• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PC super laggy and slow

Status
Not open for further replies.
khval94

khval94

PCHF Member
Jul 11, 2021
45
7
32
#1
Hello,

I'm a new member, brought here by an issue I'm having with my hp laptop.

The reboot was extremely slow, which hasn't been an issue in the past & when everything finally loaded I was barely able to open any programs. Mozilla Firefox is the only browser that would open reliably albeit very slowly. I had noticed a few weeks past that my computer was beginning too operate less efficiently but this is the first time it's been basically in-operable.

Could someone please assist me in a diagnosis?

Many thanks,
-K

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-07-2021
Ran by khval (administrator) on LAPTOP-OH5CF8OA (HP HP Pavilion Laptop 15-cs1xxx) (11-07-2021 16:43:47)
Running from C:\Users\khval\Downloads
Loaded Profiles: khval
Platform: Windows 10 Home Version 2004 19041.1052 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe
(Conexant Systems LLC -> Conexant Systems LLC.) C:\Windows\System32\CxAudioSvc.exe
(Conexant Systems LLC -> Synaptics Incorporated.) C:\Windows\System32\SynAudSrv.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_4950c0f0d48ae6e7\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\SysInfoCap.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(Intel(R) pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_dc7a0fe3ada1cbf5\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_dc2a57d591329a30\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_dc2a57d591329a30\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a2d86d775f73d911\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a2d86d775f73d911\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_6baa580979143c3f\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intuit Inc.) [File not signed] C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Intuit Inc.) [File not signed] C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(Propelware -> Propelware) C:\Program Files (x86)\LivePlan\LivePlan Sync Manager\Autofy.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC) C:\Program Files (x86)\Toolkit\Toolkit.exe
(SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC) C:\Users\khval\AppData\Roaming\Toolkit\SeagateSecure\SeagateSecureService.exe
(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-07-05] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [528392 2020-09-05] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1977200 2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8520168 2021-02-18] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\...\Run: [Google Update] => C:\Users\khval\AppData\Local\Google\Update\1.3.36.82\GoogleUpdateCore.exe [217432 2021-04-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49925280 2021-06-18] (Google LLC -> )
HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3769248 2019-03-19] (HP Inc -> HP Inc.)
HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\...\Run: [Spotify] => C:\Users\khval\AppData\Roaming\Spotify\Spotify.exe [24091264 2021-06-28] (Spotify AB -> Spotify Ltd)
HKLM\...\Print\Monitors\HP CD11 Status Monitor: C:\WINDOWS\system32\hpinkstsCD11LM.dll [391992 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-06-30] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2019-11-11]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LivePlan Sync Manager.lnk [2020-07-20]
ShortcutTarget: LivePlan Sync Manager.lnk -> C:\Program Files (x86)\LivePlan\LivePlan Sync Manager\Autofy.exe (Propelware -> Propelware)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2019-11-11]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2019-11-11]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2019\QBW32.EXE (Intuit, Inc. -> Intuit Inc.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {013A54EE-F443-4CDB-B238-8158478901EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {052AF478-81B0-435D-A72C-1FEA4EB4B7EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {05B9EFF3-5153-424A-8B62-C9D2843169D4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0EA64369-2001-407A-907B-654C30280A5B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1118896 2021-07-11] (HP Inc. -> HP Inc.)
Task: {47FD3054-5D94-4B14-9B54-EE62E02F5E1A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-07-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {5F67B163-4B94-430B-9208-093D03774194} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2544099675-2571443181-3956208610-1001Core => C:\Users\khval\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {66086706-C370-4299-A193-DB734EB0DA61} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {72C011E9-5866-49B4-A1CE-9DBB8FE8AAF1} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [462696 2018-06-01] (HP Inc. -> HP Inc.)
Task: {79CFAADC-2211-4F59-8BBD-A19D52A7D954} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-07-11] (HP Inc. -> HP Inc.)
Task: {7F5910AE-1A75-44FE-8437-188A94AE552A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1118896 2021-07-11] (HP Inc. -> HP Inc.)
Task: {9388C579-89CE-471A-84EF-9E6B99E1E1A1} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2831232 2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {93C342FA-1411-4F53-A678-B0F277E43240} - System32\Tasks\HPCustParticipation HP Officejet 5740 series => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [6437792 2019-03-19] (HP Inc -> HP Inc.)
Task: {97BE0E21-31E8-473B-99D4-AD79226193D4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-05] (Google LLC -> Google LLC)
Task: {AD1595BE-D334-4005-A63F-C93516AEE4E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-05] (Google LLC -> Google LLC)
Task: {C03E7A5C-D5C1-4979-992C-65CED8CDB60E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2544099675-2571443181-3956208610-1001UA => C:\Users\khval\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {C765A63D-E29A-41EA-9FF8-21827F242837} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH6425X15V => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1118896 2021-07-11] (HP Inc. -> HP Inc.)
Task: {D3E8DD96-3FA9-4600-85CA-39B038731408} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [560816 2021-07-11] (HP Inc. -> HP Inc.)
Task: {DF0BEA7C-8EE7-4D95-83CD-B8BBD40FB54B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E4A626E2-4332-4229-87DF-EF6428D0472A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {EB297B3B-B80C-49A2-907B-B4290A54F8AE} - System32\Tasks\RtkAudUService64_BG => C:\windows\system32\RtkAudUService64.exe [838648 2019-06-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F0FD26F3-D080-40D1-BE96-FD2C2909D980} - System32\Tasks\QBScheduledReport => C:\Program Files (x86)\Common Files\Intuit\QuickBooks\ScheduledReports\ScheduledReports.Scheduler.exe [382792 2021-03-29] (Intuit, Inc. -> Intuit Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{7e294a8c-888c-4920-8d9a-f93bee67c64b}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{96dd34bf-6f66-4179-8d23-a8116cb9f37a}: [DhcpNameServer] 40.23.1.13

Edge:
=======
DownloadDir: C:\Users\khval\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2544099675-2571443181-3956208610-1001 -> hxxps://www.ecosia.org/
Edge Notifications: HKU\S-1-5-21-2544099675-2571443181-3956208610-1001 -> hxxps://mail.google.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (Honey) -> EdgeExtension_HoneyScienceCorporationHoney_cbe4c63gm1mzr => C:\Program Files\WindowsApps\HoneyScienceCorporation.Honey_11.4.2.0_neutral__cbe4c63gm1mzr [2019-08-07]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\khval\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-11]
Edge DownloadDir: Default -> C:\Users\khval\Downloads
Edge Notifications: Default -> hxxps://business.facebook.com; hxxps://calendar.google.com; hxxps://direct.chownow.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://www.facebook.com
Edge HomePage: Default -> hxxps://www.ecosia.org/
Edge StartupUrls: Default -> "hxxps://www.ecosia.org/"
Edge Extension: (Honey) - C:\Users\khval\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2021-04-26]

