My laptop has really slowed down over the last few weeks. There are no redirects, or unusual pop-up ads, other than normal advertising. It is slow when I surf the web, use emails, cutting and pasting of documents. Any help would be greatly apprectiated. Thank you. Scans are provided below.
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7666392 2014-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [166144 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-10-16] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-07-23] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare Software Co., Ltd. -> Wondershare)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\Beatrice\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=866453ef907a47d2a1e59913f05f23cd-7b0c96f9aa992d7393c82dd82ae949bc32978813 /CMPID=0214c
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG -> Nero AG)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [uTorrent] => "C:\Users\Beatrice\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [BlackBerryLink.exe] => "C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe" /minimize
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [RIMDeviceManager] => C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31162288 2021-04-29] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\MountPoints2: {7bf13d53-2ea9-11e8-8342-485ab6bbca3e} - "F:\SISetup.exe"
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\MountPoints2: {d59268f8-af74-11e5-82de-485ab6bbca3e} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL F:\Start.exe
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31162288 2021-04-29] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpfpp083: C:\Windows\System32\spool\prtprocs\x64\hpfpp083.dll [254464 2008-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\LMACGL4C: C:\Windows\System32\spool\prtprocs\x64\LMACGL4C.DLL [81920 2011-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [51032 2008-04-07] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP 6412 Status Monitor: C:\Windows\system32\hpinksts6412LM.dll [331664 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP C611 Status Monitor: C:\Windows\system32\hpinkstsC611LM.dll [333344 2013-05-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet 4620 series): C:\Windows\system32\HPDiscoPM6412.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\hpf3l083.dll: C:\Windows\system32\hpf3l083.dll [134144 2008-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-27] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
AppInit_DLLs: acaptuser64.dll => C:\Windows\system32\acaptuser64.dll [119160 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2021-01-08]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\Users\Beatrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Jacquie Lawson Desktop Widget.lnk [2019-01-29]
ShortcutTarget: Jacquie Lawson Desktop Widget.lnk -> C:\Program Files (x86)\Jacquie Lawson Desktop Widget\Jacquie Lawson Desktop Widget.exe (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1B19C810-13C3-4EF7-823B-BD17E1F76D93} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {213C8E23-EF11-4771-9B02-67FF1D84C4A1} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [4747008 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {2851BE0E-70F2-4659-B15D-B2FAD39288E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {3A918669-731A-4E2F-9697-B7F16E6AC905} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-23] (Google Inc -> Google Inc.)
Task: {41D3515E-BCA9-4F9F-825D-D32EE3EA102C} - System32\Tasks\G2MUpdateTask-S-1-5-21-3281177217-869368764-2006139627-1002 => C:\Users\Beatrice\AppData\Local\GoToMeeting\19598\g2mupdate.exe [31320 2021-05-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {52402E40-0599-4C9A-A41E-199DC7B9F7E0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {58B040EB-6780-459B-82DE-8AE267E10B50} - System32\Tasks\G2MUploadTask-S-1-5-21-3281177217-869368764-2006139627-1002 => C:\Users\Beatrice\AppData\Local\GoToMeeting\19598\g2mupload.exe [31320 2021-05-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {5DA8520C-8C9E-4F90-BAC2-03C92A80859C} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {ACC5647D-D2F3-4C2B-A471-FB634E0039B7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {AEE99C6E-BE10-4C77-9879-423F5B78679C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-23] (Google Inc -> Google Inc.)
Task: {BABB5768-11E9-4561-AFCC-EA6483C9F4DC} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1821968 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {BBF4AC2F-7854-45DB-85D7-B7A22AA481D8} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2013-06-07] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {CDC8479E-85C6-40AE-96B4-0432A5C3090C} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40880 2021-04-29] (Garmin International, Inc. -> )
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3281177217-869368764-2006139627-1002.job => C:\Users\Beatrice\AppData\Local\GoToMeeting\19598\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3281177217-869368764-2006139627-1002.job => C:\Users\Beatrice\AppData\Local\GoToMeeting\19598\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 207.164.234.193
Tcpip\..\Interfaces\{486B1D7C-1E02-42D5-B6AA-A45F73E675F1}: [DhcpNameServer] 192.168.2.1 207.164.234.193
Tcpip\..\Interfaces\{7C57A303-A069-4AAA-A050-8A4F276FEC6D}: [DhcpNameServer] 192.168.3.5 192.168.3.1
Tcpip\..\Interfaces\{A16B1061-4FB6-41C7-84E2-AFC95E3F2D72}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge Profile: C:\Users\Beatrice\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-27]
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-20] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default [2021-05-11]
CHR Notifications: Default -> hxxps://app.gotowebinar.com; hxxps://calendar.google.com; hxxps://hmsd.edsby.com; hxxps://mail.google.com; hxxps://newtonsgrove.edsby.com; hxxps://nowtoronto.com; hxxps://web.skype.com; hxxps://www.680news.com; hxxps://www.explore-mag.com; hxxps://www.facebook.com; hxxps://www.myswitzerland.com; hxxps://www.point2homes.com; hxxps://www0.123movieshub.sc
CHR Extension: (Slides) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-27]
CHR Extension: (uBlock Origin) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-11]
CHR Extension: (Sheets) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-20]
CHR Extension: (Skype) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Gmail) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-22]
