I have 1 SPECIFIC issue ... when I try to download files ... books, pdf's, images, anything ... everytime it begins to download and then stops somewhere in the middle and then I get the message ' failed, network error ' ... but I turn to my other computer or my wife's (all on the same internet) and am able to download with no problems at all.
I'm not sure if this is a virus issue or what, but I decided since I haven't 'cleaned' this laptop since I bought it, that I would start here.
FRST
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2021-04-19] [Legacy] [not signed]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Brave:
=======
BRA Profile: C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-07-23]
BRA Notifications: Default -> hxxps://services.hughesnet.com; hxxps://www.elcorreo.com
BRA NewTab: Default -> Not-active:"chrome-extension://dchlgjjknnfihkdbkknkhdkneiajdboe/newtab/index.html"
BRA DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}&t=brave
BRA DefaultSearchKeyword: Default ->
BRA DefaultSuggestURL: Default -> hxxps://ac.duckduckgo.com/ac/?q={searchTerms}&type=list
BRA Session Restore: Default -> is enabled.
BRA Extension: (Google Translate) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-03-03]
BRA Extension: (Sci-Fi Art New Tab) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dchlgjjknnfihkdbkknkhdkneiajdboe [2021-02-02]
BRA Extension: (Avast Passwords) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2021-01-20]
BRA Extension: (Online coupon tool: Add to Chrome for free) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2021-07-18]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-01-29]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-07-23]
BRA Extension: (Brave NTP sponsored images) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2021-07-23]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-07-01]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-07-21]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ArmouryCrateControlInterface; C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe [889248 2020-12-17] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSLinkNear; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNear.exe [1290880 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkNearExt; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNearExt.exe [142464 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkRemote\AsusLinkRemote.exe [793752 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusOptimization.exe [336528 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSoftwareManager\AsusSoftwareManager.exe [945296 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2560144 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [885680 2021-07-11] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8249936 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [625432 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [373528 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-01-20] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-01-20] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [201376 2020-10-19] (DTS, Inc. -> DTS Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-09] (HP Inc. -> HP Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_21f432cacc7a9a01\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_21f432cacc7a9a01\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [112336 2019-10-02] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ASUSSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\ASUSSAIO.sys [39056 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35720 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [216928 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [366616 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250392 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99352 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [17328 2021-05-20] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41352 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [182600 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [524400 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107848 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82912 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851192 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [471920 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215384 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [327536 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\atkwmiacpi64.sys [44680 2021-07-11] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-01-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429296 2021-01-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2021-01-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-23 07:58 - 2021-07-23 07:59 - 000000000 ____D C:\FRST
2021-07-23 07:57 - 2021-07-23 07:59 - 000000000 ____D C:\Users\moond\Desktop\Virus Checking
2021-07-23 07:43 - 2021-07-23 07:44 - 000000000 ____D C:\Users\moond\Desktop\downloaded stuff
2021-07-23 07:20 - 2021-07-23 07:20 - 000000118 ____H C:\Users\moond\Downloads\.~lock.Week#8 Data.xlsx#
2021-07-22 11:12 - 2020-12-07 15:30 - 007545438 _____ C:\Users\moond\Desktop\Hawg_FlagsLib.wotmod
2021-07-22 11:00 - 2020-08-04 16:04 - 102213533 _____ C:\Users\moond\Desktop\CWW-P.43-ter-Comprovato-Remodel.wotmod
2021-07-22 11:00 - 2019-12-29 18:12 - 000047374 _____ C:\Users\moond\Desktop\CWW-P.43-ter-Comprovato-Remodel-Icons.wotmod
2021-07-17 20:54 - 2021-07-17 20:54 - 001823280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-07-17 20:54 - 2021-07-17 20:54 - 000011357 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-07-17 20:54 - 2021-07-17 20:54 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2021-07-17 20:54 - 2021-07-17 20:54 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2021-07-17 20:54 - 2021-07-17 20:54 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rendezvousSession.tlb
2021-07-17 20:54 - 2021-07-17 20:54 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\rendezvousSession.tlb
2021-07-17 17:46 - 2021-07-17 17:46 - 199967261 _____ C:\Users\moond\Desktop\IoW_Great_Push_Battle_of_the_Somme_1916.pdf
2021-07-14 10:22 - 2021-07-14 10:22 - 001238072 _____ C:\Users\moond\Desktop\statement (1).pdf
2021-07-14 10:19 - 2021-07-14 10:19 - 001238364 _____ C:\Users\moond\Desktop\statement.pdf
2021-07-13 21:29 - 2021-07-13 21:29 - 000000342 _____ C:\Users\moond\Desktop\[EBS] Jack Webber - Destination Mars 2[ebooks-shares.org].torrent
2021-07-12 12:19 - 2021-07-12 12:20 - 044598853 _____ C:\Users\moond\Desktop\AGleamofBayonets.pdf
2021-07-08 09:39 - 2021-07-08 09:39 - 002371072 _____ C:\Windows\system32\rdpnano.dll
2021-07-08 09:39 - 2021-07-08 09:39 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-07-08 09:39 - 2021-07-08 09:39 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-07-08 09:39 - 2021-07-08 09:39 - 001314128 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-07-08 09:39 - 2021-07-08 09:39 - 000570880 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-07-08 09:39 - 2021-07-08 09:39 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-07-08 09:39 - 2021-07-08 09:39 - 000097792 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-07-08 09:39 - 2021-07-08 09:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2021-07-08 09:39 - 2021-07-08 09:39 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2021-07-08 09:39 - 2021-07-08 09:39 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-07-08 07:28 - 2021-07-08 07:29 - 002010427 _____ C:\Users\moond\Desktop\shirt front idea.psd
2021-07-07 09:19 - 2021-07-07 10:11 - 000090769 _____ C:\Users\moond\Desktop\butterfly.jpeg
2021-07-06 16:24 - 2021-07-07 08:42 - 000350604 _____ C:\Users\moond\Desktop\stencil-style-new.zip
2021-07-06 16:04 - 2021-07-12 16:33 - 000000000 ____D C:\Users\moond\Desktop\sigs and avs
2021-07-06 11:24 - 2021-07-06 11:30 - 000000000 ____D C:\Users\moond\Desktop\Grandma's old pc
2021-07-06 11:08 - 2021-07-06 16:05 - 000000000 ____D C:\Users\moond\Desktop\Mark's Temp from Mom's gateway
2021-07-02 16:47 - 2021-07-02 16:47 - 152922777 _____ C:\Users\moond\Desktop\Aircraft_of_World_War_II.pdf
2021-07-02 08:55 - 2021-07-02 08:55 - 000000000 ____D C:\Users\moond\Desktop\downloaded books
2021-07-02 08:52 - 2021-07-02 08:52 - 000000000 ____D C:\Users\moond\Documents\Adobe
2021-07-01 07:33 - 2021-07-01 07:33 - 000454795 _____ C:\Users\moond\Desktop\butterfly work.psd
2021-07-01 07:32 - 2021-04-19 22:52 - 000018816 _____ C:\Windows\system32\RtEventLog.dll
2021-07-01 07:32 - 2021-04-19 22:42 - 045530813 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2021-06-26 08:24 - 2021-06-26 08:24 - 000046012 _____ C:\Users\moond\Desktop\ArmesMilitaria000-Index.odt
2021-06-26 07:25 - 2021-07-01 07:33 - 002271075 _____ C:\Users\moond\Desktop\butterflies.psd
2021-06-26 07:25 - 2021-06-26 07:25 - 001082811 _____ C:\Users\moond\Desktop\head work 2.psd
2021-06-26 07:25 - 2021-06-26 07:25 - 000954155 _____ C:\Users\moond\Desktop\head work 3.psd
2021-06-25 14:50 - 2021-06-25 14:49 - 000339736 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-06-25 14:50 - 2021-06-25 14:49 - 000215384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-06-23 12:30 - 2021-06-23 12:33 - 000000000 ____D C:\Users\moond\Desktop\memes
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-23 07:31 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-23 07:26 - 2021-01-20 23:30 - 000000000 ____D C:\Users\moond\Calibre Library
2021-07-23 07:09 - 2021-01-26 10:58 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2021-07-23 07:02 - 2020-09-27 10:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-07-23 05:46 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-23 05:46 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\AppReadiness
2021-07-23 05:28 - 2021-05-04 12:07 - 000004166 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{F72DE0B7-2B4B-4E73-8B7D-3F2978127DCD}
2021-07-22 18:32 - 2021-01-20 11:04 - 000000000 ____D C:\Users\moond\AppData\Roaming\TS3Client
2021-07-22 11:59 - 2021-01-20 12:28 - 000000000 ____D C:\Users\moond\AppData\Roaming\vlc
2021-07-22 11:17 - 2021-03-21 08:02 - 000000000 ____D C:\Users\moond\AppData\Local\ElevatedDiagnostics
2021-07-21 15:30 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-07-21 14:10 - 2021-04-20 18:43 - 000000132 _____ C:\Users\moond\AppData\Roaming\Adobe PNG Format CS6 Prefs
2021-07-21 13:47 - 2021-01-20 11:28 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-07-21 13:47 - 2021-01-20 10:07 - 000003366 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2021-07-21 13:47 - 2021-01-20 10:07 - 000003142 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2021-07-21 13:47 - 2021-01-19 17:44 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1336835431-166869274-4150396170-1001
2021-07-21 13:47 - 2021-01-19 17:42 - 000002452 _____ C:\Windows\system32\Tasks\RtkAudUService64_BG
2021-07-21 13:47 - 2021-01-19 17:39 - 000003116 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2021-07-21 13:47 - 2021-01-19 17:39 - 000003042 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2021-07-21 13:47 - 2020-09-27 10:53 - 000003408 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-21 13:47 - 2020-09-27 10:53 - 000003184 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-21 13:47 - 2020-09-27 10:00 - 000002854 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1336835431-166869274-4150396170-500
2021-07-21 09:17 - 2020-09-27 10:53 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-21 09:16 - 2021-01-20 11:28 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-07-18 13:53 - 2021-01-19 17:43 - 000000000 ____D C:\Users\moond\AppData\Local\D3DSCache
2021-07-18 07:52 - 2021-03-09 11:45 - 000000000 ____D C:\Users\moond\AppData\Roaming\discord
2021-07-18 07:12 - 2021-03-09 11:45 - 000000000 ____D C:\Users\moond\AppData\Local\Discord
2021-07-18 00:18 - 2020-09-27 10:06 - 000004460 _____ C:\Windows\system32\PerfStringBackup.INI
2021-07-18 00:12 - 2021-01-20 10:59 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-18 00:12 - 2021-01-19 17:44 - 000000000 ___RD C:\Users\moond\OneDrive
2021-07-18 00:12 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ServiceState
2021-07-18 00:12 - 2019-12-07 05:13 - 000000000 ____D C:\Windows\INF
2021-07-18 00:11 - 2021-01-20 11:26 - 000000000 ____D C:\ProgramData\Avast Software
2021-07-18 00:11 - 2020-09-27 10:50 - 004982080 _____ C:\Windows\system32\FNTCACHE.DAT
2021-07-18 00:11 - 2020-09-27 10:50 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-18 00:11 - 2020-09-27 10:50 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-07-18 00:11 - 2019-12-07 05:03 - 000786432 _____ C:\Windows\system32\config\BBI
2021-07-18 00:10 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SystemResources
2021-07-18 00:10 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-07-18 00:10 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\bcastdvr
2021-07-18 00:10 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-17 20:55 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\CbsTemp
2021-07-17 07:43 - 2021-01-20 10:08 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-07-15 15:49 - 2021-01-23 08:22 - 000000000 ____D C:\Windows\system32\MRT
2021-07-15 15:48 - 2021-01-23 08:22 - 133422552 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-07-09 17:41 - 2021-01-19 17:39 - 000000000 ____D C:\Users\moond
2021-07-09 14:17 - 2021-01-19 17:39 - 000002379 _____ C:\Users\moond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-08 09:46 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-07-08 09:46 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-07-08 09:46 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-07-08 09:46 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-07-08 09:46 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\setup
2021-07-08 09:46 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\oobe
2021-07-08 09:46 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\Dism
2021-07-08 09:46 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\Provisioning
2021-07-08 07:22 - 2021-04-19 21:32 - 000001456 _____ C:\Users\moond\AppData\Local\Adobe Save for Web 13.0 Prefs
2021-07-02 08:53 - 2021-04-20 16:34 - 000000000 ____D C:\Users\moond\Desktop\cup work