FireFox:
========
FF DefaultProfile: xpnyqjre.default-1623777132643
FF ProfilePath: C:\Users\khval\AppData\Roaming\Mozilla\Firefox\Profiles\xpnyqjre.default-1623777132643 [2021-07-11]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-27] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\khval\AppData\Local\Google\Chrome\User Data\Default [2021-07-11]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?pc=COS2&ptag=D110919-N0640A9FCDBB39EF&form=CONBDF&conlogo=CT3335799&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing®
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab?pc=COS2&ptag=D110919-N0630A9FCDBB39EF&form=CONMHP&conlogo=CT3335799
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/qsml.aspx?query={searchTerms}
CHR Extension: (Slides) - C:\Users\khval\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-29]
CHR Extension: (Docs) - C:\Users\khval\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-29]
CHR Extension: (YouTube) - C:\Users\khval\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-29]
CHR Extension: (Sheets) - C:\Users\khval\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-29]
CHR Extension: (Google Docs Offline) - C:\Users\khval\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-28]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\khval\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\khval\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-19]
CHR Extension: (Gmail) - C:\Users\khval\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\khval\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-19]
CHR HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\khval\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2020-03-30]
CHR HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jdanfkhnfpagoijgfmklhgakdicpnfil]
CHR HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2020-02-05] (Apple Inc. -> Apple Inc.)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\FileSyncHelper.exe [2262904 2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321608 2018-09-25] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\AppHelperCap.exe [734752 2021-05-24] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\DiagsCap.exe [733192 2021-05-24] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [478056 2018-06-01] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\NetworkCap.exe [733216 2021-05-24] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\SysInfoCap.exe [733720 2021-05-24] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_4950c0f0d48ae6e7\x64\TouchpointAnalyticsClientService.exe [489512 2021-05-14] (HP Inc. -> HP Inc.)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\OneDriveUpdaterService.exe [2729336 2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
R3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2017-11-14] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1537536 2019-06-07] (Intuit Inc.) [File not signed]
R2 SeagateSecure; C:\Users\khval\APPDATA\ROAMING\TOOLKIT\SeagateSecure\SeagateSecureService.exe [366672 2020-12-01] (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28136 2021-02-18] (LAVASOFT SOFTWARE CANADA INC -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1657136 2020-02-12] (WildTangent Inc -> )
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [108480 2018-06-25] (Alcorlink Corp. -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [23960 2018-07-06] (HP Inc. -> HP Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-07-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425192 2021-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-11 16:43 - 2021-07-11 16:45 - 000025946 _____ C:\Users\khval\Downloads\FRST.txt
2021-07-11 16:43 - 2021-07-11 16:44 - 000000000 ____D C:\FRST
2021-07-11 16:41 - 2021-07-11 16:41 - 002301440 _____ (Farbar) C:\Users\khval\Downloads\FRST64.exe
2021-07-11 16:29 - 2021-07-11 16:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-11 14:35 - 2021-07-11 14:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-06-23 06:50 - 2021-06-23 06:50 - 000698210 _____ C:\Users\khval\Downloads\Kundali Kombucha_16-oz-template_(Edit) (1).ai
2021-06-16 09:44 - 2021-06-16 09:44 - 000698210 _____ C:\Users\khval\Downloads\Kundali Kombucha_16-oz-template_(Edit).ai
2021-06-15 11:12 - 2021-06-15 11:12 - 000332992 _____ (Mozilla) C:\Users\khval\Downloads\Firefox Installer.exe
2021-06-14 12:43 - 2021-06-14 12:43 - 000068969 _____ C:\Users\khval\Downloads\Golden_Organics_Price_List_May_2021 (2).xlsx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-11 16:37 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-11 16:37 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-11 16:29 - 2019-04-14 20:37 - 000000000 ____D C:\Users\khval\AppData\LocalLow\Mozilla
2021-07-11 16:28 - 2019-04-14 20:36 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-11 16:27 - 2020-11-09 13:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-11 15:15 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-11 14:45 - 2020-07-11 00:43 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-11 14:45 - 2020-07-11 00:43 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-07-11 14:30 - 2019-12-30 12:16 - 000000000 ____D C:\Users\khval\AppData\Roaming\Toolkit
2021-07-11 14:30 - 2019-04-14 20:36 - 000000000 ____D C:\ProgramData\Mozilla
2021-07-11 14:30 - 2019-04-14 20:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-11 14:29 - 2019-12-30 12:16 - 000000000 ____D C:\Program Files (x86)\Toolkit
2021-07-11 14:24 - 2020-02-05 10:25 - 000000000 ___RD C:\Users\khval\Google Drive
2021-07-11 14:24 - 2019-03-14 14:12 - 000000000 ____D C:\Users\khval\AppData\Local\Spotify
2021-07-11 14:23 - 2019-03-14 14:11 - 000000000 ____D C:\Users\khval\AppData\Roaming\Spotify
2021-07-11 14:23 - 2019-03-14 13:47 - 000000000 ___RD C:\Users\khval\OneDrive
2021-07-11 14:22 - 2019-03-14 13:44 - 000000000 __SHD C:\Users\khval\IntelGraphicsProfiles
2021-07-09 16:44 - 2018-10-10 23:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-09 16:42 - 2020-11-09 14:02 - 000003206 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-07-09 16:42 - 2019-09-09 17:25 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2021-07-09 16:41 - 2019-09-09 17:25 - 000002181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-04 09:55 - 2020-11-30 11:10 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b6d0ca8e983d
2021-07-04 09:55 - 2020-11-09 14:02 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-04 09:55 - 2020-02-05 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-06-30 17:53 - 2020-03-29 16:42 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-30 17:53 - 2020-03-29 16:42 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-06-28 12:31 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-20 19:33 - 2020-08-23 15:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-18 10:11 - 2019-08-02 14:44 - 000000000 ____D C:\Users\khval\AppData\Local\ElevatedDiagnostics
2021-06-16 21:16 - 2020-11-09 13:45 - 000847728 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-16 21:10 - 2020-11-09 14:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-16 21:10 - 2020-11-09 13:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-16 21:10 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-16 10:02 - 2019-12-07 03:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-06-16 10:01 - 2020-11-09 13:35 - 000000000 ____D C:\Users\khval
2021-06-16 09:26 - 2020-11-09 14:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2021-06-16 09:26 - 2020-02-09 15:47 - 000000000 ____D C:\ProgramData\NCH Software
2021-06-16 09:26 - 2020-02-09 15:47 - 000000000 ____D C:\Program Files (x86)\NCH Software
2021-06-15 11:13 - 2019-04-14 20:36 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
0-00-00 44580:46279 - 2019-01-18 11:05 - 000004664 ____R C:\WINDOWS\system32\Drivers\CxSfPt.DAT

