Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2022 01
Ran by eugeneandteresa (03-06-2022 19:40:31)
Running from C:\Users\eugeneandteresa\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1706 (X64) (2020-08-27 03:47:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3528544182-332038941-3401246441-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3528544182-332038941-3401246441-503 - Limited - Disabled)
eugeneandteresa (S-1-5-21-3528544182-332038941-3401246441-1002 - Administrator - Enabled) => C:\Users\eugeneandteresa
Guest (S-1-5-21-3528544182-332038941-3401246441-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3528544182-332038941-3401246441-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-4b57b438-6042-4f83-8bc9-af3817521e93) (Version: 3.0.2.118 - WildTangent) Hidden
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.17.6057.3944 - Avast Software)
Azkend 2: The World Beneath (HKLM-x32\...\WTA-cc2f566d-a904-4380-a1dc-cd9a6606a1bf) (Version: 2.2.0.98 - WildTangent) Hidden
Barn Yarn Collector's Edition (HKLM-x32\...\WTA-cdf45559-b53d-4ba9-a7c7-1afc750b4b4b) (Version: 3.0.2.48 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Coyote The Outlander (HKLM-x32\...\WTA-ddde5db2-c7e3-440b-9899-da5d8fc886d8) (Version: 3.0.2.59 - WildTangent) Hidden
Delicious: Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-dd8cc9e1-7d1e-454d-aee4-cb561b1e3585) (Version: 3.0.2.59 - WildTangent) Hidden
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.2 - Dropbox, Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Entwined: The Perfect Murder (HKLM-x32\...\WTA-d07fc465-77f9-4d9d-98c9-0de0b5d94f05) (Version: 3.0.2.59 - WildTangent) Hidden
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Family Vacation 2: Road Trip (HKLM-x32\...\WTA-35bf0a58-96d0-4af3-92a6-6335b236c335) (Version: 3.0.2.59 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 102.0.5005.63 - Google LLC)
Home Makeover (HKLM-x32\...\WTA-dea03d40-c6c6-4603-b55b-0a756fe079fe) (Version: 3.0.2.59 - WildTangent) Hidden
IGT Slots: Paradise Garden (HKLM-x32\...\WTA-2b7f906f-291c-45cd-9140-b1e051d0340d) (Version: 3.0.2.59 - WildTangent) Hidden
Imperial Island: Birth of an Empire (HKLM-x32\...\WTA-a42ad1db-b95e-488b-8d74-e20b7d8d6054) (Version: 3.0.2.59 - WildTangent) Hidden
Jewel Match Snowscapes (HKLM-x32\...\WTA-43420215-c697-4d80-9005-250ab881eb4f) (Version: 3.0.2.118 - WildTangent) Hidden
Living Legends: Frozen Beauty Collector's Edition (HKLM-x32\...\WTA-080ea6bf-8574-4591-bcfe-a7392f82f6d9) (Version: 3.0.2.59 - WildTangent) Hidden
Lost Lands: Dark Overlord Collector's Edition (HKLM-x32\...\WTA-62425731-919a-43b4-b718-dcf84732a2ba) (Version: 3.0.2.59 - WildTangent) Hidden
Lost Souls: Timeless Fables Collector's Edition (HKLM-x32\...\WTA-8549c664-181b-49f8-b9ed-1c2f1c1be250) (Version: 3.0.2.59 - WildTangent) Hidden
Magic Heroes: Save Our Park (HKLM-x32\...\WTA-6ec07954-8c25-4f3b-9b83-e133780b402c) (Version: 3.0.2.59 - WildTangent) Hidden
Malwarebytes version 4.5.9.198 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes)
Manor Memoirs Collector's Edition (HKLM-x32\...\WTA-92b9e03a-f821-40c5-b189-44edf2360653) (Version: 3.0.2.59 - WildTangent) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3528544182-332038941-3401246441-1002\...\OneDriveSetup.exe) (Version: 22.099.0508.0001 - Microsoft Corporation)
Mystery Expedition: Prisoners of Ice (HKLM-x32\...\WTA-c74d770e-de32-43ab-92ff-6810ab3db366) (Version: 3.0.2.59 - WildTangent) Hidden
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Plagiarii (HKLM-x32\...\WTA-13234cd2-bf12-42d9-87cb-bab9599b462f) (Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-48d2392a-42a0-4948-a283-43fe5fab77cd) (Version: 3.0.2.59 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.59 - REALTEK Semiconductor Corp.)
Runefall (HKLM-x32\...\WTA-70840a76-9ffd-4f23-8b2b-c5a601894717) (Version: 3.0.2.126 - WildTangent) Hidden
Rush Hour! Gas Station (HKLM-x32\...\WTA-6d367f47-0afc-4bba-8e34-93f931e6576f) (Version: 3.0.2.59 - WildTangent) Hidden
Sky High Farm (HKLM-x32\...\WTA-8916ed5c-b9b9-44b3-9c2a-61725d9b9df1) (Version: 3.0.2.59 - WildTangent) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
WPS Office (11.2.0.11130) (HKU\S-1-5-21-3528544182-332038941-3401246441-1002\...\Kingsoft Office) (Version: 11.2.0.11130 - Kingsoft Corp.)
WPS Office (9.1.0.5113) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5113 - Kingsoft Corp.)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-22] (Amazon.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.219.300.0_x64__kgqvnymyfvs32 [2022-06-02] (king.com)
Hearts Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_6.12.80.0_x64__kx24dqmazqk8j [2022-04-30] (Random Salad Games LLC)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-04-30] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.5120.0_x64__8wekyb3d8bbwe [2022-05-19] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-17] (Netflix, Inc.)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2021-09-29] (Random Salad Games LLC)
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2018-08-05] (Snapfish)
The Weather Channel for HP -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforHP_2015.1108.1.0_x64__t3yemqpq4kp7p [2022-05-29] (The Weather Channel.)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-11-18] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-13] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3528544182-332038941-3401246441-1002_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Program Files (x86)\Kingsoft\WPS Office\11.2.0.11130\office6\kwpsmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-3528544182-332038941-3401246441-1002_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-06-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-07-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-06-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-3528544182-332038941-3401246441-1002: [          kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Program Files (x86)\Kingsoft\WPS Office\11.2.0.11130\office6\kwpsmenushellext64.dll [2022-05-10] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-3528544182-332038941-3401246441-1002: [          kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Program Files (x86)\Kingsoft\WPS Office\11.2.0.11130\office6\kwpsmenushellext64.dll [2022-05-10] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\eugeneandteresa\Desktop\Person 2 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\eugeneandteresa\Desktop\T (T Mark) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\eugeneandteresa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonShopping.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.amazon.com/gp/bit/amazonbookmark.html?tag=hp2-desktop-us-20&partner=HP
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=square

==================== Loaded Modules (Whitelisted) =============

2015-07-06 21:34 - 2015-07-06 21:34 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-3528544182-332038941-3401246441-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-3528544182-332038941-3401246441-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM-x32 -> {D8CD7189-C016-4F3E-A662-338FC9BC2F1C} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3528544182-332038941-3401246441-1002 -> {D8CD7189-C016-4F3E-A662-338FC9BC2F1C} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 04:04 - 2015-07-10 04:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3528544182-332038941-3401246441-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\eugeneandteresa\Downloads\IMG_0717.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B395C93D-E756-47B8-AFF3-E6A81882442B}] => (Allow) C:\Program Files (x86)\Kingsoft\WPS Office\11.2.0.11130\office6\wpscloudsvr.exe (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
FirewallRules: [{2DF6422E-A071-482C-AC68-84BB5D248AE8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{4EA3A70C-2F4F-4AE0-8C77-8D4693E71FCE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{D5BBAF24-3FAF-436D-9116-DFC20027D665}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F10744C6-22B1-4465-B86A-7F9815480ABA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{BABE52EC-A881-494C-B19F-3572C4C85DA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{D1B1F1AE-375C-4C74-ADDA-C6437679994A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
FirewallRules: [{830885B0-2F6C-431E-A3CF-2A48215FF64D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{67D38694-2BC6-4F8E-A3F6-569D516A1846}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0940E4B8-691A-4B9A-9EF0-0ECC0AB39922}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FC0E0283-D9E3-4717-A6F2-489120266ABA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6C550162-E66F-43EA-89B6-9283CE4DA510}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{AE399043-1073-48A7-9C34-19F0368E81FE}] => (Allow) LPort=5357
FirewallRules: [{D528461A-3BDD-4EE8-B3D4-EBEBB01AD69D}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{9FF97159-F972-4581-AA6A-7D2089C411BF}] => (Allow) C:\Program Files (x86)\Kingsoft\WPS Office\11.2.0.11130\office6\wps.exe (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
FirewallRules: [{103E1CB8-DC4E-44D2-8405-C16D4B7718CC}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4D9E664E-6C6A-47CA-929C-BE684D84DBB8}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B6111BA0-60A4-4791-9069-779C382D7C3E}] => (Allow) C:\Program Files (x86)\Kingsoft\WPS Office\11.2.0.11130\office6\promecefpluginhost.exe (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
FirewallRules: [{B1B5E957-F5E9-4EFC-9985-0B0CE76770F4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D192121A-3416-47F4-9DB2-B239ECFCD2DC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{55011E91-E37A-46CF-9EF4-6987422253E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D3CADAED-4E7E-4865-8A78-D14BCD95CD4A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{58374BAD-C9FB-4B56-9D14-50BE03A541E7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

26-05-2022 20:04:20 Removed swMSM.
31-05-2022 23:01:12 Removed DisableMSDefender
03-06-2022 18:41:09 AdwCleaner_BeforeCleaning_03/06/2022_18:41:06
03-06-2022 18:50:17 AdwCleaner_BeforeCleaning_03/06/2022_18:50:14

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/03/2022 06:50:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (06/03/2022 06:41:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (06/03/2022 05:37:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program svchost.exe version 10.0.19041.1566 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 458

Start Time: 01d8757bc997dcfd

Termination Time: 4294967295

Application Path: C:\Windows\System32\svchost.exe

Report Id: ebf3dc6b-eff5-45e0-9834-57a8c7df993a

Faulting package full name: 

Faulting package-relative application ID: 

Hang type: Cross-process

Error: (06/02/2022 01:38:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8413063

Error: (06/02/2022 01:38:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8413063

Error: (06/02/2022 01:38:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/02/2022 11:00:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-5NS045K.local already in use; will try DESKTOP-5NS045K-2.local instead

Error: (06/02/2022 11:00:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 DESKTOP-5NS045K.local. Addr 172.20.10.10


System errors:
=============
Error: (06/03/2022 06:52:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avast SecureLine VPN service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (06/03/2022 06:43:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avast SecureLine VPN service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (06/03/2022 06:43:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/03/2022 06:43:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD FUEL Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/03/2022 06:43:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/03/2022 06:43:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SynTPEnh Caller Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/03/2022 06:43:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Cyberlink RichVideo64 Service(CRVS) service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/03/2022 06:43:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP Software Framework Service service terminated unexpectedly.  It has done this 1 time(s).


Windows Defender:
================
Date: 2022-06-03 08:12:22
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-06-02 11:17:09
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-06-02 10:36:51
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-05-14 23:41:04
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-04-16 00:35:20
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
﻿Event[0]:

Date: 2022-06-03 08:48:41
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.367.967.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19200.6
Error code: 0x80070102
Error description: The wait operation timed out. 

Date: 2022-05-26 19:07:34
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.367.530.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19200.6
Error code: 0x80070102
Error description: The wait operation timed out. 

Date: 2022-05-26 19:07:34
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.367.530.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19200.6
Error code: 0x80070102
Error description: The wait operation timed out. 

Date: 2022-01-14 09:12:30
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.355.1916.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.18800.4
Error code: 0x80070102
Error description: The wait operation timed out. 

==================== Memory info =========================== 

BIOS: Insyde F.12 07/30/2015
Motherboard: HP 8137
Processor: AMD A6-5200 APU with Radeon(TM) HD Graphics 
Percentage of memory in use: 83%
Total physical RAM: 3537.01 MB
Available physical RAM: 572.92 MB
Total Virtual: 6766.77 MB
Available Virtual: 2191.02 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:443.88 GB) (Free:367.53 GB) (Model: WDC WD5000LPVX-60V0TT0) NTFS
Drive d: (RECOVERY) (Fixed) (Total:19.75 GB) (Free:2.31 GB) (Model: WDC WD5000LPVX-60V0TT0) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{edf5a484-0761-48ad-a3a2-9e127e8fd8c9}\ () (Fixed) (Total:1.75 GB) (Free:0.86 GB) NTFS
\\?\Volume{9b45ea5d-e30f-4003-82d5-cb5d123c8799}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: EFD32010)

Partition: GPT.

==================== End of Addition.txt =======================