Inactive Crashes and Sloooow Opening Pages

Hello Broni!

I need the required diagnostics to get started, please..

 

Ooops! Found what I need to start..

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by Arwen (administrator) on THEONE (SAMSUNG ELECTRONICS CO., LTD. 350V5C/350V5X/350V4C/350V4X/351V5C/351V5X/351V4C/351V4X/3540VC/3540VX/3440VC/3440VX) (03-02-2020 10:12:17)
Running from C:\Users\Arwen\Downloads
Loaded Profiles: Arwen (Available Profiles: Arwen)
Platform: Windows 10 Home Version 1903 18362.592 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(ESET, spol. s r.o. -> ESET spol. s r.o.) C:\Users\Arwen\Downloads\esetonlinescanner_enu (6).exe
(Google Inc -> Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc -> Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.660.0_x64__v10z8vjag6ke6\HP.Smart.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Arwen\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(Nova Development -> ) C:\Program Files (x86)\Nova Development\Print Artist Platinum 24\ReminderApp.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(RealNetworks, Inc. -> ) C:\Program Files (x86)\Real\RealDownloader\downloader2.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealDownloader\realdownloader264.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\rpbgconverter.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-08-29] (Corel Corporation -> Corel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-08] (Intel Corporation) [File not signed]
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-09-18] (Intel® Services Manager -> Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-09-18] (Intel® Services Manager -> Intel Corporation)
HKLM-x32\...\Run: [ReminderApp_EEAC3053-7055-4143-B8A0-306758055099] => C:\Program Files (x86)\Nova Development\Print Artist Platinum 24\ReminderApp.exe [144728 2011-03-09] (Nova Development -> )
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [353104 2017-12-22] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => c:\program files (x86)\real\RealDownloader\downloader2.exe [1268048 2017-11-29] (RealNetworks, Inc. -> )
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\Run: [Google Update] => C:\Users\Arwen\AppData\Local\Google\Update\1.3.35.422\GoogleUpdateCore.exe [219592 2019-12-14] (Google LLC -> Google LLC)
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe [1457720 2020-01-20] (Adobe Inc. -> Adobe)
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Arwen\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Arwen\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\RunOnce: [Uninstall 19.222.1110.0006\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arwen\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64"
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\RunOnce: [Uninstall 19.222.1110.0006] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arwen\AppData\Local\Microsoft\OneDrive\19.222.1110.0006"
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\MountPoints2: {3739b8eb-5285-11e4-8250-806e6f6e6963} - "D:\Luxor_2.exe"
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [807936 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-08-10] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-08-10] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
AppInit_DLLs: C:\Program Files C:\Program Files C:\Program Files => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-07-17]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2017-12-22]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2019-09-11]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03D51EEB-FC0E-4C34-A849-5378492F9138} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {10AD99B1-9990-4C73-B8E9-E6EA376A9E3D} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {1834511F-636F-4703-8D12-7C29F892135D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {24FA04AA-A5E4-4F25-B2FE-665AC1B37974} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3548505277-2733688421-2640094488-1001 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe [135504 2017-11-29] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {25273BEB-1596-4DF2-9ACB-64FB9B924E10} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3548505277-2733688421-2640094488-1001Core => C:\Users\Arwen\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {273E163D-8BD0-4420-A6BF-604990062399} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {33C2B19B-605D-4B98-AB07-6A0AA22E83FA} - System32\Tasks\FaxArchive_CN2BD211XW05S1 => C:\Program Files\HP\HP Officejet 4620 series\Bin\FaxApplications.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3F5DA5C4-9997-473E-945E-7CC7AA284FC9} - System32\Tasks\HPCustParticipation HP Officejet 4620 series => C:\Program Files\HP\HP Officejet 4620 series\Bin\HPCustPartic.exe
Task: {4AD36E97-A0A7-4DC5-A480-09E50B73AAFA} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [3466360 2012-08-30] (Samsung Electronics CO., LTD. -> SEC)
Task: {4C5B5699-F549-41CE-A92B-35B19E8FF22B} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-08-29] (Corel Corporation -> Corel Corporation)
Task: {54DE29B1-7A41-49EA-9C33-3F2CDD4E5464} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3548505277-2733688421-2640094488-1001 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe [135504 2017-11-29] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
Task: {5BF4106A-98B2-43EC-BFCA-BF41A8DD36A0} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233792 2012-04-15] (Intel® Services Manager -> Intel Corporation)
Task: {5EC21BF0-4503-4CCC-8D8A-DAE98A25935D} - System32\Tasks\RealDownloader Update Check => C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe
Task: {5ED97D83-12C9-44A2-B6D8-5E05998978D1} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-08-29] (Corel Corporation -> Corel Corporation)
Task: {675B1F76-91AB-44C7-B2FD-BCEB028FF6B3} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {68B018FF-394F-4EC2-96F5-1CD51CA5972D} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Arwen\Downloads\esetonlinescanner_enu (6).exe [7969304 2019-08-10] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7EC026DC-DC42-45DD-8D05-67BAC996642F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {82266BBE-21A7-4CAF-9A40-DED4B754EC2E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3548505277-2733688421-2640094488-1001Core1d35e28b237dd8d => C:\Users\Arwen\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {82C781C2-08CE-49CD-AE7F-E3484D2E2C45} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {866704E7-0F2E-4995-85D4-703CBF9E1241} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {99829F8A-4700-4FC2-8A77-393201A9AE71} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2020-01-10] (Adobe Inc. -> Adobe)
Task: {A816F8AD-3B4E-4B1D-8202-EABE3C5EE876} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233792 2012-04-15] (Intel® Services Manager -> Intel Corporation)
Task: {AFAF86C6-3E00-4438-B502-493857123499} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {B82FA7BA-DF38-4CEC-9FF3-FC3AED168754} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [3995256 2016-01-31] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {C2869C52-FA92-4C6A-82BC-D87F7B8BEEA6} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-08-29] (Corel Corporation -> Corel Corporation)
Task: {C55F4626-17E2-42A8-9B08-BBBA832CF2E8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CF9AD7B1-A258-4614-AE15-AAB1352A2A4D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {D5341CEA-C726-4E47-A3F5-5DD4C9FB61DD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3548505277-2733688421-2640094488-1001UA1d35e28b249f63f => C:\Users\Arwen\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {DE75DCC2-4981-4804-91D8-D8248A1F1E6A} - System32\Tasks\HP AR Program Upload - 1d899e09ae474e75b00a468cbd134de7aa32ec3dee4246869e6c83f89188eeec => C:\Program Files\HP\HP Officejet Pro 8610\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>)
Task: {E28C3419-18FC-4B6C-AE7F-1308CA9ACE32} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe [1457720 2020-01-20] (Adobe Inc. -> Adobe)
Task: {E2CE722C-F06E-4077-8CD9-50642DE09A6E} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Arwen\Downloads\esetonlinescanner_enu (6).exe [7969304 2019-08-10] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {F648ADA2-6A14-486C-9BC4-64444B7D899F} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe [34922040 2019-08-09] (Adlice -> )
Task: {FB6D6FE4-1610-4BB3-8519-231B3B051086} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3548505277-2733688421-2640094488-1001UA => C:\Users\Arwen\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {FF9D9BF1-BE84-4CBD-8F69-78184404A102} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{5e936670-642f-4052-aa03-d47cb7323cae}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{a1deafae-a273-4369-a12b-a8da1e15e848}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{e8f08305-a01b-4b93-b012-19d5eb7d321c}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl
SearchScopes: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001 -> {5702548C-054D-441C-8D09-68ACF36AA8ED} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2017-11-29] (RealNetworks, Inc. -> RealDownloader)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2017-11-29] (RealNetworks, Inc. -> RealDownloader)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {483EB14D-AF1C-4951-81B0-4E2B41829FF6} hxxps://assess.shlonline.com/cabs/QOLCheck.ocx
DPF: HKLM-x32 {494DE545-6D3C-4F63-9D73-CF408AB248D9} hxxps://vanillasoft.net/binarys/amiTapiPro.ocx
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Software Sarl -> Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Arwen\AppData\Roaming\Mozilla\Firefox\Profiles\wopnhc1d.default-1453139201127 [2020-01-20]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Arwen\AppData\Roaming\Mozilla\Firefox\Profiles\wopnhc1d.default-1453139201127\Extensions\sp@avast.com.xpi [2019-02-20]
FF Extension: (Avast Online Security) - C:\Users\Arwen\AppData\Roaming\Mozilla\Firefox\Profiles\wopnhc1d.default-1453139201127\Extensions\wrc@avast.com.xpi [2018-06-24]
FF Extension: (Telemetry coverage) - C:\Users\Arwen\AppData\Roaming\Mozilla\Firefox\Profiles\wopnhc1d.default-1453139201127\features\{8a3af1d4-a426-4c6d-bce3-eadcf307e115}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-11-15] [Legacy]
FF ProfilePath: C:\Users\Arwen\AppData\Roaming\kompozer.net\KompoZer\Profiles\jj4nfp63.default [2015-04-20]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll [2020-01-20] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-20] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.10.217 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2017-12-22] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.10.217 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2017-12-22] (RealNetworks, Inc. -> RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3548505277-2733688421-2640094488-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Arwen\AppData\Local\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin HKU\S-1-5-21-3548505277-2733688421-2640094488-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Arwen\AppData\Local\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin HKU\S-1-5-21-3548505277-2733688421-2640094488-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Arwen\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-01-25] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-3548505277-2733688421-2640094488-1001: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2012-09-18] (Intel) [File not signed]
FF Plugin HKU\S-1-5-21-3548505277-2733688421-2640094488-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2012-09-18] (Intel) [File not signed]
FF Plugin HKU\S-1-5-21-3548505277-2733688421-2640094488-1001: SkypePlugin -> C:\Users\Arwen\AppData\Local\SkypePlugin\7.5.0.127\npGatewayNpapi.dll [2015-08-02] (Microsoft Corporation -> Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-3548505277-2733688421-2640094488-1001: SkypePlugin64 -> C:\Users\Arwen\AppData\Local\SkypePlugin\7.5.0.127\npGatewayNpapi-x64.dll [2015-08-02] (Microsoft Corporation -> Skype Technologies S.A.)

Chrome:
=======
CHR Profile: C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default [2020-02-03]
CHR Extension: (Slides) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-13]
CHR Extension: (Regex Scraper) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjalgjglcdpomokfhgcmononebebioc [2015-04-13]
CHR Extension: (Docs) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-13]
CHR Extension: (Google Drive) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-15]
CHR Extension: (Google Search) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-09-30]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-12-23]
CHR Extension: (Sheets) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-16]
CHR Extension: (Avast Online Security) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-01-16]
CHR Extension: (Skype) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-10-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-12-15]
CHR Extension: (Safety Search by Safely) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdfhkikdjdnoambdbgehaghceipnpmlo [2020-01-02]
CHR Extension: (FB UID Scraper) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfeilckipmpkmoblecjildbpgdjjpnj [2015-04-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-11]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2019-10-24]
CHR Extension: (Gmail) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-02]
CHR Profile: C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-10-12]
CHR Extension: (Docs) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-13]
CHR Extension: (Google Drive) - C:\Users\Arwen\AppData

 

\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-04]
CHR Extension: (YouTube) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-04]
CHR Extension: (Google Search) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-10]
CHR Extension: (Sheets) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-13]
CHR Extension: (Avast Online Security) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-30]
CHR Extension: (Cisco Webex Extension) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2018-07-09]
CHR Extension: (Skype) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-04]
CHR Extension: (FreeConferenceCall.com Scheduler) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mfhjonocnlnodflomblbjnjdpllkeljo [2018-09-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-17]
CHR Extension: (Gmail) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-04]
CHR Extension: (Chrome Media Router) - C:\Users\Arwen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-15]
CHR HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Arwen\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-02-11]
CHR HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [415992 2019-01-30] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [417536 2020-01-20] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10287216 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-08] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation -> Intel Corporation)
S2 KDService; C:\Program Files\KDService\bin\KDService.exe [529424 2018-05-24] (KYOCERA Document Solutions Inc. -> KYOCERA Document Solutions Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-05] (Malwarebytes Inc -> Malwarebytes)
R2 RealPlayerUpdateSvc; C:\program files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe [37104 2017-11-29] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [989912 2017-12-22] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [256120 2016-01-31] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [552848 2020-01-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2019-03-18] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-24] (CyberLink -> CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2019-12-19] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2020-01-23] (Malwarebytes Inc -> Malwarebytes)
R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Samsung Electronics CO., LTD. -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 taphss6; C:\WINDOWS\system32\DRIVERS\taphss6.sys [42184 2013-01-10] (AnchorFree Inc -> Anchorfree Inc.)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-12-13] (Adlice -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-03 10:12 - 2020-02-03 10:14 - 000047080 _____ C:\Users\Arwen\Downloads\FRST.txt
2020-02-03 10:09 - 2020-02-03 10:13 - 000000000 ____D C:\FRST
2020-02-03 10:09 - 2020-02-03 10:09 - 002279424 _____ (Farbar) C:\Users\Arwen\Downloads\FRST64 (1).exe
2020-02-03 10:07 - 2020-02-03 10:08 - 002279424 _____ (Farbar) C:\Users\Arwen\Downloads\FRST64.exe
2020-02-03 09:54 - 2020-02-03 09:54 - 014562400 _____ (ESET spol. s r.o.) C:\Users\Arwen\Downloads\esetonlinescanner_enu (8).exe
2020-02-03 09:54 - 2020-02-03 09:54 - 014562400 _____ (ESET spol. s r.o.) C:\Users\Arwen\Downloads\esetonlinescanner_enu (7).exe
2020-02-03 09:48 - 2020-02-03 09:48 - 005988290 _____ C:\Users\Arwen\Desktop\Cawagas ~ Flagg Residence .pdf
2020-02-03 09:44 - 2020-02-03 09:45 - 000309142 _____ C:\Users\Arwen\Desktop\Cawagas ~ Flagg Lead Slip.pdf
2020-02-03 09:42 - 2020-02-03 09:42 - 001858309 _____ C:\Users\Arwen\Desktop\ER Docs _ 11.26.2019.pdf
2020-02-03 09:28 - 2020-02-03 10:14 - 000062687 _____ C:\WINDOWS\SysWOW64\rsslogs.20200203092715
2020-01-31 15:02 - 2020-02-03 09:27 - 000218950 _____ C:\WINDOWS\SysWOW64\rsslogs.20200131150237
2020-01-30 15:02 - 2020-01-31 15:01 - 001843930 _____ C:\WINDOWS\SysWOW64\rsslogs.20200130150234
2020-01-30 10:50 - 2020-01-30 10:50 - 000802089 _____ C:\Users\Arwen\Desktop\Archibald Residence .pdf
2020-01-30 10:48 - 2020-01-30 10:48 - 000175398 _____ C:\Users\Arwen\Desktop\Archibald Survey.pdf
2020-01-30 10:46 - 2020-01-30 10:46 - 000172189 _____ C:\Users\Arwen\Downloads\Archibald.pdf
2020-01-30 10:46 - 2020-01-30 10:46 - 000172189 _____ C:\Users\Arwen\Downloads\Archibald (1).pdf
2020-01-30 10:43 - 2020-01-30 15:01 - 000331657 _____ C:\WINDOWS\SysWOW64\rsslogs.20200130104248
2020-01-28 15:03 - 2020-01-30 10:42 - 000030757 _____ C:\WINDOWS\SysWOW64\rsslogs.20200128150230
2020-01-28 09:32 - 2020-01-28 09:32 - 003813537 _____ C:\Users\Arwen\Desktop\Hospital Docs 1.pdf
2020-01-28 09:10 - 2020-01-28 15:02 - 000452113 _____ C:\WINDOWS\SysWOW64\rsslogs.20200128090924
2020-01-26 15:03 - 2020-01-28 09:09 - 001713359 _____ C:\WINDOWS\SysWOW64\rsslogs.20200126150223
2020-01-25 15:03 - 2020-01-26 15:02 - 000653089 _____ C:\WINDOWS\SysWOW64\rsslogs.20200125150223
2020-01-25 08:42 - 2020-01-25 08:42 - 000000000 ____D C:\Users\Arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-01-25 08:41 - 2020-01-25 08:41 - 000077144 _____ (Zoom Video Communications, Inc.) C:\Users\Arwen\Downloads\Zoom_845fbbd60353fee1.exe
2020-01-25 08:35 - 2020-01-25 15:02 - 000496889 _____ C:\WINDOWS\SysWOW64\rsslogs.20200125083428
2020-01-23 10:10 - 2020-01-25 08:34 - 000012822 _____ C:\WINDOWS\SysWOW64\rsslogs.20200123100952
2020-01-23 10:04 - 2020-01-23 10:09 - 000007690 _____ C:\WINDOWS\SysWOW64\rsslogs.20200123100332
2020-01-23 09:48 - 2020-01-23 09:48 - 000017966 _____ C:\WINDOWS\SysWOW64\rsslogs.20200123094728
2020-01-22 21:07 - 2020-01-23 09:47 - 000012817 _____ C:\WINDOWS\SysWOW64\rsslogs.20200122210607
2020-01-22 21:04 - 2020-01-22 21:05 - 000000000 ____D C:\Users\Arwen\Desktop\Nails
2020-01-22 21:00 - 2020-01-22 21:05 - 000007690 _____ C:\WINDOWS\SysWOW64\rsslogs.20200122205912
2020-01-22 20:54 - 2020-01-22 20:54 - 000003848 _____ C:\WINDOWS\SysWOW64\rsslogs.20200122205332
2020-01-22 07:56 - 2020-01-22 20:53 - 000765718 _____ C:\WINDOWS\SysWOW64\rsslogs.20200122075603
2020-01-20 18:35 - 2020-01-22 07:55 - 001397127 _____ C:\WINDOWS\SysWOW64\rsslogs.20200120183449
2020-01-20 13:53 - 2020-01-20 18:34 - 000121691 _____ C:\WINDOWS\SysWOW64\rsslogs.20200120135227
2020-01-20 13:36 - 2020-01-23 10:06 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-01-20 13:36 - 2020-01-20 13:36 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2020-01-20 13:30 - 2020-01-20 13:30 - 000552848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2020-01-20 13:30 - 2019-10-07 19:46 - 000355720 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-01-20 12:39 - 2020-01-20 12:40 - 000175404 _____ C:\Users\Arwen\Downloads\Lattanzio Residence Survey.pdf
2020-01-20 12:38 - 2020-01-20 12:38 - 000073155 _____ C:\WINDOWS\SysWOW64\rsslogs.20200120123716
2020-01-19 10:33 - 2020-01-20 12:37 - 000020536 _____ C:\WINDOWS\SysWOW64\rsslogs.20200119103303
2020-01-18 19:56 - 2020-01-18 19:56 - 000039182 _____ C:\Users\Arwen\Downloads\Arwen-Adams.pdf
2020-01-18 19:56 - 2020-01-18 19:56 - 000039182 _____ C:\Users\Arwen\Downloads\Arwen-Adams (3).pdf
2020-01-18 19:56 - 2020-01-18 19:56 - 000039182 _____ C:\Users\Arwen\Downloads\Arwen-Adams (2).pdf
2020-01-18 19:56 - 2020-01-18 19:56 - 000039182 _____ C:\Users\Arwen\Downloads\Arwen-Adams (1).pdf
2020-01-18 18:53 - 2020-01-18 18:53 - 000000000 ___HD C:\OneDriveTemp
2020-01-18 18:32 - 2020-01-19 10:32 - 000137320 _____ C:\WINDOWS\SysWOW64\rsslogs.20200118183151
2020-01-16 23:18 - 2020-01-18 18:31 - 001000796 _____ C:\WINDOWS\SysWOW64\rsslogs.20200116231823
2020-01-16 18:30 - 2020-01-16 23:17 - 000369044 _____ C:\WINDOWS\SysWOW64\rsslogs.20200116182926
2020-01-16 18:20 - 2020-01-16 18:28 - 000011533 _____ C:\WINDOWS\SysWOW64\rsslogs.20200116181959
2020-01-16 17:14 - 2020-01-16 17:14 - 000360186 _____ C:\Users\Arwen\Downloads\ICC16LA17kit1.pdf
2020-01-15 09:26 - 2020-01-15 09:26 - 000598139 _____ C:\Users\Arwen\Downloads\Smart UL Product Guide.pdf
2020-01-15 09:25 - 2020-01-15 09:25 - 000079931 _____ C:\Users\Arwen\Downloads\Replacement.pdf
2020-01-15 09:23 - 2020-01-15 09:23 - 000212342 _____ C:\Users\Arwen\Downloads\Foresters Term Product Guide.pdf
2020-01-15 09:23 - 2020-01-15 09:23 - 000070025 _____ C:\Users\Arwen\Downloads\Foresters Level Term Ref Sheet.pdf
2020-01-15 09:21 - 2020-01-15 09:21 - 001912893 _____ C:\Users\Arwen\Downloads\Foresters Strong Foundation Term Simplified Issued FL Rev. 12-2019.pdf
2020-01-15 09:19 - 2020-01-15 09:19 - 000237490 _____ C:\Users\Arwen\Downloads\6150CL-FL (Rev. 12.19).pdf
2020-01-15 09:18 - 2020-01-15 09:18 - 000215035 _____ C:\Users\Arwen\Downloads\A653A-CL (SIT Base)(2).pdf
2020-01-15 08:53 - 2020-01-15 08:53 - 000029517 _____ C:\Users\Arwen\Downloads\moo_submission_form.pdf
2020-01-14 17:51 - 2020-01-14 17:51 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-14 17:51 - 2020-01-14 17:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-14 17:51 - 2020-01-14 17:51 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-14 17:50 - 2020-01-14 17:50 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-14 17:50 - 2020-01-14 17:50 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-14 17:50 - 2020-01-14 17:50 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-14 17:50 - 2020-01-14 17:50 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-14 17:50 - 2020-01-14 17:50 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-14 17:50 - 2020-01-14 17:50 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-14 17:50 - 2020-01-14 17:50 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-14 17:50 - 2020-01-14 17:50 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-14 17:50 - 2020-01-14 17:50 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-14 17:50 - 2020-01-14 17:50 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-14 17:50 - 2020-01-14 17:50 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-14 17:50 - 2020-01-14 17:50 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-14 17:50 - 2020-01-14 17:50 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-14 17:50 - 2020-01-14 17:50 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-14 17:50 - 2020-01-14 17:50 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-14 17:50 - 2020-01-14 17:50 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WSDScan.sys
2020-01-14 17:50 - 2020-01-14 17:50 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-14 17:50 - 2020-01-14 17:50 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-14 17:19 - 2020-01-14 17:20 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-14 17:19 - 2020-01-14 17:20 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-13 09:25 - 2020-01-22 21:06 - 000000000 ____D C:\Users\Arwen\Desktop\Me
2020-01-10 11:10 - 2020-01-11 15:33 - 000003722 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-01-10 00:39 - 2020-01-10 00:39 - 169870888 _____ C:\Users\Arwen\Downloads\OJ8610_198 (2).exe
2020-01-10 00:37 - 2020-01-10 00:37 - 009617352 _____ C:\Users\Arwen\Downloads\HPPSdr (4).exe
2020-01-10 00:36 - 2020-01-10 00:36 - 008237656 _____ C:\Users\Arwen\Downloads\HPPSdr (3).exe
2020-01-10 00:31 - 2020-01-10 00:31 - 024620168 _____ C:\Users\Arwen\Downloads\OJP8610_1828A (1).exe
2020-01-10 00:29 - 2020-01-10 00:29 - 024620168 _____ C:\Users\Arwen\Downloads\OJP8610_1828A.exe
2020-01-10 00:10 - 2020-01-10 00:10 - 008237656 _____ C:\Users\Arwen\Downloads\HPPSdr (2).exe
2020-01-10 00:08 - 2020-01-10 00:08 - 009617352 _____ C:\Users\Arwen\Downloads\HPPSdr (1).exe
2020-01-07 12:42 - 2020-01-07 12:43 - 006063712 _____ (TeamViewer) C:\Users\Arwen\Downloads\TeamViewer (4).exe
2020-01-07 12:35 - 2020-01-07 12:35 - 013475928 _____ C:\Users\Arwen\Downloads\Petruzziello Residence IVa _ C (3).sav
2020-01-07 12:34 - 2020-01-07 12:34 - 013475928 _____ C:\Users\Arwen\Downloads\Petruzziello Residence IVa _ C (2).sav
2020-01-07 12:17 - 2020-01-07 12:17 - 000085754 _____ C:\Users\Arwen\Downloads\Pine Hollow POA _ Insurance.pdf
2020-01-07 12:15 - 2020-01-07 12:15 - 000086709 _____ C:\Users\Arwen\Downloads\Certificate (2).pdf
2020-01-07 06:10 - 2020-01-07 06:10 - 000000643 _____ C:\Users\Arwen\Desktop\Pool Studio 2.0 64-Bit.lnk
2020-01-07 06:10 - 2020-01-07 06:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Structure Studios
2020-01-06 23:09 - 2020-01-06 23:09 - 001421824 _____ (structurestudios.com) C:\Users\Arwen\Downloads\SSDownloader (1).exe
2020-01-06 22:51 - 2020-01-07 02:28 - 000000000 ____D C:\Users\Arwen\Documents\SSDownloader
2020-01-06 22:51 - 2020-01-06 22:51 - 000000000 ____D C:\Users\Arwen\AppData\Local\OneDrive
2020-01-06 16:30 - 2020-01-07 08:14 - 000000000 ____D C:\ProgramData\Structure Studios
2020-01-06 14:21 - 2020-01-06 14:21 - 000823719 _____ C:\Users\Arwen\Downloads\AAA MAPS.sav
2020-01-06 14:21 - 2020-01-06 14:21 - 000823719 _____ C:\Users\Arwen\Downloads\AAA MAPS (2).sav
2020-01-06 14:21 - 2020-01-06 14:21 - 000823719 _____ C:\Users\Arwen\Downloads\AAA MAPS (1).sav
2020-01-05 14:30 - 2020-01-18 18:36 - 000000000 ____D C:\Users\Arwen\Desktop\EQUIS

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-03 10:11 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-03 09:38 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-03 09:35 - 2014-10-12 22:59 - 000000000 ___RD C:\Users\Arwen\OneDrive
2020-02-03 09:33 - 2019-10-11 00:11 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3548505277-2733688421-2640094488-1001
2020-02-03 09:33 - 2019-10-10 23:36 - 000002403 _____ C:\Users\Arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-03 09:27 - 2019-10-10 23:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-30 16:00 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-30 10:44 - 2013-01-02 09:38 - 000000000 _____ C:\WINDOWS\SysWOW64\SystemPreferences.xml
2020-01-26 17:50 - 2019-11-25 11:47 - 000003802 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2020-01-26 17:50 - 2019-11-25 11:47 - 000003360 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2020-01-25 08:42 - 2018-11-03 08:54 - 000000000 ____D C:\Users\Arwen\AppData\Roaming\Zoom
2020-01-23 10:14 - 2012-09-04 02:05 - 000000000 ____D C:\ProgramData\WinClon
2020-01-23 10:11 - 2018-06-20 09:30 - 000000000 ____D C:\Users\Arwen\AppData\Local\AVAST Software
2020-01-23 10:07 - 2014-10-12 22:51 - 000000000 __SHD C:\Users\Arwen\IntelGraphicsProfiles
2020-01-23 10:05 - 2019-10-11 00:11 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-23 10:03 - 2019-10-11 00:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-23 09:49 - 2013-07-12 12:33 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-22 21:05 - 2018-07-03 00:39 - 000000000 ____D C:\Users\Arwen\Desktop\PRO
2020-01-22 21:00 - 2019-10-10 23:36 - 000000000 ____D C:\Users\Arwen
2020-01-20 20:32 - 2018-07-02 13:39 - 000000000 ____D C:\ProgramData\KDService
2020-01-20 13:55 - 2014-07-07 16:49 - 000000000 ____D C:\Users\Arwen\AppData\Local\Adobe
2020-01-20 13:54 - 2019-10-11 00:11 - 000004570 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-20 13:54 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-20 13:54 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-20 13:34 - 2019-03-18 23:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-20 13:34 - 2017-04-10 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2020-01-20 13:30 - 2019-03-18 23:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-01-19 10:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-01-19 10:37 - 2019-03-18 23:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-18 18:35 - 2013-01-03 13:23 - 000000000 ____D C:\Users\Arwen\AppData\Roaming\HpUpdate
2020-01-16 18:42 - 2019-10-11 00:11 - 000003138 _____ C:\WINDOWS\system32\Tasks\RogueKiller Anti-Malware
2020-01-16 18:21 - 2019-10-10 23:25 - 000799384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-16 18:19 - 2012-09-04 01:57 - 000000870 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2020-01-16 18:19 - 2012-09-04 01:57 - 000000868 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2020-01-16 18:16 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 18:16 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-16 18:16 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 18:16 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 16:50 - 2012-12-16 21:21 - 000000000 ____D C:\Users\Arwen\AppData\Local\CrashDumps
2020-01-14 18:03 - 2013-08-02 18:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-14 17:57 - 2019-03-18 23:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-14 17:57 - 2012-12-22 02:15 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-11 15:34 - 2012-09-04 02:10 - 000000000 ____D C:\ProgramData\Temp
2020-01-11 15:33 - 2019-10-11 00:11 - 000003556 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3548505277-2733688421-2640094488-1001UA1d35e28b249f63f
2020-01-11 15:33 - 2019-10-11 00:11 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-11 15:33 - 2019-10-11 00:11 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-11 15:33 - 2019-10-11 00:11 - 000003292 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3548505277-2733688421-2640094488-1001UA
2020-01-11 15:33 - 2019-10-11 00:11 - 000003288 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3548505277-2733688421-2640094488-1001Core1d35e28b237dd8d
2020-01-11 15:33 - 2019-10-11 00:11 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-11 15:33 - 2019-10-11 00:11 - 000003070 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FF6E7FF6-A826-4FA6-A008-42C24AD91130}
2020-01-11 15:33 - 2019-10-11 00:11 - 000003040 _____ C:\WINDOWS\system32\Tasks\FaxArchive_CN2BD211XW05S1
2020-01-11 15:33 - 2019-10-11 00:11 - 000003020 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3548505277-2733688421-2640094488-1001Core
2020-01-11 15:33 - 2019-10-11 00:11 - 000002916 _____ C:\WINDOWS\system32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2020-01-11 15:33 - 2019-10-11 00:11 - 000002750 _____ C:\WINDOWS\system32\Tasks\HP AR Program Upload - 1d899e09ae474e75b00a468cbd134de7aa32ec3dee4246869e6c83f89188eeec
2020-01-11 15:33 - 2019-10-11 00:11 - 000002686 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP Officejet Pro 8610
2020-01-11 15:33 - 2019-10-11 00:11 - 000002680 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 2
2020-01-11 15:33 - 2019-10-11 00:11 - 000002678 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 3
2020-01-11 15:33 - 2019-10-11 00:11 - 000002678 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 1
2020-01-11 15:33 - 2019-10-11 00:11 - 000002642 _____ C:\WINDOWS\system32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3548505277-2733688421-2640094488-1001
2020-01-11 15:33 - 2019-10-11 00:11 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2020-01-11 15:33 - 2019-10-11 00:11 - 000002574 _____ C:\WINDOWS\system32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2020-01-11 15:33 - 2019-10-11 00:11 - 000002514 _____ C:\WINDOWS\system32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3548505277-2733688421-2640094488-1001
2020-01-11 15:33 - 2019-10-11 00:11 - 000002502 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP Officejet 4620 series
2020-01-11 15:33 - 2019-10-11 00:11 - 000002458 _____ C:\WINDOWS\system32\Tasks\WLANStartup
2020-01-11 15:33 - 2019-10-11 00:11 - 000002312 _____ C:\WINDOWS\system32\Tasks\RealDownloader Update Check
2020-01-11 15:33 - 2019-10-11 00:11 - 000002262 _____ C:\WINDOWS\system32\Tasks\advRecovery
2020-01-11 15:33 - 2019-10-11 00:11 - 000002040 _____ C:\WINDOWS\system32\Tasks\Synaptics TouchPad Enhancements
2020-01-11 15:33 - 2019-10-11 00:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-01-11 15:22 - 2019-05-27 19:43 - 000000000 ____D C:\Users\Arwen\Desktop\Photos
2020-01-10 00:09 - 2013-01-03 12:47 - 000000000 ____D C:\ProgramData\HP
2020-01-08 21:58 - 2018-07-23 10:18 - 000000000 ____D C:\Users\Arwen\Desktop\Scan
2020-01-07 06:00 - 2015-06-14 18:13 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-04 17:22 - 2019-10-10 23:48 - 000842668 _____ C:\WINDOWS\system32\PerfStringBackup.INI

==================== Files in the root of some directories ========

2019-12-19 10:03 - 2019-12-30 04:46 - 000000000 ____D () C:\ProgramData\WZUpdateNotifier.exe
2019-09-22 15:17 - 2019-09-22 15:17 - 000001374 _____ () C:\Users\Arwen\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Arwen (03-02-2020 10:15:03)
Running from C:\Users\Arwen\Downloads
Windows 10 Home Version 1903 18362.592 (X64) (2019-10-11 05:13:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3548505277-2733688421-2640094488-500 - Administrator - Disabled)
Arwen (S-1-5-21-3548505277-2733688421-2640094488-1001 - Administrator - Enabled) => C:\Users\Arwen
DefaultAccount (S-1-5-21-3548505277-2733688421-2640094488-503 - Limited - Disabled)
defaultuser100000 (S-1-5-21-3548505277-2733688421-2640094488-1057 - Limited - Enabled)
Guest (S-1-5-21-3548505277-2733688421-2640094488-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3548505277-2733688421-2640094488-1049 - Limited - Enabled)
scans (S-1-5-21-3548505277-2733688421-2640094488-1051 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3548505277-2733688421-2640094488-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBulkMailer (HKLM-x32\...\{7F6276CF-ACCE-4C11-8AF3-F8C166ECC81B}) (Version: 8.5 - Advanced Business Objects)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
Art Explosion Publisher Pro Silver Edition (HKLM-x32\...\{C62D7344-8709-4443-9C95-F90659CBC27F}) (Version: 1.0.0.8 - Nova Development)
Autodesk DWG TrueView 2019 - English (HKLM\...\DWG TrueView 2019 - English) (Version: 23.0.46.0 - Autodesk)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7734 - AVAST Software)
Avast Driver Updater (HKLM-x32\...\{630C3D8E-2BEE-465F-9E59-BB069ED10761}) (Version: 2.5.6 - AVAST Software) Hidden
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Chromium (HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\Chromium) (Version: 46.0.2480.0 - Chromium)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DWG TrueView 2019 - English (HKLM\...\{28B89EEF-2028-0409-0100-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GIMP 2.10.12 (HKLM\...\GIMP-2_is1) (Version: 2.10.12 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Video Support Plugin (HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
GoTo Opener (HKLM-x32\...\{FCF5FF66-C2FB-45C1-B46E-7A596657B016}) (Version: 1.0.530 - LogMeIn, Inc.)
Help Desk (HKLM\...\{C85A891D-7AB4-46AE-84F0-B0C3FAC82280}) (Version: 1.0.4 - Samsung Electronics CO., LTD.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8610 Basic Device Software (HKLM\...\{39DA3F40-0B9E-4002-8E01-108FEC9EFE43}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Help (HKLM-x32\...\{F9569D00-4576-46C8-B6C7-207A4FD39745}) (Version: 32.0.0 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 41450 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 5.0.1120 - KYOCERA Document Solutions Inc.)
KYOCERA Status Monitor 5 (HKLM\...\{24EE7F6D-C648-463f-9E71-DC5FD2258D17}) (Version: 5.0.6015 - KYOCERA Document Solutions Inc.)
ListExtractor (HKLM-x32\...\{9BDEFE48-95D2-45A7-AC9F-B9CECC0E8E42}) (Version: 2.00.0000 - AtPacific)
Luxor 3 (HKLM-x32\...\BFG-Luxor 3) (Version: - )
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 69.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 69.0.3 (x64 en-US)) (Version: 69.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.1 - Mozilla)
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
Print Artist Platinum 24 (HKLM-x32\...\{7568CBAC-FC7F-4EE9-8CAC-B4274FC93B4E}) (Version: 24.0.1.2 - Nova Development)
Product Improvement Study for HP Officejet Pro 8610 (HKLM\...\{D2064264-3162-4DB1-AFE0-167BEFBBCD9C}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
RealDownloader (HKLM-x32\...\{EAC491EB-9FD9-4B6A-A277-047C7DE2C4B4}) (Version: 18.1.10.217 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.10 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6702 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.6.0 - Samsung Electronics CO., LTD.)
RogueKiller version 13.4.2.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.4.2.0 - Adlice Software)
SE3D_Installer (HKLM-x32\...\{B717245E-8A7C-4ABF-B383-2930A5AD9555}) (Version: 2.5.22.0 - Structure Studios) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHA Premium Quotation System (HKLM-x32\...\SHA Premium Quotation System) (Version: Version 2.1 - USHEALTH)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{F7C13D74-E0FD-4A76-896A-E8687769767D}) (Version: 7.5.0.127 - Skype Technologies S.A.)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Structure Studios SE3D 2 (HKLM-x32\...\{7e47a7f9-1dbc-4895-add7-6725785f6a6f}) (Version: 2.5.22.0 - Structure Studios)
Support Center (HKLM\...\{3D7275C7-8549-46AF-8B59-82A3EF301B31}) (Version: 2.0.8 - Samsung Electronics CO., LTD.)
SW Update (HKLM-x32\...\{49271148-3C6B-4F2B-B8C9-FFDE243B8FEA}) (Version: 2.0.15 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.1.8 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F49D6A65-1AB6-4728-9FDA-DB5BAB631CF6}) (Version: 1.23.0.0 - Microsoft Corporation) Hidden
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
User Guide (HKLM-x32\...\{66172F70-0BDE-4BAB-A973-E2E4EF501F6D}) (Version: 1.2.00 - Samsung Electronics CO., LTD.)
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinZip 24.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24121}) (Version: 24.0.13618 - Corel Corporation)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )
Zoom (HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Adera -> C:\Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe [2014-10-14] (Microsoft Studios)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.4.7.0_x86__kgqvnymyfvs32 [2020-01-09] (king.com)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-08] (Microsoft Corporation)
Google -> C:\Program Files\WindowsApps\GoogleInc.GoogleSearch_2.1.19.0_x64__yfg5n0ztvskxp [2017-07-27] (Google Inc)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.660.0_x64__v10z8vjag6ke6 [2020-01-30] (HP Inc.)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2015-06-22] (AMZN Mobile LLC)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2018-05-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2018-05-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-15] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-15] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-09] (MAGIX)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-25] (Netflix, Inc.)
PhotoEditor -> C:\Program Files\WindowsApps\6E04A0BD.PhotoEditor_1.0.0.37_neutral__ez4k4b2fwzhzt [2013-01-30] (SAMSUNG ELECTRONICS CO,. LTD.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-01-24] (Microsoft Corporation)
S Camera -> C:\Program Files\WindowsApps\CyberLinkCorp.ss.SCamera_1.0.1903.26021_x86__h7cwzt5medr84 [2014-08-11] (CYBERLINKCOM)
S Gallery -> C:\Program Files\WindowsApps\CyberLinkCorp.ss.SGallery_1.0.1903.26021_x86__h7cwzt5medr84 [2014-08-11] (CYBERLINKCOM)
S Player -> C:\Program Files\WindowsApps\CyberLinkCorp.ss.SPlayer_1.0.2216.21222_x86__h7cwzt5medr84 [2014-08-11] (CYBERLINKCOM)
Samsung Signature Store -> C:\Program Files\WindowsApps\128374E71F94E.SamsungStore_1.0.2.815_neutral__9sy8ehn46reqm [2012-12-16] (Digital River, Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0 [2020-01-30] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
Zuma Revenge! -> C:\Program Files\WindowsApps\22669SuperFreeHotGames.ZumaRevenge_2.5.0.0_x64__ztn9gjgw8wrhe [2019-07-04] (Super Free Hot Games) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001_Classes\CLSID\{0825CC0E-34BD-4FE4-B78D-EF6582A94B6A}\InprocServer32 -> C:\Users\Arwen\AppData\Local\SkypePlugin\7.5.0.127\GatewayActiveX-x64.dll (Microsoft Corporation -> Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2019 - English\en-US\dwgviewrficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Arwen\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2019 - English\dwgviewr.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Arwen\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Arwen\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel) [File not signed]
CustomCLSID: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel) [File not signed]
CustomCLSID: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
CustomCLSID: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Arwen\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Arwen\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2018-01-29] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2018-01-29] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2018-01-29] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\WZSHLS64.DLL [2019-08-29] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcontextmenu.dll [2017-12-22] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\WZSHLS64.DLL [2019-08-29] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\WZSHLS64.DLL [2019-08-29] (Corel Corporation -> WinZip Computing)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\Drivers32: [vidc.uly2] => C:\StructureStudios\SE3D20\codecs\utvideo64.dll [65568 2020-01-07] (Structure Studios, L.L.C. -> )
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\Drivers32: [vidc.x264] => C:\StructureStudios\SE3D20\codecs\x264vfw64.dll [4042272 2020-01-07] (Structure Studios, L.L.C. -> x264vfw project)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Arwen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2018-07-17 14:50 - 2016-09-12 14:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2012-04-15 21:41 - 2012-04-15 21:41 - 000484864 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-04-15 21:38 - 2012-04-15 21:38 - 000013824 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2012-04-15 21:42 - 2012-04-15 21:42 - 000015872 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-17 02:48 - 2011-08-17 02:48 - 000195584 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-17 02:48 - 2011-08-17 02:48 - 000322048 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-07-19 02:04 - 2011-07-19 02:04 - 000317952 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2011-08-15 06:12 - 2011-08-15 06:12 - 002603520 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2011-08-15 06:17 - 2011-08-15 06:17 - 009224704 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-08-15 06:12 - 2011-08-15 06:12 - 001006592 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-07-19 02:05 - 2011-07-19 02:05 - 014978048 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-15 06:15 - 2011-08-15 06:15 - 000382464 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 02:41 - 2011-08-17 02:41 - 000400384 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-15 05:23 - 2011-08-15 05:23 - 000062464 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000446976 _____ () [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000020480 _____ () [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000016896 _____ () [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000195584 _____ () [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000322048 _____ () [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000062976 _____ () [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000064512 _____ () [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000400384 _____ () [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000062464 _____ () [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2020-01-23 10:08 - 2020-01-23 10:08 - 000088064 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\_ctypes.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000128512 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\_elementtree.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000914432 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\_hashlib.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000027648 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\_multiprocessing.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000036864 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\_psutil_windows.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000046080 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\_socket.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 001303552 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\_ssl.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000020480 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\_yappi.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000012800 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\common.time34.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000007168 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\hashobjs_ext.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000127488 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\pyexpat.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000682496 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\pysqlite2._sqlite.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000364544 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\pythoncom27.dll
2020-01-23 10:08 - 2020-01-23 10:08 - 000110080 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\pywintypes27.dll
2020-01-23 10:08 - 2020-01-23 10:08 - 000010240 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\select.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000017920 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\thumbnails_ext.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000686080 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\unicodedata.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000088064 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\usb_ext.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000098816 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\win32api.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000320512 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\win32com.shell.shell.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000011264 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\win32crypt.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000018432 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\win32event.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000119808 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\win32file.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000167936 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\win32gui.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000038912 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\win32inet.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000025600 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\win32pdh.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000024064 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\win32pipe.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000035840 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\win32process.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000017408 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\win32profile.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000108544 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\win32security.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000022528 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\win32ts.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000078848 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\wx._animate.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 001067008 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\wx._controls_.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 001176576 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\wx._core_.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000806400 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\wx._gdi_.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000077312 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\wx._html2.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000733184 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\wx._misc_.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000816128 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\wx._windows_.pyd
2020-01-23 10:08 - 2020-01-23 10:08 - 000123392 ____R () [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\wx._wizard.pyd
2019-12-14 12:30 - 2019-12-14 12:30 - 000016384 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\0fd7c17e55ad149e284c6c9bc2af880f\PSIClient.ni.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 002863104 _____ (Digia Plc) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 001139200 _____ (Digia Plc) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000384000 _____ (Digia Plc) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2017-04-26 22:23 - 2020-01-26 18:00 - 001121280 _____ (ESET) [File not signed] C:\Users\Arwen\AppData\Local\ESET\ESETOnlineScanner\esets_apiW_a.DLL
2020-01-30 15:59 - 2020-01-30 15:59 - 093319680 _____ (HP Development Company, L.P.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.660.0_x64__v10z8vjag6ke6\HP.Smart.dll
2019-06-28 13:20 - 2019-06-28 13:20 - 000013312 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.660.0_x64__v10z8vjag6ke6\NativeRpcClient.dll
2019-12-14 12:30 - 2019-12-14 12:30 - 000019968 _____ (Intel Corp.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorCommon\7cf6304bad4ec2027e562209abd99443\IAStorCommon.ni.dll
2012-04-15 21:37 - 2012-04-15 21:37 - 000075264 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ChannelAdapter.dll
2012-04-15 21:35 - 2012-04-15 21:35 - 000098304 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\configurationManager.dll
2012-04-15 21:39 - 2012-04-15 21:39 - 000224256 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\CorePersistenceAPI.dll
2012-04-15 21:36 - 2012-04-15 21:36 - 000118784 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\dispatcher.dll
2012-04-15 21:35 - 2012-04-15 21:35 - 000019968 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\localMessage.dll
2012-04-15 21:35 - 2012-04-15 21:35 - 000030208 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\logger.dll
2012-04-15 21:35 - 2012-04-15 21:35 - 000318976 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\network.dll
2012-04-15 21:37 - 2012-04-15 21:37 - 000220160 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\orchestrator.dll
2012-04-15 21:38 - 2012-04-15 21:38 - 000623616 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\payload.dll
2012-04-15 21:38 - 2012-04-15 21:38 - 000109056 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\policyManager.dll
2012-04-15 21:35 - 2012-04-15 21:35 - 000018432 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sealing.dll
2012-04-15 21:38 - 2012-04-15 21:38 - 001489920 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\serializer.dll
2012-04-15 21:38 - 2012-04-15 21:38 - 000141824 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\systemInfo.dll
2012-04-15 21:35 - 2012-04-15 21:35 - 000125952 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\uuid.dll
2012-09-04 01:56 - 2012-07-08 23:46 - 000497664 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2012-09-04 01:56 - 2012-07-08 23:46 - 000269312 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000283648 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\agentInfo.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000080384 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\channelAdapter.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000061952 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\configurationManager.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000206336 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\corePersistenceAPI.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000106496 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\dispatcher.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000142848 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\liveUpdateUtility.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000018944 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\localMessage.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000030208 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\logger.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000194560 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\network.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000097280 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\orchestrator.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000181760 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\payload.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000018432 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\sealing.dll

 

2013-01-03 13:38 - 2012-09-18 14:04 - 000539136 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\serializer.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000156160 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceOfferingManager.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000012288 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\sm_uuid.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000078336 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\systemInfo.dll
2019-12-14 12:30 - 2019-12-14 12:30 - 000075264 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMgr\8d04c195d257a4d921168165f635d2ca\IAStorDataMgr.ni.dll
2020-01-16 20:27 - 2020-01-16 20:27 - 000379392 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\6eb0c9b69d64468e7f4e49043238a4a2\IAStorUtil.ni.dll
2020-01-16 20:28 - 2020-01-16 20:28 - 001114624 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorViewModel\96d40742ffe3c9e365f75d07888e07e7\IAStorViewModel.ni.dll
2019-12-14 12:30 - 2019-12-14 12:30 - 003864576 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSI\005c3903a12af8906f6e6b300cbd1a84\PSI.ni.dll
2019-12-14 12:30 - 2019-12-14 12:30 - 000643584 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PsiData\8942b9263d3f117732f2ed37a558e24c\PsiData.ni.dll
2019-12-14 12:30 - 2019-12-14 12:30 - 000027136 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\1c692c4ad0d9173d29072dc65b2fc5dd\IAStorDataMgrSvcInterfaces.ni.dll
2020-01-23 10:08 - 2020-01-23 10:08 - 002459648 ____R (Python Software Foundation) [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\python27.dll
2019-05-02 21:33 - 2019-05-02 21:33 - 000217600 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_asym.dll
2019-05-02 21:33 - 2019-05-02 21:33 - 000404480 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_base.dll
2019-05-02 21:33 - 2019-05-02 21:33 - 000379904 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_base_non_fips.dll
2019-05-02 21:33 - 2019-05-02 21:33 - 000504320 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_ecc.dll
2019-05-02 21:33 - 2019-05-02 21:33 - 000218624 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\cryptocme.dll
2016-07-12 15:33 - 2013-12-05 22:05 - 000179712 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\E_YLMBMDE.DLL
2011-08-15 05:23 - 2011-08-15 05:23 - 001019392 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\LIBEAY32.dll
2011-08-15 05:23 - 2011-08-15 05:23 - 000209408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\SSLEAY32.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 001019392 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\LIBEAY32.dll
2013-01-03 13:38 - 2012-09-18 14:04 - 000210432 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Intel\IntelAppStore\bin\SSLEAY32.dll
2020-01-23 10:08 - 2020-01-23 10:08 - 000155136 ____R (wxWidgets development team) [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\wxbase30u_net_vc90.dll
2020-01-23 10:08 - 2020-01-23 10:08 - 002030592 ____R (wxWidgets development team) [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\wxbase30u_vc90.dll
2020-01-23 10:08 - 2020-01-23 10:08 - 001251328 ____R (wxWidgets development team) [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\wxmsw30u_adv_vc90.dll
2020-01-23 10:08 - 2020-01-23 10:08 - 004796928 ____R (wxWidgets development team) [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\wxmsw30u_core_vc90.dll
2020-01-23 10:08 - 2020-01-23 10:08 - 000601088 ____R (wxWidgets development team) [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\wxmsw30u_html_vc90.dll
2020-01-23 10:08 - 2020-01-23 10:08 - 000110080 ____R (wxWidgets development team) [File not signed] C:\Users\Arwen\AppData\Local\Temp\_MEI69402\wxmsw30u_webview_vc90.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:59846E5E [446]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\evolvondemand.net -> hxxps://transcom.evolvondemand.net
IE trusted site: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\fixme.it -> hxxps://fixme.it
IE trusted site: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\techinline.net -> hxxps://*.techinline.net
IE trusted site: HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\vanillasoft.net -> hxxps://vanillasoft.net

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2019-01-20 03:01 - 000000830 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Arwen\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\blue_chameleon.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run: => "BtvStack"
HKLM\...\StartupApproved\Run: => "WinZip PreLoader"
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\StartupApproved\Run: => "HP Officejet 4620 series (NET)"
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\StartupApproved\Run: => "eyeBeam SIP Client"
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\StartupApproved\Run: => "msnmsgr"
HKU\S-1-5-21-3548505277-2733688421-2640094488-1001\...\StartupApproved\Run: => "MobileAppSync"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D1F94449-8AEC-4E3A-8DE8-DBCDD44097B6}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{FA9129FF-73AD-4F17-A3E4-08C387470DC4}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BC33BA8B-43DA-4101-A7EF-C845A5EE9C1B}] => (Allow) LPort=1900
FirewallRules: [{A256DE0D-91C4-4813-8D37-4094F0093856}] => (Allow) LPort=2869
FirewallRules: [{A815C66B-2F5A-4DC6-8E6A-8422AAD9968A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{2A1AB145-840C-4E4B-A732-E6AEA182B799}C:\program files (x86)\sha\sha.exe] => (Allow) C:\program files (x86)\sha\sha.exe (APL, INC.) [File not signed]
FirewallRules: [TCP Query User{47220578-96A8-48BC-8FA9-81CD8483B8B9}C:\program files (x86)\sha\sha.exe] => (Allow) C:\program files (x86)\sha\sha.exe (APL, INC.) [File not signed]
FirewallRules: [UDP Query User{FDB83730-E44D-42BA-B0BE-7325D05CFF85}C:\program files (x86)\sha\shaquote.exe] => (Allow) C:\program files (x86)\sha\shaquote.exe (APL, INC.) [File not signed]
FirewallRules: [TCP Query User{7FC20502-F09E-4883-B32D-33DB7A6F7BB1}C:\program files (x86)\sha\shaquote.exe] => (Allow) C:\program files (x86)\sha\shaquote.exe (APL, INC.) [File not signed]
FirewallRules: [UDP Query User{E920F795-8C2E-47C2-8BC7-AD34E45AB82E}C:\program files (x86)\sha\sha.exe] => (Allow) C:\program files (x86)\sha\sha.exe (APL, INC.) [File not signed]
FirewallRules: [TCP Query User{D10F29B3-A1D4-4199-A79A-1D8F9E6A3498}C:\program files (x86)\sha\sha.exe] => (Allow) C:\program files (x86)\sha\sha.exe (APL, INC.) [File not signed]
FirewallRules: [{F43B2C4C-F5EA-4363-9415-ECF9FAFFC407}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel® Services Manager -> Intel Corporation)
FirewallRules: [{897FCBF3-3082-48C3-9C78-0351D95DF122}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{75A7B777-C639-4F54-B838-0616DF7E3EF1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{475845B5-8E58-4B86-9021-F02FE930CAFE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E5BDA255-2693-4BA1-A18C-DDDCFC6447C6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{35C62B24-008C-47F3-8842-CD26973164D8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{87F7ACBE-C5B0-4702-AC7D-DFEA5BB85994}] => (Allow) C:\Users\Arwen\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
FirewallRules: [{3AC79786-79B8-4A5D-9E78-7302C16ED780}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9DCB8878-D257-4603-842F-3FBEDF56723D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{A29AFC7B-3E25-4483-A5FA-0E78546E91FF}C:\users\arwen\documents\wpf\dynamic\1.2.1\softphone.exe] => (Allow) C:\users\arwen\documents\wpf\dynamic\1.2.1\softphone.exe (Chase Data Corporation -> ChaseData) [File not signed]
FirewallRules: [UDP Query User{3AAD7360-9D41-4F80-A214-7693FEBF5197}C:\users\arwen\documents\wpf\dynamic\1.2.1\softphone.exe] => (Allow) C:\users\arwen\documents\wpf\dynamic\1.2.1\softphone.exe (Chase Data Corporation -> ChaseData) [File not signed]
FirewallRules: [TCP Query User{5547B77C-F52E-4D7D-8BBA-BC0DA696B906}C:\program files (x86)\microsoft silverlight\sllauncher.exe] => (Allow) C:\program files (x86)\microsoft silverlight\sllauncher.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C7A6B246-6029-45FB-9C56-91DF3EA9606D}C:\program files (x86)\microsoft silverlight\sllauncher.exe] => (Allow) C:\program files (x86)\microsoft silverlight\sllauncher.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{20E7F0C6-043C-4966-A82C-F02D75B34E9F}] => (Allow) LPort=9422
FirewallRules: [{88685F0B-6B08-44F8-BC31-D7871A661965}] => (Allow) LPort=9245
FirewallRules: [{EE0FA760-C9FE-4FB1-96E3-B8FDCC0CD2BA}] => (Allow) LPort=9246
FirewallRules: [{FD99183D-808A-4608-8C89-AB567A2962D9}] => (Allow) LPort=9247
FirewallRules: [{DFA7C63E-6E6F-4733-AA36-61E968113BBB}] => (Allow) LPort=3702
FirewallRules: [{FB20C203-237D-4AAA-8145-14677711D0F2}] => (Allow) LPort=9244
FirewallRules: [{A05F996A-DFF2-4DBB-BB7B-6213C42CCB38}] => (Allow) LPort=9444
FirewallRules: [{59C92E5F-CED2-4B2B-B9E0-23FE60E1514F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{2CA5F01C-7ABD-47B5-8A2F-DB810C18D123}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{B6307CA4-A8CE-4C39-BDE4-CDA13DA506B4}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{AB6BFDE2-8624-416C-9227-E3BEA5F358E5}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{C7477040-867E-474F-9325-2485793EC62F}] => (Allow) LPort=5357
FirewallRules: [{18A48F20-B028-4562-89C2-C8E6A0633568}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{7F711A83-714B-40EE-BDB0-C2F46FD6DA2A}] => (Allow) C:\Users\Arwen\AppData\Local\Temp\7zS5C7F\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{BADF9218-8B3C-4695-9B66-06C00CDD004D}] => (Allow) C:\Users\Arwen\AppData\Local\Temp\7zS5C7F\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{74642F68-C446-4852-A350-DBD3B7DF58D3}] => (Allow) C:\Users\Arwen\AppData\Local\Temp\7zS741F\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{A0A243E5-E4F0-425F-81B5-08BCD6F2CB46}] => (Allow) C:\Users\Arwen\AppData\Local\Temp\7zS741F\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{D0E959C1-F18C-4246-86A3-B924CA73C39D}] => (Allow) C:\Users\Arwen\AppData\Local\Temp\7zS75F9\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{EE18486D-B39A-45EE-AF14-DB250224F463}] => (Allow) C:\Users\Arwen\AppData\Local\Temp\7zS75F9\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{364221FF-77F1-4D48-B50D-11480265BC34}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{EA453DD5-5448-4B7E-9E68-C391F3D8C4EA}] => (Allow) C:\Users\Arwen\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{88F35322-5EEB-492C-9696-C9EC889B69A2}] => (Allow) C:\Users\Arwen\AppData\Roaming\Zoom\bin\airhost.exe No File
FirewallRules: [{C2AA5BF6-F179-47D3-A726-FF40483A8723}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FB3B6EBC-5542-4CAA-9128-E86E171E8CB9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D8E8CD2C-30B7-4ECD-AFA8-075EE0CF7B55}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8B8F0B78-8E73-4978-94D6-FACE2D8A9E5F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2069FC24-E816-4AFF-BD6B-A584D88DB9D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7FD206A4-51D9-4391-A49A-2455A6025852}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CB934333-BD95-4B95-9CEE-F722F5F820D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{31A2AB3C-8F9C-4055-9FB6-5C944E066A4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

14-01-2020 17:17:21 Windows Update
25-01-2020 10:03:31 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/03/2020 09:57:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21048,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/03/2020 09:45:34 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16020,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/03/2020 09:34:24 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20544,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/03/2020 09:29:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LockApp.exe, version: 10.0.18362.329, time stamp: 0x5d65c0cf
Faulting module name: LockApp.exe, version: 10.0.18362.329, time stamp: 0x5d65c0cf
Exception code: 0xc0000005
Fault offset: 0x000000000018b986
Faulting process id: 0x3798
Faulting application start time: 0x01d5d2007505b3f8
Faulting application path: C:\WINDOWS\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Faulting module path: C:\WINDOWS\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Report Id: 12728f65-ec95-4217-9d4d-852fc1d37ff5
Faulting package full name: Microsoft.LockApp_10.0.18362.449_neutral__cw5n1h2txyewy
Faulting package-relative application ID: WindowsDefaultLockScreen

Error: (01/31/2020 04:05:04 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (212,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/31/2020 12:09:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19864,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/31/2020 04:24:15 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18376,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/30/2020 05:04:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17828,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (02/03/2020 09:29:06 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (02/03/2020 09:29:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (02/03/2020 09:29:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.

Error: (02/03/2020 09:29:00 AM) (Source: DCOM) (EventID: 10010) (User: THEONE)
Description: The server Microsoft.People_10.1909.2812.0_x64__8wekyb3d8bbwe!x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppXv1pa150fssxfwf8qn0j65z3gp1qhwkcs.mca did not register with DCOM within the required timeout.

Error: (02/03/2020 09:29:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Client License Service (ClipSVC) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (02/03/2020 09:29:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppX Deployment Service (AppXSVC) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (02/03/2020 09:28:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Client License Service (ClipSVC) service to connect.

Error: (02/03/2020 09:28:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AppX Deployment Service (AppXSVC) service to connect.


Windows Defender:
===================================
Date: 2020-01-22 09:42:05.929
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8C5ABB61-67C0-4DF2-84E8-92E26D119089}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-01 14:28:58.468
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {16AE1C84-E728-4043-A517-AD296E4B0700}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-01 14:17:07.426
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D35997DE-BDD5-4E89-9E55-D2D2A2C0AE5C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-24 18:31:13.540
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {38FEC670-0BF9-4148-9330-4C91BBA29BD1}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-30 04:49:00.961
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.1392.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2019-12-12 23:07:34.202
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1437.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===================================

Date: 2020-02-03 10:15:13.900
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-03 10:15:13.786
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-03 10:12:59.280
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-03 10:12:40.847
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-03 10:11:57.267
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-03 10:11:46.402
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-02-03 10:10:14.070
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-03 10:10:13.805
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P02ABE 08/24/2012
Motherboard: SAMSUNG ELECTRONICS CO., LTD. NP350E7C-A01US
Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 74%
Total physical RAM: 8083.5 MB
Available physical RAM: 2077.75 MB
Total Virtual: 17299.5 MB
Available Virtual: 7366.06 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:906.58 GB) (Free:724.2 GB) NTFS
Drive d: (Luxor 2) (CDROM) (Total:0.18 GB) (Free:0 GB) CDFS

\\?\Volume{b98955a8-b61a-418a-8b15-55d68631086a}\ (Windows RE tools) (Fixed) (Total:0.49 GB) (Free:0.17 GB) NTFS
\\?\Volume{1f808df2-4ce7-4b0b-8cd4-ad4f9b3c3067}\ () (Fixed) (Total:0.92 GB) (Free:0.38 GB) NTFS
\\?\Volume{c3ab75b8-3ab2-49ef-9c79-6f83d9e2e80b}\ (SAMSUNG_REC2) (Fixed) (Total:22.11 GB) (Free:0.99 GB) NTFS
\\?\Volume{354f307c-2e13-46a4-4173-636c65706975}\ (SAMSUNG_REC) (Fixed) (Total:1 GB) (Free:0.29 GB) FAT32
\\?\Volume{0802c3af-e7db-4cb4-8bb4-24a1348c0432}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A56C4F25)

Partition: GPT.

==================== End of Addition.txt =======================

 

Slow opening at lock screen ... some chrome

 

Machine has a tendency to crash..