Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I am losing storage space fast


  • Please log in to reply

#1
Gib80

Gib80

    Member

  • Member
  • PipPip
  • 46 posts

Something has happened, I received a new Windows 10 laptop as a gift and the only problem that I have is lost of space. I started at close to 178 GB on the hard drive and now I'm down to 163 GB that are free. I downloaded Spacesniffer to use and it is letting me know that Microsoft, the package (idk what this is) and Avast are the main causes, but I like Avast Anti-Virus. 

 

 

I also want to keep the browsing history on Microsoft Edge, Google Chrome and Firefox.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2022 01
Ran by fcp (administrator) on LAPTOP-3OT9TL6O (HP HP Laptop 17-by3xxx) (23-02-2022 08:51:07)
Running from C:\Users\fcp\Desktop
Loaded Profiles: fcp
Platform: Microsoft Windows 10 Home Version 20H2 19042.1526 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_9ea30e7f88626f47\igfxCUIServiceN.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9ea30e7f88626f47\igfxEMN.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\AppHelperCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\BridgeCommunication.exe <2>
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_e3868713e3d137ef\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9ea30e7f88626f47\igfxCUIServiceN.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_caa7639078e34732\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_6ce565ec54103c62\IntelCpHDCPSvc.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9971779a1c712866\RtkAudUService64.exe <2>
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <33>
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9971779a1c712866\RtkAudUService64.exe [1201968 2020-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2022-02-13] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-4093771387-2409105371-3931295374-1002\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2022-01-14] (HP Inc.) [File not signed]
HKU\S-1-5-21-4093771387-2409105371-3931295374-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35646080 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\98.0.4758.102\Installer\chrmstp.exe [2022-02-15] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {06CAD6CF-31DD-456F-AA09-EC363F2BC2C3} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4992792 2022-02-13] (Avast Software s.r.o. -> AVAST Software)
Task: {0E47F8C0-1264-4665-B754-9A478A16D6B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145440 2022-01-20] (HP Inc. -> HP Inc.)
Task: {17854942-55D6-4C1E-80F7-4E47891212DC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-02-14] (Piriform Software Ltd -> Piriform)
Task: {1D9702A0-C50E-4192-B07A-A8C1C6AF0083} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {2BDBEF12-1966-4760-932E-C96B0E889676} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2022-01-13] (Avast Software s.r.o. -> Avast Software)
Task: {3EEFBA9F-6644-45BE-A272-3FF06F88C77C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880136 2022-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {476D05D6-0895-422C-A64D-78FE7EDABA75} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-01-13] (Google Inc -> Google LLC)
Task: {5255A1A7-4913-4891-8D0E-5577AA6DA89C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2022-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {52724441-4EE4-49EF-AF4B-DCFDEFCAF193} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145440 2022-01-20] (HP Inc. -> HP Inc.)
Task: {5AA2575D-56B3-4844-8555-16414799E962} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [314032 2022-01-20] (HP Inc. -> HP Inc.)
Task: {5F2D4127-C216-4FBE-881E-08B22E6EBDCE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-01-13] (Google Inc -> Google LLC)
Task: {8DA7AF4B-AF55-477C-A420-C4AF5E1EC521} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {99466A36-D32C-43F2-84C8-22355FCF49B3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-01-20] (HP Inc. -> HP Inc.)
Task: {A1BD8DD4-2F5A-40F4-852A-9A45891DAEDD} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {AB1AB8F9-B7F6-4753-8086-EFB6722C27AB} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler => C:\Program Files\RUXIM\PLUGscheduler.exe [369512 2022-01-12] (Microsoft Windows -> Microsoft Corporation)
Task: {AC78B4EF-02AB-48D6-A9BA-C8A99F4DF87F} - System32\Tasks\CCleanerSkipUAC - fcp => C:\Program Files\CCleaner\CCleaner.exe [29764224 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D4A41922-5753-460E-9B34-EAC583C0BE83} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880136 2022-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0AB4127-8129-408C-92CD-DB83C34F4EF6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2022-02-21] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{132bf822-3b20-409b-89d9-47d55c74bf88}: [DhcpNameServer] 192.168.1.254
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\fcp\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-23]
Edge Notifications: Default -> hxxps://lichess.org
Edge Extension: (Avast Online Security & Privacy) - C:\Users\fcp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2022-01-24]
 