CHR Profile: C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\System Profile [2020-09-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-19] () [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-17] (Andrea Electronics -> Andrea Electronics Corporation)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-19] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [607488 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe [356608 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [7941688 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [109480 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-02-26] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-04-18] (Hewlett-Packard Company -> HP)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-07-23] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG -> Nero AG)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [35816 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [212344 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [365112 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [250408 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [99384 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [41432 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [180576 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [522520 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [107920 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [83008 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [850784 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [467840 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [215488 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [327104 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 blackberryncm; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys [36360 2016-04-06] (Microsoft Windows Hardware Compatibility Publisher -> BlackBerry)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [44480 2013-09-23] (Akeo Consulting -> hxxp://libusb-win32.sourceforge.net)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-05-26] (BlackBerry Limited) [File not signed]
S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2013-07-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Mediatek Inc. -> Ralink Technology, Corp.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-23] (Hewlett-Packard Company -> HP)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-23] (Hewlett-Packard Company -> HP)
S3 RimUsb; \SystemRoot\System32\Drivers\RimUsb_AMD64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-11 15:57 - 2021-05-11 15:59 - 000021776 _____ C:\Users\Beatrice\Desktop\FRST.txt
2021-05-11 15:56 - 2021-05-11 15:59 - 000000000 ____D C:\FRST
2021-05-11 15:55 - 2021-05-11 15:49 - 002298880 _____ (Farbar) C:\Users\Beatrice\Desktop\FRST64.exe
2021-05-11 15:49 - 2021-05-11 15:49 - 002298880 _____ (Farbar) C:\Users\Beatrice\Downloads\FRST64.exe
2021-05-11 13:53 - 2021-05-11 13:53 - 000481126 _____ C:\Users\Beatrice\Downloads\Popcorn 2021.pdf
2021-05-11 10:30 - 2021-05-11 10:30 - 000096204 _____ C:\Users\Beatrice\Desktop\Scanned from a Xerox Multifunction Printer (2).pdf
2021-05-11 10:29 - 2021-05-11 10:29 - 000096204 _____ C:\Users\Beatrice\Downloads\Scanned from a Xerox Multifunction Printer (5).pdf
2021-05-11 10:29 - 2021-05-11 10:29 - 000096204 _____ C:\Users\Beatrice\Downloads\Scanned from a Xerox Multifunction Printer (4).pdf
2021-05-11 10:29 - 2021-05-11 10:29 - 000096204 _____ C:\Users\Beatrice\Downloads\Scanned from a Xerox Multifunction Printer (3).pdf
2021-05-11 10:29 - 2021-05-11 10:29 - 000096204 _____ C:\Users\Beatrice\Downloads\Scanned from a Xerox Multifunction Printer (2).pdf
2021-05-11 10:26 - 2021-05-11 10:26 - 000096204 _____ C:\Users\Beatrice\Downloads\Scanned from a Xerox Multifunction Printer (1).pdf
2021-05-11 09:52 - 2021-05-11 09:52 - 000096204 _____ C:\Users\Beatrice\Downloads\Scanned from a Xerox Multifunction Printer.pdf
2021-05-10 17:31 - 2021-05-10 17:31 - 000090191 _____ C:\Users\Beatrice\Downloads\Documents - I made the changes we discussed. (1).zip
2021-05-10 15:54 - 2021-05-10 15:54 - 000090191 _____ C:\Users\Beatrice\Downloads\Documents - I made the changes we discussed..zip
2021-05-10 15:51 - 2021-05-10 15:51 - 000804293 _____ C:\Users\Beatrice\Downloads\popcorn order Bill.pdf
2021-05-08 17:21 - 2021-05-08 17:21 - 000164190 _____ C:\Users\Beatrice\Downloads\Get ready to visit THEMUSEUM (2).zip
2021-05-08 14:41 - 2021-05-08 14:41 - 000056882 _____ C:\Users\Beatrice\Downloads\Your Comments Please (3).zip
2021-05-08 14:41 - 2021-05-08 14:41 - 000056882 _____ C:\Users\Beatrice\Downloads\Your Comments Please (2).zip
2021-05-08 12:50 - 2021-05-08 12:50 - 000056882 _____ C:\Users\Beatrice\Downloads\Your Comments Please (1).zip
2021-05-08 12:45 - 2021-05-08 12:45 - 000164190 _____ C:\Users\Beatrice\Downloads\Get ready to visit THEMUSEUM (1).zip
2021-05-07 13:13 - 2021-05-07 13:13 - 000056882 _____ C:\Users\Beatrice\Downloads\Your Comments Please.zip
2021-05-06 09:18 - 2021-05-06 09:18 - 000023424 _____ C:\Users\Beatrice\Downloads\Renees-Garden-Cornucopia-For-Web.pdf
2021-05-04 20:56 - 2021-05-04 20:56 - 000000356 _____ C:\Users\Beatrice\Downloads\Danieltest_ May 4, 2021 at 4_00 PM - HealthCheck (1).csv
2021-05-04 18:34 - 2021-05-10 08:54 - 000000000 ____D C:\Users\Beatrice\Documents\Garden
2021-05-04 18:28 - 2021-05-04 18:28 - 000000356 _____ C:\Users\Beatrice\Downloads\Danieltest_ May 4, 2021 at 4_00 PM - HealthCheck.csv
2021-05-04 15:09 - 2021-05-04 15:09 - 000735181 _____ C:\Users\Beatrice\Downloads\popcorn order .zip
2021-05-04 14:01 - 2021-05-11 15:30 - 000000574 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3281177217-869368764-2006139627-1002.job
2021-05-04 14:01 - 2021-05-11 12:39 - 000000670 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3281177217-869368764-2006139627-1002.job
2021-05-04 14:01 - 2021-05-10 22:03 - 000003676 _____ C:\Windows\system32\Tasks\G2MUploadTask-S-1-5-21-3281177217-869368764-2006139627-1002
2021-05-04 14:01 - 2021-05-10 22:03 - 000003580 _____ C:\Windows\system32\Tasks\G2MUpdateTask-S-1-5-21-3281177217-869368764-2006139627-1002
2021-05-04 14:01 - 2021-05-07 12:32 - 000000000 ____D C:\Users\Beatrice\AppData\Local\GoToMeeting
2021-05-04 14:00 - 2021-05-04 14:00 - 000000000 ____D C:\Users\Beatrice\AppData\Local\GoTo Opener
2021-05-03 19:00 - 2021-05-03 19:00 - 000000000 ____D C:\Users\Beatrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-05-03 17:34 - 2021-05-03 17:34 - 000275796 _____ C:\Users\Beatrice\Downloads\April 27, 2021 - 22nd Toronto Scout Group Meeting.pdf
2021-05-03 14:44 - 2021-05-03 14:44 - 007595241 _____ C:\Users\Beatrice\Downloads\VID-20210124-WA0003.mp4
2021-05-03 14:26 - 2021-05-03 14:26 - 001241127 _____ C:\Users\Beatrice\Desktop\Application for Employment page 1.pdf
2021-05-03 14:24 - 2021-05-03 14:24 - 001431349 _____ C:\Users\Beatrice\Desktop\Application for Employment page 2.pdf
2021-05-03 13:53 - 2021-05-03 13:53 - 000105779 _____ C:\Users\Beatrice\Downloads\Carlton Cards Application Form.zip
2021-05-02 08:57 - 2021-05-02 08:57 - 000001873 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2021-05-02 08:57 - 2021-05-02 08:57 - 000001873 _____ C:\ProgramData\Desktop\Garmin Express.lnk
2021-05-02 08:57 - 2021-05-02 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2021-04-29 19:08 - 2021-04-29 19:08 - 000215488 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2021-04-29 19:08 - 2021-04-29 19:07 - 000340224 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2021-04-29 17:26 - 2021-04-29 17:27 - 000000000 ____D C:\Users\Beatrice\Desktop\Popcorn
2021-04-29 17:24 - 2021-05-02 11:58 - 000000000 ____D C:\Users\Beatrice\Desktop\Alison
2021-04-29 16:19 - 2021-04-29 16:19 - 000023411 _____ C:\Users\Beatrice\Downloads\Patagonia and Updates from Polar Latitudes.zip
2021-04-29 16:11 - 2021-04-29 16:11 - 000100578 _____ C:\Users\Beatrice\Downloads\RE_ Calls to Players.zip
2021-04-29 16:04 - 2021-04-29 16:06 - 000000022 _____ C:\Users\Beatrice\Downloads\Tonight's Meeting (1).zip
2021-04-29 09:50 - 2021-04-29 09:50 - 000035762 _____ C:\Users\Beatrice\Downloads\orderno.bmp
2021-04-29 09:32 - 2021-04-29 09:35 - 002215207 _____ C:\Users\Beatrice\Downloads\Tonight's Meeting.zip
2021-04-28 16:45 - 2021-04-28 16:45 - 000024496 _____ C:\Users\Beatrice\Downloads\SponsorReportApr21.pdf
2021-04-28 16:41 - 2021-04-28 16:41 - 000749506 _____ C:\Users\Beatrice\Downloads\statement (47).pdf
2021-04-28 16:37 - 2021-04-28 16:37 - 000200796 _____ C:\Users\Beatrice\Downloads\Donation of dictionaries.zip
2021-04-28 16:33 - 2021-04-28 16:33 - 002209437 _____ C:\Users\Beatrice\Downloads\FinApr29.pdf
2021-04-28 16:20 - 2021-04-28 16:20 - 000850173 _____ C:\Users\Beatrice\Downloads\PDF_104742096_2021-04-26_205.pdf
2021-04-27 11:10 - 2021-04-27 11:10 - 008014647 _____ C:\Users\Beatrice\Downloads\Fwd_ Innovators during Covid _).zip
2021-04-26 18:13 - 2021-04-26 18:13 - 010914729 _____ C:\Users\Beatrice\Downloads\Try One Of These.MP4.zip
2021-04-26 09:31 - 2021-04-26 09:31 - 005524781 _____ C:\Users\Beatrice\Downloads\Final notice - Virtual Meeting of Owners - May 11th, 2021, 7 p.m. - Smoking Rule.zip
2021-04-26 08:31 - 2021-04-26 08:31 - 000063035 _____ C:\Users\Beatrice\Downloads\Sales Invoice-Inv227548.pdf
2021-04-25 18:43 - 2021-04-25 18:48 - 000003069 _____ C:\Users\Beatrice\Downloads\TeamSnap Martingrove Baseball Registration (69).csv
2021-04-25 16:49 - 2021-04-25 16:49 - 000010697 _____ C:\Users\Beatrice\Downloads\Registrations as of April 25, 2021.zip
2021-04-25 10:07 - 2021-04-25 10:07 - 000004131 _____ C:\Users\Beatrice\Downloads\TeamSnap Martingrove Baseball Registration (68).csv
2021-04-25 10:01 - 2021-04-25 10:01 - 000000455 _____ C:\Users\Beatrice\Downloads\TeamSnap Martingrove Baseball Registration (67).csv
2021-04-25 10:00 - 2021-04-25 10:00 - 000039653 _____ C:\Users\Beatrice\Downloads\league registration (offline registration 2021 (final)) for martingrove baseball.csv
2021-04-25 09:50 - 2021-04-25 09:50 - 000835804 _____ C:\Users\Beatrice\Downloads\popcorn order form-Marcus and Roman - April 2021.pdf
2021-04-23 09:15 - 2021-04-23 09:15 - 000000968 _____ C:\Users\Beatrice\Downloads\FW_ Confirmation.zip
2021-04-21 17:57 - 2021-04-21 17:57 - 011087851 _____ C:\Users\Beatrice\Downloads\UofGH Science Rendezvous Virtual Event __Take Me To Space__ (1).zip
2021-04-21 17:34 - 2021-04-21 17:34 - 011087851 _____ C:\Users\Beatrice\Downloads\UofGH Science Rendezvous Virtual Event __Take Me To Space__.zip
2021-04-21 11:48 - 2021-04-21 11:48 - 017379121 _____ C:\Users\Beatrice\Downloads\April 14- Courtyard pictures.pdf
2021-04-17 16:36 - 2021-04-17 16:36 - 000069170 _____ C:\Users\Beatrice\Downloads\TorontoHydro_16-04-21.pdf
2021-04-16 21:57 - 2021-04-16 21:57 - 054749861 _____ C:\Users\Beatrice\Downloads\NextLevel_HealthChecks (1).MP4
2021-04-16 21:40 - 2021-04-16 21:40 - 000030092 _____ C:\Users\Beatrice\Downloads\RE_ 3 different Covid check lists (1).zip
2021-04-16 17:09 - 2021-04-16 17:09 - 000097690 _____ C:\Users\Beatrice\Downloads\document-0 (24).pdf
2021-04-15 19:04 - 2021-04-15 19:04 - 000030092 _____ C:\Users\Beatrice\Downloads\RE_ 3 different Covid check lists.zip
2021-04-15 17:42 - 2021-04-15 17:42 - 000235848 _____ C:\Users\Beatrice\Downloads\Popcorn Campaign Launch - today (1).zip
2021-04-15 17:40 - 2021-04-15 17:40 - 000235848 _____ C:\Users\Beatrice\Downloads\Popcorn Campaign Launch - today.zip
2021-04-14 09:34 - 2021-04-01 00:34 - 001678040 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-04-14 09:05 - 2021-04-14 09:06 - 054749861 _____ C:\Users\Beatrice\Downloads\NextLevel_HealthChecks.MP4
2021-04-13 23:06 - 2021-04-13 23:06 - 003281391 _____ C:\Users\Beatrice\Downloads\Popcorn sales.zip
2021-04-13 10:37 - 2021-04-13 10:37 - 000052667 _____ C:\Users\Beatrice\Downloads\550573-7819.PDF
2021-04-13 10:28 - 2021-04-13 10:28 - 000091857 _____ C:\Users\Beatrice\Downloads\Peperoni-Bonbons.pdf
2021-04-12 17:58 - 2021-04-12 18:54 - 000000022 _____ C:\Users\Beatrice\Downloads\Photos (43).zip
2021-04-12 17:15 - 2021-04-12 17:15 - 036391629 _____ C:\Users\Beatrice\Downloads\Raised Bed Construction 2021 (1).zip
2021-04-12 17:15 - 2021-04-12 17:15 - 030435687 _____ C:\Users\Beatrice\Downloads\Photos (42).zip
2021-04-12 17:13 - 2021-04-12 17:38 - 000000022 _____ C:\Users\Beatrice\Downloads\Raised Bed Construction 2021.zip
2021-04-12 14:08 - 2021-04-12 14:08 - 003269975 _____ C:\Users\Beatrice\Downloads\Scouts Popcorn Fundraiser (2).zip
2021-04-11 17:08 - 2021-04-11 17:08 - 000268660 _____ C:\Users\Beatrice\Downloads\Daily Screening -08.03.21.pdf
2021-04-11 16:40 - 2021-04-11 16:40 - 000048658 _____ C:\Users\Beatrice\Downloads\Return To Play-2021 (1).pdf
2021-04-11 16:35 - 2021-04-11 16:35 - 000048658 _____ C:\Users\Beatrice\Downloads\Return To Play-2021.pdf
2021-04-11 14:58 - 2021-04-11 14:59 - 001736368 _____ C:\Users\Beatrice\Downloads\BeatriceUpdate.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-11 15:51 - 2014-02-24 22:57 - 000000000 ____D C:\Users\Beatrice\AppData\Roaming\ClassicShell
2021-05-11 15:33 - 2014-02-24 22:49 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3281177217-869368764-2006139627-1002
2021-05-11 15:23 - 2015-10-24 19:58 - 000000000 ____D C:\ProgramData\Avg
2021-05-11 15:22 - 2013-08-22 10:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-05-11 14:06 - 2013-10-07 03:40 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2021-05-11 08:53 - 2014-02-24 22:43 - 000003938 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{E86B3FDE-7E6F-4AC9-87C7-512C4E67B12B}
2021-05-11 08:44 - 2013-08-26 02:09 - 000958016 _____ C:\Windows\system32\PerfStringBackup.INI
2021-05-11 08:44 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\Inf
2021-05-10 22:03 - 2019-03-28 22:30 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-05-10 22:03 - 2018-10-15 22:50 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2021-05-10 22:03 - 2018-03-23 10:24 - 000003332 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-10 22:03 - 2018-03-23 10:24 - 000003204 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-10 22:03 - 2017-09-03 22:59 - 000003916 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2021-05-10 22:03 - 2017-02-23 21:49 - 000003938 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{A8BB549A-4BE4-455E-9E7D-0D0CF353FA4E}
2021-05-10 22:03 - 2015-01-14 23:35 - 000003554 _____ C:\Windows\system32\Tasks\GarminUpdaterTask
2021-05-10 22:03 - 2013-10-07 03:42 - 000002990 _____ C:\Windows\system32\Tasks\Synaptics TouchPad Enhancements
2021-05-10 21:46 - 2021-01-25 22:29 - 000013598 _____ C:\Users\Beatrice\Desktop\Investments.xlsx
2021-05-10 07:42 - 2021-01-08 09:09 - 000000000 ____D C:\Users\Beatrice\Desktop\Steven and Amanda's payments
2021-05-05 19:20 - 2021-01-22 13:08 - 000000000 ____D C:\Users\Beatrice\Documents\2021 registrations
2021-05-03 19:01 - 2020-03-25 10:38 - 000000000 ____D C:\Users\Beatrice\AppData\Roaming\Zoom
2021-05-03 15:13 - 2016-07-31 22:35 - 000000000 ____D C:\Users\Beatrice\Documents\recepies
2021-05-02 10:03 - 2018-07-17 10:23 - 000000000 ____D C:\Users\Beatrice\AppData\Local\CrashDumps
2021-05-02 09:00 - 2015-01-14 23:35 - 000000000 ____D C:\ProgramData\Garmin
2021-05-02 08:57 - 2015-01-14 23:35 - 000000000 ____D C:\Program Files (x86)\Garmin
2021-05-02 08:57 - 2013-10-07 03:39 - 000000000 ____D C:\ProgramData\Package Cache
2021-04-30 22:14 - 2014-03-30 14:01 - 000000000 ____D C:\Users\Beatrice\Documents\Bea
2021-04-29 19:08 - 2019-01-17 23:18 - 000099384 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2021-04-29 19:08 - 2017-09-03 22:59 - 000327104 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2021-04-29 19:07 - 2020-10-22 19:53 - 000180576 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2021-04-29 19:07 - 2020-06-16 22:42 - 000522520 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetHub.sys
2021-04-29 19:07 - 2019-01-17 23:18 - 000365112 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2021-04-29 19:07 - 2019-01-17 23:18 - 000250408 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2021-04-29 19:07 - 2019-01-17 23:18 - 000035816 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
2021-04-29 19:07 - 2018-10-23 23:07 - 000041432 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2021-04-29 19:07 - 2017-12-10 23:25 - 000212344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2021-04-29 19:07 - 2017-09-03 22:59 - 000850784 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2021-04-29 19:07 - 2017-09-03 22:59 - 000467840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2021-04-29 19:07 - 2017-09-03 22:59 - 000107920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2021-04-29 19:07 - 2017-09-03 22:59 - 000083008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2021-04-29 00:43 - 2014-02-24 22:39 - 000000000 ____D C:\Users\Beatrice
2021-04-27 23:14 - 2018-03-23 10:24 - 000002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-27 23:14 - 2018-03-23 10:24 - 000002170 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-04-27 23:14 - 2018-03-23 10:24 - 000002170 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-04-27 10:42 - 2014-07-01 15:43 - 002898432 ___SH C:\Users\Beatrice\Desktop\Thumbs.db
2021-04-24 18:16 - 2019-03-28 22:29 - 000002046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-21 15:06 - 2021-02-25 12:19 - 000000000 ____D C:\Users\Beatrice\Desktop\Batch Output 2021-02-25-1119
2021-04-16 12:33 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\rescache
2021-04-14 20:03 - 2013-08-22 10:44 - 000486480 _____ C:\Windows\system32\FNTCACHE.DAT
2021-04-14 09:57 - 2013-08-22 09:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-04-14 09:55 - 2013-08-22 11:20 - 000000000 ____D C:\Windows\CbsTemp
2021-04-14 09:45 - 2014-02-26 18:21 - 000000000 ____D C:\Windows\system32\MRT
2021-04-14 09:38 - 2014-02-26 18:20 - 131963968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-04-12 20:15 - 2020-04-05 22:11 - 000000000 ____D C:\Users\Beatrice\Documents\Zoom
==================== Files in the root of some directories ========
2014-04-06 09:24 - 2014-04-06 09:24 - 000000000 _____ () C:\Users\Beatrice\AppData\Roaming\bitlord_log.txt
2014-09-29 23:04 - 2019-07-17 11:20 - 000000539 _____ () C:\Users\Beatrice\AppData\Roaming\Rim.Desktop.Exception.log
2014-09-29 23:03 - 2019-07-17 11:22 - 000003874 _____ () C:\Users\Beatrice\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-09-29 23:04 - 2019-07-17 11:20 - 000000539 _____ () C:\Users\Beatrice\AppData\Roaming\Rim.DesktopHelper.Exception.log
2015-01-25 19:37 - 2015-01-25 19:37 - 000003584 _____ () C:\Users\Beatrice\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2021-05-10 16:41
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2021
Ran by Beatrice (11-05-2021 16:01:28)
Running from C:\Users\Beatrice\Desktop
Windows 8.1 (Update) (X64) (2014-02-25 02:41:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3281177217-869368764-2006139627-500 - Administrator - Disabled)
Beatrice (S-1-5-21-3281177217-869368764-2006139627-1002 - Administrator - Enabled) => C:\Users\Beatrice
Guest (S-1-5-21-3281177217-869368764-2006139627-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3281177217-869368764-2006139627-1004 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: AVG Antivirus (Enabled - Up to date) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Amazon Kindle) (Version: 1.28.0.57030 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{E825A27F-01E0-1BB8-6A7D-DD769D57E4B0}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{1BC0225E-AF99-4434-92CC-615111CE698F}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 21.3.3174 - AVG Technologies)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Elevated Installer (HKLM-x32\...\{C3D3E0B3-6B8D-4AF4-B49A-3583E512ECE8}) (Version: 7.5.0.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
File Viewer Plus 4 (HKLM-x32\...\{5C61A881-C34E-405E-8C33-800821A618CF}_is1) (Version: 4.0.1 - Sharpened Productions)
Galerie de photos (HKLM-x32\...\{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{034F279C-D74E-42F2-8CEC-216E91969B29}) (Version: 7.5.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{afe06296-a3d5-48cf-88a2-77629aeb124b}) (Version: 7.5.0.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.93 - Google LLC)
GoTo Opener (HKLM-x32\...\{E69269DB-A77B-4BC1-8F39-241107B09F26}) (Version: 1.0.539 - LogMeIn, Inc.)
GoToMeeting 10.16.0.19598 (HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\GoToMeeting) (Version: 10.16.0.19598 - LogMeIn, Inc.)
GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider)
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP CASL Framework (HKLM-x32\...\{5094249B-9542-4536-AE76-B769EE085C99}) (Version: 7.0.5.1 - HP)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4620 series Basic Device Software (HKLM\...\{B411AD10-1BC9-4939-8848-BC5E66F662B7}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{FF5C86D0-09EA-43B8-A11C-7B8F7DA7FC51}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP System Event Utility (HKLM-x32\...\{23EF407B-E7D0-4CB6-8916-43E5B9EEFDED}) (Version: 1.0.9 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Utility Center (HKLM\...\{AED1C141-3AFC-47FE-AE90-C820AA60B103}) (Version: 2.2.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
iTunes (HKLM\...\{0F55124A-C00E-4227-A543-19389E732653}) (Version: 12.10.10.2 - Apple Inc.)
K-Lite Mega Codec Pack 10.3.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.0 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version: - Microsoft)
Microsoft Office Project Professional 2007 (HKLM-x32\...\PRJPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Nero 7 Ultra Edition (HKLM-x32\...\{43FFE159-3199-4188-A1CD-629166AD1033}) (Version: 7.02.6445 - Nero AG)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{8A2E2A41-B814-407E-2F96-4E433C42AB78}) (Version: 11.0.739.0 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.29.8105 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype version 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
Zoom (HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\ZoomUMX) (Version: 5.6.5 (823) - Zoom Video Communications, Inc.)
Zoom Outlook Plugin (HKLM-x32\...\{1BD8B0E0-0FBF-4F56-8F11-CE09B34EAD2F}) (Version: 5.0.24936 - Zoom)
Packages:
=========
Box for Windows 8 -> C:\Program Files\WindowsApps\134D4F5B.Box_2.1.4.4_neutral__2qk4zy5s3qmee [2015-11-13] (Box, Inc.)
Browser Choice -> C:\Windows\BrowserChoice [2014-03-13] (Microsoft Corporation)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2015-03-30] (eBay, Inc)
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2015-03-30] (Microsoft Corporation) [MS Ad]
Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-03-30] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-03-30] (Hewlett-Packard Company)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2015-06-24] (AMZN Mobile LLC)
McAfee® Central for HP -> C:\Program Files\WindowsApps\2703103D.McAfeeCentral_5.0.177.1_x64__4ehj4w4frejdr [2018-04-04] (.-McAfee Inc-.)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.10.1812.2002_x86__8wekyb3d8bbwe [2019-02-03] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.11.1807.1002_x86__8wekyb3d8bbwe [2018-07-26] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-26] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-26] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-30] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-25] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-30] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.22.0.39_x64__mcm4njqhnhss8 [2018-10-28] (Netflix, Inc.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-24] (Skype) [MS Ad]
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_5.5.0.8_x86__v10z8vjag6ke6 [2016-05-08] (HP Inc.)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation) [MS Ad]
YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.29632_x86__06qsbagp91rvg [2015-03-30] (CYBERLINKCOM CORP)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3281177217-869368764-2006139627-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Beatrice\AppData\Local\GoToMeeting\19598\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-3281177217-869368764-2006139627-1002_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext.dll [2007-05-05] () [File not signed]
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext.dll [2007-05-05] () [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-08-19] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext.dll [2007-05-05] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3554304 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [258560 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3649536 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [243200 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-02-06] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2014-02-26 20:55 - 2006-12-11 03:14 - 000043008 _____ () [File not signed] C:\Program Files (x86)\WinRar\rarext64.dll
2013-08-19 16:48 - 2013-08-19 16:48 - 000016896 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2013-08-19 16:47 - 2013-08-19 16:47 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-08-19 16:47 - 2013-08-19 16:47 - 000102400 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2021-01-18 16:21 - 2021-01-18 16:21 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\5caf8dcde6219562e9675700f201fee9\A4.Foundation.ni.dll
2021-01-18 16:21 - 2021-01-18 16:21 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\19c417a0e98dfe476b2b1b66e309f70c\AEM.Actions.CCAA.Shared.ni.dll
2021-01-18 16:21 - 2021-01-18 16:21 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\7cd947fba21d4208f00d7b234a037231\AEM.Plugin.EEU.Shared.ni.dll
2021-01-18 16:21 - 2021-01-18 16:21 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\a2463cb3d378e9f6e746cb68aa9a13ab\AEM.Plugin.Hotkeys.Shared.ni.dll
2021-01-18 16:22 - 2021-01-18 16:22 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.4adf1574#\b2ab11bc9a2acb0d27d3579326d59183\AEM.Plugin.Audio.Shared.ni.dll
2021-01-18 16:21 - 2021-01-18 16:21 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\bd2cda4847f9c97cd7c3ca3676dab171\AEM.Plugin.DPPE.Shared.ni.dll
2021-02-14 09:56 - 2021-02-14 09:57 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\d1fdf4a5acb048d5aceef1220522ef19\AEM.Plugin.Source.Kit.Server.ni.dll
2021-01-18 16:22 - 2021-01-18 16:22 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\9d94b66555d55fc6037514e8fe754092\AEM.Plugin.WinMessages.Shared.ni.dll
2021-01-18 16:21 - 2021-01-18 16:21 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\e4dea05701b9444308bc42ad8459ff8c\AEM.Plugin.REG.Shared.ni.dll
2021-01-18 16:21 - 2021-01-18 16:21 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\0b89671b96f75597d95354ce0e182101\AEM.Plugin.GD.Shared.ni.dll
2021-01-18 16:21 - 2021-01-18 16:21 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\799fdd0eaa6de40e4dd3d5947c9a20fe\AEM.Server.Shared.ni.dll
2021-01-18 16:22 - 2021-01-18 16:22 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\8b3e49d472d523a46e9eccb5f15e58a2\AEM.Server.ni.dll
2021-01-18 16:22 - 2021-01-18 16:22 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\61f71f1e2e67945f62ee5967ece27518\APM.Foundation.ni.dll
2021-01-18 18:29 - 2021-01-18 18:29 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\0d8b16a7907f6d53c7bfcc2f9f8cfd9f\ATICCCom.ni.dll
2021-01-18 16:22 - 2021-01-18 16:22 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\e3307acaedce87488704577cc9f14746\CCC.Implementation.ni.dll
2021-02-14 09:58 - 2021-02-14 09:58 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.2042675f#\9d31fc6c1d912ac659951955b6b12bd2\CLI.Aspect.CPUPStates.Fuel.Dashboard.ni.dll
2021-02-14 09:58 - 2021-02-14 09:58 - 000153088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\2d274aa0c01272c95de1a44ae71370e1\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\1d3a08facfef033e0547609e2ed36cca\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\1e050cb5ad6a08f42f6b8dba2a1133ac\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2021-01-18 18:28 - 2021-01-18 18:28 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\a794f22d3ab272e6e0bf79bf56553614\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2021-01-18 18:24 - 2021-01-18 18:24 - 000072192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.398e7f7a#\f9ae277a2c2cf82b3935730aa4bc3e05\CLI.Aspect.A4.A4.Shared.ni.dll
2021-01-18 18:28 - 2021-01-18 18:28 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\0d4f481ae7d5461260288f9912b88f1c\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\3b987e16805b11555ffe7533d2737b9b\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2021-01-18 18:27 - 2021-01-18 18:27 - 000130048 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\e65b702d70cad81b9ef8a7d1324dbcd9\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2021-02-14 09:59 - 2021-02-14 09:59 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\e134e2350972c5a8ea1d77ef4aaef46f\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2021-02-14 09:58 - 2021-02-14 09:58 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4ede500c#\115c55311870c6227c08dae465c79cc8\CLI.Aspect.DPPE.Fuel.Dashboard.ni.dll
2021-01-18 18:27 - 2021-01-18 18:27 - 000074240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\49cd26f6067a2f6e860548850dc5917b\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2021-02-14 09:58 - 2021-02-14 09:58 - 000111616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.5a772e69#\c68b115bc7ca0903ded5dc6500acb906\CLI.Aspect.Fets.Fuel.Dashboard.ni.dll
2021-02-14 09:59 - 2021-02-14 09:59 - 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.648b65fc#\476c77b1b9fb90da7fabe85b1f9acc58\CLI.Aspect.WiFi.Fuel.Dashboard.ni.dll
2021-01-18 18:29 - 2021-01-18 18:29 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\5f2d3d36507bba5b4275aa760ec91614\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000292864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\54af8486786ba2e7ca2e1a66838cddba\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2021-02-14 09:58 - 2021-02-14 09:58 - 000616960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\5f3ba86581a914ec2892f06eb93c0fff\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2021-01-18 18:27 - 2021-01-18 18:27 - 000741376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\0aeaa63c5d68daff3ad87ff446416458\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2021-02-14 09:58 - 2021-02-14 09:58 - 000452608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\c09825447838e15c518dba2815342160\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\c4aafe6a2594850c7774594610002325\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\f54bcf370c9c23731b2850f5e39f0b2e\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\fe2e81664d2ad1d127e48d9f0dbb0a58\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2021-02-14 09:58 - 2021-02-14 09:58 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\bb2e8afb87e63c2869dd89c2baaaeb1f\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2021-01-18 18:28 - 2021-01-18 18:28 - 000023552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c2a2b491#\856f1b5153500f13c9083480bcedf8b4\CLI.Aspect.WiFi.Fuel.Shared.ni.dll
2021-01-18 18:26 - 2021-01-18 18:26 - 000313344 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\3b5da5a6f888772a0a26a2c035bc8289\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\6b4605cca88eed21d78e4d49dd9d56f9\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2021-01-18 18:26 - 2021-01-18 18:26 - 000081408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.caa5cc64#\286ad41247a6a00cd4b744b0a0a2e094\CLI.Aspect.Fets.Fuel.Shared.ni.dll
2021-02-14 09:59 - 2021-02-14 09:59 - 001315840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d7e090dc#\caf269e4ca7e0882ffc3d4d3b0a2065f\CLI.Aspect.User.Fuel.Dashboard.ni.dll
2021-02-14 09:57 - 2021-02-14 09:57 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e76f4137#\0bc372edd48ebe18170deafd3e99cc93\CLI.Aspect.A4.A4.Dashboard.ni.dll
2021-02-14 09:58 - 2021-02-14 09:58 - 000273408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\80ba3e3f742710fde6c8738d5e13dca1\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2021-02-14 09:58 - 2021-02-14 09:58 - 003358720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\757abe95480bca690a28ff35a287e2d4\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000240128 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\f74c2454e760893a08f82df740db579e\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2021-01-18 18:28 - 2021-01-18 18:28 - 000047104 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\fecb8205195c0dac6245643997f544a2\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.efd83192#\78b217a1444be6ed60dd887124251230\CLI.Aspect.CPUPStates.Fuel.Shared.ni.dll
2021-01-18 18:24 - 2021-01-18 18:24 - 000047104 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f38af62f#\b1f3a46a8d07a2e560ad141479156686\CLI.Aspect.A4.A4.Runtime.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f45bd021#\152492b077b993ea33266af76be6b1b0\CLI.Aspect.DPPE.Fuel.Shared.ni.dll
2021-01-18 18:28 - 2021-01-18 18:28 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\ad7f56ffe9339dd628bfc8d2eced27e4\CLI.Caste.A4.Runtime.ni.dll
2021-01-18 18:24 - 2021-01-18 18:24 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\e3bf0aa8e1a5b7a00227877127b51e9c\CLI.Caste.A4.Shared.ni.dll
2021-02-14 09:59 - 2021-02-14 09:59 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\5e054128c0921dcf3562f21612af1050\CLI.Caste.A4.Dashboard.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\c3e426c78d165e7bfcc93f5afc61000a\CLI.Caste.Fuel.Shared.ni.dll
2021-01-18 18:28 - 2021-01-18 18:28 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\4dfc03c70741a09265cb8e553ac38bba\CLI.Caste.Fuel.Runtime.ni.dll
2021-02-14 09:59 - 2021-02-14 09:59 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\09fb6b6d126d23f8dc3d052ec6c21f3d\CLI.Caste.Fuel.Dashboard.ni.dll
2021-01-18 18:26 - 2021-01-18 18:26 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\2a78ba7d1deb632e6871bcd848df92d1\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2021-02-14 09:58 - 2021-02-14 09:58 - 001548800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\d2920d526f05b1df47520070ce3b367c\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2021-02-14 09:58 - 2021-02-14 09:58 - 000472576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\63d775a46ef3bdb38c25175c37395e04\CLI.Caste.Graphics.Dashboard.ni.dll
2021-01-18 18:28 - 2021-01-18 18:28 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\335b8033ea6b45bdde6ed37a491b7913\CLI.Caste.HydraVision.Runtime.ni.dll
2021-01-18 18:28 - 2021-01-18 18:28 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\d5b99b8afbfbf63c71d38d2d1c622646\CLI.Caste.HydraVision.Shared.ni.dll
2021-02-14 09:59 - 2021-02-14 09:59 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\64c2dc3940e59d30c6887fcabb011395\CLI.Caste.HydraVision.Dashboard.ni.dll
2021-01-18 18:28 - 2021-01-18 18:28 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\cad57680113d45fab4f9628bb62285b8\CLI.Caste.Platform.Shared.ni.dll
2021-01-18 18:28 - 2021-01-18 18:28 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\4342ed9a5c35d7afa4731e290974925e\CLI.Caste.Platform.Runtime.ni.dll
2021-02-14 09:59 - 2021-02-14 09:59 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\eedd25ab6a1ec163e358e6651c4e4275\CLI.Caste.Platform.Dashboard.ni.dll
2021-01-18 18:28 - 2021-01-18 18:28 - 000350720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combinee84f0351#\3b4787682bae770f963b1c72dee9b5bd\CLI.Combined.Fusion.Aspects.Runtime.ni.dll
2021-01-18 16:22 - 2021-01-18 16:22 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\19cf9152f3919577f9636c244d78c39a\CLI.Component.Runtime.Shared.ni.dll
2021-02-14 09:59 - 2021-02-14 09:59 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\48cf95d6db144d0ac1d04458d5748374\CLI.Component.Dashboard.ProfileManager2.ni.dll
2021-01-18 18:24 - 2021-01-18 18:24 - 000150528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\8eff78fe335609082406083f39e6bc05\CLI.Component.Runtime.Shared.Private.ni.dll
2021-01-18 18:29 - 2021-01-18 18:29 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\3d7831c48bd5ab90eebc8011b6a8406c\CLI.Component.Runtime.Extension.EEU.ni.dll
2021-02-14 09:57 - 2021-02-14 09:57 - 001603584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\e4347a0b0603ec1186e7801c9366f556\CLI.Component.Dashboard.Shared.Private.ni.dll
2021-02-14 09:57 - 2021-02-14 09:57 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\6628f13757ca09560ad417de16a16a5f\CLI.Component.Client.Shared.ni.dll
2021-01-18 18:24 - 2021-01-18 18:24 - 000084480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\6e213d8868c830e3c75b6da8bc069e18\CLI.Component.Dashboard.Shared.ni.dll
2021-01-18 16:22 - 2021-01-18 16:22 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\245644882251b20a49552c84cda942aa\CLI.Foundation.Private.ni.dll
2021-01-18 18:29 - 2021-01-18 18:29 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\c4655b668a6da43499edd167a80927da\CLI.Foundation.XManifest.ni.dll
2021-01-18 16:22 - 2021-01-18 16:22 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\c30f82703426bad2e4c96c0d90492caa\CLI.Foundation.CoreAudioAPI.ni.dll
2021-02-14 09:57 - 2021-02-14 09:57 - 000934400 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\ab14806956154712f94fc0147761dab6\CLI.Foundation.Client.ni.dll
2021-02-14 09:57 - 2021-02-14 09:57 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\2d554629eafc8480c5b73575428b270f\CLI.Foundation.ni.dll
2021-01-18 16:21 - 2021-01-18 16:21 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\e695b6f27b0bb4320f9fddcfafec9d66\DEM.Graphics.ni.dll
2021-01-18 18:28 - 2021-01-18 18:28 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\267a21f29702ed5f542e5178e47bc415\Fuel.Foundation.ni.dll
2021-02-14 10:00 - 2021-02-14 10:00 - 000292864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\ddf5b7d0723687080f9ce40f44b72bfd\LOG.Foundation.Implementation.ni.dll
2021-01-18 16:21 - 2021-01-18 16:21 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\3201bc042bf80f30a23e2067dfe51ec6\LOG.Foundation.Private.ni.dll
2021-01-18 16:22 - 2021-01-18 16:22 - 000087040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\e9837ed6da48a5b81b648adebb570d00\LOG.Foundation.Implementation.Private.ni.dll
2021-02-14 09:56 - 2021-02-14 09:56 - 000123392 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\32b7153488399379a618241d18da9722\LOG.Foundation.ni.dll
2021-01-18 16:22 - 2021-01-18 16:22 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\a6e2d46ba278b6bdaf9c46e087544e95\MOM.Foundation.ni.dll
2021-01-18 18:30 - 2021-01-18 18:30 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\a8b816a2d7e76c7597224201df8c79cd\MOM.Implementation.ni.dll
2021-01-18 16:21 - 2021-01-18 16:21 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\047ef198e7027a7bea26ebb0fa4825d4\NEWAEM.Foundation.ni.dll
2013-08-19 16:38 - 2013-08-19 16:38 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2013-08-19 16:37 - 2013-08-19 16:37 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2021-01-18 16:21 - 2021-01-18 16:21 - 000774656 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\cdc03450858662ef1e91227cd00302e0\ADL.Foundation.ni.dll
2021-01-18 16:22 - 2021-01-18 16:22 - 000250880 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\4429e5d4974410c2b3ff77aef4e16141\APM.Server.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000297984 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\9a6d62f810534f3f28c4120fc7d94cd5\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2021-02-14 09:58 - 2021-02-14 09:58 - 001652736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\4df40e7ed0ff422871ca396de614c2d6\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2021-02-14 09:58 - 2021-02-14 09:58 - 000740864 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\aacdf444aeacdee5b5e387d794ebba07\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2021-02-14 09:59 - 2021-02-14 09:59 - 002559488 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\b851a0124a5e15bfd24977ea0caf540b\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2021-02-14 09:59 - 2021-02-14 09:59 - 000989696 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\48ff0249440fda720f1ec9cf306be922\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2021-02-14 09:57 - 2021-02-14 09:57 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\d71070fd44d8c68f235a200078ac41ab\CLI.Component.Client.Shared.Private.ni.dll
2021-01-18 18:29 - 2021-01-18 18:29 - 000233472 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\c308917db4bb833d6ce34e35278fe4b5\CLI.Component.Runtime.ni.dll
2021-02-14 09:59 - 2021-02-14 09:59 - 000914944 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\e35b18a0904ee2c8b77178d4b297ce1e\CLI.Component.Dashboard.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\1a37310c265d41260b2c0ef61528786a\DEM.Graphics.I0706.ni.dll
2021-01-18 18:26 - 2021-01-18 18:26 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\e7870665ed7c5404fe5c5819b3bf6d45\DEM.Graphics.I0709.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\bbc215885d614c55ef6df7ee579f6471\DEM.Graphics.I0712.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\6de2027a71ec00655e9cab404146a863\DEM.Graphics.I0804.ni.dll
2021-01-18 18:29 - 2021-01-18 18:29 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\a5c2a762ac8fbc4887f9837633b9c320\DEM.Graphics.I0805.ni.dll
2021-01-18 18:29 - 2021-01-18 18:29 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\7cc772a1935ec5de5a8b516127016bfa\DEM.Graphics.I0812.ni.dll
2021-01-18 18:28 - 2021-01-18 18:28 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\9178266edd54e8c453f513f575e57055\DEM.Graphics.I0906.ni.dll
2021-01-18 18:25 - 2021-01-18 18:25 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\f56dc4dbc2fe29efa48a8b810cf5c253\DEM.Graphics.I0912.ni.dll
2021-01-18 18:28 - 2021-01-18 18:28 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\68fd1b0c1862cc13d30c92f58a5c3568\DEM.Graphics.I1010.ni.dll
2021-01-18 16:22 - 2021-01-18 16:22 - 001005568 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\7629198ada60b0cdd67d062a417f4a76\Localization.Foundation.Private.ni.dll
2021-02-14 10:01 - 2021-02-14 10:01 - 000242688 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\3cc558d2326936a31cf62a5e722bb0dc\ResourceManagement.Foundation.Implementation.ni.dll
2021-02-14 09:57 - 2021-02-14 09:57 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\30db84b3f7036da81e900b5e63b162b3\ResourceManagement.Foundation.Private.ni.dll
2021-02-14 09:57 - 2021-02-14 09:57 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\267605f5e60e7f1ee135e01bb0d4d6be\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2021-02-14 09:57 - 2021-02-14 09:57 - 002286592 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\b1eace4370ff5b323e2744a4b0a7b2f0\CLI.Caste.Graphics.Shared.ni.dll
2021-01-18 18:28 - 2021-01-18 18:28 - 002788864 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\284c65ef13d9764d51d089b8c06a0340\CLI.Caste.Graphics.Runtime.ni.dll
2021-01-18 16:21 - 2021-01-18 16:21 - 000025600 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\76b5be2201eb8a8521577159281555fe\DEM.Foundation.ni.dll
2021-01-18 16:21 - 2021-01-18 16:21 - 000115200 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\20294701afa4090b16b58e5ada6f0aa1\DEM.Graphics.I0601.ni.dll
2011-04-29 12:34 - 2011-04-29 12:34 - 000927232 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
2011-04-29 12:34 - 2011-04-29 12:34 - 000012288 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
2011-04-29 20:08 - 2011-04-29 20:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2010-08-06 12:15 - 2010-08-06 12:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 12:15 - 2010-08-06 12:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2010-08-06 12:15 - 2010-08-06 12:15 - 000054784 _____ (Hewlett-Packard) [File not signed] C:\Windows\SYSTEM32\hpzipr12.dll
2010-11-18 22:08 - 2010-11-18 22:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2014-01-18 18:12 - 2014-01-18 18:12 - 000796352 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2014-01-18 18:12 - 2014-01-18 18:12 - 002271424 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2014-01-18 18:12 - 2014-01-18 18:12 - 000283840 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPCON14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/4
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/4
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-03-30 21:28 - 2018-12-03 12:24 - 000000041 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Beatrice\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.2.1 - 207.164.234.193
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\StartupFolder: => "Jacquie Lawson Desktop Widget.lnk"
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "BlackBerryLink.exe"
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "RIMDeviceManager"
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "GarminExpress"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C38017F8-E0E8-4B42-89D2-849D1FB92D12}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5114AAF1-933F-48E2-B065-8FD049CD208B}] => (Allow) LPort=2869
FirewallRules: [{8A63499F-BA73-4586-9EFD-A4E8BE6C67DA}] => (Allow) LPort=1900
FirewallRules: [{06F2CB04-A283-4B52-B8AA-229C717AFC13}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9BE17BA2-312C-4A9E-8EAD-5EEF4C17223A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1EFE606F-A8FC-4435-8FD8-765B3E043242}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{842CDB17-A5DE-4194-BA3F-443B0EE2AEE4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7CADD1D8-196B-4BFA-8606-09D4A1D2DC3B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe => No File
FirewallRules: [{A633E9FE-8C22-4FD5-99B1-CBD85B312F2E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{692FD454-8485-4925-9B1F-E23177E03DF0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe => No File
FirewallRules: [{64771FFA-6B11-4494-8A5F-F6B3B52BFAAD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{01C75186-1D1C-40C4-8261-1E6E384740D1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe => No File
FirewallRules: [{138E9223-D151-4D38-B731-42565D981DEC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe => No File
FirewallRules: [{A43B80CA-E240-46DC-8CBD-890601997478}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{8BB31203-604D-40B8-AC2D-D6B7BCC0CD74}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [TCP Query User{B74451E8-1D7C-4445-9284-9167934D3C5D}C:\users\beatrice\appdata\local\temp\lmi9680.tmp\logmein client.exe] => (Allow) C:\users\beatrice\appdata\local\temp\lmi9680.tmp\logmein client.exe => No File
FirewallRules: [UDP Query User{287D2EFC-FD93-4565-A30F-3AAABA4FA484}C:\users\beatrice\appdata\local\temp\lmi9680.tmp\logmein client.exe] => (Allow) C:\users\beatrice\appdata\local\temp\lmi9680.tmp\logmein client.exe => No File
FirewallRules: [{3CB5F53A-8944-4F29-8D84-80BDE5F50762}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B0D5AAE4-97F0-4FE8-982D-5A99C8DB57A7}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{142E4A0A-587A-4D65-BC6B-BD25D7B42F84}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{DCE51DE1-18DC-40E0-A2BB-2EC4E1264899}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4830FFDE-4BDC-49C9-B241-280544DA7EC3}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C9B42E5F-A389-4CAE-B246-9BD01E019D3C}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{7AE58E2A-6850-48BE-A271-D3CC2B44C5CB}C:\users\beatrice\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\beatrice\appdata\local\logmein client\logmein client.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [UDP Query User{D740E82B-1F84-4ADD-9F7E-EFB526EDDD03}C:\users\beatrice\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\beatrice\appdata\local\logmein client\logmein client.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [{8C393550-CD06-45AE-9FE6-E3C66BC4C26F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe => No File
FirewallRules: [{381490E1-8366-4260-A50D-51F2BA1DDF43}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe => No File
FirewallRules: [{6990E688-DD48-4218-9A5A-7F186F6A3587}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe => No File
FirewallRules: [{C995172F-4B35-4C87-8AAE-9F07622300FA}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe => No File
FirewallRules: [TCP Query User{96DD37C6-90F8-4701-952D-ABAE613FC0BC}C:\users\beatrice\appdata\local\temp\lmi504a.tmp\logmein client.exe] => (Allow) C:\users\beatrice\appdata\local\temp\lmi504a.tmp\logmein client.exe => No File
FirewallRules: [UDP Query User{B676CF24-2340-4BCA-A145-2C4E0A8EAD8A}C:\users\beatrice\appdata\local\temp\lmi504a.tmp\logmein client.exe] => (Allow) C:\users\beatrice\appdata\local\temp\lmi504a.tmp\logmein client.exe => No File
FirewallRules: [TCP Query User{B1DA0F5A-40E9-403E-8D94-4B0F9FA3996B}C:\users\beatrice\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\beatrice\appdata\local\logmein client\logmein client.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [UDP Query User{F56BEE0E-1B0F-4925-914C-727FF4C8E757}C:\users\beatrice\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\beatrice\appdata\local\logmein client\logmein client.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [{D32B36C4-14DF-41FC-BA16-EF4850D54C4F}] => (Allow) C:\Users\Beatrice\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{732C35E4-5E77-40EF-A208-90B671E11466}] => (Allow) C:\Users\Beatrice\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{6EB01573-B325-46CA-8067-022DCC8C8965}C:\users\beatrice\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\beatrice\appdata\roaming\dropbox\bin\dropbox.exe => No File
FirewallRules: [UDP Query User{E7425883-01F0-4F1F-BF28-60F4BC06B01E}C:\users\beatrice\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\beatrice\appdata\roaming\dropbox\bin\dropbox.exe => No File
FirewallRules: [TCP Query User{F18C6CEA-AF23-4A69-A432-9426C66ABD88}C:\program files (x86)\hasbro interactive\trivial pursuit millennium edition\tp.exe] => (Allow) C:\program files (x86)\hasbro interactive\trivial pursuit millennium edition\tp.exe => No File
FirewallRules: [UDP Query User{BF87E493-D389-4A5C-ABFA-392B720AFE27}C:\program files (x86)\hasbro interactive\trivial pursuit millennium edition\tp.exe] => (Allow) C:\program files (x86)\hasbro interactive\trivial pursuit millennium edition\tp.exe => No File
FirewallRules: [TCP Query User{2983A92B-3262-4527-B7CD-87BDF385CE69}C:\users\beatrice\appdata\local\temp\lmi2992.tmp\logmein client.exe] => (Block) C:\users\beatrice\appdata\local\temp\lmi2992.tmp\logmein client.exe => No File
FirewallRules: [UDP Query User{609B29FF-93CF-4515-8132-4B526F5274A6}C:\users\beatrice\appdata\local\temp\lmi2992.tmp\logmein client.exe] => (Block) C:\users\beatrice\appdata\local\temp\lmi2992.tmp\logmein client.exe => No File
FirewallRules: [TCP Query User{FA835CDF-F4DE-4EDE-9183-F11DD437FBA2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [UDP Query User{5F5EE094-C0A5-4130-92CB-EDB299F7B198}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [{D6165666-9DEF-4815-A6BB-954CE17EA0C0}] => (Block) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [{D64F4BB0-01C5-40E0-8D8A-633FC2A4084C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe => No File
FirewallRules: [{CDFF6ECA-CEA0-4A29-BA20-496B58DF8254}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe => No File
FirewallRules: [{0E6742E6-D825-48A0-9E15-9578D030152E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{64DB1C5C-FA5D-4632-972C-AFF6BDCD0DA4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E3C51DF4-EA9A-4381-9B60-732C750E9261}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{39C5FD0D-9617-4811-96B7-6F4584EE9163}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{58FA1AC0-7097-4461-8C50-D87EB21DB66E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => No File
FirewallRules: [{49E06D5A-D0F0-4649-AB4C-B0C92E32C012}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => No File
FirewallRules: [{A3904ACB-D723-40B0-84FC-82CD131424AC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{96F34E72-338C-43F4-A665-A3D6DA664BE4}] => (Allow) C:\Users\Beatrice\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FFEA73B4-26C7-4B76-B566-16B7EC746F1B}] => (Allow) C:\Users\Beatrice\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{ED614057-4496-4D36-A24E-5BBF11F5473B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{9C7642F9-4C29-4714-9D3F-A67324DC94C3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{311DF5C6-0821-4189-9756-DEFB77C9F34B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C863362F-668C-42B9-B273-881A20C7AF5A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{09C6ABE0-D192-4E3E-884C-CB4878B1A6BC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{CE833B81-9D44-448B-96C2-F97E034B6190}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B635B7F1-B07B-4141-B333-3E7E282E9795}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7D467B21-A5CB-4ED0-A49E-24406CD321CC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F7814187-F802-46DD-9F33-D8B7B42C3F46}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [{92BC6056-5737-411B-B1A6-6B3964BA46D8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe => No File
FirewallRules: [{81B98103-2BCB-49CB-9519-1150EAB1CEA5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe => No File
FirewallRules: [{4F9307C3-1BB3-4471-9D2F-5AE3BA04A065}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{8D842A37-C161-4045-8982-317C72273187}] => (Allow) C:\Users\Beatrice\AppData\Roaming\TelusMeetings\bin\TelusBusinessConnectMeetings.exe => No File
FirewallRules: [{66D96944-E8DC-4915-8C0B-2CC13D39A28B}] => (Allow) C:\Users\Beatrice\AppData\Roaming\TelusMeetings\bin\airhost.exe => No File
FirewallRules: [{1E3E99D4-0E24-4476-95E7-042F505D5D67}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4310A9AF-CF57-42E5-A26D-B5F21B061E1A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{572F5BBF-8E6A-4F0C-881F-F2EBAD2F1529}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4B5C33EF-94D5-4B92-B821-6326F0360055}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
19-04-2021 07:44:41 Scheduled Checkpoint
27-04-2021 11:32:04 Scheduled Checkpoint
02-05-2021 08:53:49 Garmin Express
02-05-2021 08:54:58 Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820
11-05-2021 08:56:40 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/11/2021 03:19:59 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (05/11/2021 03:17:56 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (05/11/2021 02:06:47 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (05/11/2021 02:06:47 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (05/11/2021 02:06:40 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (05/08/2021 03:56:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 510937
Error: (05/08/2021 03:56:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 510937
Error: (05/08/2021 03:56:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (05/11/2021 03:27:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Edge Update Service (edgeupdate) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (05/11/2021 03:27:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Edge Update Service (edgeupdate) service to connect.
Error: (05/11/2021 03:26:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Background Intelligent Transfer Service service hung on starting.
Error: (05/11/2021 03:19:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/11/2021 02:06:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/11/2021 08:56:37 AM) (Source: DCOM) (EventID: 10010) (User: Beatrice)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Error: (05/11/2021 08:56:07 AM) (Source: DCOM) (EventID: 10010) (User: Beatrice)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
Error: (05/10/2021 10:05:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
================
Date: 2015-03-30 21:58:07.288
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-03-30 21:09:45.609
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-03-30 20:35:17.849
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2015-03-30 20:33:31.801
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
Date: 2015-03-30 00:29:39.000
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80004005
Error description: Unspecified error
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2015-03-30 00:27:25.040
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
==================== Memory info ===========================
BIOS: Insyde F.22 09/27/2013
Motherboard: Hewlett-Packard 213B
Processor: AMD A6-5200 APU with Radeon HD Graphics
Percentage of memory in use: 44%
Total physical RAM: 7643.95 MB
Available physical RAM: 4221.24 MB
Total Virtual: 8859.95 MB
Available Virtual: 5048.89 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:677.33 GB) (Free:540.84 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.54 GB) (Free:2.03 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{ef62169f-32b1-4fb5-ac9c-72b6ac8ca640}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.1 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 3A472083)
Partition: GPT.
==================== End of Addition.txt =======================