My laptop hangs often. I use Chrome or Firefox as my browsers. The problem exists no matter what browser I use. I recently changed my existing RAM because of rust; I live near the beach. I'm attaching FRST and Addition.txt files. Kindly go through at your earliest opportunity.
Thanks in advance for your time and expertise.
Hari
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by Admin (administrator) on PINKYPC (Acer Aspire E5-573) (09-03-2021 09:38:14)
Running from D:\Users\Hari\Desktop
Loaded Profiles: Admin & HKP
Platform: Windows 10 Pro Version 2004 19041.508 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe <2>
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel® pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avpui.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\plugins_nms.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksdeui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.740_none_e752aa59261f271f\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14049536 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe [659976 2020-08-24] (Kaspersky Lab -> AO Kaspersky Lab)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.82\Installer\chrmstp.exe [2021-03-07] (Google LLC -> Google LLC)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Desktop.lnk [2020-11-11]
ShortcutTarget: Facebook Desktop.lnk -> C:\Program Files (x86)\facebook\Facebook.exe (No File)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Internet Security.lnk [2020-09-23]
ShortcutTarget: Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avpui.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-09-23]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {23BB1C95-11C8-4569-86B0-E37C0807DC2A} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2020-11-07] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {697FC4F7-25D7-40D1-AC40-B71C0DA3495F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-17] (Google LLC -> Google LLC)
Task: {82599E7F-D9D0-4E63-8A31-BB3039439681} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {86FC3E9E-4270-4B9B-A0C6-05E4285690E4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8D373100-8521-4F1F-A140-3C208AD0F6F9} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [6977272 2020-10-30] (Ratiborus MSFree Inc. -> MSFree Inc.) [File not signed]
Task: {A20EAE08-5CF3-437F-B5FA-2D094B490F84} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {A3E106E5-6FB5-4DBC-A095-9046A04338EE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-03-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {D8E8C76C-2743-4EE3-8119-747CEB56D454} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-17] (Google LLC -> Google LLC)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{204c116b-6fd7-4c3b-9e48-c2e7e4617036}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{81111830-bb22-49f9-aff4-e32e13b38852}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c23d7450-894e-4fc3-bf70-ee1640bd876d}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-03]
Edge Extension: (Kaspersky Protection) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-02-07]
Edge Extension: (myTube! Companion) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cbfmaiojcgociaafdiagpdhhhflgmnch [2020-12-07]
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2021-03-03]
Edge HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-3076391084-2480122960-4283986350-1004\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FireFox:
========
FF DefaultProfile: utnvbqjy.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\utnvbqjy.default [2020-09-23]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bk6gdjjl.default-release-1612322717294 [2021-03-09]
FF Extension: (Kaspersky Protection) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bk6gdjjl.default-release-1612322717294\Extensions\light_plugin[email protected] [2021-02-11]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\utnvbqjy.default\extensions\staged\[email protected]
FF Extension: (SaveFrom.net helper) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\utnvbqjy.default\extensions\staged\[email protected] [2020-01-14] [UpdateUrl:hxxps://download.sf-helper.com/mozilla/updates.json]
FF HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\Firefox\Extensions: [[email protected]] - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\utnvbqjy.default\extensions\staged\[email protected]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-09-24] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-09-24] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2021-03-09]
CHR DownloadDir: D:\Users\Hari\Desktop\Downloads Chrome
CHR Notifications: Default -> hxxps://babylonbee.com; hxxps://deadstate.org; hxxps://listenmusic.fun; hxxps://matswhyask.cam; hxxps://mewe.com; hxxps://nypost.com; hxxps://thepiratebay.org; hxxps://thewire.in; hxxps://web.whatsapp.com; hxxps://www.accuweather.com; hxxps://www.hindustantimes.com; hxxps://www.ndtv.com; hxxps://www.rawstory.com; hxxps://www.telegraphindia.com; hxxps://www.thenewsminute.com; hxxps://www.thewrap.com
CHR HomePage: Default -> hxxps://homepage-web.com/?s=acer&m=home
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://homepage-web.com/?s=acer&m=start"
CHR DefaultSearchURL: Default -> hxxps://192.168.1.240/bahmni/favicon.ico
CHR Extension: (Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-23]
CHR Extension: (Kaspersky Protection) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-02-21]
CHR Extension: (Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-23]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-29]
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2021-02-04]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-23]
CHR Extension: (OpenERP) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapopdbfnfhcgfdldoielojfiidmecaj [2020-10-31]
CHR Extension: (Volume Booster) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejkiikneibegknkgimmihdpcbcedgmpo [2021-03-07]
CHR Extension: (ZenMate Free VPN–Best VPN for Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2021-01-22]
CHR Extension: (Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-23]
CHR Extension: (Sound Booster) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fncadplkibohomhpfeefbcohaooabokm [2020-10-31]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-02-27]
CHR Extension: (Ultimate Volume Booster) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcfnhafpadfnabbnjnhdfdacolpmdbjo [2020-12-26]
CHR Extension: (Save to Facebook) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2020-10-31]
CHR Extension: (Anti-Phishing & Authenticity Checker) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mggehmlfnempkheebgikhmemhnnpacle [2020-10-31]
CHR Extension: (Video Downloader PLUS) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\njgehaondchbmjmajphnhlojfnbfokng [2021-02-20]
CHR Extension: (Bahmni Home) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlejgcccohmalhjkncfcbnbekihgnnmg [2020-10-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Smallpdf - Edit, Compress and Convert PDF) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohfgljdgelakfkefopgklcohadegdpjf [2021-02-10]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-07]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [moihledlmchhofenpacbhphnbnpakgmo]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [moihledlmchhofenpacbhphnbnpakgmo]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3743464 2021-03-09] (philandro Software GmbH -> philandro Software GmbH)
R2 AVP21.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avp.exe [381928 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 klvssbridge64_21.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\vssbridge64.exe [467352 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [351424 2020-12-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe [644264 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5097896 2020-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wpscloudsvr; C:\ProgramData\Kingsoft\office6\wpscloudsvr.exe [1482496 2020-10-28] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [251608 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110392 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [212280 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [127288 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37496 2020-10-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [523576 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [659768 2020-12-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1341232 2020-12-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.2\Bases\klids.sys [245280 2021-02-16] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1025336 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [95544 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [113464 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [113464 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85288 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [97080 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-21] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [257208 2020-10-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2020-09-23] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [310232 2021-01-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [116888 2021-01-14] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [207352 2020-10-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [153400 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [250168 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300856 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2020-05-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [55904 2019-06-26] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [20496 2019-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49552 2021-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [419040 2021-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-15] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
U1 aswbdisk; no ImagePath
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
S2 MsLldp; system32\drivers\mslldp.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-09 08:16 - 2021-03-09 08:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-05 11:29 - 2021-03-05 11:29 - 000001366 _____ C:\Users\Public\Desktop\YTD Video Downloader.lnk
2021-03-05 11:29 - 2021-03-05 11:29 - 000001366 _____ C:\ProgramData\Desktop\YTD Video Downloader.lnk
2021-03-05 11:29 - 2021-03-05 11:29 - 000000000 ____D C:\ProgramData\YTD Video Downloader
2021-03-05 11:29 - 2021-03-05 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2021-03-05 11:29 - 2021-03-05 11:29 - 000000000 ____D C:\Program Files (x86)\GreenTree Applications
2021-02-20 12:05 - 2021-02-27 08:33 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-20 10:52 - 2021-02-20 10:52 - 000001155 _____ C:\Users\Public\Desktop\Kaspersky VPN.lnk
2021-02-20 10:52 - 2021-02-20 10:52 - 000001155 _____ C:\ProgramData\Desktop\Kaspersky VPN.lnk
2021-02-20 10:52 - 2021-02-20 10:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-09 09:56 - 2019-12-07 14:44 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-09 09:42 - 2020-01-11 18:17 - 000000000 ____D C:\FRST
2021-03-09 08:59 - 2020-07-22 15:32 - 000000000 ___HD C:\$WinREAgent
2021-03-09 08:59 - 2019-12-07 14:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-09 08:50 - 2020-08-25 10:32 - 000000000 ____D C:\Program Files\CCleaner
2021-03-09 08:46 - 2020-07-14 10:45 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-09 08:45 - 2019-06-10 08:10 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2021-03-09 08:41 - 2020-10-18 11:07 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-09 08:41 - 2020-07-23 10:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-09 08:41 - 2020-07-23 10:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-09 08:41 - 2020-07-14 09:45 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-03-09 08:41 - 2019-06-09 20:01 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2021-03-09 08:26 - 2020-07-23 10:14 - 000000000 ____D C:\Users\Admin
2021-03-09 08:25 - 2020-09-02 06:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-09 08:25 - 2020-07-14 10:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-09 08:16 - 2020-07-14 10:45 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-09 08:09 - 2020-09-23 15:03 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2021-03-08 09:07 - 2020-10-18 09:06 - 000000000 ____D C:\Users\HKP
2021-03-08 08:30 - 2019-12-07 14:44 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-08 08:30 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-07 11:09 - 2020-07-23 11:00 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-07 11:09 - 2020-07-23 11:00 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-03-07 11:09 - 2020-07-23 11:00 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-03-07 08:52 - 2020-07-21 09:06 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-07 08:52 - 2020-07-21 09:06 - 000002259 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-03-07 08:52 - 2020-07-21 09:06 - 000002259 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-03-06 20:03 - 2020-08-25 10:32 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-06 07:43 - 2018-11-14 22:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-03-05 20:34 - 2019-12-07 14:33 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-05 18:53 - 2020-07-18 07:49 - 000000000 ____D C:\Users\Admin\AppData\Roaming\qBittorrent
2021-03-05 17:38 - 2020-07-14 12:44 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2021-03-05 10:46 - 2020-10-28 10:29 - 000000794 _____ C:\Users\Public\Desktop\Bandicut.lnk
2021-03-05 10:46 - 2020-10-28 10:29 - 000000794 _____ C:\ProgramData\Desktop\Bandicut.lnk
2021-03-05 10:45 - 2020-10-28 10:29 - 000000000 ____D C:\Program Files\Bandicut
2021-03-05 10:36 - 2019-12-07 14:43 - 000000000 ____D C:\WINDOWS\INF
2021-03-05 09:05 - 2021-01-14 19:14 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Signal
2021-03-04 18:18 - 2020-07-23 10:34 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 18:18 - 2020-07-23 10:34 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-03 18:48 - 2020-07-17 15:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-03 18:41 - 2020-07-17 15:52 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-03 10:12 - 2020-07-25 14:38 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2021-03-02 12:30 - 2019-12-07 14:33 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-03-02 10:02 - 2020-11-02 16:47 - 000000000 ____D C:\ProgramData\KMSAutoS
2021-02-28 16:35 - 2020-07-23 10:34 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3076391084-2480122960-4283986350-1002
2021-02-28 16:35 - 2020-07-23 10:14 - 000002367 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-28 16:35 - 2019-06-10 08:09 - 000000000 ___RD C:\Users\Admin\OneDrive
2021-02-28 16:33 - 2020-08-24 12:47 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-27 15:39 - 2020-07-14 11:25 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2021-02-27 09:07 - 2020-08-25 10:32 - 000000823 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-02-27 09:07 - 2020-08-25 10:32 - 000000823 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-02-27 09:07 - 2020-07-21 09:52 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Telegram Desktop
2021-02-27 09:07 - 2020-07-21 09:52 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2021-02-24 06:14 - 2020-07-23 10:24 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-22 18:30 - 2020-12-07 10:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-20 10:52 - 2020-09-23 20:41 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-02-20 10:52 - 2020-08-18 10:04 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-02-20 10:52 - 2020-07-24 07:48 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2021-02-16 12:47 - 2020-08-24 12:45 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-02-15 09:01 - 2020-07-14 10:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-14 10:29 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-12 08:19 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-10 15:33 - 2020-08-24 12:49 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
==================== Files in the root of some directories ========
2020-09-17 11:19 - 2020-09-17 12:52 - 000000716 ____H () C:\Users\Admin\AppData\Roaming\{B9E01A73-D7B6-12D6-F7C5-24046901C3E8}
2020-11-01 15:38 - 2020-11-01 15:38 - 000000000 _____ () C:\Users\Admin\AppData\Local\{B1B51752-1266-41A0-A4B0-AC72333324DC}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Admin (09-03-2021 09:59:21)
Running from D:\Users\Hari\Desktop
Windows 10 Pro Version 2004 19041.508 (X64) (2020-07-23 05:05:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Admin (S-1-5-21-3076391084-2480122960-4283986350-1002 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3076391084-2480122960-4283986350-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3076391084-2480122960-4283986350-503 - Limited - Disabled)
Guest (S-1-5-21-3076391084-2480122960-4283986350-501 - Limited - Disabled)
HKP (S-1-5-21-3076391084-2480122960-4283986350-1004 - Administrator - Enabled) => C:\Users\HKP
WDAGUtilityAccount (S-1-5-21-3076391084-2480122960-4283986350-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
FW: Kaspersky Internet Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.2.3 - philandro Software GmbH)
Avidemux VC++ 64bits (HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\{af708a33-16c4-431e-a527-5237bee3c9fc}) (Version: 2.7.6 - Mean)
Bandicut (HKLM-x32\...\Bandicut) (Version: 3.6.3.652 - Bandicam.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.1.1.37576 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.82 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
IrfanView 4.57 (64-bit) (HKLM\...\IrfanView64) (Version: 4.57 - Irfan Skiljan)
Kaspersky Internet Security (HKLM-x32\...\{63129F5E-8EC5-41BA-A4CF-47966CE84953}) (Version: 21.2.16.590 - Kaspersky) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{63129F5E-8EC5-41BA-A4CF-47966CE84953}) (Version: 21.2.16.590 - Kaspersky)
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky VPN (HKLM-x32\...\{221FA56C-0A92-4E58-98FD-CAF82237540C}) (Version: 21.2.16.590 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{221FA56C-0A92-4E58-98FD-CAF82237540C}) (Version: 21.2.16.590 - Kaspersky)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 en-US) (HKLM\...\Mozilla Firefox 86.0 (x64 en-US)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.0.2 - Mozilla)
MP4Tools v3.8 (HKLM-x32\...\MP4Tools_is1) (Version: - Thüring IT-Consulting)
qBittorrent 4.3.3 (HKLM-x32\...\qBittorrent) (Version: 4.3.3 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Signal 1.40.1 (HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 1.40.1 - Open Whisper Systems)
Telegram Desktop version 2.6.1 (HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.6.1 - Telegram FZ-LLC)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
YTD Video Downloader 5.9.18 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.9.18 - GreenTree Applications SRL) <==== ATTENTION
Packages:
=========
7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.1900.3.0_x64__6bk20wvc8rfx2 [2020-09-17] (Hauke Hasselberg)
freda epub ebook reader -> C:\Program Files\WindowsApps\5957Turnipsoft.freda_4.38.0.0_x64__ypmq2qh89vmny [2021-01-15] (Turnipsoft)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-09] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-01-11] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-21] (Microsoft Corporation)
Vodafone Mobile Broadband -> C:\Program Files\WindowsApps\VodafoneGroupServices.VodafoneMobileBroadband_2.10.46.0_x64__cx08jceyq9bcp [2020-07-15] (Vodafone Group Services)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3076391084-2480122960-4283986350-1002_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2020-11-07] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2020-11-07] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2020-11-07] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2020-11-07] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1_S-1-5-21-3076391084-2480122960-4283986350-1002: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> No File
ContextMenuHandlers4_S-1-5-21-3076391084-2480122960-4283986350-1002: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2020-07-14 22:45 - 2020-09-21 17:08 - 000000828 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\IrfanView\IrfanView_Wallpaper.png
HKU\S-1-5-21-3076391084-2480122960-4283986350-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\StartupApproved\StartupFolder: => "startup.exe"
HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\StartupApproved\Run: => "kpm.exe"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{897EA980-C35F-4857-B374-763F719E859F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EC61361A-AF7E-4542-A63C-2070ECF7EADE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2BCE7B29-2AEE-4A62-88FC-A23671F697F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C231C83A-44A6-448B-8DAE-B4313014E25E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{212D1384-9932-4514-8EEE-4CC89F0034D8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C03AFBAE-0E58-43C6-A47B-25384B579B0B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{26E996A4-5F15-48EA-BA31-D7A8FBBC51C9}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{9336D091-4568-417F-B800-D94165BF9C97}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{6C8BC830-2543-4BF5-BAA4-8A001051DAC1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{7B082CFA-892C-4C3F-95FB-CCC01A3FCDD2}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{B627FF28-6B36-41B9-AFF6-1153353B8128}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{39FB9652-45C0-4158-B2C3-6F75BB90EE6B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{4F5950D9-669E-4FDD-82CD-7BC5E76135B9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{769D80C9-AD59-4103-A763-510B1518ED56}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{0405A4F8-9B7D-415A-BD83-0DC35CB8C72B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{F0BC19B3-C32F-4770-9E93-BE8940F081B0}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{E18A98DA-BCE8-417E-9A59-6CF67E149B9C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
==================== Restore Points =========================
06-03-2021 14:05:46 Windows Modules Installer
07-03-2021 08:55:00 Windows Modules Installer
07-03-2021 16:47:33 Windows Modules Installer
08-03-2021 08:57:33 Windows Modules Installer
08-03-2021 16:07:39 Windows Modules Installer
09-03-2021 09:00:28 Windows Modules Installer
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: HD WebCam
Description: USB Video Device
Class Guid: {ca3e7ab9-b4c3-4ae6-8251-579ef933890f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (03/09/2021 08:16:50 AM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostw (3980,G,0) An attempt to open the file "C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (03/09/2021 08:14:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 5.77.0.8448 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 4f8
Start Time: 01d7148db3afad55
Termination Time: 11
Application Path: C:\Program Files\CCleaner\CCleaner64.exe
Report Id: 39324329-cc8a-438e-affc-501db6bc8114
Faulting package full name:
Faulting package-relative application ID:
Hang type: Cross-thread
Error: (03/08/2021 12:32:31 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on System Reserved because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (03/08/2021 09:41:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.19041.488 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1bec
Start Time: 01d713c704d0bc5f
Termination Time: 0
Application Path: C:\Windows\explorer.exe
Report Id: 7578f41d-d84b-4af0-b52d-d48b475b395c
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
Error: (03/08/2021 09:25:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wuauclt.exe, version: 10.0.19041.508, time stamp: 0x5c5723e6
Faulting module name: ntdll.dll, version: 10.0.19041.488, time stamp: 0x70e69bad
Exception code: 0xc0000005
Fault offset: 0x0000000000045e16
Faulting process id: 0x1880
Faulting application start time: 0x01d713c7a2a34c0a
Faulting application path: C:\WINDOWS\system32\wuauclt.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 8037e11d-beb4-41a8-8308-32e6d9f87620
Faulting package full name:
Faulting package-relative application ID:
Error: (03/08/2021 09:23:18 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program svchost.exe version 10.0.19041.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: b60
Start Time: 01d713c6e6ec1a62
Termination Time: 4294967295
Application Path: C:\Windows\System32\svchost.exe
Report Id: 9133c251-c24f-48d3-9243-4401d7f56477
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
Error: (03/07/2021 10:58:19 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007
Error: (03/07/2021 10:58:19 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (03/09/2021 09:37:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f081f: Feature update to Windows 10, version 20H2.
Error: (03/09/2021 08:54:27 AM) (Source: DCOM) (EventID: 10010) (User: PINKYPC)
Description: The server {94269C4E-071A-4116-90E6-52E557067E4E} did not register with DCOM within the required timeout.
Error: (03/09/2021 08:43:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MsLldp service failed to start due to the following error:
The system cannot find the file specified.
Error: (03/09/2021 08:41:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MsLldp service failed to start due to the following error:
The system cannot find the file specified.
Error: (03/09/2021 08:41:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MsLldp service failed to start due to the following error:
The system cannot find the file specified.
Error: (03/09/2021 08:41:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MsLldp service failed to start due to the following error:
The system cannot find the file specified.
Error: (03/09/2021 08:41:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMChameleon service failed to start due to the following error:
The system cannot find the file specified.
Error: (03/09/2021 08:41:04 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.
Windows Defender:
================
Date: 2021-02-24 17:07:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-15 10:09:48
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-23 18:13:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-03-04 07:50:54
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.331.2296.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-02-15 08:26:38
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.323.1746.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17500.4
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-02-15 08:09:25
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.323.1746.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17500.4
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2021-02-15 08:09:25
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.323.1746.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17500.4
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2021-02-14 11:04:30
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.323.1746.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17500.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===============
Date: 2021-03-09 08:47:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2021-03-09 08:45:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.37 02/16/2016
Motherboard: Acer ZORO_BH
Processor: Intel® Core i3-5005U CPU @ 2.00GHz
Percentage of memory in use: 78%
Total physical RAM: 4016.42 MB
Available physical RAM: 872.18 MB
Total Virtual: 7744.67 MB
Available Virtual: 2460.27 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:243.65 GB) (Free:50.03 GB) NTFS
Drive d: (Data) (Fixed) (Total:341.8 GB) (Free:135.5 GB) NTFS
Drive e: () (Fixed) (Total:345.57 GB) (Free:45.51 GB) NTFS
Drive g: () (Removable) (Total:0 GB) (Free:0 GB)
\\?\Volume{f7b2add7-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F7B2ADD7)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=243.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=341.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=345.6 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== End of Addition.txt =======================