==================== Files in the root of some directories ========

2019-12-08 20:23 - 2019-12-08 20:23 - 000000000 _____ () C:\Users\khval\AppData\Local\D211B1.tmp
2020-08-05 14:09 - 2020-08-05 14:09 - 000000000 _____ () C:\Users\khval\AppData\Local\D21345.tmp
2019-10-05 15:08 - 2019-10-05 15:08 - 000000000 _____ () C:\Users\khval\AppData\Local\D21500.tmp
2019-10-20 14:38 - 2019-10-20 14:38 - 000000000 _____ () C:\Users\khval\AppData\Local\D21690.tmp
2019-09-22 15:56 - 2019-09-22 15:56 - 000000000 _____ () C:\Users\khval\AppData\Local\D216B7.tmp
2020-04-04 14:29 - 2020-04-04 14:29 - 000000000 _____ () C:\Users\khval\AppData\Local\D2173E.tmp
2019-09-07 13:07 - 2019-09-07 13:07 - 000000000 _____ () C:\Users\khval\AppData\Local\D219A0.tmp
2020-08-06 19:02 - 2020-08-06 19:02 - 000000000 _____ () C:\Users\khval\AppData\Local\D21A09.tmp
2020-12-22 18:27 - 2020-12-22 18:27 - 000000000 _____ () C:\Users\khval\AppData\Local\D21B08.tmp
2019-11-30 19:13 - 2019-11-30 19:13 - 000000000 _____ () C:\Users\khval\AppData\Local\D21C5B.tmp
2020-07-31 17:11 - 2020-07-31 17:11 - 000000000 _____ () C:\Users\khval\AppData\Local\D21C97.tmp
2019-08-11 18:55 - 2019-08-11 18:55 - 000000000 _____ () C:\Users\khval\AppData\Local\D21CE.tmp
2019-08-30 10:42 - 2019-08-30 10:42 - 000000000 _____ () C:\Users\khval\AppData\Local\D21D26.tmp
2019-10-05 22:32 - 2019-10-05 22:32 - 000000000 _____ () C:\Users\khval\AppData\Local\D21D81.tmp
2019-09-21 09:44 - 2019-09-21 09:44 - 000000000 _____ () C:\Users\khval\AppData\Local\D21DC2.tmp
2019-12-15 16:06 - 2019-12-15 16:06 - 000000000 _____ () C:\Users\khval\AppData\Local\D21F7E.tmp
2020-08-07 18:20 - 2020-08-07 18:20 - 000000000 _____ () C:\Users\khval\AppData\Local\D22070.tmp
2019-10-20 14:30 - 2019-10-20 14:30 - 000000000 _____ () C:\Users\khval\AppData\Local\D22108.tmp
2019-08-29 22:01 - 2019-08-29 22:01 - 000000000 _____ () C:\Users\khval\AppData\Local\D22156.tmp
2020-12-26 20:40 - 2020-12-26 20:40 - 000000000 _____ () C:\Users\khval\AppData\Local\D223E4.tmp
2019-10-10 20:51 - 2019-10-10 20:51 - 000000000 _____ () C:\Users\khval\AppData\Local\D225D7.tmp
2019-09-04 21:44 - 2019-09-04 21:44 - 000000000 _____ () C:\Users\khval\AppData\Local\D22810.tmp
2020-08-07 20:22 - 2020-08-07 20:22 - 000000000 _____ () C:\Users\khval\AppData\Local\D2290B.tmp
2019-08-11 16:27 - 2019-08-11 16:27 - 000000000 _____ () C:\Users\khval\AppData\Local\D22A6A.tmp
2020-12-20 16:28 - 2020-12-20 16:28 - 000000000 _____ () C:\Users\khval\AppData\Local\D22A80.tmp
2019-12-15 17:32 - 2019-12-15 17:32 - 000000000 _____ () C:\Users\khval\AppData\Local\D22AF7.tmp
2019-08-23 15:10 - 2019-08-23 15:10 - 000000000 _____ () C:\Users\khval\AppData\Local\D22B6.tmp
2020-12-13 17:36 - 2020-12-13 17:36 - 000000000 _____ () C:\Users\khval\AppData\Local\D22D0D.tmp
2019-08-22 19:58 - 2019-08-22 19:58 - 000000000 _____ () C:\Users\khval\AppData\Local\D22D1D.tmp
2019-09-15 20:48 - 2019-09-15 20:48 - 000000000 _____ () C:\Users\khval\AppData\Local\D22F27.tmp
2019-09-28 22:36 - 2019-09-28 22:36 - 000000000 _____ () C:\Users\khval\AppData\Local\D23201.tmp
2020-08-11 11:42 - 2020-08-11 11:42 - 000000000 _____ () C:\Users\khval\AppData\Local\D237FA.tmp
2021-01-10 15:16 - 2021-01-10 15:16 - 000000000 _____ () C:\Users\khval\AppData\Local\D23893.tmp
2019-11-10 16:38 - 2019-11-10 16:38 - 000000000 _____ () C:\Users\khval\AppData\Local\D238C8.tmp
2019-12-20 17:24 - 2019-12-20 17:24 - 000000000 _____ () C:\Users\khval\AppData\Local\D2394E.tmp
2019-11-16 16:53 - 2019-11-16 16:53 - 000000000 _____ () C:\Users\khval\AppData\Local\D23BAC.tmp
2019-08-11 15:30 - 2019-08-11 15:30 - 000000000 _____ () C:\Users\khval\AppData\Local\D23C97.tmp
2019-08-30 14:28 - 2019-08-30 14:28 - 000000000 _____ () C:\Users\khval\AppData\Local\D23EE8.tmp
2019-09-22 11:21 - 2019-09-22 11:21 - 000000000 _____ () C:\Users\khval\AppData\Local\D23F76.tmp
2019-09-11 17:56 - 2019-09-11 17:56 - 000000000 _____ () C:\Users\khval\AppData\Local\D23FAE.tmp
2019-08-25 22:39 - 2019-08-25 22:39 - 000000000 _____ () C:\Users\khval\AppData\Local\D240BF.tmp
2019-09-18 19:33 - 2019-09-18 19:33 - 000000000 _____ () C:\Users\khval\AppData\Local\D241BF.tmp
2020-12-26 19:01 - 2020-12-26 19:01 - 000000000 _____ () C:\Users\khval\AppData\Local\D24201.tmp
2021-01-14 16:53 - 2021-01-14 16:53 - 000000000 _____ () C:\Users\khval\AppData\Local\D24331.tmp
2019-08-08 23:26 - 2019-08-08 23:26 - 000000000 _____ () C:\Users\khval\AppData\Local\D24435.tmp
2019-09-03 18:00 - 2019-09-03 18:00 - 000000000 _____ () C:\Users\khval\AppData\Local\D24637.tmp
2019-09-21 09:38 - 2019-09-21 09:38 - 000000000 _____ () C:\Users\khval\AppData\Local\D24679.tmp
2019-08-19 14:53 - 2019-08-19 14:53 - 000000000 _____ () C:\Users\khval\AppData\Local\D247AC.tmp
2020-08-09 19:28 - 2020-08-09 19:28 - 000000000 _____ () C:\Users\khval\AppData\Local\D247E8.tmp
2019-08-23 16:20 - 2019-08-23 16:20 - 000000000 _____ () C:\Users\khval\AppData\Local\D247F5.tmp
2020-07-31 20:33 - 2020-07-31 20:33 - 000000000 _____ () C:\Users\khval\AppData\Local\D24A10.tmp
2019-09-03 15:29 - 2019-09-03 15:29 - 000000000 _____ () C:\Users\khval\AppData\Local\D24C94.tmp
2019-12-13 23:32 - 2019-12-13 23:32 - 000000000 _____ () C:\Users\khval\AppData\Local\D24E29.tmp
2019-12-23 10:02 - 2019-12-23 10:02 - 000000000 _____ () C:\Users\khval\AppData\Local\D24E74.tmp
2019-10-27 15:53 - 2019-10-27 15:53 - 000000000 _____ () C:\Users\khval\AppData\Local\D24F5E.tmp
2020-12-07 14:59 - 2020-12-07 14:59 - 000000000 _____ () C:\Users\khval\AppData\Local\D24F77.tmp
2019-10-22 18:40 - 2019-10-22 18:40 - 000000000 _____ () C:\Users\khval\AppData\Local\D25438.tmp
2019-11-29 13:13 - 2019-11-29 13:13 - 000000000 _____ () C:\Users\khval\AppData\Local\D254A6.tmp
2020-07-19 15:56 - 2020-07-19 15:56 - 000000000 _____ () C:\Users\khval\AppData\Local\D2568C.tmp
2019-09-22 15:12 - 2019-09-22 15:12 - 000000000 _____ () C:\Users\khval\AppData\Local\D256F3.tmp
2019-08-13 15:40 - 2019-08-13 15:40 - 000000000 _____ () C:\Users\khval\AppData\Local\D257D7.tmp
2019-08-22 13:28 - 2019-08-22 13:28 - 000000000 _____ () C:\Users\khval\AppData\Local\D25984.tmp
2020-04-13 15:52 - 2020-04-13 15:52 - 000000000 _____ () C:\Users\khval\AppData\Local\D25C54.tmp
2019-08-07 20:47 - 2019-08-07 20:47 - 000000000 _____ () C:\Users\khval\AppData\Local\D25D6B.tmp
2019-08-28 14:14 - 2019-08-28 14:14 - 000000000 _____ () C:\Users\khval\AppData\Local\D25E12.tmp
2019-08-20 15:47 - 2019-08-20 15:47 - 000000000 _____ () C:\Users\khval\AppData\Local\D25F8B.tmp
2020-08-03 21:17 - 2020-08-03 21:17 - 000000000 _____ () C:\Users\khval\AppData\Local\D25FAC.tmp
2019-09-17 15:51 - 2019-09-17 15:51 - 000000000 _____ () C:\Users\khval\AppData\Local\D2604E.tmp
2019-10-27 17:43 - 2019-10-27 17:43 - 000000000 _____ () C:\Users\khval\AppData\Local\D263DA.tmp
2019-08-12 13:52 - 2019-08-12 13:52 - 000000000 _____ () C:\Users\khval\AppData\Local\D2642C.tmp
2019-09-25 16:37 - 2019-09-25 16:37 - 000000000 _____ () C:\Users\khval\AppData\Local\D264BE.tmp
2019-09-25 20:56 - 2019-09-25 20:56 - 000000000 _____ () C:\Users\khval\AppData\Local\D266A1.tmp
2019-12-16 16:02 - 2019-12-16 16:02 - 000000000 _____ () C:\Users\khval\AppData\Local\D26876.tmp
2019-11-09 18:54 - 2019-11-09 18:54 - 000000000 _____ () C:\Users\khval\AppData\Local\D2697C.tmp
2019-09-21 09:41 - 2019-09-21 09:41 - 000000000 _____ () C:\Users\khval\AppData\Local\D269D.tmp
2020-08-01 18:03 - 2020-08-01 18:03 - 000000000 _____ () C:\Users\khval\AppData\Local\D26A69.tmp
2020-05-16 18:10 - 2020-05-16 18:10 - 000000000 _____ () C:\Users\khval\AppData\Local\D26CB2.tmp
2019-09-17 22:07 - 2019-09-17 22:07 - 000000000 _____ () C:\Users\khval\AppData\Local\D27005.tmp
2019-09-27 22:12 - 2019-09-27 22:12 - 000000000 _____ () C:\Users\khval\AppData\Local\D2730B.tmp
2019-10-13 14:12 - 2019-10-13 14:12 - 000000000 _____ () C:\Users\khval\AppData\Local\D2776C.tmp
2020-12-30 18:02 - 2020-12-30 18:02 - 000000000 _____ () C:\Users\khval\AppData\Local\D27813.tmp
2019-08-25 14:56 - 2019-08-25 14:56 - 000000000 _____ () C:\Users\khval\AppData\Local\D27868.tmp
2019-09-24 17:10 - 2019-09-24 17:10 - 000000000 _____ () C:\Users\khval\AppData\Local\D27A04.tmp
2019-10-22 14:52 - 2019-10-22 14:52 - 000000000 _____ () C:\Users\khval\AppData\Local\D27A08.tmp
2019-09-06 16:11 - 2019-09-06 16:11 - 000000000 _____ () C:\Users\khval\AppData\Local\D27AC5.tmp
2019-08-19 16:10 - 2019-08-19 16:10 - 000000000 _____ () C:\Users\khval\AppData\Local\D27E57.tmp
2019-10-20 14:01 - 2019-10-20 14:01 - 000000000 _____ () C:\Users\khval\AppData\Local\D27F76.tmp
2020-07-30 16:14 - 2020-07-30 16:14 - 000000000 _____ () C:\Users\khval\AppData\Local\D27FF1.tmp
2020-12-30 15:59 - 2020-12-30 15:59 - 000000000 _____ () C:\Users\khval\AppData\Local\D28102.tmp
2019-09-26 17:29 - 2019-09-26 17:29 - 000000000 _____ () C:\Users\khval\AppData\Local\D281B9.tmp
2019-12-12 11:41 - 2019-12-12 11:41 - 000000000 _____ () C:\Users\khval\AppData\Local\D281D5.tmp
2019-11-03 19:52 - 2019-11-03 19:52 - 000000000 _____ () C:\Users\khval\AppData\Local\D281DA.tmp
2019-09-28 22:16 - 2019-09-28 22:16 - 000000000 _____ () C:\Users\khval\AppData\Local\D282FB.tmp
2019-08-09 16:28 - 2019-08-09 16:28 - 000000000 _____ () C:\Users\khval\AppData\Local\D2833D.tmp
2019-09-15 14:11 - 2019-09-15 14:11 - 000000000 _____ () C:\Users\khval\AppData\Local\D28495.tmp
2019-12-14 21:07 - 2019-12-14 21:07 - 000000000 _____ () C:\Users\khval\AppData\Local\D284B1.tmp
2019-09-26 16:20 - 2019-09-26 16:20 - 000000000 _____ () C:\Users\khval\AppData\Local\D284E6.tmp
2019-09-03 13:34 - 2019-09-03 13:34 - 000000000 _____ () C:\Users\khval\AppData\Local\D287B7.tmp
2019-10-09 17:40 - 2019-10-09 17:40 - 000000000 _____ () C:\Users\khval\AppData\Local\D28961.tmp
2019-09-02 14:14 - 2019-09-02 14:14 - 000000000 _____ () C:\Users\khval\AppData\Local\D28BF8.tmp
2019-10-24 17:29 - 2019-10-24 17:29 - 000000000 _____ () C:\Users\khval\AppData\Local\D28C85.tmp
2020-08-09 17:38 - 2020-08-09 17:38 - 000000000 _____ () C:\Users\khval\AppData\Local\D28E02.tmp
2020-01-05 16:38 - 2020-01-05 16:38 - 000000000 _____ () C:\Users\khval\AppData\Local\D28E08.tmp
2019-09-15 10:12 - 2019-09-15 10:12 - 000000000 _____ () C:\Users\khval\AppData\Local\D28EB0.tmp
2019-09-21 14:19 - 2019-09-21 14:19 - 000000000 _____ () C:\Users\khval\AppData\Local\D28FFE.tmp
2019-12-23 10:09 - 2019-12-23 10:09 - 000000000 _____ () C:\Users\khval\AppData\Local\D29033.tmp
2019-08-14 14:29 - 2019-08-14 14:29 - 000000000 _____ () C:\Users\khval\AppData\Local\D2907C.tmp
2019-08-08 22:09 - 2019-08-08 22:09 - 000000000 _____ () C:\Users\khval\AppData\Local\D2922F.tmp
2019-09-22 21:08 - 2019-09-22 21:08 - 000000000 _____ () C:\Users\khval\AppData\Local\D29504.tmp
2019-09-27 09:12 - 2019-09-27 09:12 - 000000000 _____ () C:\Users\khval\AppData\Local\D29569.tmp
2019-09-04 20:34 - 2019-09-04 20:34 - 000000000 _____ () C:\Users\khval\AppData\Local\D2973C.tmp
2020-08-09 18:44 - 2020-08-09 18:44 - 000000000 _____ () C:\Users\khval\AppData\Local\D297E3.tmp
2019-09-04 13:43 - 2019-09-04 13:43 - 000000000 _____ () C:\Users\khval\AppData\Local\D2987E.tmp
2019-12-08 16:31 - 2019-12-08 16:31 - 000000000 _____ () C:\Users\khval\AppData\Local\D298CF.tmp
2019-08-17 23:29 - 2019-08-17 23:29 - 000000000 _____ () C:\Users\khval\AppData\Local\D298FB.tmp
2021-01-02 17:33 - 2021-01-02 17:33 - 000000000 _____ () C:\Users\khval\AppData\Local\D29C14.tmp
2019-09-20 21:18 - 2019-09-20 21:18 - 000000000 _____ () C:\Users\khval\AppData\Local\D29E6D.tmp
2020-12-27 20:08 - 2020-12-27 20:08 - 000000000 _____ () C:\Users\khval\AppData\Local\D29E8D.tmp
2021-01-12 18:27 - 2021-01-12 18:27 - 000000000 _____ () C:\Users\khval\AppData\Local\D29F72.tmp
2019-09-21 09:43 - 2019-09-21 09:43 - 000000000 _____ () C:\Users\khval\AppData\Local\D29F8E.tmp
2019-11-09 11:05 - 2019-11-09 11:05 - 000000000 _____ () C:\Users\khval\AppData\Local\D29FD5.tmp
2019-08-11 20:11 - 2019-08-11 20:11 - 000000000 _____ () C:\Users\khval\AppData\Local\D2A0EC.tmp
2019-12-16 18:36 - 2019-12-16 18:36 - 000000000 _____ () C:\Users\khval\AppData\Local\D2A12C.tmp
2019-08-15 17:01 - 2019-08-15 17:01 - 000000000 _____ () C:\Users\khval\AppData\Local\D2A211.tmp
2019-09-14 17:07 - 2019-09-14 17:07 - 000000000 _____ () C:\Users\khval\AppData\Local\D2A452.tmp
2019-09-07 17:39 - 2019-09-07 17:39 - 000000000 _____ () C:\Users\khval\AppData\Local\D2A4A4.tmp
2019-09-23 19:27 - 2019-09-23 19:27 - 000000000 _____ () C:\Users\khval\AppData\Local\D2A526.tmp
2019-09-22 11:52 - 2019-09-22 11:52 - 000000000 _____ () C:\Users\khval\AppData\Local\D2A5AB.tmp
2020-07-18 16:08 - 2020-07-18 16:08 - 000000000 _____ () C:\Users\khval\AppData\Local\D2A6D9.tmp
2019-09-14 22:31 - 2019-09-14 22:31 - 000000000 _____ () C:\Users\khval\AppData\Local\D2A71C.tmp
2019-11-30 12:39 - 2019-11-30 12:39 - 000000000 _____ () C:\Users\khval\AppData\Local\D2A7F2.tmp
2019-09-04 15:33 - 2019-09-04 15:33 - 000000000 _____ () C:\Users\khval\AppData\Local\D2A9D8.tmp
2019-08-13 22:58 - 2019-08-13 22:58 - 000000000 _____ () C:\Users\khval\AppData\Local\D2AB2.tmp
2019-08-09 21:40 - 2019-08-09 21:40 - 000000000 _____ () C:\Users\khval\AppData\Local\D2AC23.tmp
2019-09-02 13:09 - 2019-09-02 13:09 - 000000000 _____ () C:\Users\khval\AppData\Local\D2AD11.tmp
2019-09-22 22:51 - 2019-09-22 22:51 - 000000000 _____ () C:\Users\khval\AppData\Local\D2AD18.tmp
2019-08-10 21:58 - 2019-08-10 21:58 - 000000000 _____ () C:\Users\khval\AppData\Local\D2AECA.tmp
2019-12-14 16:54 - 2019-12-14 16:54 - 000000000 _____ () C:\Users\khval\AppData\Local\D2AF06.tmp
2019-08-12 17:16 - 2019-08-12 17:16 - 000000000 _____ () C:\Users\khval\AppData\Local\D2B0F7.tmp
2020-08-02 15:09 - 2020-08-02 15:09 - 000000000 _____ () C:\Users\khval\AppData\Local\D2B2A8.tmp
2019-08-19 20:13 - 2019-08-19 20:13 - 000000000 _____ () C:\Users\khval\AppData\Local\D2B425.tmp
2019-10-05 20:23 - 2019-10-05 20:23 - 000000000 _____ () C:\Users\khval\AppData\Local\D2B83C.tmp
2019-08-13 21:58 - 2019-08-13 21:58 - 000000000 _____ () C:\Users\khval\AppData\Local\D2B942.tmp
2019-09-05 23:39 - 2019-09-05 23:39 - 000000000 _____ () C:\Users\khval\AppData\Local\D2B9D7.tmp
2019-08-26 14:26 - 2019-08-26 14:26 - 000000000 _____ () C:\Users\khval\AppData\Local\D2BBC7.tmp
2019-08-28 10:22 - 2019-08-28 10:22 - 000000000 _____ () C:\Users\khval\AppData\Local\D2BBD9.tmp
2019-08-12 21:45 - 2019-08-12 21:45 - 000000000 _____ () C:\Users\khval\AppData\Local\D2BD9D.tmp
2019-12-15 13:30 - 2019-12-15 13:30 - 000000000 _____ () C:\Users\khval\AppData\Local\D2BF40.tmp
2020-08-08 16:42 - 2020-08-08 16:42 - 000000000 _____ () C:\Users\khval\AppData\Local\D2C19D.tmp
2019-08-22 15:27 - 2019-08-22 15:27 - 000000000 _____ () C:\Users\khval\AppData\Local\D2C25E.tmp
2019-12-16 21:18 - 2019-12-16 21:18 - 000000000 _____ () C:\Users\khval\AppData\Local\D2C3C8.tmp
2019-08-19 17:55 - 2019-08-19 17:55 - 000000000 _____ () C:\Users\khval\AppData\Local\D2C7B2.tmp
2019-12-20 19:18 - 2019-12-20 19:18 - 000000000 _____ () C:\Users\khval\AppData\Local\D2CF1.tmp
2019-10-10 15:44 - 2019-10-10 15:44 - 000000000 _____ () C:\Users\khval\AppData\Local\D2CFF8.tmp
2020-01-15 13:54 - 2020-01-15 13:54 - 000000000 _____ () C:\Users\khval\AppData\Local\D2D17A.tmp
2020-08-05 16:34 - 2020-08-05 16:34 - 000000000 _____ () C:\Users\khval\AppData\Local\D2D1E0.tmp
2019-09-25 22:50 - 2019-09-25 22:50 - 000000000 _____ () C:\Users\khval\AppData\Local\D2D34C.tmp
2019-09-25 23:17 - 2019-09-25 23:17 - 000000000 _____ () C:\Users\khval\AppData\Local\D2D4E.tmp
2019-09-23 12:25 - 2019-09-23 12:25 - 000000000 _____ () C:\Users\khval\AppData\Local\D2DAB7.tmp
2019-12-20 21:16 - 2019-12-20 21:16 - 000000000 _____ () C:\Users\khval\AppData\Local\D2DAC7.tmp
2020-08-11 16:03 - 2020-08-11 16:03 - 000000000 _____ () C:\Users\khval\AppData\Local\D2DB49.tmp
2019-08-15 17:30 - 2019-08-15 17:30 - 000000000 _____ () C:\Users\khval\AppData\Local\D2DCA4.tmp
2019-10-10 15:38 - 2019-10-10 15:38 - 000000000 _____ () C:\Users\khval\AppData\Local\D2DE67.tmp
2019-08-21 22:09 - 2019-08-21 22:09 - 000000000 _____ () C:\Users\khval\AppData\Local\D2DFCB.tmp
2020-12-07 15:36 - 2020-12-07 15:36 - 000000000 _____ () C:\Users\khval\AppData\Local\D2DFFF.tmp
2019-09-07 16:23 - 2019-09-07 16:23 - 000000000 _____ () C:\Users\khval\AppData\Local\D2E1CC.tmp
2020-01-29 14:44 - 2020-01-29 14:44 - 000000000 _____ () C:\Users\khval\AppData\Local\D2E402.tmp
2019-08-07 20:42 - 2019-08-07 20:42 - 000000000 _____ () C:\Users\khval\AppData\Local\D2E456.tmp
2019-08-28 12:59 - 2019-08-28 12:59 - 000000000 _____ () C:\Users\khval\AppData\Local\D2E4C6.tmp
2019-09-07 13:09 - 2019-09-07 13:09 - 000000000 _____ () C:\Users\khval\AppData\Local\D2E567.tmp
2019-09-22 18:49 - 2019-09-22 18:49 - 000000000 _____ () C:\Users\khval\AppData\Local\D2E5B3.tmp
2019-11-25 21:32 - 2019-11-25 21:32 - 000000000 _____ () C:\Users\khval\AppData\Local\D2E972.tmp
2019-10-10 17:49 - 2019-10-10 17:49 - 000000000 _____ () C:\Users\khval\AppData\Local\D2E9FE.tmp
2019-08-28 21:42 - 2019-08-28 21:42 - 000000000 _____ () C:\Users\khval\AppData\Local\D2EC4E.tmp
2020-12-21 18:16 - 2020-12-21 18:16 - 000000000 _____ () C:\Users\khval\AppData\Local\D2ECEE.tmp
2019-09-14 18:37 - 2019-09-14 18:37 - 000000000 _____ () C:\Users\khval\AppData\Local\D2ED10.tmp
2020-09-08 15:44 - 2020-09-08 15:44 - 000000000 _____ () C:\Users\khval\AppData\Local\D2ED1D.tmp
2019-08-13 11:06 - 2019-08-13 11:06 - 000000000 _____ () C:\Users\khval\AppData\Local\D2ED79.tmp
2019-08-26 15:55 - 2019-08-26 15:55 - 000000000 _____ () C:\Users\khval\AppData\Local\D2EDA6.tmp
2020-08-02 19:38 - 2020-08-02 19:38 - 000000000 _____ () C:\Users\khval\AppData\Local\D2EF76.tmp
2019-08-19 11:47 - 2019-08-19 11:47 - 000000000 _____ () C:\Users\khval\AppData\Local\D2F011.tmp
2019-12-13 13:06 - 2019-12-13 13:06 - 000000000 _____ () C:\Users\khval\AppData\Local\D2F019.tmp
2019-12-20 16:58 - 2019-12-20 16:58 - 000000000 _____ () C:\Users\khval\AppData\Local\D2F05E.tmp
2019-08-07 20:13 - 2019-08-07 20:13 - 000000000 _____ () C:\Users\khval\AppData\Local\D2F06F.tmp
2019-09-07 19:17 - 2019-09-07 19:17 - 000000000 _____ () C:\Users\khval\AppData\Local\D2F0BB.tmp
2019-09-21 10:29 - 2019-09-21 10:29 - 000000000 _____ () C:\Users\khval\AppData\Local\D2F254.tmp
2020-12-30 21:19 - 2020-12-30 21:19 - 000000000 _____ () C:\Users\khval\AppData\Local\D2F404.tmp
2019-12-30 12:57 - 2019-12-30 12:57 - 000000000 _____ () C:\Users\khval\AppData\Local\D2F73.tmp
2019-09-14 21:42 - 2019-09-14 21:42 - 000000000 _____ () C:\Users\khval\AppData\Local\D2FB52.tmp
2019-12-20 20:32 - 2019-12-20 20:32 - 000000000 _____ () C:\Users\khval\AppData\Local\D2FBA1.tmp
2019-10-20 20:06 - 2019-10-20 20:06 - 000000000 _____ () C:\Users\khval\AppData\Local\D2FDD5.tmp
2019-12-09 19:38 - 2019-12-09 19:38 - 000000000 _____ () C:\Users\khval\AppData\Local\D2FF6E.tmp
2019-08-12 00:12 - 2019-08-12 00:12 - 000000000 _____ () C:\Users\khval\AppData\Local\D2FFE4.tmp
2021-06-09 12:12 - 2021-06-09 12:12 - 000002305 _____ () C:\Users\khval\AppData\Local\recently-used.xbel
2020-02-23 16:58 - 2020-02-23 16:58 - 000000017 _____ () C:\Users\khval\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2021
Ran by khval (11-07-2021 16:47:51)
Running from C:\Users\khval\Downloads
Windows 10 Home Version 2004 19041.1052 (X64) (2020-11-09 20:03:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2544099675-2571443181-3956208610-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2544099675-2571443181-3956208610-503 - Limited - Disabled)
Guest (S-1-5-21-2544099675-2571443181-3956208610-501 - Limited - Disabled)
khval (S-1-5-21-2544099675-2571443181-3956208610-1001 - Administrator - Enabled) => C:\Users\khval
WDAGUtilityAccount (S-1-5-21-2544099675-2571443181-3956208610-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABS PDF Install (HKLM-x32\...\{C42DD564-7DCD-4555-A7F3-15C0F46221D0}) (Version: 4.2.2 - Atlas Business Solutions, Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Astrology for Windows (HKLM-x32\...\ST6UNST #1) (Version: - )
Backup and Sync from Google (HKLM\...\{A0397FA8-34ED-4A41-A8C9-30EE0B89C464}) (Version: 3.56.3802.7766 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blackmagic RAW Common Components (HKLM\...\{0F3BD969-5F12-4734-A4EF-91B30FB9B1D5}) (Version: 2.0 - Blackmagic Design)
Diablo II (HKLM-x32\...\Diablo II) (Version: 0.0.0.0 - Blizzard Entertainment)
Express Zip File Compression (HKLM-x32\...\ExpressZip) (Version: 7.02 - NCH Software)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
GIMP 2.10.22 (HKLM\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
Google Video Support Plugin (HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.13.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{C54DEA1F-7A8D-410B-A675-04E0FB562CB0}) (Version: 40.13.54.81239 - HP)
HP Google Drive Plugin (HKLM-x32\...\{533B4739-13DD-4AAB-9524-070B3F0CE6ED}) (Version: 40.13.54.81239 - HP)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{016FBF6D-AEDE-4D33-87B4-DF6815EF674A}) (Version: 1.4.0.485 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{35556CCA-F14E-48F3-93F4-E29C4B3DBE30}) (Version: 1.4.485.0 - HP Inc.)
HP Officejet 5740 series Basic Device Software (HKLM\...\{8C417009-7889-42BC-8164-C74FFF358CE6}) (Version: 40.13.1176.1978 - HP Inc.)
HP Officejet 5740 series Help (HKLM-x32\...\{F17D53C7-DCE8-469C-9690-CF8F5903519C}) (Version: 34.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
I.R.I.S. OCR (HKLM-x32\...\{11ED31EC-7EFA-4D56-B71D-E0214C8984CC}) (Version: 12.3.7.0 - HP)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.5.1.1030 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{88667F43-B63E-4046-AF02-35E5412B8FAF}) (Version: 16.5.1.1030 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
LivePlan Sync Manager (HKLM-x32\...\{75970D1C-CAA2-4B14-8872-E5D2F0606F39}) (Version: 19.0.1122.15 - LivePlan)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.67 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.119.0613.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation)
Mozilla Firefox 89.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 89.0.2 (x64 en-US)) (Version: 89.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 89.0 - Mozilla)
PhotoPad Image Editor (HKLM-x32\...\PhotoPad) (Version: 5.50 - NCH Software)
Product Improvement Study for HP Officejet 5740 series (HKLM\...\{D4B37902-C484-4AAC-B3B8-70C203C4FAB3}) (Version: 40.13.1176.1978 - HP Inc.)
Project Diablo 2 (HKLM-x32\...\{822B3055-5F16-4934-A1FC-378AB0181A66}_is1) (Version: 1.0 - projectdiablo2.com)
QuickBooks (HKLM-x32\...\{4120AF20-BA58-49D1-8CFA-11F166E73945}) (Version: 29.0.4015.2901 - Intuit Inc.) Hidden
QuickBooks Pro 2019 (HKLM-x32\...\{FD44271B-DAFF-4C50-8E9B-998AA008606A}) (Version: 29.0.4009.2901 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
Search Powered by Yahoo! (HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\...\{CA6B22AB-9AEB-F32B-2B6B-83ABFBEB502B}) (Version: - )
Spotify (HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\...\Spotify) (Version: 1.1.62.583.gdac868ed - Spotify AB)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
Toolkit (HKLM-x32\...\Toolkit) (Version: 1.21.0.38 - Seagate)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Web Companion (HKLM-x32\...\{0dcd6714-4286-47d7-87f4-40352f224672}) (Version: 7.0.2417.4248 - Lavasoft)
Zoom (HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\...\ZoomUMX) (Version: 5.2.1 (44052.0816) - Zoom Video Communications, Inc.)

Packages:
=========
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-17] (Dropbox Inc.)
ELAN Touchpad Setting -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTouchpadSetting_11.2.63.0_x64__stws0m115j6hg [2019-04-04] (ELAN Microelectronics Corporation)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2019-01-18] (HP Inc.)
Honey -> C:\Program Files\WindowsApps\HoneyScienceCorporation.Honey_11.4.2.0_neutral__cbe4c63gm1mzr [2019-08-07] (Honey Science Corporation)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.2.173.0_x64__dt26b99r8h8gj [2019-06-07] (Realtek Semiconductor Corp)
HP CoolSense -> C:\Program Files\WindowsApps\AD2F1837.HPCoolSense_1.0.6.0_x64__v10z8vjag6ke6 [2019-01-18] (HP Inc.)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.481.0_x86__v10z8vjag6ke6 [2019-01-18] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.7.0.0_x64__v10z8vjag6ke6 [2021-07-11] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2021-04-10] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_128.1.219.0_x64__v10z8vjag6ke6 [2021-07-11] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.7.536.0_x64__v10z8vjag6ke6 [2021-07-11] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6 [2021-07-11] (HP Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt [2021-05-09] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-26] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1015.0_x64__8j3eq9eme6ctt [2021-03-13] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-03-14] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.14131.20278.0_x86__8wekyb3d8bbwe [2021-07-11] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-14] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.14131.20278.0_x86__8wekyb3d8bbwe [2021-07-11] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14131.20278.0_x86__8wekyb3d8bbwe [2021-07-11] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14131.20278.0_x86__8wekyb3d8bbwe [2021-07-11] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.14131.20278.0_x86__8wekyb3d8bbwe [2021-07-11] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.14131.20278.0_x86__8wekyb3d8bbwe [2021-07-11] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-24] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.14131.20278.0_x86__8wekyb3d8bbwe [2021-07-11] (Microsoft Corporation)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-09] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.1.0_x64__nfy108tqq3p12 [2021-02-22] (Thumbmunkeys Ltd)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-03-14] (Plex)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.2.5.0_x64__kx24dqmazqk8j [2021-04-10] (Random Salad Games LLC)
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.84.0_x64__qt5r5pa5dyg8m [2021-02-28] (WildTangent Games)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2544099675-2571443181-3956208610-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\khval\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2544099675-2571443181-3956208610-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\khval\AppData\Local\Google\Update\1.3.35.423\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2544099675-2571443181-3956208610-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\khval\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2544099675-2571443181-3956208610-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\khval\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2544099675-2571443181-3956208610-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\khval\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2544099675-2571443181-3956208610-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\khval\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2544099675-2571443181-3956208610-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\khval\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2544099675-2571443181-3956208610-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\khval\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2544099675-2571443181-3956208610-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\khval\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-06-18] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-06-18] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-06-18] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-06-12] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2020-02-09] () [File not signed]
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-06-18] (Google LLC -> Google)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-06-12] () [File not signed] [File is in use]
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-06-18] (Google LLC -> Google)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2020-02-09] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-02-09 15:47 - 2020-02-09 15:47 - 000105984 _____ () [File not signed] C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
2021-07-11 14:23 - 2021-07-11 14:23 - 000114176 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\_ctypes.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000172544 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\_elementtree.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 002255872 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\_hashlib.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000032256 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\_multiprocessing.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000046080 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\_psutil_windows.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000047616 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\_socket.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 002825216 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\_ssl.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000026112 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\_yappi.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000080896 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\bz2.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000015872 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\common.time34.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000007680 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\hashobjs_ext.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000301568 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\PIL._imaging.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000168448 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\pyexpat.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 001084416 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\pysqlite2._sqlite.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000548864 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\pythoncom27.dll
2021-07-11 14:23 - 2021-07-11 14:23 - 000137728 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\pywintypes27.dll
2021-07-11 14:23 - 2021-07-11 14:23 - 000010752 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\select.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000020992 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\thumbnails_ext.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000689664 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\unicodedata.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000119808 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\usb_ext.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000128512 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\win32api.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000438784 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\win32com.shell.shell.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000011776 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\win32crypt.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000023040 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\win32event.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000149504 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\win32file.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000223232 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\win32gui.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000048128 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\win32inet.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000029696 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\win32pdh.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000027648 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\win32pipe.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000044032 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\win32process.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000020480 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\win32profile.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000136192 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\win32security.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000026624 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\win32ts.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000034304 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\windows.conditional.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000037888 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\windows.connectivity.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000071680 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\windows.device_monitor.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000103936 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\windows.volumes.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000019968 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\windows.winwrap.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 001325056 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\wx._controls_.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 001489408 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\wx._core_.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 001007104 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\wx._gdi_.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000103424 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\wx._html2.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 000916992 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\wx._misc_.pyd
2021-07-11 14:23 - 2021-07-11 14:23 - 001039872 _____ () [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\wx._windows_.pyd
2021-06-10 09:11 - 2021-06-10 09:11 - 000160768 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\1acc9bc967bedcb315cd372c9edef1dd\BRIDGECommon.ni.dll
2021-06-10 09:12 - 2021-06-10 09:12 - 000125440 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\2a583934d18b0420071bf6aa775f28cb\BridgeExtension.ni.dll
2021-06-10 09:12 - 2021-06-10 09:12 - 000395264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\45fdd1740049d9fefedef6bc80d35120\CleanStartController.ni.dll
2021-06-10 09:13 - 2021-06-10 09:13 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\bd743c23d978c13e1dd1230b69523454\Interop.IWshRuntimeLibrary.ni.dll
2021-06-10 09:12 - 2021-06-10 09:12 - 000079872 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NativeInterop\dfd1cd65e197c347d2a230f40ba5c543\NativeInterop.ni.dll
2021-06-10 09:12 - 2021-06-10 09:12 - 000145920 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\1b9461e10c3e43cab5315929adf48c3e\RegistrationUtilities.ni.dll
2021-06-10 09:13 - 2021-06-10 09:13 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\023c582945109d2fccd3cce3356dd253\Hardcodet.Wpf.TaskbarNotification.ni.dll
2020-06-20 00:19 - 2020-06-20 00:19 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2021-06-10 09:12 - 2021-06-10 09:12 - 000136192 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\eea7f746aa6321afc29ec2ead2de309b\CommonPortable.ni.dll
2018-06-12 22:01 - 2018-06-12 22:01 - 000125952 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2021-06-10 09:13 - 2021-06-10 09:13 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\9a8433c1861d3610116b819c0f6ce236\NAudio.ni.dll
2017-11-14 15:48 - 2017-11-14 15:48 - 001017856 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\dbghelp.dll
2021-06-10 09:13 - 2021-06-10 09:13 - 003060736 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\17918b79265d7f9e4e491e0fcb86e0a4\Newtonsoft.Json.ni.dll
2021-06-10 09:11 - 2021-06-10 09:11 - 002306560 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\308eb8bf0dbbf69a03bfc693a3b744da\Newtonsoft.Json.ni.dll
2021-07-11 14:23 - 2021-07-11 14:23 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\python27.dll
2021-06-10 09:13 - 2021-06-10 09:13 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\eda7224bf7581d4fbb5ca92834d9c4a0\log4net.ni.dll
2021-07-11 14:23 - 2021-07-11 14:23 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\wxbase30u_net_vc90_x64.dll
2021-07-11 14:23 - 2021-07-11 14:23 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\wxbase30u_vc90_x64.dll
2021-07-11 14:23 - 2021-07-11 14:23 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\wxmsw30u_adv_vc90_x64.dll
2021-07-11 14:23 - 2021-07-11 14:23 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\wxmsw30u_core_vc90_x64.dll
2021-07-11 14:23 - 2021-07-11 14:23 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\wxmsw30u_html_vc90_x64.dll
2021-07-11 14:23 - 2021-07-11 14:23 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\khval\AppData\Local\Temp\_MEI180002\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=fes_yfp_chr_nt_yfp2&type=wnf_nptdwxol_20_37_ssg00
HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {A609F214-C053-4F92-8D20-9C9E3FD4B147} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {A609F214-C053-4F92-8D20-9C9E3FD4B147} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2544099675-2571443181-3956208610-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wnf_nptdwxol_20_37_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0F0EyByByByE0B0CzyyCzyzztBtDyDyEtN0D0Tzu0StAtCyBtAtN1L2XzuyDtFtBtFtDtFtCyDzztN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2StD0CtByCyDyBtBzytGyEyCyCtDtG0AyEyD0AtGyE0BtDyEtG0F0EyDyBtA0C0F0EyDyB0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1P1O1Szz1SyD1SyCtGtDtCtAtDtGyE1Q1R1OtGzy1Tzz1QtG1Ozyzy1P1PyDtBzyyEzyyE1Q2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyzyyCtDyEtCyEyB%26cr%3D1343776866%26a%3Dwnf_nptdwxol_20_37_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2544099675-2571443181-3956208610-1001 -> {6070aaf0-4487-49b5-9583-c51f7316c6ff} URL = hxxps://securesearch.org?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2544099675-2571443181-3956208610-1001 -> {A609F214-C053-4F92-8D20-9C9E3FD4B147} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2019-12-16] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2019-12-16] (HP Inc. -> HP Inc.)
Handler-x32: intu-help-qb12 - {665F2BD4-8216-400B-9706-865D2B771E27} - C:\Program Files (x86)\Intuit\QuickBooks 2019\HelpAsyncPluggableProtocol.dll [2021-03-29] (Intuit, Inc. -> Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 01:31 - 2018-09-15 01:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2544099675-2571443181-3956208610-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\khval\OneDrive\Desktop\juniperbooch.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3E44C9FD-AB53-49C0-9375-B005C4E096A1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{73ED9341-0280-4F7B-BF3D-41F548DA3286}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{67DAE8E5-61CE-4072-902C-6FFBA989304D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{72AA2F26-85CB-4B5E-8F6A-8CBD84681421}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{CDC8530E-50D6-4E97-914F-610CA66D9765}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.)
FirewallRules: [{CAFF5CA6-8465-481A-AFAA-DD1DCE44B5E8}] => (Allow) LPort=5357
FirewallRules: [{C8F0D69D-74C3-4F33-B747-5A3A3612F256}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\DeviceSetup.exe (HP Inc -> HP Inc.)
FirewallRules: [{D27D481C-871C-428D-BA2F-2120D078D4B3}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxPrinterUtility.exe (HP Inc -> HP Inc.)
FirewallRules: [{AEBA2185-B3DA-479D-BA25-DF70C707FA39}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\SendAFax.exe (HP Inc -> HP Inc.)
FirewallRules: [{6214A0D6-2F85-41FC-92A1-A9069EA65C4D}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\DigitalWizards.exe (HP Inc -> HP Inc.)
FirewallRules: [{B7027DBC-D27A-43AD-8579-81DD0FC48C57}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxApplications.exe (HP Inc -> HP Inc.)
FirewallRules: [{259A39A7-209E-4255-B7BC-849266D68DC1}] => (Allow) C:\Users\khval\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{76B6D491-CFAF-4311-8182-7819837BCED8}] => (Allow) C:\Users\khval\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F1769024-6712-4396-A096-738ABD52E3A1}] => (Block) C:\program files (x86)\starcraft\x86_64\starcraft.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{3F67C76D-477C-4D52-95F1-9445419AFEB1}] => (Block) C:\program files (x86)\starcraft\x86_64\starcraft.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{8A7BB2C8-5A62-4073-86D5-A05F2AEFEE21}C:\program files (x86)\starcraft\x86_64\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\x86_64\starcraft.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{2F25C5D1-AA3A-4AE2-B37B-16F4F4932446}C:\program files (x86)\starcraft\x86_64\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\x86_64\starcraft.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{07B5228F-097A-4C2F-91A2-5C984C8CDA5F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{1DEF9FCD-B668-49FC-831E-1F03EBDBD31C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{014B2C47-683C-4385-93A0-699C14508B70}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{7420BA45-4C8C-474D-AD22-F904F8FC48D3}C:\users\khval\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\khval\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{EA4F6471-2A93-4FD7-87AB-DF7F84251AA6}C:\users\khval\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\khval\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{83591743-BC0A-45D0-B959-DC27946057EA}] => (Block) C:\users\khval\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F1E0EFD7-5C5B-40CB-B5F6-506440FD7A93}] => (Block) C:\users\khval\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{737D3CE6-7DA0-4B88-99DD-879F712D8F25}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC)
FirewallRules: [UDP Query User{9732A1A1-65B4-401F-8F9D-C701550D754F}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC)
FirewallRules: [{5487739D-B582-454A-9D35-3D0BA788413D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File
FirewallRules: [{29FECEAF-B610-4099-9406-643542782D76}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File
FirewallRules: [{281984C2-D197-45AD-88EC-F813A10E2F5F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File
FirewallRules: [{C74CEE7F-2A95-4635-8338-9096A6C0339E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File
FirewallRules: [{2F75817B-4DCB-4E67-BB88-66640BB87122}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File
FirewallRules: [{764467C8-70FC-44CD-BCF7-749C19C1EE42}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File
FirewallRules: [{7019AD4E-E682-4435-BF50-C289D9B53AEF}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{788E1E32-09F4-4386-A631-42D37F0E9C14}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe => No File
FirewallRules: [{51CE0DAC-48D5-4452-9474-1E0E0932C8DC}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe => No File
FirewallRules: [{A7FC854F-0061-4B38-9A8E-DB48ABAE2A8F}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File
FirewallRules: [TCP Query User{6A89AA2A-C578-4F5B-B812-79EFAE84122B}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe => No File
FirewallRules: [UDP Query User{0A835FB1-6A4C-49A1-81E3-E2DA32E998A4}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe => No File
FirewallRules: [{14B25BCD-6865-4596-93E4-D377BFE96CE6}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2019\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{9EA5737A-8E01-4B0C-9AC1-D9568A22E75B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F605B71-CEAE-42C7-B8D0-3564CB087056}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{608EA263-8C42-4899-A18F-B52A1ACE6823}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{004E42E1-69AE-4876-9D44-60D567F7DA20}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{21EDB587-853D-4B4E-B415-847DCC2D45AE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{71A632AB-C4B9-42F3-9DEC-46DD2270E9E4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14131.20278.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

