Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trying to uninstall Avast without success


  • Please log in to reply

#16
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 247 posts

If all is well..:

 

The following will remove the tools we used as well as reset system restore points:

 

KpRm


Download KpRm by kernel-panik and save it to your desktop.

  • Right-click kprm_(version).exe and select Run as Administrator.
  • When the tool opens, ensure all boxes are checked, and select Run.
  • Once complete, click OK.
  • A log will open in Notepad titled kprm-(date).txt.
  • Please copy and paste its contents in your next reply.

 

Safe surfing :)

 

 


  • 0

Advertisements


#17
Buffyfan

Buffyfan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

Ok thank you

 

# Run at 26/03/2020 4:53:40 PM
# KpRm (Kernel-panik) version 2.8
# Run by Stu from C:\Users\Stu\Desktop
# Computer Name: EDGECOMBES
# OS: Windows 10 X64 (18362) 
# Number of passes: 1
 
- Checked options -
 
    ~ Registry Backup
    ~ Delete Tools
    ~ Restore System Settings
    ~ UAC Restore
    ~ Delete Restore Points
    ~ Create Restore Point
    ~ Delete Quarantines
 
- Create Registry Backup -
 
   ~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up
   ~ [OK] Hive C:\Users\Stu\NTUSER.dat backed up
 
     [OK] Registry Backup: C:\KPRM\backup\2020-03-26-16-53-40
 
- Delete Tools -
 
 
  ## AdwCleaner
     [OK] C:\AdwCleaner deleted
 
  ## FRST
     [OK] C:\Users\Stu\Downloads\Addition.txt deleted
     [OK] C:\Users\Stu\Downloads\Fixlog.txt deleted
     [OK] C:\Users\Stu\Downloads\FRST-OlderVersion deleted
     [OK] C:\Users\Stu\Downloads\FRST.txt deleted
     [OK] C:\Users\Stu\Downloads\FRST64.exe deleted
     [OK] C:\FRST deleted
 
- Restore System Settings -
 
     [OK] Reset WinSock
     [OK] FLUSHDNS
     [OK] Hide Hidden file.
     [OK] Show Extensions for known file types
     [OK] Hide protected operating system files
 
- Restore UAC -
 
     [OK] Set EnableLUA with default (1) value
     [OK] Set ConsentPromptBehaviorAdmin with default (5) value
     [OK] Set ConsentPromptBehaviorUser with default (3) value
     [OK] Set EnableInstallerDetection with default (0) value
     [OK] Set EnableSecureUIAPaths with default (1) value
     [OK] Set EnableUIADesktopToggle with default (0) value
     [OK] Set EnableVirtualization with default (1) value
     [OK] Set FilterAdministratorToken with default (0) value
     [OK] Set PromptOnSecureDesktop with default (1) value
     [OK] Set ValidateAdminCodeSignatures with default (0) value
 
- Clear Restore Points -
 
   ~ [OK] RP named Scheduled Checkpoint created at 03/01/2020 10:52:10 deleted
   ~ [OK] RP named Scheduled Checkpoint created at 03/10/2020 12:51:07 deleted
   ~ [OK] RP named Installed Blender created at 03/19/2020 23:17:29 deleted
   ~ [OK] RP named Prior to Avast removal created at 03/21/2020 18:57:20 deleted
   ~ [OK] RP named Restore Point Created by FRST created at 03/23/2020 05:15:52 deleted
     [OK] All system restore points have been successfully deleted
 
- Create Restore Point -
 
     [OK] System Restore Point created
 
- Display System Restore Point -
 
   ~ [I] RP named KpRm created at 03/26/2020 03:53:58
 
-- KPRM finished in 54.16s --
 
 
 
Please let me know if it's all done and Avast has been fully removed.  Thanks

  • 0

#18
Buffyfan

Buffyfan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

Hi, are you able to confirm if it's all ok now?  I can't restart this thread

 

http://www.geekstogo...80070005/page-2

 

until I have sign-off from you that it's sorted.  Thanks again for your help  :D


  • 0

#19
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 247 posts

Hi Buffyfan..! Let's do one last check just in case ..!

 

Please download the correct version of SystemLook for your computer and save it to your desktop.
You can check here if you're not sure if your computer is 32-bit or 64-bit

SystemLook.exe | or | SystemLook_x64.exe

  • If using Windows XP just double click on SystemLook.exe to run it.
  • For all other versions of Windows, right click over SystemLook.exe or SystemLook_x64.exe and choose Run as administrator to run it
  • Copy the contents of the following code box into the main text field - including the colon characters.
:filefind
*Avast*
*AVAST Software*
:folderfind
*Avast*
*AVAST Software*
:regfind
Avast
AVAST Software

  • Click the Look button to start the scan
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
  • Note: The log can also be found on your Desktop named SystemLook.txt

  • 0

#20
Buffyfan

Buffyfan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
SystemLook 30.07.11 by jpshortstuff
Log created at 22:48 on 29/03/2020 by Stu
Administrator - Elevation successful
 
========== filefind ==========
 
Searching for "*Avast*"
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\20.1.1601_0\common\ui\icons\avast-logo-opt-in.png --a---- 1881 bytes [05:00 20/03/2020] [02:42 29/01/2020] 2DB8A660D58D1A56961310CA1086C8D8
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\20.1.480_0\scripts\contentAvast.js --a---- 1321 bytes [05:00 20/03/2020] [21:33 27/02/2020] 53EC5923E895547ACA651A2772F1AD7B
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avast-software-smaller-white[1].png --a---- 1062 bytes [22:27 21/03/2020] [22:27 21/03/2020] 2CF88B869E326C63B111516F37E954CA
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avast-software[1].svg --a---- 3757 bytes [22:27 21/03/2020] [22:27 21/03/2020] C688226DCAA693AFB8EB057C3552DBB7
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avastclear[1].exe --a---- 11441568 bytes [22:28 21/03/2020] [22:28 21/03/2020] 735A8B445F055C5989056DCD7A0AF953
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KTTT7NMX\activityi;dc_pre=CNqqp9rfrOgCFVAVaAodkL8GTg;src=6633083;type=unive0;cat=avast0;ord=5010239065941;gtm=2wg3b2;auiddc=1144323118.158[1].htm --a---- 1047 bytes [23:44 21/03/2020] [23:44 21/03/2020] 83EB69309890A6A9802C2925124C4FA7
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KTTT7NMX\avast[1].js --a---- 62592 bytes [22:27 21/03/2020] [22:27 21/03/2020] 59B9B303C9EE9E1E3EBF71D1504C8DB5
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RL42750G\activityi;dc_pre=COWa0szOrOgCFeINtwAdVXwB_A;src=6633083;type=unive0;cat=avast0;ord=7193596675355;gtm=2wg3b2;auiddc=1144323118.158[1].htm --a---- 1047 bytes [22:27 21/03/2020] [22:27 21/03/2020] ED465C9D1A3C7E2F51509283BE834845
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AIJNQTET\www.avast[1].xml --a---- 553 bytes [22:27 21/03/2020] [23:44 21/03/2020] 95C9356E6573147056B2F943C97DF872
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\avastclear.exe.2k8aq9w.partial --a---- 11441568 bytes [23:44 21/03/2020] [23:44 21/03/2020] 735A8B445F055C5989056DCD7A0AF953
C:\Users\Administrator\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\avast! Antivirus --a---- 37014 bytes [05:01 20/03/2020] [05:01 20/03/2020] 3212927E3EDF091342487F5EBB045245
C:\Users\Administrator\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_AVAST Software_Avast Cleanup_TuneupUI_exe --a---- 37014 bytes [05:01 20/03/2020] [05:01 20/03/2020] D763644A46063F81090EE01895388E5D
C:\Users\Administrator\Downloads\avastclear.exe --a---- 11441568 bytes [22:28 21/03/2020] [22:28 21/03/2020] 735A8B445F055C5989056DCD7A0AF953
C:\Users\Stu\Downloads\avastclear (1).exe --a---- 10823512 bytes [23:54 21/03/2020] [23:55 21/03/2020] 261ED60DFBC18D25BD7AFEA4A6D51DAC
C:\Users\Stu\Downloads\avastclear.exe --a---- 11441568 bytes [22:36 21/03/2020] [22:36 21/03/2020] 735A8B445F055C5989056DCD7A0AF953
C:\Users\Stu\Downloads\avast_free_antivirus_setup_online.exe --a---- 230080 bytes [23:06 21/03/2020] [23:06 21/03/2020] 751F4C6C14943F86F812930D23005125
C:\Windows\avastSS.scr --a---- 53208 bytes [16:03 06/01/2017] [16:03 06/01/2017] 12EBDA58437CD1EA7066FCB6455241D2
C:\Windows\Prefetch\AVASTCLEAR.EXE-30319631.pf --a---- 25258 bytes [22:28 21/03/2020] [22:28 21/03/2020] A665FA9A6F1C453E295BD37BC09F0538
C:\Windows\Prefetch\AVASTCLEAR.EXE-B93CFBF0.pf --a---- 33171 bytes [22:36 21/03/2020] [23:34 21/03/2020] 3526ED75F4BD13ED7B7EF7E669C7FACE
C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-13CBD36A.pf --a---- 24718 bytes [23:13 21/03/2020] [23:13 21/03/2020] 59C1B1A9168C33BAA298FB340C1CE9AC
C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-53FD6AAA.pf --a---- 19656 bytes [23:07 21/03/2020] [23:24 21/03/2020] 1D873FCF716BA5E816FDD330C9C9B895
C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-E50FB3B9.pf --a---- 24642 bytes [23:07 21/03/2020] [23:07 21/03/2020] EFEE970E11734BC4B08EA19804926E92
C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-FF17C8F2.pf --a---- 25694 bytes [23:24 21/03/2020] [23:24 21/03/2020] 5CA9BB9DD1E7432081BF86C6C1E943BD
C:\Windows\System32\Tasks_Migrated\Avast Emergency Update --a---- 4264 bytes [22:43 24/05/2018] [16:35 06/08/2019] 624EC04B69729047D08FEC0BF9FFF950
C:\Windows\WinSxS\Manifests\amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396.cat --a---- 9249 bytes [02:30 10/08/2019] [02:30 10/08/2019] C0782A6DD461CAC426127F137ED32A6C
C:\Windows\WinSxS\Manifests\amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396.manifest ------- 2378 bytes [02:30 10/08/2019] [02:30 10/08/2019] 5EFC81F732DC830BC96C5A3AABCFE543
C:\Windows\WinSxS\Manifests\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5.cat --a---- 7456 bytes [20:53 25/02/2020] [23:22 21/03/2020] DE67AC8142C10EB12E8AE6C6CDBAF799
C:\Windows\WinSxS\Manifests\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5.manifest ------- 24123 bytes [20:53 25/02/2020] [20:53 25/02/2020] 47437B704B6D56328C347347462CD02D
C:\Windows\WinSxS\Manifests\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128.cat --a---- 7457 bytes [20:53 25/02/2020] [23:23 21/03/2020] 2A9DFB92BD6DECA69672261DFB9E044D
C:\Windows\WinSxS\Manifests\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128.manifest ------- 1231 bytes [20:53 25/02/2020] [20:53 25/02/2020] A77C3C57546E0E66394A1DD29129052B
C:\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5158632ac9d8192f.cat --a---- 7456 bytes [20:53 25/02/2020] [23:23 21/03/2020] EAC8D7698558B21A1A533C6A567C06BD
C:\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5158632ac9d8192f.manifest ------- 754 bytes [20:53 25/02/2020] [20:53 25/02/2020] F6ED6E08D09EBE10597CB2966F6C394E
C:\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_5638651cc6ac4862.cat --a---- 7457 bytes [20:53 25/02/2020] [23:23 21/03/2020] 777DD2D0BC92B002B9236B6F4F61CB05
C:\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_5638651cc6ac4862.manifest ------- 754 bytes [20:53 25/02/2020] [20:53 25/02/2020] 44D5DDB1B2C027176887E75382F29D55
C:\Windows\WinSxS\Manifests\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c.cat --a---- 9249 bytes [02:40 10/08/2019] [02:40 10/08/2019] F181BD5627947025E1254E2F786AE2BE
C:\Windows\WinSxS\Manifests\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c.manifest ------- 2376 bytes [02:40 10/08/2019] [02:40 10/08/2019] 176B3BE4AE48CC8A7FACBB8E89A2131E
C:\Windows\WinSxS\Manifests\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb.cat --a---- 7457 bytes [20:53 25/02/2020] [23:22 21/03/2020] F7BAEFE116151719499F97B4D7A29BC5
C:\Windows\WinSxS\Manifests\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb.manifest ------- 23610 bytes [20:53 25/02/2020] [20:53 25/02/2020] FF9B36754303E435AFFABAB5168718B4
C:\Windows\WinSxS\Manifests\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e.cat --a---- 7457 bytes [20:53 25/02/2020] [23:23 21/03/2020] B021FBE34930277301DEEC14CDD9E3FE
C:\Windows\WinSxS\Manifests\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e.manifest ------- 1227 bytes [20:53 25/02/2020] [20:53 25/02/2020] 955669576F50AF3D88281103865D3A1D
C:\Windows\WinSxS\Manifests\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_b2556b4035446b41.cat --a---- 9249 bytes [02:46 10/08/2019] [02:46 10/08/2019] 84E52D0B42207B15BC16A36298AE4110
C:\Windows\WinSxS\Manifests\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_b2556b4035446b41.manifest ------- 608 bytes [02:46 10/08/2019] [02:46 10/08/2019] E479732F7B82161E923B0DF5B5D09C59
C:\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_99059a01de544235.cat --a---- 7457 bytes [20:53 25/02/2020] [23:23 21/03/2020] F8999365A25BB341C55C70CB32DF2D46
C:\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_99059a01de544235.manifest ------- 750 bytes [20:53 25/02/2020] [20:53 25/02/2020] 709C8063694781F6371E817243F0EB0F
C:\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_9de59bf3db287168.cat --a---- 7456 bytes [20:53 25/02/2020] [23:23 21/03/2020] DFB0071CF316CD33F04392304A02A289
C:\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_9de59bf3db287168.manifest ------- 750 bytes [20:53 25/02/2020] [20:53 25/02/2020] 8D1CB478D2A7A6AFAE2C38C6524EDA4B
 
Searching for "*AVAST Software*"
C:\Users\Administrator\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_AVAST Software_Avast Cleanup_TuneupUI_exe --a---- 37014 bytes [05:01 20/03/2020] [05:01 20/03/2020] D763644A46063F81090EE01895388E5D
 
========== folderfind ==========
 
Searching for "*Avast*"
C:\Windows\System32\Tasks_Migrated\Avast Software d------ [22:43 24/05/2018]
C:\Windows\WinSxS\amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396 d------ [02:30 10/08/2019]
C:\Windows\WinSxS\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5 d------ [20:53 25/02/2020]
C:\Windows\WinSxS\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128 d------ [20:53 25/02/2020]
C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c d------ [02:40 10/08/2019]
C:\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb d------ [20:53 25/02/2020]
C:\Windows\WinSxS\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e d------ [20:53 25/02/2020]
 
Searching for "*AVAST Software*"
C:\Windows\System32\Tasks_Migrated\Avast Software d------ [22:43 24/05/2018]
 
========== regfind ==========
 
Searching for "Avast"
[HKEY_CURRENT_USER\Software\Avast Software]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5815bc15_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_76f3&subsys_103c2af7&rev_1002#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speaker2topology/00010001|\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastUI.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\65e46875_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_76f3&subsys_103c2af7&rev_1002#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speaker2topology/00010001|\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\avastui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\Internet]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-2007.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-downloads.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-hq.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-avast.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\avast]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\www.avast]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\telecharger-avast.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-2007.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-downloads.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-hq.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-avast.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\avast]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\www.avast]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\telecharger-avast.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{AADE1128-B19D-4BCD-9CF4-3DD38C8EE965}]
"AppId"="avast! antivirus"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software\Products]
"AvastAntivirus"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avast]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvastPersistentStorage]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvastPersistentStorage]
"InstupProgress_Description"="Deleting file: C:\Program Files\AVAST Software\Avast\defs\ffffffff\engsup.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"DISPLAYNAME"="Avast Antivirus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"PRODUCTEXE"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"REPORTINGEXE"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"DISPLAYNAME"="Avast Antivirus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"PRODUCTEXE"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"REPORTINGEXE"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\AvastSvc_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\AvastSvc_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-2007.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-downloads.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-hq.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-avast.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\avast]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\www.avast]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\telecharger-avast.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-2007.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-downloads.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-hq.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-avast.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\avast]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\www.avast]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\telecharger-avast.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_avast.vc110.crt_2036b14a11e83e4a_none_c373722873c01144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_avast.vc140.crt_fcc99ee6193ebbca_none_020285fe6d6e0580]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_avast.vc140.mfc_fcc99ee6193ebbca_none_018be6966dc83925]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_none_ef17e13d91c55d96]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_none_eea141d5921f913b]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_avast.vc110.crt_2036b14a11e83e4a_none_0b20a8ff883c3a4a]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_avast.vc140.crt_fcc99ee6193ebbca_none_49afbcd581ea2e86]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_avast.vc140.mfc_fcc99ee6193ebbca_none_49391d6d8244622b]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_none_5679bb9c25dbf18d]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_none_36c51814a641869c]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_none_364e78aca69bba41]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsSelfHost\OneSettings]
"TargetingAttributes"="{
  "Version": 85,
  "SchemaVersion": 1,
  "PartA": [
    "App",
    "AppVer",
    "AttrDataVer"
  ],
  "Default": [
    "DeviceFamily",
    "f:FlightRing",
    "t:OSVersionFull"
  ],
  "PartB": {
    "CDM": [
      "ChassisTypeId",
      "r:CurrentBranch",
      "DeviceFamily",
      "f:FlightingBranchName",
      "f:FlightRing",
      "c:InstallLanguage",
      "c:IsDomainJoined",
      "t:IsTestLab",
      "OEMModel",
      "OSArchitecture",
      "OSVersion",
      "t:OSSkuId",
      "c:ProcessorIdentifier",
      "c:TelemetryLevel",
      "t:IsMsftOwned",
      "t:WCOSProductId",
      "c:OSUILocale",
      "c:CommercialId"
    ],
    "COMPATLOGGER": [
      "osVer",
      "ring",
      "deviceId"
    ],
    "CORTANA_GATEKEEPER": [
      "r:CurrentBranch",
      "f:FlightRing",
      "f:IsRetailOS"
    ],
    "CORTANAUWP": [
      "c:OSUILocale",
      "t:OSVersionFull",
      "v:CortanaAppVer"
    ],
    "CORTANA
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsSelfHost\OneSettings]
"TargetingAttributesVerified"="{
  "Version": 85,
  "SchemaVersion": 1,
  "PartA": [
    "App",
    "AppVer",
    "AttrDataVer"
  ],
  "Default": [
    "DeviceFamily",
    "f:FlightRing",
    "t:OSVersionFull"
  ],
  "PartB": {
    "CDM": [
      "ChassisTypeId",
      "r:CurrentBranch",
      "DeviceFamily",
      "f:FlightingBranchName",
      "f:FlightRing",
      "c:InstallLanguage",
      "c:IsDomainJoined",
      "t:IsTestLab",
      "OEMModel",
      "OSArchitecture",
      "OSVersion",
      "t:OSSkuId",
      "c:ProcessorIdentifier",
      "c:TelemetryLevel",
      "t:IsMsftOwned",
      "t:WCOSProductId",
      "c:OSUILocale",
      "c:CommercialId"
    ],
    "COMPATLOGGER": [
      "osVer",
      "ring",
      "deviceId"
    ],
    "CORTANA_GATEKEEPER": [
      "r:CurrentBranch",
      "f:FlightRing",
      "f:IsRetailOS"
    ],
    "CORTANAUWP": [
      "c:OSUILocale",
      "t:OSVersionFull",
      "v:CortanaAppVer"
    ],
    
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\AVAST Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Products]
"AvastAntivirus"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\com.avast.nativeproxy]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\com.avast.nativeproxy]
@="C:\Program Files\AVAST Software\Avast\AvastNM.json"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path"=""C:\Program Files\AVAST Software\Avast\aswidsagent.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path.Org"=""C:\Program Files\AVAST Software\Avast\aswidsagent.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path.Win32"="C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"ServiceName"="avast! Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"Path"=""C:\Program Files\AVAST Software\Avast\AvastSvc.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"Path.Org"=""C:\Program Files\AVAST Software\Avast\AvastSvc.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"Path.Win32"="C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"DisplayName"="Avast Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"ServiceName"="AvastWscReporter"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"Path"=""C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"Path.Org"=""C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"Path.Win32"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"DisplayName"="AvastWscReporter"
[HKEY_USERS\.DEFAULT\Software\Avast Software]
[HKEY_USERS\.DEFAULT\Software\Avast Software]
"Last Stable Install Path"="C:\Program Files\AVAST Software\SZBrowser\"
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Avast Software]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5815bc15_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_76f3&subsys_103c2af7&rev_1002#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speaker2topology/00010001|\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastUI.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\65e46875_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_76f3&subsys_103c2af7&rev_1002#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speaker2topology/00010001|\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\avastui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Office\12.0\Common\Internet]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-2007.com]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-downloads.com]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-hq.com]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-avast.com]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\avast]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\www.avast]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\telecharger-avast.com]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-2007.com]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-downloads.com]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-hq.com]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-avast.com]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\avast]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\www.avast]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\telecharger-avast.com]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{AADE1128-B19D-4BCD-9CF4-3DD38C8EE965}]
"AppId"="avast! antivirus"
[HKEY_USERS\S-1-5-18\Software\Avast Software]
[HKEY_USERS\S-1-5-18\Software\Avast Software]
"Last Stable Install Path"="C:\Program Files\AVAST Software\SZBrowser\"
 
Searching for "AVAST Software"
[HKEY_CURRENT_USER\Software\Avast Software]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5815bc15_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_76f3&subsys_103c2af7&rev_1002#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speaker2topology/00010001|\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastUI.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\65e46875_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_76f3&subsys_103c2af7&rev_1002#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speaker2topology/00010001|\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\avastui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvastPersistentStorage]
"InstupProgress_Description"="Deleting file: C:\Program Files\AVAST Software\Avast\defs\ffffffff\engsup.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"PRODUCTEXE"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"REPORTINGEXE"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"PRODUCTEXE"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"REPORTINGEXE"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\AVAST Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\com.avast.nativeproxy]
@="C:\Program Files\AVAST Software\Avast\AvastNM.json"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path"=""C:\Program Files\AVAST Software\Avast\aswidsagent.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path.Org"=""C:\Program Files\AVAST Software\Avast\aswidsagent.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path.Win32"="C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"Path"=""C:\Program Files\AVAST Software\Avast\AvastSvc.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"Path.Org"=""C:\Program Files\AVAST Software\Avast\AvastSvc.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"Path.Win32"="C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"Path"=""C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"Path.Org"=""C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"Path.Win32"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
[HKEY_USERS\.DEFAULT\Software\Avast Software]
[HKEY_USERS\.DEFAULT\Software\Avast Software]
"Last Stable Install Path"="C:\Program Files\AVAST Software\SZBrowser\"
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Avast Software]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5815bc15_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_76f3&subsys_103c2af7&rev_1002#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speaker2topology/00010001|\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastUI.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\65e46875_0]
@="{2}.\\?\hdaudio#func_01&ven_111d&dev_76f3&subsys_103c2af7&rev_1002#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\speaker2topology/00010001|\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\avastui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-18\Software\Avast Software]
[HKEY_USERS\S-1-5-18\Software\Avast Software]
"Last Stable Install Path"="C:\Program Files\AVAST Software\SZBrowser\"
 
-= EOF =-
 
Thank you

  • 0

#21
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 247 posts

Please check again with  https://www.avast.co...nstall-utility to clean up Avast debris ..!

 

 

Farbar Recovery Scan Tool (FRST)

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, and that will be the right version.

  • Right-click FRST.exe/FRST64.exe then click "Run as administrator"
  • When the tool opens, click Yes to the disclaimer.
  • Press the Scan button.
  • When finished, it will produce logs called FRST.txt and Addition.txt in the same directory the tool was run from.
  • Please copy and paste the logs in your next reply.

---------------------------------------------------

In your next reply, please include:

