Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2021 Ran by Admin (14-03-2021 15:21:15) Running from D:\Users\Hari\Desktop Windows 10 Pro Version 2004 19041.508 (X64) (2020-07-23 05:05:17) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Admin (S-1-5-21-3076391084-2480122960-4283986350-1002 - Administrator - Enabled) => C:\Users\Admin Administrator (S-1-5-21-3076391084-2480122960-4283986350-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3076391084-2480122960-4283986350-503 - Limited - Disabled) Guest (S-1-5-21-3076391084-2480122960-4283986350-501 - Limited - Disabled) HKP (S-1-5-21-3076391084-2480122960-4283986350-1004 - Administrator - Enabled) => C:\Users\HKP WDAGUtilityAccount (S-1-5-21-3076391084-2480122960-4283986350-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} FW: Kaspersky Internet Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58} FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated) AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.2.3 - philandro Software GmbH) Avidemux VC++ 64bits (HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\{af708a33-16c4-431e-a527-5237bee3c9fc}) (Version: 2.7.6 - Mean) Bandicut (HKLM-x32\...\Bandicut) (Version: 3.6.3.652 - Bandicam.com) CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.1.1.37576 - Foxit Software Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.82 - Google LLC) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - ) IrfanView 4.57 (64-bit) (HKLM\...\IrfanView64) (Version: 4.57 - Irfan Skiljan) Kaspersky Internet Security (HKLM-x32\...\{63129F5E-8EC5-41BA-A4CF-47966CE84953}) (Version: 21.2.16.590 - Kaspersky) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{63129F5E-8EC5-41BA-A4CF-47966CE84953}) (Version: 21.2.16.590 - Kaspersky) Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Kaspersky VPN (HKLM-x32\...\{221FA56C-0A92-4E58-98FD-CAF82237540C}) (Version: 21.2.16.590 - Kaspersky) Hidden Kaspersky VPN (HKLM-x32\...\InstallWIX_{221FA56C-0A92-4E58-98FD-CAF82237540C}) (Version: 21.2.16.590 - Kaspersky) Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.50 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - ) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 86.0 (x64 en-US) (HKLM\...\Mozilla Firefox 86.0 (x64 en-US)) (Version: 86.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.0.2 - Mozilla) MP4Tools v3.8 (HKLM-x32\...\MP4Tools_is1) (Version: - Thüring IT-Consulting) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.) Signal 1.40.1 (HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 1.40.1 - Open Whisper Systems) Telegram Desktop version 2.6.1 (HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.6.1 - Telegram FZ-LLC) VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN) Packages: ========= 7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.1900.3.0_x64__6bk20wvc8rfx2 [2020-09-17] (Hauke Hasselberg) freda epub ebook reader -> C:\Program Files\WindowsApps\5957Turnipsoft.freda_4.38.0.0_x64__ypmq2qh89vmny [2021-01-15] (Turnipsoft) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-09] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-01-11] (Netflix, Inc.) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-21] (Microsoft Corporation) Vodafone Mobile Broadband -> C:\Program Files\WindowsApps\VodafoneGroupServices.VodafoneMobileBroadband_2.10.46.0_x64__cx08jceyq9bcp [2020-07-15] (Vodafone Group Services) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3076391084-2480122960-4283986350-1002_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0 ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2020-11-07] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers2: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2020-11-07] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers4: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2020-11-07] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2020-11-07] (Kaspersky Lab JSC -> AO Kaspersky Lab) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2020-07-14 22:45 - 2020-09-21 17:08 - 000000828 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\IrfanView\IrfanView_Wallpaper.png HKU\S-1-5-21-3076391084-2480122960-4283986350-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "BCSSync" HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\StartupApproved\StartupFolder: => "startup.exe" HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\StartupApproved\Run: => "kpm.exe" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{897EA980-C35F-4857-B374-763F719E859F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{EC61361A-AF7E-4542-A63C-2070ECF7EADE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2BCE7B29-2AEE-4A62-88FC-A23671F697F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C231C83A-44A6-448B-8DAE-B4313014E25E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{212D1384-9932-4514-8EEE-4CC89F0034D8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C03AFBAE-0E58-43C6-A47B-25384B579B0B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{26E996A4-5F15-48EA-BA31-D7A8FBBC51C9}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => No File FirewallRules: [{9336D091-4568-417F-B800-D94165BF9C97}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => No File FirewallRules: [{6C8BC830-2543-4BF5-BAA4-8A001051DAC1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => No File FirewallRules: [{7B082CFA-892C-4C3F-95FB-CCC01A3FCDD2}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => No File FirewallRules: [{B627FF28-6B36-41B9-AFF6-1153353B8128}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{48D40BC9-5098-4610-A540-4DD23EF35950}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{5E53DE4D-76C2-4E85-9E15-31CD9EE1AE7B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{DE1D7FAA-E8D4-4A6C-81F4-6650E57B11E6}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{9227F64E-D1CA-4CD6-A44C-69E7FD5EE2D0}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{8C2EF3AD-731F-418C-9AA3-63C013090EEF}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{FF487E5F-9A28-4427-86D7-8A4B954EE166}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) ==================== Restore Points ========================= 06-03-2021 14:05:46 Windows Modules Installer 07-03-2021 08:55:00 Windows Modules Installer 07-03-2021 16:47:33 Windows