Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-10-2020 Ran by Tedricospage (23-10-2020 23:02:36) Running from C:\Users\Tedricospage\Desktop\Tedrico's Page Virus Warz Windows 10 Home Version 1909 18363.1139 (X64) (2019-11-15 20:25:18) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2238509832-1734413598-1206191706-500 - Administrator - Disabled) ASPNET (S-1-5-21-2238509832-1734413598-1206191706-1008 - Limited - Enabled) DefaultAccount (S-1-5-21-2238509832-1734413598-1206191706-503 - Limited - Disabled) Guest (S-1-5-21-2238509832-1734413598-1206191706-501 - Limited - Disabled) Tedricospage (S-1-5-21-2238509832-1734413598-1206191706-1001 - Administrator - Enabled) => C:\Users\Tedricospage WDAGUtilityAccount (S-1-5-21-2238509832-1734413598-1206191706-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.20 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.445 - Adobe) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.) Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.1 - Sereby Corporation) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.8.2432 - Avast Software) AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.4.574 - Online Media Technologies Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) ClipGrab 3.8.3 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version: - Philipp Schmieder Medien) Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Complete Internet Repair 5.2.3.4118 (HKLM\...\Complete Internet Repair_is1) (Version: 5.2.3.4118 - Rizonesoft) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.218 - ALPS ELECTRIC CO., LTD.) Ditto (HKLM\...\Ditto_is1) (Version: - Scott Brogden) Dukto R6 (HKLM-x32\...\{386C0311-B146-4CE0-89E5-8469A3583156}}_is1) (Version: R6 - Emanuele Colombo) EditPad Lite 7.6.2 (HKLM\...\EditPad Lite) (Version: 7.6.2 - Just Great Software) FileZilla Client 3.39.0 (HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\FileZilla Client) (Version: 3.39.0 - Tim Kosse) GoldWave v5.58 (HKLM-x32\...\GoldWave v5.58) (Version: - ) GoldWave v6.47 (HKLM\...\GoldWave v6.47) (Version: 6.47 - GoldWave Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.111 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard) Image Resizer for Windows (64 bit) (HKLM\...\{2A1F3759-5792-469B-B895-7E29680F02F1}) (Version: 3.1.1.0 - Brice Lambson) Hidden Image Resizer for Windows (HKLM-x32\...\{92916BDF-74CB-479C-B69E-32EACB074FFE}) (Version: 3.1.1.0 - Brice Lambson) Hidden Image Resizer for Windows (HKLM-x32\...\{c624f5da-779e-4ccb-9ce1-34bc5ef0a6b9}) (Version: 3.1.1.0 - Brice Lambson) Intel(R) Chipset Device Software (HKLM-x32\...\{262e9c1d-e509-4e2a-86e8-0abb312ac2e9}) (Version: 10.1.17765.8094 - Intel(R) Corporation) Hidden Intel® Processor Identification Utility (HKLM-x32\...\{E080C732-360E-4B05-BD68-3F7BF14EEBAA}) (Version: 6.1.0731 - Intel Corporation) Hidden Intel® Processor Identification Utility (HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\Intel® Processor Identification Utility 6.1.0731) (Version: 6.1.0731 - Intel Corporation) K-Lite Mega Codec Pack 15.4.4 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.4.4 - KLCP) Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains) MAGIX Speed burnR (HKLM\...\{7DD2A1F0-CF00-400A-99CA-C87DAD1659E8}) (Version: 7.0.1.27 - MAGIX Software GmbH) Hidden Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.51 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.49 - ) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{4ffaf7b8-a84a-4813-840c-8b1f1343ae54}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{dd1e9bde-2ad6-4e92-8c07-7d4723eab8b8}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation) Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 76.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 76.0.1 (x64 en-US)) (Version: 76.0.1 - Mozilla) Mp3tag v2.90a (HKLM-x32\...\Mp3tag) (Version: 2.90a - Florian Heidenreich) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.6 - Notepad++ Team) Opera Stable 67.0.3575.115 (HKLM-x32\...\Opera 67.0.3575.115) (Version: 67.0.3575.115 - Opera Software) Opera Stable 71.0.3770.284 (HKLM-x32\...\Opera 71.0.3770.284) (Version: 71.0.3770.284 - Opera Software) Plex Media Player (HKLM\...\{FF2E9C64-BC1C-444A-877F-CD1E6859D5E7}) (Version: 2.38.0 - Plex) Hidden Plex Media Player (HKLM-x32\...\{44178877-ef64-48cd-a94b-0b8468c30741}) (Version: 2.38.0 - Plex) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.2 r3111 - Rainmeter) Real Dominoes (HKLM-x32\...\Real Dominoes_is1) (Version: 1.0 - GameTop Pte. Ltd.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.75 - REALTEK Semiconductor Corp.) Revo Uninstaller 2.1.7 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.7 - VS Revo Group, Ltd.) Stardock Start10 (HKLM-x32\...\Stardock Start10) (Version: 1.56 - Stardock Software, Inc.) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{E1D7CB46-BAE9-4D58-99C4-582332B1755A}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden VEGAS Pro 15.0 (HKLM\...\{52C15761-973A-11E8-B4FA-00155D6302F2}) (Version: 15.0.387 - VEGAS) Video Win Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com) VinylMaster 4.2 - US Cutter Edition (2020-01-02) (HKLM-x32\...\{E2A0C318-67F7-4AF5-AB4E-CF14591F16AB}_is1) (Version: - Future Corporation Ltd) Vivaldi (HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\Vivaldi) (Version: 2.10.1745.27 - Vivaldi Technologies AS.) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) Packages: ========= Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-04-28] (Instagram) Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2020-04-28] (Keeper Security Inc) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-04-28] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-28] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-28] (Microsoft Corporation) [MS Ad] Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-04-28] (Microsoft Corporation) Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2020-04-28] (Plex) Your Phone -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20101.78.0_x64__8wekyb3d8bbwe [2020-10-22] (Microsoft Corporation) [Startup Task] ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellExecuteHooks-x32: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-09] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => -> No File ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => -> No File ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => -> No File ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => -> No File ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => -> No File ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-17] (Notepad++ -> ) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-09] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2018-05-26] (Open Source Developer, Brice Lambson -> Brice Lambson) ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => -> No File ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-09-23] (Florian Heidenreich) [File not signed] ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2015-04-06] (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [File not signed] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed] ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] () [File not signed] ContextMenuHandlers1: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-09-23] (Florian Heidenreich) [File not signed] ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-09] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-10-23] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => -> No File ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-09-23] (Florian Heidenreich) [File not signed] ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed] ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] () [File not signed] ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-09] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => -> No File ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-10-23] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed] ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] () [File not signed] ContextMenuHandlers6: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Tedricospage\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2" ShortcutWithArgument: C:\Users\Tedricospage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Hangouts (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=knipolnnllmklapflnccelgolnpehhpl ShortcutWithArgument: C:\Users\Tedricospage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Tedrico - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ==================== Loaded Modules (Whitelisted) ============= 2017-11-02 17:17 - 2011-03-02 12:40 - 000164864 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll 2018-09-23 07:23 - 2018-09-23 07:23 - 000424448 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll 2020-10-20 13:12 - 2020-10-20 13:12 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6229_none_8a167c0b2edeae4c\ATL80.DLL 2018-02-03 17:28 - 2015-04-06 17:05 - 000151376 _____ (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [File not signed] C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll 2017-07-18 11:39 - 2017-08-23 22:12 - 001653712 _____ (Stardock Corporation -> Stardock Software, Inc) [File not signed] [File is in use] C:\Program Files (x86)\Stardock\Start10\Start10_64.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://go.microsoft.com/fwlink/p/?LinkId=255141 HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP SearchScopes: HKU\S-1-5-21-2238509832-1734413598-1206191706-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-2238509832-1734413598-1206191706-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 BHO: No Name -> {AE7CD045-E861-484f-8273-0445EE161910} -> No File BHO: No Name -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> No File Toolbar: HKLM - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\download.microsoft.com -> hxxp://download.microsoft.com IE trusted site: HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\download.windowsupdate.com -> hxxp://download.windowsupdate.com IE trusted site: HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\download.windowsupdate.com -> hxxps://download.windowsupdate.com IE trusted site: HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\microsoft.com -> hxxp://ntservicepack.microsoft.com IE trusted site: HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\ntservicepack.microsoft.com -> hxxp://ntservicepack.microsoft.com IE trusted site: HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\update.microsoft.com -> hxxp://update.microsoft.com IE trusted site: HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\update.microsoft.com -> hxxps://update.microsoft.com IE trusted site: HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\windows.com -> hxxp://wustat.windows.com IE trusted site: HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\windowsupdate.com -> hxxp://download.windowsupdate.com IE trusted site: HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\windowsupdate.com -> hxxps://download.windowsupdate.com IE trusted site: HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com IE trusted site: HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\ws.microsoft.com -> hxxp://ws.microsoft.com IE trusted site: HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\ws.microsoft.com -> hxxps://ws.microsoft.com IE trusted site: HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\wustat.windows.com -> hxxp://wustat.windows.com ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2020-10-20 13:27 - 2020-10-20 13:27 - 000000836 _____ C:\WINDOWS\system32\drivers\etc\hosts 2018-01-07 07:27 - 2018-01-07 20:03 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tedricospage\AppData\Roaming\Rainmeter\Wallpaper.bmp DNS Servers: 75.75.75.75 - 75.75.76.76 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\Services: ExpressVpnService => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: RNDBWM => 2 MSCONFIG\Services: SmartByte Network Service x64 => 2 MSCONFIG\Services: SpyHunter 4 Service => 2 HKLM\...\StartupApproved\Run: => "Kernel and Hardware Abstraction Layer" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "GrooveMonitor" HKLM\...\StartupApproved\Run32: => "DivXMediaServer" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "DSATray" HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\StartupApproved\Run: => "Vivaldi Update Notifier" HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\StartupApproved\Run: => "ExpressVPN4" HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\StartupApproved\Run: => "OneDriveSetup" HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\StartupApproved\Run: => "Speech Recognition" HKU\S-1-5-21-2238509832-1734413598-1206191706-1001\...\StartupApproved\Run: => "Unified Remote V3" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{82805D71-54E1-436A-B88D-1CFA7566C658}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe () [File not signed] FirewallRules: [UDP Query User{B7570E90-6CBA-4D77-BA6A-979C75AD7190}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe () [File not signed] FirewallRules: [{33F6AF3D-442B-40AC-B287-93EE40889640}] => (Block) C:\program files\ditto\ditto.exe () [File not signed] FirewallRules: [{0504FCD9-2C5E-4906-AEEC-4899DFA78807}] => (Block) C:\program files\ditto\ditto.exe () [File not signed] FirewallRules: [{6E18E413-D898-4962-B133-F88CA0082A9E}] => (Allow) C:\Program Files\Opera\71.0.3770.284\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{C81BAEBF-F22F-43D8-A6BB-EB311F321E9B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 05-10-2020 07:05:40 Windows Update 09-10-2020 09:46:40 Windows Update 14-10-2020 17:30:03 Windows Update 18-10-2020 08:47:14 Windows Update 20-10-2020 09:53:50 Removed HitFilm Movie Essentials Pack 23-10-2020 10:10:09 Windows Update 23-10-2020 22:20:28 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (10/23/2020 11:01:21 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (5568,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (10/23/2020 10:49:15 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (220,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (10/23/2020 10:27:02 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (5364,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (10/23/2020 10:12:14 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (1944,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (10/23/2020 09:30:21 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY) Description: Product: Microsoft Office Enterprise 2007 - Update 'Microsoft Office 2007 Service Pack 3 (SP3)' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (10/23/2020 09:30:12 PM) (Source: MsiInstaller) (EventID: 11326) (User: NT AUTHORITY) Description: Product: Microsoft Office Enterprise 2007 -- Error 1326.Error getting file security: C:\ProgramData\Microsoft\OFFICE\DATA\ GetLastError: 5 Error: (10/23/2020 07:34:35 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3256,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (10/23/2020 07:33:58 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY) Description: Product: Microsoft Office Enterprise 2007 - Update 'Microsoft Office 2007 Service Pack 3 (SP3)' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127 System errors: ============= Error: (10/23/2020 09:30:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: The 2007 Microsoft Office Suite Service Pack 3 (SP3). Error: (10/23/2020 07:34:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: The 2007 Microsoft Office Suite Service Pack 3 (SP3). Error: (10/23/2020 10:11:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80246010: The 2007 Microsoft Office Suite Service Pack 3 (SP3). Error: (10/20/2020 01:52:31 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service SecurityHealthService with arguments "Unavailable" in order to run the server: {8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0} Error: (10/20/2020 01:52:31 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service SecurityHealthService with arguments "Unavailable" in order to run the server: {8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0} Error: (10/20/2020 01:29:50 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: The aswbIDSAgent service did not shut down properly after receiving a preshutdown control. Error: (10/20/2020 01:29:43 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service SecurityHealthService with arguments "Unavailable" in order to run the server: {8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0} Error: (10/20/2020 01:29:43 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service SecurityHealthService with arguments "Unavailable" in order to run the server: {8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0} CodeIntegrity: =================================== Date: 2020-10-23 22:50:37.807 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-10-23 22:50:37.512 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-10-23 22:44:54.261 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-10-23 22:44:54.175 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-10-23 22:44:54.051 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-10-23 22:13:24.407 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-10-23 21:25:32.007 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-10-23 19:28:30.352 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== BIOS: Dell Inc. A05 08/03/2012 Motherboard: Dell Inc. 01HXXJ Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz Percentage of memory in use: 44% Total physical RAM: 8100.27 MB Available physical RAM: 4475.28 MB Total Virtual: 9380.27 MB Available Virtual: 5855.27 MB ==================== Drives ================================ Drive c: (DellSpace9) (Fixed) (Total:595.35 GB) (Free:82.36 GB) NTFS ==>[drive with boot components (obtained from BCD)] \\?\Volume{372ad470-0000-0000-0000-60d694000000}\ () (Fixed) (Total:0.82 GB) (Free:0.38 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 372AD470) Partition 1: (Active) - (Size=595.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=841 MB) - (Type=27) ==================== End of Addition.txt =======================