  • FRST.txt
  • Addition.txt

  • 0

#22
Buffyfan

Buffyfan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

Ok, here we go

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-03-2020
Ran by Stu (administrator) on EDGECOMBES (Hewlett-Packard 500-407a) (30-03-2020 08:30:17)
Running from C:\Users\Stu\Desktop
Loaded Profiles: Stu (Available Profiles: Stu & Administrator)
Platform: Windows 10 Home Version 1903 18362.295 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [File not signed] C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(FabulaTech -> ) C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
(FabulaTech -> ) C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
(FabulaTech -> VMware) C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(Integrated Device Technology Inc. -> Hewlett-Packard ) [File not signed] C:\Program Files\IDT\WDM\Beats64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Juniper Networks, Inc. -> Juniper Networks, Inc.) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\Stu\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Stu\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\ctfmon.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\dasHost.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\dwm.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\rundll32.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\SearchFilterHost.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\SearchIndexer.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\SearchProtocolHost.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\SecurityHealthSystray.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\sihost.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\spoolsv.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\VSSVC.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\wbem\WmiApSrv.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\wbem\WmiPrvSE.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\wbem\WmiPrvSE.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\winlogon.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\WUDFHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\NisSrv.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [84992 2019-03-19] (Microsoft Corporation) [File not signed]
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-29] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-29] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-29] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [VMware Netlink 3 HV Install Utility] => C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe [70080 2015-06-16] (FabulaTech -> )
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2014-01-05] (Integrated Device Technology Inc. -> Hewlett-Packard ) [File not signed]
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2018-09-08] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-05] (IDT, Inc.) [File not signed]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [33792 2019-03-19] (Microsoft Corporation) [File not signed]
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [27648 2019-03-19] (Microsoft Corporation) [File not signed]
HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\Run: [BingSvc] => C:\Users\Stu\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-13] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKLM\...\Providers\Internet Print Provider: C:\WINDOWS\system32\inetpp.dll [177664 2019-08-10] (Microsoft Corporation) [File not signed]
HKLM\...\Providers\LanMan Print Services: C:\WINDOWS\system32\win32spl.dll [863232 2019-03-19] (Microsoft Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-20] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-29] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-29] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\PLAP Providers: [{60442b50-aac2-4db7-b9b0-813d2107287d}] -> C:\WINDOWS\system32\dsNcSmartCardProv.dll [2014-08-13] (Juniper Networks, Inc. -> Juniper Networks, Inc.)
HKLM\Software\...\Authentication\PLAP Providers: [{9f4a51de-92b1-483a-b717-dd7d3bb7d3db}] -> C:\WINDOWS\system32\dsNcCredProv.dll [2014-08-13] (Juniper Networks, Inc. -> Juniper Networks, Inc.)
Startup: C:\Users\Stu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2016-12-22]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [File not signed]
Startup: C:\Users\Stu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2016-06-13]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {003F51E9-D157-4F2F-9411-AB203E4857DB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\WINDOWS\system32\usoclient.exe [69120 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {018C3933-80BC-4EB1-9538-2C511D17A4BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-20] (Google LLC -> Google LLC)
Task: {01C5B377-A7EB-4FF3-9C6C-86852FACB348} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\WINDOWS\system32\ProvTool.exe [83456 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {01E148B7-E844-409B-90A6-7BC643B92EF5} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE => {89D1D0C2-A3CF-490C-ABE3-B86CDE34B047} C:\WINDOWS\System32\ReAgentTask.dll [13824 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {01F94132-A3BF-4AD3-BA30-D631FD3A67CA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [291328 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {027D2824-ECCD-438B-A4EA-D7A4EF86A06F} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy => {60400283-B242-4FA8-8C25-CAF695B88209} C:\Windows\System32\pnppolicy.dll [56320 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {04C10A9D-5360-47B2-9C96-2DDBCE8EC3F7} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\WINDOWS\system32\AppHostRegistrationVerifier.exe [119296 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {058BE07E-575F-42CA-894B-6A8F9716F16E} - System32\Tasks\Microsoft\Windows\Registry\RegIdleBackup => {CA767AA8-9157-4604-B64B-40747123D5F2} C:\WINDOWS\System32\regidle.dll [15872 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {066611CA-B68B-4C48-B3E6-E80FC0B7545E} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip => {C27F6B1D-FE0B-45E4-9257-38799FA69BC8} C:\WINDOWS\System32\usbceip.dll [123392 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {07B85E51-23DD-4E95-912E-62B91AA468FB} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\WINDOWS\system32\dimsjob.dll [43520 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {083F3813-82BC-4622-A1B0-070C619B7D11} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner => C:\WINDOWS\system32\mitigationscanner.exe [58880 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {0903A339-04A3-4976-8F4E-DDDD3CD546FB} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\WINDOWS\system32\DFDWiz.exe [52736 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {0929591E-A4DD-41E2-8B92-DDA848EBDDC3} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime => {A31AD6C2-FF4C-43D4-8E90-7101023096F9} C:\WINDOWS\system32\TimeSyncTask.dll [14848 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {0A2D0DE7-8550-4F4A-87DD-61785557564A} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization => C:\WINDOWS\system32\defrag.exe [186880 2019-03-19] (Microsoft Corp.) [File not signed]
Task: {0B76A047-5E0D-48D6-97E9-1CB6702F8832} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\WINDOWS\System32\wsqmcons.exe [92160 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {0C7D8A27-9B28-49F1-979C-AD37C4D290B1} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\WINDOWS\system32\appidcertstorecheck.exe [19456 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {0D4254FC-C2E0-4C43-AAE5-DB986C14E087} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\WINDOWS\System32\dusmtask.exe [37888 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {0F8187C2-B821-410E-95AE-9B5D0065CD06} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work => {63260BCE-A3FB-4A34-AA51-D4D8E877B62B} C:\Windows\System32\WorkFoldersShell.dll [225792 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [283136 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {12B77A7C-1DDB-48D8-9A89-E91548474357} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications => {E05BE1C8-92A8-4757-B575-ACAECB4E6A40} C:\Windows\System32\UsbTask.dll [54784 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {130DC611-38F5-4D34-A89E-7808E32855EE} - System32\Tasks\{0A0262D7-1434-4BD2-9DDC-5E5282012F03} => C:\windows\system32\pcalua.exe -a D:\SMS2003-SP3-KB937882-X86-ENU.exe -d D:\
Task: {15975FEC-F71A-4FF3-9831-53024113DA95} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe [594944 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {1781072A-20A0-4EE7-A334-392272C6F511} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1116024 2020-02-26] (HP Inc. -> HP Inc.)
Task: {18192CBE-3B5C-4E7A-92AD-368C4F8745EE} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\WINDOWS\system32\RAServer.exe [134144 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {18341182-9161-4A5F-939D-95486F4013D2} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures => {59EECBFE-C2F5-4419-9B99-13FE05FF2675} C:\Windows\System32\fcon.dll [186880 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {19051521-1085-4928-B136-FE816BB39A2A} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache => {E07647F7-AED2-48D9-9720-939BC24A8A3C} C:\Windows\System32\wosc.dll [242688 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {1B0C0498-944F-4BAA-A51E-1D4376253762} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\WINDOWS\system32\BthUdTask.exe [40448 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {1B813E0C-2BBF-4EFE-9108-D9D020D465F2} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization => {97D47D56-3777-49FB-8E8F-90D7E30E1A1E} C:\Windows\System32\WorkFoldersShell.dll [225792 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {1C654285-C780-4C07-8D95-D950BB7A03E7} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\WINDOWS\system32\dimsjob.dll [43520 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {1FD82FBC-B8E1-4418-9252-DCB00E106E2E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\WINDOWS\system32\TpmTasks.dll [107520 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {220D3535-F0C2-4BE0-9FA8-341454F3B598} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [291328 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {2758C66F-29D7-40AD-9559-2825ED905C29} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [288768 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {28DCC145-28F5-41E5-9506-ADDA91CD4966} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [288768 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {29C0F4DC-19CC-4E6C-96FA-C910ECB14B49} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\WINDOWS\system32\ngctasks.dll [270848 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {2F07DB8D-A9E5-462B-B97A-F0ACBF417792} - System32\Tasks\Microsoft\Windows\Ras\MobilityManager => {C463A0FC-794F-4FDF-9201-01938CEACAFA} C:\WINDOWS\system32\rasmbmgr.dll [62464 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {30526E35-00F9-4BED-9846-7BBC937831E9} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan => {CF4270F5-2E43-4468-83B3-A8C45BB33EA1} C:\Windows\System32\pstask.dll [15872 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {3472D253-581F-4480-8539-784D74361402} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\WINDOWS\system32\dstokenclean.exe [13312 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {34E8CE7D-77E5-4405-AE3D-26816C4C69C8} - System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check => C:\WINDOWS\System32\dsregcmd.exe [970240 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3810C063-8759-4D54-A834-4BEA5D6BFBE4} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [291328 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {3C45C6F0-0D32-4C27-9336-7B982C77F32E} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync => {297EE78C-BA95-4E94-81D3-D6E7F089C7B5} C:\WINDOWS\system32\sysmain.dll [996352 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {3D8E83D8-967E-44AC-8896-42CDEC763404} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser => {DDAFAEA2-8842-4E96-BADE-D44A8D676FDB} C:\Windows\System32\InstallServiceTasks.dll [231936 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {3E7650E7-DBA3-4B90-8D84-4232AE8A029F} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh => {711001CD-CC1D-4470-9B7E-1EF73849C79E} C:\WINDOWS\System32\MitigationConfiguration.dll [83968 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {3EBAF09A-814C-4FB9-9F00-8BB931BFE845} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\WINDOWS\system32\bcdboot.exe [231424 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {3EDEFF50-9764-429E-83A2-DD2189F7C753} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [308088 2020-02-12] (HP Inc. -> HP Inc.)
Task: {40378C7B-CE71-41E6-9B6F-EDE9D47789DE} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\WINDOWS\System32\edptask.dll [72192 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {416FBFEF-09C2-4D51-9358-72205B2F5ED3} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\WINDOWS\System32\edptask.dll [72192 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {417D2A3C-0AC4-4F5D-BF29-B0E233E5E9D3} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager => {DECA92E0-AF85-439E-9204-86679978DA08} C:\WINDOWS\System32\AppLockerCsp.dll [381952 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {41CA9CE0-97C5-41E7-8CA1-BE31A9724ED5} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh => {23C1F3CF-C110-4512-ACA9-7B6174ECE888} C:\WINDOWS\System32\DeviceSetupManagerAPI.dll [157696 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {41ECE088-56E2-4E26-96B6-53C6A032606B} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-661845806-1645133277-2052336375-1001 => {2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF} C:\Windows\System32\twinapi.dll [636416 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {436C6C42-4D43-42A9-8209-2666794A606F} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-20] (HP Inc. -> )
Task: {45CF73C8-9A94-47C5-8E45-347738A58FC5} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe [116224 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {4611D11D-8D71-42E5-A255-6C9F03CFD64A} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => {927EA2AF-1C54-43D5-825E-0074CE028EEE} C:\WINDOWS\System32\energytask.dll [26112 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {46DDFBEA-7B80-499F-8D16-8FB7836BEBDC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\WINDOWS\system32\usoclient.exe [69120 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {48A6E63F-B599-4F15-B0CF-4743E505F978} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [70144 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {48F207D2-23BE-4F26-A115-B05B486F6CA6} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates => {D5A04D91-6FE6-4FE4-A98A-FEB4500C5AF7} C:\Windows\System32\InstallServiceTasks.dll [231936 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {4A61BCE1-02FC-4F8D-AD7D-06CC80F2C130} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\WINDOWS\System32\edptask.dll [72192 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {4B79A419-F671-47D7-B001-888A456864AE} - System32\Tasks\Microsoft\Windows\Wininet\CacheTask => {0358B920-0AC7-461F-98F4-58E32CD89148} C:\WINDOWS\system32\wininet.dll [5040640 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {4D496758-CF92-424B-8FC7-E95278FD13F2} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask => {C844C79D-AED8-4DCE-AB25-4D359BED84F8} C:\WINDOWS\System32\WpcRefreshTask.dll [1040896 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {4DDF305C-E963-45BE-A8F0-DB2A76C9E03C} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\WINDOWS\System32\edptask.dll [72192 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [291328 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {52C1F2DA-58AA-494C-8D61-BFE8A0FC2285} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\WINDOWS\System32\edptask.dll [72192 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {55412461-F053-4583-A6BF-19F36DAAD46D} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates => {A558C6A5-B42B-4C98-B610-BF9559143139} C:\Windows\System32\InstallServiceTasks.dll [231936 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {5679B6F1-0B05-4230-872B-BB64877ABA76} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\WINDOWS\system32\defrag.exe [186880 2019-03-19] (Microsoft Corp.) [File not signed]
Task: {574B26F9-094B-45B5-895D-C171342ABE5D} - System32\Tasks\Microsoft\Windows\WDI\ResolutionHost => {900BE39D-6BE8-461A-BC4D-B0FA71F5ECB1} C:\WINDOWS\System32\wdi.dll [101888 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {58288CB7-4BC3-4408-B52F-202304CE9DCD} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [291328 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {5DAE8BC7-5533-4DA2-B1D7-744A5EBD6FC1} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\WINDOWS\System32\XblGameSaveTask.exe [32768 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {6099772D-A604-4768-AE38-C3B7ED2BBFEE} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation => {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE} C:\Windows\System32\LanguageComponentsInstaller.dll [179712 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {613A083C-17CD-47F4-AC35-96FC308E59CF} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync => {C662D912-E4D6-44A3-89A0-20550514951D} C:\Windows\System32\dsregtask.dll [23040 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {62F10519-A66D-4FBA-86BD-78D0ED32E65D} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\WINDOWS\system32\TpmTasks.dll [107520 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {641EC4E1-3857-4C7C-B363-15EE8CB31515} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization => {5C9AB547-345D-4175-9AF6-65133463A100} C:\Windows\System32\TieringEngineService.exe [316928 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {64BFE52D-B5D0-41D9-B3AF-EE6F0A81EC3C} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\WINDOWS\System32\WindowsActionDialog.exe [60928 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {65733B1D-D145-4770-90BC-BF3772E1FAD8} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) => {BF5CB148-7C77-4D8A-A53E-D81C70CF743C} C:\WINDOWS\system32\msdrm.dll [558592 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {66D2CBB0-974D-409B-9790-4A078497AB23} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask => {B9033E87-33CF-4D77-BC9B-895AFBBA72E4} C:\WINDOWS\System32\mapsupdatetask.dll [43520 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {68560DFD-FC67-4EF8-BAA4-7F72211F3FD5} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [218624 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {69900606-33B9-4502-A49E-9EE698C18CE6} - System32\Tasks\Microsoft\Windows\Maintenance\WinSAT => {A9A33436-678B-4C9C-A211-7CC38785E79D} C:\WINDOWS\system32\WinSATAPI.dll [372224 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {6BB72D11-596C-469A-A80D-59204414F0CA} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask => {A4173A49-F373-4475-9A0F-2D615204DC20} C:\WINDOWS\system32\SettingSyncCore.dll [1067008 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {6CD70278-3C30-4E8E-A585-8D9E5CAB415F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [291328 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe [594944 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {71BFB70C-91A5-41C9-B858-C9DACBEF4900} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\WINDOWS\System32\edptask.dll [72192 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {7201A3BE-547A-420C-97D1-423A0B921943} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe [594944 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {73CB9900-BD4D-4C69-9F68-6746AE3BB44B} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry => {F3A219C3-2698-4CBF-9C07-037EDB8E72E6} C:\Windows\System32\InstallServiceTasks.dll [231936 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {74439E6B-F3F1-4AF8-92CC-5C2C7DA4D7DF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-12] (Adobe Inc. -> Adobe)
Task: {74794F10-6049-4104-A2CD-E0A2C9F7784E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {77404A8B-9B99-492C-B008-E8E8327357AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [147832 2020-02-24] (HP Inc. -> HP Inc.)
Task: {798DB582-30ED-4D82-974F-12178BC4D55A} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\WINDOWS\system32\speech_onecore\common\SpeechModelDownload.exe [171008 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {7AADA666-6F65-426C-A00E-8ED54D8CB243} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\WINDOWS\system32\lpremove.exe [71680 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {7B8E7DDC-55AC-4E39-8C8E-5A4ACC71DDD4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {7FBDDC9A-D7DB-4F90-B8CE-4973E5018DF5} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\WINDOWS\system32\ngctasks.dll [270848 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {823F7188-5012-42FC-84D6-FA377D85C79C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateModelTask => C:\WINDOWS\system32\usoclient.exe [69120 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {837E86F3-A0E7-4C9B-AC88-BD09679A9750} - System32\Tasks\HPCeeScheduleForStu => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568 2015-06-16] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {8416EE05-DD04-4F1B-A79D-3B7BC9329101} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {894C4E69-300D-4AAE-A37A-B8E3DBDA563B} - System32\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService => {2DEA658F-54C1-4227-AF9B-260AB5FC3543} C:\WINDOWS\System32\PlaySndSrv.dll [88576 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {89E5BAD5-1130-4B37-BC13-4C062BCE5DA6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => C:\WINDOWS\system32\MusNotification.exe [594944 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {8CE419DE-4815-423C-8287-51CEF62C7937} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync => {B0D2B535-12E1-439F-86B3-BADA289510F0} C:\Windows\System32\WiFiCloudStore.dll [274432 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {8F8CC6BA-5AA5-49F4-A5AD-49AE3816F0FC} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\WINDOWS\system32\TpmTasks.dll [107520 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {8F8F5002-8ACA-43DD-A747-2F4CA7E36AF8} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\WINDOWS\System32\dsregcmd.exe [970240 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {8F8FCE34-AAFE-455C-AE66-F154F397E93D} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\WINDOWS\system32\directxdatabaseupdater.exe [261632 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {94C7344C-6979-41EC-B85B-18A45F2F5A7B} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance => {D44377B8-1F2F-4FAA-9C8E-6C4AD2928E47} C:\WINDOWS\system32\sysmain.dll [996352 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {95E92D5B-2F7D-4077-BEB8-72572BB8AE56} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {98928002-F6FB-4E47-B49A-D7AB7AA43ECD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {99F8855E-6B59-43EA-B38C-9033B396C776} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required => {48794782-6A1F-47B9-BD52-1D5F95D49C1B} C:\Windows\System32\pnpui.dll [41984 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {9CB9760E-A5CF-40B2-AA8B-66B3D69315E7} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\WINDOWS\system32\ProvTool.exe [83456 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {9E42E54A-6BB4-4F7E-892C-2C5183F55B20} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\WINDOWS\system32\eduprintprov.exe [97280 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {A1A4F90B-9598-45B7-85D2-AE21B341085D} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents => {8168E74A-B39F-46D8-ADCD-7BED477B80A3} C:\WINDOWS\System32\MemoryDiagnostic.dll [32768 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {A439D45B-0FFB-403B-B821-D46A63543BB8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [291328 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {A6432082-89BD-434D-9C61-D7FE6D91CCB9} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\WINDOWS\System32\sppcext.dll [530432 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {A806A8FA-C7FE-4770-BFDF-90F6A40E3DEF} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [291328 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {A8C2685A-59ED-4E60-9D55-45258DC3BE15} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management => {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1} C:\WINDOWS\system32\WofTasks.dll [29696 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {A8E26236-4D4B-46F7-AAF3-75902A32BB15} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [291328 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {AF100BA5-607D-4F0E-85E5-C41ACAB20656} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-12] (Adobe Inc. -> Adobe)
Task: {AFEDA958-2E8D-446F-AF75-73FE5A229E67} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) => {89917B7C-A1A6-11DF-8BF6-18A90531A85A} C:\WINDOWS\System32\fhtask.dll [59392 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {B05E530A-D6A6-4801-B550-DDF276CBB5EA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe [594944 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {B241FCBE-C6B6-4F12-9A5C-DD58A9D6CE18} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [291328 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6 => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [291328 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {B54A4AF8-4B81-482A-A3B6-3D2E479F5A6C} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\WINDOWS\system32\tzsync.exe [62464 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {B75AF762-3C5C-4C74-ADB1-B99F98FDE0E5} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\WINDOWS\system32\dimsjob.dll [43520 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {B8F0DEC7-8392-4F57-9990-74FCB934033F} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [501760 2019-03-19] () [File not signed]
Task: {B9DEA4B4-D368-4752-B489-8BD90A5CF56B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Universal Orchestrator Start => C:\WINDOWS\system32\usoclient.exe [69120 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {BAA487E1-378C-45A5-B980-69A7EB04C773} - System32\Tasks\Microsoft\Windows\Task Manager\Interactive => {855FEC53-D2E4-4999-9E87-3414E9CF0FF4} C:\WINDOWS\system32\wdc.dll [712192 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {BB5C9F82-7A27-4979-82BD-45739449A876} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\WINDOWS\system32\disksnapshot.exe [92160 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {BC927B45-3B28-42C1-A010-9332469BF93A} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\WINDOWS\system32\appidpolicyconverter.exe [158720 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {BEF19949-EFA3-412C-8B8E-BC3B749C325D} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange => {77646A68-AD14-4D53-897D-7BE4DDE5F929} C:\Windows\System32\TempSignedLicenseExchangeTask.dll [73728 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {C0B065A7-75E9-4CF8-B9D3-54E630EA447A} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance => {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} C:\WINDOWS\System32\srchadmin.dll [207872 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {C1DC52D1-949D-4DE7-BD2F-FF91C6A0C4BF} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\WINDOWS\system32\srtasks.exe [57856 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {C391351C-0F98-447E-B3F3-F932910C72FD} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\WINDOWS\system32\dmclient.exe [120320 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [291328 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {C7BEACF3-363F-42F9-A68C-203392B534AA} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask => {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} C:\WINDOWS\system32\SettingSyncCore.dll [1067008 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {C7FCDE46-F8B6-4BB7-AA32-DFF92C6B74DC} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\WINDOWS\System32\LocationNotificationWindows.exe [67584 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {C839CDAC-DF3D-4246-BE87-8BE6864A9971} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\WINDOWS\system32\SpaceAgent.exe [137728 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {C8F53FB3-C0B9-490A-B0F8-2AEA7BAE8561} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation => {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1} C:\WINDOWS\system32\WofTasks.dll [29696 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [291328 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {D5B824C4-9644-4CEF-B078-1F067E7B3BF3} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {D6B6B3B0-5971-46A3-932B-CEAD3576353C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan Static Task => C:\WINDOWS\system32\usoclient.exe [69120 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {D7603DFD-C214-4EA9-AED2-7A9EF224A164} - System32\Tasks\Microsoft\Windows\Diagnosis\Scheduled => {C1F85EF8-BCC2-4606-BB39-70C523715EB3} C:\WINDOWS\System32\sdiagschd.dll [52224 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {D838E882-FEE4-4C1F-B148-90A12DFCC669} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\WINDOWS\System32\sppcext.dll [530432 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {D94FEF2B-3F87-4A05-A24E-6C9B1C55C893} - System32\Tasks\{3C0648E2-AD1A-42E9-94AF-912A6ABD9E53} => C:\windows\system32\pcalua.exe -a C:\Users\Stu\Downloads\SMS2003-SP3-KB937882-X86-ENU.exe -d C:\Users\Stu\Downloads
Task: {DAE12BEE-AF8C-4826-8A2D-E22471168A4D} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\WINDOWS\system32\AppHostRegistrationVerifier.exe [119296 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {DF19AD3D-04B7-4EDB-B94D-9F8CFCEF7130} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DF8ABE54-47C9-4567-8DD0-36F92A2CC529} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates => {0DC331EE-8438-49D5-A721-E10B937CE459} C:\Windows\System32\InstallServiceTasks.dll [231936 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {E111FDD3-A31D-4D38-BE46-5F67648FD91C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E215B699-95A9-44CD-A30F-ECEEDA4BFAE6} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\WINDOWS\system32\dmclient.exe [120320 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {E3B39738-8142-42CA-92C6-FF8A39F1B38F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E4AEB720-7F18-419F-A20E-6E0B5C4ED968} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [291328 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {E609D366-10F0-4EC1-96C8-1F8161C673C5} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\WINDOWS\system32\MDMAgent.exe [113664 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {E64A5573-068A-4407-B77E-9BBAB77D396A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-20] (Google LLC -> Google LLC)
Task: {E9584198-7911-470F-A652-045B6281107C} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\WINDOWS\system32\cleanmgr.exe [71168 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {E9A46D73-1D61-4419-90FD-B0B371A44777} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [291328 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {EA814992-5134-4103-96EC-7B52403B2906} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\WINDOWS\System32\drvinst.exe [173056 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {EDBDB6CB-814E-4646-938E-ABC65706505A} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\WINDOWS\system32\ngctasks.dll [270848 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {EFAB0670-5690-4709-9131-565A99AE53D6} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate => {17C82257-654E-4C47-8E23-DCA24EAA76A0} C:\WINDOWS\system32\sysmain.dll [996352 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {F02B389F-2CC0-47DE-B0A6-F99BA3FCC5F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\WINDOWS\System32\sppcext.dll [530432 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {F049B94A-D1C4-4BF3-94D4-4E7C5B75FB53} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NOUACCHECK
Task: {F06683BC-B272-42F2-A7ED-D41A4491FEFD} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) => {CF2CF428-325B-48D3-8CA8-7633E36E5A32} C:\WINDOWS\system32\msdrm.dll [558592 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {F2E8AA59-252D-4EA4-AF79-32DB90AB50D6} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\WINDOWS\System32\XblGameSaveTask.exe [32768 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {F369958F-78A7-4AF3-9208-D840060ECE2F} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense => {AB2A519B-03B0-43CE-940A-A73DF850B49A} C:\WINDOWS\system32\StorageUsage.dll [130560 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {F380C283-F2BA-4E42-95DB-2BC0C6CFFF86} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic => {8168E74A-B39F-46D8-ADCD-7BED477B80A3} C:\WINDOWS\System32\MemoryDiagnostic.dll [32768 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {F71BF14A-F1A9-4341-B2BD-03245185E2A2} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\WINDOWS\system32\TpmTasks.dll [107520 2019-08-10] (Microsoft Corporation) [File not signed]
Task: {F983E937-6426-4EB2-BBC3-9E94E3752925} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask => {9885AEF2-BD9F-41E0-B15E-B3141395E803} C:\WINDOWS\System32\mapstoasttask.dll [53760 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {FA103B2E-5EB2-499F-9443-9765F29C7B5B} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation => {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE} C:\Windows\System32\LanguageComponentsInstaller.dll [179712 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {FD261B7D-CF4B-4CFD-BA92-42D7565A51D6} - System32\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor => {01575CFE-9A55-4003-A5E1-F38D1EBDCBE1} C:\WINDOWS\system32\MsCtfMonitor.dll [89600 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {FD99B9AA-26F4-41C8-A511-227192E65CF5} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [291328 2019-03-19] (Microsoft Corporation) [File not signed]
Task: {FDA96527-ABF5-4489-AB67-2585F56ECACC} - System32\Tasks\User_Feed_Synchronization-{C952A4EE-33CF-4DEA-A987-A660654DAA6B} => C:\windows\system32\msfeedssync.exe [15360 2019-03-19] (Microsoft Corporation) [File not signed]
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForStu.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784 2019-03-19] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656 2019-03-19] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656 2019-03-19] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 05 C:\WINDOWS\SysWOW64\winrnr.dll [23552 2019-03-19] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 06 C:\WINDOWS\SysWOW64\NLAapi.dll [70144 2019-03-19] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [50688 2019-03-19] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 01 C:\Windows\system32\napinsp.dll [68096 2019-03-19] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 02 C:\Windows\system32\pnrpnsp.dll [86528 2019-03-19] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [86528 2019-03-19] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 05 C:\Windows\System32\winrnr.dll [31232 2019-03-19] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 06 C:\Windows\system32\NLAapi.dll [93184 2019-08-15] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 07 C:\Windows\system32\wshbth.dll [64000 2019-03-19] (Microsoft Corporation) [File not signed]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3f8c0f03-6da7-44c7-b472-1acf1dec48f3}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{3f8c0f03-6da7-44c7-b472-1acf1dec48f3}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.jp.msn.com/HPALL14/115
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL14/115
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.jp.msn.com/HPALL14/115
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL14/115
HKU\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.co.nz/
HKU\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL14/115
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2018-09-08] (Logitech Inc -> Logitech, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: No Name -> {243B17DE-77C7-46BF-B94B-0B5F309A0E64} -> C:\Program Files (x86)\Microsoft Money\System\mnyside.dll [2002-07-17] (Microsoft Corporation) [File not signed]
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-04-05] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [File not signed]
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2018-09-08] (Logitech Inc -> Logitech, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2019-08-15] (Microsoft Corporation) [File not signed]
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2019-08-15] (Microsoft Corporation) [File not signed]
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll [2019-03-19] (Microsoft Corporation) [File not signed]
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll [2019-03-19] (Microsoft Corporation) [File not signed]
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2019-03-19] (Microsoft Corporation) [File not signed]
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2019-03-19] (Microsoft Corporation) [File not signed]
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2019-08-15] (Microsoft Corporation) [File not signed]
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2019-08-15] (Microsoft Corporation) [File not signed]
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2019-08-15] (Microsoft Corporation) [File not signed]
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2019-08-15] (Microsoft Corporation) [File not signed]
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll [2019-03-19] (Microsoft Corporation) [File not signed]
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2019-03-19] (Microsoft Corporation) [File not signed]
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2019-03-19] (Microsoft Corporation) [File not signed]
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2019-03-19] (Microsoft Corporation) [File not signed]
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2019-08-15] (Microsoft Corporation) [File not signed]
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2019-08-15] (Microsoft Corporation) [File not signed]
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler-x32: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll [2019-03-19] (Microsoft Corporation) [File not signed]
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll [2019-03-19] (Microsoft Corporation) [File not signed]
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2019-08-15] (Microsoft Corporation) [File not signed]
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2019-08-15] (Microsoft Corporation) [File not signed]
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2019-08-10] (Microsoft Corporation) [File not signed]
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2019-03-19] (Microsoft Corporation) [File not signed]
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2019-03-19] (Microsoft Corporation) [File not signed]
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2019-03-19] (Microsoft Corporation) [File not signed]
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2019-03-19] (Microsoft Corporation) [File not signed]
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2019-03-19] (Microsoft Corporation) [File not signed]
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2019-03-19] (Microsoft Corporation) [File not signed]
 
