Thanks for your forum. I've enjoyed your service since 2008. Now it's a ASUS i3 pc bought in 2016 that's been slow for a while, but nothing dramatic. I don't know if it's a problem, but task manager shows some duplicates. I have Avast Premium, etc. Cheers.
- Humanerror
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by vesam (administrator) on DESKTOP-QL010TM (ASUSTeK COMPUTER INC. M32CD_A_F_K20CD_K31CD) (18-12-2020 22:39:29)
Running from C:\Users\vesam\Desktop
Loaded Profiles: vesam
Platform: Windows 10 Home Version 2004 19041.685 (X64) Language: suomi (Suomi)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Avast Software s.r.o. -> The OpenVPN Project) C:\Program Files\AVAST Software\SecureLine VPN\OpenVPN\openvpn.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <34>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsMaps_10.2011.6.0_x64__8wekyb3d8bbwe\Maps.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8822016 2016-06-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [615144 2016-03-09] (Samsung Electronics CO., LTD. -> Samsung Electronics Co.,Ltd)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2596704 2020-12-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [boinctray] => C:\Program Files\BOINC\boinctray.exe [70472 2020-09-02] (UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory)
HKLM\...\Run: [boincmgr] => C:\Program Files\BOINC\boincmgr.exe [8281416 2020-09-02] (UNIVERSITY OF CALIFORNIA, BERKELEY -> Space Sciences Laboratory)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [17683056 2019-03-14] (MyHeritage (USA) Inc. -> MyHeritage)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992832 2020-11-17] (Dropbox, Inc -> Dropbox, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-386011426-3842006082-317715658-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50010064 2020-11-03] (Google LLC -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-08] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6960.198\Installer\chrmstp.exe [2020-11-23] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2020-11-19]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02BBF419-5C99-475C-AAD4-F7705E344D96} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {14CC2D83-9EA7-413F-A5E2-54D4A10545D9} - System32\Tasks\Avast Software\Avast Cleanup Update BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [2812624 2020-12-04] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid dc87917b-4bf7-477b-9f9f-a40beb877691
Task: {1D02958E-BC17-40B7-A6EF-EC1DB0130B1F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-07-08] (Google Inc -> Google Inc.)
Task: {280DA3BE-38E2-4AB5-8A54-055F4411DC33} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {2B7299EB-9AA1-44D0-9F9B-E48D18BDDEC0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4368792 2020-06-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {4531E58A-1D5D-4945-8C98-5A2F1CCBB151} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4368792 2020-06-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {493DC088-60AE-4392-A4C3-1AA252518A30} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_159_pepper.exe [1319424 2017-10-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {49D37C30-3489-4EDF-8CEE-D6C43A947182} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-07-08] (Google Inc -> Google Inc.)
Task: {56CFB7BE-AA0D-4FB3-AF48-D919D7664567} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124776 2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {5782ACBA-2B0A-4049-96D8-1B66133C60B8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {57FE4A73-8F65-41B6-AAD9-DC64B6A5F22C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-12-16] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5DBE283D-8AE7-4328-9F85-4F5A33234913} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {5DBE283D-8AE7-4328-9F85-4F5A33234913} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {5DBE283D-8AE7-4328-9F85-4F5A33234913} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {5F20B910-B695-450C-9173-32EBD7734875} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-10-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {63FA1BFB-16BB-4DB1-BB8C-927958CBA260} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1188968 2020-11-18] (Avast Software s.r.o. -> AVAST Software)
Task: {64A03DBE-1848-46F5-A90F-1E18D4BD76DC} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {6AAE6108-CD37-454F-B467-1AB7BB4E7EC0} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1933408 2020-11-13] (Avast Software s.r.o. -> AVAST Software)
Task: {8622FDA7-5A24-4D87-88A8-971D985EF718} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5442656 2020-11-25] (Avast Software s.r.o. -> Avast Software)
Task: {9B7344C3-53B1-4260-BE73-DE2132DD74E8} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A60C751C-AE07-47CE-93CB-841911A55E3F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1321368 2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {B25675A7-F5D5-4C69-9E0A-AB201AA66986} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4661856 2020-11-18] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 059f3281-c5e2-4301-9183-12ffe2be1de8
Task: {BD13D97D-9BF9-42B0-BCA7-10201B753123} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-12-16] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C0B974F2-18A3-47FD-91A8-C612614FC95B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
Task: {D90924FA-27C8-4BC6-BA93-8F18D8F6297F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFBA6DBD-AAF4-48F4-88F4-2FBA4F8247D7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124776 2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E04EE0F2-9987-480B-8BA2-FD82DA972BA8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {F43ACC64-7095-4588-A289-C935B35F8699} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1933408 2020-11-13] (Avast Software s.r.o. -> AVAST Software)
Task: {FADB2CAC-AC88-4F6B-B5E4-7D4885F9EC16} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5442656 2020-11-16] (Avast Software s.r.o. -> Avast Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{294a3d8b-c540-4481-8f5e-4ec86c1c29e1}: [DhcpNameServer] 62.241.198.246 62.241.198.245
Tcpip\..\Interfaces\{8e96dd2d-d016-4ff1-b999-50cbec634512}: [NameServer] 100.120.168.1
Tcpip\..\Interfaces\{ba7207a8-c52b-47df-aaf0-4060a2d7da17}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Edge:
======
Edge Notifications: HKU\S-1-5-21-386011426-3842006082-317715658-1001 -> hxxps://web.skype.com
Edge DefaultProfile: Default
Edge Profile: C:\Users\vesam\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-20]
FireFox:
========
FF DefaultProfile: 477kck9w.default-1594386348892
FF ProfilePath: C:\Users\vesam\AppData\Roaming\Mozilla\Firefox\Profiles\xl04bfz0.default-release [2020-10-20]
FF ProfilePath: C:\Users\vesam\AppData\Roaming\Mozilla\Firefox\Profiles\477kck9w.default-1594386348892 [2020-09-19]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Chrome:
=======
CHR Profile: C:\Users\vesam\AppData\Local\Google\Chrome\User Data\Default [2020-12-18]
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> google.fi__
CHR Extension: (Slides) - C:\Users\vesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Docs) - C:\Users\vesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\vesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\vesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-08]
CHR Extension: (Sheets) - C:\Users\vesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docsin offline-tila) - C:\Users\vesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-11]
CHR Extension: (Grammarly for Chrome) - C:\Users\vesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-12-17]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\vesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-12]
CHR Extension: (Chrome Web Storen maksut) - C:\Users\vesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Notifications for Instagram) - C:\Users\vesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2019-10-14]
CHR Extension: (Gmail) - C:\Users\vesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\vesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-08]
CHR Profile: C:\Users\vesam\AppData\Local\Google\Chrome\User Data\System Profile [2019-11-01]
CHR HKU\S-1-5-21-386011426-3842006082-317715658-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-10-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1230608 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6960.198\elevation_service.exe [1136920 2020-11-13] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12968552 2020-12-04] (Avast Software s.r.o. -> AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10634632 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-12-16] (Dropbox, Inc -> Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-12-16] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-11-17] (Dropbox, Inc -> Dropbox, Inc.)
S4 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [623848 2016-03-09] (Samsung Electronics CO., LTD. -> Samsung Electronics Co.,Ltd)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe [7897696 2020-11-18] (Avast Software s.r.o. -> AVAST Software)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746504 2020-07-10] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-20] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
R3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-07] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2020-12-17] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59312 2020-08-04] (Avast Software s.r.o. -> Avast Software)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [33448 2016-12-07] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [237840 2020-07-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [247232 2020-07-11] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-20] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-20] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-18 22:39 - 2020-12-18 22:41 - 000025665 _____ C:\Users\vesam\Desktop\FRST.txt
2020-12-18 22:34 - 2020-12-18 22:40 - 000000000 ____D C:\FRST
2020-12-18 22:33 - 2020-12-18 22:33 - 002286592 _____ (Farbar) C:\Users\vesam\Desktop\FRST64.exe
2020-12-18 20:49 - 2020-12-18 20:50 - 000465264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-18 20:14 - 2020-12-18 20:14 - 001321688 _____ (Google LLC) C:\Users\vesam\Desktop\installbackupandsync.exe
2020-12-18 19:44 - 2020-12-18 19:44 - 000000000 ____D C:\Users\vesam\Desktop\htr-20201218T172021Z-001
2020-12-18 19:23 - 2020-12-18 19:44 - 1205757316 _____ C:\Users\vesam\Desktop\htr-20201218T172021Z-001.zip
2020-12-17 18:53 - 2020-12-17 18:53 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-17 18:53 - 2020-12-17 18:53 - 000216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-13 14:47 - 2020-12-13 14:47 - 000000999 _____ C:\Users\vesam\AppData\Local\recently-used.xbel
2020-12-12 18:57 - 2020-12-12 18:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-12 18:57 - 2020-12-12 18:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-12 18:56 - 2020-12-12 18:56 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-12 18:56 - 2020-12-12 18:56 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-12 18:56 - 2020-12-12 18:56 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-12 18:56 - 2020-12-12 18:56 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-12 18:56 - 2020-12-12 18:56 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-12 18:56 - 2020-12-12 18:56 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-12 18:55 - 2020-12-12 18:55 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-12 18:55 - 2020-12-12 18:55 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-12 18:55 - 2020-12-12 18:55 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-12 18:55 - 2020-12-12 18:55 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-12 18:55 - 2020-12-12 18:55 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-12 18:55 - 2020-12-12 18:55 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-12 18:55 - 2020-12-12 18:55 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-12 18:54 - 2020-12-12 18:54 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-12 18:54 - 2020-12-12 18:54 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-12 18:54 - 2020-12-12 18:54 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-12 18:54 - 2020-12-12 18:54 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-12 18:54 - 2020-12-12 18:54 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-12 18:54 - 2020-12-12 18:54 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-12 18:54 - 2020-12-12 18:54 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-11-30 23:10 - 2020-11-30 23:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-11-20 20:33 - 2020-11-20 20:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-18 22:29 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-18 22:05 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-18 21:52 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-18 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-18 21:26 - 2020-08-25 22:53 - 000003516 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-18 21:26 - 2020-08-25 22:53 - 000003292 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-18 21:26 - 2020-08-25 22:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-12-18 21:24 - 2018-05-26 09:21 - 000000000 ____D C:\Users\vesam\AppData\Local\AVAST Software
2020-12-18 21:21 - 2016-07-10 21:29 - 000000000 ____D C:\ProgramData\BOINC
2020-12-18 21:06 - 2016-07-08 08:23 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-18 20:51 - 2016-07-08 07:55 - 000000000 __SHD C:\Users\vesam\IntelGraphicsProfiles
2020-12-18 20:50 - 2020-08-25 22:53 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2020-12-18 20:49 - 2020-08-25 22:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-18 20:49 - 2020-08-25 22:23 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-18 20:49 - 2016-02-27 03:07 - 000000000 ____D C:\Intel
2020-12-18 20:48 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-18 19:12 - 2020-08-25 22:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-17 18:54 - 2020-08-25 22:53 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-12-17 18:53 - 2020-10-14 10:59 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-12-17 18:53 - 2020-04-22 07:10 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-12-17 18:53 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-17 18:53 - 2019-01-14 20:03 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-12-17 18:53 - 2019-01-05 18:23 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-12-17 18:53 - 2019-01-05 18:23 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-12-17 18:53 - 2018-10-11 11:07 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-12-17 18:53 - 2018-06-26 20:31 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-17 18:53 - 2018-05-24 21:25 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-12-17 18:53 - 2018-05-24 21:25 - 000469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-12-17 18:53 - 2018-05-24 21:25 - 000326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-12-17 18:53 - 2018-05-24 21:25 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-12-17 18:53 - 2018-05-24 21:25 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-12-17 18:53 - 2018-05-24 21:25 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-13 23:06 - 2016-07-25 18:48 - 000000000 ____D C:\Users\vesam\.gimp-2.8
2020-12-13 14:47 - 2016-07-25 18:50 - 000000000 ____D C:\Users\vesam\AppData\Local\gtk-2.0
2020-12-13 14:30 - 2020-08-10 18:27 - 000000000 ____D C:\Users\vesam\AppData\Roaming\audacity
2020-12-12 22:21 - 2018-10-14 16:10 - 000000000 ____D C:\Users\vesam\AppData\Local\D3DSCache
2020-12-12 21:57 - 2020-08-25 22:45 - 001258522 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-12 21:57 - 2019-12-07 16:53 - 000402278 _____ C:\WINDOWS\system32\perfh00B.dat
2020-12-12 21:57 - 2019-12-07 16:53 - 000073432 _____ C:\WINDOWS\system32\perfc00B.dat
2020-12-12 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-12 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-12 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-12 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-12 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-12 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-12 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-12 19:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-12 09:45 - 2020-08-23 19:52 - 000002432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-10 19:58 - 2018-08-26 20:34 - 000000000 ____D C:\Users\vesam\AppData\Local\CrashDumps
2020-12-08 17:04 - 2016-07-08 08:20 - 000002302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-08 17:04 - 2016-07-08 08:20 - 000002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-30 23:12 - 2020-10-20 21:43 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-30 23:12 - 2020-10-20 21:43 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-30 23:11 - 2019-12-16 16:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-11-30 20:49 - 2020-08-25 22:53 - 000003534 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-30 20:49 - 2020-08-25 22:53 - 000003310 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-25 18:57 - 2018-02-11 17:21 - 000000000 ____D C:\Users\vesam\AppData\Local\PlaceholderTileLogoFolder
2020-11-23 22:29 - 2018-05-26 09:22 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-11-22 18:53 - 2020-08-25 20:50 - 000000000 ____D C:\Users\vesam\AppData\Roaming\Free M4a to MP3 Converter
2020-11-22 18:43 - 2020-08-25 20:51 - 000000000 ____D C:\Users\vesam\AppData\Roaming\AdvertismentImages
2020-11-18 23:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-11-18 19:10 - 2018-04-25 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
==================== Files in the root of some directories ========
2020-12-13 14:47 - 2020-12-13 14:47 - 000000999 _____ () C:\Users\vesam\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by vesam (18-12-2020 22:45:17)
Running from C:\Users\vesam\Desktop
Windows 10 Home Version 2004 19041.685 (X64) (2020-08-25 20:55:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
DefaultAccount (S-1-5-21-386011426-3842006082-317715658-503 - Limited - Disabled)
Järjestelmänvalvoja (S-1-5-21-386011426-3842006082-317715658-500 - Administrator - Disabled)
vesam (S-1-5-21-386011426-3842006082-317715658-1001 - Administrator - Enabled) => C:\Users\vesam
Vieras (S-1-5-21-386011426-3842006082-317715658-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-386011426-3842006082-317715658-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Connect 9 Add-in (HKU\S-1-5-21-386011426-3842006082-317715658-1001\...\Adobe Connect 9 Add-in) (Version: 11.9.980.387 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.159 - Adobe Systems Incorporated)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 20.1.9481.1346 - Avast Software)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 86.1.6960.198 - AVAST Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.8.5262.1418 - Avast Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Backup and Sync from Google (HKLM\...\{3A8CD593-8CF9-45B4-9932-FC41CBC14E15}) (Version: 3.53.3404.7585 - Google, Inc.)
BOINC (HKLM\...\{31209A01-4F85-4476-9A23-A64C75AE94FC}) (Version: 7.16.11 - Space Sciences Laboratory, U.C. Berkeley)
Crescendo Music Notation Editor (HKLM-x32\...\Crescendo) (Version: 1.86 - NCH Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 110.4.458 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.335.1 - Dropbox, Inc.) Hidden
Free M4a to MP3 Converter X (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Microsoft 365 for Enterprise - fi-fi (HKLM\...\O365ProPlusRetail - fi-fi) (Version: 16.0.12827.20336 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-386011426-3842006082-317715658-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-386011426-3842006082-317715658-1001\...\Teams) (Version: 1.3.00.19173 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 83.0 (x64 fi) (HKLM\...\Mozilla Firefox 83.0 (x64 fi)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0 - Mozilla)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 8.0.0.8516 - MyHeritage.com)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040B-0000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32\...\{018CA28E-3FAB-49C3-A3B8-D6962F27A92D}) (Version: 4.15.9789 - Apache Software Foundation)
Oracle VM VirtualBox 6.1.12 (HKLM\...\{BD4C2875-9059-4C94-A7B5-493A538AC180}) (Version: 6.1.12 - Oracle Corporation)
R for Windows 3.4.3 (HKLM\...\R for Windows 3.4.3_is1) (Version: 3.4.3 - R Core Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.)
Samsung Link 2.0.0.1603091618 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1603091618 - Samsung Electronics Co.,Ltd)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
SopCast 4.2.0 (HKLM-x32\...\SopCast) (Version: 4.2.0 - www.sopcast.com)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.24753 - Microsoft Corporation)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Elokuvakone -> C:\Program Files\WindowsApps\Microsoft.MovieMoments_6.3.9654.20464_x64__8wekyb3d8bbwe [2016-07-12] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios) [MS Ad]
OverDrive - Library eBooks & Audiobooks -> C:\Program Files\WindowsApps\2FA138F6.OverDriveMediaConsole_3.8.0.5_neutral__daecb9042jmvt [2019-03-26] (OverDrive Inc.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
Valokuvat-lisäosa -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-15] (Microsoft Corporation)
Video Maker - VideoShow -> C:\Program Files\WindowsApps\39691Videopix.VideoMaker-VideoShow_1.1.57.0_x64__dxz7h1qnd1pge [2020-10-17] (Videopix)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-386011426-3842006082-317715658-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\vesam\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20107.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-386011426-3842006082-317715658-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\vesam\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20107.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-386011426-3842006082-317715658-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\vesam\Dropbox [2019-12-16 17:11]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-17] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-17] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-11-03] (Google LLC -> Google)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-11-03] (Google LLC -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\igfxDTCM.dll [2020-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-17] (Avast Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\vesam\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
==================== Loaded Modules (Whitelisted) =============
2020-12-18 21:13 - 2020-12-18 21:13 - 000114176 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\_ctypes.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000172544 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\_elementtree.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 002255872 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\_hashlib.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000032256 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\_multiprocessing.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000046080 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\_psutil_windows.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000047616 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\_socket.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 002824704 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\_ssl.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000026112 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\_yappi.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000080896 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\bz2.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000016384 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\common.time34.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000007680 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\hashobjs_ext.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000301568 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\PIL._imaging.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000168448 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\pyexpat.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 001084416 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\pysqlite2._sqlite.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000548864 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\pythoncom27.dll
2020-12-18 21:13 - 2020-12-18 21:13 - 000137728 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\pywintypes27.dll
2020-12-18 21:13 - 2020-12-18 21:13 - 000010752 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\select.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000020992 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\thumbnails_ext.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000689664 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\unicodedata.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000119808 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\usb_ext.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000128512 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\win32api.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000438784 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\win32com.shell.shell.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000011776 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\win32crypt.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000023040 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\win32event.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000149504 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\win32file.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000223232 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\win32gui.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000048128 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\win32inet.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000029696 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\win32pdh.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000027648 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\win32pipe.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000044032 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\win32process.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000020480 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\win32profile.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000136192 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\win32security.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000026624 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\win32ts.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000034816 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\windows.conditional.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000038400 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\windows.connectivity.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000071680 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\windows.device_monitor.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000109056 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\windows.volumes.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000020480 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\windows.winwrap.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 001325056 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\wx._controls_.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 001489408 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\wx._core_.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 001007104 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\wx._gdi_.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000103424 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\wx._html2.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 000916992 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\wx._misc_.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 001039872 _____ () [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\wx._windows_.pyd
2020-12-18 21:13 - 2020-12-18 21:13 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\python27.dll
2020-12-18 21:13 - 2020-12-18 21:13 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\wxbase30u_net_vc90_x64.dll
2020-12-18 21:13 - 2020-12-18 21:13 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\wxbase30u_vc90_x64.dll
2020-12-18 21:13 - 2020-12-18 21:13 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\wxmsw30u_adv_vc90_x64.dll
2020-12-18 21:13 - 2020-12-18 21:13 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\wxmsw30u_core_vc90_x64.dll
2020-12-18 21:13 - 2020-12-18 21:13 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\wxmsw30u_html_vc90_x64.dll
2020-12-18 21:13 - 2020-12-18 21:13 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\vesam\AppData\Local\Temp\_MEI80842\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-10] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-386011426-3842006082-317715658-1001\...\sharepoint.com -> hxxps://eduvantaa-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 09:24 - 2019-01-05 18:18 - 000000028 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\;C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-386011426-3842006082-317715658-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 100.120.168.1 - 62.241.198.246
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
VirtualBox Host-Only Network #3: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
SecureLine: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
WLAN: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "Samsung Link"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Family Tree Builder Update"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM Tray Agent"
HKU\S-1-5-21-386011426-3842006082-317715658-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-386011426-3842006082-317715658-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-386011426-3842006082-317715658-1001\...\StartupApproved\Run: => "OneDriveSetup"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E8C0B274-A8F1-4988-9F0F-95C7C4B179CE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C06F3191-ADA6-44AD-906B-D091FBA3F388}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{E4C6EB4B-23A7-41A3-AE32-C373E977C494}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{97155C9F-FD05-415B-9C04-F21E99CFE800}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 18 DEMO\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{72BDF11D-07C7-4A38-9A62-804FC7E06C99}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 18 DEMO\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{4EA88574-0FC9-410A-85F9-64218FE7EC5B}] => (Allow) LPort=5354
FirewallRules: [{C7C3177B-2569-4931-A33D-E9C7F1E6C06B}] => (Allow) LPort=5354
FirewallRules: [{80975BD6-37D3-4D51-A16A-844A8465931F}] => (Allow) LPort=5354
FirewallRules: [{B5B49C2F-24DB-45FE-8BA0-165760A1C478}] => (Allow) LPort=5354
FirewallRules: [{B8BB6FF8-98E0-4280-8EC2-983A5518715F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{F4895590-541D-43D8-894B-5AFBAC07A83D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{A310CAD4-65B9-418D-955C-5C890FD21491}] => (Allow) C:\Users\vesam\AppData\Roaming\ACEStream\engine\ace_engine.exe => No File
FirewallRules: [{5D6DE5BA-AE92-4431-A6D6-42B390FF0678}] => (Allow) C:\Users\vesam\AppData\Roaming\ACEStream\engine\ace_engine.exe => No File
FirewallRules: [{F3DF5CFF-C259-486C-8833-5335A5A4078D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{2574A983-C49F-41A2-9F62-C78C9A1CEA7E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{4CF8D0E6-AC2B-449A-BD2D-111E99AA38A0}] => (Allow) LPort=1900
FirewallRules: [{2940BD08-83A1-4207-BC5F-290CDB65D005}] => (Allow) LPort=7900
FirewallRules: [{014F17B2-4517-413F-AC8C-198C7246059B}] => (Allow) LPort=24234
FirewallRules: [{87FC6CF4-A061-4EEE-B2AE-D452CC427613}] => (Allow) LPort=7679
FirewallRules: [{C9607608-488D-4876-BAE9-781FFE87670F}] => (Allow) LPort=7676
FirewallRules: [{C64A69C9-B79A-41AB-B7A0-1319093B6D9D}] => (Allow) LPort=8643
FirewallRules: [{0B5E2334-0E7C-4DDA-B21A-ECE35C70CC4B}] => (Allow) LPort=8743
FirewallRules: [{8A61E0D3-45E9-443B-9517-843CB47718C0}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe => No File
FirewallRules: [{3702482E-ECC1-47CC-A9BE-565EC036AE49}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe => No File
FirewallRules: [{A9B240A4-1D8A-4B99-B8FA-E92D4338A9C7}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co.,Ltd)
FirewallRules: [{D4D31348-0981-4099-B5D0-642DEC707E77}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co.,Ltd)
FirewallRules: [{F12A5377-A548-4013-8F0E-AA55C246C7D3}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co.,Ltd)
FirewallRules: [{DF6A6BFB-3899-49E3-A3BC-59BB0F3FFA8F}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co.,Ltd)
FirewallRules: [{C34D44B4-1C92-487F-9D13-B70BA2B92E14}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7F7BFFC-FB4A-492F-B412-832312FD9FE5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B909AAC6-501A-4DD2-9773-B14FE6B9702D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E2AF89FB-88B5-41F3-9C5C-FCFE76508864}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2556E76B-0921-4BA3-BD2D-914835C2E556}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A67798B3-B1DB-4A7E-A766-CE58416E57FD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4591A643-0BCA-4E4D-8901-28338E53E8ED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DC9C17EA-CFD2-491A-B0DB-A5F32910D8DC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DB689FF1-D616-45E0-9069-53CB90654D7A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{21BD6D4B-7651-42DD-A9B1-C868E636AE9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B8C8E78D-238F-4F9C-986E-7C41861783F9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FEC337CF-99D6-4893-B2BB-6D148BB33AD5}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{24E8B47F-BA03-47FC-9A82-CB1ACF446EDC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{0E9564D3-9BBE-4B76-B9EF-61454E0E4D16}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
01-12-2020 19:45:20 Ajoitettu tarkistuspiste
10-12-2020 19:33:19 Ajoitettu tarkistuspiste
12-12-2020 18:20:27 Windowsin moduulien asennusohjelma
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/18/2020 10:48:00 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (4692,D,23) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 32, PgnoRoot: 1887) of database C:\WINDOWS\system32\SRU\SRUDB.dat (1887 => 1512, 32).
Tag: BtDownClinesLowEmpty
Fatal: 1
Error: (12/18/2020 10:48:00 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (4692,D,21) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 32, PgnoRoot: 1887) of database C:\WINDOWS\system32\SRU\SRUDB.dat (1887 => 1512, 32).
Tag: BtDownClinesLowEmpty
Fatal: 1
Error: (12/18/2020 10:47:00 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (4692,D,23) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 32, PgnoRoot: 1887) of database C:\WINDOWS\system32\SRU\SRUDB.dat (1887 => 1512, 32).
Tag: BtDownClinesLowEmpty
Fatal: 1
Error: (12/18/2020 10:47:00 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (4692,D,21) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 32, PgnoRoot: 1887) of database C:\WINDOWS\system32\SRU\SRUDB.dat (1887 => 1512, 32).
Tag: BtDownClinesLowEmpty
Fatal: 1
Error: (12/18/2020 10:46:00 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (4692,D,23) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 32, PgnoRoot: 1887) of database C:\WINDOWS\system32\SRU\SRUDB.dat (1887 => 1512, 32).
Tag: BtDownClinesLowEmpty
Fatal: 1
Error: (12/18/2020 10:46:00 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (4692,D,21) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 32, PgnoRoot: 1887) of database C:\WINDOWS\system32\SRU\SRUDB.dat (1887 => 1512, 32).
Tag: BtDownClinesLowEmpty
Fatal: 1
Error: (12/18/2020 10:45:00 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (4692,D,23) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 32, PgnoRoot: 1887) of database C:\WINDOWS\system32\SRU\SRUDB.dat (1887 => 1512, 32).
Tag: BtDownClinesLowEmpty
Fatal: 1
Error: (12/18/2020 10:45:00 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (4692,D,21) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 32, PgnoRoot: 1887) of database C:\WINDOWS\system32\SRU\SRUDB.dat (1887 => 1512, 32).
Tag: BtDownClinesLowEmpty
Fatal: 1
System errors:
=============
Error: (12/18/2020 10:13:51 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Ohjain havaitsi sisäisen ohjainvirheen laitteella \Device\VBoxNetLwf.
Error: (12/18/2020 10:08:48 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Ohjain havaitsi sisäisen ohjainvirheen laitteella \Device\VBoxNetLwf.
Error: (12/18/2020 10:06:45 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Ohjain havaitsi sisäisen ohjainvirheen laitteella \Device\VBoxNetLwf.
Error: (12/18/2020 10:05:25 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Ohjain havaitsi sisäisen ohjainvirheen laitteella \Device\VBoxNetLwf.
Error: (12/18/2020 09:21:06 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Ohjain havaitsi sisäisen ohjainvirheen laitteella \Device\VBoxNetLwf.
Error: (12/18/2020 08:52:27 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Aikakatkaisu (30000 millisekuntia) odotettaessa tapahtuman vastausta avast! Tools-palvelusta.
Error: (12/18/2020 08:51:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Palvelu Tietoturvakeskus lopetettiin virheen takia. Virhe:
%%16389
Error: (12/18/2020 08:49:33 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Ohjain havaitsi sisäisen ohjainvirheen laitteella \Device\VBoxNetLwf.
Windows Defender:
===================================
Date: 2020-10-20 23:13:34.7380000Z
Description:
Microsoft Defenderin virustentorjunta: tarkistus on lopetettu, ennen kuin se oli valmis.
Tarkistustunnus: {42087E7B-D6BA-4480-A350-B1EAEF58417B}
Tarkistustyyppi: Haittaohjelmien torjuntaohjelma
Tarkistusparametrit: Pikatarkistus
Käyttäjä: NT-hallinta\SYSTEM
Date: 2020-12-07 21:37:20.6410000Z
Description:
Microsoft Defenderin virustentorjunta on havainnut virheen yrittäessään päivittää suojaustietoja.
Uusi suojaustietojen versio:
Edellinen suojaustietojen versio: 1.325.1105.0
Päivityslähde: Microsoft Update -palvelin
Suojaustietojen tyyppi: Virustentorjunta
Päivitystyyppi: Täysi
Käyttäjä: NT-hallinta\SYSTEM
Nykyinen moduuliversio:
Edellinen moduuliversio: 1.1.17600.3
Virhekoodi: 0x8024001e
Virheen kuvaus: Järjestelmässä ilmeni odottamaton ongelma päivityksiä tarkistettaessa. Lisätietoja päivitysten asentamisesta tai vianmäärityksestä on Ohje- ja tukikeskuksessa.
Date: 2020-11-07 18:07:54.2740000Z
Description:
Microsoft Defenderin virustentorjunta on havainnut virheen yrittäessään päivittää suojaustietoja.
Uusi suojaustietojen versio:
Edellinen suojaustietojen versio: 1.325.1105.0
Päivityslähde: Microsoft Malware Protection Center
Suojaustietojen tyyppi: Virustentorjunta
Päivitystyyppi: Täysi
Käyttäjä: NT-hallinta\Verkkopalvelu
Nykyinen moduuliversio:
Edellinen moduuliversio: 1.1.17600.3
Virhekoodi: 0x80072ee7
Virheen kuvaus: Palvelimen nimen tai osoitteen tulkitseminen ei onnistunut
Date: 2020-11-07 18:07:54.2730000Z
Description:
Microsoft Defenderin virustentorjunta on havainnut virheen yrittäessään päivittää suojaustietoja.
Uusi suojaustietojen versio:
Edellinen suojaustietojen versio: 1.325.1105.0
Päivityslähde: Microsoft Malware Protection Center
Suojaustietojen tyyppi: Vakoiluohjelmien torjunta
Päivitystyyppi: Täysi
Käyttäjä: NT-hallinta\Verkkopalvelu
Nykyinen moduuliversio:
Edellinen moduuliversio: 1.1.17600.3
Virhekoodi: 0x80072ee7
Virheen kuvaus: Palvelimen nimen tai osoitteen tulkitseminen ei onnistunut
Date: 2020-11-07 18:07:54.2730000Z
Description:
Microsoft Defenderin virustentorjunta on havainnut virheen yrittäessään päivittää suojaustietoja.
Uusi suojaustietojen versio:
Edellinen suojaustietojen versio: 1.325.1105.0
Päivityslähde: Microsoft Malware Protection Center
Suojaustietojen tyyppi: Virustentorjunta
Päivitystyyppi: Täysi
Käyttäjä: NT-hallinta\Verkkopalvelu
Nykyinen moduuliversio:
Edellinen moduuliversio: 1.1.17600.3
Virhekoodi: 0x80072ee7
Virheen kuvaus: Palvelimen nimen tai osoitteen tulkitseminen ei onnistunut
Date: 2020-11-07 18:07:54.2620000Z
Description:
Microsoft Defenderin virustentorjunta on havainnut virheen yrittäessään päivittää suojaustietoja.
Uusi suojaustietojen versio:
Edellinen suojaustietojen versio: 1.325.1105.0
Päivityslähde: Microsoft Malware Protection Center
Suojaustietojen tyyppi: Virustentorjunta
Päivitystyyppi: Täysi
Käyttäjä: NT-hallinta\Verkkopalvelu
Nykyinen moduuliversio:
Edellinen moduuliversio: 1.1.17600.3
Virhekoodi: 0x80072ee7
Virheen kuvaus: Palvelimen nimen tai osoitteen tulkitseminen ei onnistunut
CodeIntegrity:
===================================
Date: 2020-12-18 22:47:21.9760000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-18 22:47:21.7430000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-18 22:46:07.7970000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-18 22:45:31.8550000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-18 22:45:12.1540000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-18 22:44:40.4300000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-18 22:44:14.9410000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-18 22:43:16.3620000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0501 10/06/2015
Motherboard: ASUSTeK COMPUTER INC. M32CD_A_F_K20CD_K31CD
Processor: Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz
Percentage of memory in use: 74%
Total physical RAM: 8077.89 MB
Available physical RAM: 2041.02 MB
Total Virtual: 9357.89 MB
Available Virtual: 2383.77 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:149.5 GB) (Free:60.2 GB) NTFS
Drive d: (Data) (Fixed) (Total:780.91 GB) (Free:597.76 GB) NTFS
\\?\Volume{002e4d88-20bf-4333-bf97-8172dbc418f4}\ () (Fixed) (Total:0.5 GB) (Free:0.07 GB) NTFS
\\?\Volume{5240f47e-f658-4799-83d5-34dd3ff9da32}\ (Windows RE tools) (Fixed) (Total:0.49 GB) (Free:0.19 GB) NTFS
\\?\Volume{cfebc63b-f687-4b2c-a085-c0973d8de0c3}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 35422FF6)
Partition: GPT.
==================== End of Addition.txt =======================