Well, on a retry it DID run but I think it failed to update. Here are the logs.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-08-2020
Ran by User (administrator) on TENNER (LENOVO 90F10030US) (08-08-2020 18:33:36)
Running from C:\Users\User\Desktop\RunPeriodic\Aug2020
Loaded Profiles: User
Platform: Windows 10 Home Version 2004 19041.423 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe
(CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\igfxTray.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.3-0\NisSrv.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Skd8821] => C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe [2203648 2015-07-23] (LITE-ON TECHNOLOGY CORP.) [File not signed]
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe [53832 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-10] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink -> CyberLink Corp.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2104912744-3228988123-3252583671-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [224768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Find Fast.lnk [2019-06-05]
ShortcutTarget: Microsoft Find Fast.lnk -> C:\Program Files (x86)\Microsoft Office\Office\FINDFAST.EXE () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Office Startup.lnk [2019-06-05]
ShortcutTarget: Office Startup.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA.EXE () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C89F44B-A046-432B-BA15-E1995E1597FF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.3-0\MpCmdRun.exe [525048 2020-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1A830ABB-8BEC-477F-9B30-660F7B44D338} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2016-04-05] (LENOVO -> Lenovo)
Task: {201E3F23-D220-4550-8CD6-964D5CB9A402} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.3-0\MpCmdRun.exe [525048 2020-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {22272786-F23D-4CD3-8FE8-CDA993F598A3} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [829344 2015-07-12] (LENOVO -> )
Task: {4158E084-39AC-4511-9C54-593CA9FE18E6} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-05-20] (CyberLink Corp. -> CyberLink Corp.)
Task: {493CDD79-3D79-429E-AA6C-49AB413FE5B1} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [270272 2015-07-02] (LENOVO -> Lenovo)
Task: {4F1C2EC2-56C9-48FD-A3E6-C55F31D2EE9B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-27] (Google Inc -> Google LLC)
Task: {536C644C-6294-4DAF-B0DA-7439BBF984FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.3-0\MpCmdRun.exe [525048 2020-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {67364809-12A8-4F6C-A223-C525E098DF9A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {6C06197D-D498-4FDB-B53B-AD179967BF80} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-27] (Google Inc -> Google LLC)
Task: {704F81A8-4F75-4776-BEF4-1455D5A0AD46} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {724157D1-A2C7-4B1F-895F-EF60B22FA68C} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [679880 2016-03-29] (LENOVO -> Lenovo)
Task: {73B8A937-60DD-4C40-A0D4-3F6F0454C132} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {826E2F54-091A-4FE7-BCDF-E19D69006C17} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [679880 2016-03-29] (LENOVO -> Lenovo)
Task: {9E2C7621-6352-4E69-8E0F-98852F0600FE} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2104912744-3228988123-3252583671-500 => C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {B28F2501-0BE0-440D-89D7-6DD8CD0785C2} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {B65795FC-62D8-40C3-97FA-FD190BC50599} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16412952 2015-09-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {BA40666C-7619-4E99-BA92-C8EE99DC959E} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9465280 2015-07-02] (LENOVO -> )
Task: {C6AC344F-EB50-471D-A17B-F2347406A4E2} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9465280 2015-07-02] (LENOVO -> )
Task: {C6DF2F67-1A5F-4603-8BAE-4B5CE361A040} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [808352 2015-07-12] (LENOVO -> )
Task: {CA9A706C-789B-46FD-8324-DBBE52480A1A} - System32\Tasks\Lenovo\QuickOptimizer => C:\Program Files\lenovo\QuickOptimizer\QuickOptimizerIcon.exe [1149344 2015-07-10] (LENOVO -> Lenovo)
Task: {D8CB4ED9-6A2B-47E7-8213-C7317C633A72} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.3-0\MpCmdRun.exe [525048 2020-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EB96D008-0C5C-4BB2-9E79-7650F3026612} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => sc control iMControllerService 128
Task: {ECF340E6-1E13-42BD-8BC7-6C0BF41F2F82} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1320384 2015-07-02] (LENOVO -> Lenovo)
Task: {EFAC2C42-88CC-4D23-B629-8CCF47962122} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1413384 2015-09-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6a4db590-1fdc-4a19-bf4c-f2f400fc5ecb}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c018ebfc-2a80-4759-b3bc-b4088ed499e3}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2104912744-3228988123-3252583671-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:NewsFeed
HKU\S-1-5-21-2104912744-3228988123-3252583671-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-2104912744-3228988123-3252583671-1001 -> DefaultScope {080799D7-8D2B-4E88-AD36-1406A31CF5BC} URL =
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\84.0.522.52\BHO\ie_to_edge_bho_64.dll [2020-08-01] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-08]
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5ya1q7i6.default [2019-12-13]
FF Homepage: Mozilla\Firefox\Profiles\5ya1q7i6.default -> hxxp://www.cloudynights.com/index/
FF ProfilePath: C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\hwaehdq0.default [2020-08-08]
FF Homepage: Moonchild Productions\Pale Moon\Profiles\hwaehdq0.default -> about:home
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-05-10] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2020
Ran by User (08-08-2020 18:37:39)
Running from C:\Users\User\Desktop\RunPeriodic\Aug2020
Windows 10 Home Version 2004 19041.423 (X64) (2020-06-29 23:02:48)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2104912744-3228988123-3252583671-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2104912744-3228988123-3252583671-503 - Limited - Disabled)
Guest (S-1-5-21-2104912744-3228988123-3252583671-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2104912744-3228988123-3252583671-1005 - Limited - Enabled)
User (S-1-5-21-2104912744-3228988123-3252583671-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2104912744-3228988123-3252583671-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader X (10.1.7) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.)
AOMEI Partition Assistant Standard Edition 8.6 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.12 - Arduino LLC)
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
Driver and Application Installation (HKLM-x32\...\{6EC299C6-074C-4529-8D5F-2798584BB27B}) (Version: 2.02.0716 - Lenovo)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
Google Earth Pro (HKLM\...\{B6EAFE41-5723-40EB-869B-4AF44CA17B35}) (Version: 7.3.3.7699 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4963 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Jupiter 2.0.7.1 (HKLM-x32\...\{22C070B6-BEC2-4B4B-8324-08DE6F168B9C}_is1) (Version: - Sylvain Rondi)
Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: 2.2.0.0701 - Lenovo)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.006.00 - Lenovo)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.4212 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.4212 - CyberLink Corp.)
Lenovo Slim USB Keyboard (HKLM\...\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}) (Version: 1.17 - Lenovo)
Lenovo Solution Center (HKLM\...\{A5591EC4-8AD6-48EE-9F8D-FACFA8BA4E35}) (Version: 3.0.002.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.023.00 - Lenovo)
Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.52 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - )
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office 97, Professional Edition (HKLM-x32\...\Office8.0) (Version: - )
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2104912744-3228988123-3252583671-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.47.2 - Microsoft Corporation)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Pale Moon 28.10.0 (x64 en-US) (HKLM\...\Pale Moon 28.10.0 (x64 en-US)) (Version: 28.10.0 - Moonchild Productions)
PuTTY release 0.73 (HKLM-x32\...\{9A5E8BB6-AECA-42FB-8E76-DC8EA546AF2A}) (Version: 0.73.0.0 - Simon Tatham)
Python 3.7.5 (64-bit) (HKU\S-1-5-21-2104912744-3228988123-3252583671-1001\...\{5e6d7bfa-46e9-4496-9ccd-e15816be8f0a}) (Version: 3.7.5150.0 - Python Software Foundation)
Python 3.7.5 Core Interpreter (64-bit) (HKLM\...\{6DC6BC71-F1FB-412D-A16A-2FE8C463E89F}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Development Libraries (64-bit) (HKLM\...\{5A54B213-36D8-40CB-9E55-D20864AEF3C8}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Executables (64-bit) (HKLM\...\{8864B390-4DFB-43AB-934B-F02C48577666}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 pip Bootstrap (64-bit) (HKLM\...\{2E590D5A-4E40-4C9C-AFF8-7CB80F085752}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Standard Library (64-bit) (HKLM\...\{45CB356A-C0DF-430E-B75F-7764DBA06DF9}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Utility Scripts (64-bit) (HKLM\...\{EFF40415-0D5B-4CBA-9080-3EE2DADB527C}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.128 - Qualcomm Atheros)
Qualcomm Atheros QCA9377 Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.0.043 - Qualcomm Atheros)
REACHit (HKLM-x32\...\{148684F7-4513-4642-8E7E-DE0EE39298FD}) (Version: 3.0.004.9 - Lenovo)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7586 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
SDRSharp (HKLM-x32\...\SDRSharp) (Version: 1.0.0.1732 - SDR Chile)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Stellarium 0.19.1.1 (HKLM\...\Stellarium_is1) (Version: 0.19.1.1 - Stellarium team)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Windows Driver Package - Digi International CDM Driver Package (10/28/2013 2.08.30.10) (HKLM\...\E34048117A7ADA54A13B2741325E53D9189993CC) (Version: 10/28/2013 2.08.30.10 - Digi International)
Windows Driver Package - Digi International CDM Driver Package (10/28/2013 2.08.30.10) (HKLM\...\FC9CE758D32BD6E481A68C06696B4CF706B1D7E3) (Version: 10/28/2013 2.08.30.10 - Digi International)
Windows Driver Package - Genesys Logic (GeneStor) USB (07/13/2015 4.5.0.6) (HKLM\...\AE2E6FAB44844413B4C6F53C908EACC8AFC838F0) (Version: 07/13/2015 4.5.0.6 - Genesys Logic)
Windows Driver Package - Intel Corporation (igfx) Display (07/17/2015 10.18.15.4256) (HKLM\...\00B7AF24A3F134555C104D6FD6BA2E998DF37957) (Version: 07/17/2015 10.18.15.4256 - Intel Corporation)
Windows Driver Package - Qualcomm Atheros Communications Inc. (Qcamain10x64) Net (06/24/2015 12.0.0.102) (HKLM\...\766702C88D2140850CDD709023BD1C70A8D0FFEB) (Version: 06/24/2015 12.0.0.102 - Qualcomm Atheros Communications Inc.)
