I did have to restart the computer and here are the new reports
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-04-2022 01
Ran by Art (administrator) on ART-PC (Hewlett-Packard HP Compaq 8100 Elite CMT PC) (18-04-2022 11:50:32)
Running from C:\Users\Art\Desktop
Loaded Profiles: Art
Platform: Microsoft Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP3LAK.EXE
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(services.exe ->) (INTERNET PROJECT LLC -> Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(spool\drivers\x64\3\CNAP3LAK.EXE ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABISWD.EXE <3>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [CNAP3 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP3LAK.EXE [228520 2021-01-02] (CANON INC. -> CANON INC.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-22] (Kilonova LLC -> )
HKU\S-1-5-21-2012456220-316695357-2301545490-1000\...\Run: [Opera Browser Assistant] => C:\Users\Art\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2012456220-316695357-2301545490-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\MARINE~1.SCR [6938624 2011-06-09] (SereneScreen) [File not signed]
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpzppWN7: C:\Windows\System32\spool\prtprocs\x64\hpzppWN7.dll [101376 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon MFNP Port: C:\Windows\system32\CNCENPM6.dll [152064 2013-01-31] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\CNAP3 Monitor: C:\Windows\system32\CNAP3SMD.DLL [1470464 2014-11-28] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\EPSON XP-340 Series 64MonitorBE: C:\Windows\system32\E_YLMBRBE.DLL [182784 2015-12-08] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2008-03-03] (Hewlett Packard) [File not signed]
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\Windows\system32\hpz3lw71.dll [46080 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-14] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{10880D85-AAD9-4558-ABDC-2AB1552D831F}] -> C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe [2013-01-16] (Hewlett-Packard Company -> Hewlett-Packard Company)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01573DE8-0D4C-4861-916B-E8F74D55E117} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {04724AF9-B688-4BE0-8387-9D95E1F6E474} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {06C59630-0D72-4EC6-AD9B-8C1E520CE97A} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {183FCA79-3655-469D-9FBF-30F3D67FC261} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Art\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-04-17] (ESET, spol. s r.o. -> ESET)
Task: {2CF73D26-3566-4841-8CF4-08F5AEBE0667} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe [555640 2021-03-25] (HP Inc. -> HP Inc.)
Task: {31500587-F98F-4A30-93F0-BABFD763FBBD} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {4025AAEC-33CA-4922-A2F0-1F1D1E5ACA4C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {648D2D9F-02D7-4A3B-AC12-6C843A994DA7} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-09-21] (Garmin International, Inc. -> )
Task: {6886F4CC-75C3-40FE-929F-48DAC792DB52} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {6D43F3A2-07DA-43E8-9C54-27CA2ABE2F8D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2021-08-02] (Google Inc -> Google Inc.)
Task: {712CC812-5E71-469F-8543-21B5BFB01666} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {76530735-C7FD-442C-9E8D-C0FE3E33598D} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2012456220-316695357-2301545490-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {79C8B109-DE68-4ED8-8469-AF0F983DD250} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {7C5FD3AE-1DAF-431D-98BC-79EE52090C02} - System32\Tasks\{99472F5E-C01B-4B91-9137-2EFA7592DDFE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\OpenOffice 4\program\scalc.exe" -d C:\Users\Art\Desktop -c -o "C:\Users\Art\Desktop\May2017Bills.ods"
Task: {A5268831-1CAE-4860-976C-3C44AD94750A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {AA1FC477-E2D9-4AEE-A46B-938B6C698E3D} - System32\Tasks\Canon\OIPPESP\Canon OIP Product Extended Survey Program => C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [1775752 2013-08-30] (CANON INC. -> CANON INC.) -> /Config:"C:\Program Files\Canon\OIPPESP\CnpspCfg.xml"
Task: {B2B0432E-9C38-4E83-89D5-6C61C2AB0DCF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {C28AC525-00FB-446D-A82B-DA0399F10967} - System32\Tasks\Opera scheduled Autoupdate 1627571888 => C:\Users\Art\AppData\Local\Programs\Opera\launcher.exe [2469120 2022-04-06] (Opera Software AS -> Opera Software)
Task: {C3155139-DB86-4D73-A8B4-A0A1E2047FF0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {C37EC27D-BF39-48DB-866F-0A0EE1440126} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {DA22D176-5183-4FA3-9DED-9BB51C2FA710} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [326320 2021-06-16] (HP Inc. -> HP Inc.)
Task: {F7B349A0-0CF2-4AB3-A759-EAAA7CA85C53} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Art\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-04-17] (ESET, spol. s r.o. -> ESET)
Task: {FE887839-7E11-45F3-B917-99F7A03A9354} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [563000 2015-08-27] (Apple Inc. -> Apple Inc.)
Task: {FF988BA5-04AB-4661-B841-C5D586EDB41F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2021-08-02] (Google Inc -> Google Inc.)
Task: {FFE661D7-25C3-418D-83E4-F91C338CB17A} - System32\Tasks\update-S-1-5-21-2012456220-316695357-2301545490-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\update-S-1-5-21-2012456220-316695357-2301545490-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{46456222-9B9B-4384-B862-62B2FAC12445}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{62EBE42C-851F-43FB-B7E2-E9334B0F8D6F}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: whx4aer7.default-1627042292606
FF ProfilePath: C:\Users\Art\AppData\Roaming\TomTom\HOME\Profiles\xd4wb18b.default [2021-06-24]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\
[email protected] [not found]
FF ProfilePath: C:\Users\Art\AppData\Roaming\Mozilla\Firefox\Profiles\whx4aer7.default-1627042292606 [2022-04-15]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Art\AppData\Local\Google\Chrome\User Data\Default [2022-04-18]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Google Drive) - C:\Users\Art\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-19]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Art\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Art\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-14]
CHR Extension: (Gmail) - C:\Users\Art\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\Art\AppData\Roaming\Opera Software\Opera Stable [2022-04-18]
OPR StartupUrls: Opera Stable -> "hxxp://google.com/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Art\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-02-18]
OPR Extension: (Opera Crypto Wallet) - C:\Users\Art\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-04-13]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Art\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-13]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc. -> Apple Inc.)
S3 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [73200 2018-10-10] (INTERNET PROJECT LLC -> Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [15856 2018-10-10] (INTERNET PROJECT LLC -> Ellora Assets Corp.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-15] (Malwarebytes Inc -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [1337216 2022-03-19] (Windscribe Limited -> Windscribe Limited)
S2 adawareantivirusservice; "C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.7.1052.0\AdAwareService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [34416 2017-06-20] (Anvsoft Inc. -> AnvSoft Inc.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
S3 cmnxusbser; C:\Windows\System32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (西安博汇电子科技有限公司 -> Wireless Data Device)
S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [78848 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation)
S3 FXVAD; C:\Windows\System32\drivers\fxvad.sys [326120 2021-07-14] (FxSound, LLC -> Windows ® Win 7 DDK provider)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (ZTE CORPORATION -> HandSet Incorporated)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223688 2022-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2022-04-15] (Malwarebytes Inc -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation -> Microsoft Corporation)
S3 MpKslbb6e0e65; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4542B7-CE09-4B0F-B52E-C2B466C57C9A}\MpKslDrv.sys [50448 2022-04-17] (Microsoft Windows -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation -> Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [48544 2022-03-19] (Windscribe Limited -> The OpenVPN Project)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2014-11-17] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2014-11-21] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2014-11-17] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 vzandnetbus; C:\Windows\System32\DRIVERS\lgvzandnetbus64.sys [29184 2015-04-24] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 vzandnetdiag; C:\Windows\System32\DRIVERS\lgvzandnetdiag64.sys [31232 2015-04-24] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 vzandnetmodem; C:\Windows\System32\DRIVERS\lgvzandnetmdm64.sys [37888 2015-04-24] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 vzandnetndis; C:\Windows\System32\DRIVERS\lgvzandnetndis64.sys [94720 2015-04-24] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 WindscribeSplitTunnel; C:\Windows\System32\DRIVERS\WindscribeSplitTunnel.sys [25384 2022-03-19] (Windscribe Limited -> )
R3 windtun420; C:\Windows\System32\DRIVERS\windtun420.sys [38312 2022-03-19] (Windscribe Limited -> WireGuard LLC)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-18 11:50 - 2022-04-18 11:51 - 000021805 _____ C:\Users\Art\Desktop\FRST.txt
2022-04-17 14:39 - 2022-04-17 14:40 - 000262144 _____ C:\Windows\Minidump\041722-14601-01.dmp
2022-04-17 14:27 - 2022-04-17 14:27 - 000262144 _____ C:\Windows\Minidump\041722-14398-01.dmp
2022-04-17 13:07 - 2022-04-17 13:07 - 000003750 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2022-04-17 13:07 - 2022-04-17 13:07 - 000003310 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2022-04-17 13:05 - 2022-04-17 13:05 - 000000754 _____ C:\Users\Art\Desktop\eset.txt
2022-04-17 11:07 - 2022-04-17 11:07 - 000001191 _____ C:\Users\Art\Desktop\ESET Online Scanner.lnk
2022-04-17 11:05 - 2022-04-17 11:05 - 015274968 _____ (ESET) C:\Users\Art\Desktop\esetonlinescanner.exe
2022-04-17 10:39 - 2022-04-17 14:39 - 569175462 _____ C:\Windows\MEMORY.DMP
2022-04-17 10:39 - 2022-04-17 14:39 - 000000000 ____D C:\Windows\Minidump
2022-04-17 10:39 - 2022-04-17 10:39 - 000262144 _____ C:\Windows\Minidump\041722-23727-01.dmp
2022-04-15 19:05 - 2022-04-15 20:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-04-15 18:26 - 2022-04-15 18:26 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-04-15 18:26 - 2022-04-15 18:26 - 000223688 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-04-15 18:26 - 2022-04-15 18:26 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-04-15 18:26 - 2022-04-15 18:26 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-04-15 18:26 - 2022-04-15 18:25 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-04-15 18:24 - 2022-04-15 18:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-15 18:07 - 2022-04-15 18:07 - 002443448 _____ (Malwarebytes) C:\Users\Art\Desktop\MBSetup.exe
2022-04-15 18:03 - 2022-04-15 18:03 - 008551608 _____ (Malwarebytes) C:\Users\Art\Desktop\adwcleaner(1).exe
2022-04-15 18:02 - 2022-04-17 10:37 - 000000000 ____D C:\AdwCleaner
2022-04-15 17:46 - 2022-04-15 17:46 - 000000008 __RSH C:\ProgramData\ntuser.pol
2022-04-15 17:43 - 2022-04-15 17:46 - 000038662 _____ C:\Users\Art\Desktop\Fixlog.txt
2022-04-10 19:43 - 2022-04-10 19:43 - 003702073 _____ C:\Users\Art\Downloads\508883094_84_A_20220311.pdf
2022-04-09 13:03 - 2022-04-18 05:47 - 000000000 ____D C:\Users\Art\Desktop\FRST-OlderVersion
2022-04-09 13:02 - 2022-04-18 05:47 - 002366464 _____ (Farbar) C:\Users\Art\Desktop\FRST64.exe
2022-03-22 22:32 - 2022-03-22 22:32 - 000000000 ____D C:\Users\Art\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2022-03-19 02:55 - 2022-03-19 02:55 - 000001071 _____ C:\Users\Public\Desktop\Windscribe.lnk
2022-03-19 02:55 - 2022-03-19 02:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe
2022-03-19 02:52 - 2022-03-19 02:52 - 019552128 _____ (Windscribe Limited) C:\Users\Art\Downloads\Windscribe (2).exe
2022-03-19 02:52 - 2022-03-19 02:52 - 000048544 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tapwindscribe0901.sys
2022-03-19 02:52 - 2022-03-19 02:52 - 000038312 _____ (WireGuard LLC) C:\Windows\system32\Drivers\windtun420.sys
2022-03-19 02:52 - 2022-03-19 02:52 - 000025384 _____ C:\Windows\system32\Drivers\WindscribeSplitTunnel.sys
2022-03-19 02:36 - 2022-03-19 02:36 - 000329520 _____ C:\active_protection.txt
2022-03-19 02:36 - 2022-03-19 02:36 - 000037888 _____ C:\urls.set
2022-03-19 02:16 - 2022-03-19 02:16 - 007513880 _____ (VS Revo Group ) C:\Users\Art\Downloads\revosetup (1).exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-18 11:51 - 2017-03-18 06:43 - 000000000 ____D C:\FRST
2022-04-18 11:50 - 2015-05-18 22:15 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-18 11:48 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-04-18 11:37 - 2022-02-11 01:01 - 000003910 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{BF21A923-A93E-412B-9FC4-6EA3E52D3F63}
2022-04-18 11:03 - 2015-11-29 00:20 - 000000384 _____ C:\Windows\Tasks\update-S-1-5-21-2012456220-316695357-2301545490-1000.job
2022-04-18 09:00 - 2015-11-29 00:20 - 000000384 _____ C:\Windows\Tasks\update-sys.job
2022-04-17 21:53 - 2022-01-30 04:02 - 000000000 ____D C:\Users\Art\Desktop\open office
2022-04-17 14:52 - 2009-07-13 23:45 - 000036096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-04-17 14:52 - 2009-07-13 23:45 - 000036096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-04-17 14:49 - 2009-07-14 00:13 - 000798694 _____ C:\Windows\system32\PerfStringBackup.INI
2022-04-17 14:49 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2022-04-17 14:39 - 2015-05-18 21:10 - 000000000 ____D C:\Users\Art
2022-04-17 11:06 - 2021-07-28 23:06 - 000000000 ____D C:\Users\Art\AppData\Local\ESET
2022-04-17 11:03 - 2022-01-30 05:11 - 000000000 ____D C:\Users\Art\AppData\Roaming\Auslogics
2022-04-17 11:03 - 2018-05-27 11:54 - 000000000 ____D C:\Users\Art\Downloads\torrents
2022-04-17 10:37 - 2017-04-29 22:31 - 000000000 ____D C:\Users\Art\AppData\Roaming\Samsung
2022-04-16 17:36 - 2021-06-24 09:55 - 000000000 ____D C:\Windows\system32\Tasks\Auslogics
2022-04-16 17:36 - 2015-10-17 06:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2022-04-15 22:49 - 2018-08-13 07:29 - 000000000 ____D C:\Users\Art\AppData\LocalLow\Mozilla
2022-04-15 22:09 - 2020-02-03 10:23 - 000000000 ____D C:\ProgramData\Mozilla
2022-04-15 20:41 - 2015-10-03 12:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-15 18:24 - 2017-09-27 17:42 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-15 17:43 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2022-04-15 17:43 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\GroupPolicy
2022-04-14 19:10 - 2021-08-02 10:35 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-14 19:10 - 2021-08-02 10:35 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-04-14 13:55 - 2021-07-27 21:26 - 000000000 ____D C:\Users\Art\AppData\Local\CrashDumps
2022-04-13 20:03 - 2015-12-03 18:39 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-04-13 00:12 - 2009-07-13 21:34 - 000000466 _____ C:\Windows\win.ini
2022-04-12 20:31 - 2015-12-10 06:23 - 000000000 ____D C:\Users\Art\AppData\Local\ElevatedDiagnostics
2022-04-12 03:36 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2022-04-11 09:19 - 2021-07-29 10:18 - 000004026 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1627571888
2022-04-05 13:55 - 2015-06-07 14:12 - 000000000 ____D C:\Users\Art\Desktop\New folder
2022-04-02 13:41 - 2016-01-25 15:05 - 000000000 ____D C:\ProgramData\Package Cache
2022-03-28 00:20 - 2020-11-23 18:02 - 000000000 ____D C:\Program Files\DIFX
2022-03-27 22:43 - 2021-06-24 02:39 - 000000000 ____D C:\Users\Art\AppData\LocalLow\IGDump
2022-03-22 23:09 - 2018-05-23 08:58 - 000000000 ____D C:\Program Files (x86)\Windscribe
2022-03-22 23:07 - 2019-11-06 19:35 - 000007668 _____ C:\Users\Art\AppData\Local\Resmon.ResmonCfg
2022-03-20 22:36 - 2015-10-10 16:33 - 000000000 ____D C:\Users\Art\AppData\Roaming\vlc
2022-03-19 02:52 - 2018-05-23 08:58 - 000000000 ____D C:\Users\Art\AppData\Local\Windscribe
2022-03-19 02:39 - 2019-05-26 21:27 - 000001077 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2022-03-19 02:39 - 2019-05-26 21:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2022-03-19 02:22 - 2015-10-17 06:58 - 000000000 ____D C:\ProgramData\Auslogics
2022-03-19 02:17 - 2017-07-28 01:39 - 000001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2022-03-19 02:17 - 2017-07-28 01:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
==================== Files in the root of some directories ========
2016-02-17 21:13 - 2016-03-08 03:27 - 000399360 _____ () C:\Program Files\CascLib.dll
2016-02-17 21:13 - 2016-03-08 03:27 - 000326144 _____ () C:\Program Files\DXPRecastPathFinding2.dll
2016-02-19 22:52 - 2016-02-19 22:52 - 000003766 _____ () C:\Program Files\error.txt
2016-02-17 21:13 - 2016-02-01 15:51 - 000301056 _____ (The Apache Software Foundation) C:\Program Files\log4net.dll
2016-02-17 21:13 - 2016-02-01 15:51 - 000510976 _____ (Newtonsoft) C:\Program Files\Newtonsoft.Json.dll
2016-02-17 21:13 - 2016-02-01 15:51 - 000230912 _____ (Alexandre Mutel) C:\Program Files\SharpDX.Direct2D1.dll
2016-02-17 21:13 - 2016-02-01 15:51 - 000558080 _____ (Alexandre Mutel) C:\Program Files\SharpDX.dll
2016-02-17 21:13 - 2016-02-01 15:51 - 000090624 _____ (Alexandre Mutel) C:\Program Files\SharpDX.DXGI.dll
2016-06-20 11:11 - 2013-08-31 14:01 - 000121696 _____ () C:\Program Files\Weather_Meter_V1.7.gadget
2016-01-17 14:28 - 2017-03-28 21:09 - 000000933 _____ () C:\Users\Art\AppData\Roaming\burnaware.ini
2017-07-29 23:33 - 2017-07-30 03:10 - 000000098 _____ () C:\Users\Art\AppData\Roaming\LauncherSettings_live.cfg
2017-07-30 01:01 - 2017-07-30 01:01 - 000000042 _____ () C:\Users\Art\AppData\Roaming\TheHunterSettings_live.cfg
2016-09-27 00:21 - 2016-09-27 00:21 - 000000046 _____ () C:\Users\Art\AppData\Roaming\WB.CFG
2017-10-27 13:33 - 2020-06-03 13:29 - 000000367 _____ () C:\Users\Art\AppData\Roaming\Weather Meter_Settings.ini
2016-01-24 09:57 - 2016-02-04 21:50 - 000000031 _____ () C:\Users\Art\AppData\Local\burnaware.ini
2019-02-28 23:12 - 2019-02-28 23:12 - 000000084 _____ () C:\Users\Art\AppData\Local\DVDPATH.TXT
2019-11-06 19:35 - 2022-03-22 23:07 - 000007668 _____ () C:\Users\Art\AppData\Local\Resmon.ResmonCfg
2021-06-24 07:08 - 2021-06-24 07:08 - 000000003 _____ () C:\Users\Art\AppData\Local\updater.log
2015-11-29 00:20 - 2022-03-05 20:09 - 000000424 _____ () C:\Users\Art\AppData\Local\UserProducts.xml
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2022-04-17 00:29
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-04-2022 01
Ran by Art (18-04-2022 11:53:50)
Running from C:\Users\Art\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X64) (2015-05-19 02:10:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2012456220-316695357-2301545490-500 - Administrator - Disabled)
Art (S-1-5-21-2012456220-316695357-2301545490-1000 - Administrator - Enabled) => C:\Users\Art
G5PWFULZDC (S-1-5-21-2012456220-316695357-2301545490-1001 - Limited - Enabled) => C:\Users\G5PWFULZDC
Guest (S-1-5-21-2012456220-316695357-2301545490-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2012456220-316695357-2301545490-1005 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 22.001.20117 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{B046F915-7A34-7D83-5494-67D8BD488538}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{16BA964D-698D-4663-8FA7-B9613DA7958B}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AntimalwareEngine (HKLM\...\{5C7A5F94-02E9-4C5D-A594-B1F10865965A}) (Version: 3.0.160.0 - adaware) Hidden
Any Video Converter Ultimate 6.2.4 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
AVCWare DVD Copy 2 (HKLM-x32\...\AVCWare DVD Copy 2) (Version: 2.0.4.20170210 - AVCWare)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\{8A16FF47-A5FC-49A8-96B5-31180D317059}) (Version: 1.2.11 - CANON INC.) Hidden
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\Canon Laser Printer/Scanner/Fax Extended Survey Program) (Version: 1.2.11.10002 - CANON INC.)
Canon LBP6230 6240 Uninstaller (HKLM\...\Canon LBP6230 6240) (Version: 6, 3, 1, 0 - Canon Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
Clementine (HKLM-x32\...\Clementine) (Version: 1.3.1 - Clementine)
DVD43 Plug-in v1.0.0.6 (HKLM-x32\...\DVD43 Plug-in_is1) (Version: - )
DVD-Cloner 2019 (HKLM-x32\...\DVD-Cloner 2019_is1) (Version: 16.10.0.1444 - OpenCloner Inc.)
Easy Photo Scan (HKLM-x32\...\{1021AA9F-6A0A-4128-B89B-1A05A8DD1770}) (Version: 1.00.0009 - Seiko Epson Corporation)
EKS Sherlock (HKLM-x32\...\EKS Sherlock) (Version: - )
Elevated Installer (HKLM-x32\...\{877496C2-70B0-42F1-835A-FAFE2CF0199C}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Hidden
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 9.02 - NCH Software)
Fast Duplicate File Finder 5.9.0.1 (HKLM-x32\...\{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1) (Version: 5.9.0.1 - MindGems, Inc.)
Filmotech v3.9.1 (HKLM\...\Filmotech_is1) (Version: 3.9.1 - )
Freemake Video Converter version 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Ellora Assets Corporation)
Garmin Express (HKLM-x32\...\{235f2ee5-7383-44df-a298-01221caa5532}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E944FA32-8BCF-474F-BFB2-D1EF24555873}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.127 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.18.34.21 - Hewlett-Packard Company)
HydraVision (HKLM-x32\...\{5F170011-13ED-E84C-7844-6B941CA34F30}) (Version: 4.2.222.0 - Advanced Micro Devices, Inc.) Hidden
Jasc Paint Shop Pro 8 (HKLM-x32\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.00.0000 - Jasc Software Inc)
LG VZW United Drivers (HKLM-x32\...\{BEEBD17D-FF29-4508-8032-2D1FA66F7B77}) (Version: 2.23.1 - LG Electronics)
LightScribe System Software (HKLM-x32\...\{F132000C-1CBA-458F-BF2F-FD43D59410F9}) (Version: 1.18.27.10 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{8A03241E-7A3C-401D-B0CE-B3096F50AE6F}) (Version: 1.18.27.10 - LightScribe)
Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.13 - Magical Jelly Bean)
Malwarebytes version 4.5.7.186 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.7.186 - Malwarebytes)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.23.5.1 - Marvell)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Money Plus (HKLM-x32\...\Money2008b) (Version: 17 - Microsoft)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 10.3 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Software Limited)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 73.0 - Mozilla)
Mozilla Thunderbird 78.11.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 78.11.0 (x86 en-US)) (Version: 78.11.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NewFreeScreensaver nfsUnderwaterLife (HKLM-x32\...\nfsUnderwaterLife New Free Screensaver_is1) (Version: - NewFreeScreensavers.com)
ODT Viewer version 1.0 (HKLM-x32\...\{CAA1B43B-7CDA-4D58-B9A3-1050C358CB2D}_is1) (Version: 1.0 - odtviewer.com)
OpenOffice 4.1.10 (HKLM-x32\...\{D909483F-780E-4232-9313-4C24A1B09BE8}) (Version: 4.110.9807 - Apache Software Foundation)
Opera Stable 85.0.4341.60 (HKU\S-1-5-21-2012456220-316695357-2301545490-1000\...\Opera 85.0.4341.60) (Version: 85.0.4341.60 - Opera Software)
Outbyte AVArmor (HKLM\...\{6D2DE302-B1E4-47BC-A870-83089CA9A6D8}_is1) (Version: 4.1.2.62618 - Outbyte Computing Pty Ltd)
Pogo (HKU\S-1-5-21-2012456220-316695357-2301545490-1000\...\7800fd33e6d3fd32066a5d9e92b24b59) (Version: 1.0 - Google\Chrome)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Revo Uninstaller 2.3.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.8 - VS Revo Group, Ltd.)
Revo Uninstaller Pro 4.5.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.5.5 - VS Revo Group, Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SereneScreen Marine Aquarium 3 (HKLM-x32\...\SereneScreen Marine Aquarium 3_is1) (Version: 3.0 - Prolific Publishing, Inc.)
Sierra Utilities (HKLM-x32\...\Sierra Utilities) (Version: - )
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{F3BA1C5E-51F1-4256-B5FD-0C060D963D35}) (Version: 2.17.0214 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{EDB7BFB3-9B55-4A70-920F-35226A4E4A12}) (Version: 2.16.0504 - Samsung Electronics Co., Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Windows Driver Package - Canon Printer (07/02/2019 21.46.0.0) (HKLM\...\7B4C73808C155604A986DC16347581EF007C38D5) (Version: 07/02/2019 21.46.0.0 - Canon)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Intel System (07/09/2013 9.1.9.1004) (HKLM\...\BD28A75CDFB28255C4F7327AD9EC5B23B9DD7481) (Version: 07/09/2013 9.1.9.1004 - Intel)
Windows Driver Package - Intel System (07/25/2013 9.1.9.1005) (HKLM\...\BF1AD0105EBDCA6E730BE93DE583343339830A7A) (Version: 07/25/2013 9.1.9.1005 - Intel)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Media Player 9 Series Winter Fun Pack (HKLM-x32\...\{52C8FAA0-68CA-4AF9-8A7A-92CF3174CC77}) (Version: 1.0.0 - <no manufacturer>)
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 2.3 Build 16 - Windscribe Limited)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )
ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2104.1.02B08 - ZTE Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-01-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-10-27] (WinZip Computing LLC -> WinZip Computing, S.L.)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-01-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-15] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-01-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-10-27] (WinZip Computing LLC -> WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-15] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-10-27] (WinZip Computing LLC -> WinZip Computing, S.L.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Art\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Pogo.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=bkjcnfmlobgpbcmjdhpedlfcbcbdgmag
==================== Loaded Modules (Whitelisted) =============
2021-08-04 15:23 - 2013-01-31 04:21 - 000152064 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNCENPM6.dll
2008-03-03 13:35 - 2008-03-03 13:35 - 000153088 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hptcpmib.dll
2008-03-03 13:36 - 2008-03-03 13:36 - 000331264 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\HpTcpMon.dll
2005-04-08 01:27 - 2005-04-08 01:27 - 000132096 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hpzjrd01.dll
2013-01-16 14:15 - 2013-01-16 14:15 - 000033792 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll
2013-01-16 14:15 - 2013-01-16 14:15 - 000110592 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll
2016-02-09 16:25 - 2008-05-07 20:59 - 000099840 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\hpzpplhn.dll
2008-03-03 13:36 - 2008-03-03 13:36 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HPTcpMUI.dll
2017-06-24 19:45 - 2015-12-08 14:08 - 000182784 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\E_YLMBRBE.DLL
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\adawareantivirusservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\adawareantivirusservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKU\S-1-5-21-2012456220-316695357-2301545490-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2012456220-316695357-2301545490-1000\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-04-05 13:58 - 2022-04-05 13:58 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2012456220-316695357-2301545490-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Art\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D46333DB-7ECF-41C1-AC2F-2B393DC04A73}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8D3BAF84-2602-4CFD-9A9B-78C8161F808B}] => (Allow) LPort=67
FirewallRules: [{9AFEE362-8358-4F36-839E-8A35E6221800}] => (Allow) LPort=67
FirewallRules: [TCP Query User{7E28F5A7-300E-47C8-B6CB-9A0B3A252517}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{90AD9F5A-3B3D-4963-9470-714EB0D8F103}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{CF4DE86D-EDFD-4AB0-9D20-3678EC1E6EBA}C:\users\art\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\art\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{C774692B-4084-4E6A-A0A1-8F9BE26284FC}C:\users\art\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\art\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{EF9DB066-48C9-4901-86AC-B95EFCD1832D}C:\users\art\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\art\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{B31526B4-B506-49B3-8D9C-34BB75BBE376}C:\users\art\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\art\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{3CF768AB-B1BA-4F64-B802-20DB31439ECF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
15-04-2022 17:43:24 Restore Point Created by FRST
15-04-2022 17:53:41 Revo Uninstaller Pro's restore point - AdAwareUpdater
16-04-2022 17:32:32 Revo Uninstaller Pro's restore point - Auslogics Duplicate File Finder
16-04-2022 17:36:02 Revo Uninstaller Pro's restore point - Auslogics Disk Defrag
17-04-2022 10:37:41 AdwCleaner_BeforeCleaning_17/04/2022_10:37:40
17-04-2022 14:14:38 AdwCleaner_BeforeCleaning_17/04/2022_14:14:34
17-04-2022 14:26:30 AdwCleaner_BeforeCleaning_17/04/2022_14:26:27
17-04-2022 14:38:19 AdwCleaner_BeforeCleaning_17/04/2022_14:38:16
==================== Faulty Device Manager Devices ============
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (04/18/2022 11:50:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/18/2022 11:47:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 18.4.2022.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: ab4
Start Time: 01d85311c236da44
Termination Time: 0
Application Path: C:\Users\Art\Desktop\FRST64.exe
Report Id: 3653d98e-bf37-11ec-89e8-1cc1de5dad22
Error: (04/18/2022 05:48:23 AM) (Source: VSS) (EventID: 12297) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be flushed during the shadow copy creation period on volume \\?\Volume{9dc8774d-fdda-11e4-b284-806e6f6e6963}\.
The volume index in the shadow copy set is 0. Error details: Open[0x00000000, The operation completed successfully.
], Flush[0x80042302, A Volume Shadow Copy Service component encountered an unexpected error.
Check the Application event log for more information.
], Release[0x00000000, The operation completed successfully.
], OnRun[0x00000000, The operation completed successfully.
].
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (04/18/2022 05:48:23 AM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error DeviceIoControl(\\?\Volume{9dc8774d-fdda-11e4-b284-806e6f6e6963} - 0000000000000248,0x0053c000,00000000003BD690,0,00000000003BE6A0,4096,[0]). hr = 0x80070005, Access is denied.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: calling flush-and-hold IOCTL
Current State: flush-and-hold writes
Volume Name: \\?\Volume{9dc8774d-fdda-11e4-b284-806e6f6e6963}\
Error: (04/18/2022 03:23:08 AM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: The Software Protection service failed to start. 0xD000010A
6.1.7601.17514
Error: (04/18/2022 03:23:08 AM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: The Software Protection service failed to start. 0xD000010A
6.1.7601.17514
Error: (04/18/2022 03:22:20 AM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: The Software Protection service failed to start. 0xD000010A
6.1.7601.17514
Error: (04/17/2022 10:47:28 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
System errors:
=============
Error: (04/18/2022 11:56:47 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout.
Error: (04/18/2022 11:49:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Error: (04/18/2022 11:49:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Error: (04/18/2022 11:49:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Error: (04/18/2022 11:49:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Error: (04/18/2022 11:49:03 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Error: (04/18/2022 11:49:03 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Error: (04/18/2022 11:48:52 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
==================== Memory info ===========================
BIOS: Hewlett-Packard 786H1 v01.02 12/16/2009
Motherboard: Hewlett-Packard 304Bh
Processor: Intel® Core i5 CPU 650 @ 3.20GHz
Percentage of memory in use: 40%
Total physical RAM: 7991.29 MB
Available physical RAM: 4777.02 MB
Total Virtual: 15980.73 MB
Available Virtual: 12787.58 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:704.82 GB) NTFS
\\?\Volume{9dc8774c-fdda-11e4-b284-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 75E2953E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================