Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01 Ran by SRINIVAS (24-05-2020 11:28:42) Running from C:\Users\SRINIVAS\Desktop Windows 8.1 Connected Single Language (Update) (X64) (2015-08-07 14:57:57) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-694628291-767070351-3124995916-500 - Administrator - Disabled) Guest (S-1-5-21-694628291-767070351-3124995916-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-694628291-767070351-3124995916-1003 - Limited - Enabled) SRINIVAS (S-1-5-21-694628291-767070351-3124995916-1001 - Administrator - Enabled) => C:\Users\SRINIVAS ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Quick Heal Total Security (Enabled - Up to date) {D2F706C8-BC4C-660E-C57B-2E8CE1D9CF6C} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Quick Heal Total Security (Enabled - Up to date) {6996E72C-9A76-6980-FFCB-15FE9A5E85D1} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Quick Heal Firewall (Enabled) {EACC87ED-F623-6756-EE24-87B91F0A8817} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Andy OS (HKLM\...\Andy OS) (Version: 0.45.0.0 - Andy OS, Inc) AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 5.5.3 - philandro Software GmbH) AudioRelay version 0.8.1 (HKLM-x32\...\{86705A3A-8AAB-4C7C-B311-A0426548373F}_is1) (Version: 0.8.1 - azEfsw) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Dealz (HKLM-x32\...\Dealz1.0.1.17) (Version: 1.0.1.17 - Dealz Unlimited) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.) Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.) Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.4.0 - Dell Inc.) Hidden Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP) Dell Foundation Services (HKLM\...\{C1C53DA1-9497-4ABB-A3D6-A63039820B37}) (Version: 3.3.7200.0 - Dell Inc.) Dell Help & Support (HKLM\...\{77C8127D-65EA-4E03-8C1B-C77714E1B291}) (Version: 2.2.26.0 - Dell Inc.) Hidden Dell Help & Support (HKLM-x32\...\InstallShield_{77C8127D-65EA-4E03-8C1B-C77714E1B291}) (Version: 2.2.26.0 - Dell Inc.) Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6745.47 - Dell) Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell) Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.10.0.2208 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation) Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation) Opera Stable 36.0.2130.65 (HKLM-x32\...\Opera 36.0.2130.65) (Version: 36.0.2130.65 - Opera Software) ProductivityBoss Internet Explorer Toolbar (HKLM-x32\...\ProductivityBoss_e5bar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications) Quick Heal Total Security (HKLM\...\{75DEED91-7B14-49DC-A5F3-B60E633AC4A5}) (Version: 18.00 - Quick Heal) Hidden Quick Heal Total Security (HKLM\...\Quick Heal Total Security) (Version: 18.00 - Quick Heal Technologies Ltd.) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.4.05 - Dell Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 1.1.9200.8903 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7304 - Realtek Semiconductor Corp.) Resolver version 2.2 (HKLM-x32\...\{FEE1B498-C441-40CA-820C-CD275BAA204B}_is1) (Version: 2.2 - ACT) SoundWire Server version 2.5 (HKLM-x32\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 2.5 - GeorgieLabs) TeamViewer 5 (HKLM-x32\...\TeamViewer 5) (Version: 5.1.17330 - TeamViewer GmbH) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Zoom (HKU\S-1-5-21-694628291-767070351-3124995916-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.) Packages: ========= eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2015-08-30] (eBay, Inc) Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-21] (Microsoft Corporation) [MS Ad] MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-29] (Microsoft Corporation) [MS Ad] MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-29] (Microsoft Corporation) [MS Ad] MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-30] (Microsoft Corporation) [MS Ad] MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-30] (Microsoft Corporation) [MS Ad] MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-30] (Microsoft Corporation) [MS Ad] MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-09-02] (Microsoft Corporation) [MS Ad] MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-25] (Microsoft Corporation) [MS Ad] Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-08-29] (Microsoft Corporation) [MS Ad] Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-08-30] (Skype) [MS Ad] Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-08] (Microsoft Corporation) [MS Ad] ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2014-06-05] (SoftThinks -> ) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2014-06-05] (SoftThinks -> ) ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] ContextMenuHandlers1: [DeleteSecurely] -> {13C39C87-76A0-4CD6-A2E8-2984C6B84160} => C:\Program Files\Quick Heal\Quick Heal Total Security\PCTuner\sdshell.dll [2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\PROGRA~1\mcafee\msc\MCCTXM~1.DLL -> No File ContextMenuHandlers1: [QHFLVLT] -> {5BB5EA17-7B93-426A-99E5-358CF6CDDED1} => C:\Program Files\Quick Heal\Quick Heal Total Security\flvltext.dll [2018-12-11] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) ContextMenuHandlers1: [RCScan] -> {362A3A82-5EF4-422F-817F-A17EBA53E67C} => C:\Program Files\Quick Heal\Quick Heal Total Security\RCSCAN.DLL [2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] ContextMenuHandlers4: [DeleteSecurely] -> {13C39C87-76A0-4CD6-A2E8-2984C6B84160} => C:\Program Files\Quick Heal\Quick Heal Total Security\PCTuner\sdshell.dll [2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2014-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [DeleteSecurely] -> {13C39C87-76A0-4CD6-A2E8-2984C6B84160} => C:\Program Files\Quick Heal\Quick Heal Total Security\PCTuner\sdshell.dll [2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\PROGRA~1\mcafee\msc\MCCTXM~1.DLL -> No File ContextMenuHandlers6: [QHFLVLT] -> {5BB5EA17-7B93-426A-99E5-358CF6CDDED1} => C:\Program Files\Quick Heal\Quick Heal Total Security\flvltext.dll [2018-12-11] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) ContextMenuHandlers6: [RCScan] -> {362A3A82-5EF4-422F-817F-A17EBA53E67C} => C:\Program Files\Quick Heal\Quick Heal Total Security\RCSCAN.DLL [2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2014-02-26 11:20 - 2014-02-26 11:20 - 000107648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll 2014-02-26 11:20 - 2014-02-26 11:20 - 000033408 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\CommApi.dll 2014-02-26 11:21 - 2014-02-26 11:21 - 000203392 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\FolderViewImpl.dll 2014-02-26 11:21 - 2014-02-26 11:21 - 000034432 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ipc.dll 2014-02-26 11:21 - 2014-02-26 11:21 - 001067648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\OutLookLib.dll 2014-02-26 11:21 - 2014-02-26 11:21 - 000291456 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll 2014-02-26 11:21 - 2014-02-26 11:21 - 000027264 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\TCPConnection.dll 2014-02-26 11:21 - 2014-02-26 11:21 - 000115328 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\utils.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\SRINIVAS\Downloads\051030813071915903_1563028945394.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\07.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\07_Key (1).pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\07_Key.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\2020-05-09XXHoliday Revision Work for class 9XXClass IX.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\7th_UCO.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\7_Solution.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\class 10 holiday homework pdf.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\email id and mobile modification.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\Grade5-30859-2-4576.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\nstse-answer-key-class-7.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\NSTSE-Class-7-Solutions-2015.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\NSTSE_7 (1).pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\NSTSE_7.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\SocialScience6To8.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Documents\email id and mobile modification.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Documents\HTML_GUIDE.pdf:SandBoxSafeFile [0] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="3" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 18:55 - 2020-05-24 11:20 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ HKU\S-1-5-21-694628291-767070351-3124995916-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\SRINIVAS\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{A670F7FC-F0E3-48E1-B34F-0BA85814BD88}] => (Allow) C:\Users\SRINIVAS\AppData\Roaming\Andy_45_Online\Setup.exe (Andy OS, inc. -> Andy OS, Inc) FirewallRules: [{CEC63A89-672A-45B6-B718-082F054594B1}] => (Allow) C:\Users\SRINIVAS\AppData\Roaming\Andy_45_Online\Setup.exe (Andy OS, inc. -> Andy OS, Inc) FirewallRules: [{BE123F12-FE01-4384-8950-EBAF0A55DED7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{C5E5D3BB-A7CF-4A2C-8BA5-1686BC304ABC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{D25F857A-B3A2-4A6D-97C5-4BA5EF794CCD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{CEA234C9-E357-4BA3-9A5D-89C5E9E4D682}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{EF6AAB54-D707-4FE1-B486-6747D01E1647}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File FirewallRules: [{9F63C3C1-96A1-4E67-B2FC-523873D98A49}] => (Allow) C:\Users\SRINIVAS\AppData\Roaming\Andy_45_Online\Setup.exe (Andy OS, inc. -> Andy OS, Inc) FirewallRules: [{ED28C863-2902-4055-B2F1-D5C6C3EBB0DF}] => (Allow) C:\Users\SRINIVAS\AppData\Roaming\Andy_45_Online\Setup.exe (Andy OS, inc. -> Andy OS, Inc) FirewallRules: [{0FA73B12-D8E3-4B8D-8964-90EC06F585A6}] => (Allow) C:\Program Files\Andy\Andy.exe (Andy OS Inc -> Andy OS, inc) FirewallRules: [{51357586-3C67-4D25-A8D1-04AD248B6B3F}] => (Allow) C:\Program Files\Andy\Andy.exe (Andy OS Inc -> Andy OS, inc) FirewallRules: [{85693BFD-94CA-447E-BF63-01AAAA52D0B9}] => (Allow) C:\Program Files\Andy\HandyAndy.exe => No File FirewallRules: [{608E8BEB-CDBD-47FE-B2C6-C82018E3D5F9}] => (Allow) C:\Program Files\Andy\HandyAndy.exe => No File FirewallRules: [{E23FBC9C-3753-4F63-B273-D8173C348228}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1C54A0CC-1696-49FA-9118-363527C74F8F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{47D24B65-D444-4E89-A6BE-76FC41DA9A46}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{D4FE214A-9F46-4589-A092-9323E4135CBC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{4D055FE6-A6A5-4227-905F-6FF94CB2BFD6}] => (Allow) C:\Users\SRINIVAS\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{ADEA43D7-B64B-490C-80F2-0ED751735071}] => (Allow) C:\Users\SRINIVAS\AppData\Roaming\Zoom\bin\airhost.exe => No File FirewallRules: [{ACD3E3EA-F537-400E-80A4-5742BADF0FC8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{BD924111-B373-42E3-85F0-92C0B7D0C804}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{8A2107E2-4376-4BD8-B558-83BEC1A79CF5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{08B3F578-AA4F-4864-91CF-C3BF66DCBBBF}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{2DD0DE02-7CC9-4648-B324-DE91309DA022}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{0911BF4B-E500-46E9-9E0B-279471E42BD8}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{686B9B97-4CDC-40E0-B7D0-BEF66B314BFB}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) ==================== Restore Points ========================= 11-05-2020 16:51:36 Quick Heal AntiMalware Restore Point 15-05-2020 15:20:38 Windows Update 15-05-2020 16:47:47 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 18-05-2020 17:06:51 Windows Update ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (05/24/2020 10:57:11 AM) (Source: PerfNet) (EventID: 2005) (User: ) Description: Unable to read performance data for the Server service. The first four bytes (DWORD) of the Data section contains the status code, the second four bytes contains the IOSB.Status and the next four bytes contains the IOSB.Information. Error: (05/24/2020 10:57:09 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (05/24/2020 10:53:59 AM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfPolicyCriticalService ServiceMain: ServiceStart() failed. Error: (05/24/2020 10:53:59 AM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfPolicyCriticalService ServiceStart: ConnectToDptfFrameworkDriver() failed. Error: (05/24/2020 10:53:59 AM) (Source: DptfEvent) (EventID: 2) (User: ) Description: DptfPolicyCriticalService ConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed. Last error = [0x00000103] Error: (05/24/2020 10:53:59 AM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfProcessorParticipantService ServiceMain: ServiceStart() failed. Error: (05/24/2020 10:53:59 AM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfProcessorParticipantService ServiceStart: ConnectToDptfProcessorDriver() failed. Error: (05/24/2020 10:53:59 AM) (Source: DptfEvent) (EventID: 2) (User: ) Description: DptfProcessorParticipantService ConnectToDptfProcessorDriver: SetupDiEnumDeviceInterfaces() failed. Last error = [0x00000103] System errors: ============= Error: (05/24/2020 11:16:51 AM) (Source: WMPNetworkSvc) (EventID: 14348) (User: ) Description: A new media server was not initialized due to error '0x80070057'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, in Windows Media Player, turn off media sharing, and then turn it back on. Error: (05/24/2020 11:16:51 AM) (Source: WMPNetworkSvc) (EventID: 14323) (User: ) Description: Service 'WMPNetworkSvc' did not start correctly because MFCreateWMPMDEOpCenter encountered error '0xc00d3e85'. If possible, reinstall Windows Media Player. Error: (05/24/2020 11:16:51 AM) (Source: WMPNetworkSvc) (EventID: 14356) (User: ) Description: A media delivery engine with ID '0x80070057' was not initialized because RegisterDelegate() encountered error ''. Restart your computer, and then restart the WMPNetworkSvc service. Error: (05/24/2020 11:16:51 AM) (Source: WMPNetworkSvc) (EventID: 14323) (User: ) Description: Service 'WMPNetworkSvc' did not start correctly because MFCreateWMPMDEOpCenter encountered error '0xc00d3e85'. If possible, reinstall Windows Media Player. Error: (05/24/2020 11:16:51 AM) (Source: WMPNetworkSvc) (EventID: 14323) (User: ) Description: Service 'WMPNetworkSvc' did not start correctly because MFCreateWMPMDEOpCenter encountered error '0xc00d3e85'. If possible, reinstall Windows Media Player. Error: (05/24/2020 11:13:27 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Software Protection service hung on starting. Error: (05/24/2020 11:10:53 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The SoftThinks Agent Service service hung on starting. Error: (05/24/2020 11:08:46 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The McAfee Anti-Spam Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start. CodeIntegrity: =================================== Date: 2020-05-24 11:03:22.932 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-23 15:13:52.308 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-23 14:53:45.320 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-23 11:50:06.254 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-19 13:35:06.148 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-18 16:45:17.334 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-17 14:15:31.201 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-16 13:34:25.759 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== BIOS: Dell Inc. A09 03/24/2015 Motherboard: Dell Inc. 0F2A90 Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz Percentage of memory in use: 94% Total physical RAM: 1929.82 MB Available physical RAM: 97.92 MB Total Virtual: 3707.12 MB Available Virtual: 1569.77 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:229.67 GB) (Free:167.81 GB) NTFS Drive d: (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32 Drive e: (New Volume) (Fixed) (Total:114.04 GB) (Free:113.34 GB) NTFS Drive f: (New Volume) (Fixed) (Total:113.54 GB) (Free:113.42 GB) NTFS Drive x: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.44 GB) NTFS Drive y: (PBR Image) (Fixed) (Total:7.13 GB) (Free:0.73 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt =======================