Dear Gary,
Many thanks for the advice and your help. As suggested I have uninstalled all the six applications you have listed above.
I am a little mystified at the behavior of my computer and the conflicts that you have mentioned as none of these are recent installs.
Et Tu Avast !!
Here are the logs of Frst.txt and Addition.txt after the deinstallation process and restart.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-10-2020
Ran by SandeepandJaya (administrator) on SANDEEPANDJAYAS (LENOVO F0DX0004IN) (04-10-2020 11:22:59)
Running from C:\Users\SandeepandJaya\Desktop
Loaded Profiles: SandeepandJaya
Platform: Windows 10 Home Single Language Version 1903 18362.778 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0334258.inf_amd64_aae64f31646a15d8\B334021\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0334258.inf_amd64_aae64f31646a15d8\B334021\atiesrxx.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_05de635879d45aad\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_05de635879d45aad\igfxEM.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7591c5a0df008a8e\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7591c5a0df008a8e\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_caabc087e4b97a65\Intel_PIE_Service.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1073_none_171f6eef2a0feed0\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe
(PRIMAX ELECTRONICS LTD. -> ) C:\Program Files\Lenovo\Lenovo Essential Wireless Keyboard\KBOSD.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [834032 2019-02-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Lenovo Essential Wireless Keyboard OSD] => C:\Program Files\Lenovo\Lenovo Essential Wireless Keyboard\KBOSD.exe [443192 2016-11-30] (PRIMAX ELECTRONICS LTD. -> )
HKLM-x32\...\Run: [Lenovo Silver Silk Wireless Keyboard] => C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe [1742336 2013-08-15] (Lenovo) [File not signed]
HKU\S-1-5-21-1730742525-4092960748-1108651602-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Windows x64\Print Processors\Canon MP495 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA9.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-10-01] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * sdnclean64.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02D0B90D-DF61-4AFD-AFAD-1993E9FC5A9F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {1B4EB1A5-D0A6-413C-ADB1-C1FC04F29F92} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1C00C583-C740-495A-96A5-5BA674A55808} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\65c6f8de-af5b-49af-84e9-19b00098127e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81240 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
Task: {447CF51A-DCFC-424A-B4BE-B4F62EA60023} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {4E6CC967-7AF4-404C-B280-95AED4262F02} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-29] (Google LLC -> Google LLC)
Task: {5CD9566B-88F5-4BC3-AFA8-9BBDD5367B7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6E487463-D6EF-4353-BED9-FCB44059E428} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c0ec4d7d-486f-4cbd-b970-f54fdda2c4bf => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81240 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
Task: {7353D63F-483F-4E98-BD31-ADDAC81653C6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144312 2020-07-27] (Lenovo -> Lenovo Group Ltd.)
Task: {8F1B5F99-952F-40BF-BC3A-1EC3159C8D7D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\72f9306f-cdcc-47e1-8b40-e744367079fc => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81240 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
Task: {972F90C9-6098-43C3-AF93-4F3D63A46AF0} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\SandeepandJaya\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {990ACDA6-FC5D-4766-85F0-87AAC472D8EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1CF10AB-9B1D-474F-988D-0ACF3D3BC7BA} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2018-10-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {A798AA55-1FE6-404D-AD0F-0F937AA90172} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [56136 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
Task: {AA218A78-8D9B-4AB4-9FC2-2C4056FBE649} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {CC352147-ACD7-4428-B148-B888E1304E64} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\230ba016-7c13-4597-bfd2-b3cb5c716a8f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81240 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
Task: {DF15CA29-C312-43F5-BEB9-D51E3EF68F3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-29] (Google LLC -> Google LLC)
Task: {F30D0060-6C81-467E-8F33-30EFCACAC6AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F7BB7A8E-A7C1-4304-A129-A501601209B2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3f225532-e049-4720-9ef7-b17fe07157de}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7490f3e9-20d7-46e7-9077-51830728394b}: [DhcpNameServer] 192.168.1.1
Edge:
======
DownloadDir: C:\Users\SandeepandJaya\Downloads
Edge Notifications: HKU\S-1-5-21-1730742525-4092960748-1108651602-1001 -> hxxps://my.shaadi.com
Edge Profile: C:\Users\SandeepandJaya\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-02]
FireFox:
========
FF DefaultProfile: 3o9gu5wu.default
FF ProfilePath: C:\Users\SandeepandJaya\AppData\Roaming\Mozilla\Firefox\Profiles\3o9gu5wu.default [2020-03-07]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\SandeepandJaya\AppData\Roaming\Mozilla\Firefox\Profiles\3o9gu5wu.default\Extensions\
[email protected] [2019-05-22]
FF Extension: (Avast Online Security) - C:\Users\SandeepandJaya\AppData\Roaming\Mozilla\Firefox\Profiles\3o9gu5wu.default\Extensions\
[email protected] [2019-05-22]
FF ProfilePath: C:\Users\SandeepandJaya\AppData\Roaming\Mozilla\Firefox\Profiles\08allo6n.default-release-1597514136066 [2020-10-04]
FF Homepage: Mozilla\Firefox\Profiles\08allo6n.default-release-1597514136066 -> www.economictimes.com
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\FFExt\light_plugin_firefox\addon.xpi [2019-11-30]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\SandeepandJaya\AppData\Local\Google\Chrome\User Data\Default [2020-10-04]
CHR StartupUrls: Default -> "hxxps://economictimes.indiatimes.com/"
CHR Extension: (Slides) - C:\Users\SandeepandJaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-29]
CHR Extension: (Flash Video Downloader) - C:\Users\SandeepandJaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2020-07-29]
CHR Extension: (Flash Video Downloader Plus) - C:\Users\SandeepandJaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\alfnggielnhdpdamedeokgppcilgainm [2020-07-29]
CHR Extension: (Docs) - C:\Users\SandeepandJaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-29]
CHR Extension: (Google Drive) - C:\Users\SandeepandJaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-07-29]
CHR Extension: (YouTube) - C:\Users\SandeepandJaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-29]
CHR Extension: (Sheets) - C:\Users\SandeepandJaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-29]
CHR Extension: (Google Docs Offline) - C:\Users\SandeepandJaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-18]
CHR Extension: (Avast Online Security) - C:\Users\SandeepandJaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-07-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\SandeepandJaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-07-29]
CHR Extension: (Gmail) - C:\Users\SandeepandJaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-07-29]
CHR Extension: (Chrome Media Router) - C:\Users\SandeepandJaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-06]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S3 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [602768 2019-02-19] (Dolby Laboratories, Inc. -> )
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2410672 2017-11-21] (Intel® Rapid Storage Technology -> Intel Corporation)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81240 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
S4 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1270536 2019-02-26] (McAfee, Inc. -> McAfee, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-30] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [76624 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [129152 2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [251512 2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [516216 2019-09-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1123664 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys [199744 2019-12-01] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [998016 2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45904 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [251256 2019-11-30] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-11-30] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [306248 2019-11-30] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [119744 2019-11-30] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [204520 2019-11-30] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [210280 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2020-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428256 2020-10-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-10-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-04 11:22 - 2020-10-04 11:28 - 000021655 _____ C:\Users\SandeepandJaya\Desktop\FRST.txt
2020-10-04 11:22 - 2020-10-04 11:22 - 000000000 ____D C:\Users\SandeepandJaya\Desktop\FRST-OlderVersion
2020-10-04 10:34 - 2020-10-04 10:35 - 000257904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-10-04 10:17 - 2020-10-04 10:17 - 000000085 _____ C:\WINDOWS\wininit.ini
2020-10-02 23:38 - 2020-10-02 23:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-10-02 23:38 - 2020-09-10 18:14 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-10-02 23:38 - 2020-09-10 18:14 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-10-02 18:39 - 2020-10-02 18:40 - 000000000 ____D C:\Users\SandeepandJaya\AppData\LocalLow\BitTorrent
2020-10-02 11:12 - 2020-10-04 11:25 - 000000000 ____D C:\FRST
2020-10-02 11:05 - 2020-10-04 11:22 - 002299392 _____ (Farbar) C:\Users\SandeepandJaya\Desktop\FRST64.exe
2020-10-02 10:56 - 2020-10-02 10:56 - 000000000 ____D C:\ProgramData\WindowsPerformanceRecorder
2020-10-01 19:09 - 2020-10-01 19:20 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-09-20 16:37 - 2020-09-20 16:40 - 016374869 _____ C:\Users\SandeepandJaya\Downloads\5476309_hq.mp4.mp4
2020-09-20 16:30 - 2020-09-20 16:43 - 141000385 _____ C:\Users\SandeepandJaya\Downloads\3341385.mp4.mp4
2020-09-20 16:22 - 2020-09-20 16:31 - 081857725 _____ C:\Users\SandeepandJaya\Downloads\2085011.mp4.mp4
2020-09-20 16:21 - 2020-09-20 16:28 - 078539780 _____ C:\Users\SandeepandJaya\Downloads\1072439.mp4.mp4
2020-09-20 16:17 - 2020-09-20 16:30 - 114888563 _____ C:\Users\SandeepandJaya\Downloads\473795.mp4.mp4
2020-09-20 16:13 - 2020-09-20 16:19 - 054352934 _____ C:\Users\SandeepandJaya\Downloads\7709035_hq.mp4.mp4
2020-09-20 16:02 - 2020-09-20 16:19 - 185218397 _____ C:\Users\SandeepandJaya\Downloads\3233347.mp4.mp4
2020-09-20 15:56 - 2020-09-20 16:01 - 114041702 _____ C:\Users\SandeepandJaya\Downloads\5633761_hq.mp4.mp4
2020-09-20 15:54 - 2020-09-20 16:00 - 044103555 _____ C:\Users\SandeepandJaya\Downloads\244690_hq.mp4.mp4
2020-09-18 23:06 - 2020-09-18 23:25 - 098220124 _____ C:\Users\SandeepandJaya\Downloads\6338794_hq.mp4.mp4
2020-09-18 22:59 - 2020-09-18 23:13 - 036138470 _____ C:\Users\SandeepandJaya\Downloads\1211447_hq.mp4.mp4
2020-09-18 22:56 - 2020-09-18 23:01 - 062984736 _____ C:\Users\SandeepandJaya\Downloads\27797.mp4.mp4
2020-09-18 22:54 - 2020-09-18 22:58 - 139723468 _____ C:\Users\SandeepandJaya\Downloads\200363.mp4.mp4
2020-09-18 22:52 - 2020-09-18 22:56 - 139723468 _____ C:\Users\SandeepandJaya\Downloads\1283217_hq.mp4.mp4
2020-09-18 22:50 - 2020-09-18 22:55 - 137487433 _____ C:\Users\SandeepandJaya\Downloads\1611427_hq.mp4.mp4
2020-09-18 22:48 - 2020-09-18 23:09 - 324980013 _____ C:\Users\SandeepandJaya\Downloads\280457.mp4.mp4
2020-09-17 22:58 - 2020-09-17 23:15 - 414812326 _____ C:\Users\SandeepandJaya\Downloads\1957199.mp4.mp4
2020-09-17 22:46 - 2020-09-17 22:54 - 017749815 _____ C:\Users\SandeepandJaya\Downloads\109851_hq.mp4.mp4
2020-09-10 19:39 - 2020-09-10 19:49 - 036453275 _____ C:\Users\SandeepandJaya\Downloads\1603525_hq.mp4 (1).mp4
2020-09-10 19:36 - 2020-09-10 19:46 - 036453275 _____ C:\Users\SandeepandJaya\Downloads\1603525_hq.mp4.mp4
2020-09-10 18:49 - 2020-09-10 18:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-10 18:21 - 2020-09-10 18:21 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-09-10 18:21 - 2020-09-10 18:21 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-09-09 22:10 - 2020-10-01 18:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-04 11:29 - 2019-03-19 10:22 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-04 11:24 - 2019-11-30 23:15 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-10-04 11:06 - 2019-03-19 10:07 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-10-04 10:35 - 2019-05-22 09:56 - 000000000 __SHD C:\Users\SandeepandJaya\IntelGraphicsProfiles
2020-10-04 10:34 - 2020-03-25 16:44 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2020-10-04 10:34 - 2019-09-29 22:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-10-04 10:34 - 2019-05-22 15:06 - 000000000 ____D C:\Users\SandeepandJaya\AppData\Local\AVAST Software
2020-10-04 10:34 - 2019-05-22 15:03 - 000000000 ____D C:\ProgramData\AVAST Software
2020-10-04 10:34 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\Registration
2020-10-04 10:34 - 2018-07-29 00:21 - 000000000 ___HD C:\Intel
2020-10-04 10:33 - 2019-03-19 10:07 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-10-04 10:30 - 2018-04-18 00:32 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-10-04 10:17 - 2020-03-25 16:44 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2020-10-04 10:06 - 2019-09-29 21:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-10-04 09:53 - 2020-07-13 18:19 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-04 09:53 - 2020-07-13 18:19 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-10-04 09:53 - 2020-07-13 18:19 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-10-03 00:00 - 2019-05-21 19:14 - 000000000 ____D C:\Users\SandeepandJaya\AppData\Roaming\vlc
2020-10-02 23:46 - 2019-03-19 10:22 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-02 23:46 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-10-02 10:18 - 2019-05-25 20:06 - 000000000 ____D C:\System Utilities and Cleaners
2020-10-01 19:23 - 2020-07-29 16:19 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-10-01 19:23 - 2020-07-29 16:19 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-10-01 19:23 - 2020-07-29 16:19 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-10-01 19:17 - 2020-03-07 10:31 - 000000000 ____D C:\Users\SandeepandJaya\AppData\LocalLow\Mozilla
2020-10-01 19:16 - 2019-05-21 19:13 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-17 22:23 - 2020-03-07 10:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-10 18:49 - 2020-03-07 10:31 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-10 18:11 - 2020-04-22 23:00 - 000517080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys.160156053964002
2020-09-09 21:55 - 2019-05-21 22:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-09 21:51 - 2019-05-21 22:21 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-09-06 14:57 - 2019-03-19 10:22 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-06 10:26 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\LiveKernelReports
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-10-2020
Ran by SandeepandJaya (04-10-2020 11:42:46)
Running from C:\Users\SandeepandJaya\Desktop
Windows 10 Home Single Language Version 1903 18362.778 (X64) (2019-09-29 16:40:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1730742525-4092960748-1108651602-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1730742525-4092960748-1108651602-503 - Limited - Disabled)
Guest (S-1-5-21-1730742525-4092960748-1108651602-501 - Limited - Disabled)
SandeepandJaya (S-1-5-21-1730742525-4092960748-1108651602-1001 - Administrator - Enabled) => C:\Users\SandeepandJaya
WDAGUtilityAccount (S-1-5-21-1730742525-4092960748-1108651602-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2018.1004.2349.42886 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.12 - Advanced Micro Devices, Inc.)
Branding64 (HKLM\...\{0568DB97-57DB-4D8F-8849-26B6940CEE6E}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version: - Canon Inc.)
EaseUS Tools M Beta 0.6.8 (HKLM-x32\...\D72C2F7D-B75E-4641-AFBE-199B95066617_is1) (Version: - EaseUS)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bd366c5e-00cd-46ed-b647-0b9874f32140}) (Version: 10.1.17809.8096 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1824.12.0.1140 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7927 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.7.0.1006 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.213.1 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{3b132227-4567-48a1-9f85-0d0dad4346ee}) (Version: 1.49.213.1 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000090-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.90.0 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{AA90D357-23D3-44C1-954D-7105B0C08F38}) (Version: 17.7.0.1006 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{074dda6c-5a4a-455e-8a99-09de068e0771}) (Version: 21.40.1 - Intel Corporation)
Kaspersky Security Cloud (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
Lenovo App Explorer (HKU\S-1-5-21-1730742525-4092960748-1108651602-1001\...\Host App Service) (Version: 0.273.3.880 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo Essential Wireless Keyboard (HKLM\...\Lenovo Essential Wireless Keyboard) (Version: 1.0 - Lenovo)
Lenovo Silver Silk Wireless Keyboard (HKLM-x32\...\{B88AD4F5-58A6-425D-9282-92228FEB7067}) (Version: 1.05 - Lenovo) Hidden
Lenovo Silver Silk Wireless Keyboard (HKLM-x32\...\InstallShield_{B88AD4F5-58A6-425D-9282-92228FEB7067}) (Version: 1.05 - Lenovo)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 80.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 80.0.1 (x64 en-US)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 73.0.1 - Mozilla)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
OpenBoard (1.5.4.240) (HKLM-x32\...\{8CCA6AC7-BBF9-4DD2-8E70-A907E0FCA38F}}_is1) (Version: 1.5.4.240 - Open Education Foundation)
PX Profile Update (HKLM-x32\...\{306C9EAF-031A-282C-D41A-B2A3A7CA8375}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{B4870B51-34EF-200D-DEB7-2234CDE7FB7D}) (Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.31239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8633 - Realtek Semiconductor Corp.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1730742525-4092960748-1108651602-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20201.255.0_x64__rz1tebttyb220 [2019-05-29] (Dolby Laboratories)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-07-11] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa [2020-10-02] (Apple Inc.) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2009.18.0_x64__k1h2ywk1493x8 [2020-10-02] (LENOVO INC.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-05-21] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.13231.20262.0_x86__8wekyb3d8bbwe [2020-10-02] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.13231.20262.0_x86__8wekyb3d8bbwe [2020-10-02] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.13231.20262.0_x86__8wekyb3d8bbwe [2020-10-02] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13231.20262.0_x86__8wekyb3d8bbwe [2020-10-02] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.13231.20262.0_x86__8wekyb3d8bbwe [2020-10-02] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.13231.20262.0_x86__8wekyb3d8bbwe [2020-10-02] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-21] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.13231.20262.0_x86__8wekyb3d8bbwe [2020-10-02] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-05] (Microsoft Corporation)
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.11322.0_x86__m916jedk64snt [2020-08-17] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.2.2520.0_x86__m916jedk64snt [2020-08-17] (CYBERLINKCOM CORPORATION)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.169.0_x64__dt26b99r8h8gj [2019-05-29] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => c:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-08-07] (Intel® Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => c:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-08-07] (Intel® Rapid Storage Technology -> )
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-10-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2011-11-04 00:18 - 2011-11-04 00:18 - 000056320 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skfunc.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-06-28 14:16 - 2018-06-28 14:16 - 002552832 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-05-22 19:57 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2011-10-22 02:11 - 2011-10-22 02:11 - 000061952 _____ (LITE-ON Corp.) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skhooks.dll
2011-11-18 22:37 - 2011-11-18 22:37 - 000054272 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\SKHidKbd.dll
2020-09-14 17:25 - 2020-05-30 19:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\SQLite.Interop.dll
2020-06-22 20:24 - 2020-04-09 09:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000345600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000502272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 001412608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-10-04 23:47 - 2018-10-04 23:47 - 005812224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 006321152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 003559424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 003700224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000359936 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 076160000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 005603840 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000187904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 002822144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000053248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000059904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000328192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-06-28 14:16 - 2018-06-28 14:16 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-1730742525-4092960748-1108651602-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1730742525-4092960748-1108651602-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1730742525-4092960748-1108651602-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 05:08 - 2018-04-12 05:06 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\iCLS\;C:\Program Files\Intel\Intel® Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-1730742525-4092960748-1108651602-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\SandeepandJaya\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-1730742525-4092960748-1108651602-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1730742525-4092960748-1108651602-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F31F050B-4F70-4AA1-BC28-4E7E77915EB0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{07450836-FB5B-4408-B439-C5E01A107B12}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B3CA2972-72E2-4725-86D8-D26354473E5E}C:\users\sandeepandjaya\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\sandeepandjaya\appdata\roaming\bittorrent\bittorrent.exe => No File
FirewallRules: [UDP Query User{53D6A307-AC23-41C2-BF6D-41C3CACD824E}C:\users\sandeepandjaya\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\sandeepandjaya\appdata\roaming\bittorrent\bittorrent.exe => No File
FirewallRules: [TCP Query User{007C1779-2F44-4D93-B059-01FF9597E86B}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{7435531A-F7F5-487A-A36B-08196259219C}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{88076008-40D2-4DC9-98E3-C8DC373D6E56}] => (Allow) C:\Users\SandeepandJaya\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{2B25B812-15F5-498A-BDB9-823394DBC7C3}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{729D43C9-AE57-445F-AA3E-0598231A0CBF}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6A23B06B-096B-45BB-94F4-F2EA998D20B9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E18059C7-C878-4FEC-9412-11973E819A08}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13231.20262.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1B7E90EE-FD75-4B11-997A-F70E5487CF1A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8B0260BA-B02E-4EBB-9375-0409A3CD79A3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F2449EEC-4946-4D13-A416-BA7FD30D1C52}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{351B64B1-1135-4B21-9766-528E323205DA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D5830A98-4B88-425E-A23A-2082CB1AD2F6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C1465928-08D5-42A0-B2B8-4BCAB011E6C5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{44B2A2BA-DF70-4976-A1BB-93F07124598F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{530F244E-DCA8-45B0-8DC1-C0436D1F2501}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EE30DADE-9FF2-4091-B3FE-8FDCF34F1EC7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6A4346BB-99C8-4C4A-8D84-5FB79EB48BD4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A002C373-FDE5-49BE-A90E-5DCD7859CA1C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E4EBB484-4585-433C-8DDB-18CFA6B918E4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
10-09-2020 18:20:24 Windows Update
14-09-2020 17:34:09 Windows Update
17-09-2020 21:19:27 Windows Update
01-10-2020 18:46:40 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/04/2020 11:00:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program RemindersServer.exe version 10.0.18362.752 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 168c
Start Time: 01d69a0cb048c944
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
Report Id: 4f1b1ec4-d88a-4dd9-952c-9bb438014c8b
Faulting package full name: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Hang type: Quiesce
Error: (10/04/2020 10:57:54 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7744,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (10/04/2020 10:47:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5880,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (10/04/2020 10:32:42 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (10/04/2020 10:32:42 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (10/04/2020 10:32:41 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (10/04/2020 10:32:41 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (10/04/2020 10:25:08 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8544,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (10/04/2020 11:19:29 AM) (Source: DCOM) (EventID: 10010) (User: SANDEEPANDJAYAS)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (10/04/2020 11:05:45 AM) (Source: DCOM) (EventID: 10010) (User: SANDEEPANDJAYAS)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (10/04/2020 10:42:29 AM) (Source: DCOM) (EventID: 10010) (User: SANDEEPANDJAYAS)
Description: The server {20532D01-15BE-4BB9-A727-CA34555D881C} did not register with DCOM within the required timeout.
Error: (10/04/2020 10:40:34 AM) (Source: DCOM) (EventID: 10010) (User: SANDEEPANDJAYAS)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (10/04/2020 10:36:37 AM) (Source: DCOM) (EventID: 10010) (User: SANDEEPANDJAYAS)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (10/04/2020 10:15:13 AM) (Source: DCOM) (EventID: 10010) (User: SANDEEPANDJAYAS)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (10/04/2020 10:09:37 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0831: 2020-09 Cumulative Update for Windows 10 Version 1903 for x64-based Systems (KB4574727).
Error: (10/04/2020 09:38:59 AM) (Source: DCOM) (EventID: 10010) (User: SANDEEPANDJAYAS)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2020-04-18 23:23:08.982
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3D0576CD-B53C-4F02-8DE3-A4C16EDFED82}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-07 14:04:56.913
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {0F12D7E1-93F7-4268-8D85-601EA63ACC41}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-07 13:06:07.348
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A0C16B21-BC53-40DE-BD3F-53A40A8E6C5C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-07 12:47:00.511
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8FC2A646-04D6-434A-8474-5DB62DC88ECB}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-05-01 23:40:48.315
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.313.2014.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16900.4
Error code: 0x80240017
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2019-10-03 20:38:53.738
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.624.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===================================
Date: 2020-10-04 10:37:24.520
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-10-04 10:37:08.667
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-10-04 10:37:08.621
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-10-04 10:31:41.788
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-10-04 10:31:39.745
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-10-04 10:31:37.719
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-10-04 10:31:35.688
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-10-04 10:31:33.668
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO O3WKT11A 04/02/2018
Motherboard: LENOVO 36F1
Processor: Intel® Core i7-8550U CPU @ 1.80GHz
Percentage of memory in use: 29%
Total physical RAM: 16290.75 MB
Available physical RAM: 11553.59 MB
Total Virtual: 32674.75 MB
Available Virtual: 27696.68 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:931.43 GB) (Free:458.83 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:488.28 GB) (Free:293.29 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:442.05 GB) (Free:385 GB) NTFS
\\?\Volume{88ef6362-d5ea-4e83-9f21-85b7754c55c7}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.47 GB) NTFS
\\?\Volume{4fb5cc92-2f0e-4d9b-add9-fdcc114eed1d}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 8D027F42)
Partition: GPT.
==================== End of Addition.txt =======================