FireFox:
========
FF DefaultProfile: bh2s1h8w.default
FF ProfilePath: C:\Users\fcp\AppData\Roaming\Mozilla\Firefox\Profiles\bh2s1h8w.default [2022-01-14]
FF ProfilePath: C:\Users\fcp\AppData\Roaming\Mozilla\Firefox\Profiles\tp5qfvk1.default-release [2022-02-23]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-01-13] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR Profile: C:\Users\fcp\AppData\Local\Google\Chrome\User Data\Default [2022-02-23]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Slides) - C:\Users\fcp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-13]
CHR Extension: (Docs) - C:\Users\fcp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-13]
CHR Extension: (Google Drive) - C:\Users\fcp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-13]
CHR Extension: (YouTube) - C:\Users\fcp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-13]
CHR Extension: (Sheets) - C:\Users\fcp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-13]
CHR Extension: (Google Docs Offline) - C:\Users\fcp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\fcp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-13]
CHR Extension: (Gmail) - C:\Users\fcp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-13]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8482384 2022-02-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [563992 2022-02-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [563992 2022-02-13] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-01-13] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124536 2022-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\AppHelperCap.exe [762920 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\DiagsCap.exe [759800 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\NetworkCap.exe [756736 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\SysInfoCap.exe [760304 2022-01-19] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe [494672 2021-11-21] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-02-09] (Malwarebytes Inc -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\NisSrv.exe [2876152 2022-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MsMpEng.exe [128360 2022-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [127936 2019-05-13] (Alcorlink Corp. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2022-02-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [226328 2022-02-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [368664 2022-02-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [251928 2022-02-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2022-02-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2022-01-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2022-02-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [267904 2022-02-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [545784 2022-02-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108888 2022-02-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2022-02-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [854272 2022-02-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [550904 2022-02-13] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2022-02-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317696 2022-02-16] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 iaLPSS2_GPIO2_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_90beccc7e046abab\iaLPSS2_GPIO2_ICL.sys [132872 2020-04-27] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-04-27] (Intel Corporation -> Intel Corporation)
R3 IntcBTAu; C:\WINDOWS\System32\DriverStore\FileRepository\intcbtau.inf_amd64_0d2e7834c92ff8a0\IntcBTAu.sys [725384 2020-12-17] ((PREPRODUCTION USE ONLY) Smart Sound Technology -> Intel® Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220568 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-02-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-02-09] (Malwarebytes Inc -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2022-01-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435432 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
S3 WinRing0_1_2_0; \??\C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_942053d68a2ba613\x64\OpenHardwareMonitorLib.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-02-22 19:59 - 2022-02-22 19:59 - 000220568 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-02-22 19:59 - 2022-02-22 19:59 - 000000000 ____D C:\WINDOWS\Panther
2022-02-22 11:05 - 2022-02-22 11:05 - 000000000 ____D C:\Users\fcp\Downloads\spacesniffer_1_3_0_2
2022-02-22 01:45 - 2022-02-22 01:45 - 001658900 _____ C:\Users\fcp\Downloads\spacesniffer_1_3_0_2.zip
