Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020 Ran by Computer2020 (29-03-2020 21:36:55) Running from C:\Users\Computer2020\Downloads Windows 10 Home Version 1909 18363.720 (X64) (2020-03-28 11:04:11) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2612340677-4158134037-3102416192-500 - Administrator - Disabled) Computer2020 (S-1-5-21-2612340677-4158134037-3102416192-1001 - Administrator - Enabled) => C:\Users\Computer2020 DefaultAccount (S-1-5-21-2612340677-4158134037-3102416192-503 - Limited - Disabled) Guest (S-1-5-21-2612340677-4158134037-3102416192-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2612340677-4158134037-3102416192-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12} FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software) Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 80.0.3621.133 - AVAST Software) Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.6.605.0 - AVAST Software) Hidden Microsoft OneDrive (HKU\S-1-5-21-2612340677-4158134037-3102416192-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation) NordVPN (HKLM-x32\...\{83E5941F-5F93-4097-81F5-79FA38FFB875}) (Version: 6.27.11 - NordVPN) Hidden NordVPN (HKLM-x32\...\NordVPN 6.27.11) (Version: 6.27.11 - NordVPN) NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN) Poker Mavens 6.15 (Pro) (HKLM-x32\...\Poker Mavens_is1) (Version: - ) Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform) Streamlabs OBS 0.20.2 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.20.2 - General Workings, Inc.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation) Packages: ========= Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.33.4.0_x86__kgqvnymyfvs32 [2020-03-27] (king.com) Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1730.2.0_x86__kgqvnymyfvs32 [2020-03-27] (king.com) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad] Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Studios) [MS Ad] MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0 [2020-03-27] (Spotify AB) [Startup Task] Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-27] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-27] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-27] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-27] (Avast Software s.r.o. -> AVAST Software) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2020-03-29 15:58 - 2020-02-17 06:15 - 000511383 _____ () [File not signed] C:\Program Files (x86)\Briggs Softworks\Poker Mavens 6\sqlite3.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-09-15 03:31 - 2018-09-15 03:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2612340677-4158134037-3102416192-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 103.86.99.99 - 103.86.96.96 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{0BD5D7BA-F4BD-4E52-AF6C-E683A098ABDB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4A58D45D-C257-44A0-A18A-3A485CE6F84A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C61155D7-4174-46EA-A726-944198DD060D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C38A2DE2-B95B-47C6-BF46-55EE09F760D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BFDE5867-F62E-4786-A2F9-09942AFBCBC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7FB3440B-AAEF-4A22-8472-D36589004939}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{EB61693A-AEF2-435B-A35A-168C240A2A80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{19F9D3EF-B54C-42E1-9821-702EE52BA556}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{EF04A4EB-5640-40F5-9702-DAEC0B9A6BC8}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software) ==================== Restore Points ========================= 28-03-2020 08:20:10 Installed FlopzillaPro ==================== Faulty Device Manager Devices ============ Name: PCI Serial Port Description: PCI Serial Port Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Base System Device Description: Base System Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ======================== Application errors: ================== Error: (03/29/2020 03:54:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.18362.1, time stamp: 0xceb8cbe1 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000409 Fault offset: 0x0000000000000204 Faulting process id: 0xba8 Faulting application start time: 0x01d60603c8e8020d Faulting application path: C:\Windows\System32\MicrosoftEdgeCP.exe Faulting module path: unknown Report Id: e1b1b749-2d81-48ee-add0-f8b978087d22 Faulting package full name: Microsoft.MicrosoftEdge_44.18362.449.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge Error: (03/29/2020 03:48:13 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (03/29/2020 03:48:13 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (03/29/2020 03:41:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.18362.1, time stamp: 0xceb8cbe1 Faulting module name: edgehtml.dll, version: 11.0.18362.693, time stamp: 0x8fd35bbf Exception code: 0xc0000602 Fault offset: 0x00000000004304d0 Faulting process id: 0x2dbc Faulting application start time: 0x01d6056c1a098d39 Faulting application path: C:\Windows\System32\MicrosoftEdgeCP.exe Faulting module path: C:\WINDOWS\SYSTEM32\edgehtml.dll Report Id: e3722334-a571-44eb-9d85-f1dd0b00e4b5 Faulting package full name: Microsoft.MicrosoftEdge_44.18362.449.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge System errors: ============= Error: (03/29/2020 01:51:07 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (03/29/2020 10:50:56 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (03/29/2020 07:50:50 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 CodeIntegrity: =================================== Date: 2020-03-29 21:22:57.470 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-03-29 21:19:55.685 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-03-29 21:19:36.693 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-03-29 21:18:53.511 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-03-29 21:08:57.538 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-03-29 16:10:17.230 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-03-29 16:09:45.948 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-03-29 16:09:24.883 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: LENOVO 8AET56WW (1.36 ) 12/06/2011 Motherboard: LENOVO 42424WU Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz Percentage of memory in use: 75% Total physical RAM: 8075.24 MB Available physical RAM: 1946.44 MB Total Virtual: 9995.24 MB Available Virtual: 2995.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:296.89 GB) (Free:265.3 GB) NTFS \\?\Volume{499e203f-2fd9-4aeb-8575-d6fe0949e717}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS \\?\Volume{a2e5a13a-9cc3-41f4-8068-9c426c5cc576}\ () (Fixed) (Total:0.6 GB) (Free:0.08 GB) NTFS \\?\Volume{79899fb9-0925-45d5-99d1-eacbed5dab6b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: 103F8D7F) Partition: GPT. ==================== End of Addition.txt =======================