FireFox:
========
FF DefaultProfile: 82nzxn02.default-1499469182469
FF ProfilePath: C:\Users\Stu\AppData\Roaming\Mozilla\Firefox\Profiles\82nzxn02.default-1499469182469 [2020-03-25]
FF Homepage: Mozilla\Firefox\Profiles\82nzxn02.default-1499469182469 -> hxxps://www.trademe.co.nz/MyTradeMe/Default.aspx
FF Extension: (Logitech SetPoint) - C:\Users\Stu\AppData\Roaming\Mozilla\Firefox\Profiles\82nzxn02.default-1499469182469\Extensions\{84380428-8c9d-4bdf-913d-b2c34d6562d9}.xpi [2019-01-31]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2019-01-31] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-12] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-12] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] (WildTangent Inc -> )
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default [2020-03-30]
CHR Extension: (Slides) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-23]
CHR Extension: (Docs) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-23]
CHR Extension: (Google Drive) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-23]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2019-01-31]
CHR Extension: (Sheets) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-23]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2020-01-26]
CHR Extension: (Google Docs Offline) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
CHR Profile: C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-03-23]
CHR Profile: C:\Users\Stu\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-23]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AarSvc; C:\WINDOWS\System32\AarSvc.dll [184320 2019-08-10] (Microsoft Corporation) [File not signed]
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-09-16] (Advanced Micro Devices, Inc. -> )
S3 AJRouter; C:\WINDOWS\System32\AJRouter.dll [25088 2019-03-19] (Microsoft Corporation) [File not signed]
S3 ALG; C:\WINDOWS\System32\alg.exe [94720 2019-03-19] (Microsoft Corporation) [File not signed]
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [304536 2017-01-10] (Advanced Micro Devices, Inc. -> AMD)
R2 AppHostSvc; C:\WINDOWS\system32\inetsrv\apphostsvc.dll [70144 2019-03-19] (Microsoft Corporation) [File not signed]
R2 AppHostSvc; C:\WINDOWS\SysWOW64\inetsrv\apphostsvc.dll [59904 2019-03-19] (Microsoft Corporation) [File not signed]
S3 AppIDSvc; C:\WINDOWS\System32\appidsvc.dll [102912 2019-03-19] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\WINDOWS\System32\appinfo.dll [160256 2019-03-19] (Microsoft Corporation) [File not signed]
S3 AppReadiness; C:\WINDOWS\system32\AppReadiness.dll [683008 2019-03-19] (Microsoft Corporation) [File not signed]
R3 AppXSvc; C:\WINDOWS\system32\appxdeploymentserver.dll [3698176 2019-08-15] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\WINDOWS\System32\AudioEndpointBuilder.dll [735232 2019-08-10] (Microsoft Corporation) [File not signed]
R2 Audiosrv; C:\WINDOWS\System32\Audiosrv.dll [1942528 2019-08-10] (Microsoft Corporation) [File not signed]
S3 autotimesvc; C:\WINDOWS\System32\autotimesvc.dll [116224 2019-03-19] (Microsoft Corporation) [File not signed]
S3 AxInstSV; C:\WINDOWS\System32\AxInstSV.dll [110592 2019-03-19] (Microsoft Corporation) [File not signed]
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1392640 2019-03-19] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\WINDOWS\System32\bdesvc.dll [491520 2019-08-10] (Microsoft Corporation) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-08-14] (BattlEye Innovations e.K. -> )
R2 BFE; C:\WINDOWS\System32\bfe.dll [878080 2019-08-10] (Microsoft Corporation) [File not signed]
R2 BITS; C:\WINDOWS\System32\qmgr.dll [1581056 2019-08-10] (Microsoft Corporation) [File not signed]
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [532992 2019-08-10] (Microsoft Corporation) [File not signed]
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [236544 2019-08-15] (Microsoft Corporation) [File not signed]
R3 Browser; C:\WINDOWS\System32\browser.dll [134656 2019-03-19] (Microsoft Corporation) [File not signed]
R3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [1062912 2019-08-10] (Microsoft Corporation) [File not signed]
R3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [382976 2019-03-19] (Microsoft Corporation) [File not signed]
R3 bthserv; C:\WINDOWS\system32\bthserv.dll [223744 2019-03-19] (Microsoft Corporation) [File not signed]
R3 camsvc; C:\WINDOWS\system32\CapabilityAccessManager.dll [344576 2019-08-10] (Microsoft Corporation) [File not signed]
S3 CaptureService; C:\WINDOWS\System32\CaptureService.dll [128000 2019-03-19] (Microsoft Corporation) [File not signed]
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [1124864 2019-08-10] (Microsoft Corporation) [File not signed]
R2 CDPSvc; C:\WINDOWS\System32\CDPSvc.dll [644096 2019-08-10] (Microsoft Corporation) [File not signed]
S2 CDPUserSvc; C:\WINDOWS\System32\CDPUserSvc.dll [524800 2019-03-19] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:\WINDOWS\System32\certprop.dll [192512 2019-03-19] (Microsoft Corporation) [File not signed]
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [177152 2019-03-19] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\WINDOWS\system32\cryptsvc.dll [96256 2019-03-19] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [1259008 2019-08-15] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\WINDOWS\System32\defragsvc.dll [494080 2019-03-19] (Microsoft Corporation) [File not signed]
R2 DeviceAssociationService; C:\WINDOWS\system32\das.dll [482816 2019-03-19] (Microsoft Corporation) [File not signed]
S3 DeviceInstall; C:\WINDOWS\system32\umpnpmgr.dll [126976 2019-03-19] (Microsoft Corporation) [File not signed]
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [465920 2019-03-19] (Microsoft Corporation) [File not signed]
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [338432 2019-03-19] (Microsoft Corporation) [File not signed]
S3 DevicesFlowUserSvc; C:\WINDOWS\System32\DevicesFlowBroker.dll [749056 2019-03-19] (Microsoft Corporation) [File not signed]
S3 DevQueryBroker; C:\WINDOWS\system32\DevQueryBroker.dll [34304 2019-03-19] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\WINDOWS\system32\dhcpcore.dll [388096 2019-08-10] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\WINDOWS\SysWOW64\dhcpcore.dll [321024 2019-08-10] (Microsoft Corporation) [File not signed]
S3 diagnosticshub.standardcollector.service; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [97792 2019-08-10] (Microsoft Corporation) [File not signed]
S3 diagsvc; C:\WINDOWS\system32\DiagSvc.dll [212992 2019-03-19] (Microsoft Corporation) [File not signed]
R2 DiagTrack; C:\WINDOWS\system32\diagtrack.dll [3771392 2019-08-10] (Microsoft Corporation) [File not signed]
R2 DispBrokerDesktopSvc; C:\WINDOWS\System32\DispBroker.Desktop.dll [404992 2019-08-10] (Microsoft Corporation) [File not signed]
S3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [1171968 2019-08-10] (Microsoft Corporation) [File not signed]
S3 DmEnrollmentSvc; C:\WINDOWS\system32\Windows.Internal.Management.dll [919040 2019-08-10] (Microsoft Corporation) [File not signed]
S3 DmEnrollmentSvc; C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll [645632 2019-08-10] (Microsoft Corporation) [File not signed]
S3 dmwappushservice; C:\WINDOWS\system32\dmwappushsvc.dll [58368 2019-03-19] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [350208 2019-08-10] (Microsoft Corporation) [File not signed]
R2 DoSvc; C:\WINDOWS\system32\dosvc.dll [1602048 2019-03-19] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\WINDOWS\System32\dot3svc.dll [268288 2019-08-10] (Microsoft Corporation) [File not signed]
R2 DPS; C:\WINDOWS\system32\dps.dll [169984 2019-03-19] (Microsoft Corporation) [File not signed]
S3 DsmSvc; C:\WINDOWS\System32\DeviceSetupManager.dll [265728 2019-03-19] (Microsoft Corporation) [File not signed]
S3 DsSvc; C:\WINDOWS\System32\DsSvc.dll [151040 2019-08-10] (Microsoft Corporation) [File not signed]
R2 DusmSvc; C:\WINDOWS\System32\dusmsvc.dll [358912 2019-03-19] (Microsoft Corporation) [File not signed]
S3 Eaphost; C:\WINDOWS\System32\eapsvc.dll [110080 2019-03-19] (Microsoft Corporation) [File not signed]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EFS; C:\WINDOWS\system32\efssvc.dll [79872 2019-03-19] (Microsoft Corporation) [File not signed]
S3 embeddedmode; C:\WINDOWS\System32\embeddedmodesvc.dll [172032 2019-03-19] (Microsoft Corporation) [File not signed]
S3 EntAppSvc; C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll [521728 2019-03-19] (Microsoft Corporation) [File not signed]
R2 EventLog; C:\WINDOWS\System32\wevtsvc.dll [1918976 2019-08-10] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\WINDOWS\system32\es.dll [401408 2019-03-19] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\WINDOWS\SysWOW64\es.dll [336384 2019-03-19] (Microsoft Corporation) [File not signed]
S3 Fax; C:\WINDOWS\system32\fxssvc.exe [636416 2019-03-19] (Microsoft Corporation) [File not signed]
R3 fdPHost; C:\WINDOWS\system32\fdPHost.dll [21504 2019-03-19] (Microsoft Corporation) [File not signed]
R3 FDResPub; C:\WINDOWS\system32\fdrespub.dll [35328 2019-03-19] (Microsoft Corporation) [File not signed]
S3 fhsvc; C:\WINDOWS\system32\fhsvc.dll [120832 2019-03-19] (Microsoft Corporation) [File not signed]
R2 FontCache; C:\WINDOWS\system32\FntCache.dll [1884672 2019-08-10] (Microsoft Corporation) [File not signed]
S3 FrameServer; C:\WINDOWS\system32\FrameServer.dll [743424 2019-08-10] (Microsoft Corporation) [File not signed]
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [226240 2015-06-16] (FabulaTech -> )
R2 ftscanmgr; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe [6363792 2015-07-31] (FabulaTech -> )
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-25] (WildTangent Inc -> WildTangent)
R2 gpsvc; C:\WINDOWS\System32\gpsvc.dll [1255936 2019-03-19] (Microsoft Corporation) [File not signed]
S3 GraphicsPerfSvc; C:\WINDOWS\System32\GraphicsPerfSvc.dll [97792 2019-03-19] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\WINDOWS\system32\hidserv.dll [34816 2019-03-19] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\WINDOWS\SysWOW64\hidserv.dll [29696 2019-03-19] (Microsoft Corporation) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [361848 2019-12-06] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
S3 icssvc; C:\WINDOWS\System32\tetheringservice.dll [235008 2019-03-19] (Microsoft Corporation) [File not signed]
R2 IKEEXT; C:\WINDOWS\System32\ikeext.dll [1042944 2019-08-10] (Microsoft Corporation) [File not signed]
R3 InstallService; C:\WINDOWS\system32\InstallService.dll [2448384 2019-08-10] (Microsoft Corporation) [File not signed]
R3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1724928 2019-08-10] (Microsoft Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel® Corporation)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 iphlpsvc; C:\WINDOWS\System32\iphlpsvc.dll [830976 2019-08-15] (Microsoft Corporation) [File not signed]
S3 IpxlatCfgSvc; C:\WINDOWS\System32\IpxlatCfg.dll [64512 2019-03-19] (Microsoft Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 KeyIso; C:\WINDOWS\system32\keyiso.dll [90624 2019-03-19] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\WINDOWS\SysWOW64\keyiso.dll [66560 2019-03-19] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\WINDOWS\system32\msdtckrm.dll [372224 2019-03-19] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\WINDOWS\system32\srvsvc.dll [280064 2019-03-19] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\WINDOWS\System32\wkssvc.dll [292352 2019-08-10] (Microsoft Corporation) [File not signed]
S3 lfsvc; C:\WINDOWS\System32\lfsvc.dll [47104 2019-03-19] (Microsoft Corporation) [File not signed]
S3 LicenseManager; C:\WINDOWS\system32\LicenseManagerSvc.dll [50176 2019-03-19] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\WINDOWS\System32\lltdsvc.dll [265728 2019-03-19] (Microsoft Corporation) [File not signed]
R3 lmhosts; C:\WINDOWS\System32\lmhsvc.dll [27136 2019-03-19] (Microsoft Corporation) [File not signed]
R2 LSM; C:\WINDOWS\System32\lsm.dll [676864 2019-03-19] (Microsoft Corporation) [File not signed]
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [317952 2019-03-19] (Microsoft Corporation) [File not signed]
S2 MapsBroker; C:\WINDOWS\System32\moshost.dll [92160 2019-03-19] (Microsoft Corporation) [File not signed]
S3 MessagingService; C:\WINDOWS\System32\MessagingService.dll [88064 2019-03-19] (Microsoft Corporation) [File not signed]
R2 mpssvc; C:\WINDOWS\system32\mpssvc.dll [1062912 2019-08-10] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [148480 2019-03-19] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\WINDOWS\system32\iscsiexe.dll [151040 2019-03-19] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\WINDOWS\system32\msiexec.exe /V [67072 2019-03-19] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe /V [59904 2019-03-19] (Microsoft Corporation) [File not signed]
S3 NaturalAuthentication; C:\WINDOWS\System32\NaturalAuth.dll [831488 2019-03-19] (Microsoft Corporation) [File not signed]
S3 NcaSvc; C:\WINDOWS\System32\ncasvc.dll [170496 2019-03-19] (Microsoft Corporation) [File not signed]
R3 NcbService; C:\WINDOWS\System32\ncbservice.dll [374784 2019-03-19] (Microsoft Corporation) [File not signed]
R3 NcdAutoSetup; C:\WINDOWS\System32\NcdAutoSetup.dll [89600 2019-03-19] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\WINDOWS\system32\netlogon.dll [864256 2019-08-10] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\WINDOWS\SysWOW64\netlogon.dll [663552 2019-08-10] (Microsoft Corporation) [File not signed]
S3 Netman; C:\WINDOWS\System32\netman.dll [262144 2019-03-19] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\WINDOWS\System32\netprofmsvc.dll [610816 2019-08-10] (Microsoft Corporation) [File not signed]
S3 NetSetupSvc; C:\WINDOWS\System32\NetSetupSvc.dll [336896 2019-03-19] (Microsoft Corporation) [File not signed]
R3 NgcCtnrSvc; C:\WINDOWS\System32\NgcCtnrSvc.dll [810496 2019-08-10] (Microsoft Corporation) [File not signed]
S3 NgcSvc; C:\WINDOWS\system32\ngcsvc.dll [957952 2019-08-10] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\WINDOWS\System32\nlasvc.dll [382976 2019-08-15] (Microsoft Corporation) [File not signed]
R2 nsi; C:\WINDOWS\system32\nsisvc.dll [30720 2019-03-19] (Microsoft Corporation) [File not signed]
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-29] (Softex Inc.) [File not signed]
S2 OneSyncSvc; C:\WINDOWS\System32\APHostService.dll [351744 2019-03-19] (Microsoft Corporation) [File not signed]
S3 p2pimsvc; C:\WINDOWS\system32\pnrpsvc.dll [353280 2019-08-15] (Microsoft Corporation) [File not signed]
S3 p2psvc; C:\WINDOWS\system32\p2psvc.dll [428544 2019-08-15] (Microsoft Corporation) [File not signed]
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [103424 2019-03-19] (Microsoft Corporation) [File not signed]
S3 PerfHost; C:\WINDOWS\SysWow64\perfhost.exe [21504 2019-03-19] (Microsoft Corporation) [File not signed]
S3 PhoneSvc; C:\WINDOWS\System32\PhoneService.dll [943616 2019-03-19] (Microsoft Corporation) [File not signed]
S3 PimIndexMaintenanceSvc; C:\WINDOWS\System32\PimIndexMaintenance.dll [190464 2019-03-19] (Microsoft Corporation) [File not signed]
S3 pla; C:\WINDOWS\system32\pla.dll [1474048 2019-03-19] (Microsoft Corporation) [File not signed]
S3 pla; C:\WINDOWS\SysWOW64\pla.dll [1533440 2019-03-19] (Microsoft Corporation) [File not signed]
R3 PlugPlay; C:\WINDOWS\system32\umpnpmgr.dll [126976 2019-03-19] (Microsoft Corporation) [File not signed]
S3 PNRPAutoReg; C:\WINDOWS\system32\pnrpauto.dll [27136 2019-03-19] (Microsoft Corporation) [File not signed]
S3 PNRPsvc; C:\WINDOWS\system32\pnrpsvc.dll [353280 2019-08-15] (Microsoft Corporation) [File not signed]
S3 PolicyAgent; C:\WINDOWS\System32\ipsecsvc.dll [447488 2019-03-19] (Microsoft Corporation) [File not signed]
R2 Power; C:\WINDOWS\system32\umpo.dll [155136 2019-03-19] (Microsoft Corporation) [File not signed]
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [3548672 2019-08-10] (Microsoft Corporation) [File not signed]
S3 PrintWorkflowUserSvc; C:\WINDOWS\System32\PrintWorkflowService.dll [178688 2019-03-19] (Microsoft Corporation) [File not signed]
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [141312 2019-03-19] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\WINDOWS\system32\profsvc.dll [491520 2019-03-19] (Microsoft Corporation) [File not signed]
R3 PushToInstall; C:\WINDOWS\system32\PushToInstall.dll [269824 2019-03-19] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\WINDOWS\system32\qwave.dll [288768 2019-03-19] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\WINDOWS\SysWOW64\qwave.dll [227328 2019-03-19] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [104448 2019-03-19] (Microsoft Corporation) [File not signed]
R2 RasMan; C:\WINDOWS\System32\rasmans.dll [913408 2019-08-10] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [500224 2019-03-19] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\WINDOWS\SysWOW64\mprdim.dll [403456 2019-03-19] (Microsoft Corporation) [File not signed]
S4 RemoteRegistry; C:\WINDOWS\system32\regsvc.dll [160768 2019-03-19] (Microsoft Corporation) [File not signed]
S3 RetailDemo; C:\WINDOWS\system32\RDXService.dll [740352 2019-08-10] (Microsoft Corporation) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-15] (CyberLink Corp. -> )
S3 RmSvc; C:\WINDOWS\System32\RMapi.dll [156672 2019-03-19] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\WINDOWS\System32\RpcEpMap.dll [80384 2019-03-19] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [11264 2019-03-19] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [1259008 2019-08-15] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\WINDOWS\System32\SCardSvr.dll [263680 2019-03-19] (Microsoft Corporation) [File not signed]
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [200192 2019-03-19] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [858112 2019-08-10] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\WINDOWS\System32\certprop.dll [192512 2019-03-19] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\WINDOWS\System32\SDRSVC.dll [148480 2019-03-19] (Microsoft Corporation) [File not signed]
S3 seclogon; C:\WINDOWS\system32\seclogon.dll [31232 2019-03-19] (Microsoft Corporation) [File not signed]
S3 SEMgrSvc; C:\WINDOWS\system32\SEMgrSvc.dll [1270784 2019-03-19] (Microsoft Corporation) [File not signed]
R2 SENS; C:\WINDOWS\System32\sens.dll [73728 2019-03-19] (Microsoft Corporation) [File not signed]
S3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1264128 2019-03-19] (Microsoft Corporation) [File not signed]
S3 SensorService; C:\WINDOWS\system32\SensorService.dll [487424 2019-03-19] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\WINDOWS\system32\sensrsvc.dll [176640 2019-03-19] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\WINDOWS\system32\sessenv.dll [479232 2019-03-19] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\WINDOWS\SysWOW64\sessenv.dll [413184 2019-03-19] (Microsoft Corporation) [File not signed]
S3 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [629760 2019-03-19] (Microsoft Corporation) [File not signed]
S3 SharedRealitySvc; C:\WINDOWS\System32\SharedRealitySvc.dll [472576 2019-08-10] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [252928 2019-03-19] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\WINDOWS\SysWOW64\shsvcs.dll [197120 2019-03-19] (Microsoft Corporation) [File not signed]
S4 shpamsvc; C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll [239104 2019-03-19] (Microsoft Corporation) [File not signed]
S3 SmsRouter; C:\WINDOWS\system32\SmsRouterSvc.dll [599552 2019-03-19] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [15872 2019-03-19] (Microsoft Corporation) [File not signed]
S3 spectrum; C:\WINDOWS\system32\spectrum.exe [986112 2019-08-10] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [765440 2019-08-10] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [240128 2019-08-15] (Microsoft Corporation) [File not signed]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2019-03-19] () [File not signed]
R3 SstpSvc; C:\WINDOWS\system32\sstpsvc.dll [206336 2019-03-19] (Microsoft Corporation) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-05] (IDT, Inc.) [File not signed]
R2 stisvc; C:\WINDOWS\System32\wiaservc.dll [669696 2019-03-19] (Microsoft Corporation) [File not signed]
R3 StorSvc; C:\WINDOWS\system32\storsvc.dll [1007104 2019-08-10] (Microsoft Corporation) [File not signed]
S3 svsvc; C:\WINDOWS\system32\svsvc.dll [13824 2019-03-19] (Microsoft Corporation) [File not signed]
R3 swprv; C:\WINDOWS\System32\swprv.dll [456704 2019-03-19] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\WINDOWS\system32\sysmain.dll [996352 2019-08-10] (Microsoft Corporation) [File not signed]
R2 SystemEventsBroker; C:\WINDOWS\System32\SystemEventsBrokerServer.dll [275456 2019-03-19] (Microsoft Corporation) [File not signed]
R3 TabletInputService; C:\WINDOWS\System32\TabSvc.dll [223232 2019-03-19] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [309248 2019-03-19] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\WINDOWS\SysWOW64\tapisrv.dll [252416 2019-03-19] (Microsoft Corporation) [File not signed]
S3 TermService; C:\WINDOWS\System32\termsrv.dll [1060352 2019-08-10] (Microsoft Corporation) [File not signed]
R2 Themes; C:\WINDOWS\system32\themeservice.dll [67072 2019-03-19] (Microsoft Corporation) [File not signed]
S3 TieringEngineService; C:\WINDOWS\system32\TieringEngineService.exe [316928 2019-03-19] (Microsoft Corporation) [File not signed]
R3 TimeBrokerSvc; C:\WINDOWS\System32\TimeBrokerServer.dll [172032 2019-03-19] (Microsoft Corporation) [File not signed]
R3 TokenBroker; C:\WINDOWS\System32\TokenBroker.dll [1497088 2019-08-10] (Microsoft Corporation) [File not signed]
R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1244672 2019-08-10] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\WINDOWS\System32\trkwks.dll [112128 2019-03-19] (Microsoft Corporation) [File not signed]
S3 TroubleshootingSvc; C:\WINDOWS\system32\MitigationClient.dll [394752 2019-03-19] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\WINDOWS\servicing\TrustedInstaller.exe [143360 2019-03-19] (Microsoft Corporation) [File not signed]
S4 tzautoupdate; C:\WINDOWS\system32\tzautoupdate.dll [96768 2019-08-10] (Microsoft Corporation) [File not signed]
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72704 2019-08-10] (Microsoft Corporation) [File not signed]
S3 UmRdpService; C:\WINDOWS\System32\umrdp.dll [421888 2019-03-19] (Microsoft Corporation) [File not signed]
S3 UnistoreSvc; C:\WINDOWS\System32\unistore.dll [1146880 2019-08-15] (Microsoft Corporation) [File not signed]
S3 UnistoreSvc; C:\WINDOWS\SysWOW64\unistore.dll [947200 2019-08-15] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\WINDOWS\System32\upnphost.dll [454144 2019-03-19] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\WINDOWS\SysWOW64\upnphost.dll [327168 2019-03-19] (Microsoft Corporation) [File not signed]
S3 UserDataSvc; C:\WINDOWS\System32\userdataservice.dll [1536512 2019-03-19] (Microsoft Corporation) [File not signed]
R2 UserManager; C:\WINDOWS\System32\usermgr.dll [1282048 2019-03-19] (Microsoft Corporation) [File not signed]
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [516608 2019-08-10] (Microsoft Corporation) [File not signed]
R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [360448 2019-03-19] (Microsoft Corporation) [File not signed]
S3 vds; C:\WINDOWS\System32\vds.exe [640512 2019-08-10] (Microsoft Corporation) [File not signed]
S3 vmicrdv; C:\WINDOWS\System32\icsvcext.dll [311808 2019-03-19] (Microsoft Corporation) [File not signed]
S3 vmicvss; C:\WINDOWS\System32\icsvcext.dll [311808 2019-03-19] (Microsoft Corporation) [File not signed]
R2 vmware-view-usbd; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [1156824 2015-10-13] (VMware, Inc. -> VMware, Inc.)
R2 vmwsprrdpwks; C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [261776 2015-05-08] (FabulaTech -> VMware)
R3 VSS; C:\WINDOWS\system32\vssvc.exe [1446400 2019-03-19] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\WINDOWS\system32\w32time.dll [495616 2019-03-19] (Microsoft Corporation) [File not signed]
S3 w3logsvc; C:\WINDOWS\system32\inetsrv\w3logsvc.dll [91136 2019-03-19] (Microsoft Corporation) [File not signed]
S3 w3logsvc; C:\WINDOWS\SysWOW64\inetsrv\w3logsvc.dll [76288 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [349184 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WalletService; C:\WINDOWS\system32\WalletService.dll [430592 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WarpJITSvc; C:\WINDOWS\System32\Windows.WARP.JITService.dll [61952 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WAS; C:\WINDOWS\system32\inetsrv\iisw3adm.dll [568320 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WAS; C:\WINDOWS\SysWOW64\inetsrv\iisw3adm.dll [492544 2019-03-19] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\WINDOWS\system32\wbengine.exe [1541632 2019-03-19] (Microsoft Corporation) [File not signed]
R3 WbioSrvc; C:\WINDOWS\System32\wbiosrvc.dll [955904 2019-03-19] (Microsoft Corporation) [File not signed]
R2 Wcmsvc; C:\WINDOWS\System32\wcmsvc.dll [1037312 2019-08-15] (Microsoft Corporation) [File not signed]
R3 wcncsvc; C:\WINDOWS\System32\wcncsvc.dll [478208 2019-03-19] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\WINDOWS\system32\wdi.dll [101888 2019-03-19] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\WINDOWS\SysWOW64\wdi.dll [88064 2019-03-19] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\WINDOWS\system32\wdi.dll [101888 2019-03-19] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\WINDOWS\SysWOW64\wdi.dll [88064 2019-03-19] (Microsoft Corporation) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WebClient; C:\WINDOWS\System32\webclnt.dll [219136 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\WINDOWS\SysWOW64\webclnt.dll [190976 2019-03-19] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\WINDOWS\system32\wecsvc.dll [199680 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [27648 2019-03-19] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\WINDOWS\System32\wercplsupport.dll [122368 2019-08-10] (Microsoft Corporation) [File not signed]
S3 WerSvc; C:\WINDOWS\System32\WerSvc.dll [226816 2019-08-10] (Microsoft Corporation) [File not signed]
S3 WFDSConMgrSvc; C:\WINDOWS\System32\wfdsconmgrsvc.dll [740352 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WiaRpc; C:\WINDOWS\System32\wiarpc.dll [83968 2019-03-19] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [231424 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\WINDOWS\system32\WsmSvc.dll [2807296 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\WINDOWS\SysWOW64\WsmSvc.dll [2306560 2019-03-19] (Microsoft Corporation) [File not signed]
S3 wisvc; C:\WINDOWS\system32\flightsettings.dll [893440 2019-08-10] (Microsoft Corporation) [File not signed]
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2019-08-10] (Microsoft Corporation) [File not signed]
R2 WlanSvc; C:\WINDOWS\System32\wlansvc.dll [2656768 2019-08-10] (Microsoft Corporation) [File not signed]
R3 wlidsvc; C:\WINDOWS\system32\wlidsvc.dll [2157568 2019-03-19] (Microsoft Corporation) [File not signed]
S3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [1390080 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [862720 2019-08-10] (Microsoft Corporation) [File not signed]
R3 wmiApSrv; C:\WINDOWS\system32\wbem\WmiApSrv.exe [204288 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1105408 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [1979392 2019-08-10] (Microsoft Corporation) [File not signed]
S3 WPDBusEnum; C:\WINDOWS\system32\wpdbusenum.dll [83456 2019-03-19] (Microsoft Corporation) [File not signed]
R2 WpnService; C:\WINDOWS\system32\WpnService.dll [253440 2019-03-19] (Microsoft Corporation) [File not signed]
S2 WpnUserService; C:\WINDOWS\System32\WpnUserService.dll [82432 2019-03-19] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [858112 2019-08-10] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [674816 2019-08-10] (Microsoft Corporation) [File not signed]
R2 wsnm; C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe [533208 2015-10-14] (VMware, Inc. -> VMware, Inc.)
R2 wuauserv; C:\WINDOWS\system32\wuaueng.dll [3104768 2019-08-10] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\WINDOWS\System32\wwansvc.dll [1761792 2019-08-10] (Microsoft Corporation) [File not signed]
S3 XblAuthManager; C:\WINDOWS\System32\XblAuthManager.dll [1063936 2019-03-19] (Microsoft Corporation) [File not signed]
S3 XblGameSave; C:\WINDOWS\System32\XblGameSave.dll [1263616 2019-03-19] (Microsoft Corporation) [File not signed]
S3 XboxGipSvc; C:\WINDOWS\System32\XboxGipSvc.dll [72704 2019-03-19] (Microsoft Corporation) [File not signed]
S3 XboxNetApiSvc; C:\WINDOWS\system32\XboxNetApiSvc.dll [1268224 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe" [X]
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 1394ohci; C:\WINDOWS\System32\drivers\1394ohci.sys [264704 2019-03-19] (Microsoft Corporation) [File not signed]
S3 AcpiDev; C:\WINDOWS\System32\drivers\AcpiDev.sys [20992 2019-03-19] (Microsoft Corporation) [File not signed]
S3 acpipagr; C:\WINDOWS\System32\drivers\acpipagr.sys [12800 2019-03-19] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\WINDOWS\System32\drivers\acpipmi.sys [16896 2019-03-19] (Microsoft Corporation) [File not signed]
S3 acpitime; C:\WINDOWS\System32\drivers\acpitime.sys [13824 2019-03-19] (Microsoft Corporation) [File not signed]
S3 Acx01000; C:\WINDOWS\System32\drivers\Acx01000.sys [337920 2019-03-19] (Microsoft Corporation) [File not signed]
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [40960 2019-03-19] (Microsoft Corporation) [File not signed]
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2019-03-19] (Microsoft Corporation) [File not signed]
R1 ahcache; C:\WINDOWS\System32\DRIVERS\ahcache.sys [291840 2019-03-19] (Microsoft Corporation) [File not signed]
S3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [18432 2019-03-19] (Advanced Micro Devices, Inc) [File not signed]
S3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [37888 2019-03-19] (Advanced Micro Devices, Inc) [File not signed]
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0307778.inf_amd64_c23825c387b5872c\atikmdag.sys [26570784 2017-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0307778.inf_amd64_c23825c387b5872c\atikmpag.sys [535960 2017-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 applockerfltr; C:\WINDOWS\System32\drivers\applockerfltr.sys [18432 2019-08-10] (Microsoft Corporation) [File not signed]
R3 AsyncMac; C:\WINDOWS\System32\drivers\asyncmac.sys [31232 2019-03-19] (Microsoft Corporation) [File not signed]
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices) [File not signed]
