Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Missing startupchecklibrary.dll module

Started by Ishita_mandhyan , Feb 13 2020 04:22 PM

  • Please log in to reply

#1
Ishita_mandhyan
Posted 13 February 2020 - 04:22 PM

Ishita_mandhyan

    New Member

  • Member
  • Pip
  • 1 posts

I recently cleaned my downloads folder and may be some important file was removed from the system. I switched on my laptop and a pop message appeared saying that the startupchecklibrary.dll file/module is missing. after that I tried opening chrome but it would not load any web page whereas Microsoft edge is working properly. I downloaded autoruns from the Microsoft website and ran the autorun.exe file and upon doing so deleted the files that showed error(saw a video on YouTube).

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2020
Ran by Ishita Mandhyan (administrator) on MSI (Micro-Star International Co., Ltd. GF63 8RD) (14-02-2020 02:10:42)
Running from C:\Users\Ishita Mandhyan\Desktop
Loaded Profiles: Ishita Mandhyan (Available Profiles: Ishita Mandhyan)
Platform: Windows 10 Home Version 1809 17763.805 (X64) Language: English (United States)
Default browser not detected!
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicService.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Ishita Mandhyan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\SCM\SCM.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIService.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmi.inf_amd64_32ef3d5cc44d4a1d\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmi.inf_amd64_32ef3d5cc44d4a1d\Display.NvContainer\NVDisplay.Container.exe
(Quick Heal Technologies Limited -> ) D:\Quick Heal Total Security\BSSISS.EXE
(Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) D:\Quick Heal Total Security\ARWSRVC.EXE
(Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) D:\Quick Heal Total Security\BDSSVC.EXE
(Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) D:\Quick Heal Total Security\EMLPROXY.EXE
(Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) D:\Quick Heal Total Security\onlinent.exe
(Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) D:\Quick Heal Total Security\OPSSVC.EXE
(Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) D:\Quick Heal Total Security\QHPISVR.EXE
(Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) D:\Quick Heal Total Security\QUHLPSVC.EXE
(Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) D:\Quick Heal Total Security\REPRSVC.EXE
(Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) D:\Quick Heal Total Security\SAPISSVC.EXE
(Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) D:\Quick Heal Total Security\SCANWSCS.EXE
(Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) D:\Quick Heal Total Security\SCSECSVC.EXE
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320584 2018-01-30] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [833312 2019-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [302360 2018-03-10] (Micro-Star International CO., LTD. -> ) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [339464 2017-01-17] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Quick Heal Core UI] => D:\Quick Heal Total Security\strtupap.exe [265360 2019-09-25] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [636712 2018-12-01] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-20] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-762497365-112284850-2186903733-1001\...\Policies\Explorer: []
Lsa: [Notification Packages] scecli C:\WINDOWS\system32\ScSecAuth.Dll
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-762497365-112284850-2186903733-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {029614C3-A7C5-40BA-945F-D3332F742798} - System32\Tasks\Norton Security Scan for Ishita Mandhyan => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.175\Nss.exe [848976 2018-03-26] (Symantec Corporation -> Symantec Corporation)
Task: {16C2B291-1A61-4E8C-A7FB-587D31898548} - System32\Tasks\Resume Quickup Download => D:\Quick Heal Total Security\ACAPPAA.EXE [208016 2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
Task: {187D2B2A-1A39-4460-8736-FD119F88DB0A} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [5686552 2018-06-06] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {1BAFBEA0-C8BD-4BEB-B162-69E8177E17C7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3297728 2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {25F03D55-2A72-4D5E-8381-E1496B5C1CED} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [857024 2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {28579C0B-14E5-468F-80C8-82E4E1282676} - System32\Tasks\3A383C88-8BCA-7296-98FB-30B6871F108D => C:\WINDOWS\SysWOW64\regsvr32.exe /n /s /i:"/00ebcaf75f192cd0 /q" "C:\PROGRA~3\390703~1\{B09F9~1."
Task: {2BDC81CD-36E9-47E4-8C5D-74B5F8C670C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3C970FD4-9BBF-4430-BC1D-78ABAAE6105B} - System32\Tasks\961FAF58-3C64-733E-48D0-FD27462D2270 => C:\WINDOWS\SysWOW64\regsvr32.exe /n /s /i:"/521635da1b4beb4d /q" "C:\PROGRA~3\059FAE~1\{CDDC8~1."
Task: {3CF75A6E-0871-4D63-B3E9-EB4CE874A2E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-07] (Google Inc -> Google LLC)
Task: {48D0AA4C-CFEE-4D54-B65D-67A25B653F6E} - System32\Tasks\NahimicSvc64Run => C:\Windows\System32\NahimicSvc64.exe [1075144 2019-09-10] (A-Volute -> Nahimic)
Task: {53C7F35F-D5D7-4DFA-A58F-5705973329EA} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5AA8822D-D4E3-4EAD-A948-55C3F7FD738D} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6ADB5A8D-7CEC-4A55-9BBC-5A8B9BA7C62A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {72D6DA03-F697-4A85-82DE-74213B37DAA4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-07] (Google Inc -> Google LLC)
Task: {7980532D-A258-4F30-8000-6F45FC72F68D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {906AEEAE-FE66-4227-934E-25E6442EC77F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {90C3AE66-74CE-40D7-8E64-55EFFF14CA36} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {94D06BA9-D365-479E-9C76-6102E03A8EA0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9A96D147-22D6-4B8C-A26B-4F63EF172DEF} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A4C5D5BF-1126-40B0-AB9F-DB3EBFCEAD7C} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [804600 2019-09-10] (A-Volute -> Nahimic)
Task: {A58903C6-103E-4D82-BEA7-75D6468C7AB5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BBF9940E-0E7A-421A-AA31-C770A2C92FAC} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E5BC5997-570F-43D8-9BAA-DED546E780A4} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E7949EE6-3BE8-4B0C-B491-E52E38F61088} - System32\Tasks\Quick Heal AntiMalware Scan => D:\Quick Heal Total Security\ASMAIN.EXE [402576 2019-12-03] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
Task: {EC492EE8-2D32-4B51-8887-CC66373F7EBC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [654784 2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EF5085B7-3624-4776-8C41-2EB8934B51CE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [982464 2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F9A3CF14-751C-4516-8213-607D9D8BB348} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [857024 2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Quick Heal AntiMalware Scan.job => D:\Quick Heal Total Security\ASMAIN.EXE
