Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by Admin (18-12-2019 11:47:02)
Running from D:\Users\Hari\Desktop
Windows 10 Pro Version 1909 18363.535 (X64) (2019-12-16 02:53:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-3076391084-2480122960-4283986350-1002 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3076391084-2480122960-4283986350-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3076391084-2480122960-4283986350-503 - Limited - Disabled)
Guest (S-1-5-21-3076391084-2480122960-4283986350-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3076391084-2480122960-4283986350-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 5.4.0 - philandro Software GmbH)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.0.29455 - Foxit Software Inc.)
Intel(R) Computing Improvement Program (HKLM\...\{85B6BF0F-EF1B-4F0F-892D-E68BD798950C}) (Version: 2.4.04669 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4703 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000030-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.30.0.5 - Intel Corporation)
IrfanView 4.53 (64-bit) (HKLM\...\IrfanView64) (Version: 4.53 - Irfan Skiljan)
iTube Studio(Build 7.4.6.6) (HKLM-x32\...\iTube Studio_is1) (Version: 7.4.6.6 - iTube Studio)
Kaspersky Secure Connection (HKLM-x32\...\{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky)
Kaspersky Total Security (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
MediaInfo 19.09 (HKLM\...\MediaInfo) (Version: 19.09 - MediaArea.net)
Microsoft OneDrive (HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.1 - Mozilla)
MP4Tools v3.8 (HKLM-x32\...\MP4Tools_is1) (Version:  - Thüring IT-Consulting)
My MP4Box GUI 0.6.0.6 (HKLM\...\{3FBE3061-F2BC-4D3A-B4A9-8FB15C503F87}_is1) (Version: 0.6.0.6 - Matt Bodin)
OpenOffice 4.1.6 (HKLM-x32\...\{16E4FF6B-31E8-4037-B627-D87CF872E32B}) (Version: 4.16.9790 - Apache Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Subtitle Edit 3.5.9 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.9.0 - Nikse)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vodafone Mobile Connect (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.3 - ZTE Corporation)
WhatsApp (HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\WhatsApp) (Version: 0.3.5374 - WhatsApp)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Windows Driver Package - SAMSUNG Electronics Co., Ltd.  (dg_ssudbus) USB  (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows Driver Package - SAMSUNG Electronics Co., Ltd.  (ssudmdm) Modem  (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows Driver Package - SAMSUNG Electronics Co., Ltd.  (WinUSB) AndroidUsbDeviceClass  (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0 [2019-12-11] (Spotify AB) [Startup Task]
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.3.9309.0_x64__cv1g1gvanyjgm [2019-12-15] (WhatsApp Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3076391084-2480122960-4283986350-1002_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2019-11-22] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2019-11-22] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2019-11-22] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2019-11-22] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Public\Desktop\Vodafone.lnk -> C:\Program Files (x86)\Vodafone Mobile Connect\LaunchWebUI.exe () -> hxxp://vodafonemobileconnect.4G

==================== Loaded Modules (Whitelisted) =============

2019-06-10 11:03 - 2019-02-21 21:30 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\System32\StartMenuHelper64.dll
2019-05-15 20:01 - 2019-05-15 20:01 - 001878528 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\AutorunsDisabled => "AlternateShell"="cmd.exe"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 13:01 - 2018-09-15 13:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\IrfanView\IrfanView_Wallpaper.png
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run32: => "CancelAutoPlay_df"
HKLM\...\StartupApproved\Run32: => "CheckNDISPort55ac29"
HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\StartupApproved\StartupFolder: => "Kaspersky Internet Security.lnk"
HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DB8929E0-10A9-4A40-9C2A-F1E4AB5D5A87}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{71C4347F-1E66-40D3-91F1-99AA4232F71C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B9EAC0B3-7180-447D-9D3E-AEED9BC0F9A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D99572FC-A9E2-4FFB-BAE1-2119DE77361D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{750874B7-A881-4078-82BD-5BB82215BB96}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{049C60CD-A64B-436D-8C5E-0744D750E19D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BEB9E178-D4B8-4EF6-A904-0CB089CAC418}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{31A323AA-76FA-48E2-B4E6-4DAF9BA6E979}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7D6D911B-D827-4E86-AFC4-4B0D1BC7A241}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{6FC9802D-0549-4D20-9407-C9C93E04175F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{0040F244-1059-4D83-A2C0-4101549D9976}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{97C3E0E6-A5E2-4C82-8C58-0AB8FC4E1EFD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{5F7A98BC-5DA7-4590-AFDE-C6C56D465BA7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{64DE0D83-0207-415E-B8CC-A9EA8F25C788}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D1DE5F2B-F210-49AE-AF64-FFC67FA45881}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{462499F1-27A9-494B-998D-612289A1CC86}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{FF554FC3-DA37-4885-BAA4-26EEF1FA3A53}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{EDE3E3C1-849D-4E6C-9285-F661D131BD6B}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{8B2700A4-5A0A-41AE-BD96-4E1BC8BA6731}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{93C32C8E-67E6-4A97-B1A1-F09CC6858BE6}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{A047E707-5DBF-4A46-8C6A-457520A40F87}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{91B86AA2-1909-4E14-8FAB-05364421B85D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{5C044509-1B87-4894-AC9D-4C95E6AAF499}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{861DABD3-01B3-430A-AB39-19C114219D8C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )

==================== Restore Points =========================

17-12-2019 06:00:54 Removed Bonjour
17-12-2019 06:56:23 O&O ShutUp10
17-12-2019 06:58:43 O&O ShutUp10
18-12-2019 07:31:44 Removed Apple Mobile Device Support

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/18/2019 11:42:53 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PINKYPC)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (12/18/2019 09:29:21 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PINKYPC)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (12/18/2019 09:23:16 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (12/18/2019 09:23:16 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (12/18/2019 09:06:05 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PINKYPC)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (12/18/2019 09:00:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (12/18/2019 09:00:01 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (12/18/2019 08:28:20 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PINKYPC)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.


System errors:
=============
Error: (12/18/2019 11:38:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SystemUsageReportSvc_QUEENCREEK service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (12/18/2019 11:38:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the SystemUsageReportSvc_QUEENCREEK service to connect.

Error: (12/18/2019 11:37:16 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (12/18/2019 09:25:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SystemUsageReportSvc_QUEENCREEK service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (12/18/2019 09:25:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the SystemUsageReportSvc_QUEENCREEK service to connect.

Error: (12/18/2019 09:24:06 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (12/18/2019 09:02:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SystemUsageReportSvc_QUEENCREEK service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (12/18/2019 09:02:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the SystemUsageReportSvc_QUEENCREEK service to connect.


Windows Defender:
===================================
Date: 2019-12-18 07:22:16.324
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1AC8636C-866C-4F95-A5AE-B2F195EBB0E4}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-17 20:17:54.587
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {14B13B26-7B9E-49B2-B478-B1F4F0B8B017}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-17 19:39:18.040
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D0063068-48DC-4046-880F-5F24D9E72FD2}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-17 19:26:59.966
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {21D8633B-C852-4C37-B705-6702316CE4E1}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-17 16:50:08.114
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E239C18E-C7DA-4B0C-B4C1-AA2C380A3F98}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-18 11:49:19.380
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.307.648.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16600.7
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

Date: 2019-12-17 15:23:52.531
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.307.606.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16600.7
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

CodeIntegrity:
===================================

Date: 2019-12-18 11:43:00.576
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-12-18 11:43:00.543
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-12-18 11:43:00.482
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-12-18 11:43:00.445
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-12-18 11:42:59.896
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-12-18 11:42:59.811
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-12-18 09:29:35.438
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-12-18 09:29:35.386
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

==================== Memory info =========================== 

BIOS: Insyde Corp. V1.37 02/16/2016
Motherboard: Acer ZORO_BH
Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Percentage of memory in use: 59%
Total physical RAM: 4016.42 MB
Available physical RAM: 1619.62 MB
Total Virtual: 5424.42 MB
Available Virtual: 3119.67 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:243.65 GB) (Free:109.04 GB) NTFS
Drive d: (Data) (Fixed) (Total:341.8 GB) (Free:212.14 GB) NTFS
Drive e: () (Fixed) (Total:345.57 GB) (Free:212.16 GB) NTFS

\\?\Volume{f7b2add7-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F7B2ADD7)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=243.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=341.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=345.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================