DISM ran with no errors or reports. Looks like it's all clear for it. Rebooted. Reran scan. Files are below. Moving onto task scheduler.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2022
Ran by MIKE CATHY (administrator) on LAPTOP-BPIIB8FF (LENOVO 80TV) (21-08-2022 19:46:12)
Running from C:\Users\MIKE CATHY\Desktop
Loaded Profiles: MIKE CATHY
Platform: Microsoft Windows 10 Home Version 21H2 19044.1889 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(BatteryWidgetAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsHeartbeatAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(GenericTelemetryAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoSecurityAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoSystemUpdateAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(SmartInteractAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(SmartPrivacyAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\setup\instup.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Users\MIKE CATHY\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\MIKE CATHY\AppData\Local\Temp\TeamViewer\TeamViewer_Desktop.exe
(C:\Users\MIKE CATHY\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\MIKE CATHY\AppData\Local\Temp\TeamViewer\tv_w32.exe
(C:\Users\MIKE CATHY\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\MIKE CATHY\AppData\Local\Temp\TeamViewer\tv_x64.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <4>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Conexant Systems, Inc. -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(explorer.exe ->) () [File not signed] C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(services.exe ->) () [File not signed] C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
(svchost.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\MIKE CATHY\AppData\Local\Temp\TeamViewer\TeamViewer.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [809472 2016-05-16] () [File not signed]
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830232 2016-03-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [602968 2015-12-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [250664 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\...\Run: [MicrosoftEdgeAutoLaunch_7B46DF534001DA0DC0FF30BF8F71993C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827128 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MX920 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBL.DLL [30208 2012-09-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
Startup: C:\Users\MIKE CATHY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Canon IJ Status Monitor Canon MX920 series Printer WS.lnk [2022-08-12]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {12F685D0-3589-4905-97BE-2E1018974EC6} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4965672 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {17EA4F2C-D6C7-4BE4-A520-EBE117D9F91D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {18FFB6C8-E7B3-4EE8-B0FF-99CE7E9985D7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\28e6e7a3-b735-4617-8912-d295d3eabc16 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {25580CAB-CA42-4084-A809-0086A61B0EE6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {322FBE35-4183-4AAB-BD84-3329718B1AD2} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [192000 2022-08-20] (Microsoft Windows -> Microsoft Corporation)
Task: {330C25D8-5F91-48AD-B249-73E40D4FFC2E} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [147864 2022-05-12] (Lenovo -> Lenovo Group Ltd.)
Task: {44244B5A-C2D3-45A4-9B99-2AAACEFF2361} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {47CF87BC-7D80-42CD-A648-E1EBDA7DD450} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f2b2d6fe-d1c5-45a1-b339-c6eff8807f87 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {48C93C30-0F96-4E4F-BFE7-2EAF6B3F8A55} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {4C797DC6-CC26-4F86-87B5-A6843E3636DA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8814c0c9-6b55-4d9a-b3c5-3a8208799964 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {5A7D040D-34DB-408A-A9B0-F1513BD59040} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [192000 2022-08-20] (Microsoft Windows -> Microsoft Corporation)
Task: {6823AA50-2B74-4A6F-8CCC-A4E6D8C94072} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {722B2178-4CEE-4031-AE4F-B68965D0F371} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {964D0040-67AD-4E58-AAE2-26C5ED055B60} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\512cb154-b79e-4feb-be57-3b042e08c3d1 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {9882DD45-532F-4E95-97D5-5226E2508815} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {9BB5E5D9-AB4E-450F-B307-FB150BD0E1AD} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2287472 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {AD374E3F-D197-4348-A328-F17922BD0AD8} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {B23C98A1-DB0E-43C9-9F19-0CA6BE6FAF96} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\46117c33-8f9f-4194-bfe4-abd5eab29c6f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {DE5B2EF5-A28F-470B-8651-18120AEF983D} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {F78750E6-6039-4269-A235-DB394B616584} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.132.1
Tcpip\..\Interfaces\{f4ca6036-760d-4fbd-a108-907e8e1f8833}: [DhcpNameServer] 192.168.132.1
Tcpip\..\Interfaces\{f84a3c4a-2052-438d-85ee-d7f4231dced6}: [DhcpNameServer] 96.7.136.14 96.7.137.14
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (AdBlock — best ad blocker) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.13.0.0_neutral__c1wakc4j0nefm [2022-08-20]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\MIKE CATHY\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-21]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc]
CHR HKLM-x32\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [625960 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [625448 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8543840 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [146944 2016-05-16] () [File not signed]
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.5-0\NisSrv.exe [3125128 2022-08-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.5-0\MsMpEng.exe [133560 2022-08-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [42000 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [235736 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [389208 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [258128 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [105560 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [24528 2022-08-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [48144 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [275176 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [554080 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [114112 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [89176 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [860024 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [670904 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [221656 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [324984 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [27744 2021-03-09] (Daniel Terhell -> Resplendence Software Projects Sp.)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-10-10] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-08-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [453904 2022-08-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94456 2022-08-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-08-21 19:46 - 2022-08-21 19:51 - 000022682 _____ C:\Users\MIKE CATHY\Desktop\FRST.txt
2022-08-20 19:33 - 2022-08-20 16:18 - 000000000 ____D C:\Windows.old
2022-08-20 16:25 - 2022-08-20 16:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-08-20 16:23 - 2022-08-20 16:23 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-08-20 16:18 - 2022-08-20 16:18 - 000000020 ___SH C:\Users\MIKE CATHY\ntuser.ini
2022-08-20 16:16 - 2022-08-21 19:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-20 16:16 - 2022-08-20 16:18 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-20 16:16 - 2022-08-20 16:18 - 000003320 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{389C27D4-7454-4BEF-AA7F-32F22C076C60}
2022-08-20 16:16 - 2022-08-20 16:18 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3710523834-1862825545-2785641031-1001
2022-08-20 16:16 - 2022-08-20 16:18 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3710523834-1862825545-2785641031-500
2022-08-20 16:16 - 2022-08-20 16:17 - 000003446 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2022-08-20 16:16 - 2022-08-20 16:17 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-20 16:16 - 2022-08-20 16:17 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3710523834-1862825545-2785641031-1001
2022-08-20 16:16 - 2022-08-20 16:16 - 000003250 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2022-08-20 16:16 - 2022-08-20 16:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-08-20 16:16 - 2022-08-20 16:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2022-08-20 16:16 - 2020-11-19 03:38 - 000003394 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3538912014-3826891016-3662973680-500
2022-08-20 16:13 - 2022-08-20 16:16 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2022-08-20 16:13 - 2022-08-20 16:16 - 000007623 _____ C:\WINDOWS\diagerr.xml
2022-08-20 15:54 - 2022-08-21 19:46 - 000840808 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-20 15:42 - 2022-08-20 15:42 - 000000000 ____D C:\Program Files\Realtek
2022-08-20 15:40 - 2018-05-07 03:15 - 000144808 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2022-08-20 15:40 - 2018-05-07 03:15 - 000119720 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2022-08-20 15:35 - 2022-08-21 19:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-20 15:35 - 2022-08-20 15:35 - 000437736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-20 15:03 - 2022-08-20 19:33 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-08-20 15:01 - 2022-08-20 16:18 - 000000000 ____D C:\Users\MIKE CATHY
2022-08-20 15:01 - 2019-12-07 05:10 - 000001105 _____ C:\Users\MIKE CATHY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-20 14:59 - 2022-08-20 15:03 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-08-20 13:57 - 2022-08-20 13:57 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-08-20 13:42 - 2022-08-20 13:42 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-20 13:42 - 2022-08-20 13:42 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-20 13:42 - 2022-08-20 13:42 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-08-20 13:42 - 2022-08-20 13:42 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-08-20 13:42 - 2022-08-20 13:42 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-08-20 13:42 - 2022-08-20 13:42 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-08-20 13:42 - 2022-08-20 13:42 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-08-20 13:41 - 2022-08-20 13:41 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-08-20 13:41 - 2022-08-20 13:41 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-08-20 13:41 - 2022-08-20 13:41 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-08-20 13:41 - 2022-08-20 13:41 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-08-20 13:41 - 2022-08-20 13:41 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-08-20 13:41 - 2022-08-20 13:41 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-08-20 13:40 - 2022-08-20 13:40 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-08-20 13:40 - 2022-08-20 13:40 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-08-20 13:40 - 2022-08-20 13:40 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-20 13:38 - 2022-08-20 13:38 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-08-20 13:38 - 2022-08-20 13:38 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-08-20 13:37 - 2022-08-20 13:37 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-08-20 13:36 - 2022-08-20 13:36 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-08-20 13:36 - 2022-08-20 13:36 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-08-20 13:35 - 2022-08-20 13:35 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-08-20 13:34 - 2022-08-20 13:34 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-08-20 13:34 - 2022-08-20 13:34 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-08-20 13:33 - 2022-08-20 13:33 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-08-20 13:33 - 2022-08-20 13:33 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-08-20 13:33 - 2022-08-20 13:33 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-08-20 13:33 - 2022-08-20 13:33 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-08-20 13:32 - 2022-08-20 13:32 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-08-20 13:32 - 2022-08-20 13:32 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-08-20 13:32 - 2022-08-20 13:32 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-20 13:32 - 2022-08-20 13:32 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-20 13:32 - 2022-08-20 13:32 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-20 13:31 - 2022-08-20 13:31 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-08-20 11:58 - 2019-10-15 13:53 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2022-08-20 11:58 - 2019-04-18 18:49 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2022-08-20 11:50 - 2022-08-20 11:50 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-08-20 11:50 - 2022-08-20 11:50 - 000000000 ____D C:\Program Files\MSBuild
2022-08-20 11:50 - 2022-08-20 11:50 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-08-20 11:50 - 2022-08-20 11:50 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-08-20 11:36 - 2022-08-20 11:36 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-08-20 10:08 - 2022-08-20 16:19 - 000000000 ___DC C:\WINDOWS\Panther
2022-08-20 09:53 - 2022-08-20 10:07 - 000000000 ____D C:\ESD
2022-08-20 09:46 - 2022-08-20 10:02 - 000000000 ____D C:\ISO
2022-08-20 09:46 - 2022-08-20 09:46 - 000000000 ___HD C:\$Windows.~WS
2022-08-17 18:58 - 2022-08-17 18:58 - 000000862 _____ C:\Users\MIKE CATHY\Desktop\LatencyMon.lnk
2022-08-17 18:58 - 2022-08-17 18:58 - 000000000 ____D C:\Program Files\LatencyMon
2022-08-17 18:58 - 2021-03-09 15:07 - 000027744 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys
2022-08-17 18:50 - 2022-08-17 18:50 - 000000844 _____ C:\Users\Public\Desktop\Speccy.lnk
2022-08-17 18:50 - 2022-08-17 18:50 - 000000000 ____D C:\Program Files\Speccy
2022-08-17 18:45 - 2022-08-17 18:45 - 000014987 _____ C:\junk.txt
2022-08-17 18:36 - 2022-08-17 18:36 - 000036208 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2022-08-17 18:35 - 2022-08-17 18:35 - 002839416 _____ (Sysinternals - www.sysinternals.com) C:\Users\MIKE CATHY\Desktop\procexp.exe
2022-08-17 06:17 - 2022-08-17 06:23 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Local\TeamViewer
2022-08-17 06:17 - 2022-08-17 06:17 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Roaming\TeamViewer
2022-08-17 06:14 - 2022-08-17 06:15 - 025017176 _____ (TeamViewer) C:\Users\MIKE CATHY\Desktop\TeamViewerQS.exe
2022-08-16 20:30 - 2022-08-20 19:33 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-08-16 17:52 - 2022-08-16 17:52 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Roaming\AVG
2022-08-16 17:52 - 2022-08-16 17:52 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Local\CEF
2022-08-16 17:52 - 2022-08-16 17:52 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Local\AVG
2022-08-16 17:51 - 2022-08-16 17:51 - 000002082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2022-08-16 17:51 - 2022-08-16 17:51 - 000002070 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2022-08-16 17:48 - 2022-08-16 17:48 - 000860024 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2022-08-16 17:48 - 2022-08-16 17:48 - 000670904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2022-08-16 17:48 - 2022-08-16 17:48 - 000554080 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2022-08-16 17:48 - 2022-08-16 17:48 - 000389208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2022-08-16 17:48 - 2022-08-16 17:48 - 000324984 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2022-08-16 17:48 - 2022-08-16 17:48 - 000275176 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2022-08-16 17:48 - 2022-08-16 17:48 - 000270632 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2022-08-16 17:48 - 2022-08-16 17:48 - 000258128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2022-08-16 17:48 - 2022-08-16 17:48 - 000235736 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2022-08-16 17:48 - 2022-08-16 17:48 - 000221656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2022-08-16 17:48 - 2022-08-16 17:48 - 000114112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2022-08-16 17:48 - 2022-08-16 17:48 - 000105560 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2022-08-16 17:48 - 2022-08-16 17:48 - 000089176 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2022-08-16 17:48 - 2022-08-16 17:48 - 000048144 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2022-08-16 17:48 - 2022-08-16 17:48 - 000042000 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2022-08-16 17:48 - 2022-08-16 17:48 - 000024528 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2022-08-16 17:48 - 2022-08-16 17:48 - 000000000 ____D C:\Program Files\Common Files\AVG
2022-08-16 17:47 - 2022-08-16 17:47 - 000000000 ____D C:\Program Files\AVG
2022-08-16 17:46 - 2022-08-21 19:41 - 000000000 ____D C:\ProgramData\AVG
2022-08-16 17:45 - 2022-08-16 17:45 - 000235248 _____ (AVG Technologies CZ, s.r.o.) C:\Users\MIKE CATHY\Downloads\avg_antivirus_free_setup.exe
2022-08-16 08:48 - 2022-08-21 09:45 - 000001087 _____ C:\Users\MIKE CATHY\Desktop\SpeedFan.lnk
2022-08-16 08:48 - 2022-08-21 09:45 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2022-08-16 08:48 - 2022-08-16 08:48 - 000000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2022-08-15 11:18 - 2022-08-21 19:50 - 000000000 ____D C:\FRST
2022-08-15 11:18 - 2022-08-17 18:12 - 000000000 ____D C:\Users\MIKE CATHY\Desktop\FRST-OlderVersion
2022-08-15 11:06 - 2022-08-17 18:12 - 002371072 _____ (Farbar) C:\Users\MIKE CATHY\Desktop\FRST64.exe
2022-08-14 22:48 - 2022-08-14 22:48 - 000000000 ___HD C:\$SysReset
2022-08-14 22:00 - 2022-08-14 22:01 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-14 21:38 - 2022-08-14 21:38 - 000000000 ____D C:\WINDOWS\pss
2022-08-13 19:13 - 2022-08-13 19:13 - 000000000 __SHD C:\found.036
2022-08-13 17:19 - 2022-08-13 17:19 - 000001228 _____ C:\Users\MIKE CATHY\Desktop\WSA_SA_Report-Sat_2022-07-23_13-32-28 - Shortcut.lnk
2022-08-09 16:19 - 2022-08-09 16:19 - 000000000 ___HD C:\$WinREAgent
2022-08-08 14:32 - 2022-08-08 14:32 - 000160229 _____ C:\Users\MIKE CATHY\Downloads\Kaitlyn D. Ibrahim, MD.pdf
2022-07-23 13:32 - 2022-07-23 13:32 - 000916254 _____ C:\Users\MIKE CATHY\Desktop\WSA_SA_Report-Sat_2022-07-23_13-32-28.bmp
2022-07-23 13:32 - 2022-07-23 13:32 - 000000079 _____ C:\Users\MIKE CATHY\Desktop\WSA_SA_Report-Sat_2022-07-23_13-32-28.html
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-08-21 19:57 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-21 19:46 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-21 19:40 - 2016-12-30 13:36 - 000000000 __SHD C:\Users\MIKE CATHY\IntelGraphicsProfiles
2022-08-21 19:38 - 2021-01-20 16:51 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-21 19:38 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-08-21 19:38 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-08-21 19:24 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-21 17:54 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-21 17:54 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-21 03:24 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\appcompat
2022-08-20 19:34 - 2019-12-07 05:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-08-20 19:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-08-20 19:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-08-20 19:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-08-20 19:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\spool
2022-08-20 19:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-08-20 19:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2022-08-20 19:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Registration
2022-08-20 19:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-08-20 19:33 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-08-20 19:33 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-08-20 19:33 - 2017-06-02 03:39 - 000000000 ____D C:\Program Files\Intel
2022-08-20 19:33 - 2017-06-02 03:38 - 000000000 ____D C:\Program Files\CONEXANT
2022-08-20 19:33 - 2017-05-18 11:27 - 000000000 ____D C:\Program Files\UNP
2022-08-20 19:33 - 2017-03-24 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\H&R Block 2016
2022-08-20 19:33 - 2017-01-01 04:37 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2022-08-20 19:33 - 2016-12-30 18:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-20 19:33 - 2016-10-26 21:23 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2022-08-20 19:33 - 2016-10-26 21:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2022-08-20 19:33 - 2016-10-26 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2022-08-20 18:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-20 16:36 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-08-20 16:20 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-20 16:19 - 2020-11-19 03:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-08-20 16:19 - 2017-11-25 02:20 - 000000000 ___RD C:\Users\MIKE CATHY\3D Objects
2022-08-20 16:18 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-20 16:18 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-08-20 16:16 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-08-20 15:55 - 2020-11-19 03:32 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-20 15:55 - 2020-11-19 03:32 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-08-20 15:53 - 2019-12-07 05:14 - 000000000 __RSD C:\WINDOWS\Media
2022-08-20 15:42 - 2017-06-02 03:40 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2022-08-20 15:41 - 2017-06-02 03:38 - 001701376 _____ (TODO: <Company name>) C:\WINDOWS\SysWOW64\RebootPrompt.exe
2022-08-20 15:27 - 2019-12-07 05:18 - 000000000 ____D C:\WINDOWS\Setup
2022-08-20 15:15 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-08-20 15:14 - 2019-12-07 05:14 - 000000000 __RHD C:\Users\Public\Libraries
2022-08-20 15:04 - 2020-03-11 16:18 - 000000000 ____D C:\WINDOWS\Lenovo
2022-08-20 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Resources
2022-08-20 15:04 - 2017-06-02 03:40 - 000000000 ____D C:\Program Files\Synaptics
2022-08-20 15:04 - 2017-01-01 04:37 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2022-08-20 15:04 - 2016-10-26 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2022-08-20 15:02 - 2017-11-25 01:41 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Local\Packages
2022-08-20 13:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-20 13:57 - 2019-12-07 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-20 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-08-20 13:57 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\servicing
2022-08-18 22:47 - 2020-03-13 23:21 - 1100929714 _____ C:\WINDOWS\MEMORY.DMP
2022-08-18 21:34 - 2017-11-10 20:01 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
2022-08-16 02:10 - 2016-12-30 13:55 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Local\Lenovo
2022-08-15 20:09 - 2020-11-19 03:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-08-15 11:37 - 2021-01-19 14:02 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Local\D3DSCache
2022-08-15 08:19 - 2017-01-03 22:39 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Local\Google
2022-08-13 17:43 - 2017-07-08 19:36 - 000000000 ____D C:\ProgramData\WRData
2022-08-13 17:08 - 2017-07-08 19:36 - 000000000 ____D C:\Program Files\Webroot
2022-08-13 17:02 - 2017-07-08 19:37 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Local\lptmp
2022-08-09 15:51 - 2016-12-30 18:11 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-07 19:30 - 2016-12-30 16:55 - 000803176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-08-05 19:57 - 2020-03-26 10:07 - 000000000 ____D C:\WINDOWS\TempInst
==================== Files in the root of some directories ========
2022-05-16 13:07 - 2012-09-20 06:00 - 000105472 _____ (CANON INC.) C:\Users\MIKE CATHY\cnmss Canon MX920 series Printer WS (Local).dll
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-08-2022
Ran by MIKE CATHY (21-08-2022 19:59:16)
Running from C:\Users\MIKE CATHY\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1889 (X64) (2022-08-20 20:18:42)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3710523834-1862825545-2785641031-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3710523834-1862825545-2785641031-503 - Limited - Disabled)
Guest (S-1-5-21-3710523834-1862825545-2785641031-501 - Limited - Disabled)
MIKE CATHY (S-1-5-21-3710523834-1862825545-2785641031-1001 - Administrator - Enabled) => C:\Users\MIKE CATHY
WDAGUtilityAccount (S-1-5-21-3710523834-1862825545-2785641031-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 22.7.3245 - AVG Technologies)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.31.68 - Conexant)
Dolby Audio X2 Windows API SDK (HKLM\...\{27DBA722-5298-4184-9535-C529EDF3C82D}) (Version: 0.7.1.56 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{C55DB969-8BE0-4D7F-BF27-B8D316D944D6}) (Version: 0.7.1.59 - Dolby Laboratories, Inc.)
H&R Block Deluxe + Efile + State 2016 (HKLM-x32\...\{E7065AD9-D2DB-423B-B853-8310038D7D42}) (Version: 16.05.6401 - HRB Technology, LLC.)
H&R Block Pennsylvania 2016 (HKLM-x32\...\{BAECF4E0-1EB0-4CBA-A0D9-09BA014038A3}) (Version: 1.16.3501 - HRB Technology, LLC.)
Intel® Chipset Device Software (HKLM\...\{47DC837D-ECA6-49AF-9904-1427BB94EF4C}) (Version: 10.1.1.27 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{61a0f1f5-c77e-4992-ba85-029f93cd8d18}) (Version: 10.1.1.27 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{2B8D577D-4E81-4F0B-A63D-0A4D5C897B5A}) (Version: 11.5.0.1015 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4471 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.0.1039 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{FBE0EFD3-4A1F-4E28-A26B-6FAD2DD1AAE4}) (Version: 15.0.0.1039 - Intel Corporation) Hidden
LatencyMon 7.20 (HKLM\...\LatencyMon_is1) (Version: 7.20 - Resplendence Software Projects Sp.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.63 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.63 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\...\OneDriveSetup.exe) (Version: 22.151.0717.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.3.887.051116 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.7.107.2016 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0286 - REALTEK Semiconductor Corp.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
User Manuals (HKLM-x32\...\{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0-2) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23258 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Packages:
=========
AdBlock -> C:\Program Files\WindowsApps\BetaFish.AdBlock_2.13.0.0_neutral__c1wakc4j0nefm [2022-08-20] (BetaFish)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.224.300.0_x64__kgqvnymyfvs32 [2022-08-13] (king.com)
Lenovo Account Portal -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-19] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2207.2.0_x64__k1h2ywk1493x8 [2022-08-03] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-08-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-08-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7180.0_x64__8wekyb3d8bbwe [2022-07-28] (Microsoft Studios) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-09-06] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-03] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0 [2022-08-05] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2022-08-20] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxDTCM.dll [2018-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2022-08-21 17:52 - 2022-08-21 17:52 - 000355840 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\2b8c809e451b1c9f7f7c0b7a9553a86f\Interop.CxHDAudioAPILib.ni.dll
2016-10-26 21:20 - 2016-03-10 22:07 - 001145856 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 03:24 - 2015-10-30 03:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.132.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\...\StartupApproved\Run: => "McAfeeSafeConnect"
HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3204917C-316E-439E-8543-D2AB8BD9E8DB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5CEFC0EC-CED1-4BC1-ADBA-73BA58341AD1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6A50EEA1-39D2-4CB0-BA63-BC687ED6973C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{150E3E1C-B629-4B24-B4BD-B67F1BF6B711}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D8DE283F-7584-40FC-A308-23C7860BA973}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{86E16723-1599-4B8F-BCEC-65971E63D25D}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{4C43D96E-3B6E-4AA8-BB68-D6C1866F4521}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{9D4F20F3-9232-40EB-8C52-12752D8611AF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5788E05C-47BA-43BF-9AEB-9A14288D0485}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D1EC56FA-9FA1-492A-A47A-8603953F396F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FE83B42B-3D52-4398-A9C2-B834F5B69FC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{95D0D028-FBCD-4B8C-8E11-6AF0E8442F9E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6214189B-7538-4E80-BEC3-D696CD974D6D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B80247AF-1727-42DA-BFA4-876F51ADC2A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{68717F48-52B5-456D-86BD-947D64669C0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
20-08-2022 18:24:25 Windows Modules Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/20/2022 09:18:04 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (08/20/2022 09:18:04 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (08/20/2022 09:18:04 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (08/20/2022 09:18:04 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (08/20/2022 04:18:54 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 5312, ProfSvc PID: 2292.
Error: (08/20/2022 04:18:54 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\AVG\Antivirus\avgToolsSvc.exe, PID: 3392, ProfSvc PID: 2292.
Error: (08/20/2022 03:44:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SensorDataService.exe, version: 10.0.19041.746, time stamp: 0x9411a0ac
Faulting module name: RsProvider.dll, version: 1.23.0.0, time stamp: 0x56fb7e54
Exception code: 0xc0000005
Fault offset: 0x00000000000990f2
Faulting process id: 0x8f8
Faulting application start time: 0x01d8b4cd51fae867
Faulting application path: C:\WINDOWS\System32\SensorDataService.exe
Faulting module path: C:\Program Files\Realtek\RsProviders\RsProvider.dll
Report Id: 8e76c5ed-67b1-42e9-87c3-ae9308f3d681
Faulting package full name:
Faulting package-relative application ID:
Error: (08/20/2022 03:42:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SensorDataService.exe, version: 10.0.19041.746, time stamp: 0x9411a0ac
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x7e4
Faulting application start time: 0x01d8b4cd09a4d817
Faulting application path: C:\WINDOWS\System32\SensorDataService.exe
Faulting module path: unknown
Report Id: 049043b8-50b5-47b6-a207-8074e800d340
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (08/21/2022 07:47:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The System Guard Runtime Monitor Broker service hung on starting.
Error: (08/21/2022 07:45:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.
Error: (08/21/2022 07:43:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.
Error: (08/21/2022 07:40:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (08/21/2022 07:40:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
Error: (08/21/2022 07:39:34 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: The Conexant SmartAudio service service has reported an invalid current state 14.
Error: (08/21/2022 09:47:36 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.
Error: (08/21/2022 09:44:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
CodeIntegrity:
===============
Date: 2022-08-21 19:45:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-08-21 19:42:38
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Temp\aswa61e7d16abb27f81.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-08-21 19:42:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 3JCN21WW 09/23/2016
Motherboard: LENOVO Torronto 5C2
Processor: Intel® Core i7-7500U CPU @ 2.70GHz
Percentage of memory in use: 60%
Total physical RAM: 8092.13 MB
Available physical RAM: 3193.51 MB
Total Virtual: 12700.13 MB
Available Virtual: 7968.65 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:930.27 GB) (Free:862.45 GB) (Model: ST1000LM035-1RK172) NTFS
\\?\Volume{ac5da186-41e5-4ccd-bcc1-2afce19b2201}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.46 GB) NTFS
\\?\Volume{0e59f6e8-459f-477a-8c33-1e2f4a6ccc02}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8C20E429)
Partition: GPT.
==================== End of Addition.txt =======================