Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2021 Ran by Dyfan (13-05-2021 14:34:40) Running from C:\Users\Dyfan\Desktop Windows 8.1 (Update) (X64) (2021-01-25 16:01:49) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1704149506-1908064861-659173645-500 - Administrator - Disabled) Dyfan (S-1-5-21-1704149506-1908064861-659173645-1001 - Administrator - Enabled) => C:\Users\Dyfan Guest (S-1-5-21-1704149506-1908064861-659173645-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1704149506-1908064861-659173645-1003 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Security Cloud (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Security Cloud (Enabled - Up to date) {F41710F6-65D1-4F66-2B68-CCCF63D4A09E} FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 4K Video Downloader (HKLM\...\{19BDF435-8F4A-4AFC-80AE-AF007BD67A8E}) (Version: 4.15.1.4190 - Open Media LLC) Hidden 4K Video Downloader (HKLM-x32\...\{86b588ff-78bb-4251-85d5-56f2450b123a}) (Version: 4.14.2.4070 - Open Media LLC) ANT Drivers Installer x64 (HKLM\...\{1BC0225E-AF99-4434-92CC-615111CE698F}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Ant Video downloader (Native messaging host) (HKLM-x32\...\{41A57734-2ED5-449A-BAF0-F0B356417716}) (Version: 4.7 - Ant.com) Apple Application Support (32-bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.) ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.17 - ASUSTeK Computer Inc.) Audacity 3.0.2 (HKLM-x32\...\Audacity_is1) (Version: 3.0.2 - Audacity Team) AudioMuxer 0.9.6.4 (HKLM-x32\...\{E62BDA87-5FD3-4A47-9CF1-F3B04C542713}_is1) (Version: 0.9.6.4 - Pl4yit) AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.) calibre (HKLM-x32\...\{46FD03C7-BCA4-4075-A384-AE21E2155424}) (Version: 5.17.0 - Kovid Goyal) Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - ) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.) Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform) CrystalDiskInfo 8.12.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.12.0 - Crystal Dew World) dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 17.3 - Illustrate) Direct Folders (HKLM-x32\...\DirectFoldersAppID_is1) (Version: 3.8 - Code Sector) Elevated Installer (HKLM-x32\...\{C3D3E0B3-6B8D-4AF4-B49A-3583E512ECE8}) (Version: 7.5.0.0 - Garmin Ltd or its subsidiaries) Hidden Everything 1.4.1.1005 (x64) (HKLM\...\Everything) (Version: 1.4.1.1005 - voidtools) Exact Audio Copy 1.6 (HKLM-x32\...\Exact Audio Copy) (Version: 1.6 - Andre Wiethoff) EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 9.1.6 - Poikosoft) FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - ) FFmpeg Batch AV Converter (HKLM\...\FFBATCH_cv_is1) (Version: 2.3.7 - Eibolsoft) File Renamer - Basic (HKLM-x32\...\File Renamer - Basic) (Version: 6.3 - Sherrod Computers) foobar2000 v1.6.5 (HKLM-x32\...\foobar2000) (Version: 1.6.5 - Peter Pawlowski) Garmin Express (HKLM-x32\...\{034F279C-D74E-42F2-8CEC-216E91969B29}) (Version: 7.5.0.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{afe06296-a3d5-48cf-88a2-77629aeb124b}) (Version: 7.5.0.0 - Garmin Ltd or its subsidiaries) get_iplayer 3.27.1 (x64) (HKLM\...\get_iplayer_is1) (Version: 3.27.1 - The get_iplayer Contributors) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC) Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.61 - Janos Mathe) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Jackett (HKLM-x32\...\{C2A9FC00-AA48-4F17-9A72-62FBCEE2785B}_is1) (Version: 0.17.1032.0 - Jackett) Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.9 - Oracle Corporation) Kaspersky Security Cloud (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) K-Lite Codec Pack 16.1.6 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.1.6 - KLCP) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) MAAT DROffline MkII (HKLM\...\DROffline MkII_is1) (Version: 2.1.3 - MAAT) MakeMKV v1.16.3 (HKLM-x32\...\MakeMKV) (Version: v1.16.3 - GuinpinSoft inc) Malwarebytes version 4.3.3.116 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.3.116 - Malwarebytes) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation) Mp3tag v3.06a (HKLM-x32\...\Mp3tag) (Version: 3.06a - Florian Heidenreich) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.5 - Notepad++ Team) Open-Shell (HKLM\...\{F4B6EE58-F183-4B0D-930B-4480673C0F5B}) (Version: 4.4.160 - The Open-Shell Team) PerfectDisk Professional Business (HKLM\...\{C4E01CDC-0063-493C-B383-9C4FCF7A89F7}) (Version: 14.0.893 - Raxco Software Inc.) Python 3.9.5 (64-bit) (HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\{f3d4ed4c-f434-41ef-8469-ffadd80c4ccf}) (Version: 3.9.5150.0 - Python Software Foundation) Python 3.9.5 Core Interpreter (64-bit) (HKLM\...\{FBB6299D-CB58-4177-B6A0-63BFB1C8C3AE}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden Python 3.9.5 Development Libraries (64-bit) (HKLM\...