18-06-2021 10:18:32 Scheduled Checkpoint
29-06-2021 10:17:05 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: System Firmware
Description: System Firmware
Class Guid: {f2e7dd72-6468-4e36-b6f1-6488f42c1b52}
Manufacturer: HP Inc.
Service:
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (07/11/2021 02:45:34 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Desktop Pro 2019":
DBConnPool::HandleConnectionError errorCode:-6069, dbCode:-103 from file:'src\connpool.cpp' at line 1042 from function:'DBMgr::DBConnPool::init'

Error: (07/11/2021 02:45:34 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Desktop Pro 2019":
Connection String:CON=QBConnectionPool-Probe-QB_data_engine_29; ;DBF=C:\Users\Public\Documents\Intuit\QuickBooks\Company Files\Kundali Kombucha.qbw;ENG=QB_data_engine_29;DBN=9124132e91a04c288b71b89a3b21b470

Error: (07/11/2021 02:45:34 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Desktop Pro 2019":
Connection Error:Invalid user ID or password

Error: (07/11/2021 02:45:11 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Desktop Pro 2019":
DBConnPool::HandleConnectionError errorCode:-6069, dbCode:-103 from file:'src\connpool.cpp' at line 1042 from function:'DBMgr::DBConnPool::init'

Error: (07/11/2021 02:45:11 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Desktop Pro 2019":
Connection String:CON=QBConnectionPool-Probe-QB_data_engine_29; ;DBF=C:\Users\Public\Documents\Intuit\QuickBooks\Company Files\Kundali Kombucha.qbw;ENG=QB_data_engine_29;DBN=f2ad56e6dfaa4306b062c4fa63513cd9

Error: (07/11/2021 02:45:11 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Desktop Pro 2019":
Connection Error:Invalid user ID or password

Error: (07/11/2021 02:22:00 PM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Failed in handling the PowerEvent. The error that occurred was: System.IO.IOException: The process cannot access the file 'C:\Windows\Temp\signtool.exe' because it is being used by another process.
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at _HPCommRecovery.Tools.Signtool.ExtractSignTool()
at _HPCommRecovery.Tools.Signtool.Verify(String arg)
at _HPCommRecovery.HPAHAgent.CallAgent()
at _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath)
at _HPCommRecovery.HPAHLogger.NewSession()
at _HPCommRecovery.....

Error: (07/09/2021 04:47:20 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Desktop Pro 2019":
WPR: AddPrinter failed - failed to add XPS printer driver lasterror=1802OS =10.0 Printdriver name :Microsoft XPS Document Writer


System errors:
=============
Error: (07/11/2021 04:32:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (06/30/2021 07:40:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.343.25.0).

Error: (06/29/2021 09:40:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.343.25.0).

Error: (06/17/2021 08:21:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (06/16/2021 09:39:01 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OH5CF8OA)
Description: The server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} did not register with DCOM within the required timeout.

Error: (06/16/2021 09:39:01 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OH5CF8OA)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (06/16/2021 09:39:01 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OH5CF8OA)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (06/16/2021 09:39:01 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OH5CF8OA)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


Windows Defender:
================
Date: 2021-07-11 16:41:44
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Script/Phonzy.A!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\khval\Downloads\FRST.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.343.810.0, AS: 1.343.810.0, NIS: 1.343.810.0
Engine Version: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-06-29 10:07:49
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-28 12:32:35
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-28 11:36:38
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-22 10:13:43
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-07-11 14:50:26
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.343.706.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18300.4
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2021-07-11 14:44:19
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.343.706.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18300.4
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2021-07-11 14:44:19
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.343.706.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18300.4
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2021-06-30 07:40:57
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.343.25.0
Previous security intelligence Version: 1.341.1614.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18300.4
Previous Engine Version: 1.1.18200.4
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-30 07:40:57
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.343.25.0
Previous security intelligence Version: 1.341.1614.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18300.4
Previous Engine Version: 1.1.18200.4
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

==================== Memory info ===========================

BIOS: Insyde F.07 12/11/2018
Motherboard: HP 84C0
Processor: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz
Percentage of memory in use: 67%
Total physical RAM: 8079.3 MB
Available physical RAM: 2607.17 MB
Total Virtual: 9364.8 MB
Available Virtual: 1974.03 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.28 GB) (Free:844.73 GB) NTFS

\\?\Volume{8c56e236-a086-4de7-8ff4-ce3b2b78d37e}\ () (Fixed) (Total:0.96 GB) (Free:0.13 GB) NTFS
\\?\Volume{0371b469-1b5f-488d-ad9e-8d94e5d312e0}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D094F5B8)

Partition: GPT.

==================== End of Addition.txt =======================
 
#2
I've since cleaned up my PC with CCleaner, ATG anti-virus, and done a defrag.

Everything is still running very slow, anyone out there available to help??
 
Status
Not open for further replies.
Top Bottom
Back
Forums
Resources
Menu