FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-08-2021
Ran by moond (administrator) on DESKTOP-906HTT3 (ASUSTeK COMPUTER INC. ASUS TUF Gaming A17 FA706IH_TUF706IH) (09-08-2021 12:34:56)
Running from C:\Users\moond\Desktop\Virus Checking
Loaded Profiles: moond
Platform: Windows 10 Home Version 21H1 19043.1110 (X64) Language: English (United States)
Default browser: Brave
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepositoryͧ465.inf_amd64_f448bc468601f23f\B367478\atiesrxx.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkRemote\AsusLinkRemote.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNear.exe
(ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNearExt.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusOptimization.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusOptimizationStartupTask.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusOSD.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSoftwareManager\AsusSoftwareManager.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateKeyControl.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <18>
(DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\moond\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_21f432cacc7a9a01\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7634c653537a72fc\RtkAudUService64.exe <2>
(Wargaming.net Limited -> Wargaming.net) C:\Games\World_of_Tanks_NA\win64\cef_browser_process.exe
(Wargaming.net Limited -> Wargaming.net) C:\Games\World_of_Tanks_NA\win64\WargamingErrorMonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\Games\World_of_Tanks_NA\win64\WorldOfTanks.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [123672 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKU\S-1-5-21-1336835431-166869274-4150396170-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2147264 2021-08-04] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-1336835431-166869274-4150396170-1001\...\Run: [Discord] => C:\Users\moond\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1336835431-166869274-4150396170-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe [2252744 2021-08-05] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [53656 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\92.1.27.111\Installer\chrmstp.exe [2021-08-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0610B03E-8B5C-4BFC-9CC4-414911CF7FFF} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-09] (HP Inc. -> HP Inc.)
Task: {0F463DBF-399F-421F-952F-3C84337F674B} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {24DF75F9-42CE-42D1-AACD-784F10D2E9C0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {37F38DEA-E744-4346-9A20-9E7598A99820} - System32\Tasks\Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9 => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {572292CC-69ED-4020-A3B4-ADDDF757543E} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-01-20] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {612BA602-6D05-4D29-8E84-8E75FB8AEE13} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7634c653537a72fc\RtkAudUService64.exe [1257832 2021-04-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {7C95D745-B6E4-428A-A33A-68382EFF1395} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-01-20] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {91421DF6-313B-411D-BB8B-AE80D16091F4} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusHotkeyExec.exe [233624 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {938B78C9-7412-4BE5-9B2E-D7CEF2427B7D} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4902680 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
Task: {952B2BBC-A253-450C-A28B-1AF16FD339FC} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSoftwareManager\AsusUpdateChecker.exe [771200 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {AB501AC0-2DBC-4983-BCB0-D5E2FE29F054} - System32\Tasks\Microsoft\Windows\PLA\AsusLinkNear => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {AE7F71B1-E947-4BBA-A85E-3B789DB1C73E} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2560144 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B1878CD6-9F02-4923-B022-2894D26D5018} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {E8A32AD5-5F51-4BC2-97A8-20CE78B57FD3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-21] (Mozilla Corporation -> Mozilla Foundation)
Task: {FA8D69C7-2FD2-4530-BC17-4169781B22A0} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-09] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ff704ab9-ca65-41fd-bbea-1464328e86fb}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\moond\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-09]
FireFox:
========
FF DefaultProfile: 5r1le8jy.default
FF ProfilePath: C:\Users\moond\AppData\Roaming\Mozilla\Firefox\Profiles\5r1le8jy.default [2021-08-05]
FF ProfilePath: C:\Users\moond\AppData\Roaming\Mozilla\Firefox\Profiles\ha90f5gz.default-release [2021-08-06]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2021-04-19] [Legacy] [not signed]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Brave:
=======
BRA Profile: C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-08-09]
BRA Notifications: Default -> hxxps://services.hughesnet.com; hxxps://www.elcorreo.com
BRA NewTab: Default -> Not-active:"chrome-extension://dchlgjjknnfihkdbkknkhdkneiajdboe/newtab/index.html"
BRA DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}&t=brave
BRA DefaultSearchKeyword: Default ->
BRA DefaultSuggestURL: Default -> hxxps://ac.duckduckgo.com/ac/?q={searchTerms}&type=list
BRA Session Restore: Default -> is enabled.