\{AEE58901-97A1-422A-B964-4FD9BF3327B8}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden Python 3.9.5 Documentation (64-bit) (HKLM\...\{4EFE695B-F377-4CB0-90E3-6AEEE22DEFEB}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden Python 3.9.5 Executables (64-bit) (HKLM\...\{843C07B6-040E-4E83-B244-5383247D70AB}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden Python 3.9.5 pip Bootstrap (64-bit) (HKLM\...\{7559EB6B-36F9-4AE8-8970-532E4DC0ECA3}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden Python 3.9.5 Standard Library (64-bit) (HKLM\...\{F4DC18F4-6323-4BE8-A322-38268831BC24}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden Python 3.9.5 Tcl/Tk Support (64-bit) (HKLM\...\{351016A7-AED4-4824-8D2E-2F9ED497CF77}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden Python 3.9.5 Test Suite (64-bit) (HKLM\...\{605117B9-EE12-4498-A089-A63219191799}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden Python 3.9.5 Utility Scripts (64-bit) (HKLM\...\{420E50F6-A8E8-4098-A321-7DF6B3C3BA82}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{B6EF11B6-0882-43B1-AA75-4D3BD32A144A}) (Version: 3.9.7427.0 - Python Software Foundation) qBittorrent 4.3.5 (HKLM-x32\...\qBittorrent) (Version: 4.3.5 - The qBittorrent project) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 4.3.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.3.3 - VS Revo Group, Ltd.) ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.4.0 - ShareX Team) Spek (HKLM-x32\...\{7CDF6754-F5A0-4F34-B589-197530FEF862}) (Version: 0.8.2 - Spek Project) SpywareBlaster 6.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 6.0.0 - BrightFort LLC) SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.2 - Krzysztof Kowalczyk) TagScanner 6.1.8 (64-bit) (HKLM\...\TagScanner_is1) (Version: - Sergey Serkov) TeraCopy (HKLM\...\{952ED35A-74C3-4204-8F01-986D8711B41D}) (Version: 3.8.5 - Code Sector) Trader's Little Helper 2.8.4 (HKLM-x32\...\TradersLittleHelper_is1) (Version: 2.8.4 - Robert Hoffmann) TreeSize Free V4.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.2 - JAM Software) VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN) VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.69 - VSO Software) Weiss Engineering Saracon (HKLM-x32\...\Saracon) (Version: 01.61-27 - ) Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH) WinX DVD Ripper Platinum 7.5.5 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version: - Digiarty Software, Inc.) Packages: ========= MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2021-01-25] (Microsoft Corporation) [MS Ad] ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed] ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed] ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-03-22] (Notepad++ -> ) ContextMenuHandlers1: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2020-09-08] (Poikosoft -> Poikosoft) ContextMenuHandlers1: [FastCopy] -> {72FF462B-AB7D-427A-A268-E22E414933D7} => C:\Users\Dyfan\FastCopy\FastEx64.dll -> No File ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers1: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [FastCopy] -> {72FF462B-AB7D-427A-A268-E22E414933D7} => C:\Users\Dyfan\FastCopy\FastEx64.dll -> No File ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers2: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2020-09-08] (Poikosoft -> Poikosoft) ContextMenuHandlers4: [FastCopy] -> {72FF462B-AB7D-427A-A268-E22E414933D7} => C:\Users\Dyfan\FastCopy\FastEx64.dll -> No File ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers4: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector) ContextMenuHandlers5: [FastCopy] -> {72FF462B-AB7D-427A-A268-E22E414933D7} => C:\Users\Dyfan\FastCopy\FastEx64.dll -> No File ContextMenuHandlers5: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => -> No File ContextMenuHandlers6: [FastCopy] -> {72FF462B-AB7D-427A-A268-E22E414933D7} => C:\Users\Dyfan\FastCopy\FastEx64.dll -> No File ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group) ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2020-09-26] (Open-Shell) [File not signed] ContextMenuHandlers6: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2021-05-07 18:11 - 2021-05-12 11:39 - 000205824 _____ () [File not signed] [File is in use] C:\ProgramData\Jackett\YamlDotNet.dll 2021-01-25 18:46 - 2010-08-23 11:17 - 000662016 _____ () [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll 2021-01-25 18:47 - 2011-07-12 19:14 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll 2021-01-25 18:48 - 2012-10-08 17:07 - 000972288 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll 2021-01-25 18:47 - 2010-10-05 08:22 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll 2021-01-25 18:47 - 2010-10-05 08:22 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll 2021-01-25 18:47 - 2012-05-28 21:27 - 001622528 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll 2021-01-25 18:47 - 2009-08-12 20:15 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll 2021-01-25 18:48 - 2012-05-25 10:33 - 000883712 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll 2021-01-25 18:48 - 2011-09-19 20:18 - 001243136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll 2021-01-25 18:47 - 2011-07-21 09:06 - 000846848 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll 2021-01-25 18:47 - 2012-08-29 18:09 - 000875520 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll 2021-01-25 18:39 - 2010-06-29 11:58 - 000104448 ____N () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll 2021-01-25 18:39 - 2021-05-13 11:35 - 000027648 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll 2021-05-12 15:17 - 2012-07-29 10:23 - 000073728 _____ () [File not signed] C:\Program Files (x86)\Direct Folders\dfh32.dll 2021-05-12 15:17 - 2012-07-29 10:22 - 000072192 _____ () [File not signed] C:\Program Files (x86)\Direct Folders\dfh64.dll 2021-05-07 18:11 - 2021-05-12 11:39 - 000829440 _____ (AngleSharp) [File not signed] [File is in use] C:\ProgramData\Jackett\AngleSharp.dll 2021-01-25 18:46 - 2010-08-09 22:33 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\ASACPI.DLL 2021-01-25 18:47 - 2010-08-09 21:33 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsAcpi.dll 2021-01-25 18:48 - 2010-11-30 14:13 - 000108544 ____N (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FanXpert2\asacpi.dll 2021-01-25 18:48 - 2021-01-25 18:46 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsAcpi.dll 2021-01-25 18:46 - 2010-08-12 08:52 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\asacpiEx.dll 2021-01-25 18:47 - 2010-08-12 07:52 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\asacpiEx.dll 2021-01-25 18:47 - 2010-10-05 08:22 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsMultiLang.dll 2021-01-25 18:48 - 2010-09-08 21:25 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\AsMultiLang.dll 2021-01-25 18:48 - 2012-06-15 00:03 - 001016320 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Cpu Frequency\CpuFrequency.dll 2021-01-25 18:48 - 2012-03-21 19:41 - 000677376 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FanXpert2\asacpiEx.dll 2021-01-25 18:48 - 2010-06-03 20:04 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FanXpert2\AsMultiLang.dll 2021-01-25 18:48 - 2012-05-23 15:28 - 001545728 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FanXpert2\FanXpert2.dll 2021-01-25 18:48 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AsMultiLang.dll 2021-01-25 18:47 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\AsMultiLang.dll 2021-01-25 18:47 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\AsMultiLang.dll 2021-01-25 18:48 - 2021-01-25 18:46 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\asacpiEx.dll 2021-05-07 18:11 - 2021-05-12 11:39 - 000251904 _____ (Autofac) [File not signed] [File is in use] C:\ProgramData\Jackett\Autofac.dll 2021-05-07 18:11 - 2021-05-12 11:39 - 000015872 _____ (Autofac) [File not signed] [File is in use] C:\ProgramData\Jackett\Autofac.Extensions.DependencyInjection.dll 2021-01-26 12:08 - 2012-06-14 18:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL 2021-05-07 18:11 - 2021-05-12 11:39 - 000018432 _____ (Diego Heras (ngosang)) [File not signed] [File is in use] C:\ProgramData\Jackett\FlareSolverrSharp.dll 2021-05-07 18:11 - 2021-05-12 11:39 - 000217088 _____ (gsscoder;nemec;ericnewton76;moh-hassan) [File not signed] [File is in use] C:\ProgramData\Jackett\CommandLine.dll 2021-05-07 18:11 - 2021-05-12 11:39 - 001252352 _____ (Jackett.Common) [File not signed] [File is in use] C:\ProgramData\Jackett\Jackett.Common.dll 2021-05-07 18:11 - 2021-05-12 11:39 - 000393216 _____ (JackettConsole) [File not signed] [File is in use] C:\ProgramData\Jackett\JackettConsole.dll 2021-05-07 18:11 - 2021-05-12 11:39 - 000312832 _____ (JackettService) [File not signed] [File is in use] C:\ProgramData\Jackett\JackettService.dll 2021-05-07 18:11 - 2021-05-12 11:39 - 000297472 _____ (Jimmy Bogard) [File not signed] [File is in use] C:\ProgramData\Jackett\AutoMapper.dll 2021-05-07 18:11 - 2021-05-12 11:39 - 000010752 _____ (Landon Key) [File not signed] [File is in use] C:\ProgramData\Jackett\SocksWebProxy.dll 2021-05-07 18:11 - 2021-05-12 11:39 - 000817152 _____ (NLog) [File not signed] [File is in use] C:\ProgramData\Jackett\NLog.dll 2021-05-07 18:11 - 2021-05-12 11:39 - 000046080 _____ (NLog) [File not signed] [File is in use] C:\ProgramData\Jackett\NLog.Extensions.Logging.dll 2021-05-07 18:11 - 2021-05-12 11:39 - 000046592 _____ (NLog) [File not signed] [File is in use] C:\ProgramData\Jackett\NLog.Web.AspNetCore.dll 2020-09-26 14:47 - 2020-09-26 14:47 - 000975872 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\ClassicExplorer64.dll 2020-09-26 14:47 - 2020-09-26 14:47 - 002659328 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenuDLL.dll 2020-09-26 14:48 - 2020-09-26 14:48 - 000562688 _____ (Open-Shell) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll 2021-05-07 18:11 - 2021-05-12 11:39 - 000028672 _____ (Org.Mentalis) [File not signed] [File is in use] C:\ProgramData\Jackett\Org.Mentalis.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [274] AlternateDataStreams: C:\ProgramData\TEMP:D735933A [138] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\80753807.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\80753807.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed] BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-03-26] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-03-26] (Oracle America, Inc. -> Oracle Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2020-09-26] (Open-Shell) [File not signed] BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2020-09-26] (Open-Shell) [File not signed] BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2020-09-26] (Open-Shell) [File not signed] Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed] Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2020-09-26] (Open-Shell) [File not signed] (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\1001movie.com -> 1001movie.com There are 6091 more sites. ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\FFmpeg\bin;C:\FFmpeg\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\get_iplayer HKU\S-1-5-21-1704149506-1908064861-659173645-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\Services: kpm_launch_service => 3 HKLM\...\StartupApproved\Run: => "Open-Shell Start Menu" HKLM\...\StartupApproved\Run: => "AsioReg" HKLM\...\StartupApproved\Run: => "WindowsDefender" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "CanonSolutionMenu" HKLM\...\StartupApproved\Run32: => "CTHelper" HKLM\...\StartupApproved\Run32: => "CTxfiHlp" HKLM\...\StartupApproved\Run32: => "AsioThk32Reg" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "IJNetworkScanUtility" HKLM\...\StartupApproved\Run32: => "PrivateFolder" HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\StartupApproved\Run: => "ultracopier" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{A003020E-8BAC-4330-82F1-F03E00203013}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) FirewallRules: [{CF7468BC-9F59-4C8E-86BA-3D871F5DD53D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) FirewallRules: [{8316E5D8-B835-4D16-9E38-C7AF2CED5C45}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{91320F9D-2E42-4A2E-8579-6F1E7C408A23}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File FirewallRules: [UDP Query User{84304862-91A3-42CD-B4D7-340314FBE947}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File FirewallRules: [TCP Query User{CFD4F7E8-995E-40BF-8E70-31F2DF31DC26}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_291\bin\javaw.exe FirewallRules: [UDP Query User{E494B49E-5D0E-4FA9-8903-6AB0907EEBB2}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_291\bin\javaw.exe FirewallRules: [{AB327029-4A72-40CA-A83A-0C4DA4701735}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [{BAB32843-1F0B-4697-92F7-69794BA2F8C3}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [TCP Query User{39C3E5B7-4183-44C6-B740-E6E044917A87}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{A715F1E7-C432-4286-9AD1-C7AE39E22061}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{3B02CCCE-05E3-497A-8E02-9AB5AAB2E0CE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 09-05-2021 13:42:31 Removed Kaspersky Password Manager ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (05/13/2021 11:34:56 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Failed to schedule Software Protection service for re-start at 2121-04-19T10:34:56Z. Error Code: 0x80070005. Error: (05/13/2021 11:34:26 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Failed to schedule Software Protection service for re-start at 2121-04-19T10:34:26Z. Error Code: 0x80070005. Error: (05/13/2021 11:33:56 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Failed to schedule Software Protection service for re-start at 2121-04-19T10:33:56Z. Error Code: 0x80070005. Error: (05/13/2021 11:33:26 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Failed to schedule Software Protection service for re-start at 2121-04-19T10:33:26Z. Error Code: 0x80070005. Error: (05/13/2021 11:07:11 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (05/13/2021 11:03:51 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbamtray.exe, version: 4.0.0.987, time stamp: 0x60894603 Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x603971ce Exception code: 0xc0000005 Fault offset: 0x0000000000219dc5 Faulting process ID: 0x21e0 Faulting application start time: 0x01d747ded30be48e Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll Report ID: 844413d8-b3d2-11eb-82e7-50465db36e87 Faulting package full name: Faulting package-relative application ID: Error: (05/12/2021 09:55:44 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (05/11/2021 09:31:37 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. System errors: ============= Error: (05/13/2021 12:41:37 PM) (Source: DCOM) (EventID: 10010) (User: Sinbad) Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout. Error: (05/13/2021 12:41:07 PM) (Source: DCOM) (EventID: 10010) (User: Sinbad) Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout. Error: (05/13/2021 11:35:03 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY) Description: Unable to start a DCOM Server: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}. The error: "5" Happened while starting this command: C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding Error: (05/13/2021 11:35:03 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY) Description: Unable to start a DCOM Server: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}. The error: "5" Happened while starting this command: C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding Error: (05/13/2021 11:35:03 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY) Description: Unable to start a DCOM Server: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}. The error: "5" Happened while starting this command: C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding Error: (05/13/2021 11:35:03 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY) Description: Unable to start a DCOM Server: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}. The error: "5" Happened while starting this command: C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding Error: (05/13/2021 11:34:20 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY) Description: Unable to start a DCOM Server: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}. The error: "5" Happened while starting this command: C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding Error: (05/13/2021 11:34:20 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY) Description: Unable to start a DCOM Server: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}. The error: "5" Happened while starting this command: C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding Windows Defender: ================ Date: 2021-05-13 11:20:42.419 Description: Windows Defender scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-01-25 19:34:26.035 Description: Windows Defender Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x80070002 Error description: The system cannot find the file specified. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer. Date: 2021-01-25 19:23:38.065 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2021-01-25 19:23:38.065 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2021-01-25 18:42:21.528 Description: Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80073aba Error description: The resource is too old to be compatible. Signature version: 1.155.266.0;1.155.266.0 Engine version: 1.1.9700.0 Date: 2021-01-25 16:58:01.819 Description: Windows Defender has encountered an error trying to update the engine. New Engine Version: 1.1.17700.4 Previous Engine Version: 1.1.9700.0 Error Code: 0x8050800c Error description: An unexpected problem occurred. Install any available updates, then try to start the program again. For information on installing updates, see Help and Support. ==================== Memory info =========================== BIOS: American Megatrends Inc. 5104 09/14/2012 Motherboard: ASUSTeK COMPUTER INC. F2A85-V PRO Processor: AMD A6-6400K APU with Radeon(tm) HD Graphics Percentage of memory in use: 40% Total physical RAM: 7624.94 MB Available physical RAM: 4533.46 MB Total Virtual: 8840.94 MB Available Virtual: 5199.26 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:118.9 GB) (Free:90.89 GB) NTFS Drive d: (Black) (Fixed) (Total:931.51 GB) (Free:294.3 GB) NTFS Drive e: (Maxtor) (Fixed) (Total:152.66 GB) (Free:41.92 GB) NTFS Drive h: (Toshiba) (Fixed) (Total:2794.39 GB) (Free:739.22 GB) NTFS Drive i: (K1) (Removable) (Total:59.05 GB) (Free:32.76 GB) FAT32 Drive m: (New Volume) (Fixed) (Total:2794.39 GB) (Free:304 GB) NTFS \\?\Volume{70be6976-5f25-11eb-824e-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.06 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 2C402D9B) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=118.9 GB) - (Type=07 NTFS) ========================================================== Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: C9699AB9) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 3 (MBR Code: Windows XP) (Size: 152.7 GB) (Disk ID: 7B25CC4E) Partition 1: (Active) - (Size=152.7 GB) - (Type=07 NTFS) ========================================================== Disk: 4 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 5 (Protective MBR) (Size: 59.1 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt =======================