 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-08-29 07:18 - 2023-08-29 07:18 - 000849088 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-08-29 07:18 - 2023-08-29 07:18 - 000776216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-08-29 07:18 - 2023-08-29 07:18 - 000769048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000713920 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-08-29 07:18 - 2023-08-29 07:18 - 000713920 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-08-29 07:18 - 2023-08-29 07:18 - 000668680 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000653504 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000653504 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000637120 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000637120 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000503928 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-08-29 07:18 - 2023-08-29 07:18 - 000459384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-08-29 07:17 - 2023-08-29 07:17 - 014520856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-08-29 07:17 - 2023-08-29 07:17 - 012066840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-08-29 07:17 - 2023-08-29 07:17 - 006738024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-08-29 07:17 - 2023-08-29 07:17 - 006190728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-08-29 07:17 - 2023-08-29 07:17 - 005845000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-08-29 07:17 - 2023-08-29 07:17 - 005550728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-08-29 07:17 - 2023-08-29 07:17 - 003483272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-08-29 07:17 - 2023-08-29 07:17 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-08-29 07:17 - 2023-08-29 07:17 - 000108142 _____ C:\WINDOWS\system32\nvinfo.pb
2023-08-26 13:31 - 2023-08-26 13:31 - 000001866 _____ C:\Users\Public\Desktop\There Is No Game - Wrong Dimension.lnk
2023-08-26 13:31 - 2023-08-26 13:31 - 000000000 ____D C:\Users\Gemilang\AppData\LocalLow\DrawMeAPixel
2023-08-26 13:31 - 2023-08-26 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\There Is No Game - Wrong Dimension [GOG.com]
2023-08-26 12:59 - 2023-08-26 12:59 - 001168168 _____ C:\Users\Gemilang\Downloads\star-wars-jedi-fallen-order-save-3.rar
2023-08-26 08:16 - 2023-08-26 08:16 - 002568303 _____ C:\Users\Gemilang\Downloads\star_wars_jedi_fallen_order__trainer_5_v1010.zip
2023-08-25 20:11 - 2023-08-25 20:11 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2023-08-24 12:08 - 2023-08-24 12:08 - 000060275 _____ C:\Users\Gemilang\Downloads\Cover Letter - JPMorgan Chase & Co.pdf
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2023-09-23 12:05 - 2022-05-07 12:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-23 12:02 - 2022-03-23 22:28 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2023-09-23 11:53 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-23 11:52 - 2023-08-19 10:06 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-09-23 11:52 - 2023-08-19 10:06 - 000002082 _____ C:\Users\Gemilang\Desktop\Google Slides.lnk
2023-09-23 11:52 - 2023-08-19 10:06 - 000002082 _____ C:\Users\Gemilang\Desktop\Google Sheets.lnk
2023-09-23 11:52 - 2023-08-19 10:06 - 000002070 _____ C:\Users\Gemilang\Desktop\Google Docs.lnk
2023-09-23 11:52 - 2023-08-19 10:06 - 000002046 _____ C:\Users\Gemilang\Desktop\Google Drive.lnk
2023-09-23 11:52 - 2022-11-04 11:21 - 000850308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-23 11:52 - 2022-05-07 12:22 - 000000000 ____D C:\WINDOWS\INF
2023-09-23 11:52 - 2022-01-18 13:30 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-23 11:52 - 2021-07-27 08:00 - 000000000 ____D C:\Program Files\Microsoft Office
2023-09-23 11:51 - 2022-11-04 11:19 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2023-09-23 11:50 - 2022-11-04 11:19 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F5FB1FDB-9AD5-4AE6-ABD4-04AB64761167}
2023-09-23 11:50 - 2022-05-07 12:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-23 11:50 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\Registration
2023-09-23 11:50 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-23 11:50 - 2022-01-18 12:41 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-23 11:47 - 2022-01-18 12:43 - 000000000 ____D C:\Program Files\ASUS
2023-09-23 11:45 - 2023-08-19 08:19 - 000000000 ___RD C:\Users\Gemilang\iCloudDrive
2023-09-23 11:45 - 2022-11-04 10:50 - 000000000 ____D C:\WINDOWS\system32\ASUSACCI
2023-09-23 11:45 - 2022-07-13 12:00 - 000000000 ____D C:\Users\Gemilang\AppData\Local\WebEx
2023-09-23 11:44 - 2022-11-04 11:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-23 11:44 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-09-23 11:44 - 2022-04-01 21:08 - 000000432 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2023-09-23 11:44 - 2022-04-01 21:08 - 000000416 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2023-09-23 11:44 - 2022-03-24 07:29 - 000000000 ____D C:\ProgramData\Avast Software
2023-09-23 11:44 - 2022-01-18 13:23 - 000000000 __SHD C:\Users\Gemilang\IntelGraphicsProfiles
2023-09-23 11:44 - 2022-01-18 12:37 - 000000000 ___HD C:\Intel
2023-09-23 11:44 - 2021-07-27 07:57 - 000012288 ___SH C:\DumpStack.log.tmp
2023-09-21 22:21 - 2022-05-07 12:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-09-21 21:43 - 2022-11-04 11:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-21 21:38 - 2022-12-03 14:35 - 000000000 ____D C:\Program Files\Cheat Engine 7.4
2023-09-21 21:24 - 2022-01-18 13:23 - 000000000 ____D C:\Users\Gemilang\AppData\Local\D3DSCache
2023-09-21 21:11 - 2022-03-23 14:27 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-09-21 21:10 - 2022-03-22 20:43 - 000000000 ____D C:\Users\Gemilang\AppData\Local\CrashDumps
2023-09-21 21:06 - 2022-03-26 19:07 - 000000000 ____D C:\Program Files\R
2023-09-21 21:06 - 2022-03-23 23:21 - 000000000 ____D C:\Program Files\Revo Uninstaller
2023-09-21 21:06 - 2022-03-23 10:42 - 000000000 ____D C:\Program Files (x86)\Steam
2023-09-21 21:04 - 2023-04-18 15:52 - 000000000 ____D C:\Users\Gemilang\Desktop\Coursera - R Programming 2023-3
2023-09-21 21:04 - 2022-03-23 21:27 - 000000000 ____D C:\Program Files (x86)\DODI-Repacks
2023-09-21 21:01 - 2022-03-23 07:23 - 000000000 ____D C:\ProgramData\IObit
2023-09-21 20:59 - 2023-01-11 15:00 - 000000000 ____D C:\Games
2023-09-21 17:11 - 2021-07-27 07:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-21 17:09 - 2022-11-04 11:19 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-951395627-451568364-1154128064-1006
2023-09-21 17:09 - 2022-11-04 11:19 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-951395627-451568364-1154128064-1001
2023-09-21 17:09 - 2022-11-04 11:19 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-951395627-451568364-1154128064-500
2023-09-21 17:09 - 2022-11-04 11:19 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-09-21 17:09 - 2022-03-23 12:23 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-19 14:10 - 2022-03-23 16:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-19 12:27 - 2022-03-23 16:27 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-19 10:28 - 2022-03-24 08:02 - 000000000 ____D C:\Users\Gemilang\AppData\Local\Avast Software
2023-09-19 07:58 - 2021-07-27 07:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-09-19 07:49 - 2022-01-18 13:23 - 000000000 ____D C:\Users\Gemilang\AppData\Local\Packages
2023-09-19 07:49 - 2021-07-27 08:00 - 000000000 ____D C:\ProgramData\Packages
2023-09-19 07:48 - 2022-05-07 12:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-09-19 07:48 - 2022-05-07 12:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-09-19 07:40 - 2022-11-04 11:01 - 000000000 ____D C:\Users\Gemilang
2023-09-19 07:35 - 2022-03-22 20:34 - 000918960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-09-19 07:34 - 2021-06-05 19:10 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2023-09-19 07:30 - 2022-10-27 11:12 - 000000000 ____D C:\Users\Gemilang\Front
2023-09-19 07:30 - 2022-03-23 07:23 - 000000000 ____D C:\Program Files (x86)\Advanced SystemCare Pro
2023-09-19 07:25 - 2022-03-23 07:11 - 000000000 ____D C:\Program Files\CCleaner
2023-09-19 07:03 - 2022-11-04 11:19 - 000003714 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-19 07:03 - 2022-11-04 11:19 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-09-16 06:34 - 2022-12-23 13:35 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\vlc
2023-09-15 11:11 - 2023-01-05 10:32 - 000700568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-15 11:10 - 2022-05-07 14:39 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-09-15 11:10 - 2022-05-07 14:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\UUS
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-09-15 11:10 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-15 08:43 - 2022-03-23 10:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-15 08:40 - 2022-05-07 12:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-15 08:40 - 2022-03-23 10:49 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-15 08:38 - 2022-11-04 11:18 - 003210752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-09-15 08:37 - 2022-10-20 08:36 - 000095848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-09-15 08:37 - 2022-10-20 08:36 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-09-15 08:37 - 2022-05-16 20:47 - 000000000 ____D C:\XboxGames
2023-09-15 08:37 - 2022-03-30 12:50 - 002688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-09-15 08:37 - 2022-03-30 12:50 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-09-15 08:36 - 2022-03-30 12:50 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-09-15 08:36 - 2022-03-30 12:50 - 000210536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-09-15 08:36 - 2022-03-30 12:50 - 000181864 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-09-14 11:06 - 2023-08-19 08:19 - 000002830 _____ C:\WINDOWS\system32\Tasks\Apple Diagnostics
2023-09-14 11:06 - 2023-07-29 12:30 - 000002508 _____ C:\WINDOWS\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0
2023-09-14 11:06 - 2022-11-04 11:19 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-09-14 11:06 - 2022-11-04 11:19 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-14 11:06 - 2022-11-04 11:19 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-14 11:06 - 2022-11-04 11:19 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000003116 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2023-09-14 11:06 - 2022-11-04 11:19 - 000003034 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2023-09-14 11:06 - 2022-11-04 11:19 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000002954 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt
2023-09-14 11:06 - 2022-11-04 11:19 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-14 11:06 - 2022-11-04 11:19 - 000002596 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2023-09-14 11:06 - 2022-11-04 11:19 - 000002552 _____ C:\WINDOWS\system32\Tasks\ASUSSmartDisplayControl
2023-09-14 11:06 - 2022-11-04 11:19 - 000002526 _____ C:\WINDOWS\system32\Tasks\ASC_SkipUac_gemil
2023-09-14 11:06 - 2022-11-04 11:19 - 000002452 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2023-09-14 11:06 - 2022-11-04 11:19 - 000002382 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Gemilang)
2023-09-14 11:06 - 2022-11-04 11:19 - 000002260 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Gemilang
2023-09-13 19:27 - 2022-01-18 13:30 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-12 16:15 - 2022-05-07 12:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-09-07 08:54 - 2022-03-23 16:27 - 000000000 ____D C:\Users\Gemilang\AppData\LocalLow\Mozilla
2023-09-02 09:44 - 2022-03-28 12:07 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Microsoft\Word
2023-09-02 08:07 - 2022-01-18 13:33 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Microsoft\Excel
2023-09-02 08:01 - 2022-03-23 06:18 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Microsoft\Office
2023-08-31 16:09 - 2022-11-04 13:18 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Microsoft\Forms
2023-08-30 10:35 - 2023-08-16 11:45 - 000157195 _____ C:\Users\Gemilang\Desktop\CV - Gemilang.pdf
2023-08-30 10:34 - 2023-05-14 10:28 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2023-08-30 10:34 - 2022-03-25 21:16 - 000003358 _____ C:\WINDOWS\system32\Drivers\etc\hosts.rollback
2023-08-30 07:54 - 2022-03-22 20:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-08-29 07:17 - 2022-10-14 06:14 - 007858112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-08-29 07:16 - 2022-09-01 11:56 - 000237592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpcf.sys
2023-08-29 07:15 - 2022-09-01 06:11 - 001681752 _____ (MediaTek Inc.) C:\WINDOWS\system32\Drivers\mtkwl6ex.sys
2023-08-29 07:15 - 2022-09-01 06:11 - 000575496 _____ (MediaTek Inc.) C:\WINDOWS\system32\mtkihvx.dll
2023-08-26 13:30 - 2023-01-08 14:34 - 000000000 ____D C:\GOG Games
2023-08-26 10:26 - 2023-08-03 09:23 - 001144148 _____ C:\Users\Gemilang\Desktop\SaveGame00.sav
2023-08-25 20:11 - 2022-03-24 08:37 - 000000000 ____D C:\Program Files\Common Files\Zoom
2023-08-25 20:11 - 2022-03-24 08:33 - 000000000 ____D C:\Users\Gemilang\AppData\Roaming\Zoom
 
==================== Files in the root of some directories ========
 
2022-03-23 15:52 - 2022-11-03 10:44 - 000000000 _____ () C:\Users\Gemilang\AppData\Roaming\Spyder.launch.pyw.log
2022-03-23 22:28 - 2022-03-23 22:28 - 000000410 _____ () C:\Users\Gemilang\AppData\Local\oobelibMkey.log
2021-11-24 17:48 - 2021-11-24 17:48 - 000193912 _____ (NirSoft) C:\Users\Gemilang\AppData\Local\SoundVolumeView.exe
2021-11-24 17:23 - 2021-11-24 17:23 - 000143224 _____ (NirSoft) C:\Users\Gemilang\AppData\Local\SoundVolumeView64.exe
2021-11-20 23:06 - 2021-11-20 23:06 - 000138680 _____ (Microsoft Corporation) C:\Users\Gemilang\AppData\Local\WebView2Loader.dll
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

and here is the another one
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2023
Ran by Gemilang (23-09-2023 12:07:33)
Running from C:\Users\Gemilang\Downloads
Microsoft Windows 11 Pro Version 22H2 22621.2283 (X64) (2022-11-04 04:19:16)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-951395627-451568364-1154128064-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-951395627-451568364-1154128064-503 - Limited - Disabled)
Gemilang (S-1-5-21-951395627-451568364-1154128064-1001 - Administrator - Enabled) => C:\Users\Gemilang
Guest (S-1-5-21-951395627-451568364-1154128064-501 - Limited - Disabled)
postgres (S-1-5-21-951395627-451568364-1154128064-1006 - Limited - Enabled) => C:\Users\postgres
WDAGUtilityAccount (S-1-5-21-951395627-451568364-1154128064-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
3uTools (HKLM-x32\...\3uTools) (Version: 2.63.003 - ShangHai ZhangZheng Network Technology Co., Ltd.)
4K Video Downloader (HKLM\...\{2660FFAF-658A-461D-BD8C-2FDDEC282A95}) (Version: 4.19.2.4690 - Open Media LLC)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 22.001.20085 - Adobe)
Adobe After Effects 2022 (HKLM-x32\...\AEFT_22_2_1) (Version: 22.2.1 - Adobe Inc.)
Adobe Animate 2022 (HKLM-x32\...\FLPR_22_0_4) (Version: 22.0.4 - Adobe Inc.)
Adobe Audition 2022 (HKLM-x32\...\AUDT_22_2) (Version: 22.2 - Adobe Inc.)
Adobe Bridge 2022 (HKLM-x32\...\KBRG_12_0) (Version: 12.0 - Adobe Inc.)
Adobe Character Animator 2022 (HKLM-x32\...\CHAR_22_2) (Version: 22.2 - Adobe Inc.)
Adobe Dimension (HKLM-x32\...\ESHR_3_4_5) (Version: 3.4.5 - Adobe Inc.)
Adobe Dreamweaver 2021 (HKLM-x32\...\DRWV_21_2) (Version: 21.2 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.61 - Adobe Inc.)
Adobe Illustrator 2022 (HKLM-x32\...\ILST_26_1) (Version: 26.1 - Adobe Inc.)
Adobe InCopy 2022 (HKLM-x32\...\AICY_17_1) (Version: 17.1 - Adobe Inc.)
Adobe InDesign 2022 (HKLM-x32\...\IDSN_17_1) (Version: 17.1 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_5_1) (Version: 5.1 - Adobe Inc.)
Adobe Media Encoder 2022 (HKLM-x32\...\AME_22_0) (Version: 22.0 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_2_2) (Version: 23.2.2.325 - Adobe Inc.)
Adobe Prelude 2022 (HKLM-x32\...\PRLD_22_0) (Version: 22.0 - Adobe Inc.)
Adobe Premiere Pro 2022 (HKLM-x32\...\PPRO_22_2) (Version: 22.2 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601052}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe RoboHelp 2020 (HKLM-x32\...\RBHP_2020_5_0) (Version: 2020.5.0.71 - Adobe Inc.)
AI Noise Cancelation Audio Software (HKLM-x32\...\{ab5f014e-883d-470d-bc2d-127ef91e5611}) (Version: 2.0.3 - ASUSTek Computer Inc.)
AI Noise Cancelation Audio Software SDK (HKLM\...\{9B441197-6389-46FC-BE60-56C8B6E5ADE9}) (Version: 1.0.6 - ASUSTeK COMPUTER INC.)
AOMEI Backupper (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: 6.9.1 - AOMEI International Network Limited.)
Aplikasi Microsoft 365 untuk perusahaan - id-id (HKLM\...\O365ProPlusRetail - id-id) (Version: 16.0.16827.20104 - Microsoft Corporation)
Apple Mobile Device Support (HKLM\...\{44325855-D4CA-4994-A27A-39FE50CE6A8E}) (Version: 16.0.0.30 - Apple Inc.)
ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 5.4.8 - ASUS)
ASUS Aac_GmAcc HAL (HKLM\...\{998249B1-6913-447E-AA37-F445B8CA33D0}) (Version: 1.0.0.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_GmAcc HAL (HKLM-x32\...\{fd4cf3d0-9937-417e-89b4-56658158819a}) (Version: 1.0.0.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.5.1.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{abfbf014-002d-46b1-9257-522cc3b507f0}) (Version: 2.5.1.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.2.12.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{fe2996bf-7174-4ad7-af8c-3e8e510c8263}) (Version: 1.2.12.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.3.26.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{b351ae91-a5dd-4741-8830-883dddd22eb7}) (Version: 1.3.26.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.20 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 3.1.1.0 - ASUSTeK Computer Inc.)
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.1.48.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{79497ebd-229a-42ac-9410-87264af2e929}) (Version: 1.1.48.0 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.35 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{193a2068-8738-4276-ab1b-9133f9403487}) (Version: 1.0.35 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{B8F984F2-7887-4DD2-8D96-F9A4BC5A4AC5}) (Version: 1.1.0.45 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{559342ce-3e0f-4daf-bd9f-dfb67f065c28}) (Version: 1.1.0.45 - ASUSTek COMPUTER INC.) Hidden
ASUS Smart Display Control (HKLM-x32\...\{8714A8D1-0F08-4681-9DF6-A8C4607A58B4}) (Version: 1.8.0 - ASUSTek COMPUTER INC.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.103 - ASUSTeK Computer Inc.) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.28 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.28 - ASUS)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.06.14 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{7818852d-4182-406d-946b-7b54067ff419}) (Version: 3.06.14 - ASUSTeK Computer Inc.)
AutoCAD 2022 Help - English (HKLM\...\{28B89EEF-5134-0409-0100-CF3F3A09B77D}) (Version: 24.1.51.0 - Autodesk) Hidden
AutoCAD Open in Desktop (HKLM\...\{1C66A0B0-784E-4777-97B3-93F843D1C8CF}) (Version: 1.0.20.0 - Autodesk)
Autodesk AutoCAD 2022 - English (HKLM\...\{1E7D4EF7-A28E-3D3E-BA3C-C6FAE4AAB2E0}) (Version: 24.1.51.0 - Autodesk, Inc.)
Autodesk Desktop Connect Service (HKLM\...\{FC772454-BB19-0000-0810-44B459520227}) (Version: 8.1.0 - Autodesk)
Autodesk Guided Tutorial Plugin (HKLM\...\{B3AFC608-D811-0003-0840-21FB25B48D6E}) (Version: 8.4.0 - Autodesk)
Autodesk Inventor Content Center Libraries 2022 (Desktop Content) (HKLM\...\{B46DECD1-2664-4EF1-0000-22D71E81877C}) (Version: 26.0.15300.0000 - Autodesk,Inc.) Hidden
Autodesk Inventor Professional 2022 - English (HKLM\...\{15FAE334-7AC7-3147-BA02-CD075026EA49}) (Version: 26.0.15300.0000 - Autodesk, Inc.)
Autodesk Inventor Professional 2022 (HKLM\...\{7F4DD591-2664-0001-0000-7107D70F3DB4}) (Version: 26.20.28700.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2022 English Language Pack (HKLM\...\{7F4DD591-2664-0001-1033-7107D70F3DB4}) (Version: 26.20.28700.0000 - Autodesk) Hidden
Autodesk Material Library 2022 (HKLM-x32\...\{A9221A68-5AD0-4215-B54F-CB5DBA4FB27C}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2022 (HKLM-x32\...\{6256584F-B04B-41D4-8A59-44E70940C473}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2022 (HKLM-x32\...\{490259AE-1021-4BED-B74B-162151EC45C7}) (Version: 20.3.7.0 - Autodesk)
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.18.0.0 - Autodesk, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.8.6078 - Avast Software)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.7.0.1064 - BlueStack Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\BlueStacks X) (Version: 0.15.1.8 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cheat Engine 7.4 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
Cisco Webex Meetings (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\ActiveTouchMeetingClient) (Version: 42.7.2 - Cisco Webex LLC)
CPUID CPU-Z 2.00 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.00 - CPUID, Inc.)
Discord (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Discord) (Version: 1.0.9004 - Discord Inc.)
Docs (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\333a815699e4057996ab80cae2c7ea65) (Version: 1.0 - Google\Chrome)
EndNote 20 (HKLM-x32\...\{86B3F2D6-AC2B-0020-8AE1-F2F77F781B0C}) (Version: 20.2.1.15749 - Clarivate Analytics)
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
f.lux (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Flux) (Version: 4.124 - f.lux Software LLC)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Gmail (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\79bb58570c5d3b2050e404bfc69ffb46) (Version: 1.0 - Google\Chrome)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 116.0.5845.188 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 81.0.5.0 - Google LLC)
Google Drive (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\e5afe625fe30ea62a3d7213e099a286b) (Version: 1.0 - Google\Chrome)
Google Earth Pro (HKLM\...\{F27DBA46-80E1-4858-9285-19198FFFBF3D}) (Version: 7.3.6.9345 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Hard Disk Sentinel 6.01.9 (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 6.01.9 - LR)
iCloud Outlook (HKLM\...\{AC76D136-36CC-4606-8361-4939FE5D2381}) (Version: 14.2.0.108 - Apple Inc.)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Language Pack 1.0-5 (HKLM\...\Language Pack 1.0-5) (Version: 1.0-5 - EnterpriseDB)
Language Pack 2.0-1 (HKLM\...\Language Pack 2.0-1) (Version: 2.0-1 - EnterpriseDB)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LINE (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\LINE) (Version: 8.3.0.3189 - LINE Corporation)
LINGO 18.0/x64 (HKLM\...\{C76711E3-5FEB-4A14-B19C-DF20A270D78A}) (Version: 18.0 - Lindo Systems Inc)
MathType 7 (HKLM-x32\...\DSMT7) (Version: 7.4.9 - WIRIS)
Mendeley Reference Manager 2.90.0 (HKLM\...\b4b58389-01e4-5dfd-9842-aad36733657a) (Version: 2.90.0 - Mendeley)
Microsoft .NET Core Host - 3.1.10 (x64) (HKLM\...\{52B42932-15C1-45D4-8904-FC3117EEE69B}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Host - 3.1.22 (x64) (HKLM\...\{B343AEBD-9A5A-40B7-A032-81163019A913}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.10 (x64) (HKLM\...\{752B4412-A129-4CB2-AD96-B6D97EAD3090}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.22 (x64) (HKLM\...\{87DE9382-0F95-4768-98B8-BB5C1AB2B94F}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.10 (x64) (HKLM\...\{396D7BC8-E3C8-4B3E-8C60-D50D94FDF09D}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.10 (x64) (HKLM-x32\...\{4714dd0a-ebab-4f59-a708-f8d7a793b3f5}) (Version: 3.1.10.29419 - Microsoft Corporation)
Microsoft .NET Core Runtime - 3.1.22 (x64) (HKLM\...\{44D628C6-14F5-48F2-89F9-6C0A5FF2B9F0}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.10 (x64) (HKLM\...\{0222FFF1-57A3-48A6-9AD2-0D6B5D0172B3}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.0 (x64) (HKLM\...\{BE6438FD-8DCE-46CF-9678-825A064DAAAA}) (Version: 56.3.50341 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.10 (x64) (HKLM\...\{A93C4E12-1BAB-4CFB-ADBC-9CE0B93176FF}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.0 (x64) (HKLM\...\{F8BC94FF-FF0C-4226-AE0A-811960F93DF7}) (Version: 56.3.50341 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.10 (x64) (HKLM\...\{A2A39CB9-677D-4299-8537-C00B99F3D4A4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.0 (x64) (HKLM\...\{A17DDA5A-F944-4E22-B578-FB860C604D21}) (Version: 56.3.50341 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16827.20104 - Microsoft Corporation)
Microsoft 365 - id-id (HKLM\...\O365HomePremRetail - id-id) (Version: 16.0.16827.20104 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.16827.20104 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.10 - Shared Framework (HKLM-x32\...\{6efe3294-03d8-4977-9c67-9f57ab075130}) (Version: 3.1.10.20520 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.10 Shared Framework (x64) (HKLM\...\{7BEAA207-E3EB-3948-BBB3-336B04D8A2F1}) (Version: 3.1.10.20520 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.36 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.36 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{5F9345E2-76B2-4639-AD3B-DB2ABC716930}) (Version: 17.1.0.1 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.191.0912.0001 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.16827.20104 - Microsoft Corporation)
Microsoft OneNote - id-id (HKLM\...\OneNoteFreeRetail - id-id) (Version: 16.0.16827.20104 - Microsoft Corporation)
Microsoft Project - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.16827.20104 - Microsoft Corporation)
Microsoft Project - id-id (HKLM\...\ProjectPro2019Retail - id-id) (Version: 16.0.16827.20104 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\Teams) (Version: 1.6.00.21970 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{AF47B488-9780-4AB5-A97E-762E28013CA6}) (Version: 5.71.0.0 - Microsoft Corporation)
Microsoft Visio - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.16827.20104 - Microsoft Corporation)
Microsoft Visio - id-id (HKLM\...\VisioPro2019Retail - id-id) (Version: 16.0.16827.20104 - Microsoft Corporation)
Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.22 (x64) (HKLM\...\{D5C6F442-F51D-4D15-82C1-61E3435BA3C8}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.22 (x64) (HKLM-x32\...\{68de94b9-46ac-495e-a96b-de484c02f5b3}) (Version: 3.1.22.30721 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM\...\{3EC7701F-54F2-491D-AFD1-0395F465BC5A}) (Version: 48.43.48870 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM-x32\...\{ff748137-9c9a-4056-be0a-48c7e465453c}) (Version: 6.0.10.31726 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.0 (x64) (HKLM\...\{192E20E1-D873-40DC-9D0B-0E46E651C583}) (Version: 56.3.50353 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.0 (x64) (HKLM-x32\...\{01b47e23-4226-4094-9c19-400f12efee57}) (Version: 7.0.0.31819 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minitab 20 (HKLM\...\{336CC890-F3BC-4B96-AEFF-817A9311BC32}) (Version: 20.4.0.0 - Minitab, LLC) Hidden
Minitab Modules - 1.1.0.0 (HKLM\...\Minitab Modules 1.1.0.0) (Version: 1.1.0.0 - Minitab, LLC)
Minitab Modules (HKLM\...\{3D40BE5D-6F15-40CC-9C78-49E0F18AEEF3}) (Version: 1.1.0.0 - Minitab, LLC) Hidden
Minitab Statistical Software (x64) - 20.4.0.0 (HKLM\...\Minitab 20 20.4.0.0) (Version: 20.4.0.0 - Minitab, LLC)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 117.0.1 (x64 en-US)) (Version: 117.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 98.0.1 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.6 - Notepad++ Team)
Npgsql 3.2.6 (HKLM-x32\...\Npgsql 3.2.6-3) (Version: 3.2.6-3 - EnterpriseDB)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 496.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.49 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16827.20014 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16827.20056 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20302 - Microsoft Corporation) Hidden
PEM-HTTPD 2.4.51 (HKLM-x32\...\PEM-HTTPD 2.4.51-1) (Version: 2.4.51-1 - EnterpriseDB)
PgBouncer 1.16.1 (HKLM-x32\...\PgBouncer 1.16.1-1) (Version: 1.16.1-1 - EnterpriseDB)
pgJDBC 42.2.18 (HKLM-x32\...\pgJDBC 42.2.18-1) (Version: 42.2.18-1 - EnterpriseDB)
PostgreSQL 14  (HKLM\...\PostgreSQL 14) (Version: 14 - PostgreSQL Global Development Group)
PowerToys (Preview) (HKLM\...\{A15ACEAE-DA57-4B2D-9703-0F4903BD47E6}) (Version: 0.65.0 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKLM-x32\...\{264f3d27-62de-4965-9989-61dbca983fb9}) (Version: 0.65.0 - Microsoft Corporation)
psqlODBC 13.00.0000 (HKLM\...\psqlODBC 13.00.0000-2) (Version: 13.00.0000-2 - EnterpriseDB)
psqlODBC_x64 (HKLM\...\{3F8971B0-061B-4163-9D3F-EA94151B2FCF}) (Version: 09.06.0504 - PostgreSQL Global Development Group)
RefreshRateService (HKLM-x32\...\{7E5E84CB-B190-4658-A4DC-166779C329D1}) (Version: 2.1.0 - ASUSTeK COMPUTER INC.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: 1.0.21.3540 - Clarivate Analytics)
REX Framework (HKLM\...\{A24E5DBF-7C6F-4589-AE67-2D1049C4308E}) (Version: 22.0.0.4732 - Autodesk, Inc.) Hidden
REX Inventor (HKLM\...\{E275D930-1604-48A1-AFE2-051611A24D0C}) (Version: 22.0.0.4732 - Autodesk, Inc.) Hidden
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.1.5.0 - ASUSTek COMPUTER INC.)
RSA Engine (HKLM\...\{ADAA8BDF-54E8-42DF-9ABB-BDC12511B176}) (Version: 22.0.0.8230 - Autodesk, Inc.) Hidden
Safe Exam Browser (HKLM-x32\...\{9f9bd00b-6aa3-4355-89b6-0cb3e06bf552}) (Version: 3.4.1.505 - ETH Zürich)
Safe Exam Browser (x64) (HKLM\...\{0362300A-104C-4D80-A876-D184992AFA3F}) (Version: 3.4.1.505 - ETH Zürich) Hidden
ScummVM 2.7.0 (HKLM\...\ScummVM_is1) (Version: 2.7.0 - The ScummVM Team)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 15.0.0 - ShareX Team)
Sheets (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\5a39133f85c99212399815cb52a21d58) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\9b651c49b5cead03e7253b5fd1eaaf22) (Version: 1.0 - Google\Chrome)
Snap Camera 1.20.0 (HKLM-x32\...\{024A6CF5-627D-497F-980B-B9A6EC5C40AF}_is1) (Version: 1.20.0 - Snap Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tableau 2020.1 (20201.20.0427.1803) (HKLM\...\{B799E038-5677-465E-BBBD-AD9893164071}) (Version: 20.1.649 - Tableau Software) Hidden
Tableau 2020.1 (20201.20.0427.1803) (HKLM-x32\...\{d735f49a-acac-43df-ba88-d7586215c7b9}) (Version: 20.1.649 - Tableau Software)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.32771 - Microsoft Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.44.0 - TechPowerUp)
Telegram Desktop version 4.2 (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.2 - Telegram FZ-LLC)
The Henry Stickmin Collection (HKLM-x32\...\The Henry Stickmin Collection_is1) (Version:  - )
There Is No Game : Wrong Dimension (HKLM-x32\...\1271319284_is1) (Version: v1.0.33 - GOG.com)
Those Games (HKLM-x32\...\Those Games_is1) (Version:  - )
TP-Link TL-WN725N Driver (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 2.1.0 - TP-Link)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Webex (HKLM\...\{5CC80054-A009-5663-B923-1150326C6939}) (Version: 42.7.0.22904 - Cisco Systems, Inc)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
YouTube (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\cf16dcc87e2e62563ce2a395b28b42fe) (Version: 1.0 - Google\Chrome)
Zoom (HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\ZoomUMX) (Version: 5.15.7 (20303) - Zoom Video Communications, Inc.)
 
Packages:
=========
Adobe Acrobat DC -> C:\Program Files\Adobe\Acrobat DC [2022-03-24] ()
Adobe XD -> C:\Program Files\WindowsApps\Adobe.XD_49.0.12.14_x64__pc75e8sa7ep4e [2022-03-23] (Adobe Inc.)
Adobe-Fresco -> C:\Program Files\WindowsApps\Adobe.Fresco_3.2.1.756_x64__pc75e8sa7ep4e [2022-03-24] (Adobe Inc.)
AppleInc.iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa [2023-09-01] (Apple Inc.) [Startup Task]
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5185.0_x64__8j3eq9eme6ctt [2023-09-15] (INTEL CORP) [Startup Task]
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.6.10.0_x64__qmba6cd70vzyy [2023-08-27] (ASUSTeK COMPUTER INC.)
AURA Creator -> C:\Program Files\WindowsApps\B9ECED6F.AURACreator_3.6.9.0_x64__qmba6cd70vzyy [2023-06-17] (ASUSTeK COMPUTER INC.)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Corporation)
DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.11.14.0_x64__t5j2fzbtdg37r [2023-03-31] (DTS, Inc.)
freda epub ebook reader -> C:\Program Files\WindowsApps\5957Turnipsoft.freda_5.0.4.0_x64__ypmq2qh89vmny [2023-09-02] (Turnipsoft)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-21] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-09-15] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.20.3002.0_x64__8wekyb3d8bbwe [2023-09-21] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.3.7.0_x64__8wekyb3d8bbwe [2023-09-12] (Microsoft Studios)
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.26.0_x64__qmba6cd70vzyy [2023-09-21] (ASUSTeK COMPUTER INC.)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-03-28] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-10] (NVIDIA Corp.)
Power BI Desktop -> C:\Program Files\WindowsApps\Microsoft.MicrosoftPowerBIDesktop_2.121.762.0_x64__8wekyb3d8bbwe [2023-09-21] (Microsoft Corporation)
PowerToys ImageResizer Context Menu -> C:\Program Files\PowerToys\modules\ImageResizer [2023-02-05] (Microsoft)
PowerToys PowerRename Context Menu -> C:\Program Files\PowerToys\modules\PowerRename [2023-02-05] (Microsoft)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.39.282.0_x64__dt26b99r8h8gj [2023-05-10] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-25] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0 [2023-09-03] (Spotify AB) [Startup Task]
Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_4.9.7.0_x64__t4vj0pshhgkwm [2023-09-15] (Telegram Messenger LLP) [Startup Task]
TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2023.1.0.0_x64__v826wp6bftszj [2023-07-12] (Charles Milette) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2023-09-19] (Twitter Inc.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2337.7.0_x64__cv1g1gvanyjgm [2023-09-21] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-09-15] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2022-03-23] (win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\RxAppCtrl.Ocx (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Gemilang\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23199.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\Gemilang\AppData\Local\WebEx\WebEx64\Meetings\atucfobj.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2022\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{36B27788-A8BB-4698-A756-DF9F11F64F84}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{3f5d0051-61b8-0f45-6166-996cfb4f914f}\localserver32 -> C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\RxAppDocView.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{45769bcc-e8fd-42d0-947e-02beef77a1f5}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MarkdownPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\RxAppDocView.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\RxTest.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{65570159-E729-471B-854A-6A8C60CC3CE5} -> [iCloud Drive] => C:\Users\Gemilang\iCloudDrive [2023-08-19 08:19]
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DtCp.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\RxAppCtrl.Ocx (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\UCxTextBtn.Ocx (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\UCxTextBtn.Ocx (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2022\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{8BC8AFC2-4E7C-4695-818E-8C1FFDCEA2AF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.StlThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2022\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{afbd5a44-2520-4ae0-9224-6cfce8fe4400}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MonacoPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\Inventor.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{BFEE99B4-B74D-4348-BCA5-E757029647FF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodeThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\RxApprenticeServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Gemilang\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{ddee2b8a-6807-48a6-bb20-2338174ff779}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\RxInventorUtilities.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2022\en-US\acadficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E31E89F4-48B6-424D-B32F-7F1ABA791230} -> [iCloud Photos] => C:\Users\Gemilang\Pictures\iCloud Photos\Photos [2023-08-19 08:19]
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{ec52dea8-7c9f-4130-a77b-1737d0418507}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodePreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DTInterop.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F4363F9D-3BBA-46AC-ABFE-F27977981DA8}\localserver32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\ApprenticeServerHost.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\InvResc.dll (Autodesk, Inc. -> Autodesk)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\InvTXTStack.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2022\Bin\DTInterop.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-951395627-451568364-1154128064-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2021-03-03] (Tonec Inc. -> Tonec FZE)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-23] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-23] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-23] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-23] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-19] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2021-01-29] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.191.0912.0001\FileSyncShell64.dll [2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2021-01-29] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-09-26] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-23] (Google LLC -> Google, Inc.)
ContextMenuHandlers2: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2022-12-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2022-12-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerToys.PowerRenameExt.dll [2022-12-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.191.0912.0001\FileSyncShell64.dll [2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-23] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.191.0912.0001\FileSyncShell64.dll [2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-23] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvamig.inf_amd64_e3377401dd616a66\nvshext.dll [2023-08-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6_S-1-5-21-951395627-451568364-1154128064-1001: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} => C:\Program Files\Autodesk\Inventor 2022\Bin\DtBridge.dll [2021-10-25] (Autodesk, Inc. -> Autodesk, Inc.)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2011-05-13] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2011-05-13] (Electronic Arts -> On2.com)
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\Gemilang\Front\SQL Shell (psql).lnk -> C:\Program Files\PostgreSQL\14\scripts\runpsql.bat ()
Shortcut: C:\Users\Gemilang\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
ShortcutWithArgument: C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 3" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 3" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 3" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 3" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 3" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 3" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Gemilang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Gemilang (University) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"
 
==================== Loaded Modules (Whitelisted) =============
 
2022-11-19 08:13 - 2022-09-01 09:47 - 000522240 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ac_node_addon\prebuilds\win32-ia32\node.napi.node
2022-11-19 08:13 - 2022-09-01 09:47 - 000520192 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2022-11-19 08:13 - 2022-09-01 09:47 - 000483328 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\node-system-fonts\build\Release\system-fonts.node
2022-11-19 08:13 - 2022-09-01 09:47 - 000510464 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2022-11-19 08:13 - 2022-09-01 09:47 - 000786432 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\usb-detection\prebuilds\win32-ia32\node.napi.node
2022-04-01 21:07 - 2021-06-22 14:41 - 000014336 _____ () [File not signed] C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\libamcbconsole.dll
2022-11-19 08:13 - 2022-06-08 10:33 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2022-03-23 17:03 - 2021-10-22 16:56 - 000122880 _____ () [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\bin\pcre.dll
2022-03-23 17:17 - 2016-01-07 12:29 - 002528264 _____ () [File not signed] C:\Program Files (x86)\PgBouncer\bin\libevent-2-0-5.dll
2022-03-23 17:03 - 2021-10-22 18:45 - 000161792 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\bin\libapr-1.dll
2022-03-23 17:03 - 2021-10-22 18:45 - 000029696 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\bin\libapriconv-1.dll
2022-03-23 17:03 - 2021-10-22 18:45 - 000228352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\bin\libaprutil-1.dll
2022-03-23 17:03 - 2021-10-22 18:46 - 000372224 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\bin\libhttpd.dll
2022-03-23 17:03 - 2021-10-22 18:33 - 000014336 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_access_compat.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000012800 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_actions.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000017920 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_alias.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_allowmethods.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_asis.so
2022-03-23 17:03 - 2021-10-22 18:32 - 000016896 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_auth_basic.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_authn_core.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000012800 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_authn_file.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000020480 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_authz_core.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000014848 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_authz_groupfile.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000014848 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_authz_host.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_authz_user.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000032768 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_autoindex.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000022528 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_cgi.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000014336 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_dir.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000012800 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_env.so
2022-03-23 17:03 - 2021-10-22 18:34 - 000041472 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_include.so
2022-03-23 17:03 - 2021-10-22 18:34 - 000026624 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_isapi.so
2022-03-23 17:03 - 2021-10-22 18:34 - 000027136 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_log_config.so
2022-03-23 17:03 - 2021-10-22 18:34 - 000019456 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_mime.so
2022-03-23 17:03 - 2021-10-22 18:34 - 000031232 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_negotiation.so
2022-03-23 17:03 - 2021-10-22 18:34 - 000015872 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_setenvif.so
2022-03-23 17:03 - 2021-10-22 18:33 - 000023552 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\edb\pem\httpd\apache\modules\mod_socache_shmcb.so
2023-09-19 20:27 - 2023-09-19 20:27 - 001030144 _____ (Microsoft Corporation) [File not signed] C:\Users\Gemilang\AppData\Local\LINE\bin\current\dbghelp.dll
2022-03-30 12:50 - 2023-09-15 08:36 - 000483328 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\gameplatformservices.dll
2022-03-23 07:17 - 2022-03-23 07:17 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\Fusion\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_none_ffd3ce2ff7491d9e\8.0\8.0.50727.6229\vcomp.dll
2022-03-23 17:17 - 2021-09-20 17:59 - 002112000 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\PgBouncer\bin\libcrypto-1_1.dll
2022-03-23 17:17 - 2021-09-20 17:59 - 000505344 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\PgBouncer\bin\libssl-1_1.dll
2022-03-27 19:58 - 2022-07-25 23:02 - 003409408 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Snap Inc\Snap Camera\libcrypto-1_1-x64.dll
2022-03-27 19:58 - 2022-07-25 23:02 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Snap Inc\Snap Camera\libssl-1_1-x64.dll
2023-08-07 15:01 - 2023-08-07 15:01 - 002506752 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Gemilang\AppData\Local\LINE\Data\plugin\LineMediaPlayer\1.2.0.504\libcrypto-1_1.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
 
==================== Association (Whitelisted) =================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-951395627-451568364-1154128064-1001\Software\Classes\regfile:  <==== ATTENTION
HKU\S-1-5-21-951395627-451568364-1154128064-1001\Software\Classes\.reg:  =>  <==== ATTENTION
HKU\S-1-5-21-951395627-451568364-1154128064-1001\Software\Classes\.bat:  =>  <==== ATTENTION
HKU\S-1-5-21-951395627-451568364-1154128064-1001\Software\Classes\.cmd:  =>  <==== ATTENTION
HKU\S-1-5-21-951395627-451568364-1154128064-1001\Software\Classes\.scr: AutoCADScriptFile => 
 
==================== Internet Explorer (Whitelisted) ==========
 
SearchScopes: HKU\S-1-5-21-951395627-451568364-1154128064-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: No Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-03-03] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-23] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-23] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-23] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-23] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\sharepoint.com -> hxxps://slb001-files.sharepoint.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2021-06-05 19:08 - 2023-08-30 10:34 - 000003358 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 license.piriform.com
0.0.0.0 license-api.ccleaner.com
0.0.0.0 www.ccleaner.com
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
127.0.0.1 rosettastone.com
127.0.0.1 launch.rosettastone.com
127.0.0.1 amp.rosettastone.com
127.0.0.1 resources.rosettastone.com
127.0.0.1 updates.rosettastone.com
0.0.0.0 www.aomeitech.com
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
109.94.209.70      fitgirl-repacks-site.org        # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks-site.org    # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
109.94.209.70      fitgirlrepacks.pro              # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.pro          # Fake FitGirl site
109.94.209.70      fitgirlrepacks.in               # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.in           # Fake FitGirl site
109.94.209.70      fitgirlrepacks.co               # Fake FitGirl site
109.94.209.70      fitgirl-repacks.cc              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.to              # Fake FitGirl site
109.94.209.70      fitgirl-repack.com              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.website         # Fake FitGirl site
109.94.209.70      fitgirlrepack.games             # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.co           # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.cc          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.to          # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.com          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.website     # Fake FitGirl site
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\PostgreSQL\14\bin;C:\Program Files\PostgreSQL\14\lib;;C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1;C:\Program Files\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\LINGO64_18\
HKU\S-1-5-21-951395627-451568364-1154128064-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-951395627-451568364-1154128064-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-951395627-451568364-1154128064-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\startupreg: Adobe CCXProcess => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
MSCONFIG\startupreg: CiscoMeetingDaemon => C:\Users\Gemilang\AppData\Local\WebEx\WebexHost.exe  /daemon /runFrom=autorun
MSCONFIG\startupreg: CiscoSpark => C:\Users\Gemilang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk
MSCONFIG\startupreg: com.squirrel.Teams.Teams => C:\Users\Gemilang\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"  
MSCONFIG\startupreg: Riot Vanguard => C:\Program Files\Riot Vanguard\vgtray.exe
HKLM\...\StartupApproved\Run: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run: => "Bdagent"
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_BE73F2B5F9E1C5FF36A1C35A954710F1"
HKU\S-1-5-21-951395627-451568364-1154128064-1001\...\StartupApproved\Run: => "GoogleDriveFS"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{161C8E50-FEB1-444F-BC03-DBF409A7D7B2}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{EEC16079-3E8A-4857-B0A1-22D5F0996AC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{2A25E36D-356D-40C8-8F8C-BB43AA44F2DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{49342FEA-39A2-4125-9451-E1CCB8511CB5}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{EAA950F6-7FA2-4037-ACDC-279D2F35E6C2}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{3909B37F-1303-4ED3-8CC6-B4282875DEB0}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{D671B26D-3C8C-4713-B644-D05FED6EAF56}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{B9E65163-B660-4591-8DC1-1F46AE975D38}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{8D46FEA0-109E-4AE5-A227-8A39DAE530F9}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{E2C387C9-DB7F-40C8-9547-0F4FCE54FDF0}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{16726B73-5B2E-4476-8CDB-90C5D2AC3F8C}] => (Allow) C:\Program Files\Autodesk\Desktop Connect\forever\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [{AB68F1D4-3E48-4362-BB37-91C759A340D7}] => (Allow) C:\Users\Gemilang\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7F2D708D-C6B3-4F07-87CD-F5A06B1A3B81}] => (Allow) C:\Users\Gemilang\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{54BD4E8E-C7DE-41FC-8A34-1E6FE6353237}] => (Allow) C:\Users\Gemilang\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7D548736-0ADE-471B-88FA-27B3F979884C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Soundpad\Soundpad.exe (Arthur Lepp -> Leppsoft)
FirewallRules: [{1F6B01FA-750E-4982-B48A-138ED08A974D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Soundpad\Soundpad.exe (Arthur Lepp -> Leppsoft)
FirewallRules: [{232294EF-A9FC-4298-9B9C-C441EFF89C23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{D66D82A5-19DF-46BF-B239-66B82D7F71E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{603A629C-4EA1-4D0B-8D61-C0521174985C}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{D616E3E0-1A7B-4C3A-821A-138B2AD3CD13}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5049C013-BC2A-4574-BF5C-3FADC20CE3E6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E2A66B30-EAA3-4E76-8705-803C3B449635}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{4020DCD9-9CC7-4AFE-9C00-5B9BB146BE55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{C466E1C2-5081-49E7-98EA-FB4D4D912F90}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FFBC7DEF-C059-4178-95F6-711EA7532623}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D6542950-36E3-4B0D-AA73-62815C14E68E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FFB353D9-7A31-4FA3-8151-95E344209720}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{847C68C0-D187-4084-8074-CD55DFBC5182}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{9E0BD86B-2F2A-4068-8F10-35CA06FA2233}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1DDBF8CB-EDAF-48D7-B6F0-7DECB9FF38EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E1E21A62-1677-4AED-9D19-3AF912016DA1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BF8AE65B-49BD-45B9-A650-0BCAACF8249D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BFAD42D8-C8B3-48BE-BD2A-328B1D703020}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EC3EB195-F943-42D8-812E-E5B32F8AA185}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F77E024-FAF4-4311-AFAD-A652D6EDED56}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{A5001983-5911-4333-855E-539F46B10B29}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{0A501412-C1C4-4183-9999-864AC82206FC}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{1ADD811D-2DA1-412C-BD14-E900519C714F}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{AE2B98D5-4764-424D-ACC0-9E18B1D163DA}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{B1B12B00-F502-449B-8FD7-384BB0982BF5}] => (Allow) LPort=80
FirewallRules: [{84C81114-FD5F-4F42-A736-D9412D711224}] => (Allow) LPort=27015
FirewallRules: [{3FF4C3B8-3D03-4601-B274-1B1972C5FE02}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5124C688-5B7B-4938-A121-F9AE8CA6F636}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E9096474-32BF-4E37-A899-4F33A35098FD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E1839A84-2555-4752-80EC-B83C99968066}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8ED30367-E189-48C1-8F29-3C3172AF91C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{7F82EF69-D231-46D8-8124-EF6873E5739F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{5885752F-FEE7-4D50-9ADA-8F33FC560C83}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA562442-141D-4B85-88DA-D7218CF9FB93}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8B8F1D64-302A-464A-81CF-1ED5EB5A3BAC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2DEC091A-4D8E-4C9B-B30D-1D0A71628AC0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{18FBC924-A0A2-4DD8-AE42-D41F6DE6E683}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9160104A-3474-49B4-8EEA-C9AE637248B6}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{D3DAA3D5-D049-412D-8BF8-282C91D3F4FC}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{95325AA0-E38F-42C5-902F-579C5CEF2857}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{58C4752E-8804-4452-B554-1C1202E1C66F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5D1E2CFB-6235-47EC-BF2D-C4AFC511CB2B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5F10042D-0223-426D-8CA8-029E0BE9A1D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{37A2F7DA-83FD-449E-B0D1-647457F7D15A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1EA035BB-38E0-4C9D-93A4-13DAF778A134}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1863B743-7D18-4C3A-B701-6B1BBA9CFEF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E6526D23-1C06-4919-B8D8-40C8F2B14FBE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1661AC89-35A4-4689-A32C-DE10EA827914}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4BFA7158-64A8-454E-BF02-3E2B101988C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EAF31836-89AA-4F6B-AAB3-9E799B06D7B5}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6EBF1E77-99A9-4DA4-A14E-75B9F89EDB56}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D26BC514-BC38-4604-9997-13D643579E3D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A2AA048C-A9AB-4BC2-9DC9-519102476A14}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{781A0F12-C465-42C9-BB0F-CA3B6A0B4DF1}] => (Allow) C:\Program Files (x86)\Botas\Catawba.exe => No File
FirewallRules: [{E8F14475-F3FD-4878-9FF0-8B843183E477}] => (Allow) C:\Program Files (x86)\Klan\Catawba.exe => No File
FirewallRules: [{D71CE86E-6FD3-4279-BF23-6DF7264480CA}] => (Allow) C:\Program Files (x86)\istanbul\Statuettes.exe => No File
FirewallRules: [{14C6BD61-BDDF-463B-B2FE-DBBB5A07C051}] => (Allow) C:\Program Files (x86)\Klan\Statuettes.exe => No File
FirewallRules: [{873758A5-E799-4DE2-A63E-2D91D69264D8}] => (Allow) C:\Users\Gemilang\AppData\Local\Catawba.exe => No File
FirewallRules: [{C41B75BD-0CA0-4C6E-855B-E57E4CE47459}] => (Allow) C:\Users\Gemilang\AppData\Local\Statuettes.exe => No File
FirewallRules: [{41DD04A8-FBB2-4ADF-A585-302F7851721C}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{438DB360-D46E-4327-B40B-6F1E34563D81}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{70B8016B-ACDD-437B-BED0-D60B397FB3A3}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.26.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{9DD23260-30FE-42F3-A737-DF3607F1F942}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.26.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{8D2F5BC4-5C39-4340-83C3-98B3DFCEAD5F}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.26.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{4DB409DA-D6AB-4651-AAC6-0219DF235F69}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.26.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{3058BEC1-7BFD-4C47-BE76-22E673FF1A4C}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{D8F3366E-FC8C-4040-9A69-9562C1047208}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{A8053DB3-7F69-475B-877D-C4B3D13DD542}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{7679182F-AEE0-4AD4-A6A1-4B9E90F38180}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{7ADB0BB4-17BF-4E50-94BF-A446875B913C}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{C83872F4-99F7-4219-97A5-2868A95F9FEA}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{E20A559F-3D42-4317-BE51-93C3DCA3D1BB}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{F193623C-4A20-4061-884B-CEFEB4BD6AFF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.36\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
 
==================== Restore Points =========================
 
21-09-2023 21:25:01 Windows Update
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (09/23/2023 12:05:59 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: LAPTOP-IG4RR8R0)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).
 
Error: (09/21/2023 09:10:12 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-IG4RR8R0)
Description: Faulting application name: ESETOnlineScanner.exe, version: 10.23.31.0, time stamp: 0x61e82da2
Faulting module name: WININET.dll, version: 11.0.22621.608, time stamp: 0x56e0463f
Exception code: 0xc0000005
Fault offset: 0x002cca44
Faulting process id: 0x0x7a18
Faulting application start time: 0x0x1d9ec95547886f2
Faulting application path: C:\Users\Gemilang\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Faulting module path: C:\WINDOWS\SYSTEM32\WININET.dll
Report Id: 27fa247a-8e4f-481d-a2c9-08c9153ec9ad
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/21/2023 09:09:46 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-IG4RR8R0)
Description: Faulting application name: ESETOnlineScanner.exe, version: 10.23.31.0, time stamp: 0x61e82da2
Faulting module name: WININET.dll, version: 11.0.22621.608, time stamp: 0x56e0463f
Exception code: 0xc0000005
Fault offset: 0x002cca44
Faulting process id: 0x0x7adc
Faulting application start time: 0x0x1d9ec9544ce5acf
Faulting application path: C:\Users\Gemilang\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Faulting module path: C:\WINDOWS\SYSTEM32\WININET.dll
Report Id: feaaa953-b395-400e-bccf-4a904407c0d8
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/21/2023 09:09:30 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-IG4RR8R0)
Description: Faulting application name: ESETOnlineScanner.exe, version: 10.23.31.0, time stamp: 0x61e82da2
Faulting module name: WININET.dll, version: 11.0.22621.608, time stamp: 0x56e0463f
Exception code: 0xc0000005
Fault offset: 0x002cca44
Faulting process id: 0x0xfc0
Faulting application start time: 0x0x1d9ec953a248d83
Faulting application path: C:\Users\Gemilang\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Faulting module path: C:\WINDOWS\SYSTEM32\WININET.dll
Report Id: cfc78c1d-17b4-4df4-80fd-a57862c14e3f
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/21/2023 09:09:25 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-IG4RR8R0)
Description: Faulting application name: ESETOnlineScanner.exe, version: 10.23.31.0, time stamp: 0x61e82da2
Faulting module name: WININET.dll, version: 11.0.22621.608, time stamp: 0x56e0463f
Exception code: 0xc0000005
Fault offset: 0x002cca44
Faulting process id: 0x0xfdc
Faulting application start time: 0x0x1d9ec9537dc7e71
Faulting application path: C:\Users\Gemilang\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Faulting module path: C:\WINDOWS\SYSTEM32\WININET.dll
Report Id: cf8aee8a-f041-42fc-a8cd-77321d1c7e0e
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/21/2023 09:09:05 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-IG4RR8R0)
Description: Faulting application name: ESETOnlineScanner.exe, version: 10.23.31.0, time stamp: 0x61e82da2
Faulting module name: WININET.dll, version: 11.0.22621.608, time stamp: 0x56e0463f
Exception code: 0xc0000005
Fault offset: 0x002cca44
Faulting process id: 0x0x36c8
Faulting application start time: 0x0x1d9ec952cad6135
Faulting application path: C:\Users\Gemilang\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Faulting module path: C:\WINDOWS\SYSTEM32\WININET.dll
Report Id: 0fa02f97-97b4-4c2c-b3f9-40747e7b5756
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/21/2023 09:08:44 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-IG4RR8R0)
Description: Faulting application name: ESETOnlineScanner.exe, version: 10.23.31.0, time stamp: 0x61e82da2
Faulting module name: WININET.dll, version: 11.0.22621.608, time stamp: 0x56e0463f
Exception code: 0xc0000005
Fault offset: 0x002cca44
Faulting process id: 0x0x78e4
Faulting application start time: 0x0x1d9ec951f98ed77
Faulting application path: C:\Users\Gemilang\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Faulting module path: C:\WINDOWS\SYSTEM32\WININET.dll
Report Id: 463ad82a-1c4b-4a3e-baee-249f984b544d
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/21/2023 09:08:07 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-IG4RR8R0)
Description: Faulting application name: ESETOnlineScanner.exe, version: 10.23.31.0, time stamp: 0x61e82da2
Faulting module name: WININET.dll, version: 11.0.22621.608, time stamp: 0x56e0463f
Exception code: 0xc0000005
Fault offset: 0x002cca44
Faulting process id: 0x0x36dc
Faulting application start time: 0x0x1d9ec95095cc671
Faulting application path: C:\Users\Gemilang\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Faulting module path: C:\WINDOWS\SYSTEM32\WININET.dll
Report Id: b6593e16-e04e-4785-a078-35b1bc68e022
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (09/23/2023 11:44:58 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Intel® Audio Service service terminated with the following service-specific error: 
The operation completed successfully.
 
Error: (09/23/2023 11:44:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The postgresql-x64-14 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (09/23/2023 11:44:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the postgresql-x64-14 service to connect.
 
Error: (09/21/2023 10:21:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Autodesk Desktop Licensing Service service failed to start due to the following error: 
The service did not start due to a logon failure.
 
Error: (09/21/2023 10:21:47 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The AdskLicensingService service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: 
The request is not supported.
 
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (09/21/2023 10:21:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Autodesk Desktop Licensing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (09/21/2023 10:21:42 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-IG4RR8R0)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.
 
Error: (09/21/2023 10:21:39 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-IG4RR8R0)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
 
Windows Defender:
================
Date: 2023-09-19 09:31:29
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: VirTool:Win32/DefenderTamperingRestore
Severity: Severe
Category: Tool
Path: regkeyvalue:_hklm\software\policies\microsoft\windows defender\real-time protection\\DisableBehaviorMonitoring
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.397.1205.0, AS: 1.397.1205.0, NIS: 0.0.0.0
Engine Version: AM: 1.1.23080.2005, NIS: 0.0.0.0 
 
Date: 2023-09-19 09:30:56
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Backdoor:Win32/Bladabindi!rfn
Severity: Severe
Category: Backdoor
Path: file:_C:\Program Files\Common Files\Adobe\Adobe XD\XD_sp.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\Avast Software\Avast\AvastSvc.exe
Security intelligence Version: AV: 1.397.1205.0, AS: 1.397.1205.0, NIS: 0.0.0.0
Engine Version: AM: 1.1.23080.2005, NIS: 0.0.0.0 
Event[0]
 
Date: 2023-09-19 07:56:30
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.361.555.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19000.8
Error code: 0x80070102
Error description: The wait operation timed out.  
 
Date: 2023-09-19 07:56:30
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.361.555.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19000.8
Error code: 0x80070102
Error description: The wait operation timed out.  
 
Date: 2023-09-19 07:35:31
Description: 
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070422
Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. 
 
Date: 2023-09-19 07:34:56
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.361.555.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19000.8
Error code: 0x80090305
Error description: The requested security package does not exist  
 
Date: 2023-09-19 07:34:56
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.361.555.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19000.8
Error code: 0x80090305
Error description: The requested security package does not exist  
 
CodeIntegrity:
===============
Date: 2023-09-23 12:06:25
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements. 
 
Date: 2023-09-23 12:05:29
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. 
 
Date: 2023-09-23 12:05:06
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. 
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends International, LLC. FX506HCB.313 03/03/2023
Motherboard: ASUSTeK COMPUTER INC. FX506HCB
Processor: 11th Gen Intel® Core™ i7-11600H @ 2.90GHz
Percentage of memory in use: 71%
Total physical RAM: 16122.84 MB
Available physical RAM: 4605.32 MB
Total Virtual: 34554.84 MB
Available Virtual: 18646.24 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:453.45 GB) (Free:131.98 GB) (Model: NVMe INTEL SSDPEKNU512GZ) (Protected) NTFS
 
\\?\Volume{58afd141-928a-413b-b6cf-94061cb99c2b}\ (RECOVERY) (Fixed) (Total:1.03 GB) (Free:0.18 GB) NTFS
\\?\Volume{ef2ad8ca-e567-474f-b631-8f0b86d4893e}\ (RESTORE) (Fixed) (Total:22 GB) (Free:6.6 GB) NTFS
\\?\Volume{76a7575b-224d-428a-a4d3-03f0abe10568}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.14 GB) FAT32
\\?\Volume{95b0e598-5cef-289f-7c39-1efdc41a6154}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{074b25c3-0749-4680-a951-09cec6ceee29}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D19BBC6F)
 
Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.
 
==================== End of Addition.txt =======================

#15 glanko

glanko
  • Topic Starter

  • Avatar image
  • Members
  • 17 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Indonesia
  • Local time:08:24 AM

Posted 23 September 2023 - 12:14 AM

Oh yeah one more thing if you look at the log I have uninstalled the app that is illegal. I forget to uninstall uTorrent but it seems ESET has take care of it. if you found any leftover illegal program basedo on log, please tell me 


Back to Virus, Trojan, Spyware, and Malware Removal Help


6 user(s) are reading this topic

0 members, 6 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Virus, Trojan, Spyware, and Malware Removal Help
  4. Privacy Policy
  5. Rules ·