Laptop is sloooow need help please

Here are the 2 files I just scanned and attached to the thread. Thanks

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2021
Ran by richi (administrator) on LAPTOP-RVLE7NE6 (HP HP Pavilion Notebook) (04-11-2021 00:40:28)
Running from C:UsersrichiDownloads
Loaded Profiles: richi
: Microsoft Windows 10 Home Version 2004 19041.1288 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:Program FilesBonjourmDNSResponder.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:Program Files (x86)Battle.netBattle.net.exe <3>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:ProgramDataBattle.netAgentAgent.7531Agent.exe
(CyberLink Corp. -> ) C:Program FilesCyberLinkShared filesRichVideo64.exe
(Dropbox, Inc -> Dropbox, Inc.) C:Program Files (x86)DropboxUpdateDropboxUpdate.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.112GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.112GoogleCrashHandler64.exe
(Hewlett-Packard -> HP) C:Program Files (x86)HPHP Wireless Button DriverHPRadioMgr64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:Program Files (x86)Hewlett-PackardSharedhpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:WindowsSystem32hpservice.exe
(Hewlett-Packard Company -> HP Development Company, L.P.) C:Program Files (x86)HPHP CoolSenseCoolSense.exe
(HP Inc. -> HP Inc.) C:Program Files (x86)Hewlett-PackardHP Support SolutionsHPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:Program Files (x86)HPHP System EventHPMSGSVC.exe
(HP Inc. -> HP Inc.) C:Program Files (x86)HPHP System EventHPWMISVC.exe
(HP Inc. -> HP Inc.) C:Program FilesHPHP Enabling ServicesAppHelperCap.exe
(HP Inc. -> HP Inc.) C:Program FilesHPHP Enabling ServicesDiagsCap.exe
(HP Inc. -> HP Inc.) C:Program FilesHPHP Enabling ServicesNetworkCap.exe
(HP Inc. -> HP Inc.) C:Program FilesHPHP Enabling ServicesSysInfoCap.exe
(HP Inc.) [File not signed] C:Program FilesHPCommRecoveryHPCommRecovery.exe
(Intel Corporation -> Intel® Corporation) C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe
(Intel Corporation -> Intel® Corporation) C:Program FilesIntelWiFibinEvtEng.exe
(Intel Corporation -> Intel® Corporation) C:WindowsSysWOW64XtuService.exe
(Intel Corporation -> Intel® Corporation) C:Program FilesIntelWiFibinZeroConfigService.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorydal.inf_amd64_b5484efd38adbe8djhi_service.exe
(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorycui_dch.inf_amd64_71f633caa1664730igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorycui_dch.inf_amd64_71f633caa1664730igfxEM.exe
(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigcc_dch.inf_amd64_cf11c5656a14355aOneApp.IGCC.WinService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryiigd_dch.inf_amd64_ca99f42ce27c95c4IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryiigd_dch.inf_amd64_ca99f42ce27c95c4IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:Program FilesIntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe
(Intel® Software -> Intel Corporation) C:WindowsSysWOW64esif_uf.exe
(Intel® Software -> Intel Corporation) C:WindowsTempDPTFesif_assist_64.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:WindowsSystem32ibtsiva.exe
(IObit CO., LTD -> IObit) C:Program Files (x86)IObitIObit Malware FighterIMF.exe
(IObit CO., LTD -> IObit) C:Program Files (x86)IObitIObit Malware FighterIMFCore.exe
(IObit CO., LTD -> IObit) C:Program Files (x86)IObitIObit Malware FighterIMFTips.exe
(IObit Information Technology -> IObit) C:Program Files (x86)IObitIObit Malware FighterIMFsrv.exe
(IObit Information Technology -> IObit) C:Program Files (x86)IObitIObit Malware FighterIMFSrvWsc.exe
(IObit Information Technology -> IObit) C:Program Files (x86)IObitIObit UninstallerUninstallMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)MicrosoftEdgeApplicationmsedge.exe <18>
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe
(Microsoft Corporation) C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbweHxOutlook.exe
(Microsoft Corporation) C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbweHxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32wlanext.exe
(NortonLifeLock Inc. -> Broadcom) C:Program FilesNorton SecurityEngine22.21.10.40NortonSecurity.exe
(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvTelemetryNvTelemetryContainer.exe
(Nvidia Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynvhmi.inf_amd64_e250a9964de6f7fbDisplay.NvContainerNVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:WindowsSystem32SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:WindowsSystem32SynTPEnhService.exe
(TunnelBear -> TunnelBear) C:Program Files (x86)TunnelBearTunnelBear.Maintenance.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Run: [RTHDVCPL] => C:Program FilesRealtekAudioHDARtkNGUI64.exe [11102832 2021-03-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32…Run: [HPRadioMgr] => C:Program Files (x86)HPHP Wireless Button DriverHPRadioMgr64.exe [258600 2016-01-05] (Hewlett-Packard -> HP)
HKLM-x32…Run: [HPMessageService] => C:Program Files (x86)HPHP System EventHPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32…Run: [IObit Malware Fighter] => C:Program Files (x86)IObitIObit Malware FighterIMF.exe [6932176 2021-08-27] (IObit CO., LTD -> IObit)
HKUS-1-5-21-3957930691-1048864780-3325901002-1001…Run: [com.squirrel.Teams.Teams] => C:UsersrichiAppDataLocalMicrosoftTeamsUpdate.exe [1789768 2019-08-29] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKUS-1-5-21-3957930691-1048864780-3325901002-1001…Run: [TunnelBear] => C:Program Files (x86)TunnelBearTunnelBear.exe [134776 2020-04-09] (TunnelBear -> TunnelBear)
HKUS-1-5-21-3957930691-1048864780-3325901002-1001…Run: [E071D2753AE5E88CDAA4AC776E3661173575004E._service_run] => “C:Program Files (x86)MicrosoftEdgeApplicationmsedge.exe” –type=service /prefetch:8
HKUS-1-5-21-3957930691-1048864780-3325901002-1001…Run: [MicrosoftEdgeAutoLaunch_59035960CDE89084FAED6CC98A50B1C9] => “C:Program Files (x86)MicrosoftEdgeApplicationmsedge.exe” –no-startup-window –win-session-start /prefetch:5
HKUS-1-5-21-3957930691-1048864780-3325901002-1001…Run: [CCleaner Smart Cleaning] => C:Program FilesCCleanerCCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM…Windows x64Print ProcessorsCanon MG6600 series Print Processor: C:WindowsSystem32spoolprtprocsx64CNMPDC9.DLL [30208 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Files (x86)GoogleChromeApplication95.0.4638.69Installerchrmstp.exe [2021-11-02] (Google LLC -> Google LLC)
Startup: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupAvast SecureLine VPN.lnk [2019-07-22]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:Program FilesAVAST SoftwareSecureLineVpn.exe (AVAST Software s.r.o. -> AVAST Software)
HKLMSOFTWAREPoliciesMozillaFirefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00DA6CEA-186D-4563-AC42-5D9024D5EE93} – System32TasksDropboxUpdateTaskMachineUA => C:Program Files (x86)DropboxUpdateDropboxUpdate.exe [129808 2021-09-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {0200AC2D-1EDC-4DC1-8E4A-7C65025A90CF} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {063922EA-8307-4D6A-A2C6-D94D6538FAA1} – System32TasksIntelIntel Telemetry 2 => C:Program FilesIntelTelemetry 2.0lrio.exe [1698000 2015-06-05] (Intel® Software -> Intel Corporation)
Task: {11EF6ACE-0921-42EB-840E-CB7F0726DA55} – System32TasksNvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {15987760-2FD2-41F4-9CB8-3AC655230945} – System32TasksHewlett-PackardHP Support AssistantHP Support Solutions Framework Report => C:Program Files (x86)Hewlett-PackardHP Support SolutionsModulesHPSFReport.exe
Task: {16CD7BDD-1F58-46B9-A1F1-63E18C30AB83} – System32TasksCCleaner Update => C:Program FilesCCleanerCCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform)
Task: {1D9700FB-4151-437F-B3DF-663469D5758F} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {20B2DFE4-E797-4A52-8BAA-A989572CADCD} – System32TasksHewlett-PackardHP Support AssistantWarrantyChecker_DeviceScan => C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPWarrantyCheckHPWarrantyChecker.exe
Task: {218526ED-5F6A-45BE-9B61-2744A5EC0F04} – System32TasksNvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2CEA2581-3E78-4A46-863A-82ECB2145D3E} – System32TasksHewlett-PackardHP Web Products Detection => C:Program Files (x86)HPHP Support FrameworkModulesHPWPD.exe [303792 2021-10-27] (HP Inc. -> HP Inc.)
Task: {2F1F5624-2B6D-4846-9D2C-E9ECC0387280} – System32TasksIntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:Program Files (x86)Intel CorporationIntel WiDiIntel® Software Asset ManagerbinIntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel® Software Asset Manager -> Intel Corporation)
Task: {377091FF-A17A-4E70-AC96-2D1671459A65} – System32TasksRemediationAntimalwareMigrationTask => C:Program FilesCommon FilesAVNorton 360Upgrade.exe [2352488 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {3EFEC3A9-355C-4A2B-A720-43B81B9C5B12} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log
Task: {4AD8A486-B541-401C-A847-58929CEE00E5} – System32TasksNorton 360Norton 360 Autofix => C:Program FilesNorton SecurityEngine22.21.10.40SymErr.exe [108752 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {64A1B5A9-FDD1-40BD-9C32-C02DDB8A789C} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [648688 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A3759B5-869C-4892-A11A-143406B3942B} – System32TasksHPHP CoolSenseHP CoolSense Start at Logon => C:Program Files (x86)HPHP CoolSenseCoolSense.exe [1356008 2016-01-21] (Hewlett-Packard Company -> HP Development Company, L.P.)
Task: {6B64B4CE-7B37-4787-827F-06BD3F2B9E9D} – System32TasksNorton 360Norton 360 Error Analyzer => C:Program FilesNorton SecurityEngine22.21.10.40SymErr.exe [108752 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {6B956B1B-8D10-4874-B969-65D81E71C3A0} – System32TasksAvast SecureLine VPN Update => c:program filesavast softwaresecurelinevpnupdate.exe [1390472 2019-10-24] (AVAST Software s.r.o. -> AVAST Software)
Task: {71852DF4-3276-4995-9E09-2196BF258D1B} – System32TasksNorton 360Norton 360 Error Processor => C:Program FilesNorton SecurityEngine22.21.10.40SymErr.exe [108752 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {7278C8D5-05B7-4A19-887B-C99EA635A410} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22655904 2021-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {746261E8-6A8B-47ED-9FFE-9DF0C29978F0} – System32TasksDropboxOEM => C:Program Files (x86)DropboxDropboxOEMDropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {75813AA0-0C84-4A00-9908-D0EDEE4E71AE} – System32TasksMicrosoftOfficeOfficeTelemetryAgentFallBack2016 => C:Program Files (x86)Microsoft OfficerootOffice16msoia.exe [6241704 2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {81E9A9E9-C393-4CAE-A598-8EEEFE3946F7} – System32TasksHewlett-PackardHP Support AssistantWarrantyChecker => C:Program Files (x86)HPHP Support FrameworkResourcesHPWarrantyCheckHPWarrantyChecker.exe [1148080 2021-10-27] (HP Inc. -> HP Inc.)
Task: {8779B773-AE40-4C1C-A3D0-2B28B5E3B82F} – System32TasksMicrosoftOfficeOfficeTelemetryAgentLogOn2016 => C:Program Files (x86)Microsoft OfficerootOffice16msoia.exe [6241704 2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {8EBEC732-67C6-4823-8F6D-D49219079BB5} – System32TasksDropboxUpdateTaskMachineCore => C:Program Files (x86)DropboxUpdateDropboxUpdate.exe [129808 2021-09-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {90C5BAF1-6D53-4801-B667-A56DBB15A3CC} – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program Files (x86)Microsoft OfficerootOffice16sdxhelper.exe [108928 2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {97099556-61E1-4805-82D6-C53A228C0D31} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [154920 2019-08-19] (Google Inc -> Google LLC)
Task: {98DACBE2-B180-4A75-A491-04E1D4885DB1} – System32TasksHewlett-PackardHPDeviceCheck => C:Program Files (x86)HPHP Support FrameworkModulesHPDeviceCheckHPDeviceCheck.exe [304816 2021-10-27] (HP Inc. -> )
Task: {9A2F84C9-72AC-41BF-9B9D-3E29A8740CA1} – System32TasksHewlett-PackardHP Support AssistantHP Support Assistant Update Notice => C:Program Files (x86)HPHP Support FrameworkResourcesBingPopupBingPopup.exe [314032 2021-10-27] (HP Inc. -> HP Inc.)
Task: {9A30F349-38A5-4155-AD0C-089F80913A5E} – System32TasksNvbackend => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe
Task: {A3ABF492-47AB-4706-915C-456E1483E196} – System32TasksCCleanerSkipUAC – richi => C:Program FilesCCleanerCCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B163C9FA-A120-49A8-9A6F-A69F58E92C22} – System32TasksNvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B25BDC00-270D-45CD-8FF5-1E12386E6D52} – System32TasksHPDAS => C:Program [Argument = FilesHPHP ePrintHP.DeliveryAndStatus.Desktop.App.exe /CheckJobs]
Task: {B93B7721-B5A8-4A94-945C-DE2ED65CD78D} – System32TasksUninstaller_SkipUac_richi => C:Program Files (x86)IObitIObit UninstallerIObitUninstaler.exe [6705688 2021-04-08] (IObit CO., LTD -> IObit)
Task: {BE20E625-0112-4569-A47C-F2801F109C53} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22655904 2021-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {C05AC8B9-B19F-41F3-9C15-B6BB77D2C7FD} – System32TasksNvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C491058B-EBDC-4E74-A4B1-0CE8F2883B14} – System32TasksIMF_SkipUAC_richi => C:Program Files (x86)IObitIObit Malware FighterIMF.exe [6932176 2021-08-27] (IObit CO., LTD -> IObit)
Task: {D2D822A1-FC12-4A49-9277-89BA4421F9E4} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program Files (x86)Microsoft OfficerootOffice16sdxhelper.exe [108928 2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {D5C0DDAA-20BD-45CB-B06D-6D391D3BAB0C} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3729392 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7C45E1D-F4CE-49D3-B975-DEFFE99F9CC0} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [154920 2019-08-19] (Google Inc -> Google LLC)
Task: {DC869577-06E2-43C7-8185-F8FF2A2F7ACD} – System32TasksHewlett-PackardHP Support AssistantHP Support Solutions Framework Updater => C:Program Files (x86)Hewlett-PackardHP Support SolutionsModulesHPSSFUpdater.exe
Task: {E0919517-0BF8-426F-8C93-91454ABFE6DA} – System32TasksNvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmMon.exe [591344 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E651C08B-DCF5-42CF-A899-AB5560F2AA97} – System32TasksIntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:Program Files (x86)Intel CorporationIntel WiDiIntel® Software Asset ManagerbinIntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel® Software Asset Manager -> Intel Corporation)
Task: {F4256FFA-C308-4FB5-BE1E-392052B181CE} – System32TasksNorton WSC Integration => C:Program FilesNorton SecurityEngine22.21.10.40WSCStub.exe [646520 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {F4B7A7FF-20CE-47A6-89DA-9D71F4C6BC5A} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log
Task: {F50F249B-CCDA-46CB-ADD2-9C6871C19A15} – System32TasksIUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:Program Files (x86)IntelIntel® Update Managerbiniumsvc.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:WINDOWSTasksDropboxUpdateTaskMachineCore.job => C:Program Files (x86)DropboxUpdateDropboxUpdate.exe
Task: C:WINDOWSTasksDropboxUpdateTaskMachineUA.job => C:Program Files (x86)DropboxUpdateDropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

TcpipParameters: [DhcpNameServer] 10.0.0.1
Tcpip..Interfaces{7fb24520-2f47-42d8-8575-b4d14b661ce6}: [DhcpNameServer] 172.18.11.1
Tcpip..Interfaces{d9a2fb12-0022-48a6-8e20-e1d4971ec2d4}: [DhcpNameServer] 40.23.1.11
Tcpip..Interfaces{eb9185a1-8da6-4ccd-8f3a-9077f578b841}: [DhcpNameServer] 10.0.0.1

Edge:
=======
DownloadDir: C:UsersrichiDownloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsBookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsPinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:UsersrichiAppDataLocalMicrosoftEdgeUser DataDefault [2021-11-04]

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:Program Files (x86)Common FilesAdobeOOBEPDAppCCMUtilitiesnpAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:windowsSysWOW64AdobeDirectornp32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:Program Files (x86)Microsoft OfficerootVFSProgramFilesX86Mozilla Firefoxpluginsnpmeetingjoinpluginoc.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program Files (x86)Microsoft OfficerootOffice16NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKUS-1-5-21-3957930691-1048864780-3325901002-1001: @zoom.us/ZoomVideoPlugin -> C:UsersrichiAppDataRoamingZoombinnpzoomplugin.dll [2020-04-28] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR Profile: C:UsersrichiAppDataLocalGoogleChromeUser DataDefault [2021-11-03]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://meet.google.com; hxxps://us-tridentvsorbit.foryoupromo.com
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=E211US773G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://us.search.yahoo.com/sugg/gossip/gossip-us-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Slides) – C:UsersrichiAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2019-08-19]
CHR Extension: (Docs) – C:UsersrichiAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2019-08-19]
CHR Extension: (Google Drive) – C:UsersrichiAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-11-11]
CHR Extension: (YouTube) – C:UsersrichiAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-19]
CHR Extension: (Sheets) – C:UsersrichiAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2019-08-19]
CHR Extension: (Google Docs Offline) – C:UsersrichiAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-31]
CHR Extension: (Safe Torrent Scanner) – C:UsersrichiAppDataLocalGoogleChromeUser DataDefaultExtensionsmakcojoppodhcgmmchohadhpkicoafka [2020-08-17]
CHR Extension: (Chrome Web Store Payments) – C:UsersrichiAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-04-09]
CHR Extension: (Gmail) – C:UsersrichiAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-11-11]
CHR HKLM-x32…ChromeExtension: [makcojoppodhcgmmchohadhpkicoafka]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [12034464 2021-10-12] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:Program Files (x86)DropboxUpdateDropboxUpdate.exe [129808 2021-09-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:Program Files (x86)DropboxUpdateDropboxUpdate.exe [129808 2021-09-30] (Dropbox, Inc -> Dropbox, Inc.)
R2 HP Comm Recover; C:Program FilesHPCommRecoveryHPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPAppHelperCap; C:Program FilesHPHP Enabling ServicesAppHelperCap.exe [755704 2021-09-23] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:Program FilesHPHP Enabling ServicesDiagsCap.exe [754184 2021-09-23] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:Program FilesHPHP Enabling ServicesNetworkCap.exe [751104 2021-09-23] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:Program Files (x86)Hewlett-PackardHP Support SolutionsHPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:Program FilesHPHP Enabling ServicesSysInfoCap.exe [754688 2021-09-23] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:Program Files (x86)HPHP System EventHPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
R2 IMFservice; C:Program Files (x86)IObitIObit Malware FighterIMFsrv.exe [2405136 2021-08-31] (IObit Information Technology -> IObit)
S3 Intel® WiDi SAM; C:Program Files (x86)Intel CorporationIntel WiDiIntel® Software Asset ManagerbinIntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel® Software Asset Manager -> Intel Corporation)
S2 IObitUnSvr; C:Program Files (x86)IObitIObit UninstallerIUService.exe [158992 2020-10-19] (IObit Information Technology -> IObit)
S2 NortonSecurity; C:Program FilesNorton SecurityEngine22.21.10.40NortonSecurity.exe [343336 2021-10-29] (NortonLifeLock Inc. -> Broadcom)
S2 nsWscSvc; C:Program FilesNorton SecurityEngine22.21.10.40nsWscSvc.exe [1059176 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 RichVideo64; C:Program FilesCyberLinkShared filesRichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 TunnelBearMaintenance; C:Program Files (x86)TunnelBearTunnelBear.Maintenance.exe [137848 2020-04-09] (TunnelBear -> TunnelBear)
S3 WdNisSvc; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2005.5-0NisSrv.exe [2484256 2020-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2005.5-0MsMpEng.exe [103168 2020-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynvhmi.inf_amd64_e250a9964de6f7fbDisplay.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WINDOWSSystem32DriverStoreFileRepositorynvhmi.inf_amd64_e250a9964de6f7fbDisplay.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:WINDOWSSystem32driversAppleKmdfFilter.sys [20640 2018-04-18] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:WINDOWSSystem32driversAppleLowerFilter.sys [35560 2018-04-18] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S1 BHDrvx64; C:Program FilesNorton SecurityNortonData22.21.9.25DefinitionsBASHDefs20211102.011BHDrvx64.sys [2018784 2021-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:WINDOWSSystem32driversBthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:WINDOWSSystem32driversNGCx6416150A0.028ccSetx64.sys [192256 2021-10-29] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:Program Files (x86)Common FilesSymantec SharedEENGINEeeCtrl64.sys [516168 2021-06-12] (Symantec Corporation -> Broadcom)
R3 EraserUtilRebootDrv; C:Program Files (x86)Common FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys [153672 2021-10-31] (Symantec Corporation -> Broadcom)
S1 IDSVia64; C:Program FilesNorton SecurityNortonData22.21.9.25DefinitionsIPSDefs20211103.061IDSvia64.sys [1480144 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 Imf8HpRegFilter; C:Program Files (x86)IObitIObit Malware Fighterdriverswin10_amd64ImfHpRegFilter.sys [41848 2019-12-17] (IObit Information Technology -> IObit)
R3 IMFDownProtect; C:Program Files (x86)IObitIObit Malware Fighterdriverswin10_amd64IMFDownProtect.sys [40920 2021-07-30] (IObit CO., LTD -> IObit)
R3 IMFForceDelete; C:Program Files (x86)IObitIObit Malware Fighterdriverswin10_amd64IMFForceDelete.sys [34192 2019-06-11] (IObit Information Technology -> IObit)
R3 ImfHpFileFilter; C:Program Files (x86)IObitIObit Malware Fighterdriverswin10_amd64ImfHpFileFilter.sys [45432 2019-12-17] (IObit Information Technology -> IObit)
R3 ImfObCallback; C:Program Files (x86)IObitIObit Malware Fighterdriverswin10_amd64ImfObCallback.sys [33984 2020-03-12] (IObit Information Technology -> IObit)
R3 ImfRealScanner; C:Program Files (x86)IObitIObit Malware Fighterdriverswin10_amd64ImfRealScanner.sys [53720 2021-08-13] (IObit CO., LTD -> IObit)
R3 ImfRegistryFilter; C:Program Files (x86)IObitIObit Malware Fighterdriverswin10_amd64ImfRegistryFilter.sys [42360 2019-12-17] (IObit Information Technology -> IObit)
R3 IUFileFilter; C:Program Files (x86)IObitIObit Uninstallerdriverswin10_amd64IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:Program Files (x86)IObitIObit Uninstallerdriverswin10_amd64IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:Program Files (x86)IObitIObit Uninstallerdriverswin10_amd64IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
S3 nsvst_NGC; C:WINDOWSSystem32driversNGCx6416150A0.028nsvst.sys [56080 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 SRTSP; C:WINDOWSSystem32driversNGCx6416150A0.028SRTSP64.SYS [892600 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:WINDOWSSystem32driversNGCx6416150A0.028SRTSPX64.SYS [48824 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:WINDOWSSystem32driversNGCx6416150A0.028SYMEFASI64.SYS [2030792 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:WINDOWSSystem32driversNGCx6416150A0.028SymELAM.sys [31984 2021-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:WINDOWSsystem32DriversSYMEVENT64x86.SYS [93120 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 SymEvnt; C:Program FilesNorton SecurityNortonData22.21.9.25SymPlatformSymEvnt.sys [712432 2021-06-15] (Symantec Corporation -> Symantec Corporation)
S1 SymIRON; C:WINDOWSSystem32driversNGCx6416150A0.028Ironx64.SYS [319152 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S1 SymNetS; C:WINDOWSSystem32driversNGCx6416150A0.028symnets.sys [575344 2021-10-29] (Symantec Corporation -> Symantec Corporation)
R3 tap-tb-0901; C:WINDOWSSystem32driverstap-tb-0901.sys [38656 2016-10-17] (TunnelBear, Inc. -> The OpenVPN Project)
S3 WdBoot; C:WINDOWSsystem32driverswdWdBoot.sys [45960 2020-06-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:WINDOWSsystem32driverswdWdFilter.sys [401120 2020-06-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [64224 2020-06-10] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:WINDOWSSystem32driversWirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
R1 wpCtrlDrv_NGC; C:WINDOWSSystem32driversNGCx6416150A0.028wpCtrlDrv.sys [1015760 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-04 00:40 – 2021-11-04 00:42 – 000033998 _____ C:UsersrichiDownloadsFRST.txt
2021-11-04 00:38 – 2021-11-04 00:41 – 000000000 ____D C:FRST
2021-11-04 00:34 – 2021-11-04 00:34 – 002311168 _____ (Farbar) C:UsersrichiDownloadsFRST64 (2).exe
2021-11-04 00:33 – 2021-11-04 00:33 – 002311168 _____ (Farbar) C:UsersrichiDownloadsUnconfirmed 422695.crdownload
2021-11-03 21:39 – 2021-11-03 21:39 – 002311168 _____ (Farbar) C:UsersrichiDownloadsUnconfirmed 196711.crdownload
2021-11-02 22:14 – 2021-11-02 22:14 – 000000000 ____D C:WINDOWSsystem32TasksRemediation
2021-11-02 21:49 – 2021-11-03 21:51 – 000000000 ____D C:WINDOWSsystem32TasksNorton 360
2021-11-02 21:49 – 2021-11-02 21:49 – 000003378 _____ C:WINDOWSsystem32TasksNorton WSC Integration
2021-11-02 21:49 – 2021-11-02 21:49 – 000000000 ___RD C:ProgramDataMicrosoftWindowsStart MenuProgramsNorton Security
2021-11-01 21:00 – 2021-11-01 21:00 – 000000000 ____D C:UsersrichiOneDriveDocumentsCall of Duty Modern Warfare
2021-11-01 20:48 – 2021-11-01 20:48 – 000001078 _____ C:UsersPublicDesktopCall of Duty Modern Warfare.lnk
2021-11-01 20:48 – 2021-11-01 20:48 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCall of Duty Modern Warfare
2021-11-01 18:17 – 2021-11-01 18:17 – 000452096 _____ (Microsoft Corporation) C:WINDOWSSysWOW64inetcpl.cpl
2021-11-01 18:16 – 2021-11-01 18:16 – 000570368 _____ (Microsoft Corporation) C:WINDOWSsystem32inetcpl.cpl
2021-11-01 18:16 – 2021-11-01 18:16 – 000011495 _____ C:WINDOWSsystem32DrtmAuthTxt.wim
2021-11-01 18:15 – 2021-11-01 18:15 – 000611960 _____ C:WINDOWSSysWOW64TextShaping.dll
2021-11-01 18:14 – 2021-11-01 18:14 – 000706536 _____ C:WINDOWSsystem32TextShaping.dll
2021-11-01 18:14 – 2021-11-01 18:14 – 000098304 _____ C:WINDOWSsystem32Driverscimfs.sys
2021-11-01 18:13 – 2021-11-01 18:13 – 000288768 _____ C:WINDOWSsystem32Windows.Management.InprocObjects.dll
2021-11-01 17:30 – 2021-11-01 17:30 – 000000000 ___HD C:$WinREAgent
2021-10-31 22:39 – 2021-10-31 22:39 – 000002908 _____ C:WINDOWSsystem32TasksIMF_SkipUAC_richi
2021-10-31 22:37 – 2021-10-31 22:37 – 000001257 _____ C:UsersPublicDesktopIObit Malware Fighter.lnk
2021-10-31 22:37 – 2021-10-31 22:37 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsIObit Malware Fighter
2021-10-31 20:00 – 2021-10-31 20:00 – 000000000 ____D C:WINDOWSsystem32lxss
2021-10-31 19:52 – 2021-10-31 19:52 – 000000000 ____D C:UsersrichiAppDataLocalLowIntel
2021-10-31 19:42 – 2021-10-31 19:42 – 000000000 ____D C:ProgramDataSoundResearch
2021-10-31 19:24 – 2021-11-03 21:32 – 000000000 ____D C:Program FilesCCleaner
2021-10-31 19:24 – 2021-10-31 19:24 – 000003936 _____ C:WINDOWSsystem32TasksCCleaner Update
2021-10-31 19:24 – 2021-10-31 19:24 – 000002904 _____ C:WINDOWSsystem32TasksCCleanerSkipUAC – richi
2021-10-31 19:24 – 2021-10-31 19:24 – 000000870 _____ C:UsersPublicDesktopCCleaner.lnk
2021-10-31 19:24 – 2021-10-31 19:24 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCCleaner
2021-10-31 19:23 – 2021-10-31 19:23 – 035990664 _____ (Piriform Software Ltd) C:UsersrichiDownloadsccsetup586_pro_trial.exe
2021-10-31 19:07 – 2021-11-02 22:14 – 000000000 ____D C:Program FilesCommon FilesAV
2021-10-31 18:01 – 2021-10-31 18:00 – 000010235 _____ C:WINDOWSsystem32DriversSYMEVENT64x86.CAT
2021-10-31 18:00 – 2021-11-02 21:49 – 000002436 _____ C:UsersPublicDesktopNorton Security.lnk
2021-10-31 18:00 – 2021-10-31 18:00 – 000093120 _____ (Broadcom) C:WINDOWSsystem32DriversSYMEVENT64x86.SYS
2021-10-31 18:00 – 2021-10-31 18:00 – 000000000 ____D C:Program FilesCommon FilesSymantec Shared
2021-10-31 17:59 – 2021-11-02 21:49 – 000000000 ____D C:WINDOWSsystem32DriversNGCx64
2021-10-31 17:59 – 2021-10-31 17:59 – 000000000 ____D C:Program FilesNorton Security
2021-10-31 17:55 – 2021-10-31 17:55 – 000000000 ____D C:ProgramDataNortonInstaller
2021-10-31 17:55 – 2021-10-31 17:55 – 000000000 ____D C:Program Files (x86)NortonInstaller
2021-10-31 17:52 – 2021-10-31 18:09 – 000000000 ____D C:ProgramDataNorton
2021-10-31 17:52 – 2021-10-31 17:52 – 003806696 _____ (NortonLifeLock Inc.) C:UsersrichiDownloadsN360Downloader.exe
2021-10-31 17:52 – 2021-10-31 17:52 – 000000000 ____D C:UsersPublicDownloadsNorton
2021-10-27 23:20 – 2021-10-27 23:20 – 000001170 _____ C:UsersPublicDesktopHP Support Assistant.lnk
2021-10-27 23:18 – 2021-10-27 23:18 – 000000000 ____D C:UsersrichiAppDataRoaminghpqLog
2021-10-21 19:49 – 2021-10-21 19:49 – 001874648 _____ C:WINDOWSsystem32vulkaninfo-1-999-0-0-0.exe
2021-10-21 19:49 – 2021-10-21 19:49 – 001874648 _____ C:WINDOWSsystem32vulkaninfo.exe
2021-10-21 19:49 – 2021-10-21 19:49 – 001464952 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.dll
2021-10-21 19:49 – 2021-10-21 19:49 – 001450232 _____ C:WINDOWSSysWOW64vulkaninfo-1-999-0-0-0.exe
2021-10-21 19:49 – 2021-10-21 19:49 – 001450232 _____ C:WINDOWSSysWOW64vulkaninfo.exe
2021-10-21 19:49 – 2021-10-21 19:49 – 001206384 _____ (Khronos Group) C:WINDOWSSysWOW64OpenCL.dll
2021-10-21 19:49 – 2021-10-21 19:49 – 001111256 _____ C:WINDOWSsystem32vulkan-1-999-0-0-0.dll
2021-10-21 19:49 – 2021-10-21 19:49 – 001111256 _____ C:WINDOWSsystem32vulkan-1.dll
2021-10-21 19:49 – 2021-10-21 19:49 – 000965336 _____ C:WINDOWSSysWOW64vulkan-1-999-0-0-0.dll
2021-10-21 19:49 – 2021-10-21 19:49 – 000965336 _____ C:WINDOWSSysWOW64vulkan-1.dll
2021-10-21 19:45 – 2021-10-21 19:45 – 039335552 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvlddmkm.sys
2021-10-21 19:45 – 2021-10-21 19:45 – 001523336 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFR64.dll
2021-10-21 19:45 – 2021-10-21 19:45 – 001172608 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFR.dll
2021-10-21 19:45 – 2021-10-21 19:45 – 000800368 _____ C:WINDOWSsystem32nvofapi64.dll
2021-10-21 19:45 – 2021-10-21 19:45 – 000707728 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvidia-smi.exe
2021-10-21 19:45 – 2021-10-21 19:45 – 000676480 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFROpenGL.dll
2021-10-21 19:45 – 2021-10-21 19:45 – 000656512 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvml.dll
2021-10-21 19:45 – 2021-10-21 19:45 – 000635000 _____ C:WINDOWSSysWOW64nvofapi.dll
2021-10-21 19:45 – 2021-10-21 19:45 – 000564352 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFROpenGL.dll
2021-10-21 19:44 – 2021-10-21 19:44 – 008724080 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuvid.dll
2021-10-21 19:44 – 2021-10-21 19:44 – 007843984 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuvid.dll
2021-10-21 19:44 – 2021-10-21 19:44 – 004938896 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuda.dll
2021-10-21 19:44 – 2021-10-21 19:44 – 002850416 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuda.dll
2021-10-21 19:44 – 2021-10-21 19:44 – 002114688 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvFBC64.dll
2021-10-21 19:44 – 2021-10-21 19:44 – 001597584 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvFBC.dll
2021-10-21 19:44 – 2021-10-21 19:44 – 000981112 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvEncodeAPI64.dll
2021-10-21 19:44 – 2021-10-21 19:44 – 000792208 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvEncodeAPI.dll
2021-10-21 19:44 – 2021-10-21 19:44 – 000452216 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdebugdump.exe
2021-10-21 19:43 – 2021-10-21 19:43 – 005727376 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcpl.dll
2021-10-21 19:43 – 2021-10-21 19:43 – 000849016 _____ (NVIDIA Corporation) C:WINDOWSsystem32MCU.exe
2021-10-21 19:39 – 2021-10-21 19:39 – 006430824 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvapi.dll
2021-10-21 02:48 – 2021-10-21 02:48 – 000085748 _____ C:WINDOWSsystem32nvinfo.pb
2021-10-09 01:47 – 2021-10-09 01:47 – 001687040 _____ C:WINDOWSsystem32libcrypto.dll
2021-10-09 01:45 – 2021-10-09 01:45 – 002371072 _____ C:WINDOWSsystem32rdpnano.dll
2021-10-09 01:45 – 2021-10-09 01:45 – 000672768 _____ C:WINDOWSsystem32FsNVSDeviceSource.dll
2021-10-09 01:45 – 2021-10-09 01:45 – 000084992 _____ (Microsoft Corporation) C:WINDOWSsystem32wscui.cpl
2021-10-09 01:45 – 2021-10-09 01:45 – 000067584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wscui.cpl
2021-10-09 01:43 – 2021-10-09 01:43 – 002111488 _____ (Digimarc) C:WINDOWSSysWOW64DMRCDecoder.dll
2021-10-09 01:43 – 2021-10-09 01:43 – 001864192 _____ (The ICU Project) C:WINDOWSSysWOW64icu.dll
2021-10-09 01:43 – 2021-10-09 01:43 – 001333760 _____ C:WINDOWSSysWOW64TextInputMethodFormatter.dll
2021-10-09 01:43 – 2021-10-09 01:43 – 001164288 _____ C:WINDOWSsystem32MBR2GPT.EXE
2021-10-09 01:43 – 2021-10-09 01:43 – 000468440 _____ C:WINDOWSSysWOW64WindowManagementAPI.dll
2021-10-09 01:43 – 2021-10-09 01:43 – 000223744 _____ C:WINDOWSSysWOW64TpmTool.exe
2021-10-09 01:41 – 2021-10-09 01:41 – 000231248 _____ C:WINDOWSsystem32containerdevicemanagement.dll
2021-10-09 01:41 – 2021-10-09 01:41 – 000060928 _____ C:WINDOWSsystem32runexehelper.exe
2021-10-09 01:40 – 2021-10-09 01:40 – 002295296 _____ (Digimarc) C:WINDOWSsystem32DMRCDecoder.dll
2021-10-09 01:40 – 2021-10-09 01:40 – 002260992 _____ C:WINDOWSsystem32TextInputMethodFormatter.dll
2021-10-09 01:40 – 2021-10-09 01:40 – 002260480 _____ (The ICU Project) C:WINDOWSsystem32icu.dll
2021-10-09 01:40 – 2021-10-09 01:40 – 000657464 _____ C:WINDOWSsystem32WindowManagementAPI.dll
2021-10-09 01:39 – 2021-10-09 01:39 – 000287232 _____ C:WINDOWSsystem32CoreMas.dll
2021-10-09 01:39 – 2021-10-09 01:39 – 000272384 _____ C:WINDOWSsystem32TpmTool.exe
2021-10-09 01:39 – 2021-10-09 01:39 – 000162816 _____ C:WINDOWSsystem32DataStoreCacheDumpTool.exe
2021-10-09 01:39 – 2021-10-09 01:39 – 000013312 _____ C:WINDOWSsystem32agentactivationruntimestarter.exe
2021-10-07 21:10 – 2021-10-07 23:43 – 000000000 ____D C:UsersrichiAppDataLocalNotepad

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-04 00:38 – 2020-06-27 22:16 – 000000000 ____D C:UsersrichiAppDataLocalBattle.net
2021-11-04 00:32 – 2020-06-28 19:11 – 000000000 ____D C:Program Files (x86)Call of Duty Modern Warfare
2021-11-04 00:30 – 2020-08-18 17:31 – 000000000 ____D C:WINDOWSsystem32SleepStudy
2021-11-04 00:30 – 2019-08-19 01:18 – 000000000 ____D C:Program Files (x86)Google
2021-11-03 21:51 – 2019-07-21 21:55 – 000000000 ____D C:Program Files (x86)TunnelBear
2021-11-03 21:47 – 2020-08-18 17:59 – 000000000 ____D C:WINDOWSsystem32TasksHewlett-Packard
2021-11-03 21:46 – 2019-12-07 05:14 – 000000000 ___HD C:Program FilesWindowsApps
2021-11-03 21:46 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSAppReadiness
2021-11-03 21:44 – 2019-12-07 05:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2021-11-03 21:42 – 2021-04-15 15:38 – 000000000 ____D C:ProgramDataIObit
2021-11-03 21:34 – 2019-12-07 05:13 – 000000000 ____D C:WINDOWSINF
2021-11-03 21:30 – 2019-06-10 02:58 – 000000000 ____D C:ProgramDataNVIDIA
2021-11-02 21:49 – 2019-12-07 05:14 – 000000000 ___HD C:WINDOWSELAMBKUP
2021-11-02 21:48 – 2019-06-10 08:55 – 000000000 ____D C:UsersrichiAppDataLocalPlaceholderTileLogoFolder
2021-11-02 21:25 – 2019-06-10 08:53 – 000000000 ____D C:UsersrichiAppDataLocalPackages
2021-11-02 20:08 – 2019-08-19 01:19 – 000002308 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2021-11-02 14:33 – 2021-04-15 15:38 – 000000000 ____D C:UsersrichiAppDataRoamingIObit
2021-11-02 13:52 – 2019-06-22 20:09 – 000000000 ____D C:UsersrichiAppDataLocalCrashDumps
2021-11-02 13:49 – 2019-06-10 08:53 – 000000000 __SHD C:UsersrichiIntelGraphicsProfiles
2021-11-02 13:46 – 2020-11-12 07:28 – 000470416 _____ C:WINDOWSsystem32FNTCACHE.DAT
2021-11-02 13:46 – 2016-06-05 10:47 – 000000000 ____D C:ProgramDataIntel
2021-11-02 13:45 – 2020-08-18 17:59 – 000000006 ____H C:WINDOWSTasksSA.DAT
2021-11-02 13:45 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSServiceState
2021-11-02 13:45 – 2019-06-10 02:58 – 000000000 ____D C:Intel
2021-11-02 13:44 – 2020-08-18 17:31 – 000008192 ___SH C:DumpStack.log.tmp
2021-11-02 13:44 – 2019-12-07 05:03 – 000524288 _____ C:WINDOWSsystem32configBBI
2021-11-02 13:42 – 2019-12-07 05:14 – 000000000 ___SD C:WINDOWSsystem32UNP
2021-11-02 13:42 – 2019-12-07 05:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel
2021-11-02 13:42 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64oobe
2021-11-02 13:42 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSystemResources
2021-11-02 13:42 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns
2021-11-02 13:42 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32oobe
2021-11-02 13:42 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSPolicyDefinitions
2021-11-02 13:42 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSDiagTrack
2021-11-02 13:42 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSbcastdvr
2021-11-01 23:38 – 2020-09-10 20:13 – 000002390 _____ C:UsersrichiAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-11-01 23:38 – 2020-08-18 17:59 – 000003380 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-3957930691-1048864780-3325901002-1001
2021-11-01 21:01 – 2020-07-05 05:15 – 000000000 ____D C:UsersrichiAppDataLocalNVIDIA Corporation
2021-11-01 21:00 – 2019-06-14 17:15 – 000000000 ____D C:UsersrichiAppDataLocalD3DSCache
2021-11-01 18:27 – 2019-12-07 05:03 – 000000000 ____D C:WINDOWSCbsTemp
2021-11-01 15:45 – 2020-06-27 22:11 – 000000000 ____D C:Program Files (x86)Battle.net
2021-10-31 22:38 – 2021-04-15 15:39 – 000000000 ____D C:ProgramDataProductData
2021-10-31 22:37 – 2021-04-15 15:40 – 000000000 ____D C:UsersrichiAppDataLocalLowIObit
2021-10-31 22:36 – 2021-04-15 15:39 – 000000000 ____D C:Program Files (x86)IObit
2021-10-31 22:36 – 2020-06-27 22:16 – 000000000 ____D C:UsersrichiAppDataRoamingBattle.net
2021-10-31 22:35 – 2021-10-03 15:00 – 000000000 ____D C:Program Files (x86)StarCraft II
2021-10-31 21:57 – 2021-09-30 22:18 – 000000000 ____D C:Program FilesCommon FilesAdobe
2021-10-31 21:57 – 2021-09-30 22:16 – 000000000 ____D C:ProgramDataAdobe
2021-10-31 21:13 – 2020-08-18 17:45 – 000910816 _____ C:WINDOWSsystem32PerfStringBackup.INI
2021-10-31 21:01 – 2020-08-18 17:45 – 000002081 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsB&O Play Audio Control.lnk
2021-10-31 21:00 – 2019-06-10 02:59 – 000360738 _____ C:WINDOWSsystem32Driversrtkhdasetting.zip
2021-10-31 21:00 – 2019-06-10 02:59 – 000000000 ____D C:WINDOWSSysWOW64RTCOM
2021-10-31 20:54 – 2019-06-10 08:53 – 000000000 ____D C:ProgramDataPackages
2021-10-31 20:52 – 2019-06-10 02:57 – 000000000 ____D C:WINDOWSsystem32DriversNVIDIA Corporation
2021-10-31 20:31 – 2021-09-30 22:15 – 000000000 ____D C:UsersrichiAppDataLocalAdobe
2021-10-31 20:01 – 2020-07-05 05:15 – 000000000 ____D C:UsersrichiAppDataLocalNVIDIA
2021-10-31 19:53 – 2019-06-10 08:53 – 000000000 ____D C:UsersrichiAppDataLocalPublishers
2021-10-31 19:30 – 2020-08-17 22:09 – 000000000 ____D C:UsersrichiAppDataRoamingBitTorrent
2021-10-31 19:27 – 2016-06-05 11:08 – 000000000 ____D C:Program FilesAVAST Software
2021-10-31 19:26 – 2019-06-10 08:55 – 000000000 ____D C:UsersrichiAppDataRoamingAVAST Software
2021-10-31 19:26 – 2016-06-05 11:08 – 000000000 ____D C:ProgramDataAVAST Software
2021-10-31 18:36 – 2016-04-01 14:56 – 000000948 _____ C:WINDOWSTasksDropboxUpdateTaskMachineUA.job
2021-10-31 18:36 – 2016-04-01 14:56 – 000000944 _____ C:WINDOWSTasksDropboxUpdateTaskMachineCore.job
2021-10-31 18:32 – 2019-12-07 05:50 – 000000000 ____D C:WINDOWSsystem32OpenSSH
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ___SD C:WINDOWSsystem32DiagSvcs
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64setup
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64lv-LV
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64lt-LT
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64et-EE
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64es-MX
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64Dism
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32WinMetadata
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32SystemResetPlatform
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32setup
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32migwiz
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32lv-LV
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32lt-LT
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32et-EE
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32es-MX
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32Dism
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32DDFs
2021-10-31 18:32 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32appraiser
2021-10-31 18:31 – 2019-12-07 05:14 – 000000000 ___RD C:WINDOWSPrintDialog
2021-10-31 18:31 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSShellComponents
2021-10-31 18:31 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSProvisioning
2021-10-31 18:31 – 2019-12-07 05:14 – 000000000 ____D C:Program FilesCommon FilesSystem
2021-10-31 18:31 – 2019-12-07 05:03 – 000000000 ____D C:WINDOWSservicing
2021-10-31 18:11 – 2019-12-07 05:03 – 000032768 _____ C:WINDOWSsystem32configELAM
2021-10-31 17:57 – 2019-08-14 01:29 – 000803176 ____N (Microsoft Corporation) C:WINDOWSsystem32MpSigStub.exe
2021-10-31 17:56 – 2020-07-09 23:25 – 000002428 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2021-10-31 17:48 – 2020-08-18 17:59 – 000003480 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA
2021-10-31 17:48 – 2020-08-18 17:59 – 000003356 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore
2021-10-31 16:49 – 2021-04-15 15:39 – 000002402 _____ C:WINDOWSsystem32TasksUninstaller_SkipUac_richi
2021-10-31 16:49 – 2020-08-18 17:59 – 000003462 _____ C:WINDOWSsystem32TasksDropboxUpdateTaskMachineUA
2021-10-31 16:49 – 2020-08-18 17:59 – 000003398 _____ C:WINDOWSsystem32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-31 16:49 – 2020-08-18 17:59 – 000003348 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA
2021-10-31 16:49 – 2020-08-18 17:59 – 000003238 _____ C:WINDOWSsystem32TasksDropboxUpdateTaskMachineCore
2021-10-31 16:49 – 2020-08-18 17:59 – 000003196 _____ C:WINDOWSsystem32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-31 16:49 – 2020-08-18 17:59 – 000003152 _____ C:WINDOWSsystem32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-31 16:49 – 2020-08-18 17:59 – 000003124 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore
2021-10-31 16:49 – 2020-08-18 17:59 – 000003042 _____ C:WINDOWSsystem32TasksIUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2021-10-31 16:49 – 2020-08-18 17:59 – 000003040 _____ C:WINDOWSsystem32TasksIntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec
2021-10-31 16:49 – 2020-08-18 17:59 – 000003016 _____ C:WINDOWSsystem32TasksNvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-31 16:49 – 2020-08-18 17:59 – 000003016 _____ C:WINDOWSsystem32TasksNvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-31 16:49 – 2020-08-18 17:59 – 000003016 _____ C:WINDOWSsystem32TasksNvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-31 16:49 – 2020-08-18 17:59 – 000002984 _____ C:WINDOWSsystem32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-31 16:49 – 2020-08-18 17:59 – 000002956 _____ C:WINDOWSsystem32TasksNvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-31 16:49 – 2020-08-18 17:59 – 000002914 _____ C:WINDOWSsystem32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-31 16:49 – 2020-08-18 17:59 – 000002838 _____ C:WINDOWSsystem32TasksNvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-31 16:49 – 2020-08-18 17:59 – 000002744 _____ C:WINDOWSsystem32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-31 16:49 – 2020-08-18 17:59 – 000002674 _____ C:WINDOWSsystem32TasksIntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon
2021-10-31 16:49 – 2020-08-18 17:59 – 000002542 _____ C:WINDOWSsystem32TasksHPDAS
2021-10-31 16:49 – 2020-08-18 17:59 – 000002262 _____ C:WINDOWSsystem32TasksDropboxOEM
2021-10-31 16:49 – 2020-08-18 17:59 – 000002206 _____ C:WINDOWSsystem32TasksNvbackend
2021-10-30 23:52 – 2016-04-01 14:57 – 000000000 ____D C:Program Files (x86)Microsoft Office
2021-10-28 00:26 – 2019-06-10 08:55 – 000000000 ____D C:UsersrichiAppDataLocalHP_Inc
2021-10-27 23:20 – 2019-06-10 08:55 – 000000000 ____D C:UsersrichiAppDataLocalHP
2021-10-27 23:20 – 2019-06-10 08:55 – 000000000 ____D C:UsersrichiAppDataLocalHewlett-Packard
2021-10-27 23:20 – 2016-06-05 11:06 – 000000000 ____D C:ProgramDataHP
2021-10-27 23:20 – 2016-04-01 14:55 – 000000000 ____D C:Program Files (x86)HP
2021-10-27 23:19 – 2016-06-05 10:35 – 000000000 ____D C:ProgramDataHewlett-Packard
2021-10-27 23:18 – 2016-06-05 10:40 – 000000000 ____D C:Program Files (x86)Hewlett-Packard
2021-10-27 23:18 – 2016-04-01 14:56 – 000000000 ___RD C:ProgramDataMicrosoftWindowsStart MenuProgramsHP Help and Support
2021-10-27 23:18 – 2016-04-01 14:55 – 000000000 ____D C:Program FilesHP
2021-10-27 23:18 – 2016-04-01 14:31 – 000000000 ____D C:SWSetup
2021-10-26 20:26 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSLiveKernelReports
2021-10-21 19:39 – 2019-05-13 09:37 – 007578560 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvapi64.dll
2021-10-13 04:00 – 2019-06-12 23:54 – 000000000 ____D C:WINDOWSsystem32MRT
2021-10-13 03:57 – 2019-06-12 23:53 – 139806512 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe
2021-10-09 01:54 – 2019-12-07 05:52 – 000023552 _____ (Microsoft Corporation) C:WINDOWSsystem32OEMDefaultAssociations.dll
2021-10-09 01:39 – 2020-08-18 17:34 – 002877440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64PrintConfig.dll
2021-10-07 23:47 – 2021-10-03 14:02 – 000000000 ____D C:UsersrichiAppDataLocalLowBitTorrent
2021-10-07 23:45 – 2020-05-10 02:09 – 000000000 ____D C:UsersrichiAppDataLocalBitTorrentHelper
2021-10-07 21:13 – 2019-12-07 05:14 – 000000000 ___SD C:WINDOWSSysWOW64F12
2021-10-07 21:13 – 2019-12-07 05:14 – 000000000 ___SD C:WINDOWSSysWOW64DiagSvcs
2021-10-07 21:13 – 2019-12-07 05:14 – 000000000 ___SD C:WINDOWSsystem32F12
2021-10-07 21:13 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64PerceptionSimulation
2021-10-07 21:13 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64Keywords
2021-10-07 21:13 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64Com
2021-10-07 21:13 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64AdvancedInstallers
2021-10-07 21:13 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32Sysprep
2021-10-07 21:13 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32PerceptionSimulation
2021-10-07 21:13 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32Keywords
2021-10-07 21:13 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32Com
2021-10-07 21:13 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32AdvancedInstallers
2021-10-07 21:12 – 2019-12-07 05:52 – 000000000 ____D C:Program FilesWindows Photo Viewer
2021-10-07 21:12 – 2019-12-07 05:52 – 000000000 ____D C:Program Files (x86)Windows Photo Viewer
2021-10-07 21:12 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSShellExperiences
2021-10-07 21:12 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSIME
2021-10-07 21:12 – 2019-12-07 05:14 – 000000000 ____D C:Program FilesWindows Defender
2021-10-07 21:12 – 2019-12-07 05:14 – 000000000 ____D C:Program Files (x86)Windows Defender
2021-10-07 18:34 – 2019-06-10 02:57 – 000000000 ____D C:Program FilesNVIDIA Corporation
2021-10-07 18:13 – 2021-04-12 19:44 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools

==================== Files in the root of some directories ========

2020-06-27 17:55 – 2020-06-27 17:55 – 000007597 _____ () C:UsersrichiAppDataLocalResmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2021
Ran by richi (04-11-2021 00:45:22)
Running from C:UsersrichiDownloads
Microsoft Windows 10 Home Version 2004 19041.1288 (X64) (2020-08-18 22:01:35)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3957930691-1048864780-3325901002-500 – Administrator – Disabled)
DefaultAccount (S-1-5-21-3957930691-1048864780-3325901002-503 – Limited – Disabled)
Guest (S-1-5-21-3957930691-1048864780-3325901002-501 – Limited – Disabled)
richi (S-1-5-21-3957930691-1048864780-3325901002-1001 – Administrator – Enabled) => C:Usersrichi
WDAGUtilityAccount (S-1-5-21-3957930691-1048864780-3325901002-504 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled – Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AS: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled – Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: Norton 360 (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKUS-1-5-21-3957930691-1048864780-3325901002-1001…uTorrent) (Version: 3.5.5.45628 – BitTorrent Inc.)
Adobe Shockwave Player 12.1 (HKLM-x32…Adobe Shockwave Player) (Version: 12.1.9.159 – Adobe Systems, Inc.)
Battle.net (HKLM-x32…Battle.net) (Version: – Blizzard Entertainment)
BitTorrent (HKUS-1-5-21-3957930691-1048864780-3325901002-1001…BitTorrent) (Version: 7.10.5.46097 – BitTorrent Inc.)
Bonjour (HKLM…{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 – Apple Inc.)
Call of Duty Modern Warfare (HKLM-x32…Call of Duty Modern Warfare) (Version: – Blizzard Entertainment)
CCleaner (HKLM…CCleaner) (Version: 5.86 – Piriform)
CyberLink Power Media Player 14 (HKLM-x32…{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4.6527 – CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM…{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.6.4925 – CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32…InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.6.4925 – CyberLink Corp.)
Diablo III (HKLM-x32…Diablo III) (Version: – Blizzard Entertainment)
DisableMSDefender (HKLM…{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 – Hewlett-Packard Company) Hidden
Dropbox 25 GB (HKLM-x32…{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 – Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32…{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.503.1 – Dropbox, Inc.) Hidden
Energy Star (HKLM…{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 – HP Inc.)
Google Chrome (HKLM-x32…Google Chrome) (Version: 95.0.4638.69 – Google LLC)
HP 3D DriveGuard (HKLM-x32…{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 – Hewlett-Packard Company)
HP CoolSense (HKLM-x32…{0C723C74-62DF-4B35-9490-A207546D866D}) (Version: 2.21.4 – HP Inc.)
HP Documentation (HKLM…HP_Documentation) (Version: 1.0.0.1 – HP Inc.)
HP ePrint SW (HKLM-x32…{88970959-baf7-4864-a39a-69a58e8ae5cf}) (Version: 5.0.18701 – HP)
HP Registration Service (HKLM…{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8318.5320 – Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32…{5F084DD8-AF2C-4004-9C92-820C32E4BD55}) (Version: 12.17.27.5 – HP)
HP Sure Connect (HKLM-x32…{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 – HP Inc.)
HP System Event Utility (HKLM-x32…{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 – HP Inc.)
HP Welcome (HKLM…HPWelcome) (Version: 1.0 – HP Inc.)
HP Wireless Button Driver (HKLM-x32…{1BDD178E-43DC-4063-B480-BA2BAE03E2A0}) (Version: 1.1.15.1 – HP)
Intel® Chipset Device Software (HKLM-x32…{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 – Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32…{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 – Intel Corporation)
Intel® Management Engine Components (HKLM…{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1069 – Intel Corporation)
Intel® Processor Graphics (HKLM-x32…{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4380 – Intel Corporation)
Intel® Rapid Storage Technology (HKLM…{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.7.1051 – Intel Corporation)
Intel® WiDi (HKLM…{6B15F1EF-F3A8-4C29-BF9E-18EB3683A83D}) (Version: 6.0.60.0 – Intel Corporation)
Intel® WiDi Software Asset Manager (HKLM-x32…{AC8973AF-7F4C-40F4-BFE1-C02FE95ED2C2}) (Version: 3.2.1184 – Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32…{3920BCB0-23AA-4D0D-93E5-404692DAF9D2}) (Version: 19.00.1621.3340 – Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32…{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 – Intel Corporation)
IObit Malware Fighter 8 (HKLM-x32…IObit Malware Fighter_is1) (Version: 8.9.0.875 – IObit)
IObit Uninstaller 10 (HKLM-x32…IObitUninstall) (Version: 10.4.0.15 – IObit)
Microsoft 365 – en-us (HKLM…O365HomePremRetail – en-us) (Version: 16.0.14527.20234 – Microsoft Corporation)
Microsoft 365 Apps for enterprise – en-us (HKLM…O365ProPlusRetail – en-us) (Version: 16.0.14527.20234 – Microsoft Corporation)
Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 95.0.1020.40 – Microsoft Corporation)
Microsoft OneDrive (HKUS-1-5-21-3957930691-1048864780-3325901002-1001…OneDriveSetup.exe) (Version: 21.205.1003.0003 – Microsoft Corporation)
Microsoft Teams (HKUS-1-5-21-3957930691-1048864780-3325901002-1001…Teams) (Version: 1.2.00.19260 – Microsoft Corporation)
Microsoft Update Health Tools (HKLM…{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 – Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) – 14.0.23026 (HKLM-x32…{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 – Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) – 14.0.24215 (HKLM-x32…{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 – Microsoft Corporation)
Norton 360 (HKLM-x32…NGC) (Version: 22.21.10.40 – NortonLifeLock Inc)
NVIDIA GeForce Experience 3.18.0.94 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.94 – NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 – NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32…{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14527.20234 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM…{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM…{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32…{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13901.20336 – Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32…{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 – Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32…{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 – Realtek)
Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9126.1 – Realtek Semiconductor Corp.)
StarCraft II (HKLM-x32…StarCraft II) (Version: – Blizzard Entertainment)
swMSM (HKLM-x32…{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 – Adobe Systems, Inc) Hidden
Teams Machine-Wide Installer (HKLM-x32…{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.19260 – Microsoft Corporation)
TunnelBear (HKLM-x32…{000a1d8b-8a80-4cd4-8781-7770c7923b7f}) (Version: 4.2.6.0 – TunnelBear)
TunnelBear (HKLM-x32…{71843510-D27B-4003-AB30-D02F2E78C45D}) (Version: 4.2.6.0 – TunnelBear) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM…VulkanRT1.0.54.1) (Version: 1.0.54.1 – Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM…VulkanRT1.0.54.1-2) (Version: 1.0.54.1 – Intel Corporation Inc.)
Zoom (HKUS-1-5-21-3957930691-1048864780-3325901002-1001…ZoomUMX) (Version: 5.0 – Zoom Video Communications, Inc.)

Packages:
=========
HP Support Assistant -> C:Program FilesWindowsAppsAD2F1837.HPSupportAssistant_9.10.85.0_x64__v10z8vjag6ke6 [2021-11-03] (HP Inc.)
Intel® Graphics Command Center -> C:Program FilesWindowsAppsAppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-10-31] (INTEL CORP) [Startup Task]
Netflix -> C:Program FilesWindowsApps4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-20] (Netflix, Inc.)
NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-10-31] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-02] (Microsoft Corporation)
Spotify Music -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0 [2021-10-30] (Spotify AB) [Startup Task]
Synaptics TouchPad -> C:Program FilesWindowsAppsSynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2021-10-31] (Synaptics Incorporated)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-3957930691-1048864780-3325901002-1001_ClassesCLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive – Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKUS-1-5-21-3957930691-1048864780-3325901002-1001_ClassesCLSID{19A6E644-14E6-4A60-B8D7-DD20610A871D}InprocServer32 -> C:UsersrichiAppDataLocalMicrosoftTeamsMeetingAddin1.0.19163.4x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKUS-1-5-21-3957930691-1048864780-3325901002-1001_ClassesCLSID{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}InprocServer32 -> C:UsersrichiAppDataLocalMicrosoftTeamsMeetingAddin1.0.19163.4x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:Program Files (x86)IObitIObit Malware FighterIMFShellExt.dll [2020-07-22] (IObit Information Technology -> IObit)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:Program FilesNorton SecurityEngine22.21.10.40buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:Program FilesNorton SecurityEngine22.21.10.40buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:Program FilesNorton SecurityEngine22.21.10.40buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:Program FilesNorton SecurityEngine22.21.10.40buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:Program FilesNorton SecurityEngine22.21.10.40buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:Program FilesNorton SecurityEngine22.21.10.40buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:Program FilesNorton SecurityEngine22.21.10.40buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:Program Files (x86)IObitIObit Malware FighterIMFShellExt.dll [2020-07-22] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:Program Files (x86)IObitIObit UninstallerIUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:Program FilesNorton SecurityEngine22.21.10.40NavShExt.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:Program FilesNorton SecurityEngine22.21.10.40NavShExt.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:Program Files (x86)IObitIObit Malware FighterIMFShellExt.dll [2020-07-22] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:Program Files (x86)IObitIObit UninstallerIUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSSystem32DriverStoreFileRepositorynvhmi.inf_amd64_e250a9964de6f7fbnvshext.dll [2021-10-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:Program FilesNorton SecurityEngine22.21.10.40buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:Program Files (x86)IObitIObit Malware FighterIMFShellExt.dll [2020-07-22] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:Program Files (x86)IObitIObit UninstallerIUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:Program FilesNorton SecurityEngine22.21.10.40NavShExt.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:ProgramDataMicrosoftWindowsStart MenuProgramsPriceline.com.lnk -> C:Program Files (x86)HPSharedWizLink.exe () -> hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=square
ShortcutWithArgument: C:ProgramDataMicrosoftWindowsStart MenuProgramsVUDU – Streaming Movies.lnk -> C:Program Files (x86)HPSharedWizLink.exe () -> hxxp://www.vudu.com/

==================== Loaded Modules (Whitelisted) =============

2020-04-09 18:36 – 2020-04-09 18:36 – 000030720 _____ () [File not signed] [File is in use] C:Program Files (x86)TunnelBearTunnelBear.Maintenance.Wrapper.dll
2021-10-24 18:39 – 2021-10-24 18:40 – 104871424 _____ () [File not signed] C:Program Files (x86)Battle.netBattle.net.13147libcef.dll
2021-10-24 18:40 – 2021-10-24 18:40 – 000112128 _____ () [File not signed] C:Program Files (x86)Battle.netBattle.net.13147libegl.dll
2021-10-24 18:40 – 2021-10-24 18:40 – 006227456 _____ () [File not signed] C:Program Files (x86)Battle.netBattle.net.13147libglesv2.dll
2021-10-24 18:39 – 2021-10-24 18:39 – 000810496 _____ (The Chromium Authors) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147chrome_elf.dll
2021-10-24 18:39 – 2021-10-24 18:39 – 000047104 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147audioqtaudio_windows.dll
2021-10-24 18:39 – 2021-10-24 18:39 – 000026112 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147imageformatsqgif.dll
2021-10-24 18:39 – 2021-10-24 18:39 – 000027136 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147imageformatsqico.dll
2021-10-24 18:39 – 2021-10-24 18:39 – 000243712 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147imageformatsqjpeg.dll
2021-10-24 18:39 – 2021-10-24 18:39 – 000223744 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147imageformatsqmng.dll
2021-10-24 18:39 – 2021-10-24 18:39 – 000020992 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147imageformatsqsvg.dll
2021-10-24 18:39 – 2021-10-24 18:39 – 000332288 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147imageformatsqtiff.dll
2021-10-24 18:40 – 2021-10-24 18:40 – 001140224 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147platformsqwindows.dll
2021-10-24 18:40 – 2021-10-24 18:40 – 004943360 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147Qt5Core.dll
2021-10-24 18:40 – 2021-10-24 18:40 – 005022208 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147Qt5Gui.dll
2021-10-24 18:40 – 2021-10-24 18:40 – 000626176 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147Qt5Multimedia.dll
2021-10-24 18:40 – 2021-10-24 18:40 – 000877056 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147Qt5Network.dll
2021-10-24 18:40 – 2021-10-24 18:40 – 002908672 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147Qt5Qml.dll
2021-10-24 18:40 – 2021-10-24 18:40 – 003078656 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147Qt5Quick.dll
2021-10-24 18:40 – 2021-10-24 18:40 – 000259072 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147Qt5Svg.dll
2021-10-24 18:40 – 2021-10-24 18:40 – 004718080 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147Qt5Widgets.dll
2021-10-24 18:40 – 2021-10-24 18:40 – 000439296 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147Qt5WinExtras.dll
2021-10-24 18:40 – 2021-10-24 18:40 – 000159232 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.13147Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalIMFservice => “”=”Service”

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU.DEFAULTSoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU.DEFAULTSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKUS-1-5-21-3957930691-1048864780-3325901002-1001SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKUS-1-5-21-3957930691-1048864780-3325901002-1001SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:Program Files (x86)IObitIObit UninstallerUninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program Files (x86)Microsoft OfficerootVFSProgramFilesX64Microsoft OfficeOffice16OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:Program FilesNorton SecurityEngine22.21.10.40coIEPlg.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:Program Files (x86)HPHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPluginx64.dll [2021-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program Files (x86)Microsoft OfficerootOffice16OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:Program FilesNorton SecurityEngine3222.21.10.40coIEPlg.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:Program Files (x86)IObitIObit Malware FighterSurfing ProtectionBrowerProtectASCPlugin_Protection.dll [2021-01-12] (IObit Information Technology -> IObit)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:Program Files (x86)HPHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPlugin.dll [2021-10-27] (HP Inc. -> HP Inc.)
Toolbar: HKLM – Norton Toolbar – {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} – C:Program FilesNorton SecurityEngine22.21.10.40coIEPlg.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 – Norton Toolbar – {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} – C:Program FilesNorton SecurityEngine3222.21.10.40coIEPlg.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 03:24 – 2021-04-09 23:56 – 000000822 _____ C:WINDOWSsystem32driversetchosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)InteliCLS Client;C:Program FilesInteliCLS Client;C:windowssystem32;C:windows;C:windowsSystem32Wbem;C:windowsSystem32WindowsPowerShellv1.0;C:Program Files (x86)NVIDIA CorporationPhysXCommon;C:WINDOWSsystem32;C:WINDOWS;C:WINDOWSSystem32Wbem;C:WINDOWSSystem32WindowsPowerShellv1.0;C:WINDOWSSystem32OpenSSH;C:Program FilesIntelWiFibin;C:Program FilesCommon FilesIntelWirelessCommon;C:Program Files (x86)IntelIntel® Management Engine ComponentsDAL;C:Program FilesIntelIntel® Management Engine ComponentsDAL;C:Program Files (x86)IntelIntel® Management Engine ComponentsIPT;C:Program FilesIntelIntel® Management Engine ComponentsIPT;C:Program FilesNVIDIA CorporationNVIDIA NvDLISR;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH
HKUS-1-5-21-3957930691-1048864780-3325901002-1001Control PanelDesktop\Wallpaper -> C:UsersrichiOneDriveDesktop871714-1366×768-[DesktopNexus.com].jpg
DNS Servers: 10.0.0.1
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKUS-1-5-21-3957930691-1048864780-3325901002-1001…StartupApprovedRun: => “TunnelBear”

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D6C4C16B-3F86-4BD5-BECA-492413C24116}] => (Allow) C:UsersrichiAppDataRoamingBitTorrentBitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D1F440A0-0F00-4621-BF70-A4446C20F4D8}] => (Allow) C:UsersrichiAppDataRoamingBitTorrentBitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C665692B-4A4E-4685-B151-A000593888B4}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A7559F5C-9A0D-4ECB-A1E7-2A3BD65BC17E}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EB5E0A72-5732-4EE8-A9ED-252AB2615681}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DDD760B1-6C1D-4679-A2EF-2C0CECE67206}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{26162ABB-84FE-4F61-8E56-B1C0DFF387CE}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CFD6ECD8-8BBE-415D-A289-A258DAF914DD}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{7CC81494-194A-44AA-8EAD-8AE26CD69BC0}C:program files (x86)diablo iiidiablo iii.exe] => (Allow) C:program files (x86)diablo iiidiablo iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{1E8DA802-2D0A-4491-981C-8B99561971C2}C:program files (x86)diablo iiidiablo iii.exe] => (Allow) C:program files (x86)diablo iiidiablo iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{A365C7C3-2383-467C-A5B8-A7C85B7C5D25}C:program files (x86)diablo iiidiablo iii.exe] => (Allow) C:program files (x86)diablo iiidiablo iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{9E41C08E-5EBD-4FE4-89DD-3CF894160752}C:program files (x86)diablo iiidiablo iii.exe] => (Allow) C:program files (x86)diablo iiidiablo iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{9A138EB2-B16E-48FA-AC0C-ECB079DCA9F2}C:program files (x86)diablo iiix64diablo iii64.exe] => (Allow) C:program files (x86)diablo iiix64diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{099B47B5-2552-45CF-9185-5809846D1B85}C:program files (x86)diablo iiix64diablo iii64.exe] => (Allow) C:program files (x86)diablo iiix64diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{B1C3E230-19B5-4BE0-A012-1D371480B1BC}] => (Allow) C:UsersrichiAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1B074428-6DAE-4C40-AC7E-D82D6FF6434E}] => (Allow) C:UsersrichiAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{DC8AD61F-D857-480B-9BCA-27DDEC4B3FB2}] => (Allow) C:UsersrichiAppDataRoamingZoombinZoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7469DDC0-DC17-47AC-BDC9-F5707756C522}] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14MoviePowerDVD CinemaPowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{139E3ECC-0E18-4846-82A4-0084D93C32F3}] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14MoviePowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{65778BD0-FCF8-4310-AF58-9E45359A151E}] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14KernelDMSCLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{8DA15ECA-331D-4007-9BCE-5E29179D203A}] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{8C3310AA-DD42-44A3-B5AC-36FB8643262B}] => (Allow) C:Program FilesIntelWiFibinPanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{A9134569-28FB-4867-B6F4-AA1D2E5E15EE}] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0334F46F-ABB7-4487-AA0B-5C39528FE3FC}] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A0CD17AF-60E5-44AE-AC27-9328A673AC89}] => (Allow) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{970594D0-4429-4C70-838A-D147ED3FC01F}] => (Allow) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{47EE4B11-DF92-44C7-B7D7-EF2B18B44F4A}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AB69A640-4408-426B-B622-BB09CF61C78C}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDE590E9-798D-42D4-B439-524C2AA83D07}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E8351C47-329D-417D-BECF-2779AE1F15C6}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7857E896-1E3E-4481-8634-B413C763F0B3}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{CEEB3DFC-AD01-4586-8B7C-61847B2EA188}C:program files (x86)starcraft iiversionsbase86383sc2_x64.exe] => (Allow) C:program files (x86)starcraft iiversionsbase86383sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{894F8AC3-6B5E-484C-AE3D-4F847CBD8C89}C:program files (x86)starcraft iiversionsbase86383sc2_x64.exe] => (Allow) C:program files (x86)starcraft iiversionsbase86383sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{09785027-51A5-4F87-9002-63B4EC751043}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{01602200-2953-4AD3-90B7-A6502FF3BE13}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6D72DA76-0871-45E6-B267-3007E6E23D8A}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5FEDDBE2-1599-4304-B4BB-057EEAD7F652}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7BD93153-E85E-4658-BF81-87CB6A91B482}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1CA67224-E545-4AEE-BB74-0DA6EEDCCF5F}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85C4BDA0-45F1-43A5-BDBE-898A9850A2E3}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3A6A50E3-4079-4AB2-BEF9-5CC05A542372}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DBD6DA92-786D-4EBE-A2C0-89359F417FB0}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EEE45346-B36B-425B-97C5-EA9FAFB17FB4}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{25C5C6E1-0854-4A2A-92C0-CE4C03F245AA}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9EEC2594-7568-4DF9-AA4F-21A16BC2FB62}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA380AD3-16AA-42CA-976B-3578FFE3C912}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

01-11-2021 17:30:26 Windows Modules Installer

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (11/03/2021 09:32:51 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for “C:Program Files (x86)Microsoft OfficerootOffice16lync.exe.Manifest”.Error in manifest or policy file “C:Program Files (x86)Microsoft OfficerootOffice16UccApi.DLL” on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture=”AMD64″,type=”win32″,version=”16.0.0.0″.
Definition is UccApi,processorArchitecture=”x86″,type=”win32″,version=”16.0.0.0″.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/03/2021 09:29:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vpnupdate.exe, version: 5.5.522.0, time stamp: 0x5d9c53ed
Faulting module name: vpnupdate.exe, version: 5.5.522.0, time stamp: 0x5d9c53ed
Exception code: 0xc0000409
Fault offset: 0x000df57d
Faulting process id: 0x1b20
Faulting application start time: 0x01d7d086d2252490
Faulting application path: c:program filesavast softwaresecurelinevpnupdate.exe
Faulting module path: c:program filesavast softwaresecurelinevpnupdate.exe
Report Id: 56f745b5-e546-4028-9162-6930ff4fd971
Faulting package full name:
Faulting package-relative application ID:

Error: (11/02/2021 08:05:08 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (11/02/2021 08:05:08 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (11/02/2021 08:05:08 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

Error: (11/02/2021 08:05:08 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (11/02/2021 08:05:08 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (11/02/2021 08:05:08 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

System errors:
=============
Error: (11/03/2021 12:45:39 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-RVLE7NE6)
Description: The server Microsoft.Windows.Photos_2021.21090.10007.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.

Error: (11/02/2021 01:48:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (11/02/2021 01:48:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Error: (11/02/2021 01:45:43 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEMCurrentControlSetServicesSNMPParametersTrapConfiguration.

Error: (11/02/2021 01:39:13 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-RVLE7NE6)
Description: The server AD2F1837.HPSupportAssistant_9.9.58.0_x64__v10z8vjag6ke6!AD2F1837.HPSupportAssistant.AppXnh1b2twym8n9380b6n50v24as5w5qk0n.mca did not register with DCOM within the required timeout.

Error: (11/01/2021 07:04:45 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-RVLE7NE6)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
“2147942767”
Happened while starting this command:
C:WINDOWSsystem32DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (11/01/2021 02:14:43 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel® Dual Band Wireless-AC 3165 : The network adapter has returned an invalid value to the driver.
5010 – Driver DBG_ASSERT – instead of BSOD

Error: (11/01/2021 11:52:26 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

CodeIntegrity:
===============
Date: 2021-11-03 21:51:30
Description:
Code Integrity determined that a process (DeviceHarddiskVolume3WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.21.10.40symamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-11-03 21:28:18
Description:
Code Integrity determined that a process (DeviceHarddiskVolume3WindowsSystem32SIHClient.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.21.10.40symamsi.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Insyde F.06 05/05/2016
Motherboard: HP 820C
Processor: Intel® Core™ i7-6500U CPU @ 2.50GHz
Percentage of memory in use: 45%
Total physical RAM: 12177.91 MB
Available physical RAM: 6599.53 MB
Total Virtual: 21073.94 MB
Available Virtual: 14123.58 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:913.93 GB) (Free:685.49 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:16.35 GB) (Free:1.68 GB) NTFS ==>[system with boot components (obtained from drive)]

\?Volume{54802bf3-bf7a-4622-b1a2-d89f60f620a8} (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.37 GB) NTFS
\?Volume{203c2a09-9b7c-4c65-9cbc-f3a60b68a7ba} () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D379171D)

Partition: GPT.

==================== End of Addition.txt =======================

Edited by Oh My!, 05 November 2021 – 09:31 AM.


https://www.bleepingcomputer.com/forums/t/761012/laptop-is-sloooow-need-help-please/

Erlando F Rasatro

Next Post

Network & Internet Settings in Windows 11

Sun Feb 6 , 2022
Windows 11 comes with a lot of promises, it is expected to be quicker, more secure, and overall a tier above its predecessor, Windows 10. It has also experienced a bit of overhaul, especially its Settings is a lot different from that of Settings. We have already made an article […]