Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-06-2021 Ran by ONGDI (19-06-2021 18:04:29) Running from C:\Users\ONGDI\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2017-08-16 07:24:03) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2468496665-4139090219-2585314104-500 - Administrator - Disabled) Guest (S-1-5-21-2468496665-4139090219-2585314104-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2468496665-4139090219-2585314104-1002 - Limited - Enabled) ONGDI (S-1-5-21-2468496665-4139090219-2585314104-1000 - Administrator - Enabled) => C:\Users\ONGDI ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Antivirus (Disabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE} AS: Avira Antivirus (Disabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B001064C-D061-4BAE-9031-416A838D5536}) (Version: 10.2.153.1 - Adobe Systems Incorporated) Adobe Flash Player 10 Plugin (HKLM-x32\...\{9C542173-96F0-435D-A95C-468CAAC75EA0}) (Version: 10.2.153.1 - Adobe Systems Incorporated) Adobe Flash Professional CS5.5 (HKLM-x32\...\{23E445D5-FD83-4C50-A211-EB26A2975317}) (Version: 11.5 - Adobe Systems Incorporated) Advanced SystemCare (HKLM-x32\...\Advanced SystemCare_is1) (Version: 14.1.0 - IObit) Arduino (HKLM-x32\...\Arduino) (Version: 1.8.9 - Arduino LLC) ATI Catalyst Install Manager (HKLM\...\{B066BF95-890E-A532-A58F-D13E0805DC04}) (Version: 3.0.816.0 - ATI Technologies, Inc.) Avira (HKLM-x32\...\{21098ed5-59e9-4203-b79e-63f3c373e022}) (Version: 1.2.155.4877 - Avira Operations GmbH & Co. KG) Hidden Avira (HKLM-x32\...\{2CA8B2E7-B4B7-4553-83E6-448A543EA5AD}) (Version: 1.2.155.4877 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2104.2083 - Avira Operations GmbH & Co. KG) Hidden Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.4.17510 - Avira Operations GmbH & Co. KG) Hidden Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.49.18598 - Avira Operations GmbH & Co. KG) Hidden Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;) Avira Software Updater (HKLM-x32\...\{5FFF909D-D88F-42B9-9A85-328A1290611C}) (Version: 2.0.6.48309 - Avira Operations GmbH & Co. KG) Hidden Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.10.0.11063 - Avira Operations GmbH & Co. KG) Hidden Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.82.130 - Broadcom Corporation) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden CodeBlocks (HKU\S-1-5-21-2468496665-4139090219-2585314104-1000\...\CodeBlocks) (Version: 16.01 - The Code::Blocks Team) Crystal Reports for Visual Studio (HKLM-x32\...\{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}) (Version: 12.51.0.240 - SAP) Hidden Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions) Fences (HKLM-x32\...\Fences) (Version: - Stardock Corporation) FixAuto 1.1.7 (HKLM-x32\...\{84C9CD33-1525-4500-BC16-139522A71B98}_is1) (Version: - Trinh Duc Thang) Foxit Reader (HKLM-x32\...\{BDDF6AEE-7AD7-4CDA-B57F-5BDF9417AD4F}) (Version: 5.1.3.1201 - Foxit Corporation) iF-22v5 (HKLM-x32\...\iF-22v5) (Version: - ) Image To PDF 1.7.7.0 (HKLM-x32\...\{D6CAA5A8-AC4B-45DC-8752-CAE32943C621}_is1) (Version: 1.7.7.0 - zxt2007.com) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35132 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.0.199 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation) IObit Uninstaller 8 (HKLM-x32\...\IObitUninstall) (Version: 8.0.2.29 - IObit) Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation) Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.65.05.21 - ) Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes) mHotspot version 7.7.2.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 7.7.2.0 - 1BN Software & IT Solutions Pvt. Ltd.) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.41 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation) Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation) Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{DA67488A-2689-4F10-B90F-D2F6977509D6}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation) Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation) MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org) PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.) Proteus 7 Professional (HKLM-x32\...\{13C4E8F0-B747-4C7C-9090-884832F9F90A}) (Version: 7.06.0006 - Labcenter Electronics) Python 2.7.10 (HKLM-x32\...\{E2B51919-207A-43EB-AE78-733F9C6797C2}) (Version: 2.7.10150 - Python Software Foundation) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6597 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Screen Recorder Gold V1.2 (HKLM-x32\...\Screen Recorder Gold V1.2) (Version: - ) Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (HKLM\...\{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}) (Version: 10.1.2531.0 - Microsoft Corporation) Hidden TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.18.5 - TeamViewer) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Virtual Serial Port Driver 6.9 (6.9.1.134) (HKLM-x32\...\Virtual Serial Ports Driver_is1) (Version: - ELTIMA Software) VirtualDJ Home FREE (HKLM-x32\...\{5E1375CB-6792-4464-8715-CC3EC83D48FA}) (Version: 7.0.5 - Atomix Productions) Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation) Wondershare Filmora9(Build 9.5.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software) Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare) YTD Video Downloader 5.9.4 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.9.4 - GreenTree Applications SRL) <==== ATTENTION ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2020-12-24] (IObit Information Technology -> IObit) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Program Files (x86)\Notepad++\NppShell_06.dll -> No File ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22] (Stardock Corporation -> Stardock) ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit) ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-05-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll -> No File ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll -> No File ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2020-12-24] (IObit Information Technology -> IObit) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll -> No File ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2020-12-24] (IObit Information Technology -> IObit) ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22] (Stardock Corporation -> Stardock) ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd) ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22] (Stardock Corporation -> Stardock) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-05-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22] (Stardock Corporation -> Stardock) ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll -> No File ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-05-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll -> No File ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll -> No File ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\ONGDI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki Shortcut: C:\Users\ONGDI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com ShortcutWithArgument: C:\Users\ONGDI\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "hxxp://yunobyk.ru/?utm_source=startlink03&utm_content=219cd7cebbc0daa562281c2978ea2cce&utm_term=DD204E33638A0F35855DAE892288B1A5&utm_d=20171027" ==================== Loaded Modules (Whitelisted) ============= 2017-04-22 01:54 - 2017-04-22 01:54 - 000112128 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll 2018-04-04 00:14 - 2018-04-04 00:14 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL 2017-08-16 12:59 - 2012-02-08 03:29 - 000166912 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RsCRLib.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Version 11) (Whitelisted) ========== BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-07-19] (IObit Information Technology -> IObit) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-27] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 08:04 - 2017-10-27 13:23 - 000001037 _____ C:\Windows\system32\drivers\etc\hosts 2017-11-10 04:20 - 2017-11-10 05:06 - 000000511 _____ C:\Windows\system32\drivers\etc\hosts.ics ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;D:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\ HKU\S-1-5-21-2468496665-4139090219-2585314104-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: Media is not connected to internet. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{7A6ECB77-6861-45E9-9B11-B79F5C161CBD}] => (Allow) C:\Windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{33F03B04-B945-4CD6-ACD9-0647F20DA6C6}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{D586BB4D-99CE-4C5B-815E-D9DFED29ADE2}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{2FDCCC40-3693-406A-BE38-C4B36AC54B66}F:\counter-strike source\hl2.exe] => (Block) F:\counter-strike source\hl2.exe => No File FirewallRules: [UDP Query User{1A63E522-75B6-4001-BDEC-76B7E7CD9736}F:\counter-strike source\hl2.exe] => (Block) F:\counter-strike source\hl2.exe => No File FirewallRules: [TCP Query User{79986B24-6A42-4746-A2BB-31459A45583B}I:\moter gp 2002 ghost game\motogp2.exe] => (Block) I:\moter gp 2002 ghost game\motogp2.exe => No File FirewallRules: [UDP Query User{7A1E5662-19C5-47A1-B10D-684A5D4E8261}I:\moter gp 2002 ghost game\motogp2.exe] => (Block) I:\moter gp 2002 ghost game\motogp2.exe => No File FirewallRules: [TCP Query User{F96A58E9-220B-4510-BFD9-4F2D802CA73C}C:\users\ongdi\desktop\moter gp 2002 ghost game\motogp2.exe] => (Block) C:\users\ongdi\desktop\moter gp 2002 ghost game\motogp2.exe => No File FirewallRules: [UDP Query User{299C76CF-038B-489E-B436-A7D7C8804C87}C:\users\ongdi\desktop\moter gp 2002 ghost game\motogp2.exe] => (Block) C:\users\ongdi\desktop\moter gp 2002 ghost game\motogp2.exe => No File FirewallRules: [TCP Query User{ED5867E8-7254-4642-BC61-FB5069A8AB59}J:\11\entertainment\6.games\counter-strike source\hl2.exe] => (Allow) J:\11\entertainment\6.games\counter-strike source\hl2.exe => No File FirewallRules: [UDP Query User{A02F321D-75C2-426C-B996-30F5F3D1ED31}J:\11\entertainment\6.games\counter-strike source\hl2.exe] => (Allow) J:\11\entertainment\6.games\counter-strike source\hl2.exe => No File FirewallRules: [TCP Query User{850E3FD8-7ACF-4B30-B822-74AB9EB40F99}F:\counter-strike source\hl2.exe] => (Block) F:\counter-strike source\hl2.exe => No File FirewallRules: [UDP Query User{0259E5AF-2DB0-4F5C-84D2-2193346E8AFB}F:\counter-strike source\hl2.exe] => (Block) F:\counter-strike source\hl2.exe => No File FirewallRules: [{6B9AAAE5-F280-4A22-AD3A-A721907D314C}] => (Allow) C:\Users\ONGDI\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{0A664558-C714-4B2B-8484-C587E2D7EC44}] => (Allow) C:\Users\ONGDI\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{52D09D62-B68E-4353-AE06-7AB89D38C0FE}] => (Allow) C:\Users\ONGDI\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{46AB6B18-869E-490F-B96B-7F4815790FF5}] => (Allow) C:\Users\ONGDI\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{122D85BB-900D-4CEF-A77B-12B08A4C896F}] => (Allow) C:\Users\ONGDI\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{053A2301-6381-4A9E-B110-3795280388F9}] => (Allow) C:\Users\ONGDI\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [TCP Query User{C1EF0DE8-D461-42D9-A66C-6155DA14B534}C:\users\ongdi\desktop\thesis 2019\2, 10june19\things on video\3. arduino code compiler\arduino-1.9.0-beta-windows\arduino-pr-beta1.9-build-107\tools\mdns-discovery.exe] => (Allow) C:\users\ongdi\desktop\thesis 2019\2, 10june19\things on video\3. arduino code compiler\arduino-1.9.0-beta-windows\arduino-pr-beta1.9-build-107\tools\mdns-discovery.exe => No File FirewallRules: [UDP Query User{2D73DDBD-AEB3-409F-AF84-1B5BA58584AC}C:\users\ongdi\desktop\thesis 2019\2, 10june19\things on video\3. arduino code compiler\arduino-1.9.0-beta-windows\arduino-pr-beta1.9-build-107\tools\mdns-discovery.exe] => (Allow) C:\users\ongdi\desktop\thesis 2019\2, 10june19\things on video\3. arduino code compiler\arduino-1.9.0-beta-windows\arduino-pr-beta1.9-build-107\tools\mdns-discovery.exe => No File FirewallRules: [TCP Query User{E0C849F8-CD63-42D3-8B18-172631656069}C:\users\ongdi\desktop\dd\3. arduino code compiler\arduino-1.9.0-beta-windows\arduino-pr-beta1.9-build-107\tools\mdns-discovery.exe] => (Allow) C:\users\ongdi\desktop\dd\3. arduino code compiler\arduino-1.9.0-beta-windows\arduino-pr-beta1.9-build-107\tools\mdns-discovery.exe => No File FirewallRules: [UDP Query User{FFB1B0B7-81CE-40FB-8D60-F85450D9A979}C:\users\ongdi\desktop\dd\3. arduino code compiler\arduino-1.9.0-beta-windows\arduino-pr-beta1.9-build-107\tools\mdns-discovery.exe] => (Allow) C:\users\ongdi\desktop\dd\3. arduino code compiler\arduino-1.9.0-beta-windows\arduino-pr-beta1.9-build-107\tools\mdns-discovery.exe => No File FirewallRules: [TCP Query User{A3EE152E-1598-4893-B675-457E6FC5B5FD}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe FirewallRules: [UDP Query User{A79B4773-DD88-45AA-88B1-4DA6BE6ABBBC}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe FirewallRules: [TCP Query User{B505C6B1-9158-4B53-9057-D1B326DBF540}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe FirewallRules: [UDP Query User{87CF45E9-832B-48D1-9236-E31E47F863BE}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe FirewallRules: [{33961A1D-C31D-47E7-B041-16CF217E79DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{32D61611-FD02-43F0-B568-E82890BF24E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{E332B170-6FF2-4E2F-8736-C1D76EDCC23C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{1F8A7958-4245-452F-B890-16A522B6B8BB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{205EEC81-86DD-4C8D-A23A-2123013A34EC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{47B0DC63-9C0E-4CBA-83CB-DF6600CF81FE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{54AAB0F3-2B0B-4807-8534-BFB24AAD4B3E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{FF9771E9-E447-4ADD-A775-E0E706391062}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{5AEF2EB3-3979-4944-BE0B-48BC13C734F3}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{59DF0E83-2776-4C04-BA71-9593BD82524D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{4656D91F-DAC5-43F7-8180-17E88087517F}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============ Name: BCM20702A0 Description: BCM20702A0 Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ======================== Application errors: ================== Error: (06/14/2021 08:30:36 PM) (Source: Windows Activation Technologies) (EventID: 3) (User: ) Description: Health check failure: hr = 0x8004FE22, HealthStatus: 0x0000000000002000 Error: (06/08/2021 07:40:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary cpuz145. System Error: The system cannot find the file specified. . Error: (01/01/2001 12:04:17 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 6.1.7601.23537 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1524 Start Time: 01c07358154b9961 Termination Time: 5 Application Path: C:\Windows\explorer.exe Report Id: 64686ab9-df4b-11d4-81e0-3c970e24893c Error: (06/04/2021 09:59:42 PM) (Source: Windows Activation Technologies) (EventID: 3) (User: ) Description: Health check failure: hr = 0x8004FE22, HealthStatus: 0x0000000000002000 Error: (05/28/2021 09:59:32 PM) (Source: Windows Activation Technologies) (EventID: 3) (User: ) Description: Health check failure: hr = 0x8004FE22, HealthStatus: 0x0000000000002000 Error: (05/28/2021 09:56:51 PM) (Source: Application Error) (EventID: 1005) (User: ) Description: Windows cannot access the file C:\Windows\System32\oleaut32.dll for one of the following reasons: there is a problem with the network connection, the disk that the file is stored on, or the storage drivers installed on this computer; or the disk is missing. Windows closed the program Windows Explorer because of this error. Program: Windows Explorer File: C:\Windows\System32\oleaut32.dll The error value is listed in the Additional Data section. User Action 1. Open the file again. This situation might be a temporary problem that corrects itself when the program runs again. 2. If the file still cannot be accessed and - It is on the network, your network administrator should verify that there is not a problem with the network and that the server can be contacted. - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file from a backup copy. 5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for further assistance. Additional Data Error value: C0000185 Disk type: 3 Error: (05/28/2021 09:56:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: explorer.exe, version: 6.1.7601.23537, time stamp: 0x57c44efe Faulting module name: OLEAUT32.dll, version: 6.1.7601.23775, time stamp: 0x58f4e14e Exception code: 0xc0000006 Fault offset: 0x000000000004b530 Faulting process id: 0x1100 Faulting application start time: 0x01d7538e4bf86d3c Faulting application path: C:\Windows\explorer.exe Faulting module path: C:\Windows\system32\OLEAUT32.dll Report Id: 81200cc6-bfd1-11eb-ab25-3c970e24893c Error: (05/28/2021 12:22:41 PM) (Source: Avira.Spotlight.Service) (EventID: 0) (User: ) Description: Failed to verify assemblies: Could not find file 'C:\Program Files (x86)\Avira\Security\System.Net.Http.dll'. System errors: ============= Error: (06/10/2021 03:32:37 PM) (Source: volsnap) (EventID: 36) (User: ) Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (06/09/2021 06:26:29 PM) (Source: volsnap) (EventID: 36) (User: ) Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (06/09/2021 05:57:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (120000 milliseconds) was reached while waiting for a transaction response from the btwdins service. Error: (06/08/2021 08:48:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (120000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service. Error: (06/06/2021 06:55:34 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The Avira Scheduler service terminated with service-specific error Incorrect function. . Error: (01/01/2001 12:01:02 AM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume3. Error: (01/01/2001 12:01:02 AM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume3. Error: (06/04/2021 10:20:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Windows Defender: ================ Date: 2021-03-03 21:09:19.903 Description: Windows Defender scan has been stopped before completion. Scan Type:AntiSpyware Scan Parameters:Quick Scan Date: 2017-10-27 13:40:29.185 Description: Windows Defender has detected spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/LoadMoney&threatid=223699 Name:PUA:Win32/LoadMoney Severity:Severe Category:Potentially Unwanted Software Path Found:file:C:\Users\ONGDI\AppData\Local\Temp\E89THE58blOi.exe;file:C:\Users\ONGDI\AppData\Local\wupdate\wupdate.exe;file:C:\Windows\System32\Tasks\wupdate;file:C:\Windows\Tasks\wupdate.job;process:pid:2192;process:pid:7748;regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43090CA9-4A3F-4A93-B1F9-A9BA643DC171};regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\wupdate;taskscheduler:C:\Windows\System32\Tasks\wupdate;taskscheduler:C:\Windows\Tasks\wupdate.job Detection Type:Concrete Detection Source:Real-Time Protection Status:Unknown Process Name: Date: 2017-10-27 13:38:21.879 Description: Windows Defender has detected spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/LoadMoney&threatid=223699 Name:PUA:Win32/LoadMoney Severity:Severe Category:Potentially Unwanted Software Path Found:file:C:\Users\ONGDI\AppData\Local\Temp\E89THE58blOi.exe;file:C:\Users\ONGDI\AppData\Local\wupdate\wupdate.exe;process:pid:2192;process:pid:7748 Detection Type:Concrete Detection Source:Real-Time Protection Status:Unknown Process Name: Date: 2017-10-27 13:37:11.837 Description: Windows Defender has detected spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/LoadMoney&threatid=223699 Name:PUA:Win32/LoadMoney Severity:Severe Category:Potentially Unwanted Software Path Found:file:C:\Users\ONGDI\AppData\Local\Temp\Hu2GTtUflfhX.exe;file:C:\Users\ONGDI\AppData\Local\Temp\ZKYJCfAsHsvI.exe;process:pid:5988;process:pid:6728 Detection Type:Concrete Detection Source:Real-Time Protection Status:Unknown Process Name: Date: 2017-10-27 13:36:55.497 Description: Windows Defender has detected spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/LoadMoney&threatid=223699 Name:PUA:Win32/LoadMoney Severity:Severe Category:Potentially Unwanted Software Path Found:file:C:\Users\ONGDI\AppData\Local\Temp\Hu2GTtUflfhX.exe;process:pid:6728 Detection Type:Concrete Detection Source:Real-Time Protection Status:Unknown Process Name: Date: 2021-05-19 23:36:23.425 Description: %1 engine has been terminated due to an unexpected error. Failure Type:%5 Exception code:%6 Resource:%3 Date: 2021-01-15 22:08:37.203 Description: %1 engine has been terminated due to an unexpected error. Failure Type:%5 Exception code:%6 Resource:%3 Date: 2021-01-15 22:04:37.422 Description: %1 engine has been terminated due to an unexpected error. Failure Type:%5 Exception code:%6 Resource:%3 Date: 2020-02-08 14:43:27.104 Description: %1 engine has been terminated due to an unexpected error. Failure Type:%5 Exception code:%6 Resource:%3 Date: 2019-11-27 00:06:18.319 Description: %1 engine has been terminated due to an unexpected error. Failure Type:%5 Exception code:%6 Resource:%3 ==================== Memory info =========================== BIOS: LENOVO H2ET31WW(1.09) 05/09/2012 Motherboard: LENOVO 3464A92 Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz Percentage of memory in use: 81% Total physical RAM: 3882.18 MB Available physical RAM: 704.88 MB Total Virtual: 7762.53 MB Available Virtual: 3653.26 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:116.41 GB) (Free:4.62 GB) NTFS Drive d: (Softwares n all!) (Fixed) (Total:78.67 GB) (Free:44.14 GB) NTFS Drive e: (Movies!) (Fixed) (Total:100.1 GB) (Free:45.34 GB) NTFS Drive f: (Entertainment!) (Fixed) (Total:100.11 GB) (Free:78.29 GB) NTFS Drive g: (0ngdi!) (Fixed) (Total:70.25 GB) (Free:54.25 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 34ACF709) Partition: GPT. ==================== End of Addition.txt =======================