2021-07-02 08:52 - 2021-01-19 17:43 - 000000000 ____D C:\Users\moond\AppData\Roaming\Adobe
2021-06-28 08:23 - 2021-01-23 08:53 - 000000000 ____D C:\Users\moond\Desktop\Church Business
2021-06-26 07:26 - 2021-06-17 12:04 - 018062360 _____ C:\Users\moond\Desktop\head work.psd
2021-06-25 14:50 - 2019-12-07 05:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-06-25 14:49 - 2021-01-20 11:28 - 000851192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-06-25 14:49 - 2021-01-20 11:28 - 000524400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-06-25 14:49 - 2021-01-20 11:28 - 000471920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-06-25 14:49 - 2021-01-20 11:28 - 000366616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-06-25 14:49 - 2021-01-20 11:28 - 000327536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-06-25 14:49 - 2021-01-20 11:28 - 000250392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-06-25 14:49 - 2021-01-20 11:28 - 000216928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-06-25 14:49 - 2021-01-20 11:28 - 000182600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-06-25 14:49 - 2021-01-20 11:28 - 000107848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-06-25 14:49 - 2021-01-20 11:28 - 000099352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-06-25 14:49 - 2021-01-20 11:28 - 000082912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-06-25 14:49 - 2021-01-20 11:28 - 000041352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-06-25 14:49 - 2021-01-20 11:28 - 000035720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
==================== Files in the root of some directories ========
2021-04-20 18:43 - 2021-07-21 14:10 - 000000132 _____ () C:\Users\moond\AppData\Roaming\Adobe PNG Format CS6 Prefs
2021-01-21 17:35 - 2021-02-04 20:21 - 000099384 _____ () C:\Users\moond\AppData\Roaming\inst.exe
2021-01-21 17:35 - 2021-02-04 20:21 - 000007859 _____ () C:\Users\moond\AppData\Roaming\pcouffin.cat
2021-01-21 17:35 - 2021-02-04 20:21 - 000001167 _____ () C:\Users\moond\AppData\Roaming\pcouffin.inf
2021-01-21 17:35 - 2021-02-04 20:21 - 000000055 _____ () C:\Users\moond\AppData\Roaming\pcouffin.log
2021-01-21 17:35 - 2021-02-04 20:21 - 000082816 _____ (VSO Software) C:\Users\moond\AppData\Roaming\pcouffin.sys
2021-04-19 21:32 - 2021-07-08 07:22 - 000001456 _____ () C:\Users\moond\AppData\Local\Adobe Save for Web 13.0 Prefs
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-07-2021 01
Ran by moond (23-07-2021 08:00:27)
Running from C:\Users\moond\Desktop\Virus Checking
Windows 10 Home Version 20H2 19042.1110 (X64) (2020-09-27 14:02:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1336835431-166869274-4150396170-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1336835431-166869274-4150396170-503 - Limited - Disabled)
Guest (S-1-5-21-1336835431-166869274-4150396170-501 - Limited - Disabled)
moond (S-1-5-21-1336835431-166869274-4150396170-1001 - Administrator - Enabled) => C:\Users\moond
WDAGUtilityAccount (S-1-5-21-1336835431-166869274-4150396170-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
AOMEI Partition Assistant 9.1 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI International Network Limited.)
Aslain's WoT Modpack version 1.13.0.1.00 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 1.13.0.1.00 - Aslain)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.5.2470 - Avast Software)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 91.1.26.77 - Brave Software Inc)
calibre 64bit (HKLM\...\{6DB760DC-BEC5-4727-AA50-722D2881725E}) (Version: 5.9.0 - Kovid Goyal)
Discord (HKU\S-1-5-21-1336835431-166869274-4150396170-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.71 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1336835431-166869274-4150396170-1001\...\OneDriveSetup.exe) (Version: 21.119.0613.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
NVIDIA Graphics Driver 457.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.63 - NVIDIA Corporation)
OpenOffice 4.1.8 (HKLM-x32\...\{963FD672-F116-4AE3-AE25-84B576E610A7}) (Version: 4.18.9803 - Apache Software Foundation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.2.0.39 - VSO Software)
Wargaming.net Game Center (HKU\S-1-5-21-1336835431-166869274-4150396170-1001\...\Wargaming.net Game Center) (Version: 21.4.0.5527 - Wargaming.net)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
World of Tanks NA (HKU\S-1-5-21-1336835431-166869274-4150396170-1001\...\WOT.NA.PRODUCTION) (Version: - Wargaming.net)
World_of_Warships (HKU\S-1-5-21-1336835431-166869274-4150396170-1001\...\WOWS.WW.PRODUCTION) (Version: - Wargaming.net)
Packages:
=========
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2021-01-19] (Advanced Micro Devices Inc.)
DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.10.9.0_x64__t5j2fzbtdg37r [2021-07-01] (DTS, Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6 [2021-07-23] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-20] (Microsoft Studios) [MS Ad]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.16.0_x64__qmba6cd70vzyy [2021-07-14] (ASUSTeK COMPUTER INC.)
NFO Viewer -> C:\Program Files\WindowsApps\5480BrunoGiordano.NFOViewer_1.0.1.1_neutral__xzarbek87fvdr [2021-01-21] (Bruno Giordano)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-26] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.249.0_x64__dt26b99r8h8gj [2021-06-20] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0 [2021-07-23] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-06-25] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-06-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-06-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-06-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_21f432cacc7a9a01\nvshext.dll [2021-01-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-06-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2012-03-09 16:26 - 2012-03-09 16:26 - 000100352 _____ () [File not signed] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll
2012-03-15 02:11 - 2013-01-02 23:39 - 002249352 _____ (Adobe Systems Incorporated -> Adobe Systems, Incorporated) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll
2012-03-15 02:40 - 2012-03-15 02:40 - 000041984 _____ (Adobe Systems, Incorporated) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Required\Plug-Ins\Extensions\FastCore.8BX
2012-03-15 02:41 - 2012-03-15 02:41 - 000284672 _____ (Adobe Systems, Incorporated) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Required\Plug-Ins\Extensions\MMXCore.8BX
2012-03-15 02:32 - 2012-03-15 02:32 - 000596480 _____ (Adobe Systems, Incorporated) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Required\Plug-Ins\Extensions\MultiProcessor Support.8BX
2021-06-20 07:51 - 2021-06-20 07:52 - 000187392 _____ (Fortemedia) [File not signed] C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.249.0_x64__dt26b99r8h8gj\FMAPOCTL.dll
2012-03-15 02:06 - 2012-03-15 02:06 - 002923008 _____ (Intel Corporation) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\libmmd.dll
2021-01-19 17:42 - 2021-01-19 17:42 - 000023040 _____ (Synaptics Incorporated.) [File not signed] C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.249.0_x64__dt26b99r8h8gj\SynAudSrvDll.dll
2012-03-09 16:26 - 2012-03-09 16:26 - 000249344 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libcurl.dll
2012-03-09 16:26 - 2012-03-09 16:26 - 001106944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\LIBEAY32.dll
2012-03-09 16:26 - 2012-03-09 16:26 - 000237056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKU\S-1-5-21-1336835431-166869274-4150396170-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 05:14 - 2019-12-07 05:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1336835431-166869274-4150396170-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{21991367-46A6-4996-AB19-A332DA8FF6F9}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{ECE68012-151A-4C66-BD1B-9BAA17D5FF04}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{07A24EDE-913A-49E2-ADA8-905C2F840074}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [UDP Query User{207C7886-A052-47A1-B5FA-E21933F948D2}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{D7CC9ADE-2176-4C8A-A415-033ED4D76A09}C:\games\world_of_tanks_na\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_na\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{11D864D6-894E-441C-971C-5C8CF290199F}C:\games\world_of_tanks_na\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_na\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{4BDADAE3-46A2-4717-BF20-EB5E416EA67E}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe (Adobe Systems Incorporated -> )
FirewallRules: [{E9E8FDE0-F76A-459A-855B-D089568A476A}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe (Adobe Systems Incorporated -> )
FirewallRules: [{49CC1B4E-E589-4DAB-BC08-23259290767A}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{9BDF0B1D-94E6-431B-97E0-3318C4D12F09}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe => No File
FirewallRules: [UDP Query User{E1C2A2DF-5A44-4890-BBA3-D77E49A2570D}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe => No File
FirewallRules: [TCP Query User{4603173A-AC86-47AD-A700-35EC624C30B0}C:\games\world_of_tanks_na\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_na\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{E9184F50-F763-444E-BC70-C3436CACDB4B}C:\games\world_of_tanks_na\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_na\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{74D9A269-086E-4191-B6BA-CE1854D4A85B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D524098E-69E4-4FD8-9463-854CE9ACF8F2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{21AF1AAA-6EAE-46D3-9144-18F0DADBFF73}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A0D0E0AB-B2B0-4C02-8F3D-B6388A8AC7A9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A4EDD4B8-B8AF-44E9-9E30-FC58BA2F9118}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{3A40AA1A-9F21-436C-BF8F-AD67FC48032D}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{EB93E258-67B2-465F-A9E2-8220B0C70D55}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{5CB8B6CF-29BB-43BD-85A8-52E1FDF2C325}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{21265F1A-27D1-425A-B404-0E95ABD11E4E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{89BCFAE7-A2D7-4ABD-B82F-466D2E504B1E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B92F7B88-13AD-415B-BA9C-0A3B7E77E8D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{52DF629F-AE4F-4813-B1A6-3E378F7F7045}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B7D967E2-AC99-4664-B5B5-58601360D422}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BACA22A7-DEB6-4CA9-835F-8262C1D316A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0997998C-890B-484E-BE50-52B4A5F70476}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{840ED4D8-85AE-4319-927C-A7FE9BCEA148}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
15-07-2021 15:49:51 Windows Modules Installer
17-07-2021 20:51:12 Windows Modules Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/23/2021 07:20:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program soffice.bin version 4.0.9803.500 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 4fbc
Start Time: 01d77efd573a5604
Termination Time: 16
Application Path: C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
Report Id: 0badca3b-1ef3-4553-b16d-44852cd0eab5
Faulting package full name:
Faulting package-relative application ID:
Hang type: Cross-process
Error: (07/22/2021 08:20:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AsusSystemAnalysis.exe, version: 2.1.8.0, time stamp: 0x60d8a223
Faulting module name: AsusWinIo64.dll, version: 1.0.14.0, time stamp: 0x60d8a243
Exception code: 0xc0000005
Fault offset: 0x000000000000c243
Faulting process id: 0x2638
Faulting application start time: 0x01d77f587a99fe93
Faulting application path: C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe
Faulting module path: C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusWinIo64.dll
Report Id: 696ec5d5-4928-406e-b10c-b0a52356ed85
Faulting package full name:
Faulting package-relative application ID:
Error: (07/22/2021 08:15:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AsusSystemAnalysis.exe, version: 2.1.8.0, time stamp: 0x60d8a223
Faulting module name: AsusWinIo64.dll, version: 1.0.14.0, time stamp: 0x60d8a243
Exception code: 0xc0000005
Fault offset: 0x000000000000c243
Faulting process id: 0x47cc
Faulting application start time: 0x01d77f57c7c7e1b5
Faulting application path: C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe
Faulting module path: C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusWinIo64.dll
Report Id: 5da0d332-4622-44b0-baf6-9d01c830ee39
Faulting package full name:
Faulting package-relative application ID:
Error: (07/22/2021 08:10:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AsusSystemAnalysis.exe, version: 2.1.8.0, time stamp: 0x60d8a223
Faulting module name: AsusWinIo64.dll, version: 1.0.14.0, time stamp: 0x60d8a243
Exception code: 0xc0000005
Fault offset: 0x000000000000c243
Faulting process id: 0x5214
Faulting application start time: 0x01d77f5714f63960
Faulting application path: C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe
Faulting module path: C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusWinIo64.dll
Report Id: df8627ca-cd4b-4846-8964-3653f1d83458
Faulting package full name:
Faulting package-relative application ID:
Error: (07/22/2021 08:05:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AsusSystemAnalysis.exe, version: 2.1.8.0, time stamp: 0x60d8a223
Faulting module name: AsusWinIo64.dll, version: 1.0.14.0, time stamp: 0x60d8a243
Exception code: 0xc0000005
Fault offset: 0x000000000000c243
Faulting process id: 0x2110
Faulting application start time: 0x01d77f56621f712f
Faulting application path: C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe
Faulting module path: C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusWinIo64.dll
Report Id: a316c619-ea26-4af0-8ec8-203f6d31bd71
Faulting package full name:
Faulting package-relative application ID:
Error: (07/22/2021 08:00:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AsusSystemAnalysis.exe, version: 2.1.8.0, time stamp: 0x60d8a223
Faulting module name: AsusWinIo64.dll, version: 1.0.14.0, time stamp: 0x60d8a243
Exception code: 0xc0000005
Fault offset: 0x000000000000c243
Faulting process id: 0x3c8c
Faulting application start time: 0x01d77f55af55721d
Faulting application path: C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe
Faulting module path: C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusWinIo64.dll
Report Id: 6ae33a1c-7297-4fc3-be6f-ad85f89bf500
Faulting package full name:
Faulting package-relative application ID:
Error: (07/22/2021 07:55:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AsusSystemAnalysis.exe, version: 2.1.8.0, time stamp: 0x60d8a223
Faulting module name: AsusWinIo64.dll, version: 1.0.14.0, time stamp: 0x60d8a243
Exception code: 0xc0000005
Fault offset: 0x000000000000c243
Faulting process id: 0x5110
Faulting application start time: 0x01d77f54fc805943
Faulting application path: C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe
Faulting module path: C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusWinIo64.dll
Report Id: 9fddda42-e6e5-4db3-a15c-b1a69660803a
Faulting package full name:
Faulting package-relative application ID:
Error: (07/22/2021 07:50:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AsusSystemAnalysis.exe, version: 2.1.8.0, time stamp: 0x60d8a223
Faulting module name: AsusWinIo64.dll, version: 1.0.14.0, time stamp: 0x60d8a243
Exception code: 0xc0000005
Fault offset: 0x000000000000c243
Faulting process id: 0x306c
Faulting application start time: 0x01d77f5449ae4198
Faulting application path: C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe
Faulting module path: C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusWinIo64.dll
Report Id: 33e3c23e-7b47-4d8f-8387-572e6be49c12
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (07/23/2021 07:56:10 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume Z:.
The exact nature of the corruption is unknown. The file system structures need to be scanned online.
Error: (07/23/2021 07:56:10 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: Z:\Device\HarddiskVolume163
Error: (07/23/2021 07:56:09 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume Z:.
The exact nature of the corruption is unknown. The file system structures need to be scanned and fixed offline.
Error: (07/23/2021 07:29:23 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume Z:.
The exact nature of the corruption is unknown. The file system structures need to be scanned online.
Error: (07/23/2021 07:29:23 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: Z:\Device\HarddiskVolume143
Error: (07/23/2021 05:26:57 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-906HTT3)
Description: The server {D0582E3B-3126-4CAA-9155-AC37C912A489} did not register with DCOM within the required timeout.
Error: (07/23/2021 05:25:01 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume Z:.
The exact nature of the corruption is unknown. The file system structures need to be scanned online.
Error: (07/23/2021 05:25:01 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: Z:\Device\HarddiskVolume123
Windows Defender:
================
Date: 2021-01-19 17:39:11
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-01-19 17:32:18
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-01-19 17:09:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-01-19 18:45:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.25.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80240009
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===============
Date: 2021-07-23 05:40:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2021-07-23 05:25:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. FA706IH.316 03/12/2021
Motherboard: ASUSTeK COMPUTER INC. FA706IH
Processor: AMD Ryzen 7 4800H with Radeon Graphics
Percentage of memory in use: 33%
Total physical RAM: 32175.24 MB
Available physical RAM: 21469.2 MB
Total Virtual: 37039.24 MB
Available Virtual: 22215.02 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:953.27 GB) (Free:749.89 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:733.35 GB) NTFS
Drive g: (HP P600) (CDROM) (Total:0.05 GB) (Free:0 GB) CDFS
Drive z: (Lennee) (Fixed) (Total:952.84 GB) (Free:937.94 GB) NTFS
\\?\Volume{b03fb79a-5a13-4c8e-9bf6-b5ad784a4ea1}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{e9f0f7ff-9bc8-11eb-a249-d8c0a623d848}\ () (Fixed) (Total:0.93 GB) (Free:0.93 GB) FAT
\\?\Volume{c6c9306c-e9f4-4f2f-9892-c9f4cf92d8e0}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 04A1E3A2)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Size: 953.8 GB) (Disk ID: 701B06D1)
Partition: GPT.
==================== End of Addition.txt =======================