Modules Installer 08-03-2021 08:57:33 Windows Modules Installer 08-03-2021 16:07:39 Windows Modules Installer 09-03-2021 09:00:28 Windows Modules Installer 09-03-2021 15:42:48 Windows Modules Installer 10-03-2021 08:28:40 Windows Modules Installer 10-03-2021 14:55:48 Windows Modules Installer 11-03-2021 10:32:14 Windows Modules Installer 11-03-2021 17:54:03 Windows Modules Installer 12-03-2021 15:56:59 Windows Modules Installer 13-03-2021 08:38:25 Windows Modules Installer 13-03-2021 15:39:24 Windows Modules Installer 14-03-2021 09:23:41 Windows Modules Installer ==================== Faulty Device Manager Devices ============ Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: HD WebCam Description: USB Video Device Class Guid: {ca3e7ab9-b4c3-4ae6-8251-579ef933890f} Manufacturer: Microsoft Service: usbvideo Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ======================== Application errors: ================== Error: (03/14/2021 02:52:01 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Un_A.exe version 4.3.3.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2cc8 Start Time: 01d718b3500fc684 Termination Time: 4294967295 Application Path: C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe Report Id: 48144da7-503d-405d-b594-90d3007f02df Faulting package full name: Faulting package-relative application ID: Hang type: Top level window is idle Error: (03/14/2021 10:06:09 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: wuauclt.exe, version: 10.0.19041.508, time stamp: 0x5c5723e6 Faulting module name: ntdll.dll, version: 10.0.19041.488, time stamp: 0x70e69bad Exception code: 0xc0000005 Fault offset: 0x0000000000045e16 Faulting process id: 0xa1c Faulting application start time: 0x01d7188316daa6cc Faulting application path: C:\WINDOWS\system32\wuauclt.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 7b2f77a2-8ce8-412f-a061-5ca78e5f2c07 Faulting package full name: Faulting package-relative application ID: Error: (03/13/2021 04:26:55 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (03/13/2021 04:26:55 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (03/13/2021 04:26:54 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (03/13/2021 04:26:53 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (03/13/2021 04:15:04 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer. Context: Application, SystemIndex Catalog Error: (03/13/2021 09:46:32 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . System errors: ============= Error: (03/14/2021 10:48:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The eapihdrv service failed to start due to the following error: This driver has been blocked from loading Error: (03/14/2021 10:48:17 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Admin\AppData\Local\Temp\ehdrv.sys Error: (03/14/2021 10:48:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The eapihdrv service failed to start due to the following error: This driver has been blocked from loading Error: (03/14/2021 10:48:16 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Admin\AppData\Local\Temp\ehdrv.sys Error: (03/14/2021 10:48:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The eapihdrv service failed to start due to the following error: This driver has been blocked from loading Error: (03/14/2021 10:48:16 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Admin\AppData\Local\Temp\ehdrv.sys Error: (03/14/2021 10:48:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The eapihdrv service failed to start due to the following error: This driver has been blocked from loading Error: (03/14/2021 10:48:16 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Admin\AppData\Local\Temp\ehdrv.sys Windows Defender: ================ Date: 2021-02-24 17:07:58 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-02-15 10:09:48 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-09-23 18:13:40 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-03-04 07:50:54 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.331.2296.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.17800.5 Error code: 0x80070102 Error description: The wait operation timed out. Date: 2021-02-15 08:26:38 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.323.1746.0 Update Source: Microsoft Malware Protection Center Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.17500.4 Error code: 0x80070102 Error description: The wait operation timed out. Date: 2021-02-15 08:09:25 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.323.1746.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.17500.4 Error code: 0x80240022 Error description: The program can't check for definition updates. Date: 2021-02-15 08:09:25 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.323.1746.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.17500.4 Error code: 0x80240022 Error description: The program can't check for definition updates. Date: 2021-02-14 11:04:30 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.323.1746.0 Update Source: Microsoft Malware Protection Center Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.17500.4 Error code: 0x80072ee7 Error description: The server name or address could not be resolved CodeIntegrity: =============== Date: 2021-03-14 09:05:03 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2021-03-14 09:00:53 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== BIOS: Insyde Corp. V1.37 02/16/2016 Motherboard: Acer ZORO_BH Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz Percentage of memory in use: 79% Total physical RAM: 4016.42 MB Available physical RAM: 815.34 MB Total Virtual: 7253.67 MB Available Virtual: 2200.41 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:243.65 GB) (Free:32.84 GB) NTFS Drive d: (Data) (Fixed) (Total:341.8 GB) (Free:134.68 GB) NTFS Drive e: () (Fixed) (Total:345.57 GB) (Free:43.96 GB) NTFS Drive g: () (Removable) (Total:0 GB) (Free:0 GB) \\?\Volume{f7b2add7-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F7B2ADD7) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=243.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=341.8 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=345.6 GB) - (Type=07 NTFS) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 1. ==================== End of Addition.txt =======================