Fix result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021 Ran by Admin (13-03-2021 09:35:12) Run:1 Running from D:\Users\Hari\Desktop Loaded Profiles: Admin & HKP Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: CloseProcesses: ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1_S-1-5-21-3076391084-2480122960-4283986350-1002: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> No File ContextMenuHandlers4_S-1-5-21-3076391084-2480122960-4283986350-1002: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> No File HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X] U1 aswbdisk; no ImagePath S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X] S2 MsLldp; system32\drivers\mslldp.sys [X] C:\ProgramData\KMSAutoS Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Desktop.lnk [2020-11-11] ShortcutTarget: Facebook Desktop.lnk -> C:\Program Files (x86)\facebook\Facebook.exe (No File) Task: {8D373100-8521-4F1F-A140-3C208AD0F6F9} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [6977272 2020-10-30] (Ratiborus MSFree Inc. -> MSFree Inc.) [File not signed] FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-09-24] <==== ATTENTION (Points to *.cfg file) FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-09-24] <==== ATTENTION C:\Users\Public\Desktop\YTD Video Downloader.lnk C:\ProgramData\Desktop\YTD Video Downloader.lnk C:\ProgramData\YTD Video Downloader C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader C:\Program Files (x86)\GreenTree Applications C:\Users\Admin\AppData\Roaming\{B9E01A73-D7B6-12D6-F7C5-24046901C3E8} C:\Users\Admin\AppData\Local\{B1B51752-1266-41A0-A4B0-AC72333324DC} EmptyTemp: ***************** Restore point was successfully created. Processes closed successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\Software\Classes\*\ShellEx\ContextMenuHandlers\ kwpsshellext => removed successfully HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ kwpsshellext => removed successfully "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk" => not found "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\McAfee Security Scan Plus.lnk" => removed successfully C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully C:\ProgramData\NTUSER.pol => moved successfully HKLM\SOFTWARE\Policies\Mozilla => removed successfully HKLM\System\CurrentControlSet\Services\amsdk => removed successfully amsdk => service removed successfully HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully aswbdisk => service removed successfully HKLM\System\CurrentControlSet\Services\MBAMChameleon => removed successfully MBAMChameleon => service removed successfully HKLM\System\CurrentControlSet\Services\MsLldp => removed successfully MsLldp => service removed successfully C:\ProgramData\KMSAutoS => moved successfully C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Desktop.lnk => moved successfully "C:\Program Files (x86)\facebook\Facebook.exe" => not found "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D373100-8521-4F1F-A140-3C208AD0F6F9}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D373100-8521-4F1F-A140-3C208AD0F6F9}" => removed successfully C:\WINDOWS\System32\Tasks\KMSAutoNet => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSAutoNet" => removed successfully "HKLM\Software\Mozilla\Firefox\Extensions\\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com" => removed successfully "HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com" => removed successfully C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js => moved successfully C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg => moved successfully "C:\Users\Public\Desktop\YTD Video Downloader.lnk" => not found "C:\ProgramData\Desktop\YTD Video Downloader.lnk" => not found "C:\ProgramData\YTD Video Downloader" => not found "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader" => not found "C:\Program Files (x86)\GreenTree Applications" => not found C:\Users\Admin\AppData\Roaming\{B9E01A73-D7B6-12D6-F7C5-24046901C3E8} => moved successfully C:\Users\Admin\AppData\Local\{B1B51752-1266-41A0-A4B0-AC72333324DC} => moved successfully =========== EmptyTemp: ========== BITS transfer queue => 10510336 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29687511 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 21713 B Edge => 64000 B Chrome => 8169163 B Firefox => 235004899 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 5656 B NetworkService => 125242504 B Admin => 138893617 B HKP => 465593426 B RecycleBin => 0 B EmptyTemp: => 966.3 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 09:43:19 ====