Windows Driver Package - Realtek (rt640x64) Net (05/05/2015 10.001.0505.2015) (HKLM\...\6A304520C2F25CD034E477A379C47308AA84A2DC) (Version: 05/05/2015 10.001.0505.2015 - Realtek)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
XCTU (HKLM-x32\...\XCTU 6.5.0.3) (Version: 6.5.0.3 - Digi International Inc.)
Packages:
=========
Arduino IDE -> C:\Program Files\WindowsApps\ArduinoLLC.ArduinoIDE_1.8.21.0_x86__mdqgnx93n4wtt [2020-01-14] (Arduino LLC)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)
Lenovo Account Portal -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2020-01-14] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.27.32.0_x86__k1h2ywk1493x8 [2020-01-14] (LENOVO INC.)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2020-06-29] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2019-12-07] (Skype)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2104912744-3228988123-3252583671-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2104912744-3228988123-3252583671-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2104912744-3228988123-3252583671-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-12] (LENOVO -> Lenovo)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-12] (LENOVO -> Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-06-29 17:18 - 2020-06-29 17:18 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 07:04 - 2015-07-10 07:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-06-03 20:53 - 2020-06-16 22:09 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\PuTTY\;C:\Program Files (x86)\AOMEI Backupper
HKU\S-1-5-21-2104912744-3228988123-3252583671-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: 0150531459261545mcinstcleanup => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: DcpSvc => 3
MSCONFIG\Services: DiagTrack => 2
MSCONFIG\Services: HomeNetSvc => 2
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LenovoPortalService => 2
MSCONFIG\Services: lfsvc => 3
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: mcpltsvc => 2
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: RetailDemo => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SharedAccess => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: UpdateAgentService => 2
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
HKLM\...\StartupApproved\StartupFolder: => "Microsoft Find Fast.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Microsoft Office Shortcut Bar.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Office Startup.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "UMonit"
HKLM\...\StartupApproved\Run: => "Skd8821"
HKLM\...\StartupApproved\Run: => "Reflect UI"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "UpdateP2GoShortCut"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{7E5D63DB-8B25-48BF-9332-099F9223C5AB}C:\sdrsharp_2\sdrsharp-x86 (1)\spyserver.exe] => (Block) C:\sdrsharp_2\sdrsharp-x86 (1)\spyserver.exe () [File not signed]
FirewallRules: [TCP Query User{987C89CF-AF60-4CE0-8496-6AAB172E5063}C:\sdrsharp_2\sdrsharp-x86 (1)\spyserver.exe] => (Block) C:\sdrsharp_2\sdrsharp-x86 (1)\spyserver.exe () [File not signed]
FirewallRules: [UDP Query User{13986513-6F15-4178-96E8-983DFD5A1E9B}C:\sdr_airspy_2020\spyserver.exe] => (Block) C:\sdr_airspy_2020\spyserver.exe () [File not signed]
FirewallRules: [TCP Query User{A7EB5B18-A12C-48FD-9C92-373246412FB9}C:\sdr_airspy_2020\spyserver.exe] => (Block) C:\sdr_airspy_2020\spyserver.exe () [File not signed]
FirewallRules: [UDP Query User{48A3FACD-C970-4021-A2FD-414E87A2DF9B}C:\sdrsharp\sdrsharp.exe] => (Allow) C:\sdrsharp\sdrsharp.exe () [File not signed]
FirewallRules: [TCP Query User{57C1F111-A746-4D5F-BE71-E4AB04151A90}C:\sdrsharp\sdrsharp.exe] => (Allow) C:\sdrsharp\sdrsharp.exe () [File not signed]
FirewallRules: [UDP Query User{90ADAA7C-E55C-4395-B88F-7F3ABFEA938B}C:\sdrsharp\sdrsharp.exe] => (Block) C:\sdrsharp\sdrsharp.exe () [File not signed]
FirewallRules: [TCP Query User{C02D26C1-1099-48A2-AFCC-46280DF3ACD9}C:\sdrsharp\sdrsharp.exe] => (Block) C:\sdrsharp\sdrsharp.exe () [File not signed]
FirewallRules: [UDP Query User{684A83AE-41C2-4C44-8B36-80A2FDC6BEA5}C:\sdr -- funcube\sdrsharp-x86\spyserver.exe] => (Allow) C:\sdr -- funcube\sdrsharp-x86\spyserver.exe => No File
FirewallRules: [TCP Query User{1DD51420-53B4-4066-8DC5-DCD33728BAF6}C:\sdr -- funcube\sdrsharp-x86\spyserver.exe] => (Allow) C:\sdr -- funcube\sdrsharp-x86\spyserver.exe => No File
FirewallRules: [{4850381D-0037-4BD9-9DE7-9D8610AD6DF9}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
FirewallRules: [{F8853534-C6E4-4C3C-A1E5-13F1CFDD2C7C}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
FirewallRules: [UDP Query User{99E1308D-C462-48EC-A878-BD07A3B691AC}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{11996DB7-FB47-4BC9-BD0D-8F414144ACBA}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{BB266423-DF46-479A-9483-4196D4CD86CA}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{A9ECE37E-BEA9-49E7-9C6D-0433644B2196}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{E6AEB7EB-1054-4622-8DBD-9588F55F4860}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
FirewallRules: [{2EC1FDE5-D7F3-4538-9E82-59123DE6F2D1}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
FirewallRules: [UDP Query User{565D86F2-8B04-4F6F-80E7-20108DC36941}C:\program files\windowsapps\arduinollc.arduinoide_1.8.21.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Allow) C:\program files\windowsapps\arduinollc.arduinoide_1.8.21.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe
FirewallRules: [TCP Query User{70592899-B9DF-4E96-8BEB-2AD37D576B1E}C:\program files\windowsapps\arduinollc.arduinoide_1.8.21.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Allow) C:\program files\windowsapps\arduinollc.arduinoide_1.8.21.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe
FirewallRules: [{DEF24352-B8B0-480B-BC83-2FA48F21C4C7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{E6557E32-5811-4556-BD11-361B8B8C377E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{1461862E-BA5C-4053-BD66-A7720F5B67A9}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoPortal\Lenovo.Portal.exe (LENOVO -> )
FirewallRules: [TCP Query User{D9DC8E53-A35A-43E3-ACFF-B755738B8F5F}C:\users\user\desktop\winvnc4.exe] => (Block) C:\users\user\desktop\winvnc4.exe (RealVNC Ltd -> RealVNC Ltd.)
FirewallRules: [UDP Query User{FAB7E22E-C30C-4FEC-9768-AFA6D07E30EC}C:\users\user\desktop\winvnc4.exe] => (Block) C:\users\user\desktop\winvnc4.exe (RealVNC Ltd -> RealVNC Ltd.)
FirewallRules: [{1C843EFF-3594-42BB-8836-DF18A22E0024}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe (Mark Straver -> Moonchild Productions)
FirewallRules: [{CCFB9B08-8457-418E-BB2E-78C637F7D561}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe (Mark Straver -> Moonchild Productions)
==================== Restore Points =========================
07-08-2020 18:46:48 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/08/2020 06:40:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
Error: (08/08/2020 06:40:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
Error: (08/08/2020 06:40:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
Error: (08/08/2020 06:40:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
Error: (08/08/2020 06:40:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
Error: (08/08/2020 06:40:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
Error: (08/08/2020 06:35:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
Error: (08/08/2020 06:35:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
System errors:
=============
Error: (08/08/2020 03:24:46 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (08/07/2020 09:00:15 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.1.10 with the system
having network hardware address 0E-2F-B0-28-D7-F8. Network operations on this system may
be disrupted as a result.
Error: (08/07/2020 09:00:06 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (0c:2f:b0:28:d7:f7) failed.
Error: (08/07/2020 08:46:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (08/07/2020 08:46:27 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys
Error: (08/07/2020 08:46:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (08/07/2020 08:46:27 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys
Error: (08/07/2020 08:46:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Windows Defender:
===================================
Date: 2020-08-07 14:01:31.2460000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: PUA:Win32/InstallCore
ID: 213927
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\User\Desktop\Win Stuff\stellarium0.13.2win32_0601054033.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.321.836.0, AS: 1.321.836.0, NIS: 1.321.836.0
Engine Version: AM: 1.1.17300.4, NIS: 1.1.17300.4
Date: 2020-08-07 12:35:39.8820000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: PUA:Win32/Bibado
ID: 227145
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Als_Stuff\backup\backup\ThumbDrives\DarkOne\installer_conexant_rd01-d850.exe; file:_C:\FromXP\backup\ThumbDrives\DarkOne\installer_conexant_rd01-d850.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.321.836.0, AS: 1.321.836.0, NIS: 1.321.836.0
Engine Version: AM: 1.1.17300.4, NIS: 1.1.17300.4
Date: 2020-08-07 12:35:39.8770000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: PUA:Win32/CandyOpen
ID: 213956
Severity: Low
Category: Potentially Unwanted Software
Path: containerfile:_C:\Als_Stuff\backup\backup\drive_d\manuals\IZArc4.1.6.exe; containerfile:_C:\Als_Stuff\backup\manuals\IZArc4.1.6.exe; containerfile:_C:\FromXP\backup\drive_d\manuals\IZArc4.1.6.exe; containerfile:_C:\FromXP\manuals\IZArc4.1.6.exe; file:_C:\Als_Stuff\backup\backup\drive_d\manuals\IZArc4.1.6.exe->(inno#000158); file:_C:\Als_Stuff\backup\manuals\IZArc4.1.6.exe->(inno#000158); file:_C:\FromXP\backup\drive_d\manuals\IZArc4.1.6.exe->(inno#000158); file:_C:\FromXP\manuals\IZArc4.1.6.exe->(inno#000158)
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.321.836.0, AS: 1.321.836.0, NIS: 1.321.836.0
Engine Version: AM: 1.1.17300.4, NIS: 1.1.17300.4
Date: 2020-08-07 12:35:39.8620000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: PUA:Win32/InstallCore
ID: 213927
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\User\Desktop\Win Stuff\stellarium0.13.2win32_0601054033.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.321.836.0, AS: 1.321.836.0, NIS: 1.321.836.0
Engine Version: AM: 1.1.17300.4, NIS: 1.1.17300.4
Date: 2020-08-06 23:55:55.2240000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {7C1B4590-1846-494B-A3AA-5C08B36C69D8}
Scan Type: Antimalware
Scan Parameters: Full Scan
Date: 2020-08-07 10:03:34.7680000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.319.249.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17200.2
Error code: 0x80072ee2
Error description: The operation timed out
Date: 2020-08-07 10:03:34.7670000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.319.249.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17200.2
Error code: 0x80072ee2
Error description: The operation timed out
Date: 2020-08-07 10:03:34.7660000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.319.249.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17200.2
Error code: 0x80072ee2
Error description: The operation timed out
Date: 2020-08-07 10:00:50.6200000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.319.249.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17200.2
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2020-08-07 10:00:50.6190000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.319.249.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17200.2
Error code: 0x80070102
Error description: The wait operation timed out.
==================== Memory info ===========================
BIOS: LENOVO M0KKT19A 09/16/2015
Motherboard: LENOVO SHARKBAY
Processor: Intel(R) Core(TM) i3-4170 CPU @ 3.70GHz
Percentage of memory in use: 77%
Total physical RAM: 4005.27 MB
Available physical RAM: 896.32 MB
Total Virtual: 4773.27 MB
Available Virtual: 1632.27 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:433.92 GB) (Free:169.62 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{47562943-bcfb-4c66-b7d0-4f3514ca67d7}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.52 GB) NTFS
\\?\Volume{685daee3-f643-40c0-8e1b-207864546791}\ (LENOVO_PART) (Fixed) (Total:30 GB) (Free:17.28 GB) NTFS
\\?\Volume{5fe34e40-16bc-4f84-b1cd-77311910f337}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 73BA6EF6)
Partition: GPT.
==================== End of Addition.txt =======================