Task: C:\WINDOWS\Tasks\Resume Quickup Download.job => D:\Quick Heal Total Security\ACAPPAA.EXE
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 202.56.215.6 59.144.144.100
Tcpip\Parameters: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{7bead793-614c-42fd-9abe-120bbd6e58f1}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{7bead793-614c-42fd-9abe-120bbd6e58f1}: [DhcpNameServer] 202.56.215.6 59.144.144.100
Tcpip\..\Interfaces\{923471e0-d826-47d3-ab57-2f75d0ff8200}: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{923471e0-d826-47d3-ab57-2f75d0ff8200}: [DhcpNameServer] 82.163.142.9
Tcpip\..\Interfaces\{a4e60b59-972e-4387-bc84-577a3eb4b239}: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{a4e60b59-972e-4387-bc84-577a3eb4b239}: [DhcpNameServer] 82.163.142.9
Tcpip\..\Interfaces\{a5e3fc05-2365-47e5-b115-1e1e26928274}: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{a5e3fc05-2365-47e5-b115-1e1e26928274}: [DhcpNameServer] 82.163.142.9
Tcpip\..\Interfaces\{be7d02bd-011d-4e6d-b137-668ba0650d6b}: [DhcpNameServer] 192.168.225.1 192.168.225.1
Internet Explorer:
==================
HKU\S-1-5-21-762497365-112284850-2186903733-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-762497365-112284850-2186903733-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-762497365-112284850-2186903733-1001 -> DefaultScope {41CA2EB7-263D-4054-99EC-B14456151CE4} URL =
BHO-x32: EndNote Helper -> {82D2E569-25A7-4E4D-9FA3-C5025B4B7912} -> C:\Program Files (x86)\EndNote Plug-Ins\ENWIEPlug.dll [2019-01-28] (Clarivate Analytics (US) LLC -> Clarivate Analytics)
Toolbar: HKLM-x32 - EndNote Capture - {945C8270-A848-11D5-A805-00B0D092F45B} - C:\Program Files (x86)\EndNote Plug-Ins\ENWIEPlug.dll [2019-01-28] (Clarivate Analytics (US) LLC -> Clarivate Analytics)
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-02-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Ishita Mandhyan\AppData\Local\Google\Chrome\User Data\Default [2020-02-14]
CHR Extension: (Docs) - C:\Users\Ishita Mandhyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-09]
CHR Extension: (Google Drive) - C:\Users\Ishita Mandhyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-09]
CHR Extension: (YouTube) - C:\Users\Ishita Mandhyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-09]
CHR Extension: (Adobe Acrobat) - C:\Users\Ishita Mandhyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-02-11]
CHR Extension: (Google Docs Offline) - C:\Users\Ishita Mandhyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-17]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Ishita Mandhyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-02-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ishita Mandhyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-12]
CHR Extension: (Gmail) - C:\Users\Ishita Mandhyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Ishita Mandhyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1162616 2018-12-01] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 arwsrvc; D:\Quick Heal Total Security\arwsrvc.exe [84112 2019-08-01] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
R2 Behavior Detection System; D:\Quick Heal Total Security\bdssvc.exe [53816 2020-01-22] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
R2 Core Mail Protection; D:\Quick Heal Total Security\EMLPROXY.EXE [139920 2019-12-06] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
R2 Core Scanning Server; D:\Quick Heal Total Security\SAPISSVC.EXE [338576 2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
S3 Core Scanning ServerEx; D:\Quick Heal Total Security\SAPISSVC.EXE [338576 2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2593336 2018-01-26] (Intel® Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-15] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel® Management Engine Components\iCLS\SocketHeciServer.exe [758552 2018-03-02] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\Intel® Management Engine Components\iCLS\TPMProvisioningService.exe [719640 2018-03-02] (Intel® Trust Services -> Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [214672 2018-03-30] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2018-03-10] (Micro-Star International Co., Ltd.) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265824 2018-04-17] (Intel Corporation -> )
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1742072 2019-09-10] (A-Volute -> Nahimic)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Online Protection System; D:\Quick Heal Total Security\opssvc.exe [128144 2019-05-15] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
R2 Quick Update Service; D:\Quick Heal Total Security\quhlpsvc.exe [218768 2018-12-10] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
R2 RepairService; D:\Quick Heal Total Security\reprsvc.exe [90256 2019-08-23] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [833312 2019-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 ScanWscS; D:\Quick Heal Total Security\SCANWSCS.EXE [417032 2019-01-18] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
R2 ScSecSvc; D:\Quick Heal Total Security\ScSecSvc.exe [643216 2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-20] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [51696 2018-09-15] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2018-09-15] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848288 2018-04-17] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmi.inf_amd64_32ef3d5cc44d4a1d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmi.inf_amd64_32ef3d5cc44d4a1d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 arwflt; C:\WINDOWS\System32\DRIVERS\arwflt.sys [113168 2019-08-02] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
R3 atkldrvr; C:\WINDOWS\System32\DRIVERS\atkldrvr.sys [57144 2018-11-21] (Quick Heal Technologies Private Limited -> Quick Heal Technologies Ltd.)
R1 bdsflt; C:\WINDOWS\System32\DRIVERS\bdsflt.sys [405152 2019-12-23] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
R2 bdsnm; C:\WINDOWS\system32\DRIVERS\bdsnm.sys [49960 2018-11-21] (Quick Heal Technologies Private Limited -> Quick Heal Technologies Ltd.)
R3 bsfs; C:\WINDOWS\System32\DRIVERS\bsfs.sys [96640 2018-12-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
R2 catflt; C:\WINDOWS\System32\DRIVERS\catflt.sys [300080 2020-02-13] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 elamdrv; C:\WINDOWS\System32\DRIVERS\elamdrv.sys [36888 2018-11-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Quick Heal Technologies Ltd.)
R2 emlssx; C:\WINDOWS\system32\DRIVERS\emlssx.sys [39792 2018-11-21] (Quick Heal Technologies (Pvt) Ltd. -> Quick Heal Technologies Ltd.)
R1 ggc; C:\WINDOWS\System32\DRIVERS\ggc.sys [97712 2020-02-13] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [941624 2018-01-26] (Intel® Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [72248 2018-01-26] (Intel® Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-15] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R3 kbfltr; C:\WINDOWS\system32\DRIVERS\kbfltr.sys [39152 2018-11-21] (Quick Heal Technologies Private Limited -> Quick Heal Technologies Ltd.)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [170672 2018-06-07] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
S3 llio; C:\WINDOWS\system32\DRIVERS\llio.sys [91200 2018-11-22] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
S0 mscank; C:\WINDOWS\System32\DRIVERS\mscank.sys [62192 2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8810336 2018-05-14] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmi.inf_amd64_32ef3d5cc44d4a1d\nvlddmkm.sys [22118144 2019-09-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [67432 2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [68112 2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 TKFsAvM; C:\WINDOWS\system32\TKFsAv64.sys [198808 2018-03-07] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKFsFtM; C:\WINDOWS\system32\TKFsFt64.sys [28824 2018-03-07] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKPcFt; C:\WINDOWS\system32\TKPcFtCb64.sys [54504 2018-01-30] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKRgAc; C:\WINDOWS\system32\TKRgAc2k64.sys [115760 2018-01-30] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKRgFt; C:\WINDOWS\system32\TKRgFtXp64.sys [68848 2018-02-04] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKSP; C:\WINDOWS\system32\TKSPxp64.sys [80824 2018-01-29] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R2 vdiskdrv; C:\WINDOWS\System32\DRIVERS\vdiskdrv.sys [110560 2018-11-30] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-27] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [351968 2019-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-07] (Microsoft Windows -> Microsoft Corporation)
R0 webssx; C:\WINDOWS\System32\drivers\webssx8.sys [109568 2019-12-06] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-12] (Micro-Star Int'l Co. Ltd. -> )
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-14 02:10 - 2020-02-14 02:11 - 000035165 _____ C:\Users\Ishita Mandhyan\Desktop\FRST.txt
2020-02-14 02:10 - 2020-02-14 02:10 - 000000000 ____D C:\FRST
2020-02-14 02:09 - 2020-02-14 02:09 - 002279424 _____ (Farbar) C:\Users\Ishita Mandhyan\Desktop\FRST64.exe
2020-02-14 00:35 - 2020-02-14 00:35 - 000000000 ___HD C:\Users\Ishita Mandhyan\ScStore
2020-02-14 00:31 - 2020-02-14 00:31 - 000000000 ___HD C:\OneDriveTemp
2020-02-14 00:24 - 2020-02-14 00:24 - 000000000 ____D C:\Autoruns
2020-02-13 03:15 - 2020-02-13 23:39 - 000000000 ____D C:\WINDOWS\Minidump
2020-02-13 03:15 - 2020-02-13 03:15 - 1030837815 _____ C:\WINDOWS\MEMORY.DMP
2020-02-13 03:09 - 2020-02-13 03:08 - 000300080 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\Drivers\CATFLT.SYS
2020-02-13 03:08 - 2020-02-13 03:15 - 000000394 _____ C:\WINDOWS\Tasks\Quick Heal AntiMalware Scan.job
2020-02-13 03:08 - 2020-02-13 03:08 - 000006305 _____ C:\WINDOWS\regact.dat
2020-02-13 03:08 - 2020-02-13 03:08 - 000003536 _____ C:\WINDOWS\system32\Tasks\Quick Heal AntiMalware Scan
2020-02-13 03:08 - 2019-12-23 13:56 - 000405152 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\Drivers\bdsflt.sys
2020-02-13 03:08 - 2018-11-22 18:13 - 000091200 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\Drivers\llio.sys
2020-02-13 03:08 - 2018-11-21 16:20 - 000132728 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\bdsaei64.dll
2020-02-13 03:08 - 2018-11-21 16:20 - 000113272 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\SysWOW64\bdsaei32.dll
2020-02-13 03:08 - 2018-11-21 14:20 - 000049960 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\Drivers\bdsnm.sys
2020-02-13 03:07 - 2020-02-13 03:15 - 000000370 _____ C:\WINDOWS\Tasks\Resume Quickup Download.job
2020-02-13 03:07 - 2020-02-13 03:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Heal Total Security
2020-02-13 03:07 - 2020-02-13 03:07 - 000003452 _____ C:\WINDOWS\system32\Tasks\Resume Quickup Download
2020-02-13 03:07 - 2019-12-06 14:09 - 000109568 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\Drivers\webssx8.sys
2020-02-13 03:07 - 2019-03-05 20:46 - 000310392 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\ScSandboxApi.dll
2020-02-13 03:07 - 2019-03-05 20:46 - 000255608 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\SysWOW64\ScSandboxApi.dll
2020-02-13 03:07 - 2018-11-21 16:32 - 000482432 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\ScDetour.Dll
2020-02-13 03:07 - 2018-11-21 16:32 - 000224376 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\ScSecAuth.Dll
2020-02-13 03:07 - 2018-11-21 16:31 - 000405112 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\SysWOW64\ScDetour.Dll
2020-02-13 03:07 - 2018-11-21 16:30 - 000131704 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\atklshld64.dll
2020-02-13 03:07 - 2018-11-21 16:30 - 000115832 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\SysWOW64\atklshld32.dll
2020-02-13 03:07 - 2018-11-21 14:20 - 000123608 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\Drivers\wsfilter.sys
2020-02-13 03:07 - 2018-11-21 14:20 - 000062192 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\Drivers\mscank.sys
2020-02-13 03:06 - 2020-02-14 00:09 - 000000000 ____D C:\WINDOWS\system32\gprodat
2020-02-13 03:06 - 2020-02-13 03:08 - 000097712 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\Drivers\Ggc.sys
2020-02-13 03:02 - 2020-02-13 03:02 - 000555888 _____ (Quick Heal Technologies Ltd.) C:\Users\Ishita Mandhyan\Downloads\QHTS.EXE
2020-02-13 03:01 - 2020-02-13 03:01 - 000000075 _____ C:\Users\Ishita Mandhyan\Desktop\Product Key.txt
2020-02-12 23:34 - 2020-02-12 23:34 - 000000000 ____D C:\Program Files\Quick Heal
2020-01-29 02:53 - 2020-01-29 02:53 - 000000132 _____ C:\Users\Ishita Mandhyan\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-14 01:57 - 2019-04-03 20:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-14 01:57 - 2018-09-15 11:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-14 00:35 - 2019-04-03 20:46 - 000842664 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-14 00:35 - 2019-04-03 20:40 - 000000000 ____D C:\Users\Ishita Mandhyan
2020-02-14 00:35 - 2018-11-09 22:23 - 000000000 ____D C:\Program Files (x86)\Google
2020-02-14 00:35 - 2018-09-15 11:31 - 000000000 ____D C:\WINDOWS\INF
2020-02-14 00:32 - 2018-06-22 05:38 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-14 00:31 - 2018-10-06 21:29 - 000000000 ___RD C:\Users\Ishita Mandhyan\OneDrive
2020-02-14 00:30 - 2019-11-06 16:29 - 000017372 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-02-14 00:30 - 2019-11-06 16:29 - 000012892 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-02-14 00:30 - 2019-11-06 16:29 - 000006576 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-02-14 00:30 - 2019-04-03 20:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-14 00:30 - 2018-10-06 21:28 - 000000000 __SHD C:\Users\Ishita Mandhyan\IntelGraphicsProfiles
2020-02-14 00:30 - 2018-09-15 10:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-02-13 23:59 - 2019-10-04 03:11 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-02-13 23:59 - 2019-10-04 03:11 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-02-13 23:41 - 2019-10-01 22:48 - 000004160 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{B23B127F-579D-46E3-B601-6C8609D6A860}
