Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Start Menu appears and quickly disappears, Win10 64b


  • Please log in to reply

#1
portillos

portillos

    Member

  • Member
  • PipPip
  • 29 posts

Hi,

For several months I've had this problem:  When powering down my pc at night, clicking the start menu either with the mouse or with the keyboard windows key results in a very brief view of the menu followed by the menu disappearing.  This happens most of the time after leaving the pc on all day.  To power down the pc I have to hit ctrl+alt+del and select the power icon in the lower right.  Sometimes, I can get deeper into the menu, but when trying to select the power icon, the menu again appears briefly then disappears.  Very seldom (perhaps less than 5% of the time) the problem does not present itself.  I have tried rebooting to see if the issue exists when the pc first boots up - but there is no problem in that situation.  It seems this only happens after the pc has been on for many hours.  Maybe this is happening because of a particular program.  This pc is used, typically for watching youtube videos and playing the games fortnite, roblox, and rocketleague.

I don't know if this is malware.  I just need some help diagnosing and fixing it.  I spent some time searching this issue online and tried some recommended fixes, but nothing has worked.

 

Would appreciate any help geekstogo can provide.

 

Thanks,

portillos

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2021
Ran by marcyandmatt (administrator) on MARCYANDMATT (28-11-2021 21:57:14)
Running from C:\Users\Kitchen PC\Desktop
Loaded Profiles: marcyandmatt
Platform: Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDSurrogateHost.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe <2>
(Samsung Electronics Co., Ltd. -> Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [134936 2021-10-04] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2369240 2015-10-20] (Microsoft Corporation -> Microsoft Corp.)
HKLM-x32\...\Run: [REDRAGON M711 Gaming Mouse] => C:\Program Files (x86)\REDRAGON M711 Gaming Mouse\hid.exe [965120 2019-03-25] () [File not signed]
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-323964869-3011789935-2468043319-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33529824 2021-11-17] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-323964869-3011789935-2468043319-1000\...\Run: [HP ENVY 5540 series (NET)] => C:\Program Files\HP\HP ENVY 5540 series\Bin\ScanToPCActivationApp.exe [3770504 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\...\Windows x64\Print Processors\hpfpp70v: C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll [248320 2009-04-16] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [53656 2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP CE11 Status Monitor: C:\Windows\system32\hpinkstsCE11LM.dll [393352 2017-03-19] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\hpf3l70v.dll: C:\Windows\system32\hpf3l70v.dll [136704 2009-04-16] (Hewlett-Packard Company) [File not signed]
HKLM\...\Print\Monitors\PCL hpz3llhn: C:\Windows\system32\hpz3llhn.dll [34816 2008-05-07] (Hewlett-Packard Company) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-19] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6960.198\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09F66E8E-9F66-43CB-ADE6-83CF970DDC10} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {15E4A690-A6D4-4421-A45F-63AFE737E532} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {18DF3753-78B7-4FC3-9D71-2BEB462702DC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {25E9B3AB-16B0-42C4-AE47-527E6C0D8375} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {27BB8114-A96C-4EE2-A3F1-41606BF9A7F8} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {2D268147-9A45-4E5A-BDFE-C7314F5089CB} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {2F1D79DD-EF31-4521-84D9-5E5B16334318} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {3532DA2F-BD4F-400F-A2B3-1843DA603006} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {450B94F7-3123-4C47-89AC-63E69AAE9EAC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {45DC1F49-359A-4E05-9EC0-E3FC1052C113} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {470FAF02-F985-4F8F-B4FB-0E994C8E96C5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A4C3CC9-3381-4520-A58C-76767825D7B9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {4FAEEF82-E64B-4D2A-B2CC-B7F33137CDE7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5103ED3B-BE22-4C0D-9BE2-7425186AD8C4} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {593BE672-3D5E-4AEB-86D6-26D232CE92B4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5D1C52D8-6C86-444F-8C17-DF7EA613FD8E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {617F01F5-DD3F-48B2-9E9D-757C3A3E34B4} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {64A7A34F-1F69-49B7-B92A-AF2CA22E1F38} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {670936F4-6FDA-496A-A0B6-A691BE75E542} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {73F52A01-4331-48E7-A1C1-ED1F27D3A927} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-13] (Google Inc -> Google Inc.)
Task: {8238DA5C-04A2-4F7D-A63C-F8B40D82D799} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {83BC47FA-B153-4096-B80E-78676D663CBB} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {865DBC54-E8B3-4BA4-B71D-7CCD1B6DBB8B} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe [497752 2021-11-06] (Samsung Electronics Co., Ltd. -> Samsung Electronics)
Task: {93A8F4C8-2A39-4BE5-B9BD-39EFC26E4EF2} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {A069E548-4EE0-479E-A7CC-BCE756521ADF} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {A1E615EF-633A-4C79-81E1-CAB74FC7C3D9} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {A420A222-ACAC-4D89-980F-7D9B47B38CA1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {AFC5FE57-81B9-4C25-BAD9-AEC7F5844D41} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B46A18B7-661B-4B02-BA02-CF812A9945C0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {B80D8339-9C1D-402B-BD1F-453402D7EDCA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {B8796AE0-90FD-43E5-B555-5ECB3929FE16} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {BE2BABA2-A596-4F21-9C60-5A744E1AF8D6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4974872 2021-11-17] (Avast Software s.r.o. -> AVAST Software)
Task: {BEB54045-7B75-4522-9266-FDF47C5C9E4B} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {BEBCF221-111B-416C-8DF5-F0A098796A93} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {CFA9EF1F-9846-46C8-A757-D88E3BC3FB05} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {D33448E1-CADF-4340-AA19-AE6F7F3A337B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D3A5BFBF-79F9-4EF5-8C4A-BA2BE99D6B59} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {D5BE3CE4-4683-42E2-B82C-37DFBE43C083} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {D7BA15AD-BCEC-48BC-BEB8-50EAB2FBBFD5} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {DFA72E33-E607-4CAE-8ABE-F7EA6F8C62CB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {E35D1A64-D942-47F1-958F-BBAB1CFD4B12} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {E38610CF-75D9-4F64-94ED-AEB193BE52BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-13] (Google Inc -> Google Inc.)
Task: {E5491616-7385-42A6-A25F-455BB414C697} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {FBF27397-2298-4250-9918-0506423498C4} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{cb725f84-7279-4851-b4d4-f3f37e21d841}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{CDB24927-9B46-4C22-B91E-09C04B037F3A}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kitchen PC\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-01]

FireFox:
========
FF ProfilePath: C:\Users\Kitchen PC\AppData\Roaming\Mozilla\Firefox\Profiles\h4ql1auo.default-1422069087404 [2021-08-24]
FF Homepage: Mozilla\Firefox\Profiles\h4ql1auo.default-1422069087404 -> hxxps://www.miniclip.com/games/8-ball-pool-multiplayer/en/
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Kitchen PC\AppData\Roaming\Mozilla\Firefox\Profiles\h4ql1auo.default-1422069087404\Extensions\[email protected] [2021-11-28]
FF Extension: (Avast Online Security) - C:\Users\Kitchen PC\AppData\Roaming\Mozilla\Firefox\Profiles\h4ql1auo.default-1422069087404\Extensions\[email protected] [2018-07-08]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2017-06-22] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-06-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-06-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Kitchen PC\AppData\Local\Google\Chrome\User Data\Default [2017-06-16]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox"
CHR Profile: C:\Users\Kitchen PC\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-24]
CHR Profile: C:\Users\Kitchen PC\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-11-28]
CHR Notifications: Profile 1 -> hxxps://calendar.google.com; hxxps://captchamodern.top; hxxps://drive.google.com; hxxps://mail.google.com; hxxps://matrix-news.org; hxxps://skillshare.pissedconsumer.com; hxxps://www.ae.com; hxxps://www.facebook.com
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://google.com/"
CHR Extension: (Google Drive) - C:\Users\Kitchen PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\Kitchen PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-27]
CHR Extension: (Google Docs Offline) - C:\Users\Kitchen PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-19]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Kitchen PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-10-27]
CHR Extension: (Google Play Music) - C:\Users\Kitchen PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-09-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kitchen PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Gmail) - C:\Users\Kitchen PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Profile: C:\Users\Kitchen PC\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-29]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc. -> Apple Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [768408 2021-11-12] (ASUSTeK Computer Inc. -> )
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8323664 2021-10-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [630040 2021-10-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [377624 2021-10-04] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-02-24] (BattlEye Innovations e.K. -> )
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173784 2015-10-20] (Microsoft Corporation -> Microsoft Corp.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35704 2021-11-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [222112 2021-11-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367632 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-11-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99344 2021-11-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41344 2021-11-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184648 2021-11-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538976 2021-11-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107848 2021-11-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-11-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852216 2021-11-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [557648 2021-11-17] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-10-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317696 2021-11-17] (Avast Software s.r.o. -> AVAST Software)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [25480 2019-03-11] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [21384 2019-04-12] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows ® Codename Longhorn DDK provider)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [14728 2018-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-28 21:57 - 2021-11-28 21:57 - 000026943 _____ C:\Users\Kitchen PC\Desktop\FRST.txt
2021-11-28 21:56 - 2021-11-28 21:56 - 000000000 ____D C:\Users\Kitchen PC\Desktop\FRST-OlderVersion
2021-11-28 21:55 - 2021-11-28 21:56 - 002311680 _____ (Farbar) C:\Users\Kitchen PC\Desktop\FRST64.exe
2021-11-24 14:08 - 2021-11-24 14:08 - 000003567 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (36).pdf
2021-11-24 14:08 - 2021-11-24 14:08 - 000003565 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (35).pdf
2021-11-24 14:08 - 2021-11-24 14:08 - 000003565 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (34).pdf
2021-11-24 14:07 - 2021-11-24 14:07 - 000003743 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (32).pdf
2021-11-24 14:07 - 2021-11-24 14:07 - 000003569 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (33).pdf
2021-11-24 14:06 - 2021-11-24 14:06 - 000003567 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (31).pdf
2021-11-24 14:06 - 2021-11-24 14:06 - 000003565 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (30).pdf
2021-11-24 14:06 - 2021-11-24 14:06 - 000003565 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (29).pdf
2021-11-24 14:05 - 2021-11-24 14:05 - 000003743 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (27).pdf
2021-11-24 14:05 - 2021-11-24 14:05 - 000003569 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (28).pdf
2021-11-19 21:34 - 2021-11-20 12:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-11-18 13:40 - 2021-11-18 13:40 - 000017903 _____ C:\Users\Kitchen PC\Desktop\SCRIPS_MasterOrderForm_Christmas21.xlsx
2021-11-18 13:37 - 2021-11-18 13:37 - 000003727 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (26).pdf
2021-11-18 13:34 - 2021-11-18 13:34 - 000003537 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (25).pdf
2021-11-18 13:28 - 2021-11-18 13:28 - 000003727 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (24).pdf
2021-11-18 13:27 - 2021-11-18 13:27 - 000003554 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (23).pdf
2021-11-18 13:26 - 2021-11-18 13:26 - 000003537 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (22).pdf
2021-11-17 15:11 - 2021-11-17 15:11 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-11-17 15:11 - 2021-11-17 15:11 - 000214384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswf88d4373c80d4236.tmp
2021-11-11 15:49 - 2021-11-11 15:49 - 000003734 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (21).pdf
2021-11-11 15:47 - 2021-11-11 15:47 - 000003981 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (20).pdf
2021-11-11 15:47 - 2021-11-11 15:47 - 000003543 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (18).pdf
2021-11-11 15:47 - 2021-11-11 15:47 - 000003538 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (19).pdf
2021-11-11 15:46 - 2021-11-11 15:46 - 000003734 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (17).pdf
2021-11-10 11:30 - 2021-11-10 11:30 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-10 11:30 - 2021-11-10 11:30 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-10 11:30 - 2021-11-10 11:30 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-10 11:29 - 2021-11-10 11:29 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-10 11:25 - 2021-11-10 11:25 - 000000000 ___HD C:\$WinREAgent
2021-11-06 12:16 - 2021-11-28 21:46 - 000002484 _____ C:\WINDOWS\system32\Tasks\Samsung_PSSD_Registration
2021-11-06 12:16 - 2021-11-06 12:16 - 000000000 ____D C:\ProgramData\Samsung Apps
2021-11-04 10:47 - 2021-11-04 10:47 - 000003733 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (15).pdf
2021-11-04 10:47 - 2021-11-04 10:47 - 000003551 _____ C:\Users\Kitchen PC\Downloads\FamilyOrderDetail_Pro (16).pdf
2021-11-01 20:54 - 2021-11-01 20:54 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-01 20:54 - 2021-11-01 20:54 - 000000000 ____D C:\Program Files\PCHealthCheck

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-28 21:57 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-28 21:57 - 2018-07-08 17:27 - 000000000 ____D C:\FRST
2021-11-28 21:52 - 2016-05-14 06:29 - 000000000 ____D C:\Program Files (x86)\Steam
2021-11-28 21:46 - 2020-08-28 23:35 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-11-28 21:46 - 2020-08-28 23:35 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-28 21:46 - 2020-08-28 23:35 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-11-28 21:46 - 2020-08-28 23:35 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-28 21:46 - 2020-08-28 23:35 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-11-28 21:46 - 2020-08-28 23:35 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-11-28 21:46 - 2020-08-28 23:35 - 000002292 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-11-28 21:46 - 2020-08-28 23:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-11-28 21:46 - 2017-03-14 20:26 - 000000000 ____D C:\Users\Kitchen PC\AppData\LocalLow\Mozilla
2021-11-28 20:08 - 2016-05-13 20:48 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-28 19:35 - 2017-03-04 07:04 - 000000000 ____D C:\Users\Kitchen PC\AppData\Local\CrashDumps
2021-11-28 13:38 - 2020-02-01 09:57 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-28 12:18 - 2020-08-28 23:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-28 00:11 - 2016-05-14 01:03 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-25 21:10 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-25 09:23 - 2020-08-21 08:25 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-25 09:23 - 2020-08-21 08:25 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-11-25 09:23 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-23 07:54 - 2020-08-28 23:37 - 000934986 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-23 07:54 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-19 12:09 - 2016-05-13 20:49 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-19 06:42 - 2019-11-17 17:48 - 000000000 ____D C:\ProgramData\Packages
2021-11-18 07:37 - 2019-01-18 07:11 - 000367632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-11-17 19:06 - 2016-06-08 11:08 - 000000000 ____D C:\Users\Kitchen PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-11-17 15:11 - 2020-10-27 11:06 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-11-17 15:11 - 2020-08-28 23:35 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-11-17 15:11 - 2020-04-20 17:14 - 000538976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-11-17 15:11 - 2019-12-07 03:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-11-17 15:11 - 2019-01-17 09:59 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-11-17 15:11 - 2019-01-17 09:59 - 000099344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-11-17 15:11 - 2019-01-17 09:59 - 000035704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-11-17 15:11 - 2018-10-22 09:03 - 000041344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-11-17 15:11 - 2017-11-22 06:43 - 000222112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-11-17 15:11 - 2016-05-13 20:51 - 000852216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-11-17 15:11 - 2016-05-13 20:51 - 000557648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-11-17 15:11 - 2016-05-13 20:51 - 000317696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-11-17 15:11 - 2016-05-13 20:51 - 000107848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-11-17 15:11 - 2016-05-13 20:51 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-11-16 17:06 - 2018-12-22 10:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-12 09:08 - 2020-08-28 23:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-12 09:08 - 2020-08-28 23:28 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-12 09:08 - 2019-12-16 03:52 - 000807280 _____ C:\WINDOWS\system32\wpbbin.exe
2021-11-12 09:08 - 2019-12-16 03:52 - 000768408 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2021-11-12 09:08 - 2016-05-13 20:50 - 000000000 ____D C:\ProgramData\AVAST Software
2021-11-11 22:29 - 2019-12-07 03:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-11-11 22:28 - 2019-12-07 03:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-11 22:28 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-11 22:28 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-11 22:28 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-10 11:30 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-10 11:24 - 2016-05-13 23:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-10 11:22 - 2016-05-13 23:20 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-01 21:37 - 2020-08-28 23:28 - 000448688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-01 21:36 - 2019-12-07 03:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-01 21:36 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-01 21:36 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-01 21:36 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-01 21:36 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-01 21:36 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-01 21:36 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-01 06:52 - 2019-12-07 03:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-11-01 06:52 - 2019-11-17 17:34 - 000000000 ____D C:\Users\Kitchen PC\AppData\Local\Packages

==================== Files in the root of some directories ========

2017-10-15 10:39 - 2017-10-15 10:39 - 000007605 _____ () C:\Users\Kitchen PC\AppData\Local\Resmon.ResmonCfg
2018-06-18 21:53 - 2018-06-18 21:53 - 000000000 _____ () C:\Users\Kitchen PC\AppData\Local\{7F0636D0-E8DD-40CB-BC76-60C8CD111A6C}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2021
Ran by marcyandmatt (28-11-2021 21:58:59)
Running from C:\Users\Kitchen PC\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) (2020-08-29 05:35:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-323964869-3011789935-2468043319-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-323964869-3011789935-2468043319-503 - Limited - Disabled)
Guest (S-1-5-21-323964869-3011789935-2468043319-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-323964869-3011789935-2468043319-1006 - Limited - Enabled)
marcyandmatt (S-1-5-21-323964869-3011789935-2468043319-1000 - Administrator - Enabled) => C:\Users\Kitchen PC
WDAGUtilityAccount (S-1-5-21-323964869-3011789935-2468043319-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{BE930E38-7BB3-45B6-85B2-5251F374F844}) (Version: 6.2.2 - Hewlett-Packard) Hidden
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Acrobat X Pro (HKLM-x32\...\{AC76BA86-1033-0000-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.11.26.106 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{ac726f18-c961-4fa1-a46d-6f0c644cd12b}) (Version: 2.11.26.106 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.9.2494 - Avast Software)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.478.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
CPUID CPU-Z 1.95 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.95 - CPUID, Inc.)
Cricut Design Space (HKU\S-1-5-21-323964869-3011789935-2468043319-1000\...\Cricut Design Space 4.1.5) (Version: 4.1.5 - Cricut, Inc.)
Cricut Design Space Client (HKU\S-1-5-21-323964869-3011789935-2468043319-1000\...\Cricut Design Space Client) (Version: 5.8.1805.021723 - Provo Craft)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-323964869-3011789935-2468043319-1000\...\Discord) (Version: 0.0.310 - Discord Inc.)
EaseUS MobiSaver (HKLM-x32\...\EaseUS MobiSaver_is1) (Version:  - EaseUS)
EaseUS Partition Master 13.5 (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version:  - EaseUS)
Epic Games Launcher (HKLM-x32\...\{213B426C-5317-4F2D-8395-AC04B70711C4}) (Version: 1.1.133.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google)
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP ENVY 5540 series Basic Device Software (HKLM\...\{7F9C00D2-32F6-4844-AC17-290D5F06F186}) (Version: 40.11.1119.1786 - HP Inc.)
HP ENVY 5540 series Help (HKLM-x32\...\{3B1BE080-D477-4B94-AAE4-8B0BEC5D0CE3}) (Version: 35.0.0 - Hewlett Packard)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{68550918-63B5-4762-85CB-3C160AA4B213}) (Version: 14.0 - HP)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 55.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 en-US)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.4.0 - Mozilla)
Mozilla Thunderbird (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 91.3.2 (x86 en-US)) (Version: 91.3.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Graphics Driver 471.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.68 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
REDRAGON M711 (HKLM-x32\...\{308D16D5-04D3-4581-A245-3B53AEF0AF36}}_is1) (Version:  - )
Roblox Player for marcyandmatt (HKU\S-1-5-21-323964869-3011789935-2468043319-1000\...\roblox-player) (Version:  - Roblox Corporation)
ROBLOX Studio for Kitchen PC (HKU\S-1-5-21-323964869-3011789935-2468043319-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
Skype version 8.50 (HKLM-x32\...\Skype_is1) (Version: 8.50 - Skype Technologies S.A.)
Snood 4 (HKLM-x32\...\Snood 4_is1) (Version:  - Word of Mouse Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-323964869-3011789935-2468043319-1000\...\Spotify) (Version: 1.1.70.610.g4585142b - Spotify AB)
SSD Utility (HKLM-x32\...\{83C7BFA7-172B-45B3-B339-C66B6F370344}) (Version: 3.4.3335 - Toshiba Memory Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
teenSMARTv4 (HKLM-x32\...\teenSMARTv4 4.2.00.08) (Version: 4.2.00.08 - ADEPT Inc.)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
Video Win Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version:  - videowinsoft.com)
Windows Driver Package - Provo Craft & Novelty, Inc. (usbser) Ports  (11/04/2015 2.0.0.0) (HKLM\...\F9008028528C059AEF07C6D89D45BB3C63057E83) (Version: 11/04/2015 2.0.0.0 - Provo Craft & Novelty, Inc.)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)
Zoom (HKU\S-1-5-21-323964869-3011789935-2468043319-1000\...\ZoomUMX) (Version: 5.6.1 (617) - Zoom Video Communications, Inc.)

Packages:
=========
ASUS Grid (Beta) -> C:\Program Files\WindowsApps\B9ECED6F.133F79A42C6_1.0.14.0_x64__qmba6cd70vzyy [2021-11-01] (ASUSTeK COMPUTER INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-11-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-11-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-01] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-11-01] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-12] (Microsoft Corporation)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2021-11-01] (Microsoft Corporation) [MS Ad]
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2021-11-01] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-10-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-10-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-10-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-10-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\nvshext.dll [2021-08-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-10-04] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Kitchen PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2018-11-09 09:00 - 2021-10-05 19:30 - 126961152 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-11-09 09:00 - 2021-10-05 19:30 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2018-11-09 09:00 - 2021-10-05 19:30 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2016-05-15 20:27 - 2009-04-16 13:08 - 000136704 _____ (Hewlett-Packard Company) [File not signed] C:\WINDOWS\System32\hpf3l70v.dll
2008-05-07 13:59 - 2008-05-07 18:59 - 000034816 _____ (Hewlett-Packard Company) [File not signed] C:\WINDOWS\System32\hpz3llhn.dll
2016-05-15 20:37 - 2009-04-16 13:08 - 000248320 _____ (Hewlett-Packard Corporation) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\hpfpp70v.dll
2016-05-15 16:54 - 2008-05-07 18:59 - 000099840 _____ (Hewlett-Packard Corporation) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\hpzpplhn.dll
2019-11-01 18:52 - 2019-02-21 10:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-11-09 09:00 - 2021-10-05 19:30 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [476]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [474]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-323964869-3011789935-2468043319-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://gmail.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-323964869-3011789935-2468043319-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-323964869-3011789935-2468043319-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-323964869-3011789935-2468043319-1000 -> {5CBA7D1D-A9E1-4CC1-A133-AF0934210C28} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-06-29] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-06-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2019-01-04 05:52 - 000000828 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-323964869-3011789935-2468043319-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kitchen PC\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\VersionIndependent\images\60752.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Cricut Design Space => "C:\Users\Kitchen PC\AppData\Roaming\CricutDesignSpace\BRIDGE\CricutLauncher.exe"
MSCONFIG\startupreg: Cricut Design Space3 => "C:\Users\Kitchen PC\AppData\Roaming\CricutDesignSpace3\BRIDGE\CricutLauncher4.exe"
MSCONFIG\startupreg: Discord => C:\Users\Kitchen PC\AppData\Local\Discord\app-0.0.298\Discord.exe
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: EpicGamesLauncher => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: REDRAGON M711 Gaming Mouse => C:\Program Files (x86)\REDRAGON M711 Gaming Mouse\hid.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Kitchen PC\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Kitchen PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\...\StartupApproved\Run32: => "REDRAGON M711 Gaming Mouse"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-323964869-3011789935-2468043319-1000\...\StartupApproved\StartupFolder: => "Cricut Taskbar Application.lnk"
HKU\S-1-5-21-323964869-3011789935-2468043319-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-323964869-3011789935-2468043319-1000\...\StartupApproved\Run: => "HP ENVY 5540 series (NET)"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B5728A4E-A152-4997-8851-D8282BD53D63}] => (Allow) E:\Steam Games\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{378AE846-9FC2-47B8-8EB3-1AC4F22F6005}] => (Allow) E:\Steam Games\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{FA748433-4687-4213-B7CE-E0632132CF00}] => (Allow) E:\Steam Games\steamapps\common\Call of Duty Black Ops II\t6zm.exe (Valve Corp. -> Activision Publishing Inc.) [File not signed]
FirewallRules: [{040A0184-E005-4036-B6D3-C3672C21042D}] => (Allow) E:\Steam Games\steamapps\common\Call of Duty Black Ops II\t6zm.exe (Valve Corp. -> Activision Publishing Inc.) [File not signed]
FirewallRules: [UDP Query User{5387FCA9-C1BF-4326-865A-D074D529BA4F}C:\users\kitchen pc\appdata\local\temp\7zs7273\enterprisedu.exe] => (Allow) C:\users\kitchen pc\appdata\local\temp\7zs7273\enterprisedu.exe => No File
FirewallRules: [TCP Query User{8E0D797A-1980-4244-9DFB-B8575E1B3EBC}C:\users\kitchen pc\appdata\local\temp\7zs7273\enterprisedu.exe] => (Allow) C:\users\kitchen pc\appdata\local\temp\7zs7273\enterprisedu.exe => No File
FirewallRules: [{0D2F4934-1E16-4C7D-9808-9EF2126367B1}] => (Allow) C:\Program Files\HP\HP ENVY 5540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{AFD2326C-DA1C-4B2E-870E-4C2F00D676D8}] => (Allow) LPort=5357
FirewallRules: [{EB432C65-2C7B-41C7-AA6F-7ECEB5156851}] => (Allow) C:\Program Files\HP\HP ENVY 5540 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [UDP Query User{51A340F1-6152-424F-BB7D-E112B0AAF3AA}E:\steam games\steamapps\common\rocketleague\binaries\win64\rocketleague.exe] => (Allow) E:\steam games\steamapps\common\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [TCP Query User{5BF4D05F-DC9C-45E3-95D6-007C92567A6C}E:\steam games\steamapps\common\rocketleague\binaries\win64\rocketleague.exe] => (Allow) E:\steam games\steamapps\common\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{E72B1CD7-B587-43B3-8CC3-A47B82EBF105}] => (Allow) C:\Users\Kitchen PC\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D341F3E7-CCA8-424D-9D9B-8F5D7E42E43E}] => (Allow) C:\Users\Kitchen PC\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{488B39DA-E6B4-401E-BC0F-A9FF42F8FAC1}] => (Allow) E:\Steam Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{A69F5670-F9A7-4C2B-B44A-4D014A007BBC}] => (Allow) E:\Steam Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{4CC08633-AD90-41DC-8BED-021DBF142746}] => (Allow) E:\Steam Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{645231DD-F1EF-4D9A-942A-7591D64D14F8}] => (Allow) E:\Steam Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{77F98165-AB2B-484B-99AE-7D066A156A91}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AECC6D7C-048B-4A9B-A1B3-6FA49C2DD803}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B3F4B192-85DC-4B1C-84C6-C479B2C2D413}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{B8A7E5D1-9D3D-47BE-9E1D-CBCBDE53F18B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{0222D137-17FA-4891-BDCC-014CC08C77BB}C:\users\kitchen pc\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\kitchen pc\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File
FirewallRules: [UDP Query User{BDDD6B5D-F09B-4E96-9782-FBF6866A4DE1}C:\users\kitchen pc\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\kitchen pc\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File
FirewallRules: [{28D3F88F-AF93-4AE9-9FF2-5D7DA4E8A654}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\{68550918-63B5-4762-85CB-3C160AA4B213}\setup\hpznui40.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [TCP Query User{EC78D743-FC94-4BA8-B22D-D1508E5DAC3B}C:\users\kitchen pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kitchen pc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{77367541-7F57-4835-A072-A7588AA69160}C:\users\kitchen pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kitchen pc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{DB2B0F0F-CA5F-4283-A78E-4AE7F0847590}C:\users\kitchen pc\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe] => (Allow) C:\users\kitchen pc\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe => No File
FirewallRules: [UDP Query User{08DDBD49-383A-468F-8CE1-90AED8E88126}C:\users\kitchen pc\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe] => (Allow) C:\users\kitchen pc\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe => No File
FirewallRules: [TCP Query User{4110274A-1A96-44CE-8158-C3DBADC974CC}C:\users\kitchen pc\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe] => (Block) C:\users\kitchen pc\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe => No File
FirewallRules: [UDP Query User{967FB2CB-3231-4857-AC90-AC42EB5B2461}C:\users\kitchen pc\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe] => (Block) C:\users\kitchen pc\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe => No File
FirewallRules: [TCP Query User{C4462910-55D8-4429-B26E-5253109CECBE}E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Block) E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe => No File
FirewallRules: [UDP Query User{D28B7C85-BB65-43EF-895C-9626E4DE172F}E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Block) E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe => No File
FirewallRules: [TCP Query User{18A1BFD6-5FB9-414A-ADF0-96375D782BC9}C:\users\kitchen pc\appdata\local\temp\i1467333143\windows\resource\jre\bin\javaw.exe] => (Block) C:\users\kitchen pc\appdata\local\temp\i1467333143\windows\resource\jre\bin\javaw.exe => No File
FirewallRules: [UDP Query User{E6344121-5B10-45A4-B556-EE94F42FADC1}C:\users\kitchen pc\appdata\local\temp\i1467333143\windows\resource\jre\bin\javaw.exe] => (Block) C:\users\kitchen pc\appdata\local\temp\i1467333143\windows\resource\jre\bin\javaw.exe => No File
FirewallRules: [{747E58C6-7AE7-4380-B421-74670CEA0FC1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{85403528-AEFF-4FE4-B210-2700475D67C7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{70AFA54D-5F2F-4993-A3FF-B54B17B2D101}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{677BDE56-5CF1-48AF-9BF1-8BD01C894BDE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F1071394-80E2-471C-A711-3922CEA900E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CF3B0C0F-6E2E-4CD5-B206-22D44CB2FA39}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2BBCD1F4-48D9-4012-A1F8-CDEF74D95E20}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8D58CAE6-9535-4FD3-ABF7-BFBFADACA0E5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{68963C18-536D-421B-9C93-84861517A479}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{079C798F-696F-4A75-8563-6FB3ED1002C9}] => (Allow) H:\SteamLibrary\steamapps\common\Call of Duty WWII Beta\s2_mp64_ship.exe => No File
FirewallRules: [{4DB06671-716C-4EE1-B1BF-39C6AD37CA2A}] => (Allow) H:\SteamLibrary\steamapps\common\Call of Duty WWII Beta\s2_mp64_ship.exe => No File
FirewallRules: [TCP Query User{FEE9369D-FDA6-46DD-BF41-AE3A4354B2D5}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{6E8F6EBB-8111-40E1-8E22-CDD78A1CD863}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{20DA24A2-BAD1-4FFC-8D1C-60C7003A7536}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{48CDA465-7335-4A7C-B524-D7337DB9F66E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{543DAF90-5644-4FA6-9C2C-928E5B5BDBDF}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{9162450A-9C28-4729-BF3E-2CF84353C335}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{06639C74-7561-4F37-AF38-3455C6BB1E8E}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe => No File
FirewallRules: [{38BC1987-1120-491E-97CC-788E23B503FF}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe => No File
FirewallRules: [TCP Query User{9C8934AB-AA55-4008-8389-7164EED37B71}C:\users\kitchen pc\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe] => (Allow) C:\users\kitchen pc\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe => No File
FirewallRules: [UDP Query User{8C7F4F29-0B8A-4416-9F97-7A6C40B8D7E5}C:\users\kitchen pc\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe] => (Allow) C:\users\kitchen pc\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe => No File
FirewallRules: [TCP Query User{942F7167-0F6B-4B91-9F48-80A1B6382899}C:\users\kitchen pc\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe] => (Block) C:\users\kitchen pc\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe => No File
FirewallRules: [UDP Query User{C1116937-E6AA-4F76-8F9E-BD773D67A829}C:\users\kitchen pc\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe] => (Block) C:\users\kitchen pc\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe => No File
FirewallRules: [TCP Query User{F024B27C-F3CF-471E-9493-EB84070D4990}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3BB440AF-9695-4BE5-9FD2-5E66A0427CA1}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{66DB5A78-F5D6-4DE7-85D3-D00AE9B7665D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{160E9B8B-FDB3-4CAB-8DEF-ADA6AD323A39}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{B8F667CD-50C3-4A34-A5D7-F9959E9A050D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F538922A-A86F-429D-A948-794FF8D7AF73}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{37CF859C-3620-47DB-B279-76702FC4615D}E:\subnautica\subnautica.exe] => (Block) E:\subnautica\subnautica.exe => No File
FirewallRules: [UDP Query User{657FD83A-CC17-4799-8775-7531212E66F8}E:\subnautica\subnautica.exe] => (Block) E:\subnautica\subnautica.exe => No File
FirewallRules: [TCP Query User{5A703E6B-A209-4C5F-93A1-6F3C1EDA35B5}C:\users\kitchen pc\appdata\roaming\cricut design space\web\taskbar-application-win32\release\cricuttaskbarapplication.exe] => (Allow) C:\users\kitchen pc\appdata\roaming\cricut design space\web\taskbar-application-win32\release\cricuttaskbarapplication.exe (Provo Craft & Novelty, Inc. -> Cricut, Inc.)
FirewallRules: [UDP Query User{5C0420F1-399E-43E2-BB07-4B8A5330FAD5}C:\users\kitchen pc\appdata\roaming\cricut design space\web\taskbar-application-win32\release\cricuttaskbarapplication.exe] => (Allow) C:\users\kitchen pc\appdata\roaming\cricut design space\web\taskbar-application-win32\release\cricuttaskbarapplication.exe (Provo Craft & Novelty, Inc. -> Cricut, Inc.)
FirewallRules: [TCP Query User{0637769B-4381-4462-99C6-982727A82937}C:\users\kitchen pc\appdata\roaming\cricut design space\web\taskbar-application-win32\release\cricuttaskbarapplication.exe] => (Allow) C:\users\kitchen pc\appdata\roaming\cricut design space\web\taskbar-application-win32\release\cricuttaskbarapplication.exe (Provo Craft & Novelty, Inc. -> Cricut, Inc.)
FirewallRules: [UDP Query User{79DD9210-2BAF-4520-B17C-9895B4570A2D}C:\users\kitchen pc\appdata\roaming\cricut design space\web\taskbar-application-win32\release\cricuttaskbarapplication.exe] => (Allow) C:\users\kitchen pc\appdata\roaming\cricut design space\web\taskbar-application-win32\release\cricuttaskbarapplication.exe (Provo Craft & Novelty, Inc. -> Cricut, Inc.)
FirewallRules: [{4E02DB3C-ED52-42E3-9A49-BC09D451A3ED}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{64918D6A-8C81-4119-85CB-1D5AAF393CDC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9524A563-6B49-401C-93DB-FC17A6D88B9D}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{7159AAF6-5DD4-45A0-98A9-D7B16062EA32}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{8DDF18C9-DD57-4CC2-AE01-E4BA9CD43DE6}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{03984D40-3BA3-4307-A88A-42776A96583E}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{FB35F97B-2F6F-4904-A847-182ECD558806}] => (Allow) E:\Steam Games\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{941FC0CB-439C-47A8-A0D1-1AAE4515D892}] => (Allow) E:\Steam Games\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{978389D4-AF17-490D-991A-41D402125E36}] => (Allow) E:\Steam Games\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7581C2C9-19BF-43EE-821D-F319C1AD1248}] => (Allow) E:\Steam Games\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{AECD1749-0224-4F69-ADBA-877EA04AEBF7}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B843CFFC-E1C3-41D1-95A2-70C217EEA8A0}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A16FB46E-4B53-40FC-9610-F021D82C7BE4}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{09BECE65-B352-4C04-A99A-8BAE3DD1993D}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{495758DA-5CD0-44E0-8BE2-5E01101FD0F1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E50EAA3A-0F6E-4B9F-9C8F-37AA6A1DC64D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{23798339-D0F5-46FC-BA96-A5ED56B5C996}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{38E9F9E8-F6AF-4867-BC83-15EB2CFA0874}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{429D3E6A-4453-4EDB-84F4-B39D6788CD07}] => (Allow) E:\Steam Games\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{F812CB07-BAC4-421D-AC10-DBF4A03B0869}] => (Allow) E:\Steam Games\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{6009C77D-FAD1-4E26-B311-9EBE013C2A57}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DC2FF1AE-CB4B-4E84-B98E-921A0B09FE5D}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B39411C3-6801-4816-9A3A-5109527B7D7E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

16-11-2021 15:17:41 Scheduled Checkpoint
28-11-2021 10:34:03 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/28/2021 07:35:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RocketLeague.exe, version: 1.0.10897.0, time stamp: 0x618c6db9
Faulting module name: EOSSDK-Win64-Shipping.dll, version: 1.13.0.0, time stamp: 0x616a18ef
Exception code: 0xc0000005
Fault offset: 0x000000000040677f
Faulting process id: 0x25c0
Faulting application start time: 0x01d7e4bd4ffd4cf1
Faulting application path: E:\Steam Games\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe
Faulting module path: E:\Steam Games\steamapps\common\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll
Report Id: f06eee92-fae0-499a-8b2a-affa93b6b10c
Faulting package full name:
Faulting package-relative application ID:

Error: (11/28/2021 04:55:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RocketLeague.exe, version: 1.0.10897.0, time stamp: 0x618c6db9
Faulting module name: EOSSDK-Win64-Shipping.dll, version: 1.13.0.0, time stamp: 0x616a18ef
Exception code: 0xc0000005
Fault offset: 0x000000000040677f
Faulting process id: 0xacc
Faulting application start time: 0x01d7e4a2b24bb33d
Faulting application path: E:\Steam Games\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe
Faulting module path: E:\Steam Games\steamapps\common\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll
Report Id: ed502e3a-6e69-42b7-bfad-2908fe82dc52
Faulting package full name:
Faulting package-relative application ID:

Error: (11/28/2021 04:55:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.19041.746, time stamp: 0x6be51595
Faulting module name: ism.dll, version: 10.0.19041.1348, time stamp: 0x46f9dfe5
Exception code: 0xc0000005
Fault offset: 0x0000000000088c1a
Faulting process id: 0xeb8
Faulting application start time: 0x01d7e4a2dbc94dba
Faulting application path: C:\WINDOWS\System32\dwm.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ism.dll
Report Id: 47a88e60-987d-4bc8-ada0-dbf642a2a9dd
Faulting package full name:
Faulting package-relative application ID:

Error: (11/28/2021 03:56:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.19041.746, time stamp: 0x6be51595
Faulting module name: ism.dll, version: 10.0.19041.1348, time stamp: 0x46f9dfe5
Exception code: 0xc0000005
Fault offset: 0x0000000000088c1a
Faulting process id: 0x2fcc
Faulting application start time: 0x01d7e41ecb83f823
Faulting application path: C:\WINDOWS\System32\dwm.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ism.dll
Report Id: 79f61598-7bbf-47a6-888a-34d91ca7848f
Faulting package full name:
Faulting package-relative application ID:

Error: (11/28/2021 01:31:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RocketLeague.exe, version: 1.0.10897.0, time stamp: 0x618c6db9
Faulting module name: EOSSDK-Win64-Shipping.dll, version: 1.13.0.0, time stamp: 0x616a18ef
Exception code: 0xc0000005
Fault offset: 0x000000000040677f
Faulting process id: 0x275c
Faulting application start time: 0x01d7e48afde8e403
Faulting application path: E:\Steam Games\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe
Faulting module path: E:\Steam Games\steamapps\common\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll
Report Id: 361d9b1f-4dfb-4802-b177-b566d4696884
Faulting package full name:
Faulting package-relative application ID:

Error: (11/27/2021 02:46:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RocketLeague.exe, version: 1.0.10897.0, time stamp: 0x618c6db9
Faulting module name: EOSSDK-Win64-Shipping.dll, version: 1.13.0.0, time stamp: 0x616a18ef
Exception code: 0xc0000005
Fault offset: 0x000000000040677f
Faulting process id: 0x1608
Faulting application start time: 0x01d7e3c0274bcc2e
Faulting application path: E:\Steam Games\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe
Faulting module path: E:\Steam Games\steamapps\common\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll
Report Id: c8e1eaa2-b99a-497f-921f-c66e95420694
Faulting package full name:
Faulting package-relative application ID:

Error: (11/27/2021 12:48:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RocketLeague.exe, version: 1.0.10897.0, time stamp: 0x618c6db9
Faulting module name: EOSSDK-Win64-Shipping.dll, version: 1.13.0.0, time stamp: 0x616a18ef
Exception code: 0xc0000005
Fault offset: 0x000000000040677f
Faulting process id: 0x1154
Faulting application start time: 0x01d7e3bda25d05c7
Faulting application path: E:\Steam Games\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe
Faulting module path: E:\Steam Games\steamapps\common\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll
Report Id: 948e8681-8c44-461d-9543-7f115b460bae
Faulting package full name:
Faulting package-relative application ID:

Error: (11/27/2021 08:53:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RocketLeague.exe, version: 1.0.10897.0, time stamp: 0x618c6db9
Faulting module name: EOSSDK-Win64-Shipping.dll, version: 1.13.0.0, time stamp: 0x616a18ef
Exception code: 0xc0000005
Fault offset: 0x000000000040677f
Faulting process id: 0x1ea0
Faulting application start time: 0x01d7e3982cee1d80
Faulting application path: E:\Steam Games\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe
Faulting module path: E:\Steam Games\steamapps\common\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll
Report Id: dd6da99f-6204-4841-8fe1-f83d7e301015
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (11/28/2021 09:37:46 AM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (11/27/2021 12:53:33 PM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (11/27/2021 12:52:47 PM) (Source: DCOM) (EventID: 10005) (User: marcyandmatt)
Description: DCOM got error "1053" attempting to start the service WpnUserService_172164bb with arguments "Unavailable" in order to run the server:
{1FFE4FFD-25B1-40B1-A1EA-EF633353BB4E}

Error: (11/27/2021 12:52:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Push Notifications User Service_172164bb service to connect.

Error: (11/27/2021 12:52:45 PM) (Source: DCOM) (EventID: 10010) (User: marcyandmatt)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (11/27/2021 12:52:45 PM) (Source: DCOM) (EventID: 10010) (User: marcyandmatt)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (11/27/2021 12:52:45 PM) (Source: DCOM) (EventID: 10010) (User: marcyandmatt)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (11/27/2021 12:52:45 PM) (Source: DCOM) (EventID: 10010) (User: marcyandmatt)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


CodeIntegrity:
===============
Date: 2021-11-28 13:39:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\setup\uat_3160.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 4502 07/13/2021
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX B450-F GAMING
Processor: AMD Ryzen 5 1600 Six-Core Processor
Percentage of memory in use: 29%
Total physical RAM: 16309.25 MB
Available physical RAM: 11540.44 MB
Total Virtual: 32693.25 MB
Available Virtual: 26251.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.93 GB) (Free:55.8 GB) NTFS
Drive e: (Game Drive) (Fixed) (Total:111.79 GB) (Free:64.8 GB) NTFS

\\?\Volume{65deb483-c4b3-11e5-892c-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{f6a1c669-0000-0000-0000-a0c137000000}\ () (Fixed) (Total:0.54 GB) (Free:0.12 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: AA8A7DE5)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: F6A1C669)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=556 MB) - (Type=27)

==================== End of Addition.txt =======================

Attached Files


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,042 posts
  • MVP

Looking at your logs I can see that your PC is rather old (probably upgraded from Win 7) and the symptoms you describe sound like a heat problem to me tho I do see some errors from Rocket League.  (Windows says it is trying to access memory it is not allowed to access which usually means you need a newer version).

 

Let's install Speedfan to monitor the temps in real time:

 


http://www.filehippo...nload_speedfan/

Download, save and Install it (Win 7+ or Vista right click and Run As Admin.) then run it (Win 7+ or Vista right click and Run As Admin.).

It will tell you your temps in real time tho the default is to show the hard drive temp in the systray.  You can change it:  Hit Configure then click on the highest CPU temp and check Show in tray.  
Win 10 hides icons by default so: Settings, Personalization,  Taskbar, Select which Icons appear on Taskbar,  then turn Speedfan ON.
With no other programs running what is the highest CPU temp you see?  Run the following fixlist and watch the temp.  What is the highest temp now?
 

We don't really want it to go over about 65 under load.  If it does it usually means either the fan is defective (speedfan should tell you your fan speed so you can see if it is running) or (most likely) the interface between the fan and the heatsink is clogged with dust. The best fix for a clogged heatsink is to remove the fan (not the heatsink or heatpipe) and vacuum out the heatsink.  However on some PCs this is major surgery.  Sometimes you can blow air backwards through the exhaust vent while vacuuming at the input vent and if you are lucky it may clear the heatsink.  Don't do it too long as the fan may overrev.  If the PC is a laptop that really doesn't go anywhere then a cooling tray can help.

 

Let's let FRST check your system files and remove some deadwood (entries which point to files which are no longer there).  Normally takes about 25 minutes but on a slow PC may take an hour.
Be Patient!  Will need a reboot when done.

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   24.99KB   0 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.


 

 


  • 0






Similar Topics

3 user(s) are reading this topic

1 members, 2 guests, 0 anonymous users


    RKinner

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP