JustPaste.it

Additional

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-09-2021
Ran by Marek (19-09-2021 22:48:00)
Running from C:\Users\Marek\Downloads
Windows 10 Home Version 21H1 19043.1237 (X64) (2020-10-31 00:18:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3559403019-2055364116-2686755073-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3559403019-2055364116-2686755073-503 - Limited - Disabled)
Guest (S-1-5-21-3559403019-2055364116-2686755073-501 - Limited - Disabled)
Marek (S-1-5-21-3559403019-2055364116-2686755073-1001 - Administrator - Enabled) => C:\Users\Marek
WDAGUtilityAccount (S-1-5-21-3559403019-2055364116-2686755073-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.7.5 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.7.2481 - Avast Software)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Licomp EMPiK Multimedia)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version:  - )
Canon MP250 series User Registration (HKLM-x32\...\Canon MP250 series User Registration) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.81 - Piriform)
Driver Magician 5.21 (HKLM-x32\...\Driver Magician_is1) (Version:  - GoldSolution Software, Inc.)
EA Download Manager (HKLM-x32\...\EA Download Manager) (Version: 6.0.4.124 - Electronic Arts, Inc.)
ELAN Touchpad 15.8.12.5_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.12.5 - ELAN Microelectronic Corp.)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Hitman: Absolution (HKLM-x32\...\1757179626_is1) (Version: 1.0.447.0 - GOG.com)
iCloud Outlook (HKLM\...\{1768CF44-D2CD-453A-B284-AD782F6F2616}) (Version: 10.6.1.26 - Apple Inc.)
Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-GB) (HKLM\...\Mozilla Firefox 92.0 (x64 en-GB)) (Version: 92.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.1 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7885 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RogueKiller version 15.0.2.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.0.2.0 - Adlice Software)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Vivaldi (HKU\S-1-5-21-3559403019-2055364116-2686755073-1001\...\Vivaldi) (Version: 2.11.1811.33 - Vivaldi Technologies AS.)
Wise Care 365 4.8.2 (HKLM-x32\...\Wise Care 365_is1) (Version: 4.8.2 - WiseCleaner.com, Inc.)
Wise Game Booster 1.5.4 (HKLM-x32\...\Wise Game Booster_is1) (Version: 1.5.4 - WiseCleaner.com, Inc.)

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.64.3.0_x86__kgqvnymyfvs32 [2021-09-15] (king.com)
Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_5.30.60.0_x86__q7m17pa7q8kj0 [2021-09-18] (Deezer SA)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.9.253.0_x64__rz1tebttyb220 [2021-08-21] (Dolby Laboratories)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa [2021-08-21] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-21] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-05-02] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-15] (Microsoft Corporation)
Real PDF Suite -> C:\Program Files\WindowsApps\36059XiaoyaStudio.RealPDFEditor_3.0.71.0_x64__ngh7ertwt50re [2021-08-24] (Xiaoya Lab)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0 [2021-09-18] (Spotify AB) [Startup Task]
The Chess Lv.100 -> C:\Program Files\WindowsApps\6918E89D.THECHESSLV.100_1.3.8.0_x64__66n08swfvvka0 [2021-08-21] (UNBALANCE corp.) [MS Ad]
XLS Edit -> C:\Program Files\WindowsApps\BallardAppCraftery.XLSEdit_1.1.9.0_x64__epyrqhfctk40t [2019-07-26] (Ballard App Craftery)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3559403019-2055364116-2686755073-1001_Classes\CLSID\{33222385-91F3-453D-8264-0A6CE1552B21} -> [iCloud Drive] => C:\Users\Marek\iCloudDrive [2020-05-15 14:47]
CustomCLSID: HKU\S-1-5-21-3559403019-2055364116-2686755073-1001_Classes\CLSID\{7F5A9C31-DEE8-435B-8A69-D6E775A4FDFF} -> [iCloud Photos] => C:\Users\Marek\Pictures\iCloud Photos\Photos [2020-06-04 21:21]
CustomCLSID: HKU\S-1-5-21-3559403019-2055364116-2686755073-1001_Classes\CLSID\{BCA9D37C-CA60-4160-9115-97A00F24702D}\localserver32 -> C:\Users\Marek\AppData\Local\Vivaldi\Application\2.11.1811.33\notification_helper.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-09] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> [CC]{435E5DF5-2510-463C-B223-BDA47006D002} =>  -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-07-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RecuvaShellExt] -> [CC]{435E5DF5-2510-463C-B223-BDA47006D002} =>  -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Marek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\969fa00ceac8236d\Vivaldi.lnk -> C:\Users\Marek\AppData\Local\Vivaldi\Application\vivaldi_proxy.exe (Vivaldi Technologies AS) -> --profile-directory=Default --app-id=mpognobbkildjkofajifpdfhcoklimli

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3559403019-2055364116-2686755073-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-07-30 12:53 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3559403019-2055364116-2686755073-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marek\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_0881 (2).JPG
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-3559403019-2055364116-2686755073-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3559403019-2055364116-2686755073-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3559403019-2055364116-2686755073-1001\...\StartupApproved\Run: => "Vivaldi Update Notifier"
HKU\S-1-5-21-3559403019-2055364116-2686755073-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3559403019-2055364116-2686755073-1001\...\StartupApproved\Run: => "DriverFix"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FEFA92D4-99F9-409C-A4FF-C3FB3273874A}] => (Allow) C:\Program Files (x86)\Activision\CoD Fresch\iw3mp.exe () [File not signed]
FirewallRules: [{FF1C3C20-D9C3-44B6-9E3B-706064FA8AAD}] => (Allow) C:\Program Files (x86)\Activision\CoD Fresch\iw3mp.exe () [File not signed]
FirewallRules: [{AD354C1C-BEFA-4733-AABF-1D91BA68D13D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{47FF93F3-BCAE-4515-A232-0D328749A96F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{37393681-4A11-465A-AFA7-E822D30743BD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{348793D3-978B-44E8-A767-246CD971818F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1F3EE344-035B-4392-AB06-278D45AAB228}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{94267A6F-84BA-43BD-9EDA-0899BD5B9EC0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2FCCDD23-51CA-41B7-ABF2-BBF42BD7F794}C:\users\marek\appdata\local\vivaldi\application\vivaldi.exe] => (Block) C:\users\marek\appdata\local\vivaldi\application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
FirewallRules: [UDP Query User{B5354B2A-0ADA-4FDB-BDCE-E8E996AC937D}C:\users\marek\appdata\local\vivaldi\application\vivaldi.exe] => (Block) C:\users\marek\appdata\local\vivaldi\application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
FirewallRules: [TCP Query User{A1AB1CB6-1CA8-4653-BBE9-5603E358D413}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Block) C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe () [File not signed]
FirewallRules: [UDP Query User{CDF9DDF4-D157-4765-BEAD-C8E6D232D4EB}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Block) C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe () [File not signed]
FirewallRules: [TCP Query User{DF822C45-7C1D-4291-9666-ADCEFF1E3E56}C:\users\marek\appdata\local\vivaldi\application\vivaldi.exe] => (Block) C:\users\marek\appdata\local\vivaldi\application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
FirewallRules: [UDP Query User{D5168CCE-44AC-437A-A6C1-B85A816A517A}C:\users\marek\appdata\local\vivaldi\application\vivaldi.exe] => (Block) C:\users\marek\appdata\local\vivaldi\application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
FirewallRules: [{C70AB949-3B82-4DC6-BE32-A364737BD8A2}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C7D3EFE3-8389-407F-B532-377640610D2A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F8C28A12-8C0D-4C7F-A5F9-F045A8EA609D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7280B8BD-DACC-4631-AAE3-E2E7EB79F9A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4CAA0799-DFE3-43CB-9689-192FE731EC84}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4B4813F7-8C39-4D37-96A2-05C1721B57A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F1926BF7-6457-4352-8171-51815A0C810F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5D751293-A41F-43F2-ABFC-38768E99A8C6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ECF7656F-B3CF-4329-8E5B-74123FD32227}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3FAC6F64-F05B-428A-B315-BE058D18445A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

08-09-2021 09:44:49 Scheduled Checkpoint
16-09-2021 22:20:17 Windows Modules Installer
16-09-2021 22:44:39 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/19/2021 08:46:29 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: The Windows Security Center Service was unable to load instances of FirewallProduct from datastore.

Error: (09/19/2021 08:10:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: taskhostw.exe, version: 10.0.19041.906, time stamp: 0xd1ac4c39
Faulting module name: wininet.dll, version: 11.0.19041.1202, time stamp: 0x651a060f
Exception code: 0x000005b4
Fault offset: 0x00000000000ca553
Faulting process ID: 0x584
Faulting application start time: 0x01d7acbb9320148c
Faulting application path: C:\WINDOWS\system32\taskhostw.exe
Faulting module path: C:\WINDOWS\system32\wininet.dll
Report ID: bc86bbb5-4079-49b5-83ef-1ebb8b0f137a
Faulting package full name: 
Faulting package-relative application ID:

Error: (09/19/2021 08:09:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 92.0.0.7916, time stamp: 0x6132c806
Faulting module name: xul.dll, version: 92.0.0.7916, time stamp: 0x6132c869
Exception code: 0x80000003
Fault offset: 0x0000000001b4bb95
Faulting process ID: 0x1c38
Faulting application start time: 0x01d7ad8977ce0a79
Faulting application path: C:\Program Files\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files\Mozilla Firefox\xul.dll
Report ID: ccff7b0f-9f40-43f6-92a0-3b466be1384b
Faulting package full name: 
Faulting package-relative application ID:

Error: (09/19/2021 03:00:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (09/19/2021 07:40:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WaaSMedicSvc, version: 10.0.19041.546, time stamp: 0x058e175a
Faulting module name: ntdll.dll, version: 10.0.19041.1202, time stamp: 0x4f115fac
Exception code: 0xc0000374
Fault offset: 0x00000000000ff199
Faulting process ID: 0x221c
Faulting application start time: 0x01d7ad20d49bf20c
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report ID: c7683245-b862-47b4-989a-16e44a5e4391
Faulting package full name: 
Faulting package-relative application ID:

Error: (09/18/2021 08:48:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.19041.1202 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1998

Start Time: 01d7acbb997e3f7e

Termination Time: 10788

Application Path: C:\Windows\explorer.exe

Report Id: dc17455c-f4cf-451e-9e3f-75843e12a335

Faulting package full name: 

Faulting package-relative application ID: 

Hang type: Unknown

Error: (09/18/2021 07:53:21 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: The Windows Security Center Service was unable to load instances of FirewallProduct from datastore.

Error: (09/18/2021 03:33:56 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON.


System errors:
=============
Error: (09/19/2021 08:45:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Tools service.

Error: (09/19/2021 08:45:18 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Tools service.

Error: (09/19/2021 08:44:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Tools service.

Error: (09/19/2021 08:44:18 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Tools service.

Error: (09/19/2021 08:39:07 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (09/19/2021 08:37:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The CredentialEnrollmentManagerUserSvc_4f865 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (09/19/2021 08:37:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Wise Boot Assistant service terminated unexpectedly. It has done this 1 time(s).

Error: (09/19/2021 08:37:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The TSDSettingService service terminated unexpectedly. It has done this 1 time(s).


Windows Defender:
================
Date: 2021-09-14 15:24:55
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-13 15:14:59
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-12 22:03:43
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-11 21:21:07
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-10 16:34:42
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-21 01:57:32
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.343.1013.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.18300.4
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process. 

Date: 2021-08-21 01:57:32
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.343.1013.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.18300.4
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process. 

Date: 2021-08-21 01:57:32
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.343.1013.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.18300.4
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process. 

Date: 2021-08-21 01:53:21
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.343.1013.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.18300.4
Error code: 0x80070102
Error description: The wait operation timed out. 

Date: 2021-08-21 01:53:21
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.343.1013.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.18300.4
Error code: 0x80070102
Error description: The wait operation timed out. 

CodeIntegrity:
===============
Date: 2021-09-19 20:47:32
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-09-19 20:47:03
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. 5.00 08/12/2015
Motherboard: FF40 0683
Processor: AMD A8-7410 APU with AMD Radeon R5 Graphics 
Percentage of memory in use: 63%
Total physical RAM: 7094.98 MB
Available physical RAM: 2559.89 MB
Total Virtual: 8374.98 MB
Available Virtual: 1880.08 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:920.66 GB) (Free:776.14 GB) NTFS

\\?\Volume{c46a4251-e2ec-4d75-bb20-084441bb5d39}\ () (Fixed) (Total:0.57 GB) (Free:0.08 GB) NTFS
\\?\Volume{626e862d-6b91-4953-b3e4-b5174885d4dc}\ () (Fixed) (Total:0.91 GB) (Free:0.44 GB) NTFS
\\?\Volume{2c7fc7ad-efc5-4a86-a2c0-60d3bbd1cb61}\ (HDDR) (Fixed) (Total:9.09 GB) (Free:0.98 GB) FAT32
\\?\Volume{e782b0c2-08ce-4d4d-a756-73969c6df133}\ (ESP) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================