2022-02-19 09:39 - 2022-02-19 09:39 - 000025495 _____ C:\Users\fcp\Desktop\Addition.txt
2022-02-18 03:49 - 2019-11-07 12:29 - 000000000 ____D C:\Users\fcp\Downloads\Perfect2019
2022-02-18 03:42 - 2022-02-18 03:42 - 002489341 _____ C:\Users\fcp\Downloads\Perfect_2019_books.7z
2022-02-17 21:02 - 2022-02-23 08:51 - 000020904 _____ C:\Users\fcp\Desktop\FRST.txt
2022-02-17 19:27 - 2022-02-17 19:27 - 000000000 ____D C:\Users\fcp\Downloads\Vafra.smp2.w64.2.15.0
2022-02-17 19:22 - 2022-02-17 19:22 - 000489291 _____ C:\Users\fcp\Downloads\Vafra.smp2.w64.2.15.0.zip
2022-02-17 17:48 - 2022-02-20 01:33 - 000000000 ____D C:\Users\fcp\Documents\x86III
2022-02-17 16:53 - 2022-02-17 16:53 - 001533613 _____ (Igor Pavlov) C:\Users\fcp\Downloads\7z2107-x64.exe
2022-02-17 16:53 - 2022-02-17 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-02-17 16:53 - 2022-02-17 16:53 - 000000000 ____D C:\Program Files\7-Zip
2022-02-17 16:11 - 2022-02-17 16:11 - 000000000 ____D C:\Users\fcp\Downloads\max
2022-02-17 16:00 - 2022-02-17 16:00 - 000442193 _____ C:\Users\fcp\Downloads\max.zip
2022-02-17 13:30 - 2022-02-17 13:30 - 000164866 _____ C:\Users\fcp\Downloads\Engines.zip
2022-02-17 13:16 - 2022-02-17 13:16 - 000066286 _____ C:\Users\fcp\Downloads\New folder (3).zip
2022-02-17 13:11 - 2022-02-18 03:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-02-16 02:55 - 2022-02-16 02:55 - 000000000 ____D C:\Users\fcp\Downloads\Vafra.AVX2.w64.3.3.0
2022-02-16 02:53 - 2022-02-16 02:54 - 082975408 _____ C:\Users\fcp\Downloads\Vafra.AVX2.w64.3.3.0.zip
2022-02-16 02:52 - 2022-02-16 02:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2022-02-16 02:52 - 2022-02-16 02:52 - 000000000 ____D C:\Program Files\CPUID
2022-02-16 02:46 - 2022-02-16 02:46 - 002052952 _____ (CPUID, Inc. ) C:\Users\fcp\Downloads\cpu-z_1.99-en.exe
2022-02-16 01:57 - 2022-02-23 08:51 - 000000000 ____D C:\FRST
2022-02-16 01:05 - 2022-02-16 01:05 - 002312192 _____ (Farbar) C:\Users\fcp\Desktop\FRST64.exe
2022-02-15 03:15 - 2022-02-15 03:15 - 000000000 ____D C:\Users\fcp\Downloads\x86II
2022-02-15 03:09 - 2022-02-15 03:10 - 001941010 _____ C:\Users\fcp\Downloads\x86II.zip
2022-02-13 19:26 - 2022-02-13 19:26 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-02-13 19:26 - 2022-02-13 19:26 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-02-11 02:34 - 2022-02-20 06:31 - 000000000 ____D C:\Users\fcp\AppData\Local\CrashDumps
2022-02-10 19:10 - 2022-02-10 19:10 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-10 19:10 - 2022-02-10 19:10 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-10 19:10 - 2022-02-10 19:10 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-10 19:10 - 2022-02-10 19:10 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-10 19:10 - 2022-02-10 19:10 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-10 19:03 - 2022-02-10 19:03 - 000000000 ___HD C:\$WinREAgent
2022-02-09 23:04 - 2022-02-10 05:40 - 000000000 ____D C:\Users\fcp\AppData\LocalLow\IGDump
2022-02-09 23:03 - 2022-02-09 23:03 - 000000000 ____D C:\Users\fcp\AppData\Local\mbam
2022-02-09 23:02 - 2022-02-09 23:02 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-02-09 23:02 - 2022-02-09 23:02 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-02-09 23:02 - 2022-02-09 23:02 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-02-09 23:02 - 2022-02-09 23:02 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-02-09 23:02 - 2022-02-09 23:02 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-02-09 23:02 - 2022-02-09 23:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-02-09 23:02 - 2022-02-09 23:02 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-09 23:00 - 2022-02-09 23:00 - 002911928 _____ (Malwarebytes) C:\Users\fcp\Downloads\MBSetup.exe
2022-02-09 07:48 - 2022-02-23 02:00 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-02 07:28 - 2022-02-22 10:36 - 000000000 ____D C:\Users\fcp\Desktop\MyGames_Events
2022-02-01 03:29 - 2022-02-22 08:33 - 000000000 ____D C:\Program Files (x86)\Arena
2022-02-01 03:29 - 2022-02-01 03:29 - 000001187 _____ C:\Users\Public\Desktop\Arena.lnk
2022-02-01 03:29 - 2022-02-01 03:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arena
2022-01-31 20:31 - 2022-01-31 20:31 - 016992844 _____ ( ) C:\Users\fcp\Downloads\arena_3.5.1setup.exe
2022-01-31 18:28 - 2022-01-31 18:28 - 000376484 _____ C:\Users\fcp\Downloads\Resized_20220131_174317_7483.jpeg
2022-01-31 02:48 - 2022-01-31 02:48 - 000000000 ____D C:\Users\fcp\Downloads\Winboard-4.9.1
2022-01-31 02:45 - 2022-01-31 02:45 - 000797250 _____ C:\Users\fcp\Downloads\Winboard-4.9.1.zip
2022-01-29 21:24 - 2022-01-29 21:24 - 000380290 _____ C:\Users\fcp\Downloads\Resized_20220129_100056_8546.jpeg
