System is so slow – Virus, Trojan, Spyware, and Malware Removal Help

Scan results of Farbar Restoration Scan Device (FRST) (x64) Model: 28-07-2020
Ran by peter (administrator) on ANONYMOUS1975 (TOSHIBA SATELLITE C50- (28-07-2020 20:41:19)
Working from C:UserspeterDesktop
Loaded Profiles: peter & Peter_2 & Administrator
Platform: Home windows 8.1 (Replace) (X64) Language: English (United Kingdom)
Default browser: FF
Boot Mode: Regular
Tutorial for Farbar Restoration Scan Device: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included within the fixlist, the method might be closed. The file is not going to be moved.)

(Adobe Inc. -> Adobe Inc.) C:Program Recordsdata (x86)Widespread FilesAdobeARM1.0AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:Program Recordsdata (x86)Widespread FilesAdobeARM1.0armsvc.exe
(Adobe Inc. -> Adobe Techniques Integrated) C:Program Recordsdata (x86)AdobeAcrobat Reader DCReaderAcroRd32.exe
(Adobe Inc. -> Adobe Techniques, Integrated) C:Program Recordsdata (x86)Widespread FilesAdobeAdobeGCClientAGMService.exe
(Apple Inc. -> Apple Inc.) C:Program FilesBonjourmDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:Program FilesCommon FilesAppleMobile System SupportAppleMobileDeviceService.exe
(AVAST Software program s.r.o. -> AVAST Software program) C:Program FilesAVAST SoftwareAvastaswEngSrv.exe
(AVAST Software program s.r.o. -> AVAST Software program) C:Program FilesAVAST SoftwareAvastaswidsagent.exe
(AVAST Software program s.r.o. -> AVAST Software program) C:Program FilesAVAST SoftwareAvastAvastSvc.exe
(AVAST Software program s.r.o. -> AVAST Software program) C:Program FilesAVAST SoftwareAvastAvastUI.exe <4>
(AVAST Software program s.r.o. -> AVAST Software program) C:Program FilesAVAST SoftwareAvastAvEmUpdate.exe
(Avast Software program s.r.o. -> Avast Software program) C:Program FilesCommon FilesAVAST SoftwareOverseeroverseer.exe
(BitTorrent Inc -> BitTorrent Inc.) C:UserspeterAppDataRoaminguTorrenthelperhelper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:UserspeterAppDataRoaminguTorrentupdates3.5.5_45702utorrentie.exe <2>
(BitTorrent Inc -> BitTorrent Inc.) C:UserspeterAppDataRoaminguTorrentuTorrent.exe
(Compal Electronics, Inc. -> TOSHIBA CORPORATION) C:Program Recordsdata (x86)TOSHIBAUtilitiesKeNotify.exe
(DTS, Inc. -> ) C:Program Recordsdata (x86)DTS, IncDTS Studio Sounddts_apo_service.exe
(Google Inc -> Google Inc.) C:Program Recordsdata (x86)GoogleUpdateGoogleUpdate.exe <2>
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleUpdate1.3.35.452GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleUpdate1.3.35.452GoogleCrashHandler64.exe
(Revolutionary Digital Applied sciences -> ) C:UserspeterAppDataRoamingACEStreamengineace_engine.exe
(Revolutionary Digital Applied sciences -> ) C:UserspeterAppDataRoamingACEStreamupdaterace_update.exe
(Intel Company – Software program and Firmware Merchandise -> Intel Company) C:WindowsSystem32hkcmd.exe
(Intel Company – Software program and Firmware Merchandise -> Intel Company) C:WindowsSystem32igfxpers.exe
(Intel Company – Software program and Firmware Merchandise -> Intel Company) C:WindowsSystem32igfxsrvc.exe
(Intel Company – Software program and Firmware Merchandise -> Intel Company) C:WindowsSystem32igfxtray.exe
(Intel® Company) [File not signed] C:Program FilesIntelTXE ComponentsTCSHeciServer.exe
(Malwarebytes Company -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe
(Malwarebytes Company -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe
(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeWebAdvisorbrowserhost.exe
(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeWebAdvisorservicehost.exe
(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeWebAdvisoruihost.exe
(Microsoft Company -> Microsoft Company) C:UserspeterAppDataLocalMicrosoftOneDriveOneDriveStandaloneUpdater.exe
(Microsoft Company -> Microsoft Company) C:WindowsSystem32CompatTelRunner.exe <2>
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32dllhost.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32msiexec.exe <2>
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32rundll32.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32SkyDrive.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32SrTasks.exe
(Mozilla Company -> Mozilla Company) C:Program FilesMozilla Firefoxfirefox.exe <7>
(Nero AG -> Nero AG) C:Program Recordsdata (x86)Widespread FilesNeroNero InfoNeroInfo.exe <2>
(Nero AG -> Nero AG) C:Program Recordsdata (x86)NeroUpdateNASvc.exe
(Piriform Software program Ltd -> Piriform Software program Ltd) C:Program FilesCCleanerCCleaner64.exe
(Qualcomm Atheros -> Home windows ® Win 7 DDK supplier) [File not signed] C:Program Recordsdata (x86)Bluetooth SuiteAdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVCpl64.exe
(Synaptics Integrated -> Synaptics Integrated) C:Program FilesSynapticsSynTPSynTPEnh.exe <2>
(Synaptics Integrated -> Synaptics Integrated) C:Program FilesSynapticsSynTPSynTPHelper.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:Program Recordsdata (x86)TeamViewerTeamViewer_Service.exe
(TechSmith Company -> TechSmith Company) C:Program Recordsdata (x86)Widespread FilesTechSmith SharedUpdaterTSCUpdClt.exe
(TechSmith Company -> TechSmith Company) C:Program Recordsdata (x86)Widespread FilesTechSmith SharedUploaderUploaderService.exe
(TechSmith Company -> TechSmith Company) C:Program Recordsdata (x86)TechSmithSnagit 13Snagit32.exe
(TechSmith Company -> TechSmith Company) C:Program Recordsdata (x86)TechSmithSnagit 13SnagitEditor.exe
(TechSmith Company -> TechSmith Company) C:Program Recordsdata (x86)TechSmithSnagit 13SnagPriv.exe
(TOSHIBA CORPORATION -> TOSHIBA Company) C:Program FilesTOSHIBAHotkeyTCrdMain_Win8.exe
(TOSHIBA CORPORATION -> TOSHIBA Company) C:Program FilesTOSHIBATecoTecoResident.exe
(TOSHIBA CORPORATION -> Toshiba Company) C:Program FilesTOSHIBATecoTecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Company) C:Program FilesTOSHIBATPHMTPCHSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Company) C:Program FilesTOSHIBATPHMTPCHWMsg.exe
(TOSHIBA CORPORATION -> TOSHIBA) C:Program FilesTOSHIBATOSHIBA Good View UtilityTDUSrv64.exe
(Wondershare) [File not signed] C:Program Recordsdata (x86)WondershareWAF2.1.6.0WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included within the fixlist, the registry merchandise might be restored to default or eliminated. The file is not going to be moved.)

HKLM…Run: [TCrdMain] => C:Program FilesTOSHIBAHotkeyTCrdMain_Win8.exe [2556768 2013-10-08] (TOSHIBA CORPORATION -> TOSHIBA Company)
HKLM…Run: [TecoResident] => C:Program FilesTOSHIBATecoTecoResident.exe [179288 2014-01-04] (TOSHIBA CORPORATION -> TOSHIBA Company)
HKLM…Run: [TSSSrv] => C:Program Recordsdata (x86)TOSHIBASystem SettingTSSSrv.exe [296008 2013-10-21] (TOSHIBA CORPORATION -> TOSHIBA Company)
HKLM…Run: [TosWaitSrv] => C:Program FilesTOSHIBATPHMTosWaitSrv.exe [354144 2013-08-13] (TOSHIBA CORPORATION -> TOSHIBA Company)
HKLM…Run: [AdobeGCInvoker-1.0] => C:Program Recordsdata (x86)Widespread FilesAdobeAdobeGCClientAGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Techniques, Integrated)
HKLM…Run: [AvastUI.exe] => C:Program FilesAVAST SoftwareAvastAvLaunch.exe [268680 2019-10-06] (AVAST Software program s.r.o. -> AVAST Software program)
HKLM-x32…Run: [KeNotify] => C:Program Recordsdata (x86)TOSHIBAUtilitiesKeNotify.exe [34160 2013-08-05] (Compal Electronics, Inc. -> TOSHIBA CORPORATION)
HKLM-x32…Run: [TSVU] => c:Program FilesTOSHIBATOSHIBA Good View UtilityTosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA CORPORATION -> TOSHIBA)
HKUS-1-5-21-3079031520-2956614243-2143490567-1001…Run: [uTorrent] => C:UserspeterAppDataRoaminguTorrentuTorrent.exe [1920232 2020-07-06] (BitTorrent Inc -> BitTorrent Inc.)
HKUS-1-5-21-3079031520-2956614243-2143490567-1001…Run: [Skype for Desktop] => C:Program Recordsdata (x86)MicrosoftSkype for DesktopSkype.exe [49805160 2018-11-09] (Skype Software program Sarl -> Skype Applied sciences S.A.)
HKUS-1-5-21-3079031520-2956614243-2143490567-1001…Run: [AceStream] => C:UserspeterAppDataRoamingACEStreamengineace_engine.exe [27000 2016-05-19] (Revolutionary Digital Applied sciences -> )
HKUS-1-5-21-3079031520-2956614243-2143490567-1001…Run: [Web Companion] => C:Program Recordsdata (x86)LavasoftWeb CompanionApplicationWebCompanion.exe –minimize
HKUS-1-5-21-3079031520-2956614243-2143490567-1001…Run: [CCleaner Smart Cleaning] => C:Program FilesCCleanerCCleaner64.exe [29262520 2020-07-09] (Piriform Software program Ltd -> Piriform Software program Ltd)
HKUS-1-5-21-3079031520-2956614243-2143490567-1001…MountPoints2: {0daa3b78-c981-11e7-8270-4cbb5817d3ce} – “V:setup.EXE” /AUTORUN
HKUS-1-5-21-3079031520-2956614243-2143490567-1001…MountPoints2: {85f32c90-5b84-11e9-8351-4cbb5817d3ce} – “E:launch.exe”
HKUS-1-5-21-3079031520-2956614243-2143490567-1001…MountPoints2: {85f32ce5-5b84-11e9-8351-4cbb5817d3ce} – “V:launch.exe”
HKUS-1-5-21-3079031520-2956614243-2143490567-1001…MountPoints2: {c5ea04c6-e4d2-11e8-830c-4cbb5817d3ce} – “E:Setup.exe”
HKUS-1-5-21-3079031520-2956614243-2143490567-1001…MountPoints2: {c5ea06bd-e4d2-11e8-830c-4cbb5817d3ce} – “F:setup.exe”
HKUS-1-5-21-3079031520-2956614243-2143490567-500…Run: [] => [X]
HKLMSoftwareMicrosoftActive SetupInstalled Parts: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Recordsdata (x86)GoogleChromeApplication84.0.4147.89Installerchrmstp.exe [2020-07-26] (Google LLC -> Google LLC)
Lsa: [Notification Packages] scecli “C:Program FilesTrueKeyMcAfeeTrueKeyPasswordFilter”
Startup: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupSnagit 13.lnk [2018-01-27]
ShortcutTarget: Snagit 13.lnk -> C:Program Recordsdata (x86)TechSmithSnagit 13Snagit32.exe (TechSmith Company -> TechSmith Company)
FF HKLMSOFTWAREPoliciesMozillaFirefox: Restriction <==== ATTENTION

==================== Scheduled Duties (Whitelisted) ============

(If an entry is included within the fixlist, will probably be faraway from the registry. The file is not going to be moved until listed individually.)

Process: {148F7F1C-6971-4308-A521-5EBF0DDBB732} – System32TasksAppleAppleSoftwareUpdate => C:Program Recordsdata (x86)Apple Software program UpdateSoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Process: {291928D9-7614-4BE3-97B5-5D92B3C32E5E} – System32TasksTechSmith Updater => C:Program Recordsdata (x86)Widespread FilesTechSmith SharedUpdaterTSCUpdClt.exe [71232 2016-09-06] (TechSmith Company -> TechSmith Company)
Process: {411BD2D6-242C-47CF-99AF-F9ACED48D552} – System32TasksRTKCPL => C:Program FilesRealtekAudioHDARAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Process: {490DE009-A97D-4CFF-B303-92D3D024967C} – System32TasksMicrosoftOfficeOffice 15 Subscription Heartbeat => C:Program FilesCommon FilesMicrosoft SharedOffice16OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Company -> Microsoft Company)
Process: {4DC3E4D1-1B76-4A29-9A4A-840A6307CEFA} – System32TasksGoogleUpdateTaskMachineUA => C:Program Recordsdata (x86)GoogleUpdateGoogleUpdate.exe [153168 2017-10-21] (Google Inc -> Google Inc.)
Process: {5C47484E-CFF5-4AFA-BBD0-3DE2C6E3E65F} – System32TasksTOSHIBAService Station => C:Program FilesTOSHIBAToshiba Service StationToshibaServiceStation.exe [699496 2013-09-24] (TOSHIBA CORPORATION -> TOSHIBA Company)
Process: {5DE47FA1-98C4-44A0-BEAE-37760F4F0BF9} – System32TasksAdobe Flash Participant Updater => C:WINDOWSSysWOW64MacromedFlashFlashPlayerUpdateService.exe [335416 2020-07-26] (Adobe Inc. -> Adobe)
Process: {645FBF39-005C-4818-9644-1D1D56E7DC3C} – System32TasksAvast Emergency Replace => C:Program FilesAVAST SoftwareAvastAvEmUpdate.exe [3933576 2019-10-06] (AVAST Software program s.r.o. -> AVAST Software program)
Process: {71E8B293-724B-4A07-A008-5BAF55F0BCB6} – System32TasksCCleaner Replace => C:Program FilesCCleanerCCUpdate.exe [686384 2020-07-09] (Piriform Software program Ltd -> Piriform Software program Ltd)
Process: {7A07F785-38C4-4D3E-8B79-A5DF78B66FC9} – System32TasksCCleanerSkipUAC => C:Program FilesCCleanerCCleaner.exe [24910520 2020-07-09] (Piriform Software program Ltd -> Piriform Software program Ltd)
Process: {89EDBBD3-2122-4A7D-8DB4-C7C199ABF0AC} – System32TasksNeroNero Information => C:Program Recordsdata (x86)Widespread FilesNeroNero InfoNeroInfo.exe [6885240 2017-08-10] (Nero AG -> Nero AG)
Process: {AB07F736-1AA1-41C5-B019-F02955DF7240} – System32TasksSynaptics TouchPad Enhancements => C:Program FilesSynapticsSynTPSynTPEnh.exe [2810608 2014-02-21] (Synaptics Integrated -> Synaptics Integrated)
Process: {C9A6B87F-6EC4-48B6-AAA4-72D4A775544A} – System32TasksMicrosoftOfficeOfficeTelemetryAgentLogOn2016 => C:Program FilesMicrosoft OfficeOffice16msoia.exe [416432 2015-07-31] (Microsoft Company -> Microsoft Company)
Process: {CA4A9C2E-FC47-4F7F-87F2-93749482528E} – System32TasksAdobeGCInvoker-1.0 => C:Program Recordsdata (x86)Widespread FilesAdobeAdobeGCClientAGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Techniques, Integrated)
Process: {D58BC765-F2C0-40BB-BA06-651EA2768014} – System32TasksAdobe Flash Participant NPAPI Notifier => C:WINDOWSSysWOW64MacromedFlashFlashUtil32_32_0_0_403_Plugin.exe [1475640 2020-07-26] (Adobe Inc. -> Adobe)
Process: {D5D0139E-0630-4DAC-896F-BBF3374AD639} – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [127176 2020-05-28] (Mozilla Company -> Mozilla Basis)
Process: {D7AE736B-63B5-40C9-AEA1-1494C515F346} – System32TasksAdobe Acrobat Replace Process => C:Program Recordsdata (x86)Widespread FilesAdobeARM1.0AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)
Process: {D8B7E2F6-AC42-42AA-8607-CC2524DB81EC} – System32TasksAvast SoftwareOverseer => C:Program FilesCommon FilesAVAST SoftwareOverseeroverseer.exe [1660520 2020-05-28] (Avast Software program s.r.o. -> Avast Software program)
Process: {D97FB998-1E25-444A-87F0-36B2BDB52E59} – System32TasksMicrosoftOfficeOfficeTelemetryAgentFallBack2016 => C:Program FilesMicrosoft OfficeOffice16msoia.exe [416432 2015-07-31] (Microsoft Company -> Microsoft Company)
Process: {E5DF4F1F-B23D-43E5-B4DF-1103AB96EA67} – System32TasksToshibaCommonNotifier => C:Program Recordsdata (x86)Toshiba TEMPROToshiba.Tempro.UI.CommonNotifier.exe [475720 2015-08-05] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
Process: {E90EDF6C-5059-417C-AA69-3B04BC11405A} – System32TasksGoogleUpdateTaskMachineCore => C:Program Recordsdata (x86)GoogleUpdateGoogleUpdate.exe [153168 2017-10-21] (Google Inc -> Google Inc.)

(If an entry is included within the fixlist, the duty (.job) file might be moved. The file which is operating by the duty is not going to be moved.)

Process: C:WINDOWSTasksGridinSoft Anti-Malware.job => C:Program FilesGridinSoft Anti-Malwaregsam.exe

==================== Web (Whitelisted) ====================

(If an merchandise is included within the fixlist, if it’s a registry merchandise will probably be eliminated or restored to default.)

Winsock: Catalog5 08 C:Program Recordsdata (x86)BonjourmdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:Program FilesBonjourmdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are multiple entry in Hosts. See Hosts part of Addition.txt
TcpipParameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
TcpipParameters: [NameServer] 8.8.8.8
Tcpip..Interfaces{153E8D70-E678-4DE1-9E69-9C66E4CC4414}: [NameServer] 8.8.8.8
Tcpip..Interfaces{175BC032-9326-457B-A270-384359DA100A}: [NameServer] 8.8.8.8
Tcpip..Interfaces{175BC032-9326-457B-A270-384359DA100A}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip..Interfaces{2ACE088C-8066-4C0C-A6A4-AD08B44720A4}: [NameServer] 8.8.8.8
Tcpip..Interfaces{2ACE088C-8066-4C0C-A6A4-AD08B44720A4}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip..Interfaces{2E3329CA-4013-4E87-A523-3ABB11991900}: [NameServer] 8.8.8.8
Tcpip..Interfaces{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 8.8.8.8
Tcpip..Interfaces{A4F1CA81-1861-4423-84F2-BC249E8215E0}: [NameServer] 8.8.8.8
ManualProxies:

Web Explorer:
==================
HKLMSoftwareMicrosoftInternet ExplorerMain,Begin Web page = about:clean
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Begin Web page = about:clean
HKUS-1-5-21-3079031520-2956614243-2143490567-1001SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://toshiba13.msn.com/?laptop=TEJB
HKUS-1-5-21-3079031520-2956614243-2143490567-1001SoftwareMicrosoftInternet ExplorerMain,Secondary Begin Pages = hxxp://toshiba.eu/symbaloo_c
HKUS-1-5-21-3079031520-2956614243-2143490567-1004SoftwareMicrosoftInternet ExplorerMain,Begin Web page = hxxp://toshiba13.msn.com/?laptop=TEJB
HKUS-1-5-21-3079031520-2956614243-2143490567-1004SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://toshiba13.msn.com/?laptop=TEJB
HKUS-1-5-21-3079031520-2956614243-2143490567-1004SoftwareMicrosoftInternet ExplorerMain,Secondary Begin Pages = hxxp://toshiba.eu/symbaloo_c
HKUS-1-5-21-3079031520-2956614243-2143490567-500SoftwareMicrosoftInternet ExplorerMain,Begin Web page = hxxp://toshiba13.msn.com/?laptop=TEJB
HKUS-1-5-21-3079031520-2956614243-2143490567-500SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://toshiba13.msn.com/?laptop=TEJB
HKUS-1-5-21-3079031520-2956614243-2143490567-500SoftwareMicrosoftInternet ExplorerMain,Secondary Begin Pages = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKUS-1-5-21-3079031520-2956614243-2143490567-1001 -> DefaultScope {C1FE096E-8236-4C96-9D3F-D76638DF486A} URL =
SearchScopes: HKUS-1-5-21-3079031520-2956614243-2143490567-1001 -> {C1FE096E-8236-4C96-9D3F-D76638DF486A} URL =
SearchScopes: HKUS-1-5-21-3079031520-2956614243-2143490567-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Enterprise Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program FilesMicrosoft OfficeOffice16OCHelper.dll [2020-03-17] (Microsoft Company -> Microsoft Company)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:Program FilesMcAfeeWebAdvisorx64IEPlugin.dll [2020-07-28] (McAfee, LLC -> McAfee, LLC)
BHO: Microsoft OneDrive for Enterprise Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:Program FilesMicrosoft OfficeOffice16GROOVEEX.DLL [2018-07-20] (Microsoft Company -> Microsoft Company)
BHO-x32: Skype for Enterprise Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program Recordsdata (x86)Microsoft OfficeOffice16OCHelper.dll [2020-03-17] (Microsoft Company -> Microsoft Company)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:Program FilesMcAfeeWebAdvisorwin32IEPlugin.dll [2020-07-28] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Microsoft OneDrive for Enterprise Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:Program Recordsdata (x86)Microsoft OfficeOffice16GROOVEEX.DLL [2018-07-22] (Microsoft Company -> Microsoft Company)
Handler: mso-minsb.16 – {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} – C:Program FilesMicrosoft OfficeOffice16MSOSB.DLL [2019-06-12] (Microsoft Company -> Microsoft Company)
Handler-x32: mso-minsb.16 – {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} – C:Program Recordsdata (x86)Microsoft OfficeOffice16MSOSB.DLL [2019-06-12] (Microsoft Company -> Microsoft Company)
Handler: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficeOffice16MSOSB.DLL [2019-06-12] (Microsoft Company -> Microsoft Company)
Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program Recordsdata (x86)Microsoft OfficeOffice16MSOSB.DLL [2019-06-12] (Microsoft Company -> Microsoft Company)

FireFox:
========
FF DefaultProfile: s4bhco3a.default-1534589032261
FF ProfilePath: C:UserspeterAppDataRoamingMozillaFirefoxProfiless4bhco3a.default-1534589032261 [2020-07-28]
FF Homepage: MozillaFirefoxProfiless4bhco3a.default-1534589032261 -> hxxps://www.google.com/
FF Notifications: MozillaFirefoxProfiless4bhco3a.default-1534589032261 -> hxxps://mail.google.com; hxxps://www.youtube.com; hxxps://chaturbate.com; hxxps://buildforce.pushassist.com; hxxps://limetorrents.unblocked.vet; hxxps://www.newbienudes.com; hxxps://www.templatemonster.com; hxxps://resummme.com; hxxps://doctor-4-u.pushcrew.com; hxxps://www.ashemaletube.com; hxxps://www.businessnewsdaily.com; hxxps://anonymousemail.me; hxxps://www.fb.com; hxxps://group.spiceworks.com; hxxps://upornia.com; hxxps://www.ebay.co.uk; hxxps://mediamaggq.foxpush.internet; hxxps://go.pushnative.com; hxxps://notifychheck.com; hxxps://soccer-live.stream; hxxps://mail-notification.information; hxxps://www.wowcher.co.uk; hxxps://www.file-upload.com; hxxps://hackercombat.com; hxxps://porn555.com; hxxps://www.txxx.com; hxxps://shemalez.com; hxxps://faudouglaitu.com; hxxps://anyporn.com; hxxps://jobs-search.org; hxxps://mail.protonmail.com; hxxps://www.youtubnow.com; hxxps://keepvid.com; hxxps://www.heavy-r.com; hxxps://morson.pushcrew.com; hxxps://www.reddit.com; hxxps://xcafe.com; hxxps://m.fapality.com
FF Extension: (YouTube Video Downloader – For Context Menu) – C:UserspeterAppDataRoamingMozillaFirefoxProfiless4bhco3a.default-1534589032261Extensionsjid1-KWFaW5zc0EbtBQ@jetpack.xpi [2019-01-27]
FF Extension: (clean-youtube) – C:UserspeterAppDataRoamingMozillaFirefoxProfiless4bhco3a.default-1534589032261Extensionsjid1-q4sG8pYhq8KGHs@jetpack.xpi [2019-08-24]
FF Extension: (Avast On-line Safety) – C:UserspeterAppDataRoamingMozillaFirefoxProfiless4bhco3a.default-1534589032261Extensionswrc@avast.com.xpi [2020-07-26]
FF Extension: (Simple Youtube Video Downloader Specific) – C:UserspeterAppDataRoamingMozillaFirefoxProfiless4bhco3a.default-1534589032261Extensions{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2020-06-06]
FF HKLM…FirefoxExtensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] – C:Program FilesMcAfeeWebAdvisore10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) – C:Program FilesMcAfeeWebAdvisore10ssaffplg.xpi [2020-07-28] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32…FirefoxExtensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] – C:Program FilesMcAfeeWebAdvisore10ssaffplg.xpi
FF HKUS-1-5-21-3079031520-2956614243-2143490567-1001…FirefoxExtensions: [acewebextension_unlisted@acestream.org] – C:UserspeterAppDataRoamingACEStreamextensionsawefirefoxacewebextension_unlisted.xpi
FF Extension: (Ace Script) – C:UserspeterAppDataRoamingACEStreamextensionsawefirefoxacewebextension_unlisted.xpi [2018-11-26]
FF Plugin: @adobe.com/FlashPlayer -> C:WINDOWSsystem32MacromedFlashNPSWF64_32_0_0_403.dll [2020-07-26] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,model=14.0 -> C:PROGRA~1MICROS~1Office16NPSPWRAP.DLL [2015-07-31] (Microsoft Company -> Microsoft Company)
FF Plugin: adobe.com/AdobeAAMDetect -> C:Program Recordsdata (x86)Widespread FilesAdobeOOBEPDAppCCMUtilitiesnpAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:WINDOWSSysWOW64MacromedFlashNPSWF32_32_0_0_403.dll [2020-07-26] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,model=15.0 -> C:Program Recordsdata (x86)Mozilla Firefoxpluginsnpmeetingjoinpluginoc.dll [2018-10-16] (Microsoft Company -> Microsoft Company)
FF Plugin-x32: @microsoft.com/SharePoint,model=14.0 -> C:PROGRA~2MICROS~1Office16NPSPWRAP.DLL [2015-07-31] (Microsoft Company -> Microsoft Company)
FF Plugin-x32: @videolan.org/vlc,model=2.2.6 -> C:Program Recordsdata (x86)VideoLANVLCnpvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,model=3.0.6 -> C:Program Recordsdata (x86)VideoLANVLCnpvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:Program Recordsdata (x86)AdobeAcrobat Reader DCReaderAIRnppdf32.dll [2020-05-19] (Adobe Inc. -> Adobe Techniques Inc.)
FF Plugin HKUS-1-5-21-3079031520-2956614243-2143490567-1001: @acestream.internet/acestreamplugin,model=3.1.1 -> C:UserspeterAppDataRoamingACEStreamplayernpace_plugin.dll [2015-08-06] (Revolutionary Digital Applied sciences -> Revolutionary Digital Applied sciences)
FF ExtraCheck: C:Program Filesmozilla firefoxbrowserdefaultspreferencesfirefox.js [2018-11-01]

Chrome:
=======
CHR Profile: C:UserspeterAppDataLocalGoogleChromeUser DataDefault [2020-07-27]
CHR DefaultSearchURL: Default -> hxxps://uk.search.yahoo.com/search?fr=mcafee&sort=E210GB1377G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Slides) – C:UserspeterAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2017-11-04]
CHR Extension: (Flash Video Downloader) – C:UserspeterAppDataLocalGoogleChromeUser DataDefaultExtensionsaiimdkdngfcipjohbjenkahhlhccpdbc [2019-05-08]
CHR Extension: (Docs) – C:UserspeterAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2017-11-04]
CHR Extension: (Google Drive) – C:UserspeterAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2017-11-04]
CHR Extension: (YouTube) – C:UserspeterAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-04]
CHR Extension: (ZenMate VPN – Greatest Cyber Safety & Unblock) – C:UserspeterAppDataLocalGoogleChromeUser DataDefaultExtensionsfdcgdnkidjaadafnichfpabhfomcebme [2019-10-06]
CHR Extension: (Sheets) – C:UserspeterAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2017-11-04]
CHR Extension: (McAfee® WebAdvisor) – C:UserspeterAppDataLocalGoogleChromeUser DataDefaultExtensionsfheoggkfdfchfphceeifdbepaooicaho [2019-09-13]
CHR Extension: (Google Docs Offline) – C:UserspeterAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Avast On-line Safety) – C:UserspeterAppDataLocalGoogleChromeUser DataDefaultExtensionsgomekmidlodglbbmalcneegieacbdmki [2019-09-13]
CHR Extension: (vGet Extension (Video Downloader, DLNA)) – C:UserspeterAppDataLocalGoogleChromeUser DataDefaultExtensionshniladkejehjfchadikcbjmgjaogciic [2017-11-04]
CHR Extension: (Ace Script) – C:UserspeterAppDataLocalGoogleChromeUser DataDefaultExtensionsmjbepbhonbojpoaenhckjocchgfiaofo [2019-01-28]
CHR Extension: (Chrome Internet Retailer Funds) – C:UserspeterAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2018-07-18]
CHR Extension: (Gmail) – C:UserspeterAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) – C:UserspeterAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-21]
CHR HKLM…ChromeExtension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKUS-1-5-21-3079031520-2956614243-2143490567-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32…ChromeExtension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32…ChromeExtension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Companies (Whitelisted) ===================

(If an entry is included within the fixlist, will probably be faraway from the registry. The file is not going to be moved until listed individually.)

S3 AdobeFlashPlayerUpdateSvc; C:WINDOWSSysWOW64MacromedFlashFlashPlayerUpdateService.exe [335416 2020-07-26] (Adobe Inc. -> Adobe)
R2 AGMService; C:Program Recordsdata (x86)Widespread FilesAdobeAdobeGCClientAGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Techniques, Integrated)
S2 AGSService; C:Program Recordsdata (x86)Widespread FilesAdobeAdobeGCClientAGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Techniques, Integrated)
R2 Apple Cell System Service; C:Program FilesCommon FilesAppleMobile System SupportAppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:Program FilesAVAST SoftwareAvastaswidsagent.exe [6259592 2020-02-09] (AVAST Software program s.r.o. -> AVAST Software program)
R2 AtherosSvc; C:Program Recordsdata (x86)Bluetooth Suiteadminservice.exe [319104 2014-03-18] (Qualcomm Atheros -> Home windows ® Win 7 DDK supplier) [File not signed]
R2 avast! Antivirus; C:Program FilesAVAST SoftwareAvastAvastSvc.exe [996880 2019-10-06] (AVAST Software program s.r.o. -> AVAST Software program)
R2 dts_apo_service; C:Program Recordsdata (x86)DTS, IncDTS Studio Sounddts_apo_service.exe [21840 2014-03-03] (DTS, Inc. -> )
S3 FLEXnet Licensing Service; C:Program Recordsdata (x86)Widespread FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [658432 2018-11-14] (Macrovision Europe Ltd.) [File not signed]
R2 Intel® Functionality Licensing Service Interface; C:Program FilesIntelTXE ComponentsTCSHeciServer.exe [733696 2013-07-01] (Intel® Company) [File not signed]
S2 MBAMInstallerService; C:Program FilesMalwarebytesAnti-MalwareMBAMInstallerService.exe [6307280 2020-07-26] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMService; C:Program FilesMalwarebytesAnti-Malwarembamservice.exe [6347056 2018-09-19] (Malwarebytes Company -> Malwarebytes)
R2 McAfee WebAdvisor; C:Program FilesMcAfeeWebAdvisorServiceHost.exe [947280 2020-07-28] (McAfee, LLC -> McAfee, LLC)
R2 TeamViewer; C:Program Recordsdata (x86)TeamViewerTeamViewer_Service.exe [11665240 2019-02-26] (TeamViewer GmbH -> TeamViewer GmbH)
R2 TechSmith Uploader Service; C:Program Recordsdata (x86)Widespread FilesTechSmith SharedUploaderUploaderService.exe [3661096 2015-09-14] (TechSmith Company -> TechSmith Company)
S3 TemproMonitoringService; C:Program Recordsdata (x86)Toshiba TEMPROTemproSvc.exe [118856 2015-08-05] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
S3 WdNisSvc; C:Program FilesWindows DefenderNisSrv.exe [361824 2017-01-12] (Microsoft Company -> Microsoft Company)
S3 WinDefend; C:Program FilesWindows DefenderMsMpEng.exe [119872 2017-01-12] (Microsoft Company -> Microsoft Company)
R2 WsAppService; C:Program Recordsdata (x86)WondershareWAF2.1.6.0WsAppService.exe [388608 2016-01-28] (Wondershare) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included within the fixlist, will probably be faraway from the registry. The file is not going to be moved until listed individually.)

R0 aswArDisk; C:WINDOWSSystem32driversaswArDisk.sys [37136 2020-07-26] (Avast Software program s.r.o. -> AVAST Software program)
R1 aswArPot; C:WINDOWSSystem32driversaswArPot.sys [205880 2020-07-26] (Avast Software program s.r.o. -> AVAST Software program)
R1 aswbidsdriver; C:WINDOWSSystem32driversaswbidsdriver.sys [235584 2020-07-26] (Avast Software program s.r.o. -> AVAST Software program)
R0 aswbidsh; C:WINDOWSSystem32driversaswbidsh.sys [195648 2020-07-26] (Avast Software program s.r.o. -> AVAST Software program)
R0 aswbuniv; C:WINDOWSSystem32driversaswbuniv.sys [60480 2020-07-26] (Avast Software program s.r.o. -> AVAST Software program)
R1 aswKbd; C:WINDOWSSystem32driversaswKbd.sys [42768 2020-07-26] (Avast Software program s.r.o. -> AVAST Software program)
R2 aswMonFlt; C:WINDOWSSystem32driversaswMonFlt.sys [171520 2019-10-06] (AVAST Software program s.r.o. -> AVAST Software program)
R1 aswNetHub; C:WINDOWSSystem32driversaswNetHub.sys [514448 2020-07-26] (Avast Software program s.r.o. -> AVAST Software program)
R1 aswRdr; C:WINDOWSSystem32driversaswRdr2.sys [109272 2020-07-26] (Avast Software program s.r.o. -> AVAST Software program)
R0 aswRvrt; C:WINDOWSSystem32driversaswRvrt.sys [84848 2020-07-26] (Avast Software program s.r.o. -> AVAST Software program)
R1 aswSnx; C:WINDOWSSystem32driversaswSnx.sys [851600 2020-07-26] (Avast Software program s.r.o. -> AVAST Software program)
R1 aswSP; C:WINDOWSSystem32driversaswSP.sys [466232 2020-07-26] (Avast Software program s.r.o. -> AVAST Software program)
R2 aswStm; C:WINDOWSSystem32driversaswStm.sys [236024 2019-10-06] (AVAST Software program s.r.o. -> AVAST Software program)
R0 aswVmm; C:WINDOWSSystem32driversaswVmm.sys [323272 2020-07-26] (Avast Software program s.r.o. -> AVAST Software program)
R3 athr; C:WINDOWSsystem32DRIVERSathwbx.sys [4265984 2014-12-21] (Microsoft Home windows {Hardware} Compatibility Writer -> Qualcomm Atheros Communications, Inc.)
S3 dtultrascsibus; C:WINDOWSSystem32driversdtultrascsibus.sys [42256 2019-04-10] (AVB Disc Comfortable, SIA -> Disc Comfortable Ltd)
S3 dtultrausbbus; C:WINDOWSSystem32driversdtultrausbbus.sys [59344 2019-04-10] (AVB Disc Comfortable, SIA -> Disc Comfortable Ltd)
R0 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [261032 2020-07-06] (Malwarebytes Company -> Malwarebytes)
S3 Netaapl; C:WINDOWSsystem32DRIVERSnetaapl64.sys [23040 2014-08-15] (Microsoft Home windows {Hardware} Compatibility Writer -> Apple Inc.)
S3 ptun0901; C:WINDOWSsystem32DRIVERSptun0901.sys [27136 2014-08-08] (OpenVPN Applied sciences, Inc. -> The OpenVPN Undertaking)
R3 RSP2STOR; C:WINDOWSsystem32DRIVERSRtsP2Stor.sys [291544 2014-01-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 speedfan; C:WINDOWSSysWOW64speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software program)
S3 tap0901; C:WINDOWSsystem32DRIVERStap0901.sys [40664 2016-11-07] (OpenVPN Applied sciences, Inc. -> The OpenVPN Undertaking)
R3 Thotkey; C:WINDOWSSystem32driversThotkey.sys [33168 2013-11-01] (TOSHIBA CORPORATION -> Home windows ® Win 7 DDK supplier)
S3 USBAAPL64; C:WINDOWSSystem32Driversusbaapl64.sys [54784 2015-06-17] (Microsoft Home windows {Hardware} Compatibility Writer -> Apple, Inc.)
S3 WdBoot; C:WINDOWSsystem32driversWdBoot.sys [46600 2017-02-10] (Microsoft Home windows Early Launch Anti-malware Writer -> Microsoft Company)
S3 WdFilter; C:WINDOWSsystem32driversWdFilter.sys [274776 2017-01-12] (Microsoft Home windows -> Microsoft Company)
S3 WdNisDrv; C:WINDOWSSystem32DriversWdNisDrv.sys [117592 2017-01-12] (Microsoft Home windows -> Microsoft Company)
U1 aswbdisk; no ImagePath
U3 aswblog; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included within the fixlist, will probably be faraway from the registry. The file is not going to be moved until listed individually.)

==================== One month (created) ===================

(If an entry is included within the fixlist, the file/folder might be moved.)

2020-07-28 20:41 – 2020-07-28 20:52 – 000034833 _____ C:UserspeterDesktopFRST.txt
2020-07-26 22:47 – 2020-07-28 20:03 – 000000000 ____D C:UserspeterAppDataLocalLowuTorrent
2020-07-26 12:23 – 2020-07-26 12:23 – 000001747 _____ C:UsersPublicDesktopDefraggler.lnk
2020-07-26 12:23 – 2020-07-26 12:23 – 000001747 _____ C:ProgramDataDesktopDefraggler.lnk
2020-07-26 12:23 – 2020-07-26 12:23 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDefraggler
2020-07-26 12:23 – 2020-07-26 12:23 – 000000000 ____D C:Program FilesDefraggler
2020-07-26 11:17 – 2020-07-26 11:02 – 000335976 _____ (AVAST Software program) C:WINDOWSsystem32aswBoot.exe
2020-07-26 11:15 – 2020-07-26 11:05 – 000216816 _____ (AVAST Software program) C:WINDOWSsystem32Driversasw15188830a01039f0.tmp
2020-07-26 11:15 – 2020-07-26 11:03 – 000514448 _____ (AVAST Software program) C:WINDOWSsystem32DriversaswNetHub.sys
2020-07-26 11:15 – 2020-07-26 11:03 – 000175192 _____ (AVAST Software program) C:WINDOWSsystem32Driversasw331cc22d2fcbb876.tmp
2020-07-26 10:35 – 2020-07-26 10:35 – 028064096 _____ (Piriform Software program Ltd) C:UserspeterDesktopccsetup569.exe
2020-07-26 10:31 – 2020-07-26 10:31 – 009585208 _____ (Adobe) C:WINDOWSSysWOW64FlashPlayerInstaller.exe
2020-07-26 10:29 – 2020-07-26 10:29 – 000000000 ____D C:Malwarebytes
2020-07-06 11:23 – 2020-07-06 12:01 – 000261032 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys
2020-07-06 11:23 – 2020-07-06 11:23 – 000000000 _____ C:UserspeterAppDataLocal{998743C3-BAC0-4427-9479-452289EDACC9}
2020-07-06 11:23 – 2020-07-06 11:23 – 000000000 _____ C:UserspeterAppDataLocal{7C14F23B-86A9-45F5-928E-A693146096A6}

==================== One month (modified) ==================

(If an entry is included within the fixlist, the file/folder might be moved.)

2020-07-28 21:11 – 2017-10-21 21:54 – 000000000 ____D C:UserspeterAppDataRoaminguTorrent
2020-07-28 21:00 – 2013-08-22 16:20 – 000000000 ____D C:WINDOWSCbsTemp
2020-07-28 20:46 – 2015-12-19 11:37 – 000000000 ____D C:FRST
2020-07-28 20:37 – 2018-11-01 22:09 – 002296320 _____ (Farbar) C:UserspeterDesktopFRST64.exe
2020-07-28 20:08 – 2019-10-06 16:50 – 000000000 ___HD C:UsersPublicDocumentsAdobeGCData
2020-07-28 20:08 – 2019-10-06 16:50 – 000000000 ___HD C:ProgramDataDocumentsAdobeGCData
2020-07-28 20:06 – 2020-05-28 17:05 – 000000000 ____D C:Program FilesMozilla Firefox
2020-07-28 20:05 – 2017-10-21 19:56 – 000003598 _____ C:WINDOWSsystem32TasksOptimize Begin Menu Cache Recordsdata-S-1-5-21-3079031520-2956614243-2143490567-1001
2020-07-28 20:04 – 2019-01-14 15:30 – 000000000 ____D C:UserspeterAppDataLocalAVAST Software program
2020-07-28 20:04 – 2016-11-19 08:27 – 000000000 ____D C:UserspeterAppDataLocalLowMozilla
2020-07-28 20:03 – 2019-03-04 14:03 – 000000000 ____D C:UserspeterAppDataLocalBitTorrentHelper
2020-07-28 20:01 – 2017-10-21 21:03 – 000000000 ___RD C:UserspeterOneDrive
2020-07-27 18:32 – 2015-10-24 11:37 – 000000000 ____D C:UserspeterAppDataLocalPackages
2020-07-27 18:31 – 2018-10-28 20:22 – 000000000 ____D C:UserspeterDocumentsMisc
2020-07-27 17:33 – 2018-04-07 17:57 – 000000000 ____D C:UserspeterAppDataLocalCrashDumps
2020-07-27 17:33 – 2017-12-02 08:22 – 000000000 ____D C:WINDOWSMinidump
2020-07-27 17:33 – 2013-08-22 14:36 – 000000000 ____D C:WINDOWSInf
2020-07-27 17:31 – 2015-11-29 21:24 – 000000000 ____D C:UserspeterDesktopMisc
2020-07-27 17:01 – 2019-01-13 15:31 – 000003870 _____ C:WINDOWSsystem32TasksCCleaner Replace
2020-07-27 17:01 – 2019-01-13 15:31 – 000000845 _____ C:UsersPublicDesktopCCleaner.lnk
2020-07-27 17:01 – 2019-01-13 15:31 – 000000845 _____ C:ProgramDataDesktopCCleaner.lnk
2020-07-27 13:37 – 2019-01-13 15:37 – 000004168 _____ C:WINDOWSsystem32TasksAvast Emergency Replace
2020-07-26 22:47 – 2016-09-10 21:57 – 000000000 ____D C:UserspeterDownloadsTV collection
2020-07-26 15:03 – 2017-11-04 01:09 – 000002245 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2020-07-26 15:03 – 2017-11-04 01:09 – 000002204 _____ C:UsersPublicDesktopGoogle Chrome.lnk
2020-07-26 15:03 – 2017-11-04 01:09 – 000002204 _____ C:ProgramDataDesktopGoogle Chrome.lnk
2020-07-26 14:04 – 2017-10-30 23:37 – 000003184 _____ C:WINDOWSsystem32TasksOneDrive Standalone Replace Process-S-1-5-21-3079031520-2956614243-2143490567-1001
2020-07-26 14:02 – 2020-05-28 19:40 – 000002313 _____ C:UserspeterAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive for Enterprise.lnk
2020-07-26 12:57 – 2019-05-18 23:12 – 000004476 _____ C:WINDOWSsystem32TasksAdobe Acrobat Replace Process
2020-07-26 12:55 – 2019-05-18 23:07 – 000002050 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAcrobat Reader DC.lnk
2020-07-26 11:08 – 2019-01-13 15:35 – 000323272 _____ (AVAST Software program) C:WINDOWSsystem32DriversaswVmm.sys
2020-07-26 11:04 – 2019-01-13 15:35 – 000466232 _____ (AVAST Software program) C:WINDOWSsystem32DriversaswSP.sys
2020-07-26 11:04 – 2019-01-13 15:35 – 000195648 _____ (AVAST Software program) C:WINDOWSsystem32Driversaswbidsh.sys
2020-07-26 11:04 – 2019-01-13 15:35 – 000084848 _____ (AVAST Software program) C:WINDOWSsystem32DriversaswRvrt.sys
2020-07-26 11:04 – 2019-01-13 15:35 – 000060480 _____ (AVAST Software program) C:WINDOWSsystem32Driversaswbuniv.sys
2020-07-26 11:03 – 2019-01-13 15:35 – 000109272 _____ (AVAST Software program) C:WINDOWSsystem32DriversaswRdr2.sys
2020-07-26 11:03 – 2019-01-13 15:35 – 000042768 _____ (AVAST Software program) C:WINDOWSsystem32DriversaswKbd.sys
2020-07-26 11:00 – 2019-01-14 23:17 – 000235584 _____ (AVAST Software program) C:WINDOWSsystem32Driversaswbidsdriver.sys
2020-07-26 11:00 – 2019-01-13 15:35 – 000851600 _____ (AVAST Software program) C:WINDOWSsystem32DriversaswSnx.sys
2020-07-26 11:00 – 2019-01-13 15:35 – 000205880 _____ (AVAST Software program) C:WINDOWSsystem32DriversaswArPot.sys
2020-07-26 11:00 – 2019-01-13 15:35 – 000037136 _____ (AVAST Software program) C:WINDOWSsystem32DriversaswArDisk.sys
2020-07-26 10:36 – 2018-03-13 15:40 – 000004472 _____ C:WINDOWSsystem32TasksAdobe Flash Participant NPAPI Notifier
2020-07-26 10:36 – 2017-10-23 02:40 – 000004324 _____ C:WINDOWSsystem32TasksAdobe Flash Participant Updater
2020-07-26 10:33 – 2013-08-22 16:36 – 000000000 ____D C:WINDOWSsystem32Macromed
2020-07-26 10:31 – 2013-08-22 16:36 – 000000000 ____D C:WINDOWSSysWOW64Macromed
2020-07-06 12:18 – 2017-10-21 17:06 – 000000000 ____D C:Userspeter
2020-07-06 12:08 – 2014-05-06 08:45 – 000330722 _____ C:WINDOWSsystem32perfh01D.dat
2020-07-06 12:08 – 2014-05-06 08:45 – 000053812 _____ C:WINDOWSsystem32perfc01D.dat
2020-07-06 12:08 – 2014-05-06 08:24 – 000335060 _____ C:WINDOWSsystem32perfh014.dat
2020-07-06 12:08 – 2014-05-06 08:24 – 000008316 _____ C:WINDOWSsystem32perfc014.dat
2020-07-06 12:08 – 2014-05-06 08:03 – 000316716 _____ C:WINDOWSsystem32perfh00B.dat
2020-07-06 12:08 – 2014-05-06 08:03 – 000055716 _____ C:WINDOWSsystem32perfc00B.dat
2020-07-06 12:08 – 2014-05-06 07:43 – 000342586 _____ C:WINDOWSsystem32perfh006.dat
2020-07-06 12:08 – 2014-05-06 07:43 – 000056220 _____ C:WINDOWSsystem32perfc006.dat
2020-07-06 12:08 – 2014-03-18 16:25 – 002274992 _____ C:WINDOWSsystem32PerfStringBackup.INI
2020-07-06 12:00 – 2019-03-01 22:03 – 000000000 ____D C:Program Recordsdata (x86)TeamViewer
2020-07-06 12:00 – 2013-08-22 15:45 – 000000006 ____H C:WINDOWSTasksSA.DAT
2020-07-06 11:57 – 2017-10-23 02:22 – 000000000 ____D C:UserspeterAppDataRoamingvlc
2020-07-06 11:37 – 2018-11-01 16:13 – 000000000 ____D C:UserspeterDocumentsTraining

==================== Recordsdata within the root of some directories ========

2017-11-04 10:44 – 2018-02-01 23:49 – 000099384 _____ () C:UserspeterAppDataRoaminginst.exe
2017-11-04 10:44 – 2018-02-01 23:49 – 000007859 _____ () C:UserspeterAppDataRoamingpcouffin.cat
2017-11-04 10:44 – 2018-02-01 23:49 – 000001167 _____ () C:UserspeterAppDataRoamingpcouffin.inf
2017-11-04 10:47 – 2018-02-01 23:49 – 000000033 _____ () C:UserspeterAppDataRoamingpcouffin.log
2017-11-04 10:44 – 2018-02-01 23:49 – 000082816 _____ (VSO Software program) C:UserspeterAppDataRoamingpcouffin.sys
2018-11-04 00:45 – 2018-11-04 00:45 – 000008546 _____ () C:UserspeterAppDataRoamingPLBCCNQILN-DECRYPT.txt
2018-08-24 19:15 – 2018-08-24 19:15 – 000011568 _____ () C:UserspeterAppDataLocalInstallationConfiguration.xml
2019-04-09 10:09 – 2019-04-09 10:09 – 000000000 _____ () C:UserspeterAppDataLocaloobelibMkey.log
2018-10-12 18:04 – 2018-10-12 18:04 – 000000017 _____ () C:UserspeterAppDataLocalresmon.resmoncfg
2018-08-21 08:49 – 2018-08-21 08:49 – 000000000 _____ () C:UserspeterAppDataLocal{42C59258-E948-405F-ABCD-C0B314D3BF39}
2019-04-19 23:48 – 2019-04-19 23:48 – 000000000 _____ () C:UserspeterAppDataLocal{42FF1EA5-C529-449A-98B8-D280479EE8D6}
2020-07-06 11:23 – 2020-07-06 11:23 – 000000000 _____ () C:UserspeterAppDataLocal{7C14F23B-86A9-45F5-928E-A693146096A6}
2020-06-06 16:39 – 2020-06-06 16:39 – 000000000 _____ () C:UserspeterAppDataLocal{922D7AE2-F1AB-4B94-A3C7-3BD6C4A2A2D0}
2020-07-06 11:23 – 2020-07-06 11:23 – 000000000 _____ () C:UserspeterAppDataLocal{998743C3-BAC0-4427-9479-452289EDACC9}

==================== SigCheck ============================

(There is no such thing as a automated repair for recordsdata that don’t move verification.)

LastRegBack: 2019-06-22 22:35
==================== Finish of FRST.txt ========================

Extra scan results of Farbar Restoration Scan Device (x64) Model: 28-07-2020
Ran by peter (28-07-2020 21:12:57)
Working from C:UserspeterDesktop
Home windows 8.1 (Replace) (X64) (2017-10-21 16:20:35)
Boot Mode: Regular
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3079031520-2956614243-2143490567-500 – Administrator – Disabled) => C:UsersAdministrator
Visitor (S-1-5-21-3079031520-2956614243-2143490567-501 – Restricted – Enabled)
HomeGroupUser$ (S-1-5-21-3079031520-2956614243-2143490567-1003 – Restricted – Enabled)
peter (S-1-5-21-3079031520-2956614243-2143490567-1001 – Administrator – Enabled) => C:Userspeter
Peter_2 (S-1-5-21-3079031520-2956614243-2143490567-1004 – Administrator – Enabled) => C:UsersPeter_2

==================== Safety Heart ========================

(If an entry is included within the fixlist, will probably be eliminated.)

AV: Avast Antivirus (Enabled – Updated) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Home windows Defender (Disabled – Updated) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Home windows Defender (Disabled – Updated) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled – Updated) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Put in Applications ======================

(Solely the adware packages with “Hidden” flag might be added to the fixlist to unhide them. The adware packages ought to be uninstalled manually.)

µTorrent (HKUS-1-5-21-3079031520-2956614243-2143490567-1001…uTorrent) (Model: 3.5.5.45702 – BitTorrent Inc.)
Ace Stream Media 3.1.1 (HKUS-1-5-21-3079031520-2956614243-2143490567-1001…AceStream) (Model: 3.1.1 – Ace Stream Media) <==== ATTENTION
Adobe Acrobat Reader DC (HKLM-x32…{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Model: 20.009.20074 – Adobe Techniques Integrated)
Adobe Flash Participant 32 NPAPI (HKLM-x32…Adobe Flash Participant NPAPI) (Model: 32.0.0.403 – Adobe)
Apowersoft On-line Launcher model 1.7.1 (HKUS-1-5-21-3079031520-2956614243-2143490567-1001…{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Model: 1.7.1 – APOWERSOFT LIMITED)
Apple Software Help (32-bit) (HKLM-x32…{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Model: 7.0.2 – Apple Inc.)
Apple Software Help (64-bit) (HKLM…{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Model: 7.0.2 – Apple Inc.)
Apple Cell System Help (HKLM…{77F8C879-88CD-4145-945A-541C35285285}) (Model: 12.0.0.1039 – Apple Inc.)
Apple Software program Replace (HKLM-x32…{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Model: 2.6.0.1 – Apple Inc.)
Atheros Driver Set up Program (HKLM-x32…{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Model: 10.0 – Atheros)
Avast Free Antivirus (HKLM-x32…Avast Antivirus) (Model: 20.5.2415 – Avast Software program)
Bonjour (HKLM…{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Model: 3.1.0.1 – Apple Inc.)
CCleaner (HKLM…CCleaner) (Model: 5.69 – Piriform)
Defraggler (HKLM…Defraggler) (Model: 2.22 – Piriform)
DTS Sound (HKLM-x32…{9B17BBEC-CF31-4C23-949E-E65A14365CE1}) (Model: 1.01.6100 – DTS, Inc.)
Evernote (HKLM-x32…Evernote) (Model: 1.0.0 – Evernote Launcher by Toshiba Europe GmbH)
GetFLV 9.998.978 (HKLM-x32…GetFLV_is1) (Model:  – GetFLV, Inc.)
Google Chrome (HKLM-x32…Google Chrome) (Model: 84.0.4147.89 – Google LLC)
Google Drive (HKLM-x32…{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Model: 2.34.9392.7803 – Google, Inc.)
Google Replace Helper (HKLM-x32…{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Model: 1.3.35.451 – Google LLC) Hidden
Google Replace Helper (HKLM-x32…{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Model: 1.3.21.115 – Google Inc.) Hidden
Herramientas de corrección de Microsoft Workplace 2016: español (HKLM…{90160000-001F-0C0A-1000-0000000FF1CE}) (Model: 16.0.4266.1001 – Microsoft Company) Hidden
Intel® Processor Graphics (HKLM-x32…{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Model: 10.18.10.3408 – Intel Company)
Intel® Trusted Execution Engine (HKLM…{176E2755-0A17-42C6-88E2-192AB2131278}) (Model: 1.0.0.1064 – Intel Company)
iSkysoft Free iPhone Knowledge Restoration(Construct 2.0.1.1) (HKLM-x32…{10B4DAB2-9F85-483e-BF03-31771821E060}_is1) (Model: 2.0.1.1 – iSkysoft Software program Co.,Ltd.)
JDownloader 2 (HKLM…jdownloader2) (Model: 2.0 – AppWork GmbH)
LockHunter 3.2, 32/64 bit (HKLM…LockHunter_is1) (Model:  – Crystal Wealthy Ltd)
Malwarebytes model 3.6.1.2711 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Model: 3.6.1.2711 – Malwarebytes)
McAfee WebAdvisor (HKLM-x32…{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Model: 4.1.1.133 – McAfee, LLC)
Microsoft Workplace Skilled Plus 2016 (HKLM…Office16.PROPLUS) (Model: 16.0.4266.1001 – Microsoft Company)
Microsoft OneDrive (HKU.DEFAULT…OneDriveSetup.exe) (Model: 17.3.6743.1212 – Microsoft Company)
Microsoft OneDrive (HKUS-1-5-21-3079031520-2956614243-2143490567-1001…OneDriveSetup.exe) (Model: 20.114.0607.0002 – Microsoft Company)
Microsoft Visible C++ 2005 Redistributable (HKLM-x32…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Model: 8.0.61001 – Microsoft Company)
Microsoft Visible C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Model: 9.0.30729 – Microsoft Company)
Microsoft Visible C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Model: 9.0.30729.4148 – Microsoft Company)
Microsoft Visible C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Model: 9.0.30729.6161 – Microsoft Company)
Microsoft Visible C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Model: 10.0.40219 – Microsoft Company)
Microsoft Visible C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Model: 10.0.40219 – Microsoft Company)
Microsoft Visible C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{d07b0db5-8dad-40e1-be90-88026298a46b}) (Model: 11.0.61030.0 – Microsoft Company)
Microsoft Visible C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Model: 11.0.61030.0 – Microsoft Company)
Microsoft Visible C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Model: 11.0.61030.0 – Microsoft Company)
Microsoft Visible C++ 2015 Redistributable (x86) – 14.0.24215 (HKLM-x32…{e2803110-78b3-4664-a479-3611a381656a}) (Model: 14.0.24215.1 – Microsoft Company)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32…{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Model: 4.0.20823.0 – Microsoft Company)
mIRC (HKLM-x32…mIRC) (Model: 7.38 – mIRC Co. Ltd.)
Mozilla Firefox 76.0.1 (x64 en-GB) (HKLM…Mozilla Firefox 76.0.1 (x64 en-GB)) (Model: 76.0.1 – Mozilla)
Mozilla Upkeep Service (HKLM…MozillaMaintenanceService) (Model: 63.0.1 – Mozilla)
Nero BurningROM 2018 (HKLM-x32…{1E053FAF-91B8-431B-91D3-ABC34C081A46}) (Model: 19.0.00800 – Nero AG)
Nero Information (HKLM-x32…{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Model: 19.0.1003 – Nero AG)
Nullsoft Set up System (HKLM-x32…NSIS) (Model: 3.02.1 – )
Outils de vérification linguistique 2016 de Microsoft Workplace – Français (HKLM…{90160000-001F-040C-1000-0000000FF1CE}) (Model: 16.0.4266.1001 – Microsoft Company) Hidden
Patch – GetFLV Professional 9.998.978 (HKLM-x32…Patch – GetFLV Professional 9.998.978) (Model: 9.998.978 – Crackingpatching.com Workforce)
Prerequisite installer (HKLM-x32…{AD240F1A-3102-492E-B657-17969A9D5E9A}) (Model: 19.0.0004 – Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM…{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Model: 8.0.1.318 – Qualcomm Atheros)
Realtek Card Reader (HKLM-x32…{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Model: 6.3.9600.29075 – Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32…{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Model: 8.24.1218.2013 – Realtek)
Realtek Excessive Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Model: 6.0.1.7195 – Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.5 (HKLM…{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Model: 2.1.5 – VS Revo Group, Ltd.)
Rosetta Stone V3 (HKLM-x32…{7210BCFE-ED8D-4261-8537-81B5A4BDFA2A}) (Model: 3.2.11 – Rosetta Stone)
Skype model 8.34 (HKLM-x32…Skype_is1) (Model: 8.34 – Skype Applied sciences S.A.)
Snagit 13 (HKLM-x32…{2D2045B7-AF91-409C-87F6-99E263CDC13F}) (Model: 13.0.3 – TechSmith Company) Hidden
Snagit 13 (HKLM-x32…{f29bb215-650d-41d0-bf32-cf9a4dc25055}) (Model: 13.0.3.7011 – TechSmith Company)
SpeedFan (take away solely) (HKLM-x32…SpeedFan) (Model:  – )
Stellar Phoenix Home windows Knowledge Restoration (HKLM-x32…Stellar Phoenix Home windows Knowledge Recovery_is1) (Model: 7.0.0.0 – Stellar Data Know-how Pvt Ltd.)
Symbaloo (HKLM-x32…Symbaloo) (Model: 1.0.0 – Symbaloo Launcher by Toshiba Europe GmbH)
Synaptics Pointing System Driver (HKLM…SynTPDeinstKey) (Model: 18.1.3.0 – Synaptics Integrated)
TeamViewer 14 (HKLM-x32…TeamViewer) (Model: 14.1.18533 – TeamViewer)
TOSHIBA Desktop Help (HKLM…{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Model: 1.03.04.6401 – Toshiba Company)
TOSHIBA Show Utility (HKLM…{F64E9295-E1B3-4EEA-86D3-AF44A0087B06}) (Model: 1.1.16.0 – Toshiba Company)
TOSHIBA eco Utility (HKLM…{94D2A899-0C34-4420-880E-AE337E635AB0}) (Model: 2.4.2.6403 – Toshiba Company)
TOSHIBA Flash Playing cards Help Utility (HKLM-x32…InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Model: 1.51.81.2C – TOSHIBA CORPORATION)
TOSHIBA Perform Key (HKLM…{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Model: 1.1.5.6402 – Toshiba Company)
TOSHIBA Manuals (HKLM-x32…{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Model: 10.19 – TOSHIBA)
TOSHIBA Password Utility (HKLM-x32…InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Model: 2.0.0.15C – Toshiba Company)
TOSHIBA PC Well being Monitor (HKLM…{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Model: 3.01.02.6400 – Toshiba Company)
TOSHIBA Restoration Media Creator (HKLM-x32…{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Model: 3.2.00.56006005 – Toshiba Company)
TOSHIBA Service Station (HKLM…{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Model: 2.6.13 – Toshiba Company)
TOSHIBA Begin Display screen Possibility (HKLM…{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Model: 1.00.01.6402 – Toshiba Company)
TOSHIBA System Driver (HKLM-x32…{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Model: 1.00.0033 – Toshiba Company)
TOSHIBA System Settings (HKLM-x32…{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Model: 2.0.1.32003 – Toshiba Company)
Toshiba TEMPRO (HKLM-x32…{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Model: 4.9.1 – Toshiba Europe GmbH)
Replace for Skype for Enterprise 2016 (KB4484286) 64-Bit Version (HKLM…{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5F64605A-1F38-44BE-BB99-1799A6D11A62}) (Model:  – Microsoft)
Replace for Skype for Enterprise 2016 (KB4484286) 64-Bit Version (HKLM…{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5F64605A-1F38-44BE-BB99-1799A6D11A62}) (Model:  – Microsoft)
Replace for Skype for Enterprise 2016 (KB4484286) 64-Bit Version (HKLM…{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{5F64605A-1F38-44BE-BB99-1799A6D11A62}) (Model:  – Microsoft)
Utility Widespread Driver (HKLM-x32…{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Model: 1.0.53.3 – Compal) Hidden
Utility Widespread Driver (HKLM-x32…InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Model: 1.0.53.3 – Compal) Hidden
VLC media participant (HKLM-x32…VLC media participant) (Model: 3.0.6 – VideoLAN)
WinCDEmu (HKLM-x32…WinCDEmu) (Model: 4.1 – Sysprogs)
WinRAR 5.70 (64-bit) (HKLM…WinRAR archiver) (Model: 5.70.0 – win.rar GmbH)
WinRAR Restore Package 3.0 (HKLM-x32…WinRAR Restore Kit_is1) (Model:  – File Grasp LLC)
Wondershare Dr.Fone for iOS(Construct 7.0.0.12) (HKLM-x32…{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Model: 7.0.0.12 – Wondershare Software program Co.,Ltd.)
Wondershare Helper Compact 2.5.2 (HKLM-x32…{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Model: 2.5.2 – Wondershare)

Packages:
=========
Doodle God™ Free for Toshiba -> C:Program FilesWindowsApps7E440FBB.DoodleGodFreeforToshiba_2.0.0.48_x64__pvm5kvqj2rwym [2018-11-04] (JoyBits-Ltd.)
eBay -> C:Program FilesWindowsAppseBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2018-11-04] (eBay, Inc)
Evernote Contact -> C:Program FilesWindowsAppsEvernote.Evernote_3.3.0.102_x86__q4d96b2w5wcc2 [2018-11-04] (Evernote)
MSN Meals & Drink -> C:Program FilesWindowsAppsMicrosoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2018-11-04] (Microsoft Company) [MS Ad]
MSN Well being & Health -> C:Program FilesWindowsAppsMicrosoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2018-11-04] (Microsoft Company) [MS Ad]
MSN Cash -> C:Program FilesWindowsAppsMicrosoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2018-11-04] (Microsoft Company) [MS Ad]
MSN Information -> C:Program FilesWindowsAppsMicrosoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2018-11-04] (Microsoft Company) [MS Ad]
MSN Sport -> C:Program FilesWindowsAppsMicrosoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2018-11-04] (Microsoft Company) [MS Ad]
MSN Journey -> C:Program FilesWindowsAppsMicrosoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2018-11-04] (Microsoft Company) [MS Ad]
MSN Climate -> C:Program FilesWindowsAppsMicrosoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2018-11-04] (Microsoft Company) [MS Ad]
Music -> C:Program FilesWindowsAppsMicrosoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2018-11-04] (Microsoft Company) [MS Ad]
My Toshiba -> C:Program FilesWindowsAppsEnnovaResearch.ToshibaPlaces_2.2.38.0_x64__3s2an63h56yee [2018-11-04] (Ennova Analysis)
Parcelgenie for Toshiba -> C:Program FilesWindowsAppsParcelPokeLimited.ParcelgenieforToshiba_2.1.1.25_neutral__8xyyyq1qzh8hy [2018-11-04] (Parcel Poke Restricted)
Skitch Contact -> C:Program FilesWindowsAppsEvernote.Skitch_2.4.2000.1918_neutral__q4d96b2w5wcc2 [2018-11-04] (Evernote)
Skype -> C:Program FilesWindowsAppsMicrosoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2018-11-04] (Skype) [MS Ad]
Skyscanner -> C:Program FilesWindowsAppsSkyscanner.Skyscanner_1.4.2.0_neutral__623c9he0pwcym [2018-11-04] (Skyscanner)
TOSHIBA Media Participant by sMedio TrueLink+ -> C:Program FilesWindowsAppssMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_3.1.1.33_x64__679ekb9hp1h62 [2018-11-04] (sMedio)
Video -> C:Program FilesWindowsAppsMicrosoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2018-11-04] (Microsoft Company) [MS Ad]

==================== Customized CLSID (Whitelisted): ==============

(If an entry is included within the fixlist, will probably be faraway from the registry. The file is not going to be moved until listed individually.)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:Program Recordsdata (x86)GoogleDrivegoogledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:Program Recordsdata (x86)GoogleDrivegoogledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:Program Recordsdata (x86)GoogleDrivegoogledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvastashShell.dll [2019-10-06] (AVAST Software program s.r.o. -> AVAST Software program)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvastashShell.dll [2019-10-06] (AVAST Software program s.r.o. -> AVAST Software program)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:Program FilesDefragglerDefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:Program Recordsdata (x86)GoogleDrivecontextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:Program FilesLockHunterLHShellExt64.dll [2017-07-20] (Crystal Wealthy Ltd -> Crystal Wealthy Ltd)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:Program Recordsdata (x86)TechSmithSnagit 13DLLx64SnagitShellExt64.dll [2016-10-10] (TechSmith Company -> TechSmith Company)
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:Program Recordsdata (x86)WinCDEmux64WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:Program FilesLockHunterLHShellExt64.dll [2017-07-20] (Crystal Wealthy Ltd -> Crystal Wealthy Ltd)
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:Program Recordsdata (x86)WinCDEmux64WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvastashShell.dll [2019-10-06] (AVAST Software program s.r.o. -> AVAST Software program)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:Program Recordsdata (x86)GoogleDrivecontextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:Program FilesLockHunterLHShellExt64.dll [2017-07-20] (Crystal Wealthy Ltd -> Crystal Wealthy Ltd)
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:Program Recordsdata (x86)TechSmithSnagit 13DLLx64SnagitShellExt64.dll [2016-10-10] (TechSmith Company -> TechSmith Company)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:Windowssystem32igfxpph.dll [2014-01-17] (Microsoft Home windows {Hardware} Compatibility Writer -> Intel Company)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvastashShell.dll [2019-10-06] (AVAST Software program s.r.o. -> AVAST Software program)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:Program FilesDefragglerDefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:Program Recordsdata (x86)WinCDEmux64WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included within the fixlist, the registry merchandise might be restored to default or eliminated. The file is not going to be moved.)

HKLM…Drivers32: [vidc.i420] => C:WINDOWSsystem32lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM…Drivers32: [vidc.i420] => C:WindowsSysWOW64lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

(The entries might be listed to be restored or eliminated.)

ShortcutWithArgument: C:UserspeterAppDataRoamingMicrosoftInternet ExplorerQuick LaunchGoogle Chrome.lnk -> C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –disable-quic
ShortcutWithArgument: C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk -> C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –disable-quic
ShortcutWithArgument: C:UsersPublicDesktopGoogle Chrome.lnk -> C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –disable-quic

==================== Loaded Modules (Whitelisted) =============

2016-10-10 17:55 – 2016-10-10 17:55 – 001152512 _____ () [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13cairo.dll
2016-10-10 17:55 – 2016-10-10 17:55 – 000601088 _____ () [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13fontconfig.dll
2016-10-10 17:55 – 2016-10-10 17:55 – 000778240 _____ () [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13harfbuzz.dll
2016-10-10 17:55 – 2016-10-10 17:55 – 000023552 _____ () [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13iconv.dll
2016-10-10 17:55 – 2016-10-10 17:55 – 000165888 _____ () [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13libpng16.dll
2016-10-10 17:55 – 2016-10-10 17:55 – 001015296 _____ () [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13libxml2.dll
2016-10-10 17:54 – 2016-10-10 17:54 – 008968192 _____ () [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13opencv_core300.dll
2016-10-10 17:54 – 2016-10-10 17:54 – 020629504 _____ () [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13opencv_imgproc300.dll
2016-10-10 17:55 – 2016-10-10 17:55 – 000588288 _____ () [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13pixman-1.dll
2016-10-10 17:55 – 2016-10-10 17:55 – 000071680 _____ () [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13zlib1.dll
2013-12-21 14:20 – 2013-12-21 14:20 – 000053248 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelib_blist.pyd
2011-06-12 14:06 – 2011-06-12 14:06 – 000106496 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelib_ctypes.pyd
2011-06-12 14:06 – 2011-06-12 14:06 – 000287232 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelib_hashlib.pyd
2014-01-23 12:37 – 2014-01-23 12:37 – 000036352 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelib_psutil_mswindows.pyd
2011-06-12 14:09 – 2011-06-12 14:09 – 000038400 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelib_socket.pyd
2011-06-12 14:09 – 2011-06-12 14:09 – 000720896 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelib_ssl.pyd
2015-11-10 14:21 – 2016-05-19 01:55 – 000314880 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibacestreamengine.Core.pyd
2015-11-10 14:39 – 2016-05-19 01:55 – 004481024 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibacestreamengine.CoreApp.pyd
2015-11-10 14:18 – 2016-05-19 01:55 – 003031552 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibacestreamengine.stay.pyd
2015-04-16 13:27 – 2015-04-16 13:27 – 000018944 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibacestreamengine.pycompat.pyd
2015-11-07 10:15 – 2016-05-19 01:55 – 000242792 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibacestreamengine.pysegmenter.pyd
2015-04-16 13:27 – 2015-04-16 13:27 – 002386432 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibacestreamengine.pywebrtc.pyd
2010-10-10 23:23 – 2010-10-10 23:23 – 000723968 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibapsw.pyd
2013-12-21 14:20 – 2013-12-21 14:20 – 000040448 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibbitarray._bitarray.pyd
2013-01-29 17:20 – 2013-01-29 17:20 – 000066048 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibcpyamf.amf0.pyd
2013-01-29 17:20 – 2013-01-29 17:20 – 000082944 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibcpyamf.util.pyd
2011-02-13 16:02 – 2011-02-13 16:02 – 000031232 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibCrypto.Cipher.AES.pyd
2015-04-16 13:29 – 2015-04-16 13:29 – 000112142 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamengineliblibgcc_s_dw2-1.dll
2011-01-18 22:56 – 2011-01-18 22:56 – 000334336 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibM2Crypto.__m2crypto.pyd
2015-04-16 13:29 – 2015-04-16 13:29 – 000061952 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibminiupnpc.pyd
2018-11-13 08:24 – 2016-05-19 01:55 – 000014848 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibnetifaces.pyd
2011-06-12 14:06 – 2011-06-12 14:06 – 000152576 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibpyexpat.pyd
2012-02-07 17:38 – 2012-02-07 17:38 – 000358912 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibpythoncom27.dll
2012-02-07 17:35 – 2012-02-07 17:35 – 000110080 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibpywintypes27.dll
2011-06-12 14:06 – 2011-06-12 14:06 – 000011776 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibselect.pyd
2011-06-12 14:06 – 2011-06-12 14:06 – 000688128 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibunicodedata.pyd
2012-02-07 17:37 – 2012-02-07 17:37 – 000098816 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibwin32api.pyd
2012-02-07 17:36 – 2012-02-07 17:36 – 000111616 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibwin32file.pyd
2012-02-07 17:37 – 2012-02-07 17:37 – 000167424 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibwin32gui.pyd
2012-02-07 17:36 – 2012-02-07 17:36 – 000024064 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibwin32pdh.pyd
2012-02-07 17:36 – 2012-02-07 17:36 – 000035840 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibwin32process.pyd
2011-07-15 20:38 – 2011-07-15 20:38 – 000966144 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibwx._controls_.pyd
2011-07-15 20:37 – 2011-07-15 20:37 – 000981504 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibwx._core_.pyd
2011-07-15 20:38 – 2011-07-15 20:38 – 000746496 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibwx._gdi_.pyd
2011-07-15 20:38 – 2011-07-15 20:38 – 000674816 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibwx._misc_.pyd
2011-07-15 20:38 – 2011-07-15 20:38 – 000670720 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibwx._windows_.pyd
2011-06-12 14:06 – 2011-06-12 14:06 – 000287232 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlib_hashlib.pyd
2011-06-12 14:09 – 2011-06-12 14:09 – 000038400 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlib_socket.pyd
2011-06-12 14:09 – 2011-06-12 14:09 – 000720896 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlib_ssl.pyd
2011-01-18 22:56 – 2011-01-18 22:56 – 000334336 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibM2Crypto.__m2crypto.pyd
2011-06-12 14:06 – 2011-06-12 14:06 – 000152576 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibpyexpat.pyd
2012-02-07 17:38 – 2012-02-07 17:38 – 000358912 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibpythoncom27.dll
2012-02-07 17:35 – 2012-02-07 17:35 – 000110080 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibpywintypes27.dll
2011-06-12 14:06 – 2011-06-12 14:06 – 000011776 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibselect.pyd
2012-02-07 17:37 – 2012-02-07 17:37 – 000098816 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibwin32api.pyd
2012-02-07 17:36 – 2012-02-07 17:36 – 000111616 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibwin32file.pyd
2012-02-07 17:36 – 2012-02-07 17:36 – 000024064 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibwin32pdh.pyd
2011-07-15 20:38 – 2011-07-15 20:38 – 000966144 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibwx._controls_.pyd
2011-07-15 20:37 – 2011-07-15 20:37 – 000981504 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibwx._core_.pyd
2011-07-15 20:38 – 2011-07-15 20:38 – 000746496 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibwx._gdi_.pyd
2011-07-15 20:38 – 2011-07-15 20:38 – 000674816 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibwx._misc_.pyd
2011-07-15 20:38 – 2011-07-15 20:38 – 000670720 _____ () [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibwx._windows_.pyd
2015-04-16 13:29 – 2015-04-16 13:29 – 020468224 _____ (FFmpeg Undertaking) [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibavcodec-56.dll
2015-04-16 13:29 – 2015-04-16 13:29 – 005897216 _____ (FFmpeg Undertaking) [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibavformat-56.dll
2015-04-16 13:29 – 2015-04-16 13:29 – 000481280 _____ (FFmpeg Undertaking) [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibavutil-54.dll
2015-04-16 13:29 – 2015-04-16 13:29 – 000279552 _____ (FFmpeg Undertaking) [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibswresample-1.dll
2016-10-10 17:55 – 2016-10-10 17:55 – 000058880 _____ (Free Software program Basis) [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13libintl.dll
2016-10-10 17:54 – 2016-10-10 17:54 – 000306688 _____ (hxxp://hunspell.sourceforge.internet/) [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13libhunspell.dll
2016-10-10 17:49 – 2016-10-10 17:49 – 000066192 _____ (LEAD Applied sciences, Inc -> LEAD Applied sciences, Inc.) [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13LFJbg15U.DLL
2016-10-10 17:49 – 2016-10-10 17:49 – 000126096 _____ (LEAD Applied sciences, Inc -> LEAD Applied sciences, Inc.) [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13LFPng15U.DLL
2016-10-10 17:49 – 2016-10-10 17:49 – 000212112 _____ (LEAD Applied sciences, Inc -> LEAD Applied sciences, Inc.) [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13Ltimgclr15u.dll
2016-10-10 17:49 – 2016-10-10 17:49 – 000208016 _____ (LEAD Applied sciences, Inc -> LEAD Applied sciences, Inc.) [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13Ltimgefx15u.dll
2016-10-10 17:49 – 2016-10-10 17:49 – 000134288 _____ (LEAD Applied sciences, Inc -> LEAD Applied sciences, Inc.) [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13Ltimgutl15u.dll
2016-10-10 17:49 – 2016-10-10 17:49 – 000122000 _____ (LEAD Applied sciences, Inc -> LEAD Applied sciences, Inc.) [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13Lttwn15u.dll
2008-04-15 10:00 – 2008-04-15 10:00 – 000640000 _____ (Microsoft Company) [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibdbghelp.dll
2018-10-22 12:25 – 2016-01-19 17:18 – 000489984 _____ (Newtonsoft) [File not signed] C:Program Recordsdata (x86)WondershareWAF2.1.6.0Newtonsoft.Json.dll
2011-06-12 14:09 – 2011-06-12 14:09 – 002206720 _____ (Python Software program Basis) [File not signed] C:UserspeterAppDataRoamingACEStreamenginePYTHON27.DLL
2011-06-12 14:09 – 2011-06-12 14:09 – 002206720 _____ (Python Software program Basis) [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterPYTHON27.DLL
2016-10-10 17:55 – 2016-10-10 17:55 – 000248832 _____ (Pink Hat Software program) [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13pango-1.0.dll
2016-10-10 17:55 – 2016-10-10 17:55 – 000449024 _____ (Pink Hat Software program) [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13pangocairo-1.0.dll
2016-10-10 17:55 – 2016-10-10 17:55 – 000468992 _____ (Pink Hat Software program) [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13pangoft2-1.0.dll
2016-10-10 17:55 – 2016-10-10 17:55 – 000055808 _____ (Pink Hat Software program) [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13pangowin32-1.0.dll
2016-10-10 17:55 – 2016-10-10 17:55 – 001093632 _____ (The GLib developer group) [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13glib-2.0.dll
2016-10-10 17:55 – 2016-10-10 17:55 – 000015872 _____ (The GLib developer group) [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13gmodule-2.0.dll
2016-10-10 17:55 – 2016-10-10 17:55 – 000232960 _____ (The GLib developer group) [File not signed] C:Program Recordsdata (x86)TechSmithSnagit 13gobject-2.0.dll
2012-01-19 18:19 – 2012-01-19 18:19 – 001099776 _____ (The OpenSSL Undertaking, hxxp://www.openssl.org/) [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibLIBEAY32.dll
2012-01-19 18:20 – 2012-01-19 18:20 – 000237568 _____ (The OpenSSL Undertaking, hxxp://www.openssl.org/) [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibSSLEAY32.dll
2012-01-19 18:19 – 2012-01-19 18:19 – 001099776 _____ (The OpenSSL Undertaking, hxxp://www.openssl.org/) [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibLIBEAY32.dll
2012-01-19 18:20 – 2012-01-19 18:20 – 000237568 _____ (The OpenSSL Undertaking, hxxp://www.openssl.org/) [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibSSLEAY32.dll
2018-11-07 00:12 – 2019-02-07 13:14 – 000035328 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-Malwareiconenginesqsvgicon.dll
2019-02-07 13:16 – 2019-02-07 13:14 – 000026112 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-Malwareimageformatsqico.dll
2019-02-07 13:16 – 2019-02-07 13:14 – 000020992 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-Malwareimageformatsqsvg.dll
2018-11-07 00:12 – 2019-02-07 13:14 – 001181184 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-Malwareplatformsqwindows.dll
2018-11-07 00:12 – 2019-02-07 13:14 – 005010944 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-MalwareQt5Core.dll
2018-11-07 00:12 – 2019-02-07 13:14 – 005139968 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-MalwareQt5Gui.dll
2018-11-07 00:12 – 2019-02-07 13:14 – 002234880 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-MalwareQt5Network.dll
2018-11-07 00:12 – 2019-02-07 13:14 – 002950144 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-MalwareQt5Qml.dll
2018-11-07 00:12 – 2019-02-07 13:14 – 003084800 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-MalwareQt5Quick.dll
2018-11-07 00:12 – 2019-02-07 13:14 – 000259584 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-MalwareQt5Svg.dll
2018-11-07 00:12 – 2019-02-07 13:14 – 004571648 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-MalwareQt5Widgets.dll
2018-11-07 00:12 – 2019-02-07 13:14 – 000438272 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-MalwareQt5WinExtras.dll
2019-02-07 13:16 – 2019-02-07 13:14 – 000014848 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-MalwareQtQmlModels.2modelsplugin.dll
2019-02-07 13:16 – 2019-02-07 13:14 – 000014848 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-MalwareQtQuick.2qtquick2plugin.dll
2019-02-07 13:16 – 2019-02-07 13:14 – 000729088 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-MalwareQtQuickControlsqtquickcontrolsplugin.dll
2019-02-07 13:16 – 2019-02-07 13:14 – 000179712 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-MalwareQtQuickDialogsdialogplugin.dll
2019-02-07 13:16 – 2019-02-07 13:14 – 000073216 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-MalwareQtQuickLayoutsqquicklayoutsplugin.dll
2019-02-07 13:16 – 2019-02-07 13:14 – 000101888 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-MalwareQtQuickPrivateWidgetswidgetsplugin.dll
2019-02-07 13:16 – 2019-02-07 13:14 – 000014848 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-MalwareQtQuickWindow.2windowplugin.dll
2018-11-07 00:12 – 2019-02-07 13:14 – 000124928 _____ (The Qt Firm Ltd.) [File not signed] C:Program FilesMalwarebytesAnti-Malwarestylesqwindowsvistastyle.dll
2018-10-22 12:25 – 2016-01-28 17:11 – 000072704 _____ (Wondershare) [File not signed] C:Program Recordsdata (x86)WondershareWAF2.1.6.0WsAppCollect.dll
2018-10-22 12:25 – 2016-01-28 17:11 – 000316416 _____ (Wondershare) [File not signed] C:Program Recordsdata (x86)WondershareWAF2.1.6.0WsAppCommon.dll
2011-07-15 20:33 – 2011-07-15 20:33 – 000122368 _____ (wxWidgets growth crew) [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibwxbase28uh_net_vc.dll
2011-07-15 20:33 – 2011-07-15 20:33 – 001300992 _____ (wxWidgets growth crew) [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibwxbase28uh_vc.dll
2011-07-15 20:34 – 2011-07-15 20:34 – 000730112 _____ (wxWidgets growth crew) [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibwxmsw28uh_adv_vc.dll
2011-07-15 20:34 – 2011-07-15 20:34 – 003165184 _____ (wxWidgets growth crew) [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibwxmsw28uh_core_vc.dll
2011-07-15 20:34 – 2011-07-15 20:34 – 000479744 _____ (wxWidgets growth crew) [File not signed] C:UserspeterAppDataRoamingACEStreamenginelibwxmsw28uh_html_vc.dll
2011-07-15 20:33 – 2011-07-15 20:33 – 000122368 _____ (wxWidgets growth crew) [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibwxbase28uh_net_vc.dll
2011-07-15 20:33 – 2011-07-15 20:33 – 001300992 _____ (wxWidgets growth crew) [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibwxbase28uh_vc.dll
2011-07-15 20:34 – 2011-07-15 20:34 – 000730112 _____ (wxWidgets growth crew) [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibwxmsw28uh_adv_vc.dll
2011-07-15 20:34 – 2011-07-15 20:34 – 003165184 _____ (wxWidgets growth crew) [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibwxmsw28uh_core_vc.dll
2011-07-15 20:34 – 2011-07-15 20:34 – 000479744 _____ (wxWidgets growth crew) [File not signed] C:UserspeterAppDataRoamingACEStreamupdaterlibwxmsw28uh_html_vc.dll

==================== Alternate Knowledge Streams (Whitelisted) ========

==================== Protected Mode (Whitelisted) ==================

(If an entry is included within the fixlist, will probably be faraway from the registry. The “AlternateShell” might be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMcMPFSvc => “”=”Service”

==================== Affiliation (Whitelisted) =================

==================== Web Explorer trusted/restricted ==========

(If an entry is included within the fixlist, will probably be faraway from the registry.)

IE trusted web site: HKU.DEFAULT…localhost -> localhost
IE trusted web site: HKU.DEFAULT…webcompanion.com -> hxxp://webcompanion.com
IE trusted web site: HKUS-1-5-21-3079031520-2956614243-2143490567-1001…localhost -> localhost
IE trusted web site: HKUS-1-5-21-3079031520-2956614243-2143490567-1001…webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content material: =========================

(If wanted Hosts: directive might be included within the fixlist to reset Hosts.)

2013-08-22 14:25 – 2019-01-13 15:24 – 000001145 _____ C:WINDOWSsystem32driversetchosts
104.251.211.173 clients2.google.com
104.251.211.173 clients2.google.com
104.251.211.173 clients2.google.com
104.251.211.173 clients2.google.com
104.251.211.173 clients2.google.com
104.251.211.173 clients2.google.com
104.251.211.173 clients2.google.com
127.0.0.1 license.piriform.com

==================== Different Areas ===========================

(At the moment there isn’t a automated repair for this part.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironmentPath -> C:Program Recordsdata (x86)IntelTXE ComponentsTCS;C:Program FilesIntelTXE ComponentsTCS;%SystemRootpercentsystem32;%SystemRoot%;%SystemRootpercentSystem32Wbem;%SYSTEMROOTpercentSystem32WindowsPowerShellv1.0
HKUS-1-5-21-3079031520-2956614243-2143490567-1001Control PanelDesktopWallpaper -> C:UserspeterDesktopRecovered#RootUserspetePicturesHerrickzumbeley__4_.jpg
HKUS-1-5-21-3079031520-2956614243-2143490567-1004Control PanelDesktopWallpaper -> C:WINDOWSwebwallpaperToshibastandard.jpg
HKUS-1-5-21-3079031520-2956614243-2143490567-500Control PanelDesktopWallpaper -> C:WindowswebwallpaperWindowsimg0.jpg
DNS Servers: 8.8.8.8
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: Off)
Home windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled objects ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included within the fixlist, will probably be faraway from the registry. The file is not going to be moved until listed individually.)

FirewallRules: [{F0385E95-D220-4E24-8B1D-E37548BCC207}] => (Permit) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Company -> Mozilla Company)
FirewallRules: [{B55EFAED-36FD-4EB3-9CF4-405ED3D55599}] => (Permit) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Company -> Mozilla Company)
FirewallRules: [{6099898B-CDEE-497D-ADD4-6067E36A1BEB}] => (Permit) C:UserspeterAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{A999DE6C-21C1-4A18-81D0-6AA337DB4A66}] => (Permit) C:UserspeterAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{AB469CC5-0353-42B6-9618-0F9E186099F9}] => (Permit) C:UserspeterAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{575F24A4-0D56-43C9-96DB-D7E41E16C1B7}] => (Permit) C:UserspeterAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{24159F82-6B0C-4FA8-A975-2E8C9682B0AE}] => (Permit) C:UserspeterAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F68FB673-9C85-4BA9-A691-A490E6C9D6A3}] => (Permit) C:UserspeterAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{9092C6A7-B383-4E4D-A387-0EFC79193AC6}C:program files (x86)mircmirc.exe] => (Permit) C:program recordsdata (x86)mircmirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.)
FirewallRules: [UDP Query User{0595A077-43B2-4349-8498-9B6B240FF225}C:program files (x86)mircmirc.exe] => (Permit) C:program recordsdata (x86)mircmirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.)
FirewallRules: [TCP Query User{8C965984-E522-41E7-901C-4D928C7E5F9D}C:program files (x86)mircmirc.exe] => (Permit) C:program recordsdata (x86)mircmirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.)
FirewallRules: [UDP Query User{5C89AA3D-6D5E-499B-9F4C-E518A550D749}C:program files (x86)mircmirc.exe] => (Permit) C:program recordsdata (x86)mircmirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.)
FirewallRules: [{A4B93846-9D86-48B0-8973-891E8599A32F}] => (Permit) LPort=8298
FirewallRules: [{2D5C890F-F0AF-44EE-A087-4AD2E2B62F8F}] => (Permit) C:Program Recordsdata (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software program Sarl -> Skype Applied sciences S.A.)
FirewallRules: [{0DBF653B-A4E5-402E-A541-1DE3FE715E92}] => (Permit) C:Program Recordsdata (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software program Sarl -> Skype Applied sciences S.A.)
FirewallRules: [{93E1AD02-4F40-4C3F-815C-E73A6759287A}] => (Permit) LPort=1688
FirewallRules: [{30E9BB5F-BB79-45DD-BA55-04317050B043}] => (Permit) C:Program Recordsdata (x86)NeroNero 2018Nero Burning ROMStartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{2F6F35A2-0BBD-4B3D-861D-282630191B7D}] => (Permit) C:Program Recordsdata (x86)NeroNero 2018Nero Burning ROMnero.exe (Nero AG -> Nero AG)
FirewallRules: [{67F321F9-26A9-45B0-BF55-0643A21560A6}] => (Permit) C:Program Recordsdata (x86)Widespread FilesAppleApple Software SupportAPSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F061D1E1-1621-472F-A814-D16DA2655E42}] => (Permit) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F357B8CF-CE16-423F-834F-55855BF46DD5}] => (Permit) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8E920817-E86C-4F32-8AF8-CEE58453BE99}] => (Permit) C:Program Recordsdata (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{22F14FDB-1B28-40EF-9403-7B439EE5CA37}] => (Permit) C:Program Recordsdata (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B5C78EB4-10E8-4D8D-82F9-5BA605FDF4D4}] => (Permit) C:WINDOWSsystem32rundll32.exe (Microsoft Home windows -> Microsoft Company)
FirewallRules: [TCP Query User{6ABD94C7-AE02-4A79-AF35-AD93F2BD8554}C:userspeterappdataroamingacestreamengineace_engine.exe] => (Permit) C:userspeterappdataroamingacestreamengineace_engine.exe (Revolutionary Digital Applied sciences -> )
FirewallRules: [UDP Query User{313A83C5-C12C-49DA-A1F6-714B7348BE61}C:userspeterappdataroamingacestreamengineace_engine.exe] => (Permit) C:userspeterappdataroamingacestreamengineace_engine.exe (Revolutionary Digital Applied sciences -> )
FirewallRules: [{D1B45A30-075A-4B5C-A688-17A3B073EFF7}] => (Permit) C:Program FilesMicrosoft OfficeOffice16lync.exe (Microsoft Company -> Microsoft Company)
FirewallRules: [{B21E1F56-BBD1-4F5E-9134-22AFB18F2A8C}] => (Permit) C:Program FilesMicrosoft OfficeOffice16lync.exe (Microsoft Company -> Microsoft Company)
FirewallRules: [{5698E24D-2CC5-482B-8906-7A15DA55393E}] => (Permit) C:Program FilesMicrosoft OfficeOffice16UcMapi.exe (Microsoft Company -> Microsoft Company)
FirewallRules: [{DE80FB28-7ED5-4AE6-95DA-1D65366EF2D5}] => (Permit) C:Program FilesMicrosoft OfficeOffice16UcMapi.exe (Microsoft Company -> Microsoft Company)
FirewallRules: [{40FFDBF6-C39F-4E97-AC9D-F68DB93FACF5}] => (Permit) C:Program Recordsdata (x86)Rosetta StoneRosetta Stone V3RosettaStoneVersion3.exe (Rosetta Stone, Ltd -> ) [File not signed]
FirewallRules: [{3FF1C942-FDDD-4320-BDC7-2455AD2592F9}] => (Permit) C:Program Recordsdata (x86)Rosetta StoneRosetta Stone V3RosettaStoneVersion3.exe (Rosetta Stone, Ltd -> ) [File not signed]
FirewallRules: [{8925C50C-7874-43A2-8EE3-D51920732E81}] => (Permit) C:Program Recordsdata (x86)Rosetta StoneRosetta Stone V3supportbinwinRosettaStoneLtdServices.exe (Rosetta Stone, Ltd -> )
FirewallRules: [TCP Query User{8D1F8BCC-80B6-41A0-ACA2-BE3FB021B374}C:userspeterappdataroamingacestreamengineace_engine.exe] => (Block) C:userspeterappdataroamingacestreamengineace_engine.exe (Revolutionary Digital Applied sciences -> )
FirewallRules: [UDP Query User{17EA2E4A-0F8A-4145-942F-09383AFF9151}C:userspeterappdataroamingacestreamengineace_engine.exe] => (Block) C:userspeterappdataroamingacestreamengineace_engine.exe (Revolutionary Digital Applied sciences -> )
FirewallRules: [{F776B1EE-72B5-4860-944E-DFABA5C8EEA3}] => (Permit) C:Program Recordsdata (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software program Sarl -> Skype Applied sciences S.A.)
FirewallRules: [{61D14381-65AA-4DAC-B3D5-5A87F817FEEB}] => (Permit) C:Program Recordsdata (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software program Sarl -> Skype Applied sciences S.A.)
FirewallRules: [{AD8509FC-D15D-4A46-B3EB-A207C9E19F0C}] => (Permit) C:Program FilesMicrosoft OfficeOffice16lync.exe (Microsoft Company -> Microsoft Company)
FirewallRules: [{9B645EBB-C30A-49B5-996A-B5A576A00D3D}] => (Permit) C:Program FilesMicrosoft OfficeOffice16lync.exe (Microsoft Company -> Microsoft Company)
FirewallRules: [{04B445D2-FD38-4C0E-9AD1-74C7FA7A2E7C}] => (Permit) C:Program FilesMicrosoft OfficeOffice16UcMapi.exe (Microsoft Company -> Microsoft Company)
FirewallRules: [{760961A5-920B-4CE0-A003-20E3C93338A3}] => (Permit) C:Program FilesMicrosoft OfficeOffice16UcMapi.exe (Microsoft Company -> Microsoft Company)
FirewallRules: [{838C3815-CD2C-436D-93FA-B8F8F570C219}] => (Permit) C:UserspeterAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{122E8D18-CCCC-4F08-868B-92C8ED5FD3B2}] => (Permit) C:UserspeterAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4A364BEC-6344-46B4-862D-D13CFBF225F1}] => (Permit) C:Program FilesCCleanerCCUpdate.exe (Piriform Software program Ltd -> Piriform Software program Ltd)
FirewallRules: [{02B92F11-CBEA-4446-88F5-EC6445DDEFC2}] => (Permit) C:Program FilesCCleanerCCUpdate.exe (Piriform Software program Ltd -> Piriform Software program Ltd)
FirewallRules: [{92B83ABA-CC7B-4A06-A643-B4028B5AC140}] => (Permit) C:Program Recordsdata (x86)TeamViewerTeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C772AF55-0ED1-4490-9273-069F8AB91DE9}] => (Permit) C:Program Recordsdata (x86)TeamViewerTeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{71392DB0-E560-471A-8C65-5B273C802373}] => (Permit) C:Program Recordsdata (x86)TeamViewerTeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C8013DE1-F5B5-4FA7-9174-BF039D4B5534}] => (Permit) C:Program Recordsdata (x86)TeamViewerTeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{6C4444A0-D7A8-4B4A-8360-D171A6084C99}C:program files (x86)getflvgetflv.exe] => (Permit) C:program recordsdata (x86)getflvgetflv.exe (GetFLV) [File not signed]
FirewallRules: [UDP Query User{5B39DA39-9533-42DC-AEF5-C45BF031A508}C:program files (x86)getflvgetflv.exe] => (Permit) C:program recordsdata (x86)getflvgetflv.exe (GetFLV) [File not signed]
FirewallRules: [{6E319248-F22A-4A55-BB54-F340528689C7}] => (Permit) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

==================== Restore Factors =========================

28-07-2020 20:20:01 Home windows Replace

==================== Defective System Supervisor Units ============

==================== Occasion log errors: ========================

Software errors:
==================
Error: (07/28/2020 08:21:30 PM) (Supply: Microsoft-Home windows-CAPI2) (EventID: 513) (Person: )
Description: Cryptographic Companies failed whereas processing the OnIdentity() name within the System Author Object.

Particulars:
AddLegacyDriverFiles: Unable to again up picture of binary aswHdsKe.

System Error:
The system can not discover the file specified.
.

Error: (07/27/2020 10:42:29 PM) (Supply: Bonjour Service) (EventID: 100) (Person: )
Description: Process Scheduling Error: m->NextScheduledSPRetry 13625

Error: (07/27/2020 10:42:29 PM) (Supply: Bonjour Service) (EventID: 100) (Person: )
Description: Process Scheduling Error: m->NextScheduledEvent 13625

Error: (07/27/2020 10:42:29 PM) (Supply: Bonjour Service) (EventID: 100) (Person: )
Description: Process Scheduling Error: Repeatedly busy for greater than a second

Error: (07/27/2020 10:40:07 PM) (Supply: Winlogon) (EventID: 4005) (Person: )
Description: The Home windows log-on course of has unexpectedly terminated.

Error: (07/27/2020 06:06:16 PM) (Supply: Bonjour Service) (EventID: 100) (Person: )
Description: Process Scheduling Error: m->NextScheduledSPRetry 170953

Error: (07/27/2020 06:06:16 PM) (Supply: Bonjour Service) (EventID: 100) (Person: )
Description: Process Scheduling Error: m->NextScheduledEvent 170953

Error: (07/27/2020 06:06:16 PM) (Supply: Bonjour Service) (EventID: 100) (Person: )
Description: Process Scheduling Error: Repeatedly busy for greater than a second

System errors:
=============
Error: (07/27/2020 10:41:59 PM) (Supply: Service Management Supervisor) (EventID: 7011) (Person: )
Description: A timeout (30000 milliseconds) was reached whereas ready for a transaction response from the avast! Antivirus service.

Error: (07/27/2020 10:41:59 PM) (Supply: Service Management Supervisor) (EventID: 7011) (Person: )
Description: A timeout (30000 milliseconds) was reached whereas ready for a transaction response from the gpsvc service.

Error: (07/27/2020 10:41:29 PM) (Supply: Service Management Supervisor) (EventID: 7011) (Person: )
Description: A timeout (30000 milliseconds) was reached whereas ready for a transaction response from the Appinfo service.

Error: (07/27/2020 04:47:18 AM) (Supply: Service Management Supervisor) (EventID: 7034) (Person: )
Description: The Adobe Real Software program Integrity Service service terminated unexpectedly. It has executed this 1 time(s).

Error: (07/26/2020 12:53:10 PM) (Supply: volsnap) (EventID: 14) (Person: )
Description: The shadow copies of quantity C: had been aborted due to an IO failure on quantity C:.

Error: (07/26/2020 10:56:21 AM) (Supply: Service Management Supervisor) (EventID: 7034) (Person: )
Description: The Malwarebytes Installer Service service terminated unexpectedly. It has executed this 1 time(s).

Error: (07/26/2020 10:41:55 AM) (Supply: Service Management Supervisor) (EventID: 7034) (Person: )
Description: The Malwarebytes Installer Service service terminated unexpectedly. It has executed this 1 time(s).

Error: (07/26/2020 10:30:30 AM) (Supply: Service Management Supervisor) (EventID: 7034) (Person: )
Description: The Malwarebytes Installer Service service terminated unexpectedly. It has executed this 1 time(s).

Home windows Defender:
===================================
Date: 2018-10-30 10:47:26.828
Description:
Home windows Defender scan has been stopped earlier than completion.
Scan ID: {8CF039CB-6F0B-46F9-85EE-46BC63FDB105}
Scan Kind: Antimalware
Scan Parameters: Fast Scan

Date: 2018-10-30 10:22:22.154
Description:
Home windows Defender scan has been stopped earlier than completion.
Scan ID: {E1F07771-D393-4F1B-BF4B-21A23F3E443A}
Scan Kind: Antimalware
Scan Parameters: Fast Scan

Date: 2018-10-27 18:29:13.002
Description:
Home windows Defender scan has been stopped earlier than completion.
Scan ID: {0C14B9C8-8A86-42F2-96C2-3CB844A3D754}
Scan Kind: Antimalware
Scan Parameters: Fast Scan

Date: 2018-10-27 13:36:25.353
Description:
Home windows Defender scan has been stopped earlier than completion.
Scan ID: {A8B895A7-CC13-404E-968A-BE2CAFFE3365}
Scan Kind: Antimalware
Scan Parameters: Fast Scan

Date: 2018-10-20 15:56:14.845
Description:
Home windows Defender scan has been stopped earlier than completion.
Scan ID: {6964B7DF-C50C-4FCA-B7FA-F62B6AF85B92}
Scan Kind: Antimalware
Scan Parameters: Fast Scan

Date: 2019-09-21 19:57:04.434
Description:
Home windows Defender has encountered an error attempting to replace the engine.
New Engine Model: 1.1.16300.1
Earlier Engine Model: 1.1.15400.4
Error Code: 0x80509004
Error description: An surprising downside occurred. Set up any out there updates, then attempt to begin this system once more. For info on putting in updates, see Assist and Help.

Date: 2019-09-13 23:57:05.138
Description:
Home windows Defender has encountered an error attempting to replace signatures.
New Signature Model:
Earlier Signature Model: 1.279.902.0
Replace Supply: Microsoft Malware Safety Heart
Signature Kind: AntiSpyware
Replace Kind: Full
Present Engine Model:
Earlier Engine Model: 1.1.15400.4
Error code: 0x80070652
Error description: One other set up is already in progress. Full that set up earlier than continuing with this one.

Date: 2019-09-13 23:57:05.138
Description:
Home windows Defender has encountered an error attempting to replace signatures.
New Signature Model:
Earlier Signature Model: 1.279.902.0
Replace Supply: Microsoft Malware Safety Heart
Signature Kind: AntiVirus
Replace Kind: Full
Present Engine Model:
Earlier Engine Model: 1.1.15400.4
Error code: 0x80070652
Error description: One other set up is already in progress. Full that set up earlier than continuing with this one.

Date: 2019-09-13 23:54:27.589
Description:
Home windows Defender has encountered an error attempting to replace signatures.
New Signature Model:
Earlier Signature Model:
Replace Supply: Person
Signature Kind:
Replace Kind:
Present Engine Model:
Earlier Engine Model:
Error code: 0x80070652
Error description: One other set up is already in progress. Full that set up earlier than continuing with this one.

Date: 2019-09-13 23:54:26.576
Description:
Home windows Defender has encountered an error attempting to replace signatures.
New Signature Model:
Earlier Signature Model:
Replace Supply: Person
Signature Kind:
Replace Kind:
Present Engine Model:
Earlier Engine Model:
Error code: 0x80070652
Error description: One other set up is already in progress. Full that set up earlier than continuing with this one.

CodeIntegrity:
===================================

Date: 2018-10-30 10:17:22.253
Description:
Code Integrity decided {that a} course of (DeviceHarddiskVolume4Program FilesWindows DefenderMsMpEng.exe) tried to load DeviceHarddiskVolume4Program Recordsdata (x86)Microsoft OfficerootVFSProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that didn’t meet the Customized 3 / Antimalware signing degree necessities.

Date: 2018-10-28 11:59:45.058
Description:
Code Integrity decided {that a} course of (DeviceHarddiskVolume4Program FilesWindows DefenderMsMpEng.exe) tried to load DeviceHarddiskVolume4Program Recordsdata (x86)Microsoft OfficerootVFSProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that didn’t meet the Customized 3 / Antimalware signing degree necessities.

Date: 2018-10-27 13:09:04.078
Description:
Code Integrity decided {that a} course of (DeviceHarddiskVolume4Program FilesWindows DefenderMsMpEng.exe) tried to load DeviceHarddiskVolume4Program Recordsdata (x86)Microsoft OfficerootVFSProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that didn’t meet the Customized 3 / Antimalware signing degree necessities.

Date: 2018-10-22 18:52:14.416
Description:
Code Integrity decided {that a} course of (DeviceHarddiskVolume4Program FilesWindows DefenderMsMpEng.exe) tried to load DeviceHarddiskVolume4Program Recordsdata (x86)Microsoft OfficerootVFSProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that didn’t meet the Customized 3 / Antimalware signing degree necessities.

Date: 2018-10-20 16:39:35.060
Description:
Code Integrity decided {that a} course of (DeviceHarddiskVolume4Program FilesWindows DefenderMsMpEng.exe) tried to load DeviceHarddiskVolume4Program Recordsdata (x86)Microsoft OfficerootVFSProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that didn’t meet the Customized 3 / Antimalware signing degree necessities.

Date: 2018-10-18 12:10:47.972
Description:
Code Integrity decided {that a} course of (DeviceHarddiskVolume4Program FilesWindows DefenderMsMpEng.exe) tried to load DeviceHarddiskVolume4Program Recordsdata (x86)Microsoft OfficerootVFSProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that didn’t meet the Customized 3 / Antimalware signing degree necessities.

Date: 2018-10-13 03:32:46.232
Description:
Code Integrity decided {that a} course of (DeviceHarddiskVolume4Program FilesWindows DefenderMsMpEng.exe) tried to load DeviceHarddiskVolume4Program Recordsdata (x86)Microsoft OfficerootVFSProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that didn’t meet the Customized 3 / Antimalware signing degree necessities.

Date: 2018-10-12 08:27:14.260
Description:
Code Integrity decided {that a} course of (DeviceHarddiskVolume4Program FilesWindows DefenderMsMpEng.exe) tried to load DeviceHarddiskVolume4Program Recordsdata (x86)Microsoft OfficerootVFSProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that didn’t meet the Customized 3 / Antimalware signing degree necessities.

==================== Reminiscence information ===========================

BIOS: TOSHIBA 5.10 08/10/2015
Motherboard: TOSHIBA ZBWAA
Processor: Intel® Celeron® CPU N2830 @ 2.16GHz
Proportion of reminiscence in use: 77%
Complete bodily RAM: 3981.93 MB
Obtainable bodily RAM: 896.89 MB
Complete Digital: 6472.36 MB
Obtainable Digital: 2123.99 MB

==================== Drives ================================

Drive c: (TI31338200A) (Mounted) (Complete:919.33 GB) (Free:303.89 GB) NTFS

?Quantity{e6eb4575-edc2-11e3-add5-201a067c1cba} (System) (Mounted) (Complete:1 GB) (Free:0.6 GB) NTFS
?Quantity{7547e08e-b0ac-4a60-a469-f57f57f94d65} () (Mounted) (Complete:0.77 GB) (Free:0.75 GB) NTFS
?Quantity{c0726d02-457e-11e4-a672-f8a963f6d4ce} (Restoration) (Mounted) (Complete:10.19 GB) (Free:0.93 GB) NTFS

==================== MBR & Partition Desk ====================

==========================================================
Disk: 0 (Protecting MBR) (Measurement: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Finish of Addition.txt =======================