Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-09-2020 Ran by 61467 (03-10-2020 11:42:51) Running from C:\Users\61467\Downloads\2020-08 troubleshooting Windows 10 Home Version 1909 18363.1082 (X64) (2020-03-28 06:31:55) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= 61467 (S-1-5-21-435628809-1732938357-794168126-1001 - Administrator - Enabled) => C:\Users\61467 Administrator (S-1-5-21-435628809-1732938357-794168126-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-435628809-1732938357-794168126-503 - Limited - Disabled) Guest (S-1-5-21-435628809-1732938357-794168126-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-435628809-1732938357-794168126-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AS: McAfee VirusScan (Disabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2018.1016.918.14930 - Advanced Micro Devices, Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.12 - Advanced Micro Devices, Inc.) Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 20.7.2425 - Avast Software) Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 85.0.5815.103 - AVAST Software) Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden FreeFileSync 11.1 (HKLM-x32\...\FreeFileSync_is1) (Version: 11.1 - FreeFileSync.org) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) HP Audio Switch (HKLM-x32\...\{20A40E7C-E470-4E9F-9B5C-DDB2C205E856}) (Version: 1.0.154.0 - HP Inc.) HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.) HP DeskJet 3630 series Basic Device Software (HKLM\...\{FC9C77D9-11FD-43C2-8AB3-43387DA97846}) (Version: 40.13.1176.1978 - HP Inc.) HP DeskJet 3630 series Help (HKLM-x32\...\{5F074370-FEB0-4477-820F-A59DF28A933E}) (Version: 35.0.0 - Hewlett Packard) HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.) HP Dropbox Plugin (HKLM-x32\...\{C54DEA1F-7A8D-410B-A675-04E0FB562CB0}) (Version: 40.13.54.81239 - HP) HP Google Drive Plugin (HKLM-x32\...\{533B4739-13DD-4AAB-9524-070B3F0CE6ED}) (Version: 40.13.54.81239 - HP) HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.) HP JumpStart Bridge (HKLM-x32\...\{016FBF6D-AEDE-4D33-87B4-DF6815EF674A}) (Version: 1.4.0.485 - HP Inc.) HP JumpStart Launch (HKLM-x32\...\{35556CCA-F14E-48F3-93F4-E29C4B3DBE30}) (Version: 1.4.485.0 - HP Inc.) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP) LatencyMon 7.00 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.) LibreOffice 6.4.4.2 (HKLM\...\{F00C391B-6092-40E7-9ECD-144933865571}) (Version: 6.4.4.2 - The Document Foundation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.63 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - ) Microsoft OneDrive (HKU\S-1-5-21-435628809-1732938357-794168126-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-435628809-1732938357-794168126-1001\...\Teams) (Version: 1.3.00.4461 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation) OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Product Improvement Study for HP DeskJet 3630 series (HKLM\...\{0E1006BE-459C-4BDD-8265-C8D338575AA8}) (Version: 40.13.1176.1978 - HP Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8734.1 - Realtek Semiconductor Corp.) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.2.0.250 - Samsung Electronics) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.10.5 - TeamViewer) Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.1.47 - WildTangent) WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 1.0.0.427 - WildTangent) Hidden WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 6.0.0.43 - WildTangent) Hidden Zoom (HKU\S-1-5-21-435628809-1732938357-794168126-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.) Packages: ========= Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2020-02-06] (Adobe Systems Incorporated) Booking.com APAC: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comAPACBigsavingso_2.0.4.0_x64__mgae2k3ys4ra0 [2020-10-01] (Priceline Partner Network) Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-31] (Dropbox Inc.) EasyMail for Gmail -> C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGmail_3.1.6.0_x64__rcb0qdgx4z9ca [2020-07-29] (Tim Grabinat) [MS Ad] Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2019-06-30] (HP Inc.) HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.481.0_x86__v10z8vjag6ke6 [2019-06-30] (HP Inc.) HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.6.0_x64__v10z8vjag6ke6 [2020-08-11] (HP Inc.) HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.39.0_x64__v10z8vjag6ke6 [2020-10-01] (HP Inc.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-06-03] (HP Inc.) HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.6.761.0_x64__v10z8vjag6ke6 [2020-10-01] (HP Inc.) HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6 [2020-10-01] (HP Inc.) LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-10-24] (LinkedIn) Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.13231.20262.0_x86__8wekyb3d8bbwe [2020-10-01] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-31] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-31] (Microsoft Corporation) [MS Ad] Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.13231.20262.0_x86__8wekyb3d8bbwe [2020-10-01] (Microsoft Corporation) Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.13231.20262.0_x86__8wekyb3d8bbwe [2020-10-01] (Microsoft Corporation) Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13231.20262.0_x86__8wekyb3d8bbwe [2020-10-01] (Microsoft Corporation) Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.13231.20262.0_x86__8wekyb3d8bbwe [2020-10-01] (Microsoft Corporation) Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.13231.20262.0_x86__8wekyb3d8bbwe [2020-10-01] (Microsoft Corporation) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-23] (Microsoft Studios) [MS Ad] Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.13231.20262.0_x86__8wekyb3d8bbwe [2020-10-01] (Microsoft Corporation) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-29] (Netflix, Inc.) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-28] (Microsoft Corporation) Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.20.87.0_x64__kx24dqmazqk8j [2020-10-01] (Random Salad Games LLC) Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-26] (Synaptics Incorporated) WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.82.0_x64__qt5r5pa5dyg8m [2020-01-09] (WildTangent Games) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-435628809-1732938357-794168126-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\61467\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-435628809-1732938357-794168126-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\61467\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-23] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-23] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-23] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-10-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-23] (Avast Software s.r.o. -> AVAST Software) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2018-04-24 19:22 - 2018-04-24 19:22 - 000015360 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL 2018-04-24 19:22 - 2018-04-24 19:22 - 002519040 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2019-10-31 10:55 - 2019-10-31 10:55 - 000948736 _____ () [File not signed] C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGmail_3.1.6.0_x64__rcb0qdgx4z9ca\e_sqlite3.dll 2020-07-29 11:08 - 2020-07-29 11:09 - 027772416 _____ () [File not signed] C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGmail_3.1.6.0_x64__rcb0qdgx4z9ca\EasyMail.UwpApp.dll 2020-09-26 20:22 - 2020-09-26 20:22 - 000160768 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\2353baab00c73a1e7be668ba51f0503a\BRIDGECommon.ni.dll 2020-09-26 20:28 - 2020-09-26 20:28 - 000125440 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\df01490e5333a735f667593590f7b738\BridgeExtension.ni.dll 2020-09-26 20:28 - 2020-09-26 20:28 - 000395264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\2f0cc123ad1d3ee944edf8815cc2b62e\CleanStartController.ni.dll 2020-09-26 20:30 - 2020-09-26 20:30 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\bfcbb6a27b9f591d67fa38ab7a73991d\Interop.IWshRuntimeLibrary.ni.dll 2020-09-26 20:28 - 2020-09-26 20:28 - 000145920 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\0d44d4da521c8ad44a9e021adbba9773\RegistrationUtilities.ni.dll 2020-09-26 20:30 - 2020-09-26 20:30 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\9d2e1dee3f2b8484ebae18c6f09d594f\Hardcodet.Wpf.TaskbarNotification.ni.dll 2020-06-20 11:39 - 2020-06-20 11:40 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL 2020-09-26 20:28 - 2020-09-26 20:28 - 000136192 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\8acd68750c1a5a8edd9b534f08808fca\CommonPortable.ni.dll 2020-09-26 20:30 - 2020-09-26 20:30 - 001591808 _____ (Mark Heath) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\314542d34b337424520b8497df81615f\NAudio.ni.dll 2020-09-26 20:30 - 2020-09-26 20:30 - 003127808 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\7226f3c8170c670c6ed6a51152e4bad4\Newtonsoft.Json.ni.dll 2020-09-26 20:24 - 2020-09-26 20:24 - 002306560 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\daa0ded155e6d458d65c655739810b66\Newtonsoft.Json.ni.dll 2020-09-26 20:30 - 2020-09-26 20:30 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\39c067a21025ad45e85d05b9d4ee5ca4\log4net.ni.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000032256 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000039936 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000034304 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000024064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000481792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 001336320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll 2018-10-16 06:16 - 2018-10-16 06:16 - 005766144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2018-04-24 19:21 - 2018-04-24 19:21 - 006045184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2018-04-24 19:21 - 2018-04-24 19:21 - 000964096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2018-04-24 19:21 - 2018-04-24 19:21 - 000279552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2018-04-24 19:21 - 2018-04-24 19:21 - 003233792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 003406848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000109568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000325632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 069968896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 005523456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000282624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000194560 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 003281408 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000311296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2018-04-24 19:22 - 2018-04-24 19:22 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-435628809-1732938357-794168126-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-435628809-1732938357-794168126-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2020-01-09] (HP Inc. -> HP Inc.) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2020-01-09] (HP Inc. -> HP Inc.) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-09-15 15:31 - 2018-09-15 15:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-435628809-1732938357-794168126-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\61467\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 10.1.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{4562F3CB-5A57-419C-8A4D-35D372222324}] => (Allow) C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.) FirewallRules: [{E64D7799-9624-45B9-AAB7-302D3CDF1F8F}] => (Allow) LPort=5357 FirewallRules: [{9FCBB4AB-E01A-49AE-885C-210A20A4D122}] => (Allow) C:\Program Files\HP\HP DeskJet 3630 series\Bin\DeviceSetup.exe (HP Inc -> HP Inc.) FirewallRules: [{2AB65C2E-D5E3-4DDD-82F7-C2C0AE3A308A}] => (Allow) C:\Users\61467\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{77B03B5D-A6E1-4E2B-8F6F-A1A7F2B20147}] => (Allow) C:\Users\61467\AppData\Roaming\Zoom\bin\airhost.exe => No File FirewallRules: [{DA1C72CC-5BB3-4951-8EBB-B3A78E7E4679}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{9A08ED27-31AD-40B8-B7E1-2A2A037AD13E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{48E9861A-0AF5-4C6A-85F7-004563FC84C3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{5CEBA2B0-FC43-4D18-A666-1B62D85B128A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{1A3F8F16-C3CD-45ED-B19C-C572DCED53BC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{77B6C97E-3D24-4046-BD14-2DFCB0EB70CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{9A299069-9FFC-4BBF-8B28-1423AAEADF72}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13231.20262.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B92F8A16-8FA9-41F5-ACFC-C1F0EEE514F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{782C312A-CCCF-44A0-8315-6AEBE7A71E6F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{55634ACC-5054-4E6D-8FDD-E12878757D4B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{EA1EBAEB-26D7-4E88-92FB-F3EA76E81EA5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) ==================== Restore Points ========================= ATTENTION: System Restore is disabled (Total:118.01 GB) (Free:53.12 GB) (45%) ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== System errors: ============= Error: (10/03/2020 11:22:34 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-U5DF9B48) Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout. Error: (10/03/2020 11:19:50 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-U5DF9B48) Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout. CodeIntegrity: =================================== Date: 2020-10-03 11:32:42.134 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-10-03 11:32:41.305 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-10-03 11:32:40.621 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-10-03 11:32:39.545 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-10-03 11:32:38.992 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-10-03 11:32:38.760 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-10-03 11:32:38.370 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-10-03 11:32:38.161 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: Insyde F.20 05/15/2019 Motherboard: HP 84AC Processor: AMD A6-9225 RADEON R4, 5 COMPUTE CORES 2C+3G Percentage of memory in use: 48% Total physical RAM: 7645.68 MB Available physical RAM: 3952.96 MB Total Virtual: 8861.68 MB Available Virtual: 4044.66 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:53.12 GB) NTFS \\?\Volume{8311912f-1d8f-4bb2-a654-19c2e04de2d2}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.46 GB) NTFS \\?\Volume{52312345-98b5-4f28-8d63-64e76e3d75fe}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: 49AB139E) Partition: GPT. ==================== End of Addition.txt =======================