S3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-09-20] (Bitdefender SRL -> BitDefender)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_25ab9510fd18cfda\BasicDisplay.sys [68096 2019-03-19] (Microsoft Corporation) [File not signed]
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_9ff437f462543a42\BasicRender.sys [37888 2019-03-19] (Microsoft Corporation) [File not signed]
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [9728 2019-03-19] (Windows ® Win 7 DDK provider) [File not signed]
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [10240 2019-03-19] (Microsoft Corporation) [File not signed]
R3 bowser; C:\WINDOWS\System32\DRIVERS\bowser.sys [117248 2019-03-19] (Microsoft Corporation) [File not signed]
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [232448 2019-03-19] (Microsoft Corporation) [File not signed]
R3 BthEnum; C:\WINDOWS\System32\drivers\BthEnum.sys [114688 2019-08-15] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [131072 2019-03-19] (Microsoft Corporation) [File not signed]
R3 BthLEEnum; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [97280 2019-03-19] (Microsoft Corporation) [File not signed]
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [36864 2019-08-15] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [76288 2019-03-19] (Microsoft Corporation) [File not signed]
R3 BthPan; C:\WINDOWS\System32\drivers\bthpan.sys [133120 2019-03-19] (Microsoft Corporation) [File not signed]
S3 BTHPORT; C:\WINDOWS\System32\drivers\BTHport.sys [1428992 2019-08-15] (Microsoft Corporation) [File not signed]
R3 BTHUSB; C:\WINDOWS\System32\drivers\BTHUSB.sys [98304 2019-08-15] (Microsoft Corporation) [File not signed]
S3 buttonconverter; C:\WINDOWS\System32\drivers\buttonconverter.sys [43008 2019-03-19] (Microsoft Corporation) [File not signed]
S4 cdfs; C:\WINDOWS\System32\DRIVERS\cdfs.sys [100352 2019-03-19] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\WINDOWS\System32\drivers\cdrom.sys [173056 2019-03-19] (Microsoft Corporation) [File not signed]
S3 circlass; C:\WINDOWS\System32\drivers\circlass.sys [51200 2019-03-19] (Microsoft Corporation) [File not signed]
R2 CldFlt; C:\WINDOWS\System32\drivers\cldflt.sys [456192 2019-08-10] (Microsoft Corporation) [File not signed]
S3 CmBatt; C:\WINDOWS\System32\drivers\CmBatt.sys [36864 2019-03-19] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_095624d60edd8fe5\CompositeBus.sys [40960 2019-08-10] (Microsoft Corporation) [File not signed]
R1 Dfsc; C:\WINDOWS\System32\Drivers\dfsc.sys [151040 2019-03-19] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dsNcAdpt; C:\WINDOWS\System32\drivers\dsNcAdpt.sys [36816 2014-10-18] (Juniper Networks, Inc. -> Juniper Networks) [File not signed]
S3 ErrDev; C:\WINDOWS\System32\drivers\errdev.sys [14336 2019-03-19] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [404480 2019-03-19] (Microsoft Corporation) [File not signed]
S3 fdc; C:\WINDOWS\System32\drivers\fdc.sys [35328 2019-03-19] (Microsoft Corporation) [File not signed]
R1 FileCrypt; C:\WINDOWS\System32\drivers\filecrypt.sys [59392 2019-03-19] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\WINDOWS\System32\drivers\filetrace.sys [40960 2019-03-19] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\WINDOWS\System32\drivers\flpydisk.sys [28160 2019-03-19] (Microsoft Corporation) [File not signed]
S3 genericusbfn; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_dbcdd1a51a139f61\genericusbfn.sys [20992 2019-03-19] (Microsoft Corporation) [File not signed]
R1 GpuEnergyDrv; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [8704 2019-03-19] (Microsoft Corporation) [File not signed]
S3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [425472 2019-03-19] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\WINDOWS\System32\drivers\HDAudBus.sys [114688 2019-03-19] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\WINDOWS\System32\drivers\hidbth.sys [121344 2019-03-19] (Microsoft Corporation) [File not signed]
S3 hidi2c; C:\WINDOWS\System32\drivers\hidi2c.sys [54784 2019-03-19] (Microsoft Corporation) [File not signed]
S3 HidIr; C:\WINDOWS\System32\drivers\hidir.sys [48640 2019-03-19] (Microsoft Corporation) [File not signed]
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [62976 2019-08-10] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\WINDOWS\System32\drivers\hidusb.sys [45568 2019-08-10] (Microsoft Corporation) [File not signed]
S3 HwNClx0101; C:\WINDOWS\System32\Drivers\mshwnclx.sys [28672 2019-03-19] (Microsoft Corporation) [File not signed]
S3 i8042prt; C:\WINDOWS\System32\drivers\i8042prt.sys [119296 2019-03-19] (Microsoft Corporation) [File not signed]
S3 iagpio; C:\WINDOWS\System32\drivers\iagpio.sys [36352 2019-03-19] (Intel® Corporation) [File not signed]
S3 iai2c; C:\WINDOWS\System32\drivers\iai2c.sys [91136 2019-03-19] (Intel® Corporation) [File not signed]
S3 iaLPSS2i_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2019-03-19] (Intel Corporation) [File not signed]
S3 iaLPSS2i_GPIO2_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [93184 2019-03-19] (Intel Corporation) [File not signed]
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-03-19] (Intel Corporation) [File not signed]
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-03-19] (Intel Corporation) [File not signed]
S3 iaLPSS2i_I2C; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520 2019-03-19] (Intel Corporation) [File not signed]
S3 iaLPSS2i_I2C_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [175104 2019-03-19] (Intel Corporation) [File not signed]
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2019-03-19] (Intel Corporation) [File not signed]
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-03-19] (Intel Corporation) [File not signed]
S3 iaLPSSi_I2C; C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152 2019-03-19] (Intel Corporation) [File not signed]
S3 IndirectKmd; C:\WINDOWS\System32\drivers\IndirectKmd.sys [46592 2019-03-19] (Microsoft Corporation) [File not signed]
S3 intelpmax; C:\WINDOWS\System32\drivers\intelpmax.sys [28672 2019-03-19] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [90624 2019-03-19] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\WINDOWS\System32\drivers\ipnat.sys [224768 2019-03-19] (Microsoft Corporation) [File not signed]
R3 kbdhid; C:\WINDOWS\System32\drivers\kbdhid.sys [46592 2019-03-19] (Microsoft Corporation) [File not signed]
R3 ksthunk; C:\WINDOWS\system32\drivers\ksthunk.sys [29184 2019-03-19] (Microsoft Corporation) [File not signed]
R2 lltdio; C:\WINDOWS\System32\drivers\lltdio.sys [72192 2019-03-19] (Microsoft Corporation) [File not signed]
R2 luafv; C:\WINDOWS\system32\drivers\luafv.sys [141312 2019-08-10] (Microsoft Corporation) [File not signed]
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [358912 2019-08-10] (Microsoft Corporation) [File not signed]
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80160 2015-02-13] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [64512 2019-03-19] (Microsoft Corporation) [File not signed]
R2 MMCSS; C:\WINDOWS\system32\drivers\mmcss.sys [53760 2019-03-19] (Microsoft Corporation) [File not signed]
S3 Modem; C:\WINDOWS\System32\drivers\modem.sys [46592 2019-03-19] (Microsoft Corporation) [File not signed]
R3 monitor; C:\WINDOWS\System32\drivers\monitor.sys [69632 2019-08-10] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\WINDOWS\System32\drivers\mouhid.sys [35840 2019-03-19] (Microsoft Corporation) [File not signed]
R3 mpsdrv; C:\WINDOWS\System32\drivers\mpsdrv.sys [80384 2019-03-19] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\WINDOWS\system32\drivers\mrxdav.sys [158208 2019-03-19] (Microsoft Corporation) [File not signed]
S3 MsBridge; C:\WINDOWS\System32\drivers\bridge.sys [127488 2019-03-19] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\WINDOWS\System32\drivers\mshidkmdf.sys [8704 2019-03-19] (Microsoft Corporation) [File not signed]
S3 mshidumdf; C:\WINDOWS\System32\drivers\mshidumdf.sys [12288 2019-03-19] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [34816 2019-08-10] (Microsoft Corporation) [File not signed]
R2 MsLldp; C:\WINDOWS\System32\drivers\mslldp.sys [78848 2019-03-19] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [11264 2019-03-19] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [11264 2019-03-19] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [12800 2019-03-19] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\WINDOWS\System32\drivers\MTConfig.sys [16384 2019-03-19] (Microsoft Corporation) [File not signed]
R3 NativeWifiP; C:\WINDOWS\System32\DRIVERS\nwifi.sys [701952 2019-08-15] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\WINDOWS\System32\drivers\ndiscap.sys [56320 2019-03-19] (Microsoft Corporation) [File not signed]
S3 NdisImPlatform; C:\WINDOWS\System32\drivers\NdisImPlatform.sys [135168 2019-03-19] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [28672 2019-08-10] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\WINDOWS\System32\drivers\ndisuio.sys [70656 2019-03-19] (Microsoft Corporation) [File not signed]
R3 NdisVirtualBus; C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [22016 2019-03-19] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\WINDOWS\System32\drivers\ndiswan.sys [206336 2019-03-19] (Microsoft Corporation) [File not signed]
S3 ndiswanlegacy; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [206336 2019-03-19] (Microsoft Corporation) [File not signed]
S3 NDKPing; C:\WINDOWS\System32\drivers\NDKPing.sys [63488 2019-03-19] (Microsoft Corporation) [File not signed]
R3 ndproxy; C:\WINDOWS\System32\DRIVERS\NDProxy.sys [244736 2019-08-10] (Microsoft Corporation) [File not signed]
R2 Ndu; C:\WINDOWS\System32\drivers\Ndu.sys [132096 2019-03-19] (Microsoft Corporation) [File not signed]
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [187904 2019-03-19] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [337408 2019-08-10] (Microsoft Corporation) [File not signed]
R1 npsvctrig; C:\WINDOWS\System32\drivers\npsvctrig.sys [27136 2019-03-19] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\WINDOWS\System32\drivers\nsiproxy.sys [48128 2019-03-19] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\System32\Drivers\Null.sys [7680 2019-03-19] (Microsoft Corporation) [File not signed]
S3 Parport; C:\WINDOWS\System32\drivers\parport.sys [108032 2019-03-19] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\WINDOWS\System32\drivers\peauth.sys [817152 2019-08-15] (Microsoft Corporation) [File not signed]
S3 PNPMEM; C:\WINDOWS\System32\drivers\pnpmem.sys [17408 2019-03-19] (Microsoft Corporation) [File not signed]
S3 portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [25600 2019-03-19] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\WINDOWS\System32\drivers\raspptp.sys [103424 2019-03-19] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\WINDOWS\system32\drivers\qwavedrv.sys [53760 2019-03-19] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [19968 2019-03-19] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\WINDOWS\System32\drivers\AgileVpn.sys [114176 2019-08-10] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\WINDOWS\System32\drivers\rasl2tp.sys [112128 2019-03-19] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [87552 2019-03-19] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\WINDOWS\System32\drivers\rassstp.sys [85504 2019-03-19] (Microsoft Corporation) [File not signed]
R3 rdpbus; C:\WINDOWS\System32\drivers\rdpbus.sys [28672 2019-03-19] (Microsoft Corporation) [File not signed]
S3 RDPDR; C:\WINDOWS\System32\drivers\rdpdr.sys [167936 2019-08-10] (Microsoft Corporation) [File not signed]
R3 RFCOMM; C:\WINDOWS\System32\drivers\rfcomm.sys [211456 2019-03-19] (Microsoft Corporation) [File not signed]
S3 rhproxy; C:\WINDOWS\System32\drivers\rhproxy.sys [113152 2019-03-19] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\WINDOWS\System32\drivers\rspndr.sys [89088 2019-03-19] (Microsoft Corporation) [File not signed]
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek Semiconductor Corp -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2016-05-15] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 scfilter; C:\WINDOWS\System32\DRIVERS\scfilter.sys [45056 2019-03-19] (Microsoft Corporation) [File not signed]
S3 Serenum; C:\WINDOWS\System32\drivers\serenum.sys [27648 2019-03-19] (Microsoft Corporation) [File not signed]
S3 Serial; C:\WINDOWS\System32\drivers\serial.sys [89600 2019-03-19] (Microsoft Corporation) [File not signed]
S3 sermouse; C:\WINDOWS\System32\drivers\sermouse.sys [29696 2019-03-19] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\WINDOWS\System32\drivers\sfloppy.sys [19456 2019-03-19] (Microsoft Corporation) [File not signed]
R2 srv; C:\WINDOWS\System32\DRIVERS\srv.sys [444928 2019-03-19] (Microsoft Corporation) [File not signed]
R3 srv2; C:\WINDOWS\System32\DRIVERS\srv2.sys [771584 2019-08-10] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\WINDOWS\System32\DRIVERS\srvnet.sys [309760 2019-08-10] (Microsoft Corporation) [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [551936 2014-01-05] (IDT, Inc.) [File not signed]
S3 Synth3dVsc; C:\WINDOWS\System32\drivers\Synth3dVsc.sys [66560 2019-03-19] (Microsoft Corporation) [File not signed]
R2 tcpipreg; C:\WINDOWS\System32\drivers\tcpipreg.sys [54784 2019-03-19] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\WINDOWS\System32\drivers\tsusbflt.sys [65024 2019-03-19] (Microsoft Corporation) [File not signed]
S3 TsUsbGD; C:\WINDOWS\System32\drivers\TsUsbGD.sys [35328 2019-03-19] (Microsoft Corporation) [File not signed]
S3 tunnel; C:\WINDOWS\System32\drivers\tunnel.sys [128512 2019-03-19] (Microsoft Corporation) [File not signed]
S3 UcmCx0101; C:\WINDOWS\System32\Drivers\UcmCx.sys [160256 2019-03-19] (Microsoft Corporation) [File not signed]
S3 UcmTcpciCx0101; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [186368 2019-03-19] (Microsoft Corporation) [File not signed]
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [34816 2019-03-19] (Microsoft Corporation) [File not signed]
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [111104 2019-03-19] (Microsoft Corporation) [File not signed]
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [51200 2019-03-19] (Microsoft Corporation) [File not signed]
S4 udfs; C:\WINDOWS\System32\DRIVERS\udfs.sys [342528 2019-03-19] (Microsoft Corporation) [File not signed]
R3 umbus; C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_0a69be6a385b49f7\umbus.sys [57856 2019-03-19] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\WINDOWS\System32\drivers\umpass.sys [13312 2019-03-19] (Microsoft Corporation) [File not signed]
R3 usbaudio; C:\WINDOWS\system32\drivers\usbaudio.sys [198656 2019-03-19] (Microsoft Corporation) [File not signed]
S3 usbaudio2; C:\WINDOWS\System32\drivers\usbaudio2.sys [257536 2019-08-10] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\WINDOWS\System32\drivers\usbcir.sys [107008 2019-03-19] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\WINDOWS\System32\drivers\usbohci.sys [30208 2019-03-19] (Microsoft Corporation) [File not signed]
R3 usbprint; C:\WINDOWS\System32\drivers\usbprint.sys [34304 2019-03-19] (Microsoft Corporation) [File not signed]
R3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2019-03-19] (Microsoft Corporation) [File not signed]
S3 usbser; C:\WINDOWS\System32\drivers\usbser.sys [79360 2019-03-19] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\WINDOWS\System32\drivers\usbuhci.sys [39936 2019-03-19] (Microsoft Corporation) [File not signed]
S3 vhf; C:\WINDOWS\System32\drivers\vhf.sys [39936 2019-03-19] (Microsoft Corporation) [File not signed]
R3 vwifibus; C:\WINDOWS\System32\drivers\vwifibus.sys [27648 2019-03-19] (Microsoft Corporation) [File not signed]
R1 vwififlt; C:\WINDOWS\System32\drivers\vwififlt.sys [77312 2019-03-19] (Microsoft Corporation) [File not signed]
R3 vwifimp; C:\WINDOWS\System32\drivers\vwifimp.sys [50176 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\WINDOWS\System32\drivers\wacompen.sys [31744 2019-03-19] (Microsoft Corporation) [File not signed]
R2 wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [92672 2019-08-10] (Microsoft Corporation) [File not signed]
S3 wanarpv6; C:\WINDOWS\System32\DRIVERS\wanarp.sys [92672 2019-08-10] (Microsoft Corporation) [File not signed]
S3 wcnfs; C:\WINDOWS\system32\drivers\wcnfs.sys [92672 2019-03-19] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376032 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 wdiwifi; C:\WINDOWS\System32\DRIVERS\wdiwifi.sys [931840 2019-03-19] (Microsoft Corporation) [File not signed]
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 WinNat; C:\WINDOWS\System32\drivers\winnat.sys [250880 2019-08-10] (Microsoft Corporation) [File not signed]
S3 WINUSB; C:\WINDOWS\System32\drivers\WinUSB.SYS [105472 2019-03-19] (Microsoft Corporation) [File not signed]
R3 WmiAcpi; C:\WINDOWS\System32\drivers\wmiacpi.sys [19456 2019-03-19] (Microsoft Corporation) [File not signed]
S4 ws2ifsl; C:\WINDOWS\system32\drivers\ws2ifsl.sys [25088 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WudfPf; C:\WINDOWS\System32\drivers\WudfPf.sys [134656 2019-03-19] (Microsoft Corporation) [File not signed]
R3 WUDFRd; C:\WINDOWS\System32\drivers\WudfRd.sys [297984 2019-03-19] (Microsoft Corporation) [File not signed]
R3 WUDFWpdFs; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [297984 2019-03-19] (Microsoft Corporation) [File not signed]
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [297984 2019-03-19] (Microsoft Corporation) [File not signed]
S3 xboxgip; C:\WINDOWS\System32\drivers\xboxgip.sys [324608 2019-08-10] (Microsoft Corporation) [File not signed]
S3 xinputhid; C:\WINDOWS\System32\drivers\xinputhid.sys [48128 2019-03-19] (Microsoft Corporation) [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-03-30 08:30 - 2020-03-30 08:32 - 000121976 _____ C:\Users\Stu\Desktop\FRST.txt
2020-03-30 08:30 - 2020-03-30 08:31 - 000000000 ____D C:\FRST
2020-03-30 08:28 - 2020-03-30 08:29 - 002280448 _____ (Farbar) C:\Users\Stu\Desktop\FRST64.exe
2020-03-30 08:26 - 2020-03-30 08:26 - 000000000 ___HD C:\OneDriveTemp
2020-03-30 08:23 - 2020-03-30 08:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-03-30 08:20 - 2020-03-30 08:19 - 011441568 _____ (AVAST Software) C:\Users\Stu\Desktop\avastclear (2).exe
2020-03-30 08:19 - 2020-03-30 08:19 - 011441568 _____ (AVAST Software) C:\Users\Stu\Downloads\avastclear (2).exe
2020-03-29 22:47 - 2020-03-29 22:47 - 000165376 _____ C:\Users\Stu\Desktop\SystemLook_x64.exe
2020-03-26 16:53 - 2020-03-26 16:53 - 000003642 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2020-03-26 16:53 - 2020-03-26 16:53 - 000000000 ____D C:\KPRM
2020-03-26 12:42 - 2020-03-26 12:42 - 000005981 _____ C:\Users\Stu\Downloads\4367-xxxx-xxxx-2396_Transactions_2020-02-26_2020-03-26.xlsx
2020-03-26 10:45 - 2020-03-26 15:49 - 000016911 _____ C:\Users\Stu\Documents\Combo ticket matrices.xlsx
2020-03-26 10:34 - 2020-03-26 10:34 - 000000362 _____ C:\Users\Stu\Documents\combo.txt
2020-03-25 10:53 - 2020-03-25 11:12 - 000000000 ____D C:\ProgramData\Foxit Software
2020-03-22 12:51 - 2020-03-30 08:23 - 000366780 _____ C:\WINDOWS\ntbtlog.txt
2020-03-22 11:47 - 2020-03-22 11:47 - 011678816 _____ (ESET) C:\Users\Stu\Downloads\avremover_nt64_enu.exe
2020-03-22 11:28 - 2020-03-22 11:28 - 011441568 _____ (AVAST Software) C:\Users\Administrator\Downloads\avastclear.exe
2020-03-22 11:26 - 2020-03-22 11:26 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Hewlett-Packard
2020-03-22 11:23 - 2020-03-22 11:23 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Logitech
2020-03-22 08:07 - 2020-03-22 08:07 - 000486784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-22 08:06 - 2020-03-22 08:06 - 000000080 ___SH C:\bootTel.dat
2020-03-21 08:56 - 2020-03-21 08:56 - 000129367 _____ C:\Users\Stu\Documents\MyPC.txt
2020-03-21 08:54 - 2020-03-21 08:55 - 000000000 ____D C:\Program Files\Speccy
2020-03-21 08:54 - 2020-03-21 08:54 - 000000844 _____ C:\Users\Public\Desktop\Speccy.lnk
2020-03-21 08:54 - 2020-03-21 08:54 - 000000844 _____ C:\ProgramData\Desktop\Speccy.lnk
2020-03-21 08:54 - 2020-03-21 08:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2020-03-21 08:52 - 2020-03-21 08:52 - 006889184 _____ (Piriform Ltd) C:\Users\Stu\Downloads\spsetup132.exe
2020-03-20 19:45 - 2020-03-20 19:45 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache
2020-03-20 19:19 - 2020-03-20 19:19 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Foxit Software
2020-03-20 18:39 - 2020-03-20 18:39 - 000195346 _____ C:\Users\Administrator\Downloads\wu170509 (1).diagcab
2020-03-20 18:38 - 2020-03-20 18:38 - 000195346 _____ C:\Users\Administrator\Downloads\wu170509.diagcab
2020-03-20 18:21 - 2020-03-20 18:21 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2020-03-20 18:06 - 2020-03-20 18:06 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2020-03-20 18:00 - 2020-03-21 20:51 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-661845806-1645133277-2052336375-500
2020-03-20 18:00 - 2020-03-20 18:39 - 000000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2020-03-20 18:00 - 2020-03-20 18:01 - 000000000 ___RD C:\Users\Administrator\OneDrive
2020-03-20 18:00 - 2020-03-20 18:00 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder
2020-03-20 17:59 - 2020-03-20 17:59 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\AMD
2020-03-20 17:58 - 2020-03-20 18:19 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2020-03-20 17:58 - 2020-03-20 18:03 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2020-03-20 17:58 - 2020-03-20 17:58 - 000001450 _____ C:\Users\Administrator\Desktop\Microsoft Edge.lnk
2020-03-20 17:58 - 2020-03-20 17:58 - 000000000 ___RD C:\Users\Administrator\3D Objects
2020-03-20 17:58 - 2020-03-20 17:58 - 000000000 ___HD C:\Users\Administrator\MicrosoftEdgeBackups
2020-03-20 17:58 - 2020-03-20 17:58 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-03-20 17:58 - 2020-03-20 17:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2020-03-20 17:58 - 2020-03-20 17:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\MicrosoftEdge
2020-03-20 17:57 - 2020-03-22 11:23 - 000000000 ____D C:\Users\Administrator\AppData\Local\AMD
2020-03-20 17:57 - 2020-03-20 18:01 - 000002435 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-20 17:57 - 2020-03-20 18:00 - 000000000 ____D C:\Users\Administrator
2020-03-20 17:57 - 2020-03-20 17:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2020-03-20 17:57 - 2020-03-20 17:57 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2020-03-20 17:57 - 2016-09-25 10:36 - 000000000 ____D C:\Users\Administrator\Documents\hp.system.package.metadata
2020-03-20 17:57 - 2016-09-25 10:36 - 000000000 ____D C:\Users\Administrator\Documents\hp.applications.package.appdata
2020-03-20 17:57 - 2016-09-25 10:36 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\ATI
2020-03-20 17:57 - 2016-09-25 10:36 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2020-03-20 17:57 - 2016-09-25 10:36 - 000000000 ____D C:\Users\Administrator\AppData\Local\ATI
2020-03-20 17:41 - 2020-03-20 17:41 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2020-03-20 17:06 - 2020-03-20 17:09 - 000000000 ____D C:\Users\Stu\AppData\LocalLow\IGDump
2020-03-20 17:06 - 2020-03-20 17:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-03-20 17:06 - 2020-03-20 17:06 - 000000000 ____D C:\Program Files\7-Zip
2020-03-20 17:01 - 2020-03-20 17:01 - 000000000 ____D C:\Users\Stu\AppData\Local\mbamtray
2020-03-20 17:01 - 2020-03-20 17:01 - 000000000 ____D C:\Users\Stu\AppData\Local\cache
2020-03-20 16:36 - 2020-03-20 16:39 - 061066536 _____ C:\Users\Stu\Downloads\avc-free.exe
2020-03-20 16:32 - 2020-03-20 16:32 - 000000000 ____D C:\Users\Stu\AppData\Roaming\Brackets
2020-03-20 16:21 - 2020-03-20 16:21 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2020-03-20 16:20 - 2020-03-20 16:20 - 000000000 ____D C:\Users\Stu\AppData\Roaming\Wondershare
2020-03-20 16:19 - 2020-03-20 16:20 - 000000000 ____D C:\Users\Stu\AppData\Local\Wondershare
2020-03-20 16:19 - 2020-03-20 16:19 - 000000000 ____D C:\ProgramData\Wondershare MediaServer
2020-03-20 16:19 - 2020-03-20 16:19 - 000000000 ____D C:\ProgramData\GraphicsType
2020-03-20 16:18 - 2020-03-20 16:23 - 000000000 ____D C:\Program Files (x86)\Wondershare
2020-03-20 16:18 - 2020-03-20 16:20 - 000000000 ____D C:\ProgramData\Wondershare
2020-03-20 16:15 - 2020-03-20 16:17 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2020-03-20 16:15 - 2020-03-20 16:17 - 000000000 ____D C:\ProgramData\Documents\Wondershare
2020-03-20 15:49 - 2020-03-20 16:20 - 000000000 ____D C:\Users\Stu\AppData\Roaming\Easeware
2020-03-20 15:48 - 2020-03-20 15:48 - 005084792 _____ (Easeware ) C:\Users\Stu\Downloads\DriverEasy_Setup.exe
2020-03-20 15:43 - 2020-03-20 15:43 - 000002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-20 15:43 - 2020-03-20 15:43 - 000002339 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-03-20 15:43 - 2020-03-20 15:43 - 000002339 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-03-20 15:41 - 2020-03-21 20:51 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-20 15:41 - 2020-03-21 20:51 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 15:40 - 2020-03-20 15:40 - 001288408 _____ (Google LLC) C:\Users\Stu\Downloads\ChromeSetup(4).exe
2020-03-20 12:19 - 2020-03-20 12:19 - 000000000 ____D C:\Users\Stu\.thumbnails
2020-03-20 11:05 - 2020-03-20 11:15 - 135856128 _____ C:\Users\Stu\Downloads\blender-2.82a-windows64.msi
2020-03-17 16:10 - 2020-03-17 16:10 - 000118986 _____ C:\Users\Stu\Downloads\2020-03-17-trade-me-shipping-3450473-booking-#label.pdf
2020-03-13 08:31 - 2020-03-13 08:31 - 000395648 _____ C:\Users\Stu\Downloads\Customer Statements (2).pdf
2020-03-13 08:31 - 2020-03-13 08:31 - 000395648 _____ C:\Users\Stu\Downloads\Customer Statements (1).pdf
2020-03-13 08:28 - 2020-03-13 08:28 - 000395648 _____ C:\Users\Stu\Downloads\Customer Statements.pdf
2020-03-12 16:44 - 2020-03-12 16:44 - 009503800 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-03-30 08:29 - 2019-03-19 17:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-30 08:27 - 2016-03-21 20:19 - 000000000 ____D C:\Users\Stu\AppData\Roaming\VMware
2020-03-30 08:26 - 2015-06-14 18:24 - 000000000 ___RD C:\Users\Stu\OneDrive
2020-03-30 08:25 - 2019-08-09 20:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-03-30 08:24 - 2019-03-19 17:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-03-30 08:22 - 2017-09-25 07:49 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-03-30 08:21 - 2019-08-09 20:17 - 000004152 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C952A4EE-33CF-4DEA-A987-A660654DAA6B}
2020-03-30 03:01 - 2019-08-09 19:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-03-28 19:59 - 2015-06-14 21:34 - 036835328 _____ C:\Users\Stu\Documents\My Money.MN4
2020-03-28 19:59 - 2015-06-14 21:34 - 009322380 ____R C:\Users\Stu\Documents\My Money Backup.mbf
2020-03-27 13:19 - 2019-08-09 19:58 - 000000000 ____D C:\Users\Stu
2020-03-27 13:18 - 2016-05-16 14:13 - 000000346 _____ C:\WINDOWS\Tasks\HPCeeScheduleForStu.job
2020-03-27 11:50 - 2019-08-09 20:17 - 000003230 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForStu
2020-03-26 20:13 - 2015-06-14 21:25 - 000000000 ____D C:\Users\Stu\Documents\Janet
2020-03-25 11:12 - 2016-09-25 10:28 - 000000000 ____D C:\ProgramData\Package Cache
2020-03-25 11:11 - 2019-03-19 17:50 - 000000000 ____D C:\WINDOWS\INF
2020-03-25 11:11 - 2015-06-19 13:08 - 000000000 ____D C:\Users\Stu\AppData\Roaming\Foxit Software
2020-03-25 11:09 - 2018-05-29 16:25 - 000000000 ____D C:\Users\Stu\AppData\Local\D3DSCache
2020-03-22 12:49 - 2019-08-08 19:25 - 000000000 ___DC C:\WINDOWS\Panther
2020-03-22 12:22 - 2019-03-19 17:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-03-21 20:51 - 2019-08-09 20:17 - 000003750 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-03-21 20:51 - 2019-08-09 20:17 - 000003278 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-03-21 20:51 - 2019-08-09 20:17 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-661845806-1645133277-2052336375-1001
2020-03-21 20:51 - 2019-08-09 20:17 - 000002094 _____ C:\WINDOWS\system32\Tasks\{3C0648E2-AD1A-42E9-94AF-912A6ABD9E53}
2020-03-21 20:51 - 2019-08-09 20:17 - 000002016 _____ C:\WINDOWS\system32\Tasks\{0A0262D7-1434-4BD2-9DDC-5E5282012F03}
2020-03-20 21:19 - 2015-06-14 21:30 - 000112032 _____ C:\Users\Stu\AppData\Local\GDIPFONTCACHEV1.DAT
2020-03-20 18:25 - 2015-06-19 13:38 - 000000000 ____D C:\Users\Stu\AppData\Local\ElevatedDiagnostics
2020-03-20 18:21 - 2019-03-19 17:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-03-20 17:58 - 2019-03-19 17:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-20 17:58 - 2016-02-14 02:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-20 17:44 - 2015-07-17 23:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-20 17:41 - 2014-08-06 20:00 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2020-03-20 17:04 - 2019-03-19 17:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-03-20 17:04 - 2015-07-25 09:57 - 000000000 ____D C:\Users\Stu\AppData\Roaming\Skype
2020-03-20 17:04 - 2015-06-14 18:23 - 000000000 ____D C:\Users\Stu\AppData\Roaming\hpqlog
2020-03-20 17:03 - 2018-07-23 10:23 - 000000000 ____D C:\Users\Stu\AppData\Local\CrashDumps
2020-03-20 17:03 - 2018-05-25 11:24 - 000000000 ____D C:\Users\Stu\AppData\Local\Microsoft Help
2020-03-20 17:03 - 2014-08-06 19:59 - 000000000 ____D C:\ProgramData\install_clap
2020-03-20 16:14 - 2017-03-21 20:54 - 000000000 ____D C:\Users\Stu\AppData\Roaming\vlc
2020-03-20 15:44 - 2016-09-23 22:50 - 000000000 ____D C:\Users\Stu\AppData\LocalLow\Mozilla
2020-03-20 15:42 - 2015-06-14 18:26 - 000000000 ____D C:\Program Files (x86)\Google
2020-03-20 14:44 - 2019-03-19 17:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-03-20 14:24 - 2019-08-09 20:06 - 000935056 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-03-20 14:18 - 2020-02-24 08:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-03-20 14:18 - 2015-06-22 22:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-20 12:19 - 2016-05-07 16:20 - 000000000 ____D C:\Users\Stu\AppData\Local\AMD
2020-03-18 23:38 - 2019-08-09 19:58 - 000002405 _____ C:\Users\Stu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-16 22:10 - 2019-07-09 11:12 - 000041472 _____ C:\Users\Stu\Downloads\vehiclelogbook.xls
2020-03-15 22:02 - 2016-03-05 15:34 - 000007601 _____ C:\Users\Stu\AppData\Local\Resmon.ResmonCfg
2020-03-12 16:44 - 2019-03-19 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-03-12 16:44 - 2019-03-19 17:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-03-11 07:38 - 2017-11-09 11:39 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-03-08 11:22 - 2015-06-14 21:26 - 000000000 ____D C:\Users\Stu\Documents\Stu
 
==================== Files in the root of some directories ========
 
2016-05-01 15:44 - 2019-07-29 23:11 - 000022277 _____ () C:\Users\Stu\AppData\Roaming\Comma Separated Values (DOS).ADR
2018-11-14 21:46 - 2019-06-23 20:30 - 000038443 _____ () C:\Users\Stu\AppData\Roaming\Comma Separated Values (Windows).ADR
2019-06-23 20:28 - 2019-06-23 20:28 - 000038426 _____ () C:\Users\Stu\AppData\Roaming\Microsoft Excel 97-2003.ADR
2016-03-05 15:34 - 2020-03-15 22:02 - 000007601 _____ () C:\Users\Stu\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\SysWOW64\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
==================== End of FRST.txt ========================

  • 0

#23
Buffyfan

Buffyfan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

And this one

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by Stu (30-03-2020 08:33:00)
Running from C:\Users\Stu\Desktop
Windows 10 Home Version 1903 18362.295 (X64) (2019-08-09 07:18:45)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-661845806-1645133277-2052336375-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-661845806-1645133277-2052336375-503 - Limited - Disabled)
Guest (S-1-5-21-661845806-1645133277-2052336375-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-661845806-1645133277-2052336375-1003 - Limited - Enabled)
Stu (S-1-5-21-661845806-1645133277-2052336375-1001 - Administrator - Enabled) => C:\Users\Stu
WDAGUtilityAccount (S-1-5-21-661845806-1645133277-2052336375-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4 Elements II (HKLM-x32\...\WTA-bb96431e-9dd8-4da3-a620-c86aca6e2943) (Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\{7F28165B-148D-4672-AA21-469D9E6E3CB6}) (Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
AMD Catalyst Install Manager (HKLM\...\{08C2D5E6-65FA-0C53-227A-B990F1D00D8C}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.)
Azkend 2: The World Beneath (HKLM-x32\...\WTA-7d5e6fb7-6bb4-44c4-a7a9-93d2e591fa0d) (Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-36782ebb-7068-4fb8-8121-9872ad9b8eb1) (Version: 3.0.2.59 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brackets (HKLM-x32\...\{090BE437-6981-4002-8D90-ED9D47AEDE11}) (Version: 1.14.17752 - brackets.io)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 6.30.223.232 - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.850 - Broadcom Corporation)
Build-a-lot (HKLM-x32\...\WTA-82a3ead9-4175-4cbc-a41b-ade264c27bcf) (Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (HKLM-x32\...\WTA-544f44a5-acb2-465d-9144-7b133016d7ae) (Version: 3.0.2.48 - WildTangent) Hidden
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version:  - Canon Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Curse at Twilight (HKLM-x32\...\WTA-9868d878-37c9-478b-9c2a-9be593120aae) (Version: 3.0.2.51 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.7.4023 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.2.5426 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.2.5426 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.7.4016 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3004 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3004 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4119 - CyberLink Corp.)
Delicious - Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-1e50d3d0-6baa-445c-9373-7383f433e87b) (Version: 3.0.2.48 - WildTangent) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Evernote v. 5.3 (HKLM-x32\...\{E461B1AC-BC3C-11E3-B5B8-00163E98E7D6}) (Version: 5.3.0.3360 - Evernote Corp.)
Farm Frenzy (HKLM-x32\...\WTA-0a17dc63-6c0d-49c1-b4a5-51f9cc4edaf7) (Version: 3.0.2.59 - WildTangent) Hidden
FileZilla Client 3.46.0 (HKLM-x32\...\FileZilla Client) (Version: 3.46.0 - Tim Kosse)
Fishdom 3: Collector's Edition (HKLM-x32\...\WTA-0eda4a0a-20cc-4dd4-86bf-91ff06e81811) (Version: 3.0.2.38 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-1725e5ed-39c0-4252-82ab-34095010da80) (Version: 3.0.2.59 - WildTangent) Hidden
HandBrake 1.0.2 (HKLM-x32\...\HandBrake) (Version: 1.0.2 - )
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{4B4EDB7B-4F54-4B86-8A4A-E1C5803CA374}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.8.24.33 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.14.49.15 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6496.0 - IDT)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.11 - Softex Inc.) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-08b2a7ab-d7d2-4b11-8ce9-8249022a8bb7) (Version: 3.0.2.59 - WildTangent) Hidden
Joining Hands 2 (HKLM-x32\...\WTA-fa46e874-6ea5-4d08-8307-5fd2dfe8a849) (Version: 3.0.2.51 - WildTangent) Hidden
Juniper Networks Network Connect 8.0 (HKLM-x32\...\Juniper Network Connect 8.0) (Version: 8.0.6.32195 - Juniper Networks)
Juniper Networks Setup Client (HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\Juniper_Setup_Client) (Version: 8.0.6.48695 - Juniper Networks)
Juniper Networks Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Juniper Terminal Services Client (HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\Juniper_Term_Services) (Version: 8.0.6.32195 - Juniper Networks)
Kodi (HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\Kodi) (Version:  - XBMC-Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Letters from Nowhere 2 (HKLM-x32\...\WTA-4b92af75-61d8-4223-bca0-bec54abd2b51) (Version: 2.2.0.97 - WildTangent) Hidden
Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.114 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Lost in Reefs 2 (HKLM-x32\...\WTA-aac4fe80-c9e3-40c2-80e5-7859f293c9ed) (Version: 3.0.2.51 - WildTangent) Hidden
LUXOR Evolved (HKLM-x32\...\WTA-eefa380a-7efe-4212-94e9-0647f741eadf) (Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Money (HKLM-x32\...\{019210C1-32C8-423C-BEFD-763C8E7A188F}) (Version: 11.0.120 - Microsoft)
Microsoft Money System Pack (HKLM-x32\...\{02CA7E66-1AD1-4DE9-BA9E-86A0EEB019C7}) (Version: 11.0.120 - Microsoft)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 74.0 (x64 en-US) (HKLM\...\Mozilla Firefox 74.0 (x64 en-US)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
Peggle Nights (HKLM-x32\...\WTA-0b8e97f2-4977-4b4f-b54a-6699f09df782) (Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (HKLM-x32\...\WTA-bd7d4ced-69e2-42bb-b44a-7ae0fe19fde7) (Version: 3.0.2.59 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-747733d6-53c1-43f2-b62d-e70becc8e510) (Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-ffb0ea0c-d0d4-4a5f-b16a-3fa9cf0e942b) (Version: 3.0.2.59 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.7316 - CyberLink Corp.) Hidden
Roads of Rome 3 (HKLM-x32\...\WTA-bd68be74-6281-465a-a0bb-31664499a5af) (Version: 2.2.0.98 - WildTangent) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype version 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Solitaire Mystery Four Seasons (HKLM-x32\...\WTA-b0e014df-ec3e-4989-8bf0-769abc4e9c61) (Version: 3.0.2.51 - WildTangent) Hidden
Sparkle 2 (HKLM-x32\...\WTA-dd3d473f-ad9c-4844-845f-fc5ab5b96487) (Version: 3.0.2.51 - WildTangent) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
TomTom MyDrive Connect 4.1.5.3181 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.5.3181 - TomTom)
Trinklit Supreme (HKLM-x32\...\WTA-d45adb64-530e-40ed-bd6a-6ad9a60bac12) (Version: 2.2.0.98 - WildTangent) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Viking Saga (HKLM-x32\...\WTA-1fa59100-0ab2-4e9a-8dea-2233543014c0) (Version: 3.0.2.48 - WildTangent) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VMware Horizon Client (HKLM\...\{C7F8E8FA-0832-427E-B2B1-ABF6F8495C35}) (Version: 3.5.2.30397 - VMware, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.9 - WildTangent) Hidden
Youda Jewel Shop (HKLM-x32\...\WTA-ca79ae49-12ee-4405-9e11-66c03da7197f) (Version: 3.0.2.51 - WildTangent) Hidden
 
Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2017-11-24] (WildTangent Games)
AccuWeather - Weather for Life -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindows8_10.0.348.1000_x64__8zz2pj9h1h1d8 [2018-04-08] (AccuWeather) [MS Ad]
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.145.300.0_x86__kgqvnymyfvs32 [2019-08-08] (king.com)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.43.1955.0_x64__6mqt6hf9g46tw [2019-07-24] (Fitbit)
Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2017-11-24] (Hewlett-Packard Company)
HP Connected Drive -> C:\Program Files\WindowsApps\AD2F1837.HPFileViewer_4.4.32.190_x64__v10z8vjag6ke6 [2017-11-24] (HP Inc.)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2017-11-24] (Hewlett-Packard Company)
Logitech Camera Controller -> C:\Program Files\WindowsApps\E97CB0A1.LogitechCameraController_1.0.0.135_x86__wd885nsp30hay [2017-11-24] (LOGITECH Europe S.A.)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.4100.0_x64__8wekyb3d8bbwe [2019-04-20] (Microsoft Studios) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-19] (Microsoft Studios) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-11-24] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-11-24] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-11-24] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-21] (Microsoft Corporation) [MS Ad]
mysms - Text from Computer, Messaging -> C:\Program Files\WindowsApps\UptoElevenDigitalSolution.mysms-Textanywhere_3.2.0.0_x64__c9d6r4qvva5x8 [2019-02-02] (Up to Eleven Digital Solutions GmbH)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-14] (Microsoft Corporation)
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2018-08-05] (Snapfish)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2017-11-24] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2017-11-24] (Microsoft Corporation) [MS Ad]
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2017-11-24] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-04-17] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-04-17] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-11-25] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2014-03-28 00:42 - 2014-03-28 00:42 - 000315392 _____ () [File not signed] C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2014-03-28 00:42 - 2014-03-28 00:42 - 000433664 _____ () [File not signed] C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2015-10-14 19:53 - 2015-10-14 19:53 - 000199680 _____ () [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\libidn.dll
2015-10-07 08:26 - 2015-10-07 08:26 - 000115200 _____ () [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\liblber.dll
2015-10-07 08:26 - 2015-10-07 08:26 - 000358912 _____ () [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\libldap_r.dll
2015-10-07 08:25 - 2015-10-07 08:25 - 001293824 _____ () [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\libxml2.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-16 16:14 - 2016-09-16 16:14 - 000017408 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2014-03-29 09:31 - 2014-03-29 09:31 - 002110464 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-29 09:27 - 2014-03-29 09:27 - 000021504 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-29 09:27 - 2014-03-29 09:27 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-29 09:27 - 2014-03-29 09:27 - 000035328 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 002880000 _____ () [File not signed] C:\Windows\ShellComponents\TaskFlowUI.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000494592 _____ () [File not signed] C:\Windows\ShellExperiences\TileControl.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001841152 _____ () [File not signed] C:\WINDOWS\system32\TextInputMethodFormatter.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000037888 _____ () [File not signed] C:\Windows\System32\usocoreps.dll
2019-03-19 17:59 - 2019-03-19 19:20 - 000094720 _____ () [File not signed] C:\Windows\System32\VirtualMonitorManager.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001796608 _____ () [File not signed] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\A4.Foundation\2a59568ec03c461941f1e98ec9d11274\A4.Foundation.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000022016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\dcd1f949bfc4cf25a73f5fe4aa732906\AEM.Actions.CCAA.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\02eeaef3049be6c36a3204d3080ac51b\AEM.Plugin.EEU.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\e2091b0e12c74ec3de78801b807d0557\AEM.Plugin.Hotkeys.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000282112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\49e1e35feee73a394f2584411b1d38fb\AEM.Plugin.Source.Kit.Server.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\4685756ac2a3746208156bfbc2aeac7f\AEM.Plugin.WinMessages.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\86d11e702b1aeb134482b1d343b1af61\AEM.Plugin.REG.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\58fcf4d9a3e730a758f1c769e57c4bc8\AEM.Plugin.GD.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\f41263d8066ee241452667076234a817\AEM.Server.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server\7f0ff8ab486c88c849dfdba2eeba4b18\AEM.Server.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Foundation\cc9b75c5bdc573dbf5642c5785dbeb03\APM.Foundation.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ATICCCom\b75a18ce403213fbfdfc1e58dabf2d0b\ATICCCom.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\6b7904788d7c93c2765f2fd318e30a89\CCC.Implementation.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\b8df4eba019b47439339958cae22c67f\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\ed0020eaa70b75d8153190caedb399da\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\40ea86b0f6a40d0a707699e450134c44\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000073216 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.398e7f7a#\0147c291935864f2bc7d6a44d6e4d6df\CLI.Aspect.A4.A4.Shared.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\f9de4dfd846ab16c5bf0145b61ba526c\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\ae1d60791a33d0ccb0e3610620afccc1\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\b29ef26f5ab5451dc5d9af3dcb4a6b88\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000360960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\8a4c6e368c4b17c65dc9b2ee7d326266\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000064512 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\4d6c869f6476302ec6658010cac1ef3e\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000674816 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\46eabfd384dcbb2c8651ded4e46089fb\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000745472 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\0a42ba7e0577892d54be6dae4641ce69\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000452608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\348a421c3f3a80e657097b0d320f4fd4\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\44fca181eb04216b78ad7a1d8fd181f1\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\0aa864e15746010ce5ade57db957a559\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\966f5c086d02d690bb2214ca2568c97d\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\5f6af62240f3c759701ef42c5d677399\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\9a979ef151db39b136455afc0f94599f\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\091254164429e83021c1d8ffff802b1c\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\3e5bf0baaf1f2950fa53a8c3fb534588\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e76f4137#\dd08a6127098a998de948ac7dc0ec374\CLI.Aspect.A4.A4.Dashboard.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000274432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\f1383d5239aa4e2e22f72749ae71e65d\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 003311616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\f3919c80741875634fb27e1943efcfe4\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000239616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\91a5ff48931ff80a327db766c862f406\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\a66ea0977520879adfe9f65247630863\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000048128 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f38af62f#\9ea12519ba75cc75a4cbac5b83ba3e48\CLI.Aspect.A4.A4.Runtime.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\279c5914c74bfa10f2e3b0a0cce77388\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\9f20002232ab0822c46779604b575320\CLI.Caste.A4.Runtime.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\fcbae690c5018ada61aa2265a70cbf93\CLI.Caste.A4.Shared.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\0af9aa9e56f68221dc715464bd9025a2\CLI.Caste.A4.Dashboard.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\75ebaaff8a10353ddb7b34b5bbf4b28e\CLI.Caste.Fuel.Shared.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\a482ac0d1cf293c3cd4267a0344030f8\CLI.Caste.Fuel.Runtime.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\8b4ef322d87ceda499058fcf8bb0a2a7\CLI.Caste.Fuel.Dashboard.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\0effecd4c84b526ca07013b3685fb0d9\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 001556480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\6419140972a41f6309f782c751acf709\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\da9fbc51e41a0754bed4cb1efdfd9cc6\CLI.Caste.Graphics.Dashboard.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\e9d26170337f8b5058ae71aaef752eec\CLI.Caste.HydraVision.Runtime.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\e76865b189e748616214472d9ea5c76e\CLI.Caste.HydraVision.Shared.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\c69067566f9e8dd91bfd1f58ad518753\CLI.Caste.HydraVision.Dashboard.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\8b703358857d82a2a46daa8e4decce45\CLI.Caste.Platform.Shared.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\339aa82deb71b267f2361bd508fb1bfb\CLI.Caste.Platform.Runtime.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\7856e8547369cb75993d04e4a589439c\CLI.Caste.Platform.Dashboard.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\8a0e70963debf6396e915dd5d653595a\CLI.Component.Runtime.Shared.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\5e481583a522aac4ab922593dc7bcaed\CLI.Component.Dashboard.ProfileManager2.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\744a7ddf445a9418f6044fa9e15ca4b2\CLI.Component.Runtime.Shared.Private.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\613987cf99de9e834ba1bd9fc288a878\CLI.Component.Runtime.Extension.EEU.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\8a0b7675927b5ba16f15265bc0e4b2fc\CLI.Component.Dashboard.Shared.Private.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\a9d2a5d1346201da1fb0ff124f0bac46\CLI.Component.Client.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000084992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\77356a8f8c9d351b3c08d2e01f8443df\CLI.Component.Dashboard.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\b25f798e310fc34601d62df9b489723a\CLI.Foundation.Private.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\757c68a756d213bc347e49102516ad5b\CLI.Foundation.XManifest.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\a393e4e64e0f4b2aa1a04bdec7838779\CLI.Foundation.CoreAudioAPI.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 001073664 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\4c084304fec9da20e7bb2633a24b1c44\CLI.Foundation.Client.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000302080 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\3045ce6967712a3f22be58617653459a\CLI.Foundation.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\b236a5aa13481e8ca4273a083d0caee7\DEM.Graphics.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\067b6f8ce7e59406860807ce92b2bb8c\Fuel.Foundation.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000296448 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\f242757b23c174b8c9a416e38e6d7958\LOG.Foundation.Implementation.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\36cfb841a4668a90cdb0b16dd8f9a030\LOG.Foundation.Private.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\405f8a2a3b895d91e36aad23ff6e8c4a\LOG.Foundation.Implementation.Private.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\14dfbe9fe155daf994090085e66d19fc\LOG.Foundation.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\a2ba1445d7b1460b3f4eca7891cabd65\MOM.Foundation.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\7f2f0be67ca02e5453995083807ff9ed\MOM.Implementation.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\ea68261e33ebc25806fd98f874decfad\NEWAEM.Foundation.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000868864 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\322da04c2eb4fc96fdc5564d8455176e\ADL.Foundation.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Server\654bd1752b701a2ae03896b7fe870e64\APM.Server.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000298496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\6a7bd2e21670aa058b93adc8c2fc453d\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 001654784 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\5848152ac8152ec1fc2d3ae65c6e6a4b\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 006514688 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\4f27511e30c1f13051c08be0266d2c28\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 002563072 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\e311699f5c48349be344bf3411e3579b\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 001146368 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\af5be3bd8eb3d76db233514400e7ea70\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\cba212ff35c9055e53a8571b774543e7\CLI.Component.Client.Shared.Private.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000234496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\ba2907ef0c8f9bf2a653fd1c29f9daff\CLI.Component.Runtime.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000945664 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\9f65df0b68a8d9a4a8c3d64e8a41a3e3\CLI.Component.Dashboard.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000016896 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0703\38fbac3efd5eeaf6dbbe1b189d0f847c\DEM.Graphics.I0703.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\59efa63dcfffc6f304a7639dc8db3646\DEM.Graphics.I0706.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\e95e79e0a119cf3e69d603250127f56c\DEM.Graphics.I0709.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\e03bdb14c3ddcb08aed5f2bb50f44d19\DEM.Graphics.I0712.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\ebe9e72ae08e2fbc0650303e6cb9acd4\DEM.Graphics.I0804.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\65f0bb72eaf45d7a387d466f45fc6d38\DEM.Graphics.I0805.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\63fbf84440c00fc6b7d8ebed6ce5ab2b\DEM.Graphics.I0812.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\6c095e25229cd93e703fecf8d1782c5d\DEM.Graphics.I0906.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\785b77c9b83de19c1d49077121af1fe1\DEM.Graphics.I0912.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\05bb8de1d7c7b271f099f18080dd00b4\DEM.Graphics.I1010.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 001120256 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\3fd3bcc141976be319f756ba78c0d7ef\Localization.Foundation.Private.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 000242688 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\a44169220362c70359daf5e1ca77c917\ResourceManagement.Foundation.Implementation.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\2e776ebad15998ba4917f22ee784d412\ResourceManagement.Foundation.Private.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\4d44788c2ec499c7a7064457ae3d1f6c\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 002838528 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\badc5318242355eb200b7dd1c28f41d2\CLI.Caste.Graphics.Shared.ni.dll
2019-08-15 08:40 - 2019-08-15 08:40 - 003212800 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\a039e42aef77c2fbad560da01808fb07\CLI.Caste.Graphics.Runtime.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000025600 _____ (ATI Technologies Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\a603af9811972cd48a7f5982454a9331\DEM.Foundation.ni.dll
2019-08-15 08:39 - 2019-08-15 08:39 - 000115200 _____ (ATI Technologies Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\c2c82d83e8f79c223ab29705abfdf864\DEM.Graphics.I0601.ni.dll
2015-06-14 18:25 - 2009-04-03 17:01 - 001321984 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\CNC250C.dll
2015-06-14 18:25 - 2009-03-11 12:36 - 000328192 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\CNC250L.DLL
2015-06-14 18:25 - 2010-04-24 06:00 - 000336896 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLM9W.DLL
2017-09-25 07:48 - 2010-04-24 06:00 - 000028672 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNMPD9W.DLL
2014-04-05 10:06 - 2014-04-05 10:06 - 000293216 _____ (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [File not signed] C:\Program Files (x86)\Evernote\Evernote\encrashrep.dll
2014-04-05 10:54 - 2014-04-05 10:54 - 000589664 _____ (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [File not signed] C:\Program Files (x86)\Evernote\Evernote\EvernoteOL.dll
2014-04-05 10:54 - 2014-04-05 10:54 - 000077152 _____ (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [File not signed] C:\Program Files (x86)\Evernote\Evernote\Resource.dll
2014-03-28 00:42 - 2014-03-28 00:42 - 000258048 _____ (Evernote Corporation, 333 West Evelyn Avenue, Mountain View, CA 94041) [File not signed] C:\Program Files (x86)\Evernote\Evernote\LibPCRE.dll
2015-10-14 19:54 - 2015-10-14 19:54 - 001116672 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\iconv.dll
2015-10-14 19:54 - 2015-10-14 19:54 - 000081408 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\intl.dll
2014-03-29 09:47 - 2014-03-29 09:47 - 000646656 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2014-03-29 09:29 - 2014-03-29 09:29 - 000692224 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2014-03-29 09:32 - 2014-03-29 09:32 - 001107968 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2014-08-06 20:03 - 2014-06-11 17:53 - 000423936 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\System32\hpbprtmon.dll
2014-06-11 17:53 - 2014-06-11 17:53 - 000442880 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\hpbxjobsvr1401.dll
2019-08-09 20:24 - 2014-01-05 08:42 - 000697856 ____N (IDT, Inc.) [File not signed] C:\WINDOWS\system32\stapi64.dll
2019-08-09 20:24 - 2014-01-05 08:42 - 002213376 _____ (IDT, Inc.) [File not signed] C:\WINDOWS\system32\stapo64.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000128000 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\Ink\IpsPlugin.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000931840 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\System\Ole DB\oledb32.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 007068672 _____ (Microsoft Corporation) [File not signed] C:\Windows\ImmersiveControlPanel\SystemSettings.dll
2019-03-19 17:46 - 2019-03-19 17:46 - 000964096 _____ (Microsoft Corporation) [File not signed] C:\Windows\ImmersiveControlPanel\SystemSettingsViewModel.Desktop.dll
2019-03-19 17:46 - 2019-03-19 17:46 - 000055296 _____ (Microsoft Corporation) [File not signed] C:\Windows\ImmersiveControlPanel\Telemetry.Common.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 003073024 _____ (Microsoft Corporation) [File not signed] C:\Windows\ShellComponents\WindowsInternal.ComposableShell.Experiences.Switcher.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 009527808 _____ (Microsoft Corporation) [File not signed] C:\Windows\ShellExperiences\StartUI.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000411648 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\AboveLockAppHost.dll
2019-03-19 19:19 - 2019-03-19 04:13 - 000273408 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\AccountAccessor.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 000357888 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\AcGenral.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000175616 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\ACPBackgroundManagerPolicy.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000083456 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\acppage.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000065024 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\AcSpecfc.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000315392 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\Actioncenter.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000071680 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\ActionMgr.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000058368 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\activationclient.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000748032 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\activationmanager.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000264192 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\ACTIVEDS.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000634880 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\ActXPrxy.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000024064 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\adhapi.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000097792 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\adhsvc.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000248832 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\adsldp.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000252416 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\adsldpc.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000068608 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\amsi.dll
2019-03-19 19:19 - 2019-03-19 04:18 - 000070656 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\APHostClient.dll
2019-03-19 19:19 - 2019-03-19 04:11 - 000351744 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\aphostservice.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000231424 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\APISAMPLING.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001375232 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\APMon.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000564736 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\apphelp.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000160256 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\appinfo.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000012288 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\appinfoext.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000683008 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\ApplicationFrame.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000113152 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\AppMon.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000142848 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\AppointmentActivation.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 000178688 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\appsruprov.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000337408 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\AppXAllUserStore.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000060416 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\AssignedAccessRuntime.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000095744 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\ATL.DLL
2019-03-19 17:43 - 2019-03-19 17:43 - 000040960 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\atlthunk.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000735232 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\audioendpointbuilder.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001942528 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\audiosrv.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000207872 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\AuthBroker.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000284160 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\AUTHZ.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000115200 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\AVIFIL32.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000067072 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\BackgroundMediaPolicy.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000040448 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\BatMeter.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000261120 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\bcastdvr.proxy.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000878080 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\bfe.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000029696 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\bi.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\bidispl.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000803840 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\bisrv.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000083456 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\bitsigd.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000031232 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\bitsperf.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000067584 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\BitsProxy.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000197632 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\BluetoothApis.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000246272 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\BrokerLib.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\BROWCLI.Dll
2019-03-19 17:57 - 2019-03-19 19:20 - 000134656 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\browser.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000144384 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\BrowserSettingSync.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001062912 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\btagservice.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000382976 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\bthavctpsvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000261632 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\bthprops.cpl
2019-03-19 17:44 - 2019-03-19 17:44 - 000104960 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\BthRadioMedia.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000223744 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\bthserv.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000032256 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\BthTelemetry.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000174080 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\CallHistoryClient.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000065024 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\CapabilityAccessHandlers.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000344576 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\capabilityaccessmanager.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000226816 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\CapabilityAccessManagerClient.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000508416 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\catsrvut.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 001124864 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\cbdhsvc.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 005500416 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\cdp.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 002059264 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\cdprt.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000644096 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\cdpsvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000524800 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\cdpusersvc.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000735744 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\CellularAPI.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000249344 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\CEMAPI.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000807424 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\certca.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 003184128 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\certenroll.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000121856 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\certpoleng.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000173568 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\cflapi.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 007753728 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\chakra.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000129024 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\CHARTV.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000105984 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\CLDAPI.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000210944 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\ClipboardServer.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000461824 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\cloudAP.DLL
2019-08-10 15:22 - 2019-08-10 15:22 - 001080320 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\CLUSAPI.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000044544 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\cmintegrator.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000812032 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\COMDLG32.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001856000 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\ConstraintIndex.Search.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000224256 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\container.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000014848 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\coreaudiopolicymanagerext.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000515584 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\CoreShellAPI.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 000112640 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000386560 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\credprovhost.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000049152 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\credui.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000123904 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\cryptcatsvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000168448 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\cryptnet.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000477696 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\cryptngc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000369664 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\CryptoWinRT.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000096256 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\cryptsvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000062976 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\crypttpmeksvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000283648 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\CRYPTUI.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000049664 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\cscapi.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000024064 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\CSystemEventsBrokerClient.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 004474880 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\D3DCOMPILER_47.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000110080 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\DAB.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000014336 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\DABAPI.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000183808 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\dafupnp.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000333312 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\DAFWSD.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000482816 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\das.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000222208 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\dataexchange.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000095232 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\davclnt.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000027648 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\DAVHLPR.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 000668160 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\daxexec.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000157696 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\dbgcore.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 001930752 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\dbghelp.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 000014336 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\DCIMAN32.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000578560 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\DDRAW.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000106496 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\desktopshellext.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000157696 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\DeviceSetupManagerAPI.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000059904 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\DEVRTL.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000064512 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\dfscli.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000388096 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\dhcpcore.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000293376 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\dhcpcore6.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000092672 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\dhcpcsvc.DLL
2019-08-10 15:21 - 2019-08-10 15:21 - 000068096 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\dhcpcsvc6.DLL
2019-03-19 17:45 - 2019-03-19 17:45 - 001314304 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\diagperf.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 003771392 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\diagtrack.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000348672 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\DIFXAPI.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 000404992 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\DispBroker.Desktop.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000376320 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\DispBroker.dll
2019-03-19 17:57 - 2019-03-19 19:20 - 000321536 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\dlnashext.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000108032 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\DMCfgUtils.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000611328 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\dmEnrollEngine.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000033792 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\DMProcessXMLFiltered.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000109568 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\dmxmlhelputils.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000350208 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\dnsrslvr.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000015872 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\DPAPI.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000205312 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\dpapisrv.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000169984 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\dps.dll
2019-03-19 17:56 - 2019-03-19 19:20 - 000280576 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\drivers\umdf\wpdfs.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000025600 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\drprov.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000602112 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\DSOUND.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000030208 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\DSPARSE.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000824832 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\dsreg.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000037888 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\dtsh.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 001748992 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\DUI70.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000578560 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\DUser.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000048640 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\dusmapi.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000358912 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\dusmsvc.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 003550720 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\dwmcore.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000062976 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\dwmghost.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000137216 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\dwmredir.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 003084288 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\DWrite.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000467456 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\dxp.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000050176 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\EAMProgressHandler.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000239616 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\eappcfg.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000073216 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\eappprxy.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 004012032 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\EdgeContent.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 025901056 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\edgehtml.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000443904 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\edgeIso.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 000923136 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\EdgeManager.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000119808 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\edputil.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000205312 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\eeprov.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000087552 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\efslsaext.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000045056 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\EFSUTIL.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000861696 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\efswrt.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000132096 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\EhStorAPI.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000208384 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\EhStorShell.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000076800 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\elscore.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000703488 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\ElsLad.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000047616 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\embeddedmodesvcapi.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000178688 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\energyprov.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000046592 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\ErrorDetailsCore.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000401408 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\es.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 003261440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\ESENT.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000065024 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\esentprf.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000142336 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\EShims.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000186368 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\EthernetMediaManager.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000078336 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\EventAggregation.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000083456 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\execmodelproxy.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 002094592 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\explorerframe.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000014336 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\familysafetyext.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000021504 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\fdphost.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000068096 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\fdproxy.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000035328 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\fdrespub.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000108544 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\fdssdp.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000110080 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\fdwcn.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000030208 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\fdWNet.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000152064 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\fdwsd.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000243200 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\feclient.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000430080 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\fhcfg.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000441344 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\fhsettingsprovider.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000029696 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\fhsvcctl.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000551936 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\firewallapi.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000893440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\FlightSettings.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001884672 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\fntcache.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000019456 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\fontgroupsoverride.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000138240 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\FontProvider.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000305664 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\framedynos.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000153088 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\FunDisc.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 000912896 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\FVEAPI.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000162304 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\fwbase.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000235008 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\FWPolicyIOMgr.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000467456 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\fwpuclnt.dll
2019-03-19 17:46 - 2019-03-19 17:46 - 000046592 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\FXSMON.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000130560 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\globinputhost.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000038400 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\gmsaclient.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 001255936 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\gpsvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000060928 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\hcproviders.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000038912 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\HID.DLL
2019-03-19 17:45 - 2019-03-19 17:45 - 000039936 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\hidphone.tsp
2019-03-19 17:44 - 2019-03-19 17:44 - 000034816 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\hidserv.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000128000 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\HLINK.DLL
2019-03-19 17:45 - 2019-03-19 17:45 - 000257024 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\hnetcfgclient.dll
2019-03-19 17:58 - 2019-03-19 19:20 - 000888832 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HolographicExtensions.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000464384 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\HrtfApo.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000034816 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\HTTPAPI.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000018944 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\httpprxc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000119808 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\httpprxm.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000253952 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\icm32.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000014336 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\IconCodecService.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000010240 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\idndl.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000154112 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\IDStore.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 007174656 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\ieframe.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 000833536 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\ieproxy.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001042944 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ikeext.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000512512 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\imapi2.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 000177664 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\inetpp.dll
2019-03-19 17:58 - 2019-03-19 20:12 - 000070144 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\inetsrv\apphostsvc.dll
2019-03-19 17:57 - 2019-03-19 20:12 - 000231936 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\inetsrv\IISRES.DLL
2019-03-19 17:57 - 2019-03-19 20:12 - 000285696 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\inetsrv\iisutil.dll
2019-03-19 17:57 - 2019-03-19 20:12 - 000477696 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\inetsrv\nativerd.dll
2019-03-19 19:19 - 2019-03-19 04:18 - 000060416 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\InprocLogger.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000138752 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\InputLocaleManager.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 004470784 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\InputService.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000505856 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\InputSwitch.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 002448384 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\installservice.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 000830976 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\iphlpsvc.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 002032640 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\ism.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000147968 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\JOINUTIL.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000009728 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\KBDUS.DLL
2019-03-19 17:43 - 2019-03-19 17:43 - 000026624 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\KDCPW.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000070656 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\keepaliveprovider.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001010176 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\kerberos.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000090624 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\keyiso.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000048128 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\kmddsp.tsp
2019-03-19 17:44 - 2019-03-19 17:44 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\ktmw32.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000095744 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000030720 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\LINKINFO.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000027136 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\lmhsvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000121856 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\loadperf.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001159680 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\localspl.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 001657856 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\lsasrv.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000676864 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\lsm.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000120320 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\MAPI32.dll
2019-03-19 19:19 - 2019-03-19 04:15 - 000178176 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\MCCSEngineShared.dll
2019-03-19 19:19 - 2019-03-19 04:18 - 000031744 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\MCCSPal.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000098304 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\mciavi32.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000280576 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\MDMRegistration.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 001095680 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\MessagingDataModel2.DLL
2019-03-19 17:43 - 2019-03-19 17:43 - 001442816 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\MFC42u.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000036352 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\MfcSubs.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000123904 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\mi.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000280064 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Microsoft.Bluetooth.Proxy.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 004008960 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\Microsoft.Bluetooth.Service.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000273408 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\MicrosoftAccountCloudAP.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000474624 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\MicrosoftAccountWAMExtension.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000025600 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\midimap.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000413184 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\mintdh.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001332736 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\MiracastReceiver.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000239616 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\miutils.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\mlang.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000021504 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\MobileNetworking.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000466432 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\modernexecserver.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001062912 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\mpssvc.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000029184 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\msacm32.drv
2019-03-19 17:44 - 2019-03-19 17:44 - 000023040 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\msauserext.dll
2019-03-19 17:46 - 2019-03-19 17:46 - 000378368 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\mscoree.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000089600 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\MsCtfMonitor.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000135680 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\MSDART.DLL
2019-03-19 17:45 - 2019-03-19 17:45 - 000864768 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\MSDTCPRX.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000322048 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\msdtcuiu.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 003353088 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\MsftEdit.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 004578816 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\msi.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000063488 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\msident.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000011776 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\Msidle.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000021504 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\msiltcfg.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000008192 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\MSIMG32.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000050688 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\msimtf.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000308736 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\msIso.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000062976 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\mskeyprotect.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000214016 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\msls31.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000002560 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\msprivs.DLL
2019-08-10 15:21 - 2019-08-10 15:21 - 000060416 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\msscntrs.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000204800 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\mssph.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000147456 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\mssprxy.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 002870272 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\mssrch.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000139776 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\mstask.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000250880 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\MSUTB.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000143360 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\MSVFW32.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000157184 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\mtffuzzyds.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000260608 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\MTFServer.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000425472 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\MTXCLU.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000068096 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\napinsp.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000025600 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\NcaApi.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000374784 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ncbservice.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000089600 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ncdautosetup.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000073728 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\NCObjAPI.DLL
2019-08-15 21:05 - 2019-08-15 21:05 - 000344064 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\ncryptprov.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 000518144 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ncsi.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000027136 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\ncuprov.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000074240 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\nduprov.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000117248 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\negoexts.DLL
2019-03-19 17:46 - 2019-03-19 17:46 - 000106496 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\netfxperf.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000162304 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\netjoin.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000864256 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\netlogon.DLL
2019-08-10 15:21 - 2019-08-10 15:21 - 000226816 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\netprofm.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000610816 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\netprofmsvc.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000064000 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\netprovfw.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000506368 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NetSetupShim.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000076288 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\NetworkExplorer.dll
2019-03-19 19:19 - 2019-03-19 04:17 - 000126464 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\NetworkHelper.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000054784 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\NetworkItemFactory.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000419840 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NetworkUXBroker.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000208896 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\newdev.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000601088 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NgcCtnr.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000488448 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NgcCtnrGidsHandler.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000810496 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ngcctnrsvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000281600 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\ngcpopkeysrv.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000392704 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\NInput.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 000093184 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\nlaapi.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 000382976 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\nlasvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000005632 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\normaliz.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001364480 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NotificationController.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000388608 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NotificationControllerPS.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000047616 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NotificationPlatformComponent.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000045056 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\npmproxy.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000207872 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\npsm.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000018944 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\nrpsrv.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000030720 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\nsisvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000148480 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\NTDSAPI.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000066048 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\ntlanman.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000497664 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\ntshrui.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000395776 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\OLEACC.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000047616 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\OnDemandBrokerClient.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000073216 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\ondemandconnroutehelper.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000359936 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\OneBackupHandler.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000479744 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\OneCoreCommonProxyStub.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000654848 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\OneDriveSettingSyncProvider.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000235008 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\OneX.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000067584 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\PackageStateChangeHandler.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000154624 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\PackageStateRoaming.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000068096 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\pcacli.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000064512 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\pcadm.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000047104 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\PCShellCommonProxyStub.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000278016 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\pdh.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000047104 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\Perfctrs.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000041472 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\perfdisk.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000026624 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\perfnet.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000040960 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\perfos.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000045056 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\perfproc.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000084480 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\perftrack.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000039936 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\perfts.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000200192 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\PersonaX.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000442368 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\PhoneOm.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000360448 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\PhoneUtil.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000491520 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000190464 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\pimindexmaintenance.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000062464 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\PimIndexMaintenanceClient.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000967680 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\PIMSTORE.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000237056 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\pku2u.DLL
2019-03-19 17:43 - 2019-03-19 17:43 - 000088576 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\PlaySndSrv.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000392192 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\PlayToDevice.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 002096128 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\pnidui.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000015360 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\pnpts.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000086528 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\pnrpnsp.dll
2019-03-19 17:59 - 2019-03-19 19:20 - 000629248 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\PortableDeviceApi.dll
2019-03-19 17:59 - 2019-03-19 19:20 - 000125952 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\portabledeviceclassextension.dll
2019-03-19 17:59 - 2019-03-19 19:20 - 000183808 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\PortableDeviceTypes.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000067072 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\POSyncServices.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000059392 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\PrintIsolationProxy.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000232960 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\prnfldr.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000491520 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\profsvc.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000153088 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\profsvcext.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000468480 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\provsvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000164864 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\ProximityCommon.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000016896 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\ProximityCommonPal.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000304128 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\ProximityService.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000054784 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\ProximityServicePAL.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000728576 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\psmserviceexthost.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 000236544 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\psmsrv.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000016384 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\PSTOREC.DLL
2019-08-10 15:21 - 2019-08-10 15:21 - 001581056 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\qmgr.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000105472 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\query.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000581120 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\QuietHours.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000099328 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\radardt.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000016896 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\rasadhlp.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000950784 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\RasApi32.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000158720 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\raschap.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000021504 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\rasctrs.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000406528 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\rascustom.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000184832 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\rasman.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000913408 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\rasmans.dll
2019-03-19 17:46 - 2019-03-19 17:46 - 000305664 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\rasppp.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000248320 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\rastapi.DLL
2019-08-10 15:21 - 2019-08-10 15:21 - 000203264 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\REGAPI.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 000623104 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\RESUTILS.DLL
2019-03-19 17:45 - 2019-03-19 17:45 - 000607232 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\RICHED20.DLL
2019-03-19 17:45 - 2019-03-19 17:45 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\rilProxy.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000080384 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\rpcepmap.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 001259008 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\rpcss.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000486400 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\RTMediaFrame.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000063488 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\rtutils.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000078848 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\SAMCLI.DLL
2019-08-10 15:21 - 2019-08-10 15:21 - 000122368 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\SAMLIB.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000923136 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\samsrv.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000022528 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\sbservicetrigger.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000277504 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\scecli.DLL
2019-08-10 15:21 - 2019-08-10 15:21 - 000537088 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\schannel.DLL
2019-08-10 15:21 - 2019-08-10 15:21 - 000858112 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\schedsvc.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000224256 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\scrobj.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000221184 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\scrrun.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 001193472 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\sdengin2.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000059392 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\SebBackgroundManagerPolicy.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000027648 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\Secur32.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000088576 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\SecureTimeAggregator.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000005632 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\security.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000944128 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\SecurityHealthSSO.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000073728 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\sens.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000014336 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\SensApi.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000134656 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\SettingMonitor.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000445440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\SettingsEnvironment.Desktop.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 003750912 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\SettingsHandlers_nt.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000593920 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\SettingsHandlers_User.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000457216 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\SettingSync.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001067008 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\SettingSyncCore.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000003072 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\SFC.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000048640 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\sfc_os.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000140288 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\shacct.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000070656 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\shacctprofile.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 001077248 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\ShareHost.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000241152 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\SHDOCVW.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000649728 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\ShellCommonCommonProxyStub.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000172544 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 002254336 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\ShellExperiences\WindowsInternal.Xaml.Controls.Tabs.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000028672 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\shgina.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000252928 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\shsvcs.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000304128 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\ShutdownUX.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000140800 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\slc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000069632 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\SmartCardBackgroundPolicy.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000256000 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\smartscreenps.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000308736 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\SndVolSSO.DLL
2019-03-19 17:45 - 2019-03-19 17:45 - 000033280 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\snmpapi.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 005085184 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\Speech_OneCore\Common\sapi_onecore.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000044544 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\winprint.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000093184 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\SPOOLSS.DLL
2019-03-19 17:45 - 2019-03-19 17:45 - 000272384 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\SPP.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000136192 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\sppc.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000207872 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\srchadmin.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000159232 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\srpapi.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000063488 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\srumapi.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000214528 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\srumsvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000280064 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\srvsvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000047104 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\SSCORE.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000013312 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\sscoreext.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 000065024 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\ssdpapi.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 000240128 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ssdpsrv.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000029184 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\SspiSrv.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000206336 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\sstpsvc.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000321024 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\sti.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000293888 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\stobject.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 000130560 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\storageusage.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 001007104 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\storsvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000456704 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\swprv.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000479744 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\SyncCenter.dll
2019-08-15 21:06 - 2019-08-15 21:06 - 000633344 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\SyncController.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000079360 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\Syncreg.dll
2019-03-19 19:20 - 2019-03-19 04:08 - 000395776 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\SYNCUTIL.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 000996352 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\sysmain.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000025088 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\SYSNTFY.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000030208 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\SystemEventsBrokerClient.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000275456 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\systemeventsbrokerserver.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000223232 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\tabsvc.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000233472 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\tapi32.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000012288 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\tapiperf.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000309248 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\tapisrv.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000480768 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\taskcomp.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001635328 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\TaskFlowDataEngine.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000222720 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\tcpmon.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000776704 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\tdh.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000013312 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\TetheringIeProvider.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000222208 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\TetheringStation.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000067072 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\themeservice.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000067072 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\threadpoolwinrt.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000622592 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\TileDataRepository.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000035840 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\TimeBrokerClient.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000172032 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\timebrokerserver.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000055808 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\TOKENBINDING.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001497088 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\tokenbroker.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 003263488 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\tquery.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000174080 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\trie.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000112128 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\trkwks.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000144896 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\tspkg.DLL
2019-03-19 17:45 - 2019-03-19 17:45 - 000185344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\twext.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000636416 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\twinapi.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000635904 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\twinui.appcore.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 006403072 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\twinui.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 006059520 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\twinui.pcshell.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000270848 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\UBPM.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000975360 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\udwm.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000677888 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\UiaManager.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000268800 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\UIAnimation.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 002521600 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\uiautomationcore.dll
2019-03-19 17:46 - 2019-03-19 17:46 - 004032512 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\UIRibbon.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000126976 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\umpnpmgr.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000155136 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\umpo.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000109568 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\umpoext.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000066048 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\umpo-overrides.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000296960 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\unimdm.tsp
2019-03-19 17:45 - 2019-03-19 17:45 - 000022528 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\uniplat.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 001146880 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\unistore.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000200192 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\UpdatePolicy.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000388608 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\upnp.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001856000 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\urlmon.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000861696 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\usbmon.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000014336 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\usbperf.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000745984 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\usercpl.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000044032 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\UserDataLanguageUtil.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000062464 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\UserDataPlatformHelperUtil.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 001536512 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\userdataservice.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000046592 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\UserDataTypeHelperUtil.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 001282048 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\usermgr.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000294912 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\usermgrproxy.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000128512 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\usoapi.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000516608 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\usosvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000079360 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\USP10.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000089088 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\UXINIT.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000606208 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\UxTheme.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000289280 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\vaultcli.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000360448 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\vaultsvc.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000152576 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\vfuprov.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000680448 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\vpnike.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000061952 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\vss_ps.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 001631232 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\vssapi.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000069632 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\VssTrace.DLL
2019-08-15 21:05 - 2019-08-15 21:05 - 002054656 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wbem\cimwin32.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000468992 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wbem\esscli.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 001031680 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wbem\fastprox.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000111616 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wbem\ncprov.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000385536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wbem\repdrvfs.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 001817088 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wbem\wbemcore.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000288256 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wbem\wbemdisp.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000532992 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wbem\wbemess.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000044544 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wbem\wbemprox.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000063488 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wbem\wbemsvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000137216 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wbem\wmiaprpl.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000139264 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wbem\WmiPerfClass.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000218624 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wbem\wmiprov.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000832512 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wbem\wmiprvsd.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000231424 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wbem\wmisvc.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000131584 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wbem\wmiutils.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000487424 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\wbemcomn.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000955904 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wbiosrvc.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000140288 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\wcmapi.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 000236544 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wcmcsp.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 001037312 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wcmsvc.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000137216 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\wcnapi.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000478208 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wcncsvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000101888 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wdi.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000218624 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wdigest.DLL
2019-03-19 17:43 - 2019-03-19 17:43 - 000253952 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wdmaud.drv
2019-08-10 15:21 - 2019-08-10 15:21 - 000464384 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\webauthn.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000598016 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\webio.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 001282560 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\werconcpl.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001918976 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wevtsvc.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wfapigp.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000669696 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wiaservc.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000018432 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\wiatrace.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000395776 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\WiFiDisplay.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000787968 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\wifinetworkmanager.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000863232 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\win32spl.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000178688 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\winbio.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000042496 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\winbioext.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000572416 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\WINBIOPLUGINS\NUIVOICEWBSADAPTERS.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000111104 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\WINBIOPLUGINS\WINBIOSTORAGEADAPTER.DLL
2019-08-10 15:21 - 2019-08-10 15:21 - 000435200 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wincorlib.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 001542656 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\windowmanagement.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000118784 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000030208 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.ApplicationModel.Background.TimeBroker.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000216064 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.ApplicationModel.Core.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 002113536 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.CloudStore.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 001113088 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.CloudStore.Schema.Shell.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000361984 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\windows.cortana.onecore.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000147456 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\windows.cortana.pal.desktop.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000128512 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Cortana.ProxyStub.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000512000 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Data.Activities.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 002249216 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Devices.Bluetooth.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000219648 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\windows.devices.radios.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000808960 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Gaming.Input.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001784832 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Globalization.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000063488 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Globalization.Fontgroups.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000525824 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Graphics.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000730112 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000640000 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\Windows.Internal.Bluetooth.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000091136 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000046592 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Internal.SecurityMitigationsBroker.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000061952 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\windows.internal.shellcommon.AppResolverModal.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001098240 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Internal.Signals.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000102400 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000767488 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Networking.Connectivity.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000936448 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Networking.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000210432 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Networking.HostName.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000148480 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Networking.Sockets.PushEnabledApplication.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000914944 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001180160 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Security.Authentication.Web.Core.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000342528 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Shell.BlueLightReduction.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000096768 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Shell.ServiceHostBuilder.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000045568 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\windows.staterepositorycore.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000748544 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\windows.storage.search.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 000373248 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.System.Diagnostics.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000728576 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.System.Launcher.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000136192 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.System.Profile.RetailInfo.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000916480 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.UI.Core.TextInput.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 001097216 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.UI.Immersive.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001781248 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.UI.Input.Inking.dll
2019-03-19 17:46 - 2019-03-19 17:46 - 000041984 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\Windows.UI.Shell.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 004851712 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.UI.Xaml.Controls.dll
2019-08-15 21:05 - 2019-08-15 21:05 - 017785856 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.UI.Xaml.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 001233920 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.UI.Xaml.Phone.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000758784 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Web.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 001498624 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Windows.Web.Http.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000270336 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\WindowsCodecsExt.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 001153024 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WindowsPerformanceRecorderControl.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 005040640 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\WININET.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000199168 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\WinLangdb.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000031232 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\winrnr.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000189952 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\WinRtTracing.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\WinSCard.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000539648 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\winspool.drv
2019-03-19 17:44 - 2019-03-19 17:44 - 000814080 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\WinSync.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000292352 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wkssvc.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000016896 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\Wlanhlp.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000658944 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\WlanMediaManager.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000427008 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WLANMSM.DLL
2019-03-19 17:43 - 2019-03-19 17:43 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\WlanRadioManager.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000472064 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WLANSEC.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 002656768 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wlansvc.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000036864 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\wlansvcpal.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000402432 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\WLDAP32.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000121344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\wlgpclnt.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000650752 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\wlidprov.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000005632 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\WMI.dll
2019-03-19 17:43 - 2019-03-19 17:43 - 000046592 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WMICLNT.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000171520 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wmidcom.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 000225792 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\WorkFoldersShell.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001687552 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wpc.dll
2019-03-19 17:59 - 2019-03-19 19:20 - 000614912 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wpdshext.dll
2019-03-19 17:59 - 2019-03-19 19:20 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wpdshserviceobj.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001313792 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wpnapps.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000354816 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wpnclient.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 001608704 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\wpncore.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000562176 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\wpnprv.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000253440 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wpnservice.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000036864 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\wpnsruprov.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000082432 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wpnuserservice.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000168960 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\WPTaskScheduler.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000219136 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\wscinterop.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000083456 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\wscui.cpl
2019-03-19 17:44 - 2019-03-19 17:44 - 000688128 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wsdapi.dll
2019-03-19 17:45 - 2019-03-19 17:45 - 000055296 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\WSDCHNGR.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000064000 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wshbth.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000012800 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\wship6.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000019968 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wshqos.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000012800 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\wshtcpip.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000174592 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\WSMAUTO.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 002807296 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\WsmSvc.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000066048 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\wsnmp32.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000018944 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\WSOCK32.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000840704 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wuapi.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 003104768 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wuaueng.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000226816 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wuceffects.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000582144 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\WUDFx.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000070144 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wups.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000497664 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\wuuhext.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000207872 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\wuuhosdeployment.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000291840 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\zipfldr.dll
2019-08-10 15:22 - 2019-08-10 15:22 - 001491456 _____ (Microsoft Corporation) [File not signed] C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\eData.dll
2019-08-15 21:06 - 2019-08-15 21:06 - 009971712 _____ (Microsoft Corporation) [File not signed] C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\EMODEL.dll
2019-08-15 21:06 - 2019-08-15 21:06 - 015833088 _____ (Microsoft Corporation) [File not signed] C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\eView.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 000090624 _____ (Microsoft Corporation) [File not signed] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\BingConfigurationClient.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 008915968 _____ (Microsoft Corporation) [File not signed] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 003813376 _____ (Microsoft Corporation) [File not signed] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000796672 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9659_none_88dfc6bf2faefcc6\MSVCR80.dll
2019-08-15 20:56 - 2019-08-15 21:05 - 001697280 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.295_none_17ae9fa26da28c60\gdiplus.dll
2019-08-10 15:41 - 2019-08-10 15:41 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000548864 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9659_none_d08cfd96442b25cc\MSVCP80.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000626688 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9659_none_d08cfd96442b25cc\MSVCR80.dll
2019-08-15 20:56 - 2019-08-15 21:05 - 001458176 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.295_none_5f5bd679821eb566\gdiplus.dll
2015-10-14 19:53 - 2015-10-14 19:53 - 000031744 _____ (Open Source Software community project) [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\pthreadVC2.dll
2014-03-29 09:48 - 2014-03-29 09:48 - 000712080 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-03-29 09:48 - 2014-03-29 09:48 - 000367504 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-29 09:48 - 2014-03-29 09:48 - 000759184 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2014-03-29 09:48 - 2014-03-29 09:48 - 001204112 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll
2014-01-05 08:42 - 2014-01-05 08:42 - 000464384 _____ (SRS Labs, Inc.) [File not signed] C:\WINDOWS\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slapoi64.dll
2014-08-06 19:56 - 2014-01-05 08:42 - 000315904 _____ (Synopsys, Inc.) [File not signed] C:\Program Files\IDT\WDM\SRCOM64.DLL
2015-10-14 19:53 - 2015-10-14 19:53 - 000349696 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\libcurl.dll
2015-10-14 19:54 - 2015-10-14 19:54 - 001331712 _____ (The GLib developer community) [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\glib-2.0.dll
2015-10-14 19:54 - 2015-10-14 19:54 - 000015360 _____ (The GLib developer community) [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\gmodule-2.0.dll
2015-10-14 19:54 - 2015-10-14 19:54 - 000291328 _____ (The GLib developer community) [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\gobject-2.0.dll
2015-10-14 19:54 - 2015-10-14 19:54 - 000774144 _____ (The glibmm development team (see AUTHORS)) [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\glibmm-2.4.dll
2019-08-10 15:21 - 2019-08-10 15:21 - 002321408 _____ (The ICU Project) [File not signed] C:\WINDOWS\SYSTEM32\icu.DLL
2019-03-19 17:44 - 2019-03-19 17:44 - 000025088 ____R (The ICU Project) [File not signed] C:\WINDOWS\SYSTEM32\icuin.dll
2019-03-19 17:44 - 2019-03-19 17:44 - 000029696 ____R (The ICU Project) [File not signed] C:\WINDOWS\SYSTEM32\icuuc.dll
2015-10-14 19:54 - 2015-10-14 19:54 - 000064000 _____ (The libsigc++ development team (see AUTHORS)) [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\sigc-2.0.dll
2015-10-14 20:04 - 2015-10-14 20:04 - 001604096 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\LIBEAY32.dll
2015-10-14 20:04 - 2015-10-14 20:04 - 000296960 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\SSLEAY32.dll
2015-10-14 19:53 - 2015-10-14 19:53 - 001604096 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\LIBEAY32.dll
2015-10-14 19:53 - 2015-10-14 19:53 - 000296960 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\SSLEAY32.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2015-06-25 17:17 - 2015-06-25 17:17 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2015-06-25 17:21 - 2015-06-25 17:21 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2015-06-25 17:14 - 2015-06-25 17:14 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-661845806-1645133277-2052336375-1001\...\123simsen.com -> www.123simsen.com
 
There are 7936 more sites.
 
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-23 02:25 - 2020-03-23 18:16 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost
 
2018-01-22 21:30 - 2018-01-22 21:31 - 000000438 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11;;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Brackets\command
HKU\S-1-5-21-661845806-1645133277-2052336375-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stu\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\015.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{730CF5D9-3A69-4780-B39F-CCA23FE331C2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2F4A71DB-7310-4CDB-A695-89201C1BF4BB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{956D7471-0C52-4FEB-98FE-1A98E4E2FB7C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{96FC1568-EF03-43C0-A2C8-9C8665341E66}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DD1B5951-9937-4BC3-9AC6-523F114E8076}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{01FF1231-0953-4975-9948-B60527BCD54D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2B704D74-B3E2-40BC-B197-A72ABA88CEE7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{380608B3-AE18-4E62-AEE7-4359071FE455}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{93128F31-D97A-4905-A539-F333C54D72A6}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [TCP Query User{EF959340-1847-4960-A3DD-E5A404A695C8}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [{D6C23209-81E7-4570-BA61-6E2E8BFC25D7}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{11DC620F-2A32-4899-92CD-332F700D01BD}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{D6AF0AD7-0A07-4BD7-A219-5CA7D8593361}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{C606D969-3FE2-47CB-B3A8-989946E52C97}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{8FCEAE52-DD0D-476F-BE53-A2F316D21C81}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{0516336B-8AED-4780-A33E-39AF5E28EB04}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{EEE63AEA-BEF4-41CE-AF34-A6E50FE0A59E}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{00DDF140-69CC-49CA-9225-CED0226214D5}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{7C214F76-E922-4C43-B5A5-BBCF9249DE8C}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5C18B81C-A903-4F6C-855D-61D6C442EDCC}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File
FirewallRules: [{5CE867CF-077F-4DB5-99DB-59AF2FA2E8B2}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{76845799-8CC6-44BE-AB79-8D59D45A4189}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{AC01446D-C028-42EC-AA9C-321D0453F8E5}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{CFCA9A38-DEEC-4381-86F1-09B21FC4735B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{006B4FCC-2B57-44D9-A2F6-F9E15BABAE7B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F73253A8-A366-494B-9EA2-ECB0C163D417}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{368FDBF3-C0AA-4A1B-9D3B-F88459105325}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{BED65472-5073-42CB-ACEF-3A5D4044CE67}C:\program files (x86)\vmware\vmware horizon view client\vmware-remotemks.exe] => (Allow) C:\program files (x86)\vmware\vmware horizon view client\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [UDP Query User{B2CCA426-DA75-4138-98D0-FEB5226E3C09}C:\program files (x86)\vmware\vmware horizon view client\vmware-remotemks.exe] => (Allow) C:\program files (x86)\vmware\vmware horizon view client\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{033940B0-883F-4728-B76F-C7A6BEB34DB0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{B17AB294-4B5B-4A1B-82DE-5CCC37301A92}C:\program files (x86)\brackets\node.exe] => (Block) C:\program files (x86)\brackets\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [UDP Query User{3CA43FBA-6A0D-4ECA-A148-10AACABAC1B0}C:\program files (x86)\brackets\node.exe] => (Block) C:\program files (x86)\brackets\node.exe (Adobe Inc. -> Node.js)
 
==================== Restore Points =========================
 
26-03-2020 16:53:58 KpRm
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (03/30/2020 08:35:05 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3316,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (03/30/2020 08:23:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.18362.267, time stamp: 0x5d368208
Faulting module name: ConstraintIndex.Search.dll, version: 10.0.18362.207, time stamp: 0x5d0b11a3
Exception code: 0xc0000005
Fault offset: 0x000000000003d684
Faulting process ID: 0xb64
Faulting application start time: 0x01d605ff83c3e7a1
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\Windows\System32\ConstraintIndex.Search.dll
Report ID: 14096541-1326-4568-a035-89f9590a12eb
Faulting package full name: Microsoft.Windows.Cortana_1.12.3.18362_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
 
Error: (03/30/2020 01:26:48 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14624,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (03/29/2020 11:03:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19012,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (03/29/2020 10:54:08 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14888,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (03/29/2020 04:52:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14968,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (03/29/2020 03:05:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15520,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (03/29/2020 02:55:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7328,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
 
System errors:
=============
Error: (03/30/2020 08:25:13 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
Error Code: 126
 
Error: (03/30/2020 08:24:28 AM) (Source: DCOM) (EventID: 10005) (User: EDGECOMBES)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (03/30/2020 08:24:04 AM) (Source: DCOM) (EventID: 10005) (User: EDGECOMBES)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (03/30/2020 08:24:03 AM) (Source: DCOM) (EventID: 10005) (User: EDGECOMBES)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (03/30/2020 08:24:03 AM) (Source: DCOM) (EventID: 10005) (User: EDGECOMBES)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (03/30/2020 08:24:03 AM) (Source: DCOM) (EventID: 10005) (User: EDGECOMBES)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (03/30/2020 08:24:03 AM) (Source: DCOM) (EventID: 10005) (User: EDGECOMBES)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (03/30/2020 08:24:03 AM) (Source: DCOM) (EventID: 10005) (User: EDGECOMBES)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
 
Windows Defender:
===================================
Date: 2020-03-22 12:09:58.875
Description: 
Controlled Folder Access blocked C:\Program Files\AVAST Software\Avast\AvBugReport.exe from making changes to memory.
Detection time: 2020-03-21T23:09:58.874Z
Path: \Device\Harddisk0\DR0
Process Name: C:\Program Files\AVAST Software\Avast\AvBugReport.exe
Security intelligence Version: 1.311.1686.0
Engine Version: 1.1.16800.2
Product Version: 4.18.2001.7
 
Date: 2020-03-22 12:09:58.860
Description: 
Controlled Folder Access blocked C:\Program Files\AVAST Software\Avast\AvBugReport.exe from making changes to memory.
Detection time: 2020-03-21T23:09:58.859Z
Path: \Device\Harddisk0\DR0
Process Name: C:\Program Files\AVAST Software\Avast\AvBugReport.exe
Security intelligence Version: 1.311.1686.0
Engine Version: 1.1.16800.2
Product Version: 4.18.2001.7
 
Date: 2020-03-22 11:36:53.081
Description: 
Controlled Folder Access blocked C:\Users\Stu\Downloads\avastclear.exe from making changes to memory.
Detection time: 2020-03-21T22:36:53.081Z
Path: \Device\Harddisk0\DR0
Process Name: C:\Users\Stu\Downloads\avastclear.exe
Security intelligence Version: 1.311.1686.0
Engine Version: 1.1.16800.2
Product Version: 4.18.2001.7
 
Date: 2020-03-22 11:36:53.059
Description: 
Controlled Folder Access blocked C:\Windows\Temp\asw.149e9a7b6953c229\Instup.exe from making changes to memory.
Detection time: 2020-03-21T22:36:53.058Z
Path: \Device\Harddisk0\DR0
Process Name: C:\Windows\Temp\asw.149e9a7b6953c229\Instup.exe
Security intelligence Version: 1.311.1686.0
Engine Version: 1.1.16800.2
Product Version: 4.18.2001.7
 
Date: 2020-03-22 11:28:25.586
Description: 
Controlled Folder Access blocked C:\Windows\Temp\asw.fc782cf746f8f0cc\Instup.exe from making changes to memory.
Detection time: 2020-03-21T22:28:25.585Z
Path: \Device\Harddisk0\DR0
Process Name: C:\Windows\Temp\asw.fc782cf746f8f0cc\Instup.exe
Security intelligence Version: 1.311.1686.0
Engine Version: 1.1.16800.2
Product Version: 4.18.2001.7
 
Date: 2020-03-30 08:23:09.849
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-03-30 00:29:17.273
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.313.318.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16900.4
Error code: 0x80072f8f
Error description: A security error occurred 
 
Date: 2020-03-29 22:47:50.523
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.313.170.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16900.4
Error code: 0x80072f8f
Error description: A security error occurred 
 
Date: 2020-03-29 14:56:20.322
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.313.170.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16900.4
Error code: 0x80072f8f
Error description: A security error occurred 
 
Date: 2020-03-29 09:44:12.892
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.313.170.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16900.4
Error code: 0x80072f8f
Error description: A security error occurred 
 
CodeIntegrity:
===================================
 
Date: 2020-03-22 12:27:09.734
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
 
Date: 2020-03-22 12:27:09.678
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
 
Date: 2020-03-22 12:27:09.595
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
 
Date: 2020-03-22 12:25:50.076
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-03-22 12:25:50.008
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-03-22 12:25:49.920
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-03-22 12:25:49.538
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-03-22 12:25:49.449
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: AMI 80.20 10/31/2014
Motherboard: Hewlett-Packard 2AF7
Processor: Intel® Core™ i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 34%
Total physical RAM: 8131.17 MB
Available physical RAM: 5303.44 MB
Total Virtual: 9411.17 MB
Available Virtual: 6272.19 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:199.13 GB) (Free:85.27 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:714.82 GB) (Free:713.5 GB) NTFS
Drive e: (Recovery Image) (Fixed) (Total:15.21 GB) (Free:1.88 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Removable) (Total:14.83 GB) (Free:1.03 GB) FAT32
 
\\?\Volume{676030dd-5ffa-435f-a5e8-ef41730c234c}\ (Windows RE tools) (Fixed) (Total:1 GB) (Free:0.65 GB) NTFS
\\?\Volume{9a81d6cd-7026-43ed-9c87-cb2ef6b978ba}\ () (Fixed) (Total:0.87 GB) (Free:0.44 GB) NTFS
\\?\Volume{7dfd000e-98c3-4335-94b0-77d8f85debcd}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.27 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0388D4CA)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Size: 14.8 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.
 
==================== End of Addition.txt =======================
 
Thank you  :D

  • 0

#24
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 247 posts

Hi Buffyfan..! Sorry for the delayed answer..! :)
 
 
Tweaking.com Registry Backup

  • Download Tweaking.com Registry Backup from here, and save tweaking.com_registry_backup_portable.zip to your desktop.
  • Now we need to create a new folder to extract the zipped contents into. Right click on the zipped folder you just downloaded and select "Extract All".
  • Click the "Browse" button and from the list, expand "Computer", then expand "Windows (C:)", and click the "Make New Folder" button.
  • Call this folder something you will remember...like "RegBackup" then click "Ok", and then click "Extract".
  • From the newly extracted files, right click on hPxdDvj.png and select Run as Administrator (XP users just double click) to start Tweaking.com Registry Backup.
    (Windows Vista/7/8 users: Accept UAC warning if it is enabled.)
  • A screen like this should appear:
    wol_error.gif

    This image has been resized. Click this bar to view the full image.


    60piPeq.png
  • Type a custom name in Backup Name if you want, then choose Backup Now.
  • If backup is successful, a message will appear at the lower half of the screen with an option to view logs.
  • The registry backup will be created in %WindowsDrive%\RegBackup by default. You can customize the path in Settings.
  • Close Tweaking.com Registry Backup when done.

-----------------------------------------------------------------------------------
 
Farbar Recovery Scan Tool - Fix
 

  • Highlight the contents of the below code box and press Ctrl + C on your keyboard:
Start::

CreateRestorePoint:
CloseProcesses:

S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe" [X]
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\20.1.1601_0\common\ui\icons\avast-logo-opt-in.png
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\20.1.480_0\scripts\contentAvast.js
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avast-software-smaller-white[1].png
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avast-software[1].svg
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avastclear[1].ex
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KTTT7NMX\activityi;dc_pre=CNqqp9rfrOgCFVAVaAodkL8GTg;src=6633083;type=unive0;cat=avast0;ord=5010239065941;gtm=2wg3b2;auiddc=1144323118.158[1].htm
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KTTT7NMX\avast[1].js
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RL42750G\activityi;dc_pre=COWa0szOrOgCFeINtwAdVXwB_A;src=6633083;type=unive0;cat=avast0;ord=7193596675355;gtm=2wg3b2;auiddc=1144323118.158[1].htm
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AIJNQTET\www.avast[1].xml 
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\avastclear.exe.2k8aq9w.partial
C:\Users\Administrator\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\avast! Antivirus
C:\Users\Administrator\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_AVAST Software_Avast Cleanup_TuneupUI_exe
C:\Users\Administrator\Downloads\avastclear.exe
C:\Users\Stu\Downloads\avastclear (1).exe
C:\Users\Stu\Downloads\avastclear.exe
C:\Users\Stu\Downloads\avast_free_antivirus_setup_online.exe
C:\Windows\avastSS.scr
C:\Windows\Prefetch\AVASTCLEAR.EXE-30319631.pf
C:\Windows\Prefetch\AVASTCLEAR.EXE-B93CFBF0.pf
C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-13CBD36A.pf
C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-53FD6AAA.pf
C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-E50FB3B9.pf
C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-FF17C8F2.pf
C:\Windows\System32\Tasks_Migrated\Avast Emergency Update 
C:\Windows\WinSxS\Manifests\amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396.cat
C:\Windows\WinSxS\Manifests\amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396.manifest
C:\Windows\WinSxS\Manifests\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5.cat 
C:\Windows\WinSxS\Manifests\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5.manifest 
C:\Windows\WinSxS\Manifests\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128.cat
C:\Windows\WinSxS\Manifests\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128.manifest 
C:\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5158632ac9d8192f.cat 
C:\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5158632ac9d8192f.manifest 
C:\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_5638651cc6ac4862.cat 
C:\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_5638651cc6ac4862.manifest
C:\Windows\WinSxS\Manifests\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c.cat 
C:\Windows\WinSxS\Manifests\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c.manifest 
C:\Windows\WinSxS\Manifests\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb.cat 
C:\Windows\WinSxS\Manifests\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb.manifest 
C:\Windows\WinSxS\Manifests\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e.cat 
C:\Windows\WinSxS\Manifests\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e.manifest 
C:\Windows\WinSxS\Manifests\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_b2556b4035446b41.cat 
C:\Windows\WinSxS\Manifests\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_b2556b4035446b41.manifest 
C:\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_99059a01de544235.cat 
C:\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_99059a01de544235.manifest 
C:\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_9de59bf3db287168.cat 
C:\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_9de59bf3db287168.manifest 
C:\Users\Administrator\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_AVAST Software_Avast Cleanup_TuneupUI_exe 
C:\Windows\System32\Tasks_Migrated\Avast Software 
C:\Windows\WinSxS\amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396
C:\Windows\WinSxS\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5
C:\Windows\WinSxS\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128 
C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c 
C:\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb 
C:\Windows\WinSxS\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e 
C:\Windows\System32\Tasks_Migrated\Avast Software
C:\Program Files\AVAST Software\Avast\defs\ffffffff\engsup.exe
C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
C:\Program Files\AVAST Software\Avast\aswidsagent.exe

StartRegedit:
Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\Software\Avast Software]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5815bc15_0]
@=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\65e46875_0]
@=-
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\Internet]
"UseRWHlinkNavigation"=-
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-2007.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-downloads.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-hq.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-avast.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\avast]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\www.avast]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\telecharger-avast.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-2007.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-downloads.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-hq.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-avast.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\avast]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\www.avast]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\telecharger-avast.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{AADE1128-B19D-4BCD-9CF4-3DD38C8EE965}]
"AppId"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avast]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvastPersistentStorage]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"DISPLAYNAME"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"PRODUCTEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"REPORTINGEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"DISPLAYNAME"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"PRODUCTEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"REPORTINGEXE"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\AvastSvc_RASAPI32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\AvastSvc_RASMANCS]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-2007.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-downloads.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-hq.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-avast.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\avast]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\www.avast]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\telecharger-avast.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-2007.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-downloads.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-hq.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-avast.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\avast]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\www.avast]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\telecharger-avast.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_avast.vc110.crt_2036b14a11e83e4a_none_c373722873c01144]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_avast.vc140.crt_fcc99ee6193ebbca_none_020285fe6d6e0580]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_avast.vc140.mfc_fcc99ee6193ebbca_none_018be6966dc83925]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_none_ef17e13d91c55d96]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_none_eea141d5921f913b]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_avast.vc110.crt_2036b14a11e83e4a_none_0b20a8ff883c3a4a]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_avast.vc140.crt_fcc99ee6193ebbca_none_49afbcd581ea2e86]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_avast.vc140.mfc_fcc99ee6193ebbca_none_49391d6d8244622b]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_none_5679bb9c25dbf18d]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_none_36c51814a641869c]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_none_364e78aca69bba41]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software]
[-HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\AVAST Software]
[-HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\com.avast.nativeproxy]
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path.Org"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path.Win32"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
[-HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
[-HKEY_USERS\.DEFAULT\Software\Avast Software]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Avast Software]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-2007.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-downloads.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-hq.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-avast.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\avast]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\www.avast]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\telecharger-avast.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-2007.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-downloads.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-hq.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-avast.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\avast]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\www.avast]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\telecharger-avast.com]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{AADE1128-B19D-4BCD-9CF4-3DD38C8EE965}]
"AppId"=-
[-HKEY_USERS\S-1-5-18\Software\Avast Software]
[-HKEY_CURRENT_USER\Software\Avast Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvastPersistentStorage]
"InstupProgress_Description"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"PRODUCTEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"REPORTINGEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"PRODUCTEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"REPORTINGEXE"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software]
[-HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\AVAST Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\com.avast.nativeproxy]
@=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path.Org"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path.Win32"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"Path"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"Path.Org"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"Path.Win32"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"Path"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"Path.Org"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"Path.Win32"=-
[-HKEY_USERS\.DEFAULT\Software\Avast Software]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Avast Software]
[-HKEY_USERS\S-1-5-18\Software\Avast Software]

EndRegedit:

EmptyTemp:
End::

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Double-click FRST.exe/FRST64.exe to run it.
  • Press the Fix button just once and wait.
    Note: No need to paste the script into FRST.
  • Restart the computer if prompted.
  • When the fix is complete FRST will generate a log in the same location it was run from (Fixlog.txt)
  • Please copy and paste its contents into your reply.

---------------------------------------------------

In your next reply, please include:

  • Fixlog.txt

  • 0

#25
Buffyfan

Buffyfan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by Stu (01-04-2020 10:30:12) Run:1
Running from C:\Users\Stu\Desktop
Loaded Profiles: Stu (Available Profiles: Stu & Administrator)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe" [X]
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\20.1.1601_0\common\ui\icons\avast-logo-opt-in.png
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\20.1.480_0\scripts\contentAvast.js
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avast-software-smaller-white[1].png
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avast-software[1].svg
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avastclear[1].ex
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KTTT7NMX\activityi;dc_pre=CNqqp9rfrOgCFVAVaAodkL8GTg;src=6633083;type=unive0;cat=avast0;ord=5010239065941;gtm=2wg3b2;auiddc=1144323118.158[1].htm
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KTTT7NMX\avast[1].js
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RL42750G\activityi;dc_pre=COWa0szOrOgCFeINtwAdVXwB_A;src=6633083;type=unive0;cat=avast0;ord=7193596675355;gtm=2wg3b2;auiddc=1144323118.158[1].htm
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AIJNQTET\www.avast[1].xml 
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\avastclear.exe.2k8aq9w.partial
C:\Users\Administrator\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\avast! Antivirus
C:\Users\Administrator\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_AVAST Software_Avast Cleanup_TuneupUI_exe
C:\Users\Administrator\Downloads\avastclear.exe
C:\Users\Stu\Downloads\avastclear (1).exe
C:\Users\Stu\Downloads\avastclear.exe
C:\Users\Stu\Downloads\avast_free_antivirus_setup_online.exe
C:\Windows\avastSS.scr
C:\Windows\Prefetch\AVASTCLEAR.EXE-30319631.pf
C:\Windows\Prefetch\AVASTCLEAR.EXE-B93CFBF0.pf
C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-13CBD36A.pf
C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-53FD6AAA.pf
C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-E50FB3B9.pf
C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-FF17C8F2.pf
C:\Windows\System32\Tasks_Migrated\Avast Emergency Update 
C:\Windows\WinSxS\Manifests\amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396.cat
C:\Windows\WinSxS\Manifests\amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396.manifest
C:\Windows\WinSxS\Manifests\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5.cat 
C:\Windows\WinSxS\Manifests\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5.manifest 
C:\Windows\WinSxS\Manifests\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128.cat
C:\Windows\WinSxS\Manifests\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128.manifest 
C:\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5158632ac9d8192f.cat 
C:\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5158632ac9d8192f.manifest 
C:\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_5638651cc6ac4862.cat 
C:\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_5638651cc6ac4862.manifest
C:\Windows\WinSxS\Manifests\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c.cat 
C:\Windows\WinSxS\Manifests\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c.manifest 
C:\Windows\WinSxS\Manifests\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb.cat 
C:\Windows\WinSxS\Manifests\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb.manifest 
C:\Windows\WinSxS\Manifests\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e.cat 
C:\Windows\WinSxS\Manifests\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e.manifest 
C:\Windows\WinSxS\Manifests\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_b2556b4035446b41.cat 
C:\Windows\WinSxS\Manifests\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_b2556b4035446b41.manifest 
C:\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_99059a01de544235.cat 
C:\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_99059a01de544235.manifest 
C:\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_9de59bf3db287168.cat 
C:\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_9de59bf3db287168.manifest 
C:\Users\Administrator\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_AVAST Software_Avast Cleanup_TuneupUI_exe 
C:\Windows\System32\Tasks_Migrated\Avast Software 
C:\Windows\WinSxS\amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396
C:\Windows\WinSxS\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5
C:\Windows\WinSxS\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128 
C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c 
C:\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb 
C:\Windows\WinSxS\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e 
C:\Windows\System32\Tasks_Migrated\Avast Software
C:\Program Files\AVAST Software\Avast\defs\ffffffff\engsup.exe
C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
C:\Program Files\AVAST Software\Avast\aswidsagent.exe
StartRegedit:
Windows Registry Editor Version 5.00
[-HKEY_CURRENT_USER\Software\Avast Software]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5815bc15_0]
@=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\65e46875_0]
@=-
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\Internet]
"UseRWHlinkNavigation"=-
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-2007.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-downloads.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-hq.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-avast.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\avast]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\www.avast]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\telecharger-avast.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-2007.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-downloads.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-hq.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-avast.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\avast]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\www.avast]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\telecharger-avast.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{AADE1128-B19D-4BCD-9CF4-3DD38C8EE965}]
"AppId"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avast]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvastPersistentStorage]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"DISPLAYNAME"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"PRODUCTEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"REPORTINGEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"DISPLAYNAME"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"PRODUCTEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"REPORTINGEXE"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\AvastSvc_RASAPI32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\AvastSvc_RASMANCS]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-2007.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-downloads.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-hq.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-avast.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\avast]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\www.avast]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\telecharger-avast.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-2007.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-downloads.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-hq.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-avast.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\avast]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\www.avast]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\telecharger-avast.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_avast.vc110.crt_2036b14a11e83e4a_none_c373722873c01144]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_avast.vc140.crt_fcc99ee6193ebbca_none_020285fe6d6e0580]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_avast.vc140.mfc_fcc99ee6193ebbca_none_018be6966dc83925]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_none_ef17e13d91c55d96]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_none_eea141d5921f913b]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_avast.vc110.crt_2036b14a11e83e4a_none_0b20a8ff883c3a4a]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_avast.vc140.crt_fcc99ee6193ebbca_none_49afbcd581ea2e86]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_avast.vc140.mfc_fcc99ee6193ebbca_none_49391d6d8244622b]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_none_5679bb9c25dbf18d]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_none_36c51814a641869c]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_none_364e78aca69bba41]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software]
[-HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\AVAST Software]
[-HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\com.avast.nativeproxy]
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path.Org"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path.Win32"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
[-HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
[-HKEY_USERS\.DEFAULT\Software\Avast Software]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Avast Software]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-2007.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-downloads.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\avast-hq.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-avast.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\avast]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-software-center.com\www.avast]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\telecharger-avast.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-2007.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-downloads.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\avast-hq.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-avast.com]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\avast]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\free-software-center.com\www.avast]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\telecharger-avast.com]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{AADE1128-B19D-4BCD-9CF4-3DD38C8EE965}]
"AppId"=-
[-HKEY_USERS\S-1-5-18\Software\Avast Software]
[-HKEY_CURRENT_USER\Software\Avast Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvastPersistentStorage]
"InstupProgress_Description"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"PRODUCTEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"REPORTINGEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"PRODUCTEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"REPORTINGEXE"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software]
[-HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\AVAST Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\com.avast.nativeproxy]
@=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path.Org"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path.Win32"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"Path"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"Path.Org"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"Path.Win32"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"Path"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"Path.Org"=-
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"Path.Win32"=-
[-HKEY_USERS\.DEFAULT\Software\Avast Software]
[-HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Avast Software]
[-HKEY_USERS\S-1-5-18\Software\Avast Software]
EndRegedit:
EmptyTemp:
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKLM\System\CurrentControlSet\Services\WsDrvInst => removed successfully
WsDrvInst => service removed successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\20.1.1601_0\common\ui\icons\avast-logo-opt-in.png => moved successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\20.1.480_0\scripts\contentAvast.js => moved successfully
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avast-software-smaller-white[1].png => moved successfully
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avast-software[1].svg => moved successfully
"C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avastclear[1].ex" => not found
Could not move "C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KTTT7NMX\activityi;dc_pre=CNqqp9rfrOgCFVAVaAodkL8GTg;src=6633083;type=unive0;cat=avast0;ord=5010239065941;gtm=2wg3b2;auiddc=1144323118.158[1].htm" => Scheduled to move on reboot.
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KTTT7NMX\avast[1].js => moved successfully
Could not move "C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RL42750G\activityi;dc_pre=COWa0szOrOgCFeINtwAdVXwB_A;src=6633083;type=unive0;cat=avast0;ord=7193596675355;gtm=2wg3b2;auiddc=1144323118.158[1].htm" => Scheduled to move on reboot.
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AIJNQTET\www.avast[1].xml => moved successfully
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\avastclear.exe.2k8aq9w.partial => moved successfully
C:\Users\Administrator\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\avast! Antivirus => moved successfully
C:\Users\Administrator\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_AVAST Software_Avast Cleanup_TuneupUI_exe => moved successfully
C:\Users\Administrator\Downloads\avastclear.exe => moved successfully
"C:\Users\Stu\Downloads\avastclear (1).exe" => not found
"C:\Users\Stu\Downloads\avastclear.exe" => not found
"C:\Users\Stu\Downloads\avast_free_antivirus_setup_online.exe" => not found
C:\Windows\avastSS.scr => moved successfully
C:\Windows\Prefetch\AVASTCLEAR.EXE-30319631.pf => moved successfully
C:\Windows\Prefetch\AVASTCLEAR.EXE-B93CFBF0.pf => moved successfully
C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-13CBD36A.pf => moved successfully
C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-53FD6AAA.pf => moved successfully
C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-E50FB3B9.pf => moved successfully
C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-FF17C8F2.pf => moved successfully
C:\Windows\System32\Tasks_Migrated\Avast Emergency Update => moved successfully
C:\Windows\WinSxS\Manifests\amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396.cat => moved successfully
C:\Windows\WinSxS\Manifests\amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396.manifest => moved successfully
C:\Windows\WinSxS\Manifests\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5.cat => moved successfully
C:\Windows\WinSxS\Manifests\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5.manifest => moved successfully
C:\Windows\WinSxS\Manifests\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128.cat => moved successfully
C:\Windows\WinSxS\Manifests\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128.manifest => moved successfully
C:\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5158632ac9d8192f.cat => moved successfully
C:\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5158632ac9d8192f.manifest => moved successfully
C:\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_5638651cc6ac4862.cat => moved successfully
C:\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_5638651cc6ac4862.manifest => moved successfully
C:\Windows\WinSxS\Manifests\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c.cat => moved successfully
C:\Windows\WinSxS\Manifests\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c.manifest => moved successfully
C:\Windows\WinSxS\Manifests\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb.cat => moved successfully
C:\Windows\WinSxS\Manifests\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb.manifest => moved successfully
C:\Windows\WinSxS\Manifests\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e.cat => moved successfully
C:\Windows\WinSxS\Manifests\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e.manifest => moved successfully
C:\Windows\WinSxS\Manifests\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_b2556b4035446b41.cat => moved successfully
C:\Windows\WinSxS\Manifests\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_b2556b4035446b41.manifest => moved successfully
C:\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_99059a01de544235.cat => moved successfully
C:\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_99059a01de544235.manifest => moved successfully
C:\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_9de59bf3db287168.cat => moved successfully
C:\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_9de59bf3db287168.manifest => moved successfully
"C:\Users\Administrator\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_AVAST Software_Avast Cleanup_TuneupUI_exe" => not found
C:\Windows\System32\Tasks_Migrated\Avast Software => moved successfully
C:\Windows\WinSxS\amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396 => moved successfully
C:\Windows\WinSxS\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5 => moved successfully
C:\Windows\WinSxS\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128 => moved successfully
C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c => moved successfully
C:\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb => moved successfully
C:\Windows\WinSxS\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e => moved successfully
"C:\Windows\System32\Tasks_Migrated\Avast Software" => not found
"C:\Program Files\AVAST Software\Avast\defs\ffffffff\engsup.exe" => not found
"C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" => not found
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe" => not found
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF} <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF} <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF} <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF} <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF} <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software <==== Access Denied
Registry ====> ERROR: Error accessing the registry.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 38921632 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 151445 B
Edge => 673514 B
Chrome => 422767747 B
Firefox => 4523677 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 169134 B
Stu => 32881448 B
Administrator => 32881448 B
 
RecycleBin => 4021409014 B
EmptyTemp: => 4.3 GB temporary data Removed.
 
================================
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 01-04-2020 10:34:42)
 
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KTTT7NMX\activityi;dc_pre=CNqqp9rfrOgCFVAVaAodkL8GTg;src=6633083;type=unive0;cat=avast0;ord=5010239065941;gtm=2wg3b2;auiddc=1144323118.158[1].htm => Could not move
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RL42750G\activityi;dc_pre=COWa0szOrOgCFeINtwAdVXwB_A;src=6633083;type=unive0;cat=avast0;ord=7193596675355;gtm=2wg3b2;auiddc=1144323118.158[1].htm => Could not move
 
==== End of Fixlog 10:34:44 ====
 
Thank you

  • 0

Advertisements


#26
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 247 posts

Hi Buffyfan..!

 

Farbar Recovery Scan Tool - Search All

 

  • Double-click FRST.exe/FRST64.exe to run it.
  • Copy and paste the following into the Search: box:
SearchAll: Avast;AVAST Software
  • Press the Search Files button.
  • When complete, FRST will generate a log in the same location it was run from (Search.txt)
  • Please copy and paste its contents into your reply.

-----------------------------------------------------------------


In your next reply, please include:

  • Search.txt

  • 0

#27
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 247 posts

I have always said that removing an antivirus program manually is almost a mission impossible ..! :)


  • 0

#28
Buffyfan

Buffyfan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

Yep, it's sure putting up a fight!

 

Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by Stu (02-04-2020 08:41:23)
Running from C:\Users\Stu\Desktop
Boot Mode: Normal
 
================== Search Files: "SearchAll: Avast;AVAST Software" =============
 
File:
========
C:\Users\Stu\Downloads\avastclear (2).exe
[2020-03-30 08:19][2020-03-30 08:19] 011441568 _____ (AVAST Software) 735A8B445F055C5989056DCD7A0AF953 [File is digitally signed]
 
C:\Users\Stu\Desktop\avastclear (2).exe
[2020-03-30 08:20][2020-03-30 08:19] 011441568 _____ (AVAST Software) 735A8B445F055C5989056DCD7A0AF953 [File is digitally signed]
 
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RL42750G\activityi;dc_pre=COWa0szOrOgCFeINtwAdVXwB_A;src=6633083;type=unive0;cat=avast0;ord=7193596675355;gtm=2wg3b2;auiddc=1144323118.158[1].htm
[2020-03-22 11:27][2020-03-22 11:27] 000001047 _____ () ED465C9D1A3C7E2F51509283BE834845 [File not signed]
 
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KTTT7NMX\activityi;dc_pre=CNqqp9rfrOgCFVAVaAodkL8GTg;src=6633083;type=unive0;cat=avast0;ord=5010239065941;gtm=2wg3b2;auiddc=1144323118.158[1].htm
[2020-03-22 12:44][2020-03-22 12:44] 000001047 _____ () 83EB69309890A6A9802C2925124C4FA7 [File not signed]
 
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avastclear[1].exe
[2020-03-22 11:28][2020-03-22 11:28] 011441568 _____ (AVAST Software) 735A8B445F055C5989056DCD7A0AF953 [File is digitally signed]
 
C:\FRST\Quarantine\C\Windows\avastSS.scr.xBAD
[2017-01-07 05:03][2017-01-07 05:03] 000053208 _____ (AVAST Software) 12EBDA58437CD1EA7066FCB6455241D2 [File is digitally signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396.cat.xBAD
[2019-08-10 15:30][2019-08-10 15:30] 000009249 _____ () C0782A6DD461CAC426127F137ED32A6C [File is digitally signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396.manifest.xBAD
[2019-08-10 15:30][2019-08-10 15:30] 000002378 _____ () 5EFC81F732DC830BC96C5A3AABCFE543 [File not signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5.cat.xBAD
[2020-02-26 09:53][2020-03-22 12:22] 000007456 _____ () DE67AC8142C10EB12E8AE6C6CDBAF799 [File is digitally signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5.manifest.xBAD
[2020-02-26 09:53][2020-02-26 09:53] 000024123 _____ () 47437B704B6D56328C347347462CD02D [File not signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128.cat.xBAD
[2020-02-26 09:53][2020-03-22 12:23] 000007457 _____ () 2A9DFB92BD6DECA69672261DFB9E044D [File is digitally signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128.manifest.xBAD
[2020-02-26 09:53][2020-02-26 09:53] 000001231 _____ () A77C3C57546E0E66394A1DD29129052B [File not signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5158632ac9d8192f.cat.xBAD
[2020-02-26 09:53][2020-03-22 12:23] 000007456 _____ () EAC8D7698558B21A1A533C6A567C06BD [File is digitally signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5158632ac9d8192f.manifest.xBAD
[2020-02-26 09:53][2020-02-26 09:53] 000000754 _____ () F6ED6E08D09EBE10597CB2966F6C394E [File not signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_5638651cc6ac4862.cat.xBAD
[2020-02-26 09:53][2020-03-22 12:23] 000007457 _____ () 777DD2D0BC92B002B9236B6F4F61CB05 [File is digitally signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_5638651cc6ac4862.manifest.xBAD
[2020-02-26 09:53][2020-02-26 09:53] 000000754 _____ () 44D5DDB1B2C027176887E75382F29D55 [File not signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c.cat.xBAD
[2019-08-10 15:40][2019-08-10 15:40] 000009249 _____ () F181BD5627947025E1254E2F786AE2BE [File is digitally signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c.manifest.xBAD
[2019-08-10 15:40][2019-08-10 15:40] 000002376 _____ () 176B3BE4AE48CC8A7FACBB8E89A2131E [File not signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb.cat.xBAD
[2020-02-26 09:53][2020-03-22 12:22] 000007457 _____ () F7BAEFE116151719499F97B4D7A29BC5 [File is digitally signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb.manifest.xBAD
[2020-02-26 09:53][2020-02-26 09:53] 000023610 _____ () FF9B36754303E435AFFABAB5168718B4 [File not signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e.cat.xBAD
[2020-02-26 09:53][2020-03-22 12:23] 000007457 _____ () B021FBE34930277301DEEC14CDD9E3FE [File is digitally signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e.manifest.xBAD
[2020-02-26 09:53][2020-02-26 09:53] 000001227 _____ () 955669576F50AF3D88281103865D3A1D [File not signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_b2556b4035446b41.cat.xBAD
[2019-08-10 15:46][2019-08-10 15:46] 000009249 _____ () 84E52D0B42207B15BC16A36298AE4110 [File is digitally signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_b2556b4035446b41.manifest.xBAD
[2019-08-10 15:46][2019-08-10 15:46] 000000608 _____ () E479732F7B82161E923B0DF5B5D09C59 [File not signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_99059a01de544235.cat.xBAD
[2020-02-26 09:53][2020-03-22 12:23] 000007457 _____ () F8999365A25BB341C55C70CB32DF2D46 [File is digitally signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_99059a01de544235.manifest.xBAD
[2020-02-26 09:53][2020-02-26 09:53] 000000750 _____ () 709C8063694781F6371E817243F0EB0F [File not signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_9de59bf3db287168.cat.xBAD
[2020-02-26 09:53][2020-03-22 12:23] 000007456 _____ () DFB0071CF316CD33F04392304A02A289 [File is digitally signed]
 
C:\FRST\Quarantine\C\Windows\WinSxS\Manifests\x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_9de59bf3db287168.manifest.xBAD
[2020-02-26 09:53][2020-02-26 09:53] 000000750 _____ () 8D1CB478D2A7A6AFAE2C38C6524EDA4B [File not signed]
 
C:\FRST\Quarantine\C\Windows\System32\Tasks_Migrated\Avast Emergency Update.xBAD
[2018-05-25 11:43][2019-08-07 05:35] 000004264 _____ () 624EC04B69729047D08FEC0BF9FFF950 [File not signed]
 
C:\FRST\Quarantine\C\Windows\Prefetch\AVASTCLEAR.EXE-30319631.pf.xBAD
[2020-03-22 11:28][2020-03-22 11:28] 000025258 _____ () A665FA9A6F1C453E295BD37BC09F0538 [File not signed]
 
C:\FRST\Quarantine\C\Windows\Prefetch\AVASTCLEAR.EXE-B93CFBF0.pf.xBAD
[2020-03-22 11:36][2020-03-22 12:34] 000033171 _____ () 3526ED75F4BD13ED7B7EF7E669C7FACE [File not signed]
 
C:\FRST\Quarantine\C\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-13CBD36A.pf.xBAD
[2020-03-22 12:13][2020-03-22 12:13] 000024718 _____ () 59C1B1A9168C33BAA298FB340C1CE9AC [File not signed]
 
C:\FRST\Quarantine\C\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-53FD6AAA.pf.xBAD
[2020-03-22 12:07][2020-03-22 12:24] 000019656 _____ () 1D873FCF716BA5E816FDD330C9C9B895 [File not signed]
 
C:\FRST\Quarantine\C\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-E50FB3B9.pf.xBAD
[2020-03-22 12:07][2020-03-22 12:07] 000024642 _____ () EFEE970E11734BC4B08EA19804926E92 [File not signed]
 
C:\FRST\Quarantine\C\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-FF17C8F2.pf.xBAD
[2020-03-22 12:24][2020-03-22 12:24] 000025694 _____ () 5CA9BB9DD1E7432081BF86C6C1E943BD [File not signed]
 
C:\FRST\Quarantine\C\Users\Administrator\Downloads\avastclear.exe.xBAD
[2020-03-22 11:28][2020-03-22 11:28] 011441568 _____ (AVAST Software) 735A8B445F055C5989056DCD7A0AF953 [File is digitally signed]
 
C:\FRST\Quarantine\C\Users\Administrator\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\avast! Antivirus.xBAD
[2020-03-20 18:01][2020-03-20 18:01] 000037014 _____ () 3212927E3EDF091342487F5EBB045245 [File not signed]
 
C:\FRST\Quarantine\C\Users\Administrator\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_AVAST Software_Avast Cleanup_TuneupUI_exe.xBAD
[2020-03-20 18:01][2020-03-20 18:01] 000037014 _____ () D763644A46063F81090EE01895388E5D [File not signed]
 
C:\FRST\Quarantine\C\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\avastclear.exe.2k8aq9w.partial.xBAD
[2020-03-22 12:44][2020-03-22 12:44] 011441568 _____ (AVAST Software) 735A8B445F055C5989056DCD7A0AF953 [File is digitally signed]
 
C:\FRST\Quarantine\C\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AIJNQTET\www.avast[1].xml.xBAD
[2020-03-22 11:27][2020-03-22 12:44] 000000553 _____ () 95C9356E6573147056B2F943C97DF872 [File not signed]
 
C:\FRST\Quarantine\C\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KTTT7NMX\avast[1].js.xBAD
[2020-03-22 11:27][2020-03-22 11:27] 000062592 _____ () 59B9B303C9EE9E1E3EBF71D1504C8DB5 [File not signed]
 
C:\FRST\Quarantine\C\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avast-software-smaller-white[1].png.xBAD
[2020-03-22 11:27][2020-03-22 11:27] 000001062 _____ () 2CF88B869E326C63B111516F37E954CA [File not signed]
 
C:\FRST\Quarantine\C\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avast-software[1].svg.xBAD
[2020-03-22 11:27][2020-03-22 11:27] 000003757 _____ () C688226DCAA693AFB8EB057C3552DBB7 [File not signed]
 
C:\FRST\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\20.1.480_0\scripts\contentAvast.js.xBAD
[2020-03-20 18:00][2020-02-28 10:33] 000001321 _____ () 53EC5923E895547ACA651A2772F1AD7B [File not signed]
 
C:\FRST\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\20.1.1601_0\common\ui\icons\avast-logo-opt-in.png.xBAD
[2020-03-20 18:00][2020-01-29 15:42] 000001881 _____ () 2DB8A660D58D1A56961310CA1086C8D8 [File not signed]
 
 
folder:
========
2019-08-10 15:30 - 2019-08-10 15:30 _____ C:\FRST\Quarantine\C\Windows\WinSxS\amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396
2020-02-26 09:53 - 2020-02-26 09:53 _____ C:\FRST\Quarantine\C\Windows\WinSxS\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5
2020-02-26 09:53 - 2020-02-26 09:53 _____ C:\FRST\Quarantine\C\Windows\WinSxS\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128
2019-08-10 15:40 - 2019-08-10 15:40 _____ C:\FRST\Quarantine\C\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c
2020-02-26 09:53 - 2020-02-26 09:53 _____ C:\FRST\Quarantine\C\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb
2020-02-26 09:53 - 2020-02-26 09:53 _____ C:\FRST\Quarantine\C\Windows\WinSxS\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e
2018-05-25 11:43 - 2019-08-08 00:00 _____ C:\FRST\Quarantine\C\Windows\System32\Tasks_Migrated\Avast Software
 
Registry:
========
 
===================== Search result for "Avast" ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvastPersistentStorage]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"DISPLAYNAME"="Avast Antivirus"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"PRODUCTEXE"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"REPORTINGEXE"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"DISPLAYNAME"="Avast Antivirus"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"PRODUCTEXE"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"REPORTINGEXE"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
"AvastUI.exe"="0x020000000000000000000000"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]
"AvastUI.exe"="0x020000000000000000000000"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]
"Avast Cleanup Premium.lnk"="0x020000000000000000000000"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396"="0x41766173742E56433131302E4352542C2043756C747572653D6E65757472616C2C20547970653D77696E33322C2056657273696F6E3D31312E302E36303631302E312C205075626C69634B6579546F6B656E3D323033366231346131316538336534612C2050726F636573736F724172636869746563747572653D616D643634"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.27012.0_none_5ca6eb17137337f1"="0x41766173742E56433134302E4352542C2043756C747572653D6E65757472616C2C20547970653D77696E33322C2056657273696F6E3D31342E302E32373031322E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D616D643634"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.27012.0_none_6186ed0910476724"="0x41766173742E56433134302E4D46432C2043756C747572653D6E65757472616C2C20547970653D77696E33322C2056657273696F6E3D31342E302E32373031322E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D616D643634"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.27012.0_none_4f95660acc611f2b"="0x506F6C6963792E31342E302E41766173742E56433134302E4352542C2043756C747572653D6E65757472616C2C20547970653D77696E33322D706F6C6963792C2056657273696F6E3D31342E302E32373031322E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D616D643634"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.27012.0_none_547567fcc9354e5e"="0x506F6C6963792E31342E302E41766173742E56433134302E4D46432C2043756C747572653D6E65757472616C2C20547970653D77696E33322D706F6C6963792C2056657273696F6E3D31342E302E32373031322E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D616D643634"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c"="0x41766173742E56433131302E4352542C2043756C747572653D6E65757472616C2C20547970653D77696E33322C2056657273696F6E3D31312E302E36303631302E312C205075626C69634B6579546F6B656E3D323033366231346131316538336534612C2050726F636573736F724172636869746563747572653D783836"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.27012.0_none_a45421ee27ef60f7"="0x41766173742E56433134302E4352542C2043756C747572653D6E65757472616C2C20547970653D77696E33322C2056657273696F6E3D31342E302E32373031322E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D783836"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.27012.0_none_a93423e024c3902a"="0x41766173742E56433134302E4D46432C2043756C747572653D6E65757472616C2C20547970653D77696E33322C2056657273696F6E3D31342E302E32373031322E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D783836"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_b2556b4035446b41"="0x706F6C6963792E31312E302E41766173742E56433131302E4352542C2043756C747572653D6E65757472616C2C20547970653D77696E33322D706F6C6963792C2056657273696F6E3D31312E302E36303631302E312C205075626C69634B6579546F6B656E3D323033366231346131316538336534612C2050726F636573736F724172636869746563747572653D783836"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.27012.0_none_97429ce1e0dd4831"="0x506F6C6963792E31342E302E41766173742E56433134302E4352542C2043756C747572653D6E65757472616C2C20547970653D77696E33322D706F6C6963792C2056657273696F6E3D31342E302E32373031322E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D783836"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.27012.0_none_9c229ed3ddb17764"="0x506F6C6963792E31342E302E41766173742E56433134302E4D46432C2043756C747572653D6E65757472616C2C20547970653D77696E33322D706F6C6963792C2056657273696F6E3D31342E302E32373031322E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D783836"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb"="0x41766173742E56433134302E4352542C2043756C747572653D6E65757472616C2C20547970653D77696E33322C2056657273696F6E3D31342E302E32383132372E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D783836"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5"="0x41766173742E56433134302E4352542C2043756C747572653D6E65757472616C2C20547970653D77696E33322C2056657273696F6E3D31342E302E32383132372E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D616D643634"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e"="0x41766173742E56433134302E4D46432C2043756C747572653D6E65757472616C2C20547970653D77696E33322C2056657273696F6E3D31342E302E32383132372E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D783836"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128"="0x41766173742E56433134302E4D46432C2043756C747572653D6E65757472616C2C20547970653D77696E33322C2056657273696F6E3D31342E302E32383132372E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D616D643634"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_99059a01de544235"="0x506F6C6963792E31342E302E41766173742E56433134302E4352542C2043756C747572653D6E65757472616C2C20547970653D77696E33322D706F6C6963792C2056657273696F6E3D31342E302E32383132372E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D783836"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5158632ac9d8192f"="0x506F6C6963792E31342E302E41766173742E56433134302E4352542C2043756C747572653D6E65757472616C2C20547970653D77696E33322D706F6C6963792C2056657273696F6E3D31342E302E32383132372E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D616D643634"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_9de59bf3db287168"="0x506F6C6963792E31342E302E41766173742E56433134302E4D46432C2043756C747572653D6E65757472616C2C20547970653D77696E33322D706F6C6963792C2056657273696F6E3D31342E302E32383132372E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D783836"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_5638651cc6ac4862"="0x506F6C6963792E31342E302E41766173742E56433134302E4D46432C2043756C747572653D6E65757472616C2C20547970653D77696E33322D706F6C6963792C2056657273696F6E3D31342E302E32383132372E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D616D643634"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\AVAST Software]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\com.avast.nativeproxy]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\No Chrome Offer Until]
"AVAST Software"="20200920"
 
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
 
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"avast! Antivirus"="5"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\AVAST Software\Avast Cleanup\TuneupUI.exe"="8"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{6D809377-6AF0-444B-8957-A3773F02200E}\AVAST Software\Avast\setup\instup.exe"="1"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Temp\asw.20db451ff3bcbd5e\avast_free_antivirus_setup_online_x64.exe"="1"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Stu\Downloads\avast_free_antivirus_setup_online_softonic.exe"="0x534143500100000000000000070000002800000080A353000000000001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000E9030300000000000100000001000000"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Stu\Downloads\avast_free_antivirus_setup_online(1).exe"="0x534143500100000000000000070000002800000010816D00CBF96D0001000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000CF400400000000000100000001000000"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\AVAST Software\Avast\AvastUI.exe"="0x53414350010000000000000007000000280000004091A9003A4EAA0001000000000000000000000A00210000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000071020000000000000200000002000000"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe"="0x5341435001000000000000000700000028000000C81920006A05210001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000D5502D00000000000200000002000000"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"="0x5341435001000000000000000700000028000000C80214009CB6140001000000000000000000000A00210000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000008E5F7207000000000300000003000000"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUninst.exe"="0x5341435001000000000000000700000028000000F87270003280700003000000000000000000000A00210000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000000B10000000000000100000001000000"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\AVAST Software\Avast\setup\instup.exe"="0x534143500100000000000000070000002800000058B71D000000000003000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000D8330200000000000100000001000000"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Stu\Downloads\avastclear.exe"="0x5341435001000000000000000700000028000000A095AE00F77BAF0001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000EB410000000000000200000002000000"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Stu\Downloads\avast_free_antivirus_setup_online.exe"="0x5341435001000000000000000700000028000000C0820300F06F040001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000CBE70100000000000100000001000000"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Stu\Desktop\avastclear (2).exe.FriendlyAppName"="Avast Antivirus  Installer"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Stu\Desktop\avastclear (2).exe.ApplicationCompany"="AVAST Software"
 
 
===================== Search result for "AVAST Software" ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"PRODUCTEXE"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"REPORTINGEXE"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"PRODUCTEXE"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"REPORTINGEXE"="C:\Program Files\AVAST Software\Avast\wsc_proxy.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\AVAST Software]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\No Chrome Offer Until]
"AVAST Software"="20200920"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\AVAST Software\Avast Cleanup\TuneupUI.exe"="8"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{6D809377-6AF0-444B-8957-A3773F02200E}\AVAST Software\Avast\setup\instup.exe"="1"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\AVAST Software\Avast\AvastUI.exe"="0x53414350010000000000000007000000280000004091A9003A4EAA0001000000000000000000000A00210000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000071020000000000000200000002000000"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe"="0x5341435001000000000000000700000028000000C81920006A05210001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000D5502D00000000000200000002000000"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"="0x5341435001000000000000000700000028000000C80214009CB6140001000000000000000000000A00210000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000008E5F7207000000000300000003000000"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUninst.exe"="0x5341435001000000000000000700000028000000F87270003280700003000000000000000000000A00210000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000000B10000000000000100000001000000"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\AVAST Software\Avast\setup\instup.exe"="0x534143500100000000000000070000002800000058B71D000000000003000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000D8330200000000000100000001000000"
 
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Stu\Desktop\avastclear (2).exe.ApplicationCompany"="AVAST Software"
 
 
====== End of Search ======
 
 
Thanks very much  :D

  • 0

#29
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 247 posts

Farbar Recovery Scan Tool - Fix
 

  • Highlight the contents of the below code box and press Ctrl + C on your keyboard:
Start::

CreateRestorePoint:
CloseProcesses:

C:\Users\Stu\Downloads\avastclear (2).exe
C:\Users\Stu\Desktop\avastclear (2).exe
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RL42750G\activityi;dc_pre=COWa0szOrOgCFeINtwAdVXwB_A;src=6633083;type=unive0;cat=avast0;ord=7193596675355;gtm=2wg3b2;auiddc=1144323118.158[1].htm
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KTTT7NMX\activityi;dc_pre=CNqqp9rfrOgCFVAVaAodkL8GTg;src=6633083;type=unive0;cat=avast0;ord=5010239065941;gtm=2wg3b2;auiddc=1144323118.158[1].htm
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avastclear[1].exe
C:\Program Files\AVAST Software\Avast\wsc_proxy.exe

StartRegedit:
Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvastPersistentStorage]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"DISPLAYNAME"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"PRODUCTEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"REPORTINGEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"DISPLAYNAME"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"PRODUCTEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"REPORTINGEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
"AvastUI.exe"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]
"AvastUI.exe"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]
"Avast Cleanup Premium.lnk"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.27012.0_none_5ca6eb17137337f1"=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.27012.0_none_6186ed0910476724"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.27012.0_none_4f95660acc611f2b"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.27012.0_none_547567fcc9354e5e"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.27012.0_none_a45421ee27ef60f7"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.27012.0_none_a93423e024c3902a"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_b2556b4035446b41"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.27012.0_none_97429ce1e0dd4831"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.27012.0_none_9c229ed3ddb17764"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_99059a01de544235"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5158632ac9d8192f"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_9de59bf3db287168"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_5638651cc6ac4862"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\AVAST Software]
[-HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\com.avast.nativeproxy]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\No Chrome Offer Until]
"AVAST Software"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
[-HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"avast! Antivirus"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\AVAST Software\Avast Cleanup\TuneupUI.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{6D809377-6AF0-444B-8957-A3773F02200E}\AVAST Software\Avast\setup\instup.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Temp\asw.20db451ff3bcbd5e\avast_free_antivirus_setup_online_x64.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Stu\Downloads\avast_free_antivirus_setup_online_softonic.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Stu\Downloads\avast_free_antivirus_setup_online(1).exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\AVAST Software\Avast\AvastUI.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUninst.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\AVAST Software\Avast\setup\instup.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Stu\Downloads\avastclear.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Stu\Downloads\avast_free_antivirus_setup_online.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Stu\Desktop\avastclear (2).exe.FriendlyAppName"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Stu\Desktop\avastclear (2).exe.ApplicationCompany"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"PRODUCTEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"REPORTINGEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"PRODUCTEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"REPORTINGEXE"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\AVAST Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\No Chrome Offer Until]
"AVAST Software"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\AVAST Software\Avast Cleanup\TuneupUI.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{6D809377-6AF0-444B-8957-A3773F02200E}\AVAST Software\Avast\setup\instup.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\AVAST Software\Avast\AvastUI.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUninst.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\AVAST Software\Avast\setup\instup.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Stu\Desktop\avastclear (2).exe.ApplicationCompany"="AVAST Software"-

EndRegedit:

EmptyTemp:
End::

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Double-click FRST.exe/FRST64.exe to run it.
  • Press the Fix button just once and wait.
    Note: No need to paste the script into FRST.
  • Restart the computer if prompted.
  • When the fix is complete FRST will generate a log in the same location it was run from (Fixlog.txt)
  • Please copy and paste its contents into your reply.

---------------------------------------------------

In your next reply, please include:

  • Fixlog.txt

  • 0

#30
Buffyfan

Buffyfan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by Stu (03-04-2020 12:32:49) Run:2
Running from C:\Users\Stu\Desktop
Loaded Profiles: Stu (Available Profiles: Stu & Administrator)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
C:\Users\Stu\Downloads\avastclear (2).exe
C:\Users\Stu\Desktop\avastclear
(2).exe
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RL42750G\activityi;dc_pre=COWa0szOrOgCFeINtwAdVXwB_A;src=6633083;type=unive0;cat=avast0;ord=7193596675355;gtm=2wg3b2;auiddc=1144323118.158[1].htm
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KTTT7NMX\activityi;dc_pre=CNqqp9rfrOgCFVAVaAodkL8GTg;src=6633083;type=unive0;cat=avast0;ord=5010239065941;gtm=2wg3b2;auiddc=1144323118.158[1].htm
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avastclear[1].exe
C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
StartRegedit:
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvastPersistentStorage]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"DISPLAYNAME"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"PRODUCTEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"REPORTINGEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"DISPLAYNAME"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"PRODUCTEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"REPORTINGEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
"AvastUI.exe"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]
"AvastUI.exe"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]
"Avast Cleanup Premium.lnk"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.27012.0_none_5ca6eb17137337f1"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.27012.0_none_6186ed0910476724"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.27012.0_none_4f95660acc611f2b"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.27012.0_none_547567fcc9354e5e"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.27012.0_none_a45421ee27ef60f7"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.27012.0_none_a93423e024c3902a"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_b2556b4035446b41"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.27012.0_none_97429ce1e0dd4831"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.27012.0_none_9c229ed3ddb17764"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_a6171f0e25665afb"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5e69e83710ea31f5"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_aaf72100223a8a2e"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_6349ea290dbe6128"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_99059a01de544235"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.28127.0_none_5158632ac9d8192f"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_9de59bf3db287168"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.28127.0_none_5638651cc6ac4862"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\AVAST
Software]
[-HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\com.avast.nativeproxy]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\No Chrome Offer Until]
"AVAST Software"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
[-HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"avast! Antivirus"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\AVAST Software\Avast Cleanup\TuneupUI.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{6D809377-6AF0-444B-8957-A3773F02200E}\AVAST
Software\Avast\setup\instup.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Temp\asw.20db451ff3bcbd5e\avast_free_antivirus_setup_online_x64.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Stu\Downloads\avast_free_antivirus_setup_online_softonic.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Stu\Downloads\avast_free_antivirus_setup_online(1).exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\AVAST
Software\Avast\AvastUI.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUninst.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\AVAST Software\Avast\setup\instup.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows
NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Stu\Downloads\avastclear.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Stu\Downloads\avast_free_antivirus_setup_online.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Stu\Desktop\avastclear (2).exe.FriendlyAppName"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Stu\Desktop\avastclear (2).exe.ApplicationCompany"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"PRODUCTEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}]
"REPORTINGEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"PRODUCTEXE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"REPORTINGEXE"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\AVAST Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\No Chrome Offer Until]
"AVAST Software"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\AVAST Software\Avast Cleanup\TuneupUI.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{6D809377-6AF0-444B-8957-A3773F02200E}\AVAST Software\Avast\setup\instup.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows
NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\AVAST Software\Avast\AvastUI.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUninst.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\AVAST
Software\Avast\setup\instup.exe"=-
[HKEY_USERS\S-1-5-21-661845806-1645133277-2052336375-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Stu\Desktop\avastclear (2).exe.ApplicationCompany"="AVAST Software"-
EndRegedit:
EmptyTemp:
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
"C:\Users\Stu\Downloads\avastclear (2).exe" => not found
"C:\Users\Stu\Desktop\avastclear" => not found
(2).exe => Error: No automatic fix found for this entry.
Could not move "C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RL42750G\activityi;dc_pre=COWa0szOrOgCFeINtwAdVXwB_A;src=6633083;type=unive0;cat=avast0;ord=7193596675355;gtm=2wg3b2;auiddc=1144323118.158[1].htm" => Scheduled to move on reboot.
Could not move "C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KTTT7NMX\activityi;dc_pre=CNqqp9rfrOgCFVAVaAodkL8GTg;src=6633083;type=unive0;cat=avast0;ord=5010239065941;gtm=2wg3b2;auiddc=1144323118.158[1].htm" => Scheduled to move on reboot.
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\E9B9YY7Z\avastclear[1].exe => moved successfully
"C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" => not found
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF} <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF} <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF} <==== Access Denied
Registry ====> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF} <==== Access Denied
Registry ====> ERROR: Error accessing the registry.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14742541 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 42275 B
Edge => 36141 B
Chrome => 426338433 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 37228 B
Stu => 13595625 B
Administrator => 13595625 B
 
RecycleBin => 0 B
EmptyTemp: => 456.5 MB temporary data Removed.
 
================================
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-04-2020 13:41:10)
 
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RL42750G\activityi;dc_pre=COWa0szOrOgCFeINtwAdVXwB_A;src=6633083;type=unive0;cat=avast0;ord=7193596675355;gtm=2wg3b2;auiddc=1144323118.158[1].htm => Could not move
C:\Users\Administrator\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KTTT7NMX\activityi;dc_pre=CNqqp9rfrOgCFVAVaAodkL8GTg;src=6633083;type=unive0;cat=avast0;ord=5010239065941;gtm=2wg3b2;auiddc=1144323118.158[1].htm => Could not move
 
==== End of Fixlog 13:41:12 ====
 
Thank you :)

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP