Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2019
Ran by lenovo (administrator) on LENOVO-PC (LENOVO 7829E78) (30-10-2019 19:16:54)
Running from C:\Users\lenovo\Downloads
Loaded Profiles: lenovo (Available Profiles: lenovo)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avanquest Software SAS -> Avanquest Software) C:\Users\lenovo\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\Vpn.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\83.4.152\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\83.4.152\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\83.4.152\QtWebEngineProcess.exe
(Fortemedia Inc -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Smart Defrag\Pub\PubMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo -> Lenovo) C:\Program Files\lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\TPKNRSVC.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12632168 2011-07-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6210368 2019-10-15] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3575293515-844785542-2696234256-1000\...\Run: [Avanquest Message] => C:\Users\lenovo\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe********************************************************** [497664 2018-06-13] () [File not signed]
HKU\S-1-5-21-3575293515-844785542-2696234256-1000\...\Run: [Advanced SystemCare 12] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3419920 2019-09-09] (IObit Information Technology -> IObit)
HKU\S-1-5-21-3575293515-844785542-2696234256-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3575293515-844785542-2696234256-1000\...\MountPoints2: {ecad4994-319f-11e8-9cc2-e4d53dc927e4} - E:\OnePlus_setup.exe /s
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.70\Installer\chrmstp.exe [2019-10-30] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll [2013-05-14] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll [2013-05-14] (Broadcom Corporation -> Broadcom Corporation.)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2019-07-04]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {000F42F7-CC96-476C-96D1-011E098AF4D5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2349384 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {16AE906E-DA07-47B4-B096-041DCC25704E} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [3007760 2019-04-24] (IObit Information Technology -> IObit)
Task: {27BBF342-C624-42AD-BFE8-5955E0DB9C2D} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-08-01] (Lenovo -> )
Task: {2F9C9FA5-B113-42C3-8EDF-0FDE660A37C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-07] (Google Inc -> Google LLC)
Task: {30B17F2F-4BFA-4742-86EE-0828E5F1F0E3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27289376 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {59B54144-72DD-47D1-A8DC-A6BB657B4356} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.0.2\Scheduler.exe [149776 2019-09-24] (IObit Information Technology -> IObit)
Task: {5F59DDAC-DD8C-4BC8-A0FD-D9BDCDDC03A8} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1390472 2019-10-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {603620E6-D74D-4006-AF23-050DD2D9F004} - System32\Tasks\Driver Booster SkipUAC (lenovo) => C:\Program Files (x86)\IObit\Driver Booster\7.0.2\DriverBooster.exe [7656208 2019-09-24] (IObit Information Technology -> IObit)
Task: {6D2689AF-F3A3-4F20-9162-331B332B9816} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [156432 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {703B9994-089A-4AD5-B744-CFA2FE340694} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [314128 2018-05-02] (IObit Information Technology -> IObit)
Task: {883A5D6F-215A-413C-8136-2ABA60C65C21} - System32\Tasks\ASC12_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [3164944 2019-08-28] (IObit Information Technology -> IObit)
Task: {89AA6146-567B-45D0-8D0D-68F0031C497D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-07] (Google Inc -> Google LLC)
Task: {8BEF58DC-D3D4-4ADC-AF50-2CFA0DF6326D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2170264 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {8ED8C46D-0CB9-4485-B6D8-88A90FC7E78D} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {8F32B1A8-07EA-40EC-BE2D-59917B8770DA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8F37DF7C-4BFF-4C61-9121-3360DBB56465} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {953C6A88-37CE-4D2F-A567-76922F9EC4B6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27289376 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {963132F7-BA95-41FF-AD60-B27FF0A52188} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [6438536 2017-02-08] (Hewlett Packard -> HP Inc.)
Task: {9770CE64-9EB7-429D-A5F1-28A2C7E8CCBA} - System32\Tasks\Uninstaller_SkipUac_lenovo => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [5900560 2019-09-10] (IObit Information Technology -> IObit)
Task: {9F6AF851-C8AD-4AFC-9EB5-E6D43FA1F6AF} - System32\Tasks\Software Updater SkipUAC(lenovo) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4177680 2019-08-23] (IObit Information Technology -> IObit) <==== ATTENTION
Task: {A8A89EEC-0B38-4195-AAE3-22E465139F18} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-08-01] (Lenovo -> )
Task: {B2530848-2184-48D2-8816-BB32DCC5B7A3} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [5849872 2019-07-05] (IObit Information Technology -> IObit)
Task: {BB8D3D5A-8F5E-492C-B25D-D17D8E62BACB} - System32\Tasks\ASC12_SkipUac_lenovo => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [8737040 2019-09-09] (IObit Information Technology -> IObit)
Task: {CD0E2D8C-EA54-4278-BF91-7E22FB8106DA} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [264984 2017-06-09] (Lenovo -> )
Task: {D6C03FC2-0E94-4B46-96E5-6F7B817AF0FB} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2018-10-24] (Garmin International, Inc. -> )
Task: {E51E9B54-E78B-4B2E-90CE-B1E6D4E5EB23} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E610A486-5EFF-4EAD-B8EB-A79031401E15} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [156432 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {E9F09F56-5771-4B49-A34D-01091F438693} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2170264 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {EDBE8AF9-9EB8-4F7A-B266-F019EEDB8249} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1791248 2019-08-16] (IObit Information Technology -> IObit Software updater) <==== ATTENTION
Task: {EDCD1D72-E631-4920-82F6-93B3FCED2EEE} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4177680 2019-08-23] (IObit Information Technology -> IObit)
Task: {F2C32B0D-F054-4184-83EE-E8F2F25A1182} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10197784 2017-06-09] (Lenovo -> Lenovo)
Task: {FA94A395-BF47-458B-A103-E9191925796D} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [4378152 2019-06-27] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FADB819C-F4DC-4406-B2B6-42F7C96BADF9} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321240 2017-06-09] (Lenovo -> Lenovo)
Task: {FBB0147C-21EF-4A47-B953-8EDC3C00922C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7B3FE18B-0D6B-48C7-A516-5034C738F5A2}: [NameServer] 1.1.1.1,8.8.8.8
Tcpip\..\Interfaces\{7B3FE18B-0D6B-48C7-A516-5034C738F5A2}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://uk.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_17_23¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dgb%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0D0ByDyDzytDzz0E0Czz0B0F0EyDtN0D0Tzu0StCzyzztBtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtB0B0C0D0EtC0DtGtA0B0B0BtGtCzzyD0CtGtDyEyCyDtGtCtA0FzytByEtCyCyE0B0EtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAyDzyyCtBtC0DtG0BtAtBtBtGyEyEtBzztGzy0EtD0DtGyDtAzz0F0CtByCtByEyE0F0E2QtN0A0LzuyE%26cr%3D1833779635%26a%3Dwncy_iobitfs_17_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-3575293515-844785542-2696234256-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_16_41¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0D0ByDyDzytDzz0E0Czz0B0F0EyDtN0D0Tzu0StCyByEzztN1L2XzutAtFtByEtFtByCtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyD0EyEtCtA0FtAtCtGyCtC0DtDtG0F0B0AyBtGtC0AyByDtGtAtBzyyDtAtAtD0BtCtB0E0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAyDzyyCtBtC0DtG0BtAtBtBtGyEyEtBzztGzy0EtD0DtGyDtAzz0F0CtByCtByEyE0F0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEzyyD%26cr%3D775398792%26a%3Dwncy_iobitfs_16_41%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_16_41¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0D0ByDyDzytDzz0E0Czz0B0F0EyDtN0D0Tzu0StCyByEzztN1L2XzutAtFtByEtFtByCtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyD0EyEtCtA0FtAtCtGyCtC0DtDtG0F0B0AyBtGtC0AyByDtGtAtBzyyDtAtAtD0BtCtB0E0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAyDzyyCtBtC0DtG0BtAtBtBtGyEyEtBzztGzy0EtD0DtGyDtAzz0F0CtByCtByEyE0F0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEzyyD%26cr%3D775398792%26a%3Dwncy_iobitfs_16_41%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_17_23¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0D0ByDyDzytDzz0E0Czz0B0F0EyDtN0D0Tzu0StCzyzztBtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtB0B0C0D0EtC0DtGtA0B0B0BtGtCzzyD0CtGtDyEyCyDtGtCtA0FzytByEtCyCyE0B0EtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAyDzyyCtBtC0DtG0BtAtBtBtGyEyEtBzztGzy0EtD0DtGyDtAzz0F0CtByCtByEyE0F0E2QtN0A0LzuyE%26cr%3D1833779635%26a%3Dwncy_iobitfs_17_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_17_23¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0D0ByDyDzytDzz0E0Czz0B0F0EyDtN0D0Tzu0StCzyzztBtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtB0B0C0D0EtC0DtGtA0B0B0BtGtCzzyD0CtGtDyEyCyDtGtCtA0FzytByEtCyCyE0B0EtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAyDzyyCtBtC0DtG0BtAtBtBtGyEyEtBzztGzy0EtD0DtGyDtAzz0F0CtByCtByEyE0F0E2QtN0A0LzuyE%26cr%3D1833779635%26a%3Dwncy_iobitfs_17_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_17_23¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0D0ByDyDzytDzz0E0Czz0B0F0EyDtN0D0Tzu0StCzyzztBtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtB0B0C0D0EtC0DtGtA0B0B0BtGtCzzyD0CtGtDyEyCyDtGtCtA0FzytByEtCyCyE0B0EtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAyDzyyCtBtC0DtG0BtAtBtBtGyEyEtBzztGzy0EtD0DtGyDtAzz0F0CtByCtByEyE0F0E2QtN0A0LzuyE%26cr%3D1833779635%26a%3Dwncy_iobitfs_17_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3575293515-844785542-2696234256-1000 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3575293515-844785542-2696234256-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={CB0D8B0E-F7AA-438B-B4C9-000BCA19CE75}&mid=85b852bd206147cdb185755e7761e5eb-38090134b81d7cd71d07cdcdf6f00aad59ab94a0&lang=en&ds=AVG&coid=avgtbavg&cmpid=0215pit&pr=fr&d=2015-04-29 12:41:36&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3575293515-844785542-2696234256-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_17_23¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0D0ByDyDzytDzz0E0Czz0B0F0EyDtN0D0Tzu0StCzyzztBtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtB0B0C0D0EtC0DtGtA0B0B0BtGtCzzyD0CtGtDyEyCyDtGtCtA0FzytByEtCyCyE0B0EtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAyDzyyCtBtC0DtG0BtAtBtBtGyEyEtBzztGzy0EtD0DtGyDtAzz0F0CtByCtByEyE0F0E2QtN0A0LzuyE%26cr%3D1833779635%26a%3Dwncy_iobitfs_17_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2019-06-20] (IObit Information Technology -> IObit)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2019-03-28] (IObit Information Technology -> IObit)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: eny2y7ey.default
FF ProfilePath: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5gkk1aui.default-release [2019-10-30]
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5gkk1aui.default-release\Extensions\
[email protected] [2019-03-26]
FF Extension: (Avast Online Security) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5gkk1aui.default-release\Extensions\
[email protected] [2019-10-04]
FF ProfilePath: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\eny2y7ey.default [2019-10-30]
FF user.js: detected! => C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\eny2y7ey.default\user.js [2018-03-22]
FF Homepage: Mozilla\Firefox\Profiles\eny2y7ey.default -> hxxps://www.facebook.com/|hxxps://outlook.live.com/owa/|hxxps://accounts.google.com/signin/v2/identifier?service=cl&passive=1209600&osid=1&continue=https%3A%2F%2Fcalendar.google.com%2Fcalendar%2Frender&followup=https%3A%2F%2Fcalendar.google.com%2Fcalendar%2Frender&scc=1&flowName=GlifWebSignIn&flowEntry=ServiceLogin
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\eny2y7ey.default\Extensions\
[email protected] [2019-03-26]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\eny2y7ey.default\Extensions\
[email protected] [2019-04-11] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (Avast Online Security) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\eny2y7ey.default\Extensions\
[email protected] [2019-10-07]
FF Extension: (Flash and Video Download) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\eny2y7ey.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-08-29]
FF Extension: (Flash Video Player for Facebook™) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\eny2y7ey.default\Extensions\{d0bfdcce-52c7-4b32-bb45-948f62db8d3f}.xpi [2018-02-16]
FF HKU\S-1-5-21-3575293515-844785542-2696234256-1000\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: (ThinkVantage Password Manager) - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2017-12-14] [Legacy] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
Chrome:
=======
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=U452DF&PC=U452&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=U452DF&PC=U452&query={searchTerms}
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default [2019-10-30]
CHR Extension: (Slides) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-07]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aodojjhnfnfhaplflfohfddffmjkdjak [2019-07-29]
CHR Extension: (Docs) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-07]
CHR Extension: (Google Drive) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-07]
CHR Extension: (YouTube) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-07]
CHR Extension: (Sheets) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-07]
CHR Extension: (Google Docs Offline) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-07]
CHR Extension: (Avast Online Security) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-16]
CHR Extension: (Apple iTunes For PC) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jokpjmmholmjcknnpplenafffabgkobb [2019-10-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-07]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-30]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService12; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1266448 2019-09-10] (IObit Information Technology -> IObit)
S3 Agent; C:\Program Files\Agent\Agent.exe [1643096 2018-06-15] (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> DeveloperInABox)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10287216 2019-07-27] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11636808 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-08] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-08] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-10-15] (Dropbox, Inc -> Dropbox, Inc.)
S3 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-03-07] (Realsil Microelectronics Inc.) [File not signed]
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2019-08-23] (IObit Information Technology -> IObit)
R2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [774552 2018-07-14] (Lenovo -> Lenovo.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2011-05-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [6828424 2019-10-23] (AVAST Software s.r.o. -> AVAST Software)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [268328 2019-06-27] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [90560 2018-05-17] (Alcorlink Corp. -> Alcorlink Corp.)
R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscFileFilter.sys [25512 2018-09-20] (IObit Information Technology -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscRegistryFilter.sys [25000 2018-07-04] (IObit Information Technology -> IObit)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [276952 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R3 cpuz143; C:\Windows\temp\cpuz143\cpuz143_x64.sys [48960 2019-10-30] (CPUID -> CPUID)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-01-08] (Martin Malik - REALiX -> REALiX)
R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win7_x64.sys [14680 2018-07-04] (IObit Information Technology -> IObit)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [25992 2019-07-30] (IObit CO., LTD -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUProcessFilter.sys [19280 2019-07-30] (IObit CO., LTD -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegistryFilter.sys [31648 2019-07-30] (IObit CO., LTD -> IObit)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11534096 2018-01-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R0 PMDRVS; C:\Windows\System32\DRIVERS\pmdrvs.sys [43208 2018-07-14] (Lenovo -> Lenovo.)
S3 RtlvVga; C:\Windows\System32\DRIVERS\RtlvVga.sys [11920 2014-03-18] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit Information Technology -> IObit)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated -> Synaptics Incorporated)
S3 tapsurfshark; C:\Windows\System32\DRIVERS\tapsurfshark.sys [36544 2019-05-22] (Surfshark Ltd. -> The OpenVPN Project)
S4 IMFMBRProtect; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFMBRProtect.sys [X]
S4 IMFSafeBox; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFSafeBox.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-30 19:13 - 2019-10-30 19:17 - 000038808 _____ C:\Users\lenovo\Downloads\FRST.txt
2019-10-30 19:08 - 2019-10-30 19:17 - 000000000 ____D C:\FRST
2019-10-30 19:07 - 2019-10-30 19:08 - 001619456 _____ (Farbar) C:\Users\lenovo\Downloads\FRST64.exe
2019-10-30 16:11 - 2019-10-30 16:11 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\lenovo\Downloads\rkill.exe
2019-10-30 13:45 - 2019-10-30 13:45 - 000000000 ____D C:\Users\lenovo\AppData\Local\GoToAssist Remote Support Customer
2019-10-30 09:39 - 2019-10-30 09:39 - 000000000 ____H C:\asc_rdflag
2019-10-28 20:02 - 2019-10-29 11:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-27 21:33 - 2019-10-30 18:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-10-27 21:04 - 2019-10-27 21:27 - 000000000 ____D C:\Users\lenovo\Documents\Micks Photos
2019-10-26 09:38 - 2019-10-26 09:42 - 002310656 _____ C:\Users\lenovo\Documents\homeo.pub
2019-10-22 19:53 - 2019-10-22 19:53 - 000058953 _____ C:\Users\lenovo\Desktop\business sign.pdf
2019-10-19 13:39 - 2019-10-11 02:22 - 000338944 _____ (Microsoft Corporation) C:\Windows\system32\sipnotify.exe
2019-10-19 13:10 - 2019-10-19 13:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-10-17 11:26 - 2019-10-17 11:26 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-10-17 11:26 - 2019-10-17 11:26 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000802816 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000738816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000162016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-10-17 11:26 - 2019-10-17 11:26 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-10-17 10:33 - 2019-10-17 10:33 - 000116224 _____ C:\Users\lenovo\Desktop\business sign.pub
2019-10-15 18:05 - 2019-10-15 18:05 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-10-15 18:05 - 2019-10-15 18:05 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-10-15 18:05 - 2019-10-15 18:05 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-10-15 18:05 - 2019-10-15 18:05 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-10-11 17:13 - 2019-10-11 17:27 - 000000000 ____D C:\Users\lenovo\AppData\Local\Microsoft Corporation
2019-10-11 17:11 - 2019-10-11 17:11 - 000002165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
2019-10-11 17:11 - 2019-10-11 17:11 - 000002153 _____ C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk
2019-10-11 17:11 - 2019-10-11 17:11 - 000002153 _____ C:\ProgramData\Desktop\Windows 7 Upgrade Advisor.lnk
2019-10-11 17:11 - 2019-10-11 17:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2019-10-11 17:10 - 2019-10-11 17:10 - 008669472 _____ (Microsoft Corporation) C:\Users\lenovo\Downloads\Windows7UpgradeAdvisorSetup.exe
2019-10-11 15:26 - 2019-10-11 15:26 - 005732464 _____ (Microsoft Corporation) C:\Users\lenovo\Downloads\Setup.Def.en-US_O365HomePremRetail_063c3c93-2096-4d2e-91b8-5b89a4c7c72a_TX_DB_storeid_CFQ7TTC0K5DM_Platform_def_.exe
2019-10-08 20:57 - 2019-10-30 19:01 - 000002844 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (lenovo)
2019-10-08 20:57 - 2019-10-08 20:57 - 000003096 _____ C:\Windows\system32\Tasks\Driver Booster Scheduler
2019-10-08 20:57 - 2019-10-08 20:57 - 000002272 _____ C:\Users\Public\Desktop\Driver Booster 7.lnk
2019-10-08 20:57 - 2019-10-08 20:57 - 000002272 _____ C:\ProgramData\Desktop\Driver Booster 7.lnk
2019-10-08 20:57 - 2019-10-08 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2019-10-08 19:36 - 2019-10-06 04:12 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-10-08 19:36 - 2019-10-06 03:49 - 002909184 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-10-08 19:36 - 2019-10-06 03:47 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-10-08 19:36 - 2019-10-06 03:36 - 000797696 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-10-08 19:36 - 2019-10-06 03:34 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-10-08 19:36 - 2019-10-06 03:32 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-10-08 19:36 - 2019-10-06 03:18 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-10-08 19:36 - 2019-10-06 03:15 - 002302464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-10-08 19:36 - 2019-10-06 03:10 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-10-08 19:36 - 2019-10-06 03:05 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-10-08 19:36 - 2019-10-06 02:58 - 015413760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-10-08 19:36 - 2019-10-06 02:57 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-10-08 19:36 - 2019-10-06 02:48 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-10-08 19:36 - 2019-10-06 02:45 - 013808640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-10-08 19:36 - 2019-10-06 02:45 - 001566208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-10-08 19:36 - 2019-10-06 02:35 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-10-08 19:36 - 2019-10-06 02:32 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-10-08 19:36 - 2019-09-19 04:27 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2019-10-08 19:36 - 2019-09-17 02:28 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-10-08 19:36 - 2019-09-17 02:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-10-08 19:36 - 2019-09-10 02:27 - 000383488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-10-08 19:36 - 2019-09-10 02:24 - 001281536 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-10-08 19:36 - 2019-09-10 02:24 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-10-08 19:36 - 2019-09-10 02:02 - 006135296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-10-08 19:36 - 2019-09-10 01:54 - 003231744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-10-08 19:36 - 2019-09-10 01:53 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-10-08 19:36 - 2019-09-10 00:09 - 007082496 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-10-08 19:36 - 2019-09-10 00:09 - 003187712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-10-08 19:35 - 2019-10-07 06:49 - 000390752 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-10-08 19:35 - 2019-10-07 05:57 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-10-08 19:35 - 2019-10-06 04:00 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-10-08 19:35 - 2019-10-06 04:00 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-10-08 19:35 - 2019-10-06 03:48 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-10-08 19:35 - 2019-10-06 03:47 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-10-08 19:35 - 2019-10-06 03:47 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-10-08 19:35 - 2019-10-06 03:46 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-10-08 19:35 - 2019-10-06 03:41 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-10-08 19:35 - 2019-10-06 03:40 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-10-08 19:35 - 2019-10-06 03:38 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-10-08 19:35 - 2019-10-06 03:37 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-10-08 19:35 - 2019-10-06 03:37 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-10-08 19:35 - 2019-10-06 03:36 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-10-08 19:35 - 2019-10-06 03:31 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-10-08 19:35 - 2019-10-06 03:28 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-10-08 19:35 - 2019-10-06 03:28 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-10-08 19:35 - 2019-10-06 03:23 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-10-08 19:35 - 2019-10-06 03:22 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-10-08 19:35 - 2019-10-06 03:22 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-10-08 19:35 - 2019-10-06 03:19 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-10-08 19:35 - 2019-10-06 03:19 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-10-08 19:35 - 2019-10-06 03:18 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-10-08 19:35 - 2019-10-06 03:17 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-10-08 19:35 - 2019-10-06 03:17 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-10-08 19:35 - 2019-10-06 03:17 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-10-08 19:35 - 2019-10-06 03:16 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-10-08 19:35 - 2019-10-06 03:16 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-10-08 19:35 - 2019-10-06 03:12 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-10-08 19:35 - 2019-10-06 03:12 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-10-08 19:35 - 2019-10-06 03:11 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-10-08 19:35 - 2019-10-06 03:10 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-10-08 19:35 - 2019-10-06 03:10 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-10-08 19:35 - 2019-10-06 03:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-10-08 19:35 - 2019-10-06 03:05 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-10-08 19:35 - 2019-10-06 03:03 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-10-08 19:35 - 2019-10-06 03:03 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-10-08 19:35 - 2019-10-06 03:03 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-10-08 19:35 - 2019-10-06 03:00 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-10-08 19:35 - 2019-10-06 03:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-10-08 19:35 - 2019-10-06 02:59 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-10-08 19:35 - 2019-10-06 02:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-10-08 19:35 - 2019-10-06 02:56 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-10-08 19:35 - 2019-10-06 02:56 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-10-08 19:35 - 2019-10-06 02:55 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-10-08 19:35 - 2019-10-06 02:53 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-10-08 19:35 - 2019-10-06 02:50 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-10-08 19:35 - 2019-10-06 02:49 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-10-08 19:35 - 2019-10-06 02:48 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-10-08 19:35 - 2019-10-06 02:34 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-10-08 19:35 - 2019-10-06 02:30 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-10-08 19:35 - 2019-09-17 02:32 - 004060896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-10-08 19:35 - 2019-09-17 02:32 - 003966688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-10-08 19:35 - 2019-09-17 02:32 - 000709856 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-10-08 19:35 - 2019-09-17 02:32 - 000627424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-10-08 19:35 - 2019-09-17 02:31 - 005552864 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-10-08 19:35 - 2019-09-17 02:31 - 001319496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-10-08 19:35 - 2019-09-17 02:31 - 000263904 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-10-08 19:35 - 2019-09-17 02:31 - 000155360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-10-08 19:35 - 2019-09-17 02:31 - 000096992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-10-08 19:35 - 2019-09-17 02:30 - 001670784 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:04 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-10-08 19:35 - 2019-09-17 02:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-10-08 19:35 - 2019-09-17 02:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-10-08 19:35 - 2019-09-17 02:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-10-08 19:35 - 2019-09-17 02:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-10-08 19:35 - 2019-09-17 01:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-10-08 19:35 - 2019-09-17 01:59 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-10-08 19:35 - 2019-09-17 01:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-10-08 19:35 - 2019-09-17 01:59 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-10-08 19:35 - 2019-09-17 01:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-10-08 19:35 - 2019-09-17 01:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-10-08 19:35 - 2019-09-17 01:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 01:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 01:56 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-10-08 19:35 - 2019-09-17 01:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-10-08 19:35 - 2019-09-17 01:55 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-10-08 19:35 - 2019-09-17 01:53 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-10-08 19:35 - 2019-09-17 01:53 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-10-08 19:35 - 2019-09-17 01:52 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-10-08 19:35 - 2019-09-17 01:52 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-10-08 19:35 - 2019-09-17 01:52 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-10-08 19:35 - 2019-09-17 01:52 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-10-08 19:35 - 2019-09-17 01:51 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-10-08 19:35 - 2019-09-17 01:51 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-10-08 19:35 - 2019-09-17 01:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-10-08 19:35 - 2019-09-17 01:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-10-08 19:35 - 2019-09-17 01:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-10-08 19:35 - 2019-09-17 01:51 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-10-08 19:35 - 2019-09-17 01:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-10-08 19:35 - 2019-09-17 00:13 - 000455392 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-10-08 19:35 - 2019-09-11 04:56 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-10-08 19:35 - 2019-09-11 04:56 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-10-08 19:35 - 2019-09-10 02:27 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-10-08 19:35 - 2019-09-10 02:27 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-10-08 19:35 - 2019-09-10 02:24 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-10-08 19:35 - 2019-09-10 02:24 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-10-08 19:35 - 2019-09-10 02:24 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-10-08 19:35 - 2019-09-10 02:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-10-08 19:35 - 2019-09-10 02:00 - 000361472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-10-08 19:35 - 2019-09-10 02:00 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-10-08 19:35 - 2019-09-10 02:00 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-10-08 19:35 - 2019-09-10 02:00 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-10-08 19:35 - 2019-09-10 02:00 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-10-08 19:35 - 2019-09-10 01:53 - 000152576 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-10-08 19:35 - 2019-09-10 01:53 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-10-08 19:35 - 2019-09-10 01:53 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-10-08 19:35 - 2019-09-10 01:52 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2019-10-08 19:35 - 2019-09-10 01:49 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-10-03 09:05 - 2019-10-03 09:00 - 000236024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-10-03 09:05 - 2019-10-03 09:00 - 000171520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-10-03 09:05 - 2019-10-03 08:59 - 000355720 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-30 19:04 - 2009-07-14 04:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-30 19:04 - 2009-07-14 04:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-30 19:01 - 2009-07-14 05:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-30 19:01 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\inf
2019-10-30 18:58 - 2018-01-08 20:25 - 000000908 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-10-30 18:57 - 2018-07-14 20:19 - 000000000 ____D C:\Users\lenovo\AppData\Local\AVAST Software
2019-10-30 18:54 - 2018-01-08 20:25 - 000000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-10-30 18:54 - 2018-01-08 16:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-30 18:54 - 2009-07-14 05:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-30 17:07 - 2018-01-08 16:29 - 000000000 ____D C:\Users\lenovo\AppData\LocalLow\Mozilla
2019-10-30 16:54 - 2018-02-25 20:54 - 000241152 ___SH C:\Users\lenovo\Documents\Thumbs.db
2019-10-30 16:48 - 2018-03-28 08:44 - 000000000 ____D C:\Users\lenovo\AppData\Roaming\Syncios Data Transfer
2019-10-30 09:56 - 2019-04-07 07:58 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-30 09:56 - 2019-04-07 07:58 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-10-30 09:56 - 2019-04-07 07:58 - 000002185 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-10-30 09:41 - 2017-11-30 07:15 - 000777216 ___SH C:\Users\lenovo\Desktop\Thumbs.db
2019-10-30 09:39 - 2018-01-10 20:50 - 115388416 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2019-10-30 09:39 - 2018-01-10 20:50 - 000917504 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2019-10-30 09:39 - 2018-01-10 20:50 - 000065536 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2019-10-30 09:39 - 2018-01-10 20:50 - 000028672 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2019-10-29 21:35 - 2018-01-08 17:19 - 000000000 ____D C:\ProgramData\AVAST Software
2019-10-29 12:11 - 2019-09-09 06:33 - 000002122 _____ C:\Users\Public\Desktop\IObit Software Updater.lnk
2019-10-29 12:11 - 2019-09-09 06:33 - 000002122 _____ C:\ProgramData\Desktop\IObit Software Updater.lnk
2019-10-28 09:26 - 2018-01-08 17:20 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2019-10-27 21:08 - 2016-12-04 13:00 - 000385024 ___SH C:\Users\lenovo\Downloads\Thumbs.db
2019-10-27 20:13 - 2018-10-29 09:42 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-27 20:13 - 2009-07-14 03:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-10-27 20:11 - 2018-01-08 18:39 - 000000000 ____D C:\Program Files\Microsoft Office
2019-10-25 09:05 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\rescache
2019-10-25 08:25 - 2018-04-25 13:04 - 051224576 _____ C:\Windows\system32\config\components.iodefrag.bak
2019-10-25 08:05 - 2018-01-08 17:17 - 000000000 ____D C:\ProgramData\ProductData
2019-10-23 21:22 - 2018-11-04 19:17 - 000000000 ____D C:\Users\lenovo\Desktop\poems for buzz
2019-10-23 19:53 - 2018-11-21 15:09 - 000004194 _____ C:\Windows\system32\Tasks\Avast Cleanup Update
2019-10-23 19:46 - 2019-07-04 07:08 - 000004188 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update
2019-10-19 19:57 - 2018-09-16 13:26 - 000000000 ____D C:\Users\lenovo\Documents\M Miller Quiz
2019-10-19 16:00 - 2018-01-08 16:50 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-10-19 16:00 - 2018-01-08 16:50 - 000000000 ____D C:\Windows\system32\appraiser
2019-10-19 13:13 - 2018-01-08 20:25 - 000000000 ____D C:\Users\lenovo\AppData\Local\Dropbox
2019-10-19 13:10 - 2018-01-08 20:25 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-10-17 09:09 - 2018-01-08 20:27 - 000000000 ___RD C:\Users\lenovo\Dropbox
2019-10-11 13:33 - 2018-09-11 13:16 - 000000000 ____D C:\Users\lenovo\Documents\Beeford Buzz stuff
2019-10-11 13:18 - 2016-02-14 08:26 - 000000000 ____D C:\Users\lenovo\Documents\Accounts
2019-10-10 07:58 - 2018-10-29 10:51 - 000003178 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3575293515-844785542-2696234256-1000
2019-10-10 07:58 - 2018-10-29 09:48 - 000002160 _____ C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-10-10 07:58 - 2018-10-29 09:48 - 000000000 ___RD C:\Users\lenovo\OneDrive
2019-10-08 20:55 - 2019-08-12 16:03 - 000003376 _____ C:\Windows\system32\Tasks\SU_AutoUpdate
2019-10-08 20:12 - 2019-01-20 16:35 - 000441656 _____ C:\Windows\system32\FNTCACHE.DAT
2019-10-08 20:05 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-10-08 20:00 - 2017-12-14 11:10 - 000766100 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-10-08 19:59 - 2017-12-14 13:18 - 000000000 ____D C:\Windows\system32\MRT
2019-10-08 19:54 - 2017-12-14 13:18 - 127230528 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-10-08 19:11 - 2019-04-07 07:58 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-08 19:11 - 2019-04-07 07:58 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-08 19:11 - 2018-01-08 17:21 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-03 09:08 - 2018-01-08 17:20 - 000848432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-10-03 09:08 - 2018-01-08 17:20 - 000460448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-10-03 09:00 - 2019-02-14 13:55 - 000276952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-10-03 09:00 - 2018-10-20 15:43 - 000042736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-10-03 09:00 - 2018-01-08 17:20 - 000316528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-10-03 09:00 - 2018-01-08 17:20 - 000110320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-10-03 09:00 - 2018-01-08 17:20 - 000083792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-10-03 08:59 - 2019-01-14 14:29 - 000274456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-10-03 08:59 - 2019-01-05 17:02 - 000209552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-10-03 08:59 - 2019-01-05 17:02 - 000065120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-10-03 08:59 - 2019-01-05 17:02 - 000037616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-10-03 08:59 - 2018-01-08 17:20 - 000204824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-10-21 19:52
==================== End of FRST.txt ========================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2019
Ran by lenovo (administrator) on LENOVO-PC (LENOVO 7829E78) (30-10-2019 19:16:54)
Running from C:\Users\lenovo\Downloads
Loaded Profiles: lenovo (Available Profiles: lenovo)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avanquest Software SAS -> Avanquest Software) C:\Users\lenovo\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\Vpn.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\83.4.152\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\83.4.152\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\83.4.152\QtWebEngineProcess.exe
(Fortemedia Inc -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Smart Defrag\Pub\PubMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo -> Lenovo) C:\Program Files\lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\TPKNRSVC.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12632168 2011-07-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6210368 2019-10-15] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3575293515-844785542-2696234256-1000\...\Run: [Avanquest Message] => C:\Users\lenovo\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe********************************************************** [497664 2018-06-13] () [File not signed]
HKU\S-1-5-21-3575293515-844785542-2696234256-1000\...\Run: [Advanced SystemCare 12] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3419920 2019-09-09] (IObit Information Technology -> IObit)
HKU\S-1-5-21-3575293515-844785542-2696234256-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3575293515-844785542-2696234256-1000\...\MountPoints2: {ecad4994-319f-11e8-9cc2-e4d53dc927e4} - E:\OnePlus_setup.exe /s
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.70\Installer\chrmstp.exe [2019-10-30] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll [2013-05-14] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll [2013-05-14] (Broadcom Corporation -> Broadcom Corporation.)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2019-07-04]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {000F42F7-CC96-476C-96D1-011E098AF4D5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2349384 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {16AE906E-DA07-47B4-B096-041DCC25704E} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [3007760 2019-04-24] (IObit Information Technology -> IObit)
Task: {27BBF342-C624-42AD-BFE8-5955E0DB9C2D} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-08-01] (Lenovo -> )
Task: {2F9C9FA5-B113-42C3-8EDF-0FDE660A37C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-07] (Google Inc -> Google LLC)
Task: {30B17F2F-4BFA-4742-86EE-0828E5F1F0E3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27289376 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {59B54144-72DD-47D1-A8DC-A6BB657B4356} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.0.2\Scheduler.exe [149776 2019-09-24] (IObit Information Technology -> IObit)
Task: {5F59DDAC-DD8C-4BC8-A0FD-D9BDCDDC03A8} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1390472 2019-10-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {603620E6-D74D-4006-AF23-050DD2D9F004} - System32\Tasks\Driver Booster SkipUAC (lenovo) => C:\Program Files (x86)\IObit\Driver Booster\7.0.2\DriverBooster.exe [7656208 2019-09-24] (IObit Information Technology -> IObit)
Task: {6D2689AF-F3A3-4F20-9162-331B332B9816} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [156432 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {703B9994-089A-4AD5-B744-CFA2FE340694} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [314128 2018-05-02] (IObit Information Technology -> IObit)
Task: {883A5D6F-215A-413C-8136-2ABA60C65C21} - System32\Tasks\ASC12_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [3164944 2019-08-28] (IObit Information Technology -> IObit)
Task: {89AA6146-567B-45D0-8D0D-68F0031C497D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-07] (Google Inc -> Google LLC)
Task: {8BEF58DC-D3D4-4ADC-AF50-2CFA0DF6326D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2170264 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {8ED8C46D-0CB9-4485-B6D8-88A90FC7E78D} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {8F32B1A8-07EA-40EC-BE2D-59917B8770DA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8F37DF7C-4BFF-4C61-9121-3360DBB56465} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {953C6A88-37CE-4D2F-A567-76922F9EC4B6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27289376 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {963132F7-BA95-41FF-AD60-B27FF0A52188} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [6438536 2017-02-08] (Hewlett Packard -> HP Inc.)
Task: {9770CE64-9EB7-429D-A5F1-28A2C7E8CCBA} - System32\Tasks\Uninstaller_SkipUac_lenovo => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [5900560 2019-09-10] (IObit Information Technology -> IObit)
Task: {9F6AF851-C8AD-4AFC-9EB5-E6D43FA1F6AF} - System32\Tasks\Software Updater SkipUAC(lenovo) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4177680 2019-08-23] (IObit Information Technology -> IObit) <==== ATTENTION
Task: {A8A89EEC-0B38-4195-AAE3-22E465139F18} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-08-01] (Lenovo -> )
Task: {B2530848-2184-48D2-8816-BB32DCC5B7A3} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [5849872 2019-07-05] (IObit Information Technology -> IObit)
Task: {BB8D3D5A-8F5E-492C-B25D-D17D8E62BACB} - System32\Tasks\ASC12_SkipUac_lenovo => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [8737040 2019-09-09] (IObit Information Technology -> IObit)
Task: {CD0E2D8C-EA54-4278-BF91-7E22FB8106DA} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [264984 2017-06-09] (Lenovo -> )
Task: {D6C03FC2-0E94-4B46-96E5-6F7B817AF0FB} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2018-10-24] (Garmin International, Inc. -> )
Task: {E51E9B54-E78B-4B2E-90CE-B1E6D4E5EB23} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E610A486-5EFF-4EAD-B8EB-A79031401E15} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [156432 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {E9F09F56-5771-4B49-A34D-01091F438693} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2170264 2019-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {EDBE8AF9-9EB8-4F7A-B266-F019EEDB8249} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1791248 2019-08-16] (IObit Information Technology -> IObit Software updater) <==== ATTENTION
Task: {EDCD1D72-E631-4920-82F6-93B3FCED2EEE} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4177680 2019-08-23] (IObit Information Technology -> IObit)
Task: {F2C32B0D-F054-4184-83EE-E8F2F25A1182} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10197784 2017-06-09] (Lenovo -> Lenovo)
Task: {FA94A395-BF47-458B-A103-E9191925796D} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [4378152 2019-06-27] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FADB819C-F4DC-4406-B2B6-42F7C96BADF9} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321240 2017-06-09] (Lenovo -> Lenovo)
Task: {FBB0147C-21EF-4A47-B953-8EDC3C00922C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7B3FE18B-0D6B-48C7-A516-5034C738F5A2}: [NameServer] 1.1.1.1,8.8.8.8
Tcpip\..\Interfaces\{7B3FE18B-0D6B-48C7-A516-5034C738F5A2}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://uk.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_17_23¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dgb%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0D0ByDyDzytDzz0E0Czz0B0F0EyDtN0D0Tzu0StCzyzztBtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtB0B0C0D0EtC0DtGtA0B0B0BtGtCzzyD0CtGtDyEyCyDtGtCtA0FzytByEtCyCyE0B0EtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAyDzyyCtBtC0DtG0BtAtBtBtGyEyEtBzztGzy0EtD0DtGyDtAzz0F0CtByCtByEyE0F0E2QtN0A0LzuyE%26cr%3D1833779635%26a%3Dwncy_iobitfs_17_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-3575293515-844785542-2696234256-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_16_41¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0D0ByDyDzytDzz0E0Czz0B0F0EyDtN0D0Tzu0StCyByEzztN1L2XzutAtFtByEtFtByCtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyD0EyEtCtA0FtAtCtGyCtC0DtDtG0F0B0AyBtGtC0AyByDtGtAtBzyyDtAtAtD0BtCtB0E0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAyDzyyCtBtC0DtG0BtAtBtBtGyEyEtBzztGzy0EtD0DtGyDtAzz0F0CtByCtByEyE0F0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEzyyD%26cr%3D775398792%26a%3Dwncy_iobitfs_16_41%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_16_41¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0D0ByDyDzytDzz0E0Czz0B0F0EyDtN0D0Tzu0StCyByEzztN1L2XzutAtFtByEtFtByCtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyD0EyEtCtA0FtAtCtGyCtC0DtDtG0F0B0AyBtGtC0AyByDtGtAtBzyyDtAtAtD0BtCtB0E0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAyDzyyCtBtC0DtG0BtAtBtBtGyEyEtBzztGzy0EtD0DtGyDtAzz0F0CtByCtByEyE0F0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEzyyD%26cr%3D775398792%26a%3Dwncy_iobitfs_16_41%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_17_23¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0D0ByDyDzytDzz0E0Czz0B0F0EyDtN0D0Tzu0StCzyzztBtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtB0B0C0D0EtC0DtGtA0B0B0BtGtCzzyD0CtGtDyEyCyDtGtCtA0FzytByEtCyCyE0B0EtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAyDzyyCtBtC0DtG0BtAtBtBtGyEyEtBzztGzy0EtD0DtGyDtAzz0F0CtByCtByEyE0F0E2QtN0A0LzuyE%26cr%3D1833779635%26a%3Dwncy_iobitfs_17_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_17_23¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0D0ByDyDzytDzz0E0Czz0B0F0EyDtN0D0Tzu0StCzyzztBtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtB0B0C0D0EtC0DtGtA0B0B0BtGtCzzyD0CtGtDyEyCyDtGtCtA0FzytByEtCyCyE0B0EtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAyDzyyCtBtC0DtG0BtAtBtBtGyEyEtBzztGzy0EtD0DtGyDtAzz0F0CtByCtByEyE0F0E2QtN0A0LzuyE%26cr%3D1833779635%26a%3Dwncy_iobitfs_17_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_17_23¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0D0ByDyDzytDzz0E0Czz0B0F0EyDtN0D0Tzu0StCzyzztBtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtB0B0C0D0EtC0DtGtA0B0B0BtGtCzzyD0CtGtDyEyCyDtGtCtA0FzytByEtCyCyE0B0EtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAyDzyyCtBtC0DtG0BtAtBtBtGyEyEtBzztGzy0EtD0DtGyDtAzz0F0CtByCtByEyE0F0E2QtN0A0LzuyE%26cr%3D1833779635%26a%3Dwncy_iobitfs_17_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3575293515-844785542-2696234256-1000 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3575293515-844785542-2696234256-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={CB0D8B0E-F7AA-438B-B4C9-000BCA19CE75}&mid=85b852bd206147cdb185755e7761e5eb-38090134b81d7cd71d07cdcdf6f00aad59ab94a0&lang=en&ds=AVG&coid=avgtbavg&cmpid=0215pit&pr=fr&d=2015-04-29 12:41:36&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3575293515-844785542-2696234256-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_17_23¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0D0ByDyDzytDzz0E0Czz0B0F0EyDtN0D0Tzu0StCzyzztBtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtB0B0C0D0EtC0DtGtA0B0B0BtGtCzzyD0CtGtDyEyCyDtGtCtA0FzytByEtCyCyE0B0EtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAyDzyyCtBtC0DtG0BtAtBtBtGyEyEtBzztGzy0EtD0DtGyDtAzz0F0CtByCtByEyE0F0E2QtN0A0LzuyE%26cr%3D1833779635%26a%3Dwncy_iobitfs_17_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2019-06-20] (IObit Information Technology -> IObit)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2019-03-28] (IObit Information Technology -> IObit)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: eny2y7ey.default
FF ProfilePath: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5gkk1aui.default-release [2019-10-30]
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5gkk1aui.default-release\Extensions\
[email protected] [2019-03-26]
FF Extension: (Avast Online Security) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5gkk1aui.default-release\Extensions\
[email protected] [2019-10-04]
FF ProfilePath: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\eny2y7ey.default [2019-10-30]
FF user.js: detected! => C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\eny2y7ey.default\user.js [2018-03-22]
FF Homepage: Mozilla\Firefox\Profiles\eny2y7ey.default -> hxxps://www.facebook.com/|hxxps://outlook.live.com/owa/|hxxps://accounts.google.com/signin/v2/identifier?service=cl&passive=1209600&osid=1&continue=https%3A%2F%2Fcalendar.google.com%2Fcalendar%2Frender&followup=https%3A%2F%2Fcalendar.google.com%2Fcalendar%2Frender&scc=1&flowName=GlifWebSignIn&flowEntry=ServiceLogin
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\eny2y7ey.default\Extensions\
[email protected] [2019-03-26]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\eny2y7ey.default\Extensions\
[email protected] [2019-04-11] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (Avast Online Security) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\eny2y7ey.default\Extensions\
[email protected] [2019-10-07]
FF Extension: (Flash and Video Download) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\eny2y7ey.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-08-29]
FF Extension: (Flash Video Player for Facebook™) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\eny2y7ey.default\Extensions\{d0bfdcce-52c7-4b32-bb45-948f62db8d3f}.xpi [2018-02-16]
FF HKU\S-1-5-21-3575293515-844785542-2696234256-1000\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: (ThinkVantage Password Manager) - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2017-12-14] [Legacy] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
Chrome:
=======
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=U452DF&PC=U452&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=U452DF&PC=U452&query={searchTerms}
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default [2019-10-30]
CHR Extension: (Slides) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-07]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aodojjhnfnfhaplflfohfddffmjkdjak [2019-07-29]
CHR Extension: (Docs) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-07]
CHR Extension: (Google Drive) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-07]
CHR Extension: (YouTube) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-07]
CHR Extension: (Sheets) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-07]
CHR Extension: (Google Docs Offline) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-07]
CHR Extension: (Avast Online Security) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-16]
CHR Extension: (Apple iTunes For PC) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jokpjmmholmjcknnpplenafffabgkobb [2019-10-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-07]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-30]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService12; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1266448 2019-09-10] (IObit Information Technology -> IObit)
S3 Agent; C:\Program Files\Agent\Agent.exe [1643096 2018-06-15] (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> DeveloperInABox)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10287216 2019-07-27] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11636808 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-08] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-08] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-10-15] (Dropbox, Inc -> Dropbox, Inc.)
S3 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-03-07] (Realsil Microelectronics Inc.) [File not signed]
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2019-08-23] (IObit Information Technology -> IObit)
R2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [774552 2018-07-14] (Lenovo -> Lenovo.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2011-05-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [6828424 2019-10-23] (AVAST Software s.r.o. -> AVAST Software)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [268328 2019-06-27] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [90560 2018-05-17] (Alcorlink Corp. -> Alcorlink Corp.)
R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscFileFilter.sys [25512 2018-09-20] (IObit Information Technology -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscRegistryFilter.sys [25000 2018-07-04] (IObit Information Technology -> IObit)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [276952 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R3 cpuz143; C:\Windows\temp\cpuz143\cpuz143_x64.sys [48960 2019-10-30] (CPUID -> CPUID)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-01-08] (Martin Malik - REALiX -> REALiX)
R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win7_x64.sys [14680 2018-07-04] (IObit Information Technology -> IObit)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [25992 2019-07-30] (IObit CO., LTD -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUProcessFilter.sys [19280 2019-07-30] (IObit CO., LTD -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegistryFilter.sys [31648 2019-07-30] (IObit CO., LTD -> IObit)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11534096 2018-01-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R0 PMDRVS; C:\Windows\System32\DRIVERS\pmdrvs.sys [43208 2018-07-14] (Lenovo -> Lenovo.)
S3 RtlvVga; C:\Windows\System32\DRIVERS\RtlvVga.sys [11920 2014-03-18] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit Information Technology -> IObit)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated -> Synaptics Incorporated)
S3 tapsurfshark; C:\Windows\System32\DRIVERS\tapsurfshark.sys [36544 2019-05-22] (Surfshark Ltd. -> The OpenVPN Project)
S4 IMFMBRProtect; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFMBRProtect.sys [X]
S4 IMFSafeBox; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFSafeBox.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-30 19:13 - 2019-10-30 19:17 - 000038808 _____ C:\Users\lenovo\Downloads\FRST.txt
2019-10-30 19:08 - 2019-10-30 19:17 - 000000000 ____D C:\FRST
2019-10-30 19:07 - 2019-10-30 19:08 - 001619456 _____ (Farbar) C:\Users\lenovo\Downloads\FRST64.exe
2019-10-30 16:11 - 2019-10-30 16:11 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\lenovo\Downloads\rkill.exe
2019-10-30 13:45 - 2019-10-30 13:45 - 000000000 ____D C:\Users\lenovo\AppData\Local\GoToAssist Remote Support Customer
2019-10-30 09:39 - 2019-10-30 09:39 - 000000000 ____H C:\asc_rdflag
2019-10-28 20:02 - 2019-10-29 11:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-27 21:33 - 2019-10-30 18:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-10-27 21:04 - 2019-10-27 21:27 - 000000000 ____D C:\Users\lenovo\Documents\Micks Photos
2019-10-26 09:38 - 2019-10-26 09:42 - 002310656 _____ C:\Users\lenovo\Documents\homeo.pub
2019-10-22 19:53 - 2019-10-22 19:53 - 000058953 _____ C:\Users\lenovo\Desktop\business sign.pdf
2019-10-19 13:39 - 2019-10-11 02:22 - 000338944 _____ (Microsoft Corporation) C:\Windows\system32\sipnotify.exe
2019-10-19 13:10 - 2019-10-19 13:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-10-17 11:26 - 2019-10-17 11:26 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-10-17 11:26 - 2019-10-17 11:26 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000802816 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000738816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000162016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-10-17 11:26 - 2019-10-17 11:26 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-10-17 11:26 - 2019-10-17 11:26 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-10-17 10:33 - 2019-10-17 10:33 - 000116224 _____ C:\Users\lenovo\Desktop\business sign.pub
2019-10-15 18:05 - 2019-10-15 18:05 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-10-15 18:05 - 2019-10-15 18:05 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-10-15 18:05 - 2019-10-15 18:05 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-10-15 18:05 - 2019-10-15 18:05 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-10-11 17:13 - 2019-10-11 17:27 - 000000000 ____D C:\Users\lenovo\AppData\Local\Microsoft Corporation
2019-10-11 17:11 - 2019-10-11 17:11 - 000002165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
2019-10-11 17:11 - 2019-10-11 17:11 - 000002153 _____ C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk
2019-10-11 17:11 - 2019-10-11 17:11 - 000002153 _____ C:\ProgramData\Desktop\Windows 7 Upgrade Advisor.lnk
2019-10-11 17:11 - 2019-10-11 17:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2019-10-11 17:10 - 2019-10-11 17:10 - 008669472 _____ (Microsoft Corporation) C:\Users\lenovo\Downloads\Windows7UpgradeAdvisorSetup.exe
2019-10-11 15:26 - 2019-10-11 15:26 - 005732464 _____ (Microsoft Corporation) C:\Users\lenovo\Downloads\Setup.Def.en-US_O365HomePremRetail_063c3c93-2096-4d2e-91b8-5b89a4c7c72a_TX_DB_storeid_CFQ7TTC0K5DM_Platform_def_.exe
2019-10-08 20:57 - 2019-10-30 19:01 - 000002844 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (lenovo)
2019-10-08 20:57 - 2019-10-08 20:57 - 000003096 _____ C:\Windows\system32\Tasks\Driver Booster Scheduler
2019-10-08 20:57 - 2019-10-08 20:57 - 000002272 _____ C:\Users\Public\Desktop\Driver Booster 7.lnk
2019-10-08 20:57 - 2019-10-08 20:57 - 000002272 _____ C:\ProgramData\Desktop\Driver Booster 7.lnk
2019-10-08 20:57 - 2019-10-08 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2019-10-08 19:36 - 2019-10-06 04:12 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-10-08 19:36 - 2019-10-06 03:49 - 002909184 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-10-08 19:36 - 2019-10-06 03:47 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-10-08 19:36 - 2019-10-06 03:36 - 000797696 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-10-08 19:36 - 2019-10-06 03:34 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-10-08 19:36 - 2019-10-06 03:32 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-10-08 19:36 - 2019-10-06 03:18 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-10-08 19:36 - 2019-10-06 03:15 - 002302464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-10-08 19:36 - 2019-10-06 03:10 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-10-08 19:36 - 2019-10-06 03:05 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-10-08 19:36 - 2019-10-06 02:58 - 015413760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-10-08 19:36 - 2019-10-06 02:57 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-10-08 19:36 - 2019-10-06 02:48 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-10-08 19:36 - 2019-10-06 02:45 - 013808640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-10-08 19:36 - 2019-10-06 02:45 - 001566208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-10-08 19:36 - 2019-10-06 02:35 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-10-08 19:36 - 2019-10-06 02:32 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-10-08 19:36 - 2019-09-19 04:27 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2019-10-08 19:36 - 2019-09-17 02:28 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-10-08 19:36 - 2019-09-17 02:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-10-08 19:36 - 2019-09-10 02:27 - 000383488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-10-08 19:36 - 2019-09-10 02:24 - 001281536 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-10-08 19:36 - 2019-09-10 02:24 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-10-08 19:36 - 2019-09-10 02:02 - 006135296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-10-08 19:36 - 2019-09-10 01:54 - 003231744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-10-08 19:36 - 2019-09-10 01:53 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-10-08 19:36 - 2019-09-10 00:09 - 007082496 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-10-08 19:36 - 2019-09-10 00:09 - 003187712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-10-08 19:35 - 2019-10-07 06:49 - 000390752 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-10-08 19:35 - 2019-10-07 05:57 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-10-08 19:35 - 2019-10-06 04:00 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-10-08 19:35 - 2019-10-06 04:00 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-10-08 19:35 - 2019-10-06 03:48 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-10-08 19:35 - 2019-10-06 03:47 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-10-08 19:35 - 2019-10-06 03:47 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-10-08 19:35 - 2019-10-06 03:46 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-10-08 19:35 - 2019-10-06 03:41 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-10-08 19:35 - 2019-10-06 03:40 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-10-08 19:35 - 2019-10-06 03:38 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-10-08 19:35 - 2019-10-06 03:37 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-10-08 19:35 - 2019-10-06 03:37 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-10-08 19:35 - 2019-10-06 03:36 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-10-08 19:35 - 2019-10-06 03:31 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-10-08 19:35 - 2019-10-06 03:28 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-10-08 19:35 - 2019-10-06 03:28 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-10-08 19:35 - 2019-10-06 03:23 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-10-08 19:35 - 2019-10-06 03:22 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-10-08 19:35 - 2019-10-06 03:22 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-10-08 19:35 - 2019-10-06 03:19 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-10-08 19:35 - 2019-10-06 03:19 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-10-08 19:35 - 2019-10-06 03:18 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-10-08 19:35 - 2019-10-06 03:17 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-10-08 19:35 - 2019-10-06 03:17 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-10-08 19:35 - 2019-10-06 03:17 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-10-08 19:35 - 2019-10-06 03:16 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-10-08 19:35 - 2019-10-06 03:16 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-10-08 19:35 - 2019-10-06 03:12 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-10-08 19:35 - 2019-10-06 03:12 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-10-08 19:35 - 2019-10-06 03:11 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-10-08 19:35 - 2019-10-06 03:10 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-10-08 19:35 - 2019-10-06 03:10 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-10-08 19:35 - 2019-10-06 03:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-10-08 19:35 - 2019-10-06 03:05 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-10-08 19:35 - 2019-10-06 03:03 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-10-08 19:35 - 2019-10-06 03:03 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-10-08 19:35 - 2019-10-06 03:03 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-10-08 19:35 - 2019-10-06 03:00 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-10-08 19:35 - 2019-10-06 03:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-10-08 19:35 - 2019-10-06 02:59 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-10-08 19:35 - 2019-10-06 02:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-10-08 19:35 - 2019-10-06 02:56 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-10-08 19:35 - 2019-10-06 02:56 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-10-08 19:35 - 2019-10-06 02:55 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-10-08 19:35 - 2019-10-06 02:53 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-10-08 19:35 - 2019-10-06 02:50 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-10-08 19:35 - 2019-10-06 02:49 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-10-08 19:35 - 2019-10-06 02:48 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-10-08 19:35 - 2019-10-06 02:34 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-10-08 19:35 - 2019-10-06 02:30 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-10-08 19:35 - 2019-09-17 02:32 - 004060896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-10-08 19:35 - 2019-09-17 02:32 - 003966688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-10-08 19:35 - 2019-09-17 02:32 - 000709856 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-10-08 19:35 - 2019-09-17 02:32 - 000627424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-10-08 19:35 - 2019-09-17 02:31 - 005552864 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-10-08 19:35 - 2019-09-17 02:31 - 001319496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-10-08 19:35 - 2019-09-17 02:31 - 000263904 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-10-08 19:35 - 2019-09-17 02:31 - 000155360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-10-08 19:35 - 2019-09-17 02:31 - 000096992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-10-08 19:35 - 2019-09-17 02:30 - 001670784 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 02:04 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-10-08 19:35 - 2019-09-17 02:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-10-08 19:35 - 2019-09-17 02:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-10-08 19:35 - 2019-09-17 02:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-10-08 19:35 - 2019-09-17 02:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-10-08 19:35 - 2019-09-17 01:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-10-08 19:35 - 2019-09-17 01:59 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-10-08 19:35 - 2019-09-17 01:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-10-08 19:35 - 2019-09-17 01:59 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-10-08 19:35 - 2019-09-17 01:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-10-08 19:35 - 2019-09-17 01:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-10-08 19:35 - 2019-09-17 01:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 01:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-10-08 19:35 - 2019-09-17 01:56 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-10-08 19:35 - 2019-09-17 01:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-10-08 19:35 - 2019-09-17 01:55 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-10-08 19:35 - 2019-09-17 01:53 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-10-08 19:35 - 2019-09-17 01:53 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-10-08 19:35 - 2019-09-17 01:52 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-10-08 19:35 - 2019-09-17 01:52 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-10-08 19:35 - 2019-09-17 01:52 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-10-08 19:35 - 2019-09-17 01:52 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-10-08 19:35 - 2019-09-17 01:51 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-10-08 19:35 - 2019-09-17 01:51 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-10-08 19:35 - 2019-09-17 01:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-10-08 19:35 - 2019-09-17 01:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-10-08 19:35 - 2019-09-17 01:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-10-08 19:35 - 2019-09-17 01:51 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-10-08 19:35 - 2019-09-17 01:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-10-08 19:35 - 2019-09-17 00:13 - 000455392 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-10-08 19:35 - 2019-09-11 04:56 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-10-08 19:35 - 2019-09-11 04:56 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-10-08 19:35 - 2019-09-10 02:27 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-10-08 19:35 - 2019-09-10 02:27 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-10-08 19:35 - 2019-09-10 02:24 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-10-08 19:35 - 2019-09-10 02:24 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-10-08 19:35 - 2019-09-10 02:24 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-10-08 19:35 - 2019-09-10 02:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-10-08 19:35 - 2019-09-10 02:00 - 000361472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-10-08 19:35 - 2019-09-10 02:00 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-10-08 19:35 - 2019-09-10 02:00 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-10-08 19:35 - 2019-09-10 02:00 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-10-08 19:35 - 2019-09-10 02:00 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-10-08 19:35 - 2019-09-10 01:53 - 000152576 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-10-08 19:35 - 2019-09-10 01:53 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-10-08 19:35 - 2019-09-10 01:53 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-10-08 19:35 - 2019-09-10 01:52 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2019-10-08 19:35 - 2019-09-10 01:49 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-10-03 09:05 - 2019-10-03 09:00 - 000236024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-10-03 09:05 - 2019-10-03 09:00 - 000171520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-10-03 09:05 - 2019-10-03 08:59 - 000355720 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-30 19:04 - 2009-07-14 04:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-30 19:04 - 2009-07-14 04:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-30 19:01 - 2009-07-14 05:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-30 19:01 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\inf
2019-10-30 18:58 - 2018-01-08 20:25 - 000000908 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-10-30 18:57 - 2018-07-14 20:19 - 000000000 ____D C:\Users\lenovo\AppData\Local\AVAST Software
2019-10-30 18:54 - 2018-01-08 20:25 - 000000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-10-30 18:54 - 2018-01-08 16:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-30 18:54 - 2009-07-14 05:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-30 17:07 - 2018-01-08 16:29 - 000000000 ____D C:\Users\lenovo\AppData\LocalLow\Mozilla
2019-10-30 16:54 - 2018-02-25 20:54 - 000241152 ___SH C:\Users\lenovo\Documents\Thumbs.db
2019-10-30 16:48 - 2018-03-28 08:44 - 000000000 ____D C:\Users\lenovo\AppData\Roaming\Syncios Data Transfer
2019-10-30 09:56 - 2019-04-07 07:58 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-30 09:56 - 2019-04-07 07:58 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-10-30 09:56 - 2019-04-07 07:58 - 000002185 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-10-30 09:41 - 2017-11-30 07:15 - 000777216 ___SH C:\Users\lenovo\Desktop\Thumbs.db
2019-10-30 09:39 - 2018-01-10 20:50 - 115388416 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2019-10-30 09:39 - 2018-01-10 20:50 - 000917504 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2019-10-30 09:39 - 2018-01-10 20:50 - 000065536 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2019-10-30 09:39 - 2018-01-10 20:50 - 000028672 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2019-10-29 21:35 - 2018-01-08 17:19 - 000000000 ____D C:\ProgramData\AVAST Software
2019-10-29 12:11 - 2019-09-09 06:33 - 000002122 _____ C:\Users\Public\Desktop\IObit Software Updater.lnk
2019-10-29 12:11 - 2019-09-09 06:33 - 000002122 _____ C:\ProgramData\Desktop\IObit Software Updater.lnk
2019-10-28 09:26 - 2018-01-08 17:20 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2019-10-27 21:08 - 2016-12-04 13:00 - 000385024 ___SH C:\Users\lenovo\Downloads\Thumbs.db
2019-10-27 20:13 - 2018-10-29 09:42 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-27 20:13 - 2009-07-14 03:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-10-27 20:11 - 2018-01-08 18:39 - 000000000 ____D C:\Program Files\Microsoft Office
2019-10-25 09:05 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\rescache
2019-10-25 08:25 - 2018-04-25 13:04 - 051224576 _____ C:\Windows\system32\config\components.iodefrag.bak
2019-10-25 08:05 - 2018-01-08 17:17 - 000000000 ____D C:\ProgramData\ProductData
2019-10-23 21:22 - 2018-11-04 19:17 - 000000000 ____D C:\Users\lenovo\Desktop\poems for buzz
2019-10-23 19:53 - 2018-11-21 15:09 - 000004194 _____ C:\Windows\system32\Tasks\Avast Cleanup Update
2019-10-23 19:46 - 2019-07-04 07:08 - 000004188 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update
2019-10-19 19:57 - 2018-09-16 13:26 - 000000000 ____D C:\Users\lenovo\Documents\M Miller Quiz
2019-10-19 16:00 - 2018-01-08 16:50 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-10-19 16:00 - 2018-01-08 16:50 - 000000000 ____D C:\Windows\system32\appraiser
2019-10-19 13:13 - 2018-01-08 20:25 - 000000000 ____D C:\Users\lenovo\AppData\Local\Dropbox
2019-10-19 13:10 - 2018-01-08 20:25 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-10-17 09:09 - 2018-01-08 20:27 - 000000000 ___RD C:\Users\lenovo\Dropbox
2019-10-11 13:33 - 2018-09-11 13:16 - 000000000 ____D C:\Users\lenovo\Documents\Beeford Buzz stuff
2019-10-11 13:18 - 2016-02-14 08:26 - 000000000 ____D C:\Users\lenovo\Documents\Accounts
2019-10-10 07:58 - 2018-10-29 10:51 - 000003178 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3575293515-844785542-2696234256-1000
2019-10-10 07:58 - 2018-10-29 09:48 - 000002160 _____ C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-10-10 07:58 - 2018-10-29 09:48 - 000000000 ___RD C:\Users\lenovo\OneDrive
2019-10-08 20:55 - 2019-08-12 16:03 - 000003376 _____ C:\Windows\system32\Tasks\SU_AutoUpdate
2019-10-08 20:12 - 2019-01-20 16:35 - 000441656 _____ C:\Windows\system32\FNTCACHE.DAT
2019-10-08 20:05 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-10-08 20:00 - 2017-12-14 11:10 - 000766100 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-10-08 19:59 - 2017-12-14 13:18 - 000000000 ____D C:\Windows\system32\MRT
2019-10-08 19:54 - 2017-12-14 13:18 - 127230528 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-10-08 19:11 - 2019-04-07 07:58 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-08 19:11 - 2019-04-07 07:58 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-08 19:11 - 2018-01-08 17:21 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-03 09:08 - 2018-01-08 17:20 - 000848432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-10-03 09:08 - 2018-01-08 17:20 - 000460448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-10-03 09:00 - 2019-02-14 13:55 - 000276952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-10-03 09:00 - 2018-10-20 15:43 - 000042736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-10-03 09:00 - 2018-01-08 17:20 - 000316528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-10-03 09:00 - 2018-01-08 17:20 - 000110320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-10-03 09:00 - 2018-01-08 17:20 - 000083792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-10-03 08:59 - 2019-01-14 14:29 - 000274456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-10-03 08:59 - 2019-01-05 17:02 - 000209552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-10-03 08:59 - 2019-01-05 17:02 - 000065120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-10-03 08:59 - 2019-01-05 17:02 - 000037616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-10-03 08:59 - 2018-01-08 17:20 - 000204824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-10-21 19:52
==================== End of FRST.txt ========================