FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2021-04-19] [Legacy] [not signed] FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Brave: ======= BRA Profile: C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-07-23] BRA Notifications: Default -> hxxps://services.hughesnet.com; hxxps://www.elcorreo.com BRA NewTab: Default -> Not-active:"chrome-extension://dchlgjjknnfihkdbkknkhdkneiajdboe/newtab/index.html" BRA DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}&t=brave BRA DefaultSearchKeyword: Default -> :d BRA DefaultSuggestURL: Default -> hxxps://ac.duckduckgo.com/ac/?q={searchTerms}&type=list BRA Session Restore: Default -> is enabled. BRA Extension: (Google Translate) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-03-03] BRA Extension: (Sci-Fi Art New Tab) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dchlgjjknnfihkdbkknkhdkneiajdboe [2021-02-02] BRA Extension: (Avast Passwords) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2021-01-20] BRA Extension: (Online coupon tool: Add to Chrome for free) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2021-07-18] BRA Extension: (Brave Local Data Files Updater) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-01-29] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-07-23] BRA Extension: (Brave NTP sponsored images) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2021-07-23] BRA Extension: (Brave SpeedReader Updater) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-07-01] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-07-21] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ArmouryCrateControlInterface; C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe [889248 2020-12-17] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) R2 ASUSLinkNear; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNear.exe [1290880 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) R2 ASUSLinkNearExt; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNearExt.exe [142464 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) R2 ASUSLinkRemote; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkRemote\AsusLinkRemote.exe [793752 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusOptimization.exe [336528 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSoftwareManager\AsusSoftwareManager.exe [945296 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2560144 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [885680 2021-07-11] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8249936 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [625432 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [373528 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-01-20] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-01-20] (Brave Software, Inc. -> BraveSoftware Inc.) R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [201376 2020-10-19] (DTS, Inc. -> DTS Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-09] (HP Inc. -> HP Inc.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed] S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-01-19] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-01-19] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_21f432cacc7a9a01\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_21f432cacc7a9a01\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [112336 2019-10-02] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.) R1 ASUSSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\ASUSSAIO.sys [39056 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35720 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [216928 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [366616 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250392 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99352 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [17328 2021-05-20] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41352 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [182600 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [524400 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107848 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82912 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851192 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [471920 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215384 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [327536 2021-06-25] (Avast Software s.r.o. -> AVAST Software) R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\atkwmiacpi64.sys [44680 2021-07-11] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed] S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-01-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429296 2021-01-19] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2021-01-19] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-07-23 07:58 - 2021-07-23 07:59 - 000000000 ____D C:\FRST 2021-07-23 07:57 - 2021-07-23 07:59 - 000000000 ____D C:\Users\moond\Desktop\Virus Checking 2021-07-23 07:43 - 2021-07-23 07:44 - 000000000 ____D C:\Users\moond\Desktop\downloaded stuff 2021-07-23 07:20 - 2021-07-23 07:20 - 000000118 ____H C:\Users\moond\Downloads\.~lock.Week#8 Data.xlsx# 2021-07-22 11:12 - 2020-12-07 15:30 - 007545438 _____ C:\Users\moond\Desktop\Hawg_FlagsLib.wotmod 2021-07-22 11:00 - 2020-08-04 16:04 - 102213533 _____ C:\Users\moond\Desktop\CWW-P.43-ter-Comprovato-Remodel.wotmod 2021-07-22 11:00 - 2019-12-29 18:12 - 000047374 _____ C:\Users\moond\Desktop\CWW-P.43-ter-Comprovato-Remodel-Icons.wotmod 2021-07-17 20:54 - 2021-07-17 20:54 - 001823280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2021-07-17 20:54 - 2021-07-17 20:54 - 000011357 _____ C:\Windows\system32\DrtmAuthTxt.wim 2021-07-17 20:54 - 2021-07-17 20:54 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb 2021-07-17 20:54 - 2021-07-17 20:54 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb 2021-07-17 20:54 - 2021-07-17 20:54 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rendezvousSession.tlb 2021-07-17 20:54 - 2021-07-17 20:54 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\rendezvousSession.tlb 2021-07-17 17:46 - 2021-07-17 17:46 - 199967261 _____ C:\Users\moond\Desktop\IoW_Great_Push_Battle_of_the_Somme_1916.pdf 2021-07-14 10:22 - 2021-07-14 10:22 - 001238072 _____ C:\Users\moond\Desktop\statement (1).pdf 2021-07-14 10:19 - 2021-07-14 10:19 - 001238364 _____ C:\Users\moond\Desktop\statement.pdf 2021-07-13 21:29 - 2021-07-13 21:29 - 000000342 _____ C:\Users\moond\Desktop\[EBS] Jack Webber - Destination Mars 2[ebooks-shares.org].torrent 2021-07-12 12:19 - 2021-07-12 12:20 - 044598853 _____ C:\Users\moond\Desktop\AGleamofBayonets.pdf 2021-07-08 09:39 - 2021-07-08 09:39 - 002371072 _____ C:\Windows\system32\rdpnano.dll 2021-07-08 09:39 - 2021-07-08 09:39 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll 2021-07-08 09:39 - 2021-07-08 09:39 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2021-07-08 09:39 - 2021-07-08 09:39 - 001314128 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2021-07-08 09:39 - 2021-07-08 09:39 - 000570880 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2021-07-08 09:39 - 2021-07-08 09:39 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2021-07-08 09:39 - 2021-07-08 09:39 - 000097792 _____ C:\Windows\system32\Drivers\cimfs.sys 2021-07-08 09:39 - 2021-07-08 09:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl 2021-07-08 09:39 - 2021-07-08 09:39 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl 2021-07-08 09:39 - 2021-07-08 09:39 - 000060928 _____ C:\Windows\system32\runexehelper.exe 2021-07-08 07:28 - 2021-07-08 07:29 - 002010427 _____ C:\Users\moond\Desktop\shirt front idea.psd 2021-07-07 09:19 - 2021-07-07 10:11 - 000090769 _____ C:\Users\moond\Desktop\butterfly.jpeg 2021-07-06 16:24 - 2021-07-07 08:42 - 000350604 _____ C:\Users\moond\Desktop\stencil-style-new.zip 2021-07-06 16:04 - 2021-07-12 16:33 - 000000000 ____D C:\Users\moond\Desktop\sigs and avs 2021-07-06 11:24 - 2021-07-06 11:30 - 000000000 ____D C:\Users\moond\Desktop\Grandma's old pc 2021-07-06 11:08 - 2021-07-06 16:05 - 000000000 ____D C:\Users\moond\Desktop\Mark's Temp from Mom's gateway 2021-07-02 16:47 - 2021-07-02 16:47 - 152922777 _____ C:\Users\moond\Desktop\Aircraft_of_World_War_II.pdf 2021-07-02 08:55 - 2021-07-02 08:55 - 000000000 ____D C:\Users\moond\Desktop\downloaded books 2021-07-02 08:52 - 2021-07-02 08:52 - 000000000 ____D C:\Users\moond\Documents\Adobe 2021-07-01 07:33 - 2021-07-01 07:33 - 000454795 _____ C:\Users\moond\Desktop\butterfly work.psd 2021-07-01 07:32 - 2021-04-19 22:52 - 000018816 _____ C:\Windows\system32\RtEventLog.dll 2021-07-01 07:32 - 2021-04-19 22:42 - 045530813 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2021-06-26 08:24 - 2021-06-26 08:24 - 000046012 _____ C:\Users\moond\Desktop\ArmesMilitaria000-Index.odt 2021-06-26 07:25 - 2021-07-01 07:33 - 002271075 _____ C:\Users\moond\Desktop\butterflies.psd 2021-06-26 07:25 - 2021-06-26 07:25 - 001082811 _____ C:\Users\moond\Desktop\head work 2.psd 2021-06-26 07:25 - 2021-06-26 07:25 - 000954155 _____ C:\Users\moond\Desktop\head work 3.psd 2021-06-25 14:50 - 2021-06-25 14:49 - 000339736 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2021-06-25 14:50 - 2021-06-25 14:49 - 000215384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2021-06-23 12:30 - 2021-06-23 12:33 - 000000000 ____D C:\Users\moond\Desktop\memes ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-07-23 07:31 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-07-23 07:26 - 2021-01-20 23:30 - 000000000 ____D C:\Users\moond\Calibre Library 2021-07-23 07:09 - 2021-01-26 10:58 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 2021-07-23 07:02 - 2020-09-27 10:50 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-07-23 05:46 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-07-23 05:46 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\AppReadiness 2021-07-23 05:28 - 2021-05-04 12:07 - 000004166 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{F72DE0B7-2B4B-4E73-8B7D-3F2978127DCD} 2021-07-22 18:32 - 2021-01-20 11:04 - 000000000 ____D C:\Users\moond\AppData\Roaming\TS3Client 2021-07-22 11:59 - 2021-01-20 12:28 - 000000000 ____D C:\Users\moond\AppData\Roaming\vlc 2021-07-22 11:17 - 2021-03-21 08:02 - 000000000 ____D C:\Users\moond\AppData\Local\ElevatedDiagnostics 2021-07-21 15:30 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\LiveKernelReports 2021-07-21 14:10 - 2021-04-20 18:43 - 000000132 _____ C:\Users\moond\AppData\Roaming\Adobe PNG Format CS6 Prefs 2021-07-21 13:47 - 2021-01-20 11:28 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software 2021-07-21 13:47 - 2021-01-20 10:07 - 000003366 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA 2021-07-21 13:47 - 2021-01-20 10:07 - 000003142 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore 2021-07-21 13:47 - 2021-01-19 17:44 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1336835431-166869274-4150396170-1001 2021-07-21 13:47 - 2021-01-19 17:42 - 000002452 _____ C:\Windows\system32\Tasks\RtkAudUService64_BG 2021-07-21 13:47 - 2021-01-19 17:39 - 000003116 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0 2021-07-21 13:47 - 2021-01-19 17:39 - 000003042 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3 2021-07-21 13:47 - 2020-09-27 10:53 - 000003408 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-07-21 13:47 - 2020-09-27 10:53 - 000003184 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-07-21 13:47 - 2020-09-27 10:00 - 000002854 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1336835431-166869274-4150396170-500 2021-07-21 09:17 - 2020-09-27 10:53 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-07-21 09:16 - 2021-01-20 11:28 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2021-07-18 13:53 - 2021-01-19 17:43 - 000000000 ____D C:\Users\moond\AppData\Local\D3DSCache 2021-07-18 07:52 - 2021-03-09 11:45 - 000000000 ____D C:\Users\moond\AppData\Roaming\discord 2021-07-18 07:12 - 2021-03-09 11:45 - 000000000 ____D C:\Users\moond\AppData\Local\Discord 2021-07-18 00:18 - 2020-09-27 10:06 - 000004460 _____ C:\Windows\system32\PerfStringBackup.INI 2021-07-18 00:12 - 2021-01-20 10:59 - 000000000 ____D C:\ProgramData\NVIDIA 2021-07-18 00:12 - 2021-01-19 17:44 - 000000000 ___RD C:\Users\moond\OneDrive 2021-07-18 00:12 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ServiceState 2021-07-18 00:12 - 2019-12-07 05:13 - 000000000 ____D C:\Windows\INF 2021-07-18 00:11 - 2021-01-20 11:26 - 000000000 ____D C:\ProgramData\Avast Software 2021-07-18 00:11 - 2020-09-27 10:50 - 004982080 _____ C:\Windows\system32\FNTCACHE.DAT 2021-07-18 00:11 - 2020-09-27 10:50 - 000008192 ___SH C:\DumpStack.log.tmp 2021-07-18 00:11 - 2020-09-27 10:50 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-07-18 00:11 - 2019-12-07 05:03 - 000786432 _____ C:\Windows\system32\config\BBI 2021-07-18 00:10 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SystemResources 2021-07-18 00:10 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2021-07-18 00:10 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\bcastdvr 2021-07-18 00:10 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-07-17 20:55 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\CbsTemp 2021-07-17 07:43 - 2021-01-20 10:08 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2021-07-15 15:49 - 2021-01-23 08:22 - 000000000 ____D C:\Windows\system32\MRT 2021-07-15 15:48 - 2021-01-23 08:22 - 133422552 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-07-09 17:41 - 2021-01-19 17:39 - 000000000 ____D C:\Users\moond 2021-07-09 14:17 - 2021-01-19 17:39 - 000002379 _____ C:\Users\moond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-07-08 09:46 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-07-08 09:46 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2021-07-08 09:46 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2021-07-08 09:46 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-07-08 09:46 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\setup 2021-07-08 09:46 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\oobe 2021-07-08 09:46 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\Dism 2021-07-08 09:46 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\Provisioning 2021-07-08 07:22 - 2021-04-19 21:32 - 000001456 _____ C:\Users\moond\AppData\Local\Adobe Save for Web 13.0 Prefs 2021-07-02 08:53 - 2021-04-20 16:34 - 000000000 ____D C:\Users\moond\Desktop\cup work 2021-07-02 08:52 - 2021-01-19 17:43 - 000000000 ____D C:\Users\moond\AppData\Roaming\Adobe 2021-06-28 08:23 - 2021-01-23 08:53 - 000000000 ____D C:\Users\moond\Desktop\Church Business 2021-06-26 07:26 - 2021-06-17 12:04 - 018062360 _____ C:\Users\moond\Desktop\head work.psd 2021-06-25 14:50 - 2019-12-07 05:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2021-06-25 14:49 - 2021-01-20 11:28 - 000851192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2021-06-25 14:49 - 2021-01-20 11:28 - 000524400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys 2021-06-25 14:49 - 2021-01-20 11:28 - 000471920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2021-06-25 14:49 - 2021-01-20 11:28 - 000366616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys 2021-06-25 14:49 - 2021-01-20 11:28 - 000327536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2021-06-25 14:49 - 2021-01-20 11:28 - 000250392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2021-06-25 14:49 - 2021-01-20 11:28 - 000216928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2021-06-25 14:49 - 2021-01-20 11:28 - 000182600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2021-06-25 14:49 - 2021-01-20 11:28 - 000107848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2021-06-25 14:49 - 2021-01-20 11:28 - 000099352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2021-06-25 14:49 - 2021-01-20 11:28 - 000082912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2021-06-25 14:49 - 2021-01-20 11:28 - 000041352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2021-06-25 14:49 - 2021-01-20 11:28 - 000035720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys ==================== Files in the root of some directories ======== 2021-04-20 18:43 - 2021-07-21 14:10 - 000000132 _____ () C:\Users\moond\AppData\Roaming\Adobe PNG Format CS6 Prefs 2021-01-21 17:35 - 2021-02-04 20:21 - 000099384 _____ () C:\Users\moond\AppData\Roaming\inst.exe 2021-01-21 17:35 - 2021-02-04 20:21 - 000007859 _____ () C:\Users\moond\AppData\Roaming\pcouffin.cat 2021-01-21 17:35 - 2021-02-04 20:21 - 000001167 _____ () C:\Users\moond\AppData\Roaming\pcouffin.inf 2021-01-21 17:35 - 2021-02-04 20:21 - 000000055 _____ () C:\Users\moond\AppData\Roaming\pcouffin.log 2021-01-21 17:35 - 2021-02-04 20:21 - 000082816 _____ (VSO Software) C:\Users\moond\AppData\Roaming\pcouffin.sys 2021-04-19 21:32 - 2021-07-08 07:22 - 000001456 _____ () C:\Users\moond\AppData\Local\Adobe Save for Web 13.0 Prefs ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================