2020-02-13 23:28 - 2018-11-13 12:58 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-02-13 03:13 - 2018-11-10 13:55 - 000000000 ____D C:\Users\Ishita Mandhyan\AppData\Roaming\vlc
2020-02-13 03:08 - 2018-09-15 11:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-02-13 03:08 - 2018-09-15 10:09 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2020-02-13 03:07 - 2019-11-07 22:51 - 000000000 ____D C:\Program Files\Common Files\Quick Heal
2020-02-13 03:07 - 2018-06-22 06:08 - 000000000 ____D C:\WINDOWS\RE_DRIVE
2020-02-12 22:21 - 2019-01-20 16:43 - 000000000 ____D C:\ProgramData\RevitInterProcess
2020-02-11 23:13 - 2019-10-04 03:11 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-02-11 14:36 - 2019-04-03 20:44 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-762497365-112284850-2186903733-1001
2020-02-11 14:36 - 2019-04-03 20:40 - 000002400 _____ C:\Users\Ishita Mandhyan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-05 17:25 - 2019-08-07 21:58 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-05 17:25 - 2019-08-07 21:58 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-26 01:16 - 2018-09-15 11:33 - 000000000 ____D C:\WINDOWS\system32\NDF
==================== Files in the root of some directories ========
2020-01-29 02:53 - 2020-01-29 02:53 - 000000132 _____ () C:\Users\Ishita Mandhyan\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2019-01-13 22:45 - 2019-01-17 12:56 - 000000132 _____ () C:\Users\Ishita Mandhyan\AppData\Roaming\Adobe PNG Format CS6 Prefs
2019-09-11 00:52 - 2019-09-11 00:52 - 000000000 _____ () C:\Users\Ishita Mandhyan\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2020
Ran by Ishita Mandhyan (14-02-2020 02:11:22)
Running from C:\Users\Ishita Mandhyan\Desktop
Windows 10 Home Version 1809 17763.805 (X64) (2019-04-03 16:44:57)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-762497365-112284850-2186903733-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-762497365-112284850-2186903733-503 - Limited - Disabled)
Guest (S-1-5-21-762497365-112284850-2186903733-501 - Limited - Disabled)
Ishita Mandhyan (S-1-5-21-762497365-112284850-2186903733-1001 - Administrator - Enabled) => C:\Users\Ishita Mandhyan
WDAGUtilityAccount (S-1-5-21-762497365-112284850-2186903733-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Quick Heal Total Security (Enabled - Up to date) {D2F706C8-BC4C-660E-C57B-2E8CE1D9CF6C}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Quick Heal Total Security (Disabled - Out of date) {6996E72C-9A76-6980-FFCB-15FE9A5E85D1}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Quick Heal Firewall (Enabled) {EACC87ED-F623-6756-EE24-87B91F0A8817}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACA & MEP 2019 Object Enabler (HKLM\...\{28B89EEF-2004-0000-5102-CF3F3A09B77D}) (Version: 8.1.44.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-2001-0000-3102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.41 - Rivet Networks)
AR8171 Drivers (HKLM\...\{8386D032-4BA5-4BDA-A86D-22A2761881AA}) (Version: 1.0.0.41 - Rivet Networks) Hidden
AutoCAD 2019 - English (HKLM\...\{28B89EEF-2001-0409-2102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 (HKLM\...\{28B89EEF-2001-0000-0102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 Language Pack - English (HKLM\...\{28B89EEF-2001-0409-1102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
Autodesk A360 Collaboration for Revit 2017 (HKLM\...\Autodesk A360 Collaboration for Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Advanced Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{105181A1-013C-4EE7-A368-999FD7ED950A}) (Version: 17.11.3.0 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2019 (HKLM-x32\...\{ACC0DD09-7E20-4792-87D5-BDBE40206584}) (Version: 17.11.3.0 - Autodesk)
Autodesk Advanced Material Library Medium Resolution Image Library 2019 (HKLM-x32\...\{078698AF-8BB1-4631-86D0-D91FEE147256}) (Version: 17.11.3.0 - Autodesk)
Autodesk App Manager 2016-2019 (HKLM-x32\...\{C1BF29A7-2D9E-4E8D-A3C1-02F6B20B8AB7}) (Version: 2.5.0 - Autodesk)
Autodesk AutoCAD 2019 - English (HKLM\...\AutoCAD 2019 - English) (Version: 23.0.46.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.0 (HKLM-x32\...\{448BC38C-2654-48CD-BB43-F59A37854A3E}) (Version: 1.3.0.0 - Autodesk)
Autodesk Collaboration for Revit 2019 (HKLM\...\{AA384BE4-1901-0010-0000-97E7D7D00B17}) (Version: 19.0.1.1 - Autodesk) Hidden
Autodesk Collaboration for Revit 2019 (HKLM\...\Autodesk Collaboration for Revit 2019) (Version: 19.0.1.1 - Autodesk)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.12.84 - Autodesk)
Autodesk Download Manager (HKLM-x32\...\{2D6F30F1-0C41-4192-9400-DB341E370800}) (Version: 5.0.116.0 - Autodesk, Inc.)
Autodesk Featured Apps 2016-2019 (HKLM-x32\...\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 - Autodesk)
Autodesk License Service (x64) - 7.1.4 (HKLM\...\{F53D6D10-7A75-4A39-8C53-A3D855C7C50A}) (Version: 7.1.4.0 - Autodesk)
Autodesk Material Library 2019 (HKLM-x32\...\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2019 (HKLM-x32\...\{77F779B8-3262-4014-97E9-36D6933A1904}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2019 (HKLM-x32\...\{2E819775-E94C-42CC-9C5D-ABB2ADABC7C2}) (Version: 17.11.3.0 - Autodesk)
Autodesk Revit 2019 (HKLM\...\Autodesk Revit 2019) (Version: 19.0.1.1 - Autodesk)
Autodesk Revit 2019 (HKLM\...\Revit 2019) (Version:  - )
Autodesk Revit 2019 MEP Fabrication Configuration - Imperial (HKLM\...\{7B1D0D58-E2A9-400B-9663-86FD56CB44B9}) (Version: 2.2 - Autodesk)
Autodesk Revit 2019 MEP Fabrication Configuration - Metric (HKLM\...\{8E6AEB11-ECE7-475A-BB7D-1D6719B2F8BA}) (Version: 2.2 - Autodesk)
Autodesk Revit Content Libraries 2019 (HKLM\...\Autodesk Revit Content Libraries 2019) (Version: 19.0.1.1 - Autodesk)
Autodesk Revit Content Libraries 2019 (HKLM\...\Revit Content Libraries 2019) (Version:  - )
Autodesk Revit MEP Imperial Content v2.0 (HKLM\...\{F2538944-3E07-4E97-B41A-FC48AB53EE9D}) (Version: 2.0 - Autodesk)
Autodesk Revit MEP Metric Content v2.0 (HKLM\...\{DEF775C7-84BF-4730-976A-FE3747F1757C}) (Version: 2.0 - Autodesk)
Autodesk Revit Model Review 2019 (HKLM\...\{715812E8-1901-0010-0000-BBB894911B46}) (Version: 19.0.1.1 - Autodesk) Hidden
Autodesk Revit Model Review 2019 (HKLM\...\Autodesk Revit Model Review 2019) (Version: 19.0.1.1 - Autodesk)
Autodesk Workflows 2019 (HKLM\...\{F9857F69-9B57-4DF2-8930-7A4D5F8D5635}) (Version: 17.11.1.0 - Autodesk, Inc.)
Batch Print for Autodesk Revit 2019 (HKLM\...\{82AF00E4-1901-0010-0000-FCE0F87063F9}) (Version: 19.0.1.1 - Autodesk) Hidden
Batch Print for Autodesk Revit 2019 (HKLM\...\Batch Print for Autodesk Revit 2019) (Version: 19.0.1.1 - Autodesk)
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1805.2201 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1805.2201 - Micro-Star International Co., Ltd.)
BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1805.2901 - Application) Hidden
BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1805.2901 - Application)
CopyTrans HEIC for Windows (HKLM\...\CopyTrans HEIC for Windows_is1) (Version: 1.0.0.6 - Ursa Minor Ltd)
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.2.1806.0501 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.2.1806.0501 - Micro-Star International Co., Ltd.)
Dynamo 0.9.1 (HKLM\...\{85626FB3-CAF9-49C1-AA28-E3C75164BD6F}) (Version: 0.9.1.4062 - Autodesk)
Dynamo Core 1.3.3 (HKLM\...\{F1AA809A-3D47-4FB9-8854-93E070C66A20}) (Version: 1.3.3.4111 - Dynamo)
Dynamo Revit 1.3.3 (HKLM\...\{DE076F37-60CA-4BDC-A5A3-B300DEA4358C}) (Version: 1.3.3.4111 - Dynamo)
EndNote Plug-Ins (HKLM-x32\...\{1DFE388B-6FD3-4230-A47B-393AEA68C01D}) (Version: 3.21.0.5778 - Thomson Reuters)
eTransmit for Autodesk Revit 2019 (HKLM\...\{4477F08B-1901-0010-0000-9A09D834DFF5}) (Version: 19.0.1.1 - Autodesk) Hidden
eTransmit for Autodesk Revit 2019 (HKLM\...\eTransmit for Autodesk Revit 2019) (Version: 19.0.1.1 - Autodesk)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.700.0 (64bit) (HKLM-x32\...\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 - FARO Scanner Production)
FastDataX 1.20 (HKLM-x32\...\FastDataX_is1) (Version: 1.20 - ) <==== ATTENTION
FormIt 360 Converter For Revit 2017 (HKLM\...\{637211B6-D2E9-474A-BF06-4F61F1254104}) (Version: 1.9.0.0 - Autodesk)
FormIt Converter For Revit 2019 (HKLM\...\{5E47699C-B0DE-443F-92AE-1D1334499D5E}) (Version: 1.9.6.0 - Autodesk)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Grammarly for Microsoft® Office Suite (HKLM\...\{774C6AE6-94F7-431B-B3C5-F0C5CC518935}) (Version: 6.7.201 - Grammarly) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-762497365-112284850-2186903733-1001\...\{91a57459-1019-492e-aa14-04edbec439f1}) (Version: 6.7.201 - Grammarly)
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1805.0201 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1805.0201 - Micro-Star International Co., Ltd.)
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1813.12.0.1124 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6373 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.1.1018 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{b67c644b-bbfa-45cf-a1fa-2e1ef2f99be6}) (Version: 20.60.0 - Intel Corporation)
IronPython 2.7.3 (HKLM-x32\...\{1EBADAEA-1A0F-40E3-848C-0DD8C5E5A10D}) (Version: 2.7.31000.0 - IronPython Team)
KB9X Radio Switch Driver (HKLM\...\F90C96996934A140F2B051F65B2D97EF0FB1A2C5) (Version: 1.1.6.0 - ENE TECHNOLOGY INC.)
Lumion 9.0.2 (HKLM\...\Lumion 9.0.2_is1) (Version: 9.0.2 - Act-3D B.V.)
Lumion® LiveSync® (HKLM-x32\...\{D568FE61-FA15-4B64-9403-4467A824FFAD}) (Version: 3.52 - Act-3D)
Microsoft OneDrive (HKU\S-1-5-21-762497365-112284850-2186903733-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
MSI Feature Navigator (HKLM-x32\...\{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1709.1301 - Micro-Star International Co., Ltd.) Hidden
MSI Feature Navigator (HKLM-x32\...\InstallShield_{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1709.1301 - Micro-Star International Co., Ltd.)
NativeDesktopMediaService (HKLM-x32\...\{4CF9B388-78FA-46C3-B409-196FE2CF5F20}) (Version: 3.6.0 - Jetmedia) <==== ATTENTION
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.175 - Symantec Corporation)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Graphics Driver 431.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 431.84 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Personal Accelerator for Revit (HKLM\...\{7C317DB0-F399-4024-A289-92CF4B6FB256}) (Version: 16.0.1205.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 16.0.1205.0 - Autodesk)
Quick Heal Total Security (HKLM\...\{75DEED91-7B14-49DC-A5F3-B60E633AC4A5}) (Version: 18.00 - Quick Heal) Hidden
Quick Heal Total Security (HKLM\...\Quick Heal Total Security) (Version: 18.00 - Quick Heal Technologies Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8447 - Realtek Semiconductor Corp.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: 1.0.21.3540 - Clarivate Analytics)
Revit 2019 (HKLM\...\{7346B4A0-1900-0510-0000-705C0D862004}) (Version: 19.0.1.1 - Autodesk) Hidden
Revit Content Libraries 2019 (HKLM\...\{941030D0-1900-0410-0000-818BB38A95FC}) (Version: 19.0.1.1 - Autodesk) Hidden
SCM (HKLM\...\{61C9E087-AEEC-4D47-81A4-0A4999751A5E}) (Version: 13.018.03063 - Application)
SketchUp 2019 (HKLM\...\{E16DD37C-6FBC-F51F-702E-DD6E92D6ED68}) (Version: 19.1.174.20409 - Trimble, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.1.70.1 (HKLM\...\VulkanRT1.1.70.1) (Version: 1.1.70.1 - LunarG, Inc.) Hidden
Worksharing Monitor for Autodesk Revit 2019 (HKLM\...\{5063E738-1901-0010-0000-7B7B9AB0B696}) (Version: 19.0.1.1 - Autodesk) Hidden
Worksharing Monitor for Autodesk Revit 2019 (HKLM\...\Worksharing Monitor for Autodesk Revit 2019) (Version: 19.0.1.1 - Autodesk)
Packages:
=========
8 Zip Lite - unpack RAR, ZIP, 7z for free -> C:\Program Files\WindowsApps\BooStudioLLC.8ZipLite_1.2.150.0_x64__b6e429xa66pga [2019-01-22] (Finebits OÜ) [MS Ad]
Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2019-01-06] (Adobe Systems Incorporated)
Asphalt 8: Airborne -> C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_4.6.0.8_x86__0pp20fcewvvtj [2019-11-01] (GAMELOFT  SA)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2058.0_x64__rz1tebttyb220 [2019-09-08] (Dolby Laboratories)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_6.21.8716.0_x86__q4d96b2w5wcc2 [2019-10-09] (Evernote)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-11-10] (LinkedIn)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation) [MS Ad]
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation)
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_1.9.1907.2503_x86__8wekyb3d8bbwe [2019-08-08] (Microsoft Studios) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.9231.0_x64__8wekyb3d8bbwe [2019-10-03] (Microsoft Studios) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.7.4300.0_x86__8wekyb3d8bbwe [2018-11-09] (Microsoft Studios) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-13] (Microsoft Corporation) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1107.0_x86__8wekyb3d8bbwe [2019-09-08] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-09] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_1.7.10190.0_x86__8wekyb3d8bbwe [2018-12-04] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.6.10070.0_x64__8wekyb3d8bbwe [2019-10-18] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-13] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.0.0.0_x64__a2t3txkz9j1jw [2019-07-27] (MAGIX)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-28] (Netflix, Inc.)
Norton Studio -> C:\Program Files\WindowsApps\SymantecCorporation.NortonStudio_2.2.0.0_x86__v68kp9n051hdp [2018-11-10] (Symantec Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-10-01] (NVIDIA Corp.)
Photo Editor | Polarr -> C:\Program Files\WindowsApps\613EBCEA.PolarrPhotoEditorAcademicEdition_5.10.2.0_x64__jb41c8remg0x2 [2019-10-20] (Polarr)
PhotoDirector8 for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector8forMSI_8.0.4020.0_x64__jtmmp2jxy9gb6 [2018-06-22] (CyberLink)
PowerDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirectorforMSI_15.0.4024.0_x64__jtmmp2jxy9gb6 [2018-06-22] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.168.0_x64__dt26b99r8h8gj [2019-06-16] (Realtek Semiconductor Corp)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-04] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-762497365-112284850-2186903733-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\Ishita Mandhyan\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.201\4FDF320CA7\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)
CustomCLSID: HKU\S-1-5-21-762497365-112284850-2186903733-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-762497365-112284850-2186903733-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\Ishita Mandhyan\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.201\4FDF320CA7\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)
CustomCLSID: HKU\S-1-5-21-762497365-112284850-2186903733-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-762497365-112284850-2186903733-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2019\en-US\acadficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-762497365-112284850-2186903733-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2018-01-30] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2018-01-30] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [DeleteSecurely] -> {13C39C87-76A0-4CD6-A2E8-2984C6B84160} => D:\Quick Heal Total Security\PCTuner\sdshell.dll [2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
ContextMenuHandlers1: [QHFLVLT] -> {5BB5EA17-7B93-426A-99E5-358CF6CDDED1} => D:\Quick Heal Total Security\flvltext.dll [2018-12-11] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
ContextMenuHandlers1: [RCScan] -> {362A3A82-5EF4-422F-817F-A17EBA53E67C} => D:\Quick Heal Total Security\RCSCAN.DLL [2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
ContextMenuHandlers4: [DeleteSecurely] -> {13C39C87-76A0-4CD6-A2E8-2984C6B84160} => D:\Quick Heal Total Security\PCTuner\sdshell.dll [2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxDTCM.dll [2018-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmi.inf_amd64_32ef3d5cc44d4a1d\nvshext.dll [2019-09-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DeleteSecurely] -> {13C39C87-76A0-4CD6-A2E8-2984C6B84160} => D:\Quick Heal Total Security\PCTuner\sdshell.dll [2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
ContextMenuHandlers6: [QHFLVLT] -> {5BB5EA17-7B93-426A-99E5-358CF6CDDED1} => D:\Quick Heal Total Security\flvltext.dll [2018-12-11] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
ContextMenuHandlers6: [RCScan] -> {362A3A82-5EF4-422F-817F-A17EBA53E67C} => D:\Quick Heal Total Security\RCSCAN.DLL [2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2017-12-27 22:00 - 2017-12-27 22:00 - 000105984 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\YooMixCOM.dll
2015-06-12 06:35 - 2015-06-12 06:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll
2018-03-10 01:37 - 2018-03-10 01:37 - 001598464 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIWmiAcpi.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`20hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\Ishita Mandhyan\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TKFsAvM => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TKFsFtM => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TKPcFt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TKRgAc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TKRgFt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TKFsAvM => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TKFsFtM => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TKPcFt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TKRgAc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TKRgFt => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-762497365-112284850-2186903733-1001\Software\Classes\.scr: scrfile =>  <==== ATTENTION
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 03:38 - 2020-02-13 23:41 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-06-13 01:45 - 2019-06-13 07:51 - 000000433 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\iCLS\;C:\Program Files\Intel\Intel® Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-762497365-112284850-2186903733-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ishita Mandhyan\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img1.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{24367A66-5EC1-4D58-BED4-63C7301075D9}] => (Block) %ProgramFiles%\Lumion 8.0\Lumion.exe No File
FirewallRules: [{C4DD5B8A-DC4B-466D-969D-34850C9633F0}] => (Block) %ProgramFiles%\Lumion 8.0\Lumion.exe No File
FirewallRules: [{372311C6-918B-4973-9FBC-F5843BFD7B14}] => (Allow) LPort=5000
FirewallRules: [{1DFE8414-080C-44AA-8B87-AE256782DC93}] => (Allow) LPort=50132
FirewallRules: [{223DAED6-1524-41D2-B736-564E2106B115}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{771AE430-4E64-42DC-BDB0-93B52064B659}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F4F398A2-E281-4603-9022-822A6626E21B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{17015104-7046-4A85-A328-A40A6849CEA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B56F6932-97A7-4CDA-9079-8A4DC10014B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{08AA91E4-1CD8-42B2-A075-0998700E1065}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42794248-6B95-4AC5-ACA6-B84F10323259}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F61E243A-AF4D-4884-AC8A-4E9D83670C3E}] => (Allow) C:\ProgramData\6217990856533911452\desktop_media_service.exe No File
FirewallRules: [{F2AFDC9A-DAF9-41A3-A671-4DEE19120091}] => (Allow) C:\WINDOWS\SysWOW64\TCPSVCS.EXE (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2474B4BF-4121-426B-9461-DB0F50A5D6E6}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{E7242D29-E352-4E65-847D-E80A772EE110}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{DE1B24CA-1196-4E7C-AD22-5E13E7E2A8DD}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{A639E143-E913-40AB-9492-6ED8C5190D30}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12130.20272.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{7C48476C-9C6F-4BA2-BB34-6ED26436A8FB}C:\users\ishita mandhyan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ishita mandhyan\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [UDP Query User{F50700DA-82DE-4EFA-8867-E41CBAE99AD9}C:\users\ishita mandhyan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ishita mandhyan\appdata\local\akamai\netsession_win.exe No File
==================== Restore Points =========================
24-01-2020 00:17:07 Scheduled Checkpoint
11-02-2020 18:33:01 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================
Application errors:
==================
Error: (02/14/2020 12:07:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 10.0.17763.802, time stamp: 0x274e21ab
Faulting module name: ntdll.dll, version: 10.0.17763.802, time stamp: 0x125ac1e8
Exception code: 0xc0000374
Fault offset: 0x00000000000fb049
Faulting process id: 0x4104
Faulting application start time: 0x01d5e2a94a04103a
Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 95c89522-7c6d-47cd-9963-7ee953329064
Faulting package full name:
Faulting package-relative application ID:

System errors:
=============
Error: (02/14/2020 02:11:23 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (02/14/2020 02:11:23 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (02/14/2020 02:09:23 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (02/14/2020 02:09:23 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (02/14/2020 02:07:23 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (02/14/2020 02:07:23 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (02/14/2020 02:05:23 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (02/14/2020 02:05:23 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

CodeIntegrity:
===================================
Date: 2020-02-14 00:34:41.404
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\ScDetour.Dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-14 00:34:41.378
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\ScDetour.Dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-14 00:34:41.113
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\ScDetour.Dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-14 00:34:40.401
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\ScDetour.Dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-14 00:34:40.370
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\ScDetour.Dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-14 00:34:38.472
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\ScDetour.Dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-14 00:34:38.447
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\ScDetour.Dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-14 00:34:37.700
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\ScDetour.Dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. E16R1IMS.106 07/23/2018
Motherboard: Micro-Star International Co., Ltd. MS-16R1
Processor: Intel® Core™ i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 36%
Total physical RAM: 16230.23 MB
Available physical RAM: 10382.14 MB
Total Virtual: 20582.23 MB
Available Virtual: 12516.13 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:237.18 GB) (Free:98.36 GB) NTFS
Drive d: (Data) (Fixed) (Total:911.81 GB) (Free:888.89 GB) NTFS
\\?\Volume{bdec53ff-aac0-4e93-9fbd-ec95406b6988}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.48 GB) NTFS
\\?\Volume{4992b629-22e3-406d-a1f9-920540e62876}\ (BIOS_RVY) (Fixed) (Total:19.7 GB) (Free:0.68 GB) NTFS
\\?\Volume{47353f5d-8bf8-4ecd-878e-5efc5af012ef}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: F6966130)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: F6966156)
Partition: GPT.
==================== End of Addition.txt =======================

 


  • 0

Advertisements

#2
iMacg3
Posted 13 February 2020 - 06:05 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts

Welcome. :)

Have you used any software by INCA Internet or nProtect in the past?


---------------------------------------------------
Uninstall a Program

  • Press the Windows Key + R.
  • Type appwiz.cpl in the Run box and click OK.
  • The Add/Remove Programs list will open. Locate the following program(s) on the list:

    FastDataX 1.20
    NativeDesktopMediaService

  • Select the above program(s) and click Uninstall.
  • Restart the computer if prompted.

---------------------------------------------------
Farbar Recovery Scan Tool - Fix

  • Highlight the contents of the below code box and press Ctrl + C on your keyboard:
    Start::
CreateRestorePoint:
CloseProcesses:
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
Task: {28579C0B-14E5-468F-80C8-82E4E1282676} - System32\Tasks\3A383C88-8BCA-7296-98FB-30B6871F108D => C:\WINDOWS\SysWOW64\regsvr32.exe /n /s /i:"/00ebcaf75f192cd0 /q" "C:\PROGRA~3\390703~1\{B09F9~1."
C:\PROGRA~3\390703~1
Task: {3C970FD4-9BBF-4430-BC1D-78ABAAE6105B} - System32\Tasks\961FAF58-3C64-733E-48D0-FD27462D2270 => C:\WINDOWS\SysWOW64\regsvr32.exe /n /s /i:"/521635da1b4beb4d /q" "C:\PROGRA~3\059FAE~1\{CDDC8~1."
C:\PROGRA~3\059FAE~1
SearchScopes: HKU\S-1-5-21-762497365-112284850-2186903733-1001 -> DefaultScope {41CA2EB7-263D-4054-99EC-B14456151CE4} URL =
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`20hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\Ishita Mandhyan\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
HKU\S-1-5-21-762497365-112284850-2186903733-1001\Software\Classes\.scr: scrfile =>  <==== ATTENTION
FirewallRules: [{24367A66-5EC1-4D58-BED4-63C7301075D9}] => (Block) %ProgramFiles%\Lumion 8.0\Lumion.exe No File
FirewallRules: [{C4DD5B8A-DC4B-466D-969D-34850C9633F0}] => (Block) %ProgramFiles%\Lumion 8.0\Lumion.exe No File
FirewallRules: [{F61E243A-AF4D-4884-AC8A-4E9D83670C3E}] => (Allow) C:\ProgramData\6217990856533911452\desktop_media_service.exe No File
FirewallRules: [{2474B4BF-4121-426B-9461-DB0F50A5D6E6}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{E7242D29-E352-4E65-847D-E80A772EE110}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{DE1B24CA-1196-4E7C-AD22-5E13E7E2A8DD}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [TCP Query User{7C48476C-9C6F-4BA2-BB34-6ED26436A8FB}C:\users\ishita mandhyan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ishita mandhyan\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [UDP Query User{F50700DA-82DE-4EFA-8867-E41CBAE99AD9}C:\users\ishita mandhyan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ishita mandhyan\appdata\local\akamai\netsession_win.exe No File
VirusTotal: C:\WINDOWS\system32\TKFsAv64.sys
ExportKey: HKLM\SOFTWARE\Policies\Google
EmptyTemp:
End::

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Double-click FRST.exe/FRST64.exe to run it.
  • Press the Fix button just once and wait.
    Note: No need to paste the script into FRST.
  • Restart the computer if prompted.
  • When the fix is complete FRST will generate a log in the same location it was run from (Fixlog.txt)
  • Please copy and paste its contents into your reply.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP