Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2022 Ran by stu (25-01-2022 14:33:55) Running from C:\Users\stu\Downloads Microsoft Windows 10 Pro Version 21H1 19043.1415 (X64) (2020-07-31 01:52:54) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-2850149270-2595152120-825338289-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2850149270-2595152120-825338289-503 - Limited - Disabled) defaultuser0 (S-1-5-21-2850149270-2595152120-825338289-1000 - Limited - Disabled) => C:\Users\defaultuser0 Guest (S-1-5-21-2850149270-2595152120-825338289-501 - Limited - Disabled) hills (S-1-5-21-2850149270-2595152120-825338289-1005 - Limited - Disabled) stu (S-1-5-21-2850149270-2595152120-825338289-1001 - Administrator - Enabled) => C:\Users\stu WDAGUtilityAccount (S-1-5-21-2850149270-2595152120-825338289-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton 360 (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0} AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1} FW: Norton 360 (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe) Amazon Music (HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\Amazon Amazon Music) (Version: 8.8.2.2305 - Amazon.com Services LLC) AMD Catalyst Install Manager (HKLM\...\{4B5124DF-F465-2BA6-FCCF-82C149E1223D}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) Avanquest Message (HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\{20573C69-4A68-4BEF-A23D-365CB66924CE}) (Version: 2.12.0 - Avanquest Software) Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.37 - Avanquest Software) cardPresso (HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\cardPresso) (Version: 1.6.110 - Copyright 2021, cardPresso, Lda) CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform) CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1187.1 - Piriform Software) Hidden Evolis Premium Suite version 6.32.2.1318 (HKLM\...\Evolis Premium Suite_is1) (Version: 6.32.2.1318 - Evolis Card Printer) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC) HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{1B77E249-B8D5-4E5E-8848-693ACEF84E6D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Deskjet 3050A J611 series Help (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard) HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{A772BF60-20A5-4279-A18B-B9D8DBC9B30A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Support Solutions Framework (HKLM-x32\...\{A48E3DFF-E771-404F-A605-544B85783CF6}) (Version: 12.19.48.1 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HydraVision (HKLM-x32\...\{396230C1-0E92-10EC-4F53-615C666DA871}) (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden ImageBase (HKLM-x32\...\ImageBase_is1) (Version: - Digital ID Ltd) inPixio Content Pack x50 (HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\{C106EC85-2552-4650-A436-BE01D7AEF287}) (Version: 1.0.0 - inPixio) inPixio Photo Clip 9 (HKLM-x32\...\{45C85359-2C7F-4D57-B445-95C7CD82EF3A}) (Version: 9.01.0 - InPixio) InPixio Photo Maximizer 4 (HKLM-x32\...\{AC2A153C-6E2B-486D-B048-55DA6A855B32}) (Version: 4.0.2 - InPixio) inPixio Photo Studio 10 (HKLM-x32\...\{EEB2D77B-37DD-4FA2-9B4D-F6724AEC95DF}) (Version: 10.05.0 - inPixio) inPixio Photo Studio 11 (HKLM\...\{82FD75EF-3E1A-481C-8F49-F95F1A5EC8FE}) (Version: 11.5.19.1494 - Avanquest Software) Hidden inPixio Photo Studio 11 (HKLM-x32\...\inPixio Photo Studio 11) (Version: 11.5.19.1494 - Avanquest Software) inPixio Photo Studio 11 Remove Background (HKLM\...\{130213C7-8012-49A4-A585-F5E5056E09D5}) (Version: 11.5.19.1494 - Avanquest Software) Hidden inPixio Photo Studio 11 Remove Sky (HKLM\...\{635A38B8-1475-4847-A1F0-DF5ACF2C9A68}) (Version: 11.5.19.1494 - Avanquest Software) Hidden inPixio Photo Studio 11 Resources (HKLM\...\{EDA4B38F-75F0-4D4C-8FCC-6BC08F469DA2}) (Version: 11.5.19.1494 - Avanquest Software) Hidden InstaCards (HKLM-x32\...\{58259C24-7B5E-4977-93B0-E9EEA1B884CE}) (Version: 1.7.0 - InPixio) Manager (HKLM-x32\...\{330A7F6B-389D-4E1B-9746-791FEED7C126}) (Version: 10.0.3.26918 - Avanquest Software) Hidden Messenger (HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 130.0.331378266 - Facebook, Inc.) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.69 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.14729.20260 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.14729.20260 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{56F27690-F6EA-3356-980A-02BA379506EE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1b103cea-f037-4504-81de-956057b442c3}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30037 (HKLM-x32\...\{4b2f3795-f407-415e-88d5-8c8ab322909d}) (Version: 14.29.30037.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30037 (HKLM-x32\...\{dfea0fad-88b2-4a1f-8536-3f8f9391f4ef}) (Version: 14.29.30037.0 - Microsoft Corporation) Norton 360 (HKLM-x32\...\NGC) (Version: 22.21.11.46 - NortonLifeLock Inc) NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation) NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation) NVIDIA Graphics Driver 496.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.49 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.92 - NVIDIA Corporation) NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden PDFHub (HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\PDFHub) (Version: 1.0 - PDFHub) Photo Focus (HKLM\...\{BC5AB258-4F4E-40E7-8B3C-8A4121E391D6}) (Version: 4.2.7759.21167 - Avanquest Software) Hidden Photo Maximizer (HKLM\...\{5AB15CE4-4895-4B17-9F5A-B970ADD87ABF}) (Version: 5.2.7759.20869 - Avanquest Software) Hidden Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.2104.61 - Trusteer) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.50.511.2021 - Realtek) Restoro (HKLM\...\Restoro) (Version: 2.1.0.0 - Restoro) <==== ATTENTION searchtoolshub (HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\searchtoolshub) (Version: 1.0 - searchtoolshub) setuppad (HKLM\...\{4ce0e4e1-4c9a-4e48-bfaf-aab5dabd96a8}.sdb) (Version: - ) Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.2104.61 - Trusteer) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation) Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation) WidsMob Panorama (HKLM-x32\...\{D34ECBC9-7371-4F12-9353-9A84AFEAA4EC}) (Version: 2.5.8 - WidsMob Technology Co. Limited) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23367 - Microsoft Corporation) Windows Driver Package - ASMedia Technology Inc (asmthub3) USB (05/21/2020 1.16.61.1) (HKLM\...\796D6CE232E4F49F6DF161D2BFEEE0145C5D57EE) (Version: 05/21/2020 1.16.61.1 - ASMedia Technology Inc) Windows Driver Package - ASMedia Technology Inc (asmtxhci) USB (05/21/2020 1.16.61.1) (HKLM\...\E3981C64B0FA0ABF9C175F55D56CEB24F15D8B69) (Version: 05/21/2020 1.16.61.1 - ASMedia Technology Inc) Windows Driver Package - NVIDIA (nvvad_WaveExtensible) MEDIA (05/01/2019 4.16.0.0) (HKLM\...\3803CA82EC76D915A75D171320A153E54D8210DD) (Version: 05/01/2019 4.16.0.0 - NVIDIA) Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation) Zoom (HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\ZoomUMX) (Version: 5.6.1 (617) - Zoom Video Communications, Inc.) Packages: ========= Amazon.co.uk_ Low Prices in Electronics, Books, Sports Equipment & more -> C:\Program Files\WindowsApps\www.amazon.co.uk-7BD546A7_1.0.0.2_neutral__x6tk0m2hp1p84 [2021-05-30] (www.amazon.co.uk) Animotica -> C:\Program Files\WindowsApps\24711Mixilab.Animotica_1.1.106.0_x64__c39s816dkej80 [2022-01-22] (Mixilab) Any DVD -> C:\Program Files\WindowsApps\15191PeakPlayer.50533F9B98293_3.2.3.0_x64__y5c4dfz5b21fm [2021-08-05] (Any DVD & Office App) Any DVD -> C:\Program Files\WindowsApps\15191PeakPlayer.50533F9B98293_3.2.6.0_x64__y5c4dfz5b21fm [2021-08-15] (Any DVD & Office App) Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-12] (Autodesk Inc.) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.13.66.0_x86__kgqvnymyfvs32 [2022-01-13] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.209.700.0_x86__kgqvnymyfvs32 [2022-01-16] (king.com) Diagnostic Data Viewer -> C:\Program Files\WindowsApps\Microsoft.DiagnosticDataViewer_4.2007.11582.0_x64__8wekyb3d8bbwe [2022-01-22] (Microsoft Corporation) Duplicate File Deleter -> C:\Program Files\WindowsApps\ParetologicInc.DuplicateFileDeleter_1.1.13.0_x64__7xafqjhwgrpy4 [2019-11-26] (Paretologic, Inc) Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2021-09-29] (Facebook Inc) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6 [2021-12-13] (HP Inc.) IBM Trusteer Rapport -> C:\Program Files\WindowsApps\IBMTrusteer.IBMTrusteerRapport_1.1.34.0_x64__756wk15nt3n8e [2019-04-15] (IBM Trusteer) Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2020-06-18] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2020-06-18] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-02] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-02] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-22] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-05-13] (Netflix, Inc.) Norton Safe Web -> C:\Program Files\WindowsApps\SymantecCorporation.NortonSafeWeb_3.14.3.0_neutral__v68kp9n051hdp [2021-07-29] (NortonLifeLock Inc.) Norton Security -> C:\Program Files\Norton Security\Engine\22.21.11.46 [2022-01-25] (0) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-24] (NVIDIA Corp.) Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-04-07] (Microsoft Corporation) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-09] (Microsoft Corporation) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0 [2022-01-24] (Spotify AB) [Startup Task] TouchOffice Web - Home -> C:\Program Files\WindowsApps\www.touchoffice.net-FE16BE0F_1.0.0.2_neutral__433r0xdykhpja [2021-05-30] (www.touchoffice.net) VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2022-01-22] (VideoLAN) WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2149.4.0_x64__cv1g1gvanyjgm [2022-01-24] (WhatsApp Inc.) Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2021-04-09] (Microsoft Corporation) [MS Ad] ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2850149270-2595152120-825338289-1001_Classes\CLSID\{642ccb6b-4be1-471e-bc61-606dd9dc7c79}\localserver32 -> C:\Program Files\InPixio\Photo Studio 11\PhotoStudioIPS11.exe (Avanquest Logiciels (7270356 Canada Inc) -> InPixio) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.11.46\buShell.dll [2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.11.46\buShell.dll [2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.11.46\buShell.dll [2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.11.46\buShell.dll [2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.11.46\buShell.dll [2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.11.46\buShell.dll [2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.11.46\buShell.dll [2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.11.46\NavShExt.dll [2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.11.46\NavShExt.dll [2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\nvshext.dll [2021-10-21] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.11.46\buShell.dll [2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.11.46\NavShExt.dll [2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\stu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Dashboard _ Wix.com.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mkiknnokfagcdaeeanngikfjpimpdkdh ShortcutWithArgument: C:\Users\stu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\HOME _ Mysite.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=helinbfmfjpbgceiemlhohilbedonahg ==================== Loaded Modules (Whitelisted) ============= 2018-07-18 14:27 - 2018-07-18 14:27 - 000747520 _____ () [File not signed] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll 2013-07-26 05:59 - 2013-07-26 05:59 - 000814592 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll 2013-09-11 20:57 - 2013-09-11 20:57 - 000214528 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2013-09-11 20:57 - 2013-09-11 20:57 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2013-07-26 05:59 - 2013-07-26 05:59 - 003650560 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll 2021-05-25 21:31 - 2009-04-28 12:45 - 000049664 _____ (Evolis) [File not signed] C:\WINDOWS\System32\evotcpipmon.dll 2020-04-20 17:33 - 2020-04-20 17:33 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll 2020-04-20 17:33 - 2020-04-20 17:33 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData:Easy$Duplicate$Finder [141] AlternateDataStreams: C:\Users\All Users:Easy$Duplicate$Finder [141] AlternateDataStreams: C:\ProgramData\Application Data:Easy$Duplicate$Finder [141] ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== SearchScopes: HKU\S-1-5-21-2850149270-2595152120-825338289-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&l=dis&prt=NGC&chn=1000&geo=GB&ver=22.21.11.46&locale=GB_en&guid=3CA43A3A-EE96-4521-9835-E740CB424FAB&doi=2016-09-01&o=APN11913&vendorConfigured=iac&cmpgn=dec21&gct=kwd&qsrc=2869 BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation) BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.21.11.46\coIEPlg.dll [2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.21.11.46\coIEPlg.dll [2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.21.11.46\coIEPlg.dll [2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.21.11.46\coIEPlg.dll [2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Toolbar: HKU\S-1-5-21-2850149270-2595152120-825338289-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.21.11.46\coIEPlg.dll [2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-08] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-07-16 11:47 - 2021-04-07 17:07 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts 2019-04-03 20:06 - 2019-07-31 07:35 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2850149270-2595152120-825338289-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-2850149270-2595152120-825338289-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\stu\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg DNS Servers: 10.255.0.0 - 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\StartupFolder: => "Evolis Printer Manager.lnk" HKLM\...\StartupApproved\Run: => "Restoro" HKLM\...\StartupApproved\Run32: => "StartCCC" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk" HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\StartupApproved\Run: => "Avanquest Message" HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\StartupApproved\Run: => "DriverFix" HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\StartupApproved\Run: => "DriverUpdate" HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\StartupApproved\Run: => "com.messenger" HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\StartupApproved\Run: => "Amazon Music Helper" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{9F6A4111-FDCD-4621-829C-D4C78CF31B94}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F31D0904-2829-4B27-B889-B6243FE8E68E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FCA628A3-CCDB-4B39-8683-49CDE3BBC0FA}] => (Allow) C:\Users\stu\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{03D8E906-5677-4633-934C-5445E681A073}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{0C26E00D-7EAE-4E1B-B01A-0D444D37B145}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{09F86FD1-61A6-406A-8679-9AB23DC05568}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{3F466128-9A2B-4A6E-AEAA-958C2A610832}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0DA0688F-B475-4CB5-A883-E8690E0622D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B246471C-A662-4C5D-9337-0AAB914E0AF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{816BEAEB-BED5-472E-A7DE-E81584CB767E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{77BD0D8E-8BDA-4FA5-8340-1AFD5E92F93A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D7F8F040-ACD1-41F5-802C-7F34BF1CAB92}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{EE889A7B-C67C-4FCA-8E9A-75E65330D6BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7C2B5195-ACD8-46DE-9D46-F67F436FD1E4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{85EE1041-DF96-4FDB-A4FD-EB427A1414D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{5387BDFF-ED14-489C-BF7A-795C0999D34A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{311FB50F-3B4C-4254-9C82-618B3CF74202}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{595CAD73-9066-4224-952C-DB2FE1E7F8AE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9C45743F-0FE9-4A8F-8709-15E432AC4BDB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{078DB894-82FF-4726-B9DB-C4F544E37E58}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{CAC808C8-4AB4-4A92-9F96-D46F69321C26}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9B0B7ACA-691D-4D0E-BBB6-4957DBAF8D0E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{43F9D202-9818-4EB2-916A-8061BE427CA5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{838AEC4B-9772-49D4-8E6C-01293CD8019A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{6F37543D-C1D9-4D39-A076-D7A41579E04E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{275CCF35-F577-476E-82D2-1E39D454AE9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4C297B0A-9CC1-4705-A40F-B41325FB7F50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{521C050D-BBEB-4FBE-9873-F97F05ADBE9C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 19-01-2022 19:55:58 Windows Modules Installer 19-01-2022 20:52:50 Restore Operation 22-01-2022 21:13:24 已删除 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 22-01-2022 21:18:13 已删除 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 22-01-2022 21:23:28 Removed Windows PC Health Check 23-01-2022 10:16:19 Windows Modules Installer ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (01/25/2022 01:34:00 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Cortana.exe version 3.2111.12605.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1b50 Start Time: 01d811efe90e84a7 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe Report Id: 1e3d5b47-a490-45a6-a036-0a5803c69e84 Faulting package full name: Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe Faulting package-relative application ID: App Hang type: Quiesce Error: (01/25/2022 12:11:17 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: The index cannot be initialized. Details: The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06) Error: (01/25/2022 12:11:17 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: The application cannot be initialized. Context: Windows Application Details: The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06) Error: (01/25/2022 12:11:17 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: The gatherer object cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06) Error: (01/25/2022 12:11:17 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: The plug-in in cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06) Error: (01/25/2022 12:11:16 PM) (Source: Windows Search Service) (EventID: 3057) (User: ) Description: The plug-in manager cannot be initialized. Context: Windows Application Details: (HRESULT : 0x8e5e021f) (0x8e5e021f) Error: (01/25/2022 12:11:15 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt. Details: The content index catalog is corrupt. 0xc0041801 (0xc0041801) Error: (01/25/2022 12:11:02 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: The search service has detected corrupted data files in the index {id=4810 - onecoreuap\base\appmodel\search\search\ytrip\common\util\jetutil.cpp (271)}. The service will attempt to automatically correct this problem by rebuilding the index. Details: 0x8e5e021f (0x8e5e021f) System errors: ============= Error: (01/25/2022 01:30:40 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Downloaded Maps Manager service hung on starting. Error: (01/25/2022 01:26:59 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server Windows.Internal.StateRepository.ApplicationExtension did not register with DCOM within the required timeout. Error: (01/25/2022 01:25:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The HPPrintScanDoctorService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (01/25/2022 01:25:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (45000 milliseconds) while waiting for the HPPrintScanDoctorService service to connect. Error: (01/25/2022 01:25:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The AODDriver4.2.0 service failed to start due to the following error: The system cannot find the file specified. Error: (01/25/2022 01:24:54 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 12:58:22 PM on ‎1/‎25/‎2022 was unexpected. Error: (01/25/2022 12:28:55 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Downloaded Maps Manager service hung on starting. Error: (01/25/2022 12:26:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The HP Support Solutions Framework Service service hung on starting. Windows Defender: ================ Date: 2022-01-16 12:37:20 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2022-01-10 23:00:46 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2022-01-10 22:34:44 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2022-01-09 10:37:38 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2022-01-08 11:24:57 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Event[0]: Date: 2022-01-25 12:08:11 Description: Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version. Security intelligence Attempted: Current Error Code: 0x80070003 Error description: The system cannot find the path specified. Security intelligence version: 0.0.0.0;0.0.0.0 Engine version: 0.0.0.0 Date: 2022-01-23 19:56:41 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.355.2393.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.18800.4 Error code: 0x80070102 Error description: The wait operation timed out. Date: 2022-01-16 13:06:36 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.355.2005.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.18800.4 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode Date: 2022-01-16 12:56:19 Description: Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2022-01-15 15:03:29 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.355.1959.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.18800.4 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. CodeIntegrity: =============== Date: 2022-01-25 13:52:04 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Windows.~BT\NewOS\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_10.0.19041.1320_none_eb574f4899dc32d2\SpatialAudioLicenseSrv.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-01-25 13:52:03 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Windows.~BT\NewOS\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_10.0.19041.1266_none_eb6597ac99d11603\SpatialAudioLicenseSrv.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-01-25 13:50:52 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Windows.~BT\NewOS\Windows\SysWOW64\BioCredProv.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== BIOS: American Megatrends Inc. 1503 11/14/2012 Motherboard: ASUSTeK Computer INC. M5A78L-M/USB3 Processor: AMD FX(tm)-6300 Six-Core Processor Percentage of memory in use: 40% Total physical RAM: 16366.11 MB Available physical RAM: 9767.39 MB Total Virtual: 18798.11 MB Available Virtual: 11033.73 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:929.88 GB) (Free:829.35 GB) NTFS \\?\Volume{edb998a5-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.05 GB) NTFS \\?\Volume{edb998a5-0000-0000-0000-308ee8000000}\ () (Fixed) (Total:0.85 GB) (Free:0.34 GB) NTFS \\?\Volume{edb998a5-0000-0000-0000-a0c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: EDB998A5) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=929.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=870 MB) - (Type=27) Partition 4: (Not Active) - (Size=450 MB) - (Type=27) ==================== End of Addition.txt =======================