BRA Extension: (Google Translate) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-03-03]
BRA Extension: (Sci-Fi Art New Tab) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dchlgjjknnfihkdbkknkhdkneiajdboe [2021-02-02]
BRA Extension: (Adobe Acrobat) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-08-09]
BRA Extension: (Avast Passwords) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2021-01-20]
BRA Extension: (Capital One Shopping: Add to Chrome for Free) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2021-08-08]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-07-29]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-08-09]
BRA Extension: (Brave NTP sponsored images) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2021-08-09]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-07-01]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\moond\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-08-08]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 ArmouryCrateControlInterface; C:\WINDOWS\System32\ASUSACCI\ArmouryCrateControlInterface.exe [889248 2020-12-17] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNear.exe [1290880 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkNearExt; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNearExt.exe [142464 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkRemote\AsusLinkRemote.exe [793752 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusOptimization.exe [336528 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSoftwareManager\AsusSoftwareManager.exe [945296 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2560144 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [885680 2021-07-11] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8262736 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [627480 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [374552 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-01-20] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-01-20] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [201376 2020-10-19] (DTS, Inc. -> DTS Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-09] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-08-02] (Malwarebytes Inc -> Malwarebytes)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_21f432cacc7a9a01\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_21f432cacc7a9a01\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [112336 2019-10-02] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ASUSSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\ASUSSAIO.sys [39056 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [218976 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367640 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-07-28] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184648 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559816 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108408 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471920 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-07-28] (Avast Software s.r.o. -> AVAST Software)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\atkwmiacpi64.sys [44680 2021-07-11] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-08-02] (Malwarebytes Inc -> Malwarebytes)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-08-09] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-08-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-08-09] (Malwarebytes Inc -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-01-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2021-01-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-01-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-08-09 12:29 - 2021-08-09 12:29 - 000000000 ____D C:\Users\moond\AppData\LocalLow\IGDump
2021-08-09 12:12 - 2021-08-09 12:12 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-08-09 12:12 - 2021-08-09 12:12 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-08-09 12:12 - 2021-08-09 12:12 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-08-09 08:49 - 2021-08-09 08:49 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-09 08:49 - 2021-08-09 08:49 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-09 08:49 - 2021-08-09 08:49 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-08-09 08:49 - 2021-08-09 08:49 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-08-09 08:49 - 2021-08-09 08:49 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-08-09 08:49 - 2021-08-09 08:49 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-08-09 08:49 - 2021-08-09 08:49 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-08-09 08:49 - 2021-08-09 08:49 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-08-09 08:49 - 2021-08-09 08:49 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-08-09 08:49 - 2021-08-09 08:49 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-08-09 08:49 - 2021-08-09 08:49 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-08-09 08:49 - 2021-08-09 08:49 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-08-09 08:49 - 2021-08-09 08:49 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-08-09 08:49 - 2021-08-09 08:49 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-08-09 08:49 - 2021-08-09 08:49 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-08-09 08:49 - 2021-08-09 08:49 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-08-09 08:49 - 2021-08-09 08:49 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-09 08:49 - 2021-08-09 08:49 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-08-09 08:49 - 2021-08-09 08:49 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-08-09 08:49 - 2021-08-09 08:49 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-08-09 08:49 - 2021-08-09 08:49 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-08-09 08:48 - 2021-08-09 08:48 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-08-09 08:48 - 2021-08-09 08:48 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-08-09 08:48 - 2021-08-09 08:48 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-09 08:48 - 2021-08-09 08:48 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-09 08:48 - 2021-08-09 08:48 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-08-09 08:48 - 2021-08-09 08:48 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-08-09 08:48 - 2021-08-09 08:48 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-08-09 08:48 - 2021-08-09 08:48 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-08-09 08:48 - 2021-08-09 08:48 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-08-09 08:48 - 2021-08-09 08:48 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-08-09 08:48 - 2021-08-09 08:48 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-08-09 02:05 - 2021-08-08 22:14 - 000000000 ____D C:\Windows.old
2021-08-08 22:39 - 2021-08-08 22:41 - 019444171 _____ C:\Users\moond\Downloads\Tapio Saarelainen - The White Sniper.pdf
2021-08-08 22:21 - 2021-08-08 22:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-08-08 22:20 - 2021-08-08 22:20 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-08-08 22:19 - 2021-08-08 22:19 - 000000020 ___SH C:\Users\moond\ntuser.ini
2021-08-08 22:16 - 2021-08-09 12:19 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-08 22:14 - 2021-08-09 12:19 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2021-08-08 22:14 - 2021-08-09 12:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-08 22:14 - 2021-08-09 11:44 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-08-08 22:14 - 2021-08-09 05:21 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F72DE0B7-2B4B-4E73-8B7D-3F2978127DCD}
2021-08-08 22:14 - 2021-08-08 22:14 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-08-08 22:14 - 2021-08-08 22:14 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-08 22:14 - 2021-08-08 22:14 - 000003366 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2021-08-08 22:14 - 2021-08-08 22:14 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-08 22:14 - 2021-08-08 22:14 - 000003142 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2021-08-08 22:14 - 2021-08-08 22:14 - 000003116 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2021-08-08 22:14 - 2021-08-08 22:14 - 000003042 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2021-08-08 22:14 - 2021-08-08 22:14 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1336835431-166869274-4150396170-1001
2021-08-08 22:14 - 2021-08-08 22:14 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1336835431-166869274-4150396170-500
2021-08-08 22:14 - 2021-08-08 22:14 - 000002452 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2021-08-08 22:14 - 2021-08-08 22:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-08-08 22:14 - 2021-08-08 22:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2021-08-08 22:14 - 2021-08-08 22:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-08-08 22:14 - 2020-09-27 10:58 - 000003392 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-283516741-3080081594-3377497909-500
2021-08-08 22:13 - 2021-08-08 22:14 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-08-08 22:13 - 2021-08-08 22:14 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-08-08 22:11 - 2021-08-09 00:27 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-08-08 22:08 - 2021-08-09 12:12 - 004991944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-08 22:08 - 2021-08-09 12:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-08 22:00 - 2021-08-09 02:05 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-08-08 22:00 - 2021-08-08 22:19 - 000000000 ____D C:\Users\moond
2021-08-08 22:00 - 2019-12-07 05:10 - 000001105 _____ C:\Users\moond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-08 21:59 - 2021-08-08 22:00 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-08-08 21:55 - 2021-08-08 21:55 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-08-08 21:47 - 2015-03-21 20:43 - 000020403 _____ C:\Users\moond\Desktop\Modern Serif Eroded.pdf
2021-08-08 21:47 - 2015-03-21 19:49 - 000215772 _____ C:\Users\moond\Desktop\Modern Serif Eroded.ttf
2021-08-08 21:47 - 2014-05-29 13:47 - 000038428 _____ C:\Users\moond\Desktop\AARDV.TTF
2021-08-08 21:47 - 2011-11-08 15:57 - 000004468 _____ C:\Users\moond\Desktop\OFL_License.txt
2021-08-08 21:47 - 2011-11-08 15:55 - 000622848 _____ C:\Users\moond\Desktop\Zantroke-specimen.pdf
2021-08-08 21:47 - 2011-11-08 15:55 - 000282524 _____ C:\Users\moond\Desktop\Zantroke.otf
2021-08-08 21:47 - 2004-11-16 04:38 - 000016072 _____ C:\Users\moond\Desktop\CollegiateOutlineFLF.ttf
2021-08-08 21:47 - 2004-11-16 04:37 - 000010744 _____ C:\Users\moond\Desktop\CollegiateInsideFLF.ttf
2021-08-08 21:47 - 2004-11-16 04:36 - 000017904 _____ C:\Users\moond\Desktop\CollegiateBorderFLF.ttf
2021-08-08 21:47 - 2004-11-16 04:36 - 000011008 _____ C:\Users\moond\Desktop\CollegiateBlackFLF.ttf
2021-08-08 21:47 - 2004-11-16 04:35 - 000019272 _____ C:\Users\moond\Desktop\CollegiateFLF.ttf
2021-08-08 21:47 - 1994-06-05 04:05 - 000001441 _____ C:\Users\moond\Desktop\README.TXT
2021-08-08 16:52 - 2021-08-08 22:19 - 000000000 ___DC C:\WINDOWS\Panther
2021-08-08 14:35 - 2010-10-06 16:08 - 000464782 _____ C:\Users\moond\Desktop\Torn Paper Brushes.abr
2021-08-08 14:34 - 2021-08-08 14:35 - 000238197 _____ C:\Users\moond\Desktop\Torn_Paper_Brushes.zip
2021-08-08 09:37 - 2021-08-08 16:52 - 000000000 ____D C:\ESD
2021-08-08 09:36 - 2021-08-08 09:36 - 000000000 ___HD C:\$Windows.~WS
2021-08-06 23:58 - 2021-08-09 12:10 - 000000000 ____D C:\Users\moond\AppData\Roaming\qBittorrent
2021-08-06 23:58 - 2021-08-06 23:58 - 000000000 ____D C:\Users\moond\AppData\Local\qBittorrent
2021-08-05 17:42 - 2021-08-06 07:37 - 016406413 _____ C:\Users\moond\Downloads\OCBT057_Hungarian_vs_Soviet_Soldier.pdf
2021-08-05 09:25 - 2021-08-09 11:25 - 000000000 ____D C:\Users\moond\AppData\LocalLow\Mozilla
2021-08-05 09:25 - 2021-08-05 09:26 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-05 09:25 - 2021-08-05 09:25 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-05 09:25 - 2021-08-05 09:25 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2021-08-05 09:25 - 2021-08-05 09:25 - 000000000 ____D C:\Users\moond\AppData\Roaming\Mozilla
2021-08-05 09:25 - 2021-08-05 09:25 - 000000000 ____D C:\Users\moond\AppData\Local\Mozilla
2021-08-05 09:25 - 2021-08-05 09:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-08-05 09:25 - 2021-08-05 09:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-05 09:18 - 2021-08-05 09:19 - 000332992 _____ (Mozilla) C:\Users\moond\Desktop\Firefox Installer.exe
2021-08-02 09:27 - 2021-08-02 09:27 - 000000000 ___HD C:\$AV_ASW
2021-08-02 05:48 - 2021-08-09 00:27 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-08-02 05:48 - 2021-08-02 05:48 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-02 05:48 - 2021-08-02 05:48 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-08-02 05:48 - 2021-08-02 05:48 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-02 05:48 - 2021-08-02 05:48 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-08-02 05:48 - 2021-08-02 05:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-07-28 11:43 - 2021-07-28 11:43 - 000339736 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-07-28 11:43 - 2021-07-28 11:43 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-07-27 12:29 - 2021-07-27 12:29 - 000000000 ____D C:\Users\moond\AppData\Local\mbam
2021-07-27 11:33 - 2021-07-27 11:33 - 000000000 ____D C:\Program Files\Malwarebytes
2021-07-27 11:31 - 2021-07-27 11:32 - 000000000 ____D C:\Users\moond\Desktop\invitations
2021-07-27 11:29 - 2021-07-27 11:30 - 000000000 ____D C:\Users\moond\Desktop\mods for wot
2021-07-27 11:26 - 2021-07-27 11:31 - 000000000 ____D C:\Users\moond\Desktop\work for angie
2021-07-27 11:18 - 2021-07-27 11:18 - 000000000 ____D C:\AdwCleaner
2021-07-27 11:16 - 2021-07-27 11:14 - 008553680 _____ (Malwarebytes) C:\Users\moond\Desktop\AdwCleaner.exe
2021-07-27 11:16 - 2021-07-27 11:12 - 002092128 _____ (Malwarebytes) C:\Users\moond\Desktop\MBSetup.exe
2021-07-24 12:49 - 2021-07-24 12:50 - 000006397 _____ C:\Users\moond\Desktop\79-Tapio Saarelainen - The White Sniper(pdf)[ebooks-shares.org].torrent
2021-07-24 12:48 - 2021-07-24 12:48 - 000000748 _____ C:\Users\moond\Desktop\78-The Last Archide Complete Series(epub)[ebooks-shares.org].torrent
2021-07-24 12:26 - 2021-07-24 12:26 - 000017329 _____ C:\Users\moond\Desktop\LBC giving history 1-23-21.xlsx
2021-07-23 08:53 - 2021-07-29 12:05 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-23 08:29 - 2021-08-09 02:05 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-07-23 07:58 - 2021-08-09 12:35 - 000000000 ____D C:\FRST
2021-07-23 07:57 - 2021-08-09 12:34 - 000000000 ____D C:\Users\moond\Desktop\Virus Checking
2021-07-23 07:20 - 2021-07-23 07:20 - 000000118 ____H C:\Users\moond\Downloads\.~lock.Week#8 Data.xlsx#
2021-07-13 21:29 - 2021-07-13 21:29 - 000000342 _____ C:\Users\moond\Desktop\[EBS] Jack Webber - Destination Mars 2[ebooks-shares.org].torrent
2021-07-12 12:19 - 2021-07-12 12:20 - 044598853 _____ C:\Users\moond\Desktop\AGleamofBayonets.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-08-09 12:25 - 2021-01-19 17:43 - 000000000 ____D C:\Users\moond\AppData\Local\D3DSCache
2021-08-09 12:25 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-09 12:19 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-09 12:15 - 2021-03-09 11:45 - 000000000 ____D C:\Users\moond\AppData\Roaming\discord
2021-08-09 12:13 - 2021-03-09 11:45 - 000000000 ____D C:\Users\moond\AppData\Local\Discord
2021-08-09 12:13 - 2021-01-20 10:59 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-09 12:13 - 2021-01-19 17:44 - 000000000 ___RD C:\Users\moond\OneDrive
2021-08-09 12:13 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-09 12:13 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-09 12:12 - 2021-01-20 11:26 - 000000000 ____D C:\ProgramData\Avast Software
2021-08-09 12:12 - 2020-09-27 10:50 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-09 12:11 - 2019-12-07 05:50 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-09 12:11 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-08-09 12:11 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-08-09 08:51 - 2019-12-07 05:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-08-09 08:51 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-09 08:51 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-09 04:53 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-08-09 02:05 - 2021-04-19 07:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2021-08-09 02:05 - 2021-04-19 07:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2021-08-09 02:05 - 2021-04-12 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant
2021-08-09 02:05 - 2021-03-09 11:45 - 000000000 ____D C:\Users\moond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-08-09 02:05 - 2021-02-08 18:37 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.8
2021-08-09 02:05 - 2021-01-21 17:55 - 000000000 ____D C:\Users\moond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-08-09 02:05 - 2021-01-21 17:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-08-09 02:05 - 2021-01-20 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2021-08-09 02:05 - 2021-01-20 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-08-09 02:05 - 2021-01-19 17:54 - 000000000 ____D C:\Users\moond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-08-09 02:05 - 2019-12-07 05:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-08-09 02:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-08-09 02:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-08-09 02:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-08-09 02:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-08-09 02:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-08-09 02:05 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-08-08 22:51 - 2021-05-24 05:43 - 000000000 ____D C:\Users\moond\AppData\Local\Avast Software
2021-08-08 22:44 - 2021-01-20 12:28 - 000000000 ____D C:\Users\moond\AppData\Roaming\vlc
2021-08-08 22:19 - 2021-01-19 17:43 - 000000000 ___RD C:\Users\moond\3D Objects
2021-08-08 22:19 - 2020-09-27 10:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-08-08 22:19 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-08 22:14 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-08-08 22:14 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-08-08 22:13 - 2021-01-20 10:08 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-08-08 22:12 - 2019-12-07 05:14 - 000000000 __RSD C:\WINDOWS\Media
2021-08-08 22:10 - 2021-01-19 17:42 - 000000000 ____D C:\WINDOWS\system32\ASUSACCI
2021-08-08 22:10 - 2021-01-19 17:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-08-08 22:10 - 2020-09-27 10:53 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-08 22:08 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-08 22:04 - 2019-12-07 05:18 - 000000000 ____D C:\WINDOWS\Setup
2021-08-08 22:02 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-08-08 22:01 - 2021-04-19 07:35 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-08-08 22:01 - 2021-04-19 07:30 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-08-08 22:01 - 2021-01-20 09:37 - 000000000 ____D C:\WINDOWS\Firmware
2021-08-08 22:01 - 2021-01-19 17:39 - 000000000 ____D C:\WINDOWS\system32\DTS
2021-08-08 22:01 - 2021-01-19 17:38 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-08-08 22:00 - 2021-01-19 17:43 - 000000000 ____D C:\Users\moond\AppData\Local\Packages
2021-08-08 21:52 - 2021-04-20 18:43 - 000000132 _____ C:\Users\moond\AppData\Roaming\Adobe PNG Format CS6 Prefs
2021-08-07 11:29 - 2021-01-20 11:04 - 000000000 ____D C:\Users\moond\AppData\Roaming\TS3Client
2021-08-04 21:37 - 2021-04-19 21:32 - 000001456 _____ C:\Users\moond\AppData\Local\Adobe Save for Web 13.0 Prefs
2021-08-04 20:59 - 2021-02-22 16:22 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-02 16:36 - 2021-01-21 17:35 - 000099384 _____ C:\Users\moond\AppData\Roaming\inst.exe
2021-08-02 16:36 - 2021-01-21 17:35 - 000082816 _____ (VSO Software) C:\Users\moond\AppData\Roaming\pcouffin.sys
2021-08-02 16:36 - 2021-01-21 17:35 - 000007859 _____ C:\Users\moond\AppData\Roaming\pcouffin.cat
2021-08-02 16:36 - 2021-01-21 17:35 - 000000000 ____D C:\Users\moond\AppData\Roaming\Vso
2021-08-02 16:36 - 2021-01-21 17:35 - 000000000 ____D C:\Program Files (x86)\VSO
2021-07-29 07:27 - 2021-01-21 18:01 - 000000000 ____D C:\Users\moond\AppData\Local\CrashDumps
2021-07-28 11:43 - 2021-01-20 11:28 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-07-28 11:43 - 2021-01-20 11:28 - 000559816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-07-28 11:43 - 2021-01-20 11:28 - 000471920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-07-28 11:43 - 2021-01-20 11:28 - 000367640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-07-28 11:43 - 2021-01-20 11:28 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-07-28 11:43 - 2021-01-20 11:28 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-07-28 11:43 - 2021-01-20 11:28 - 000218976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-07-28 11:43 - 2021-01-20 11:28 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-07-28 11:43 - 2021-01-20 11:28 - 000108408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-07-28 11:43 - 2021-01-20 11:28 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-07-28 11:43 - 2021-01-20 11:28 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-07-28 11:43 - 2021-01-20 11:28 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-07-28 11:43 - 2021-01-20 11:28 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-07-28 11:43 - 2021-01-20 11:28 - 000017344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-07-27 11:32 - 2021-07-06 16:04 - 000000000 ____D C:\Users\moond\Desktop\sigs and avs
2021-07-27 11:32 - 2021-07-02 08:55 - 000000000 ____D C:\Users\moond\Desktop\downloaded books
2021-07-27 11:28 - 2021-06-23 12:30 - 000000000 ____D C:\Users\moond\Desktop\memes
2021-07-24 11:24 - 2021-01-23 08:53 - 000000000 ____D C:\Users\moond\Desktop\Church Business
2021-07-23 09:08 - 2021-01-20 23:30 - 000000000 ____D C:\Users\moond\Calibre Library
2021-07-23 08:57 - 2021-04-19 21:26 - 000000000 ____D C:\Users\moond\AppData\LocalLow\Adobe
2021-07-23 08:57 - 2021-04-19 07:26 - 000000000 ____D C:\Users\moond\AppData\Local\Adobe
2021-07-23 08:57 - 2021-04-19 07:26 - 000000000 ____D C:\ProgramData\Adobe
2021-07-23 08:57 - 2021-01-19 17:43 - 000000000 ____D C:\Users\moond\AppData\Roaming\Adobe
2021-07-23 08:53 - 2021-04-19 07:30 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-07-22 11:17 - 2021-03-21 08:02 - 000000000 ____D C:\Users\moond\AppData\Local\ElevatedDiagnostics
2021-07-16 09:45 - 2021-02-22 16:22 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-07-16 09:45 - 2021-02-22 16:22 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-07-15 15:49 - 2021-01-23 08:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-15 15:48 - 2021-01-23 08:22 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2021-04-20 18:43 - 2021-08-08 21:52 - 000000132 _____ () C:\Users\moond\AppData\Roaming\Adobe PNG Format CS6 Prefs
2021-01-21 17:35 - 2021-08-02 16:36 - 000099384 _____ () C:\Users\moond\AppData\Roaming\inst.exe
2021-01-21 17:35 - 2021-08-02 16:36 - 000007859 _____ () C:\Users\moond\AppData\Roaming\pcouffin.cat
2021-01-21 17:35 - 2021-08-02 16:36 - 000001167 _____ () C:\Users\moond\AppData\Roaming\pcouffin.inf
2021-01-21 17:35 - 2021-08-02 16:36 - 000000055 _____ () C:\Users\moond\AppData\Roaming\pcouffin.log
2021-01-21 17:35 - 2021-08-02 16:36 - 000082816 _____ (VSO Software) C:\Users\moond\AppData\Roaming\pcouffin.sys
2021-04-19 21:32 - 2021-08-04 21:37 - 000001456 _____ () C:\Users\moond\AppData\Local\Adobe Save for Web 13.0 Prefs
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2021
Ran by moond (09-08-2021 12:35:57)
Running from C:\Users\moond\Desktop\Virus Checking
Windows 10 Home Version 21H1 19043.1110 (X64) (2021-08-09 02:14:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1336835431-166869274-4150396170-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1336835431-166869274-4150396170-503 - Limited - Disabled)
Guest (S-1-5-21-1336835431-166869274-4150396170-501 - Limited - Disabled)
moond (S-1-5-21-1336835431-166869274-4150396170-1001 - Administrator - Enabled) => C:\Users\moond
WDAGUtilityAccount (S-1-5-21-1336835431-166869274-4150396170-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
AOMEI Partition Assistant 9.1 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI International Network Limited.)
Aslain's WoT Modpack version 1.13.0.1.02 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 1.13.0.1.02 - Aslain)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.6.2474 - Avast Software)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 92.1.27.111 - Brave Software Inc)
calibre 64bit (HKLM\...\{6DB760DC-BEC5-4727-AA50-722D2881725E}) (Version: 5.9.0 - Kovid Goyal)
Discord (HKU\S-1-5-21-1336835431-166869274-4150396170-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
Malwarebytes version 4.4.4.126 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.4.126 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.67 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1336835431-166869274-4150396170-1001\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 90.0.2 (x64 en-US)) (Version: 90.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 90.0.2 - Mozilla)
NVIDIA Graphics Driver 457.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.63 - NVIDIA Corporation)
OpenOffice 4.1.8 (HKLM-x32\...\{963FD672-F116-4AE3-AE25-84B576E610A7}) (Version: 4.18.9803 - Apache Software Foundation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-1336835431-166869274-4150396170-1001\...\Wargaming.net Game Center) (Version: 21.5.0.5956 - Wargaming.net)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
World of Tanks NA (HKU\S-1-5-21-1336835431-166869274-4150396170-1001\...\WOT.NA.PRODUCTION) (Version: - Wargaming.net)
World_of_Warships (HKU\S-1-5-21-1336835431-166869274-4150396170-1001\...\WOWS.WW.PRODUCTION) (Version: - Wargaming.net)
Packages:
=========
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2021-01-19] (Advanced Micro Devices Inc.)
DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.10.9.0_x64__t5j2fzbtdg37r [2021-07-01] (DTS, Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6 [2021-07-23] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.16.0_x64__qmba6cd70vzyy [2021-07-14] (ASUSTeK COMPUTER INC.)
NFO Viewer -> C:\Program Files\WindowsApps\5480BrunoGiordano.NFOViewer_1.0.1.1_neutral__xzarbek87fvdr [2021-01-21] (Bruno Giordano)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-08-08] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.249.0_x64__dt26b99r8h8gj [2021-06-20] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0 [2021-08-08] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-07-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-07-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-07-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-07-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-07-27] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_21f432cacc7a9a01\nvshext.dll [2021-01-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-07-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-07-27] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-08-02 11:05 - 2021-08-09 12:25 - 000167936 _____ () [File not signed] C:\Games\World_of_Tanks_NA\mods\temp\com.modxvm.xfw.native\native_64bit\_ctypes.pyd
2021-08-02 11:05 - 2021-08-09 12:25 - 000050688 _____ (Tsuda Kageyu) [File not signed] C:\Games\World_of_Tanks_NA\mods\temp\com.modxvm.xfw.native\native_64bit\MinHook.x64.dll
2021-08-02 11:05 - 2021-08-09 12:25 - 000207872 _____ (WoT libpython contributors) [File not signed] C:\Games\World_of_Tanks_NA\mods\temp\com.modxvm.xfw.native\native_64bit\python27.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 05:14 - 2019-12-07 05:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1336835431-166869274-4150396170-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{814ED773-E2C2-4A9F-97AF-DD965634375D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7E959678-41EC-487D-86AE-F5D27E1ED56B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7622BD28-A56A-43C3-9A48-F7D4D0188649}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E6927575-09B2-4C5E-ADDE-412A3A462593}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DFB81D5D-CF4F-4AFF-92AC-B56705D0B38E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3C3C59C3-C6AE-4E8B-9460-A1DCA0AE8821}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EDA78A7E-4479-4E18-B053-6094E0DDFB84}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4BF93C86-1706-4FE3-9A87-B83C691E8921}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{482FC0C1-F375-4FA3-A68F-556051F318C8}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe => No File
FirewallRules: [TCP Query User{410746F1-D982-4433-B156-804FFF31F7CF}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe => No File
FirewallRules: [{05C46AAC-DAB6-4E2F-9844-FA76B72107C0}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{5BF3268B-32E5-4554-B5E5-2062E388F762}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{07389121-9922-4541-9CA3-B87A77AD0EF6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A0D0E0AB-B2B0-4C02-8F3D-B6388A8AC7A9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{21AF1AAA-6EAE-46D3-9144-18F0DADBFF73}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D524098E-69E4-4FD8-9463-854CE9ACF8F2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{74D9A269-086E-4191-B6BA-CE1854D4A85B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{E9184F50-F763-444E-BC70-C3436CACDB4B}C:\games\world_of_tanks_na\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_na\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{4603173A-AC86-47AD-A700-35EC624C30B0}C:\games\world_of_tanks_na\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_na\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{49CC1B4E-E589-4DAB-BC08-23259290767A}] => (Allow) LPort=7935
FirewallRules: [{E9E8FDE0-F76A-459A-855B-D089568A476A}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe (Adobe Systems Incorporated -> )
FirewallRules: [{4BDADAE3-46A2-4717-BF20-EB5E416EA67E}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe (Adobe Systems Incorporated -> )
FirewallRules: [UDP Query User{11D864D6-894E-441C-971C-5C8CF290199F}C:\games\world_of_tanks_na\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_na\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{D7CC9ADE-2176-4C8A-A415-033ED4D76A09}C:\games\world_of_tanks_na\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_na\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{ECE68012-151A-4C66-BD1B-9BAA17D5FF04}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{21991367-46A6-4996-AB19-A332DA8FF6F9}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{C54EA5D1-C903-4A2C-8012-3992D21178FC}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{DD46A30A-F6E2-40A1-9E89-546F4B0B8EED}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{A189B7C5-8313-41CA-9763-5D6AD0A69F28}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
==================== Restore Points =========================
09-08-2021 08:41:31 Windows Modules Installer
09-08-2021 08:42:07 Windows Modules Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/09/2021 12:11:41 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (08/09/2021 08:42:04 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Product: Microsoft Update Health Tools -- A later version of Microsoft Update Health Tools is already installed. Setup will now exit.
Error: (08/08/2021 10:10:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1409.
System errors:
=============
Error: (08/08/2021 10:12:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%2147952449 = The requested address is not valid in its context.
Error: (08/08/2021 10:10:33 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The Printer Extensions and Notifications service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (08/08/2021 10:10:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network List Service service terminated with the following error:
The device is not ready.
Error: (08/08/2021 10:05:53 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: F:\Device\HarddiskVolume83
CodeIntegrity:
===============
Date: 2021-08-09 12:14:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2021-08-09 12:13:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. FA706IH.316 03/12/2021
Motherboard: ASUSTeK COMPUTER INC. FA706IH
Processor: AMD Ryzen 7 4800H with Radeon Graphics
Percentage of memory in use: 28%
Total physical RAM: 32175.24 MB
Available physical RAM: 23101.66 MB
Total Virtual: 37039.24 MB
Available Virtual: 24535.63 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:953.17 GB) (Free:743.55 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:733.35 GB) NTFS
\\?\Volume{c95b2622-04d3-4d17-86bc-c7ab187f9143}\ () (Fixed) (Total:0.58 GB) (Free:0.08 GB) NTFS
\\?\Volume{c6c9306c-e9f4-4f2f-9892-c9f4cf92d8e0}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 04A1E3A2)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Windows + R works now ...
It seems to be running alot smoother ... I appreciate the help on this