2022-01-28 18:27 - 2022-01-28 18:27 - 000433570 _____ C:\Users\fcp\Downloads\Resized_20220128_143858_5618.jpeg
2022-01-27 17:26 - 2022-01-27 17:26 - 000417743 _____ C:\Users\fcp\Downloads\Resized_20220127_172240_2615.jpeg
2022-01-26 17:19 - 2022-01-26 17:19 - 000000000 ____D C:\Users\fcp\AppData\Roaming\Hewlett-Packard
2022-01-25 15:15 - 2022-01-25 15:15 - 000519077 _____ C:\Users\fcp\Downloads\Resized_20220124_131524_3026.jpeg
2022-01-24 20:17 - 2022-02-23 07:06 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E1BCA668-A3A6-46F9-8F98-9C911FF0622A}
2022-01-24 14:05 - 2022-01-24 14:06 - 000467493 _____ C:\Users\fcp\Downloads\Resized_20220124_135545_6430.jpeg
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-02-23 08:25 - 2022-01-14 01:21 - 000000000 ____D C:\Users\fcp\AppData\LocalLow\Mozilla
2022-02-23 08:22 - 2022-01-13 19:08 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-23 08:22 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-23 06:46 - 2022-01-14 03:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-23 06:20 - 2022-01-21 00:42 - 000000000 ____D C:\Program Files\CCleaner
2022-02-23 01:54 - 2021-10-13 09:47 - 000000000 ____D C:\Users\fcp\AppData\Local\D3DSCache
2022-02-22 20:30 - 2022-01-13 19:08 - 000000000 ____D C:\Users\fcp\AppData\Local\Avast Software
2022-02-22 20:04 - 2022-01-14 03:10 - 000845872 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-22 20:04 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-22 19:59 - 2022-01-15 02:07 - 000000000 __SHD C:\Users\fcp\IntelGraphicsProfiles
2022-02-22 19:59 - 2022-01-14 03:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-22 19:59 - 2022-01-14 03:01 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-22 19:59 - 2022-01-13 19:05 - 000000000 ____D C:\ProgramData\Avast Software
2022-02-22 19:59 - 2021-07-24 09:52 - 000000000 ___RD C:\Users\fcp\OneDrive
2022-02-22 19:59 - 2020-05-09 19:28 - 000000000 ____D C:\Intel
2022-02-22 19:59 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-22 19:59 - 2019-12-07 03:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-02-22 19:58 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-22 08:31 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-21 01:29 - 2020-03-13 07:41 - 000000000 ____D C:\Program Files\Microsoft Office
2022-02-19 18:13 - 2022-01-13 16:52 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-19 09:54 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-19 07:25 - 2021-04-13 04:09 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-19 07:25 - 2021-04-13 04:09 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-02-19 06:21 - 2022-01-14 03:06 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4093771387-2409105371-3931295374-1002
2022-02-19 06:21 - 2022-01-14 03:06 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4093771387-2409105371-3931295374-1002
2022-02-19 06:21 - 2022-01-14 03:03 - 000002384 _____ C:\Users\fcp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-18 03:39 - 2022-01-14 01:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-18 01:55 - 2022-01-14 03:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-02-18 01:55 - 2022-01-14 01:21 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-02-18 01:53 - 2022-01-13 19:38 - 000000000 ____D C:\Program Files\ruxim
2022-02-17 21:04 - 2022-01-21 00:42 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-02-17 21:04 - 2022-01-14 03:06 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-02-17 20:55 - 2021-07-24 09:50 - 000000000 ____D C:\Users\fcp\AppData\Local\Packages
2022-02-16 14:43 - 2022-01-15 06:40 - 000057208 _____ C:\Users\fcp\Documents\ljs.txt
2022-02-16 08:42 - 2022-01-13 19:07 - 000368664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-02-16 02:27 - 2022-01-13 19:07 - 000317696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-02-15 15:15 - 2022-01-13 19:09 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-15 15:15 - 2022-01-13 19:09 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-02-13 19:32 - 2022-01-15 04:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-02-13 19:31 - 2022-01-14 03:01 - 000466496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-13 19:31 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-13 19:31 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-13 19:31 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-13 19:31 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-13 19:31 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-13 19:31 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-13 19:30 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-13 19:30 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-13 19:30 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-13 19:30 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-13 19:26 - 2022-01-14 04:08 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2022-02-13 19:26 - 2022-01-13 19:07 - 000854272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-02-13 19:26 - 2022-01-13 19:07 - 000550904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-02-13 19:26 - 2022-01-13 19:07 - 000545784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-02-13 19:26 - 2022-01-13 19:07 - 000267904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-02-13 19:26 - 2022-01-13 19:07 - 000251928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-02-13 19:26 - 2022-01-13 19:07 - 000226328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-02-13 19:26 - 2022-01-13 19:07 - 000108888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-02-13 19:26 - 2022-01-13 19:07 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-02-13 19:26 - 2022-01-13 19:07 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-02-13 19:26 - 2022-01-13 19:07 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-02-13 19:26 - 2022-01-13 19:07 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-02-13 19:26 - 2019-12-07 03:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-02-11 13:08 - 2022-01-13 19:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-11 13:05 - 2022-01-13 19:38 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-10 19:10 - 2022-01-14 03:06 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-02-09 23:21 - 2022-01-15 06:40 - 000000655 _____ C:\Users\fcp\Documents\DriverEasy.txt
2022-02-07 04:03 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-01-28 16:42 - 2022-01-15 06:40 - 000002338 _____ C:\Users\fcp\Documents\dspp.txt
2022-01-26 19:10 - 2022-01-15 06:40 - 000002707 _____ C:\Users\fcp\Documents\ChessT_usernames.txt
2022-01-26 16:20 - 2022-01-15 06:25 - 000000000 ____D C:\Users\fcp\AppData\Local\HP
2022-01-26 01:53 - 2022-01-18 03:19 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d80925c470349c
2022-01-26 01:53 - 2022-01-14 03:06 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-24 14:29 - 2022-01-14 03:06 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-24 14:29 - 2022-01-14 03:06 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-24 14:29 - 2022-01-14 03:06 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-24 14:29 - 2022-01-14 03:06 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4093771387-2409105371-3931295374-1001
2022-01-24 14:29 - 2022-01-14 03:06 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4093771387-2409105371-3931295374-500
2022-01-24 14:29 - 2022-01-14 03:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-01-24 09:28 - 2022-01-21 00:42 - 000002250 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - fcp
2022-01-24 05:23 - 2022-01-13 19:09 - 000000000 ____D C:\Users\fcp\AppData\Local\Google
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2022 01
Ran by fcp (23-02-2022 08:51:48)
Running from C:\Users\fcp\Desktop
Microsoft Windows 10 Home Version 20H2 19042.1526 (X64) (2022-01-14 09:07:04)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-4093771387-2409105371-3931295374-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4093771387-2409105371-3931295374-503 - Limited - Disabled)
fcp (S-1-5-21-4093771387-2409105371-3931295374-1002 - Administrator - Enabled) => C:\Users\fcp
Guest (S-1-5-21-4093771387-2409105371-3931295374-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4093771387-2409105371-3931295374-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 21.07 (x64) (HKLM\...\7-Zip) (Version: 21.07 - Igor Pavlov)
Arena 3.5.1 (HKLM-x32\...\Arena 3.5.1_is1) (Version:  - )
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.1.2504 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.90 - Piriform)
CPUID CPU-Z 1.99 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.99 - CPUID, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.102 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Malwarebytes version 4.5.2.157 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.2.157 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14827.20198 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.56 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4093771387-2409105371-3931295374-1002\...\OneDriveSetup.exe) (Version: 22.022.0130.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 97.0.1 (x64 en-US)) (Version: 97.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 96.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20198 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20198 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
 
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2022-01-13] (Amazon.com)
Booking.com USA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comUSABigsavingson_2.0.5.0_x64__mgae2k3ys4ra0 [2022-01-14] (Priceline Partner Network)
Dropbox for S mode -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_22.4.4.0_x64__xbfy0k16fey96 [2022-01-13] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2020-05-09] (HP Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.14.225.0_x64__v10z8vjag6ke6 [2022-01-15] (HP Inc.)
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6 [2022-01-13] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2022-01-14] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-01-29] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.13.85.0_x64__v10z8vjag6ke6 [2022-01-26] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6 [2022-01-21] (HP Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt [2022-01-15] (INTEL CORP) [Startup Task]
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1024.0_x64__8j3eq9eme6ctt [2022-02-10] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-14] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-19] (Netflix, Inc.)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2022-01-13] (Random Salad Games LLC)
sMedio True DVD for HP -> C:\Program Files\WindowsApps\0E3921EB.sMedioTrueDVDforHP_1.1.146.0_x64__agwrg61xdd7p4 [2022-01-13] (sMedio Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0 [2022-02-19] (Spotify AB) [Startup Task]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_59691a4ee8d947dd\OptaneShellExt.dll [2021-10-12] (Intel Corporation -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-02-13] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-02-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-02-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-02-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-02-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_59691a4ee8d947dd\OptaneShellExt.dll [2021-10-12] (Intel Corporation -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-02-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-02-09] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2022-01-14 15:49 - 2022-01-14 16:29 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2022-02-17 16:53 - 2021-12-26 08:00 - 000093696 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
SearchScopes: HKLM -> {09E099E4-FFA4-40F0-AFA3-E636D5355112} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {09E099E4-FFA4-40F0-AFA3-E636D5355112} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-01-20] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-01-20] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-18 22:49 - 2019-03-18 22:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4093771387-2409105371-3931295374-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\fcp\Downloads\256803d1-aba2-3adc-970b-1fa9e326b190.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{BB64B1A2-D1E0-497C-A03A-A954CA0C9D3C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7680D047-1005-4E4E-882F-EBB0DF5422E5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{77BE53A2-07EC-46FA-83D8-E6BCED5EE6BA}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C9069E63-3CC6-4096-846C-A7A8B936B388}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FD338669-BF74-4D8A-AC6B-506C5C666C06}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DFE45F3B-C9D1-4BDA-B714-34708106570F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{226D6A45-A2E8-42EA-90B2-48A53C9AB3FA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{855FAAA0-EA42-4251-86A0-9CB58B3F555F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7FD7BCE6-3B9C-44C9-955C-FBF0A7DE572E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C5E39D7D-99EB-4603-B69E-06EA8A872201}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{313A52E2-3995-4565-8DE3-F1995C847E59}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{17F928C8-5C6C-4A6E-BBE9-1D26870295BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{955DA8E0-593C-48DD-889D-2B97C30C4A75}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{18C90ADD-CFFE-4B77-9336-F2CC208057EA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{222BBDC6-E303-4137-97BB-D447A43146A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{467718C4-BC1A-4747-A2D7-99B1E8365191}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FE58C89B-B7EC-4743-9221-C1727339E928}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B5A2569B-A999-4DC0-8887-4AD6565D9EAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{653AA3E3-E20F-4561-A5F7-72A40425F09C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85A920A6-A77D-428A-8BAC-DE4ACDC82109}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6D60A08-CE1F-4F93-9B92-9FB5626F6C7B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9397EDF3-1E29-46FA-84A1-46437CF34303}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
 
==================== Restore Points =========================
 
10-02-2022 19:02:55 Windows Modules Installer
10-02-2022 19:03:24 Windows Modules Installer
10-02-2022 19:03:51 Windows Modules Installer
20-02-2022 01:06:11 Windows Modules Installer
20-02-2022 01:26:09 Windows Modules Installer
20-02-2022 01:46:08 Windows Modules Installer
20-02-2022 06:10:05 Windows Modules Installer
20-02-2022 06:30:04 Windows Modules Installer
20-02-2022 06:50:03 Windows Modules Installer
20-02-2022 09:19:02 Windows Modules Installer
20-02-2022 09:53:44 Windows Modules Installer
21-02-2022 02:22:51 Windows Modules Installer
21-02-2022 02:42:50 Windows Modules Installer
21-02-2022 03:02:51 Windows Modules Installer
21-02-2022 03:22:49 Windows Modules Installer
21-02-2022 08:01:15 Windows Modules Installer
21-02-2022 08:21:15 Windows Modules Installer
21-02-2022 08:41:15 Windows Modules Installer
21-02-2022 09:01:16 Windows Modules Installer
21-02-2022 09:21:16 Windows Modules Installer
21-02-2022 09:41:17 Windows Modules Installer
21-02-2022 17:18:20 Windows Modules Installer
21-02-2022 17:38:19 Windows Modules Installer
21-02-2022 17:58:20 Windows Modules Installer
21-02-2022 18:18:20 Windows Modules Installer
21-02-2022 18:38:20 Windows Modules Installer
21-02-2022 18:58:21 Windows Modules Installer
21-02-2022 22:46:47 Windows Modules Installer
21-02-2022 23:06:46 Windows Modules Installer
21-02-2022 23:26:46 Windows Modules Installer
21-02-2022 23:46:47 Windows Modules Installer
22-02-2022 00:54:19 Windows Modules Installer
22-02-2022 01:14:18 Windows Modules Installer
22-02-2022 01:34:18 Windows Modules Installer
22-02-2022 01:54:20 Windows Modules Installer
22-02-2022 02:14:20 Windows Modules Installer
22-02-2022 02:34:20 Windows Modules Installer
22-02-2022 08:01:33 Windows Modules Installer
22-02-2022 08:21:32 Windows Modules Installer
22-02-2022 08:41:30 Windows Modules Installer
22-02-2022 09:01:31 Windows Modules Installer
22-02-2022 09:21:31 Windows Modules Installer
22-02-2022 09:41:31 Windows Modules Installer
22-02-2022 10:01:32 Windows Modules Installer
22-02-2022 10:21:32 Windows Modules Installer
22-02-2022 10:41:33 Windows Modules Installer
22-02-2022 11:01:33 Windows Modules Installer
22-02-2022 11:21:34 Windows Modules Installer
22-02-2022 15:33:52 Windows Modules Installer
22-02-2022 15:53:51 Windows Modules Installer
22-02-2022 16:13:52 Windows Modules Installer
22-02-2022 16:58:13 Windows Modules Installer
22-02-2022 17:18:13 Windows Modules Installer
22-02-2022 17:38:14 Windows Modules Installer
22-02-2022 17:58:14 Windows Modules Installer
22-02-2022 18:18:14 Windows Modules Installer
22-02-2022 19:58:25 Windows Modules Installer
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (02/22/2022 07:59:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Cortana.exe version 3.2111.12605.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2e74
 
Start Time: 01d82859059df8c2
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
 
Report Id: 5df60e74-4cf0-4895-8a5d-57bc3b56bd96
 
Faulting package full name: Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: App
 
Hang type: Quiesce
 
Error: (02/20/2022 01:31:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Vafra.w64.AVX2.3.3.0.exe, version: 3.3.0.0, time stamp: 0x620186f8
Faulting module name: ntdll.dll, version: 10.0.19041.1466, time stamp: 0xe2f8ca76
Exception code: 0xc0000005
Fault offset: 0x000000000002fd01
Faulting process id: 0xc0c
Faulting application start time: 0x01d825964ad33933
Faulting application path: C:\Users\fcp\Downloads\Vafra.AVX2.w64.3.3.0\Vafra\Vafra.w64.AVX2.3.3.0.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: c16e4898-c5be-48c6-baf4-203333a5e482
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (02/17/2022 09:00:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (02/17/2022 09:00:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (02/17/2022 09:00:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (02/17/2022 09:00:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (02/13/2022 07:32:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\Avast Software\Avast\aswToolsSvc.exe, PID: 4380, ProfSvc PID: 2916.
 
Error: (02/11/2022 04:22:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mcafee-security.exe version 2.1.68.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 25a0
 
Start Time: 01d81583bc12fbae
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
 
Report Id: 97e51480-edf3-40fe-aa04-37abc12011e4
 
Faulting package full name: 5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy
 
Faulting package-relative application ID: App
 
Hang type: Quiesce
 
 
System errors:
=============
Error: (02/22/2022 07:58:46 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-3OT9TL6O)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Error: (02/22/2022 07:58:46 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-3OT9TL6O)
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_3f0c2 with arguments "Unavailable" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell
 
Error: (02/22/2022 07:58:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BcastDVRUserService_3f0c2 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (02/22/2022 07:58:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the BcastDVRUserService_3f0c2 service to connect.
 
Error: (02/22/2022 07:58:41 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-3OT9TL6O)
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_3f0c2 with arguments "Unavailable" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell
 
Error: (02/22/2022 07:58:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BcastDVRUserService_3f0c2 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (02/22/2022 07:58:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the BcastDVRUserService_3f0c2 service to connect.
 
Error: (02/22/2022 07:58:41 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-3OT9TL6O)
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_3f0c2 with arguments "Unavailable" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell
 
 
CodeIntegrity:
===============
Date: 2022-02-23 06:18:47
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
 
Date: 2022-02-23 01:34:51
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2022-02-22 20:00:26
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: AMI F.03 03/20/2020
Motherboard: HP 868E
Processor: Intel® Core™ i5-1035G1 CPU @ 1.00GHz
Percentage of memory in use: 65%
Total physical RAM: 7880.73 MB
Available physical RAM: 2687.23 MB
Total Virtual: 18120.73 MB
Available Virtual: 11701.55 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:237.5 GB) (Free:163.23 GB) NTFS
 
\\?\Volume{d8ed2afb-56e3-4fe4-a170-f4545711efc9}\ () (Fixed) (Total:0.7 GB) (Free:0.08 GB) NTFS
\\?\Volume{fc6440fc-c84d-4bcf-b38d-731405676857}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 1E1F4777)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

If you look in Addition.txt under Restore Points you will see that you have gotten a lot of Windows Updates since Feb. 10th.  Each update replaces a bunch of Windows operating system files.  The replaced files are not deleted but are saved in case you want to (or need to) back out the update.  I expect the saved old files are eating up your storage space.  Also each update has created a restore point and these also take up space.  Windows has a procedure to remove the old files and unneeded restore points.

 

Click on the folder icon on the task bar (or search for file explorer and hit Enter).  Under This PC right click on Local Disk (C:) and select Properties.  Click on Disk Cleanup, click on Cleanup System Files and follow the prompts. 

 

Go back and click on Disk Cleanup, Cleanup System Files and then on the More Options tab.  Under System Restore and Shadow Copies, click on Cleanup.  This will remove all but the latest System Restore Point.  How much space do you have now?


  • 0

#3
Gib80

Gib80

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

I think I'm down to 161 GB free, hold on please.


  • 0

#4
Gib80

Gib80

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Ok, I did use disk cleanup a few minutes ago, however I'm still at 161 GB free. I can't find "more options" tab to take away restore points.

 

There's something else I've been doing,

 

I also put in some codes in Command Prompt. I would run as administrator and type in: dism /online /Cleanup-Image /AnalyzeComponentStore

 

hit enter

 

Then dism /online /Cleanup-Image /StartComponentCleanup

 

but, I only been able to do it once to clean WinSxS, because Command Prompt no longer recommend it.


Edited by Gib80, 24 February 2022 - 02:52 PM.

  • 0

#5
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

You should have seen some increase in available storage space after running the cleanup.  Did you perhaps tell Windows to backup your hard drive to itself?  Settings, Update & Security

Backup

Under Back up Using File History make sure the C: drive is not listed.

 

To get rid of System Restore points without the Options tab:

Go to Settings, System, About

 

Click on Advanced System Settings (on the far right)

 

Click on the System Protection tab.  

Click on Local Drive (C:)

Click  on Configure

 

It should tell you how much space System Restore is using.

 

Disable System Protection

Apply

Yes.

wait until it finishes then 

Space should drop to 0

 

 

Enable System Protection.

OK

Click on Create.  It will ask you for a name tell it something like Good.  When it finishes you can go back into Configure and see how much space a single Restore Point uses.  


  • 0

#6
Gib80

Gib80

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Something unexpected did happen yesterday, I went from 161 GB in my hard drive to 174 GB. On the attachment it displayed 9.81 GB and after those steps above it's at 7.25 GB. Over where it says Backup Using File History, the c drive was not listed.S.Restore.png


  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Sometimes you need to close File Explorer and open it again to see the real storage amount.  My PC only uses about 699 MB for a System Restore so not sure why yours is using 7.5 GB.  You might want to reduce the total amount of storage that System Restore is allowed to use otherwise it will climb back up again.

 

Also go back into Hard drive cleanup, System Cleanup and make sure you have everything checked.  IF they weren't checked that may be why you didn't see4 much effect.


  • 0

#8
Gib80

Gib80

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

I did see a lot of effect, I'm currently at 183 GB of free space and somehow it's stabilized. Do you think that if I go from 10% System Restore usage to 0 percentage it would stop producing restore points?


  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Hard to have a restore point without space to put it so yes it would stop creating restore points and I think it would erase any existing restore points.  Not a good idea.  Best to have at least one restore point in case something happens.  Perhaps reduce it from 10% to 5%.


  • 0

#10
Gib80

Gib80

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Will do, thanks you have been very helpful.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP