Unable to remove System Volume Information.
Unable to setup the correct driver for the device.
Many unknown services, sevrice host, run in the background.
I have had USB virus before. "autorun.inf" and many Spyware, Malware
This is a log file,
There is a little Chinese in it, I won’t change it. Sorry
Please help from an expert so that I have clean equipment to use.
Thank you.
================================================================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-07-2021
Ran by HELLO (administrator) on ABC-PLAY (18-07-2021 18:58:41)
Running from C:\Users\HELLO\Desktop
Loaded Profiles: HELLO
Platform: Windows 10 Pro Version 21H1 19043.1110 (X64) Language: Chinese (Traditional, Taiwan) -> English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\userinit.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe <2>
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.164\Installer\chrmstp.exe [2021-07-18] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {20B49EDC-7119-4398-AC88-9CAEB4FA1501} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154520 2021-07-18] (Google LLC -> Google LLC)
Task: {299D4BE4-1944-475E-AE7C-867AE8597492} - System32\Tasks\CCleanerSkipUAC => D:\ccsetup572\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3BBF80C4-379B-4D52-8A9F-D0DA66FD7E5D} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {6B743C50-889E-48C0-9CF9-A4C6F14EB2D7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [133422552 2021-07-18] (Microsoft Windows -> Microsoft Corporation)
Task: {741BAE46-959E-483A-B8F1-D9A9C6208335} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154520 2021-07-18] (Google LLC -> Google LLC)
Task: {A4A579BD-E186-45E4-9DA0-A16FB77042BC} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2296713964-2084279076-2192899481-1001 => C:\Users\HELLO\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {BAD2AF23-F242-444B-9BEB-2A82A3DB9677} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck
Task: {E887E880-52F8-4433-8C2C-76A05AFD8379} - System32\Tasks\CCleaner Update => D:\ccsetup572\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c4d0c6eb-8a15-4b23-b491-052f46abc172}: [DhcpNameServer] 192.168.1.1
Edge Profile: C:\Users\HELLO\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-18]
Edge HKU\S-1-5-21-2296713964-2084279076-2192899481-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-28] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-28] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
CHR DefaultProfile: Default
CHR Profile: C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Default [2021-07-18]
CHR DefaultSearchURL: Default -> hxxps://searchsafe.norton.com/search?omnisearch=yes&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nortonsafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?limit=10&li=ff&hl=zh_tw&q={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Extension: (簡報) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-18]
CHR Extension: (Kaspersky 防護) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-07-18]
CHR Extension: (Eclipse 1080p) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdbomjcencdobkiflapoedhbcafaolb [2021-07-18]
CHR Extension: (試算表) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-18]
CHR Extension: (Qualys BrowserCheck for Windows) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\foklmnihmhdobgonljkdamiiohnobkff [2021-07-18]
CHR Extension: (「Google 文件」離線版) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-18]
CHR Extension: (AdBlock — 最佳廣告攔截程式) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-07-18]
CHR Extension: (Qualys BrowserCheck CoinBlocker) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdocohkgkgpminecekdnkoljcffebkgc [2021-07-18]
CHR Extension: (Norton Safe) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2021-07-18]
CHR Extension: (Chrome 線上應用程式商店付款系統) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-18]
CHR Extension: (Chrome Media Router) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-18]
CHR Profile: C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-07-18]
CHR Profile: C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-07-18]
CHR Extension: (簡報) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-18]
CHR Extension: (Kaspersky 防護) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-07-18]
CHR Extension: (試算表) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-18]
CHR Extension: (「Google 文件」離線版) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-18]
CHR Extension: (Chrome 線上應用程式商店付款系統) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-18]
CHR Extension: (Chrome Media Router) - C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-18]
CHR Profile: C:\Users\HELLO\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-18]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [151496 2021-07-18] (SurfRight B.V. -> SurfRight B.V.)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [5117648 2021-07-18] (SurfRight B.V. -> SurfRight B.V.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5395384 2021-07-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Browser; %SystemRoot%\System32\browser.dll [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [410640 2021-07-18] (Microsoft Windows Hardware Compatibility Publisher -> SurfRight B.V.)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [657696 2021-05-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1439456 2021-05-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [256312 2021-07-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [96008 2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_455a5845a_arkmon; C:\Windows\System32\Drivers\klupd_455a5845a_arkmon.sys [263888 2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 klupd_455a5845a_arkmon_58F37976; C:\KVRT2020_Data\Temp\58F379760B519E358F7C46FF4D7FB49E\klupd_455a5845a_arkmon.sys [263888 2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 klupd_455a5845a_klark; C:\Windows\System32\Drivers\klupd_455a5845a_klark.sys [309104 2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_455a5845a_klbg; C:\Windows\System32\Drivers\klupd_455a5845a_klbg.sys [115744 2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 klupd_455a5845a_mark; C:\Windows\System32\Drivers\klupd_455a5845a_mark.sys [224880 2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [263888 2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [309104 2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [115744 2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [224880 2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49560 2021-07-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [425192 2021-07-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-18] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-18 18:58 - 2021-07-18 18:59 - 000015272 _____ C:\Users\HELLO\Desktop\FRST.txt
2021-07-18 18:53 - 2021-07-18 18:58 - 000000000 ____D C:\FRST
2021-07-18 18:13 - 2021-07-18 18:58 - 000000000 ____D C:\ProgramData\HitmanPro.Alert
2021-07-18 18:13 - 2021-07-18 18:13 - 001054224 _____ (SurfRight B.V.) C:\Windows\system32\hmpalert.dll
2021-07-18 18:13 - 2021-07-18 18:13 - 001044472 _____ (SurfRight B.V.) C:\Windows\SysWOW64\hmpalert.dll
2021-07-18 18:13 - 2021-07-18 18:13 - 000410640 _____ (SurfRight B.V.) C:\Windows\system32\Drivers\hmpalert.sys
2021-07-18 18:13 - 2021-07-18 18:13 - 000171728 _____ (SurfRight B.V.) C:\Windows\system32\hmpshell.dll
2021-07-18 18:13 - 2021-07-18 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2021-07-18 18:13 - 2021-07-18 18:13 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2021-07-18 18:05 - 2021-07-18 18:05 - 000001926 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2021-07-18 18:05 - 2021-07-18 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2021-07-18 17:55 - 2021-07-18 18:05 - 000000000 ____D C:\Program Files\HitmanPro
2021-07-18 17:54 - 2021-07-18 18:57 - 000000000 ____D C:\ProgramData\HitmanPro
2021-07-18 16:53 - 2021-07-18 16:53 - 001687040 _____ C:\Windows\system32\libcrypto.dll
2021-07-18 16:53 - 2021-07-18 16:53 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2021-07-18 16:53 - 2021-07-18 16:53 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2021-07-18 16:53 - 2021-07-18 16:53 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rendezvousSession.tlb
2021-07-18 16:53 - 2021-07-18 16:53 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\rendezvousSession.tlb
2021-07-18 16:52 - 2021-07-18 16:52 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-07-18 16:52 - 2021-07-18 16:52 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-07-18 16:52 - 2021-07-18 16:52 - 002371072 _____ C:\Windows\system32\rdpnano.dll
2021-07-18 16:52 - 2021-07-18 16:52 - 001864192 _____ (The ICU Project) C:\Windows\SysWOW64\icu.dll
2021-07-18 16:52 - 2021-07-18 16:52 - 001314128 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-07-18 16:52 - 2021-07-18 16:52 - 000700928 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2021-07-18 16:52 - 2021-07-18 16:52 - 000570880 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-07-18 16:52 - 2021-07-18 16:52 - 000468440 _____ C:\Windows\SysWOW64\WindowManagementAPI.dll
2021-07-18 16:52 - 2021-07-18 16:52 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-07-18 16:52 - 2021-07-18 16:52 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-07-18 16:52 - 2021-07-18 16:52 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-07-18 16:52 - 2021-07-18 16:52 - 000157184 _____ C:\Windows\system32\uwfcsp.dll
2021-07-18 16:52 - 2021-07-18 16:52 - 000153600 _____ C:\Windows\system32\uwfcfgmgmt.dll
2021-07-18 16:52 - 2021-07-18 16:52 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2021-07-18 16:52 - 2021-07-18 16:52 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2021-07-18 16:52 - 2021-07-18 16:52 - 000011357 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-07-18 16:51 - 2021-07-18 16:51 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-07-18 16:51 - 2021-07-18 16:51 - 002260480 _____ (The ICU Project) C:\Windows\system32\icu.dll
2021-07-18 16:51 - 2021-07-18 16:51 - 001823280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-07-18 16:51 - 2021-07-18 16:51 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-07-18 16:51 - 2021-07-18 16:51 - 001163776 _____ C:\Windows\system32\MBR2GPT.EXE
2021-07-18 16:51 - 2021-07-18 16:51 - 000657464 _____ C:\Windows\system32\WindowManagementAPI.dll
2021-07-18 16:51 - 2021-07-18 16:51 - 000097792 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-07-18 16:51 - 2021-07-18 16:51 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-07-18 16:50 - 2021-07-18 16:50 - 000563712 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-07-18 16:50 - 2021-07-18 16:50 - 000287232 _____ C:\Windows\system32\CoreMas.dll
2021-07-18 16:50 - 2021-07-18 16:50 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-07-18 16:50 - 2021-07-18 16:50 - 000165888 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-07-18 16:50 - 2021-07-18 16:50 - 000013312 _____ C:\Windows\system32\agentactivationruntimestarter.exe
2021-07-18 16:33 - 2021-07-18 16:33 - 000000000 ____D C:\Windows\system32\appmgmt
2021-07-18 16:15 - 2021-07-18 16:23 - 000004186 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-07-18 16:15 - 2021-07-18 16:15 - 000002850 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-07-18 15:52 - 2021-07-18 12:51 - 002300416 _____ (Farbar) C:\Users\HELLO\Desktop\FRST64.exe
2021-07-18 15:51 - 2021-07-18 15:51 - 000000207 _____ C:\Windows\tweaking.com-regbackup-ABC-PLAY-Windows-10-Pro-(64-bit).dat
2021-07-18 15:35 - 2021-07-18 15:36 - 000467646 _____ C:\TDSSKiller.3.1.0.28_18.07.2021_15.35.22_log.txt
2021-07-18 15:33 - 2021-07-18 15:35 - 000000000 ____D C:\Windows\system32\MRT
2021-07-18 15:32 - 2021-07-18 16:19 - 000000000 ____D C:\Users\HELLO\AppData\Local\CrashDumps
2021-07-18 15:31 - 2021-07-18 16:45 - 000000000 ___HD C:\$WinREAgent
2021-07-18 15:31 - 2021-07-18 15:31 - 000000000 ____D C:\Users\HELLO\AppData\Local\Eraser 6
2021-07-18 15:31 - 2021-07-18 15:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-07-18 15:15 - 2021-07-18 15:15 - 000309104 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2021-07-18 15:05 - 2021-07-18 15:05 - 000263888 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2021-07-18 15:05 - 2021-07-18 15:05 - 000224880 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2021-07-18 15:05 - 2021-07-18 15:05 - 000115744 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2021-07-18 15:05 - 2021-07-18 15:05 - 000003240 _____ C:\Windows\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2021-07-18 15:05 - 2021-07-18 15:05 - 000002111 _____ C:\Users\Public\Desktop\卡巴斯基安全軟體.lnk
2021-07-18 15:05 - 2021-07-18 15:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\卡巴斯基安全軟體
2021-07-18 15:05 - 2021-07-18 15:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN
2021-07-18 15:05 - 2021-07-18 15:05 - 000000000 ____D C:\Program Files\Common Files\AV
2021-07-18 15:05 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2021-07-18 15:04 - 2021-07-18 15:05 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-07-18 15:04 - 2021-07-18 15:05 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-07-18 15:04 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2021-07-18 15:04 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2021-07-18 14:04 - 2021-07-18 14:04 - 000003976 __RSH C:\ProgramData\ntuser.pol
2021-07-18 14:00 - 2021-07-18 18:58 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-18 14:00 - 2021-07-18 14:00 - 000002094 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2021-07-18 14:00 - 2021-07-18 14:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-07-18 14:00 - 2021-07-18 14:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-07-18 14:00 - 2021-07-18 14:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-07-18 14:00 - 2021-07-18 14:00 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2021-07-18 14:00 - 2021-07-18 14:00 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-07-18 14:00 - 2017-11-09 04:43 - 000540784 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-07-18 14:00 - 2017-10-28 00:36 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2021-07-18 14:00 - 2017-10-28 00:12 - 005960824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2021-07-18 14:00 - 2017-10-28 00:12 - 002587768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2021-07-18 14:00 - 2017-10-28 00:12 - 001766520 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2021-07-18 14:00 - 2017-10-28 00:12 - 000607168 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2021-07-18 14:00 - 2017-10-28 00:12 - 000449656 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2021-07-18 14:00 - 2017-10-28 00:12 - 000123000 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2021-07-18 14:00 - 2017-10-28 00:12 - 000081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2021-07-18 14:00 - 2017-10-28 00:06 - 000136312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2021-07-18 14:00 - 2017-10-25 18:33 - 007802921 _____ C:\Windows\system32\nvcoproc.bin
2021-07-18 14:00 - 2017-09-14 07:20 - 000798008 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-07-18 14:00 - 2017-09-14 07:20 - 000490296 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-07-18 14:00 - 2017-09-14 07:19 - 000927544 _____ C:\Windows\system32\vulkan-1.dll
2021-07-18 14:00 - 2017-09-14 07:19 - 000591160 _____ C:\Windows\system32\vulkaninfo.exe
2021-07-18 13:59 - 2017-11-09 04:40 - 036248176 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2021-07-18 13:59 - 2017-11-09 04:40 - 029279672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2021-07-18 13:59 - 2017-11-09 04:39 - 000989808 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-07-18 13:59 - 2017-11-09 04:39 - 000940984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-07-18 13:59 - 2017-11-09 04:39 - 000054192 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2021-07-18 13:59 - 2017-11-09 04:38 - 001997752 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438813.dll
2021-07-18 13:59 - 2017-11-09 04:38 - 001682544 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438813.dll
2021-07-18 13:59 - 2017-11-09 04:38 - 001624168 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2021-07-18 13:59 - 2017-11-09 04:38 - 001108408 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-07-18 13:59 - 2017-11-09 04:38 - 001039800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-07-18 13:59 - 2017-11-09 04:38 - 000233904 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2021-07-18 13:59 - 2017-11-09 04:37 - 040246384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2021-07-18 13:59 - 2017-11-09 04:37 - 035165624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2021-07-18 13:59 - 2017-11-09 04:37 - 004210288 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-07-18 13:59 - 2017-11-09 04:37 - 003623024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-07-18 13:59 - 2017-11-09 04:30 - 023474480 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2021-07-18 13:59 - 2017-11-09 04:30 - 019212720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2021-07-18 13:59 - 2017-11-09 04:30 - 013379352 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2021-07-18 13:59 - 2017-11-09 04:30 - 010986768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2021-07-18 13:59 - 2017-11-09 04:26 - 001154296 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2021-07-18 13:59 - 2017-11-09 04:26 - 000902312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2021-07-18 13:59 - 2017-11-09 04:25 - 013994136 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-07-18 13:59 - 2017-11-09 04:25 - 011891200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-07-18 13:59 - 2017-11-09 04:25 - 004533184 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-07-18 13:59 - 2017-11-09 04:25 - 003859848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2021-07-18 13:59 - 2017-11-09 03:57 - 000048442 _____ C:\Windows\system32\nvinfo.pb
2021-07-18 13:59 - 2017-11-09 03:57 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2021-07-18 13:59 - 2017-11-09 03:57 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2021-07-18 13:53 - 2021-07-18 13:53 - 000000000 ____D C:\Users\HELLO\AppData\Local\mbam
2021-07-18 13:42 - 2021-07-18 13:42 - 000000000 ____D C:\AdwCleaner
2021-07-18 13:30 - 2021-07-18 15:49 - 000000259 _____ C:\Users\HELLO\Desktop\新文字文件.txt
2021-07-18 13:21 - 2021-07-18 13:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-07-18 13:21 - 2021-07-18 13:21 - 000000000 ____D C:\Program Files (x86)\7-Zip
2021-07-18 13:20 - 2021-07-18 13:20 - 000000974 _____ C:\Users\HELLO\Desktop\JRT.txt
2021-07-18 13:17 - 2021-07-18 13:17 - 000309104 ____N (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_455a5845a_klark.sys
2021-07-18 13:17 - 2021-07-18 13:17 - 000263888 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_455a5845a_arkmon.sys
2021-07-18 13:17 - 2021-07-18 13:17 - 000224880 ____N (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_455a5845a_mark.sys
2021-07-18 13:17 - 2021-07-18 13:17 - 000127792 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\455a5845.sys
2021-07-18 13:17 - 2021-07-18 13:17 - 000115744 ____N (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_455a5845a_klbg.sys
2021-07-18 13:10 - 2021-07-18 13:10 - 000000000 ____D C:\Users\HELLO\AppData\Local\PeerDistRepub
2021-07-18 13:05 - 2021-07-18 15:51 - 000000000 ____D C:\RegBackup
2021-07-18 13:05 - 2021-07-18 13:05 - 000000207 _____ C:\Windows\tweaking.com-regbackup-DESKTOP-O7I31JL-Windows-10-Pro-(64-bit).dat
2021-07-18 13:04 - 2021-07-18 15:36 - 000002236 _____ C:\Users\HELLO\Desktop\Rkill.txt
2021-07-18 12:59 - 2021-07-18 13:17 - 000000000 ____D C:\KVRT2020_Data
2021-07-18 12:47 - 2021-07-18 12:47 - 000000000 ____D C:\Users\HELLO\AppData\Roaming\qualys
2021-07-18 12:46 - 2021-07-18 12:46 - 000000000 ____D C:\Program Files (x86)\Qualys
2021-07-18 12:33 - 2021-07-18 12:35 - 000000000 ____D C:\Users\HELLO\AppData\Local\Google
2021-07-18 12:33 - 2021-07-18 12:33 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-18 12:33 - 2021-07-18 12:33 - 000002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-07-18 12:33 - 2021-07-18 12:33 - 000000000 ____D C:\Program Files\Google
2021-07-18 12:32 - 2021-07-18 18:58 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-18 12:32 - 2021-07-18 18:40 - 000000000 ____D C:\Users\HELLO\AppData\Local\PlaceholderTileLogoFolder
2021-07-18 12:32 - 2021-07-18 12:32 - 001323176 _____ (Google LLC) C:\Users\HELLO\Downloads\ChromeSetup.exe
2021-07-18 12:32 - 2021-07-18 12:32 - 000003062 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-18 12:32 - 2021-07-18 12:32 - 000002938 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-18 12:30 - 2021-07-18 16:17 - 000002650 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
2021-07-18 12:27 - 2021-07-18 12:27 - 000000000 ____D C:\Windows\pss
2021-07-18 12:26 - 2021-07-18 12:26 - 000000000 ____D C:\Users\HELLO\AppData\Local\D3DSCache
2021-07-18 12:18 - 2021-07-18 18:44 - 001319848 _____ C:\Windows\system32\PerfStringBackup.INI
2021-07-18 12:17 - 2021-07-18 15:47 - 000000000 ___RD C:\Users\HELLO\OneDrive
2021-07-18 12:17 - 2021-07-18 12:17 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2296713964-2084279076-2192899481-1001
2021-07-18 12:16 - 2021-07-18 12:16 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-07-18 12:15 - 2021-07-18 18:37 - 000000000 ____D C:\ProgramData\Packages
2021-07-18 12:15 - 2021-07-18 18:34 - 000000000 ____D C:\Users\HELLO\AppData\Local\Packages
2021-07-18 12:15 - 2021-07-18 16:10 - 000000000 ____D C:\Windows\CSC
2021-07-18 12:15 - 2021-07-18 13:27 - 000000000 ____D C:\Users\HELLO
2021-07-18 12:15 - 2021-07-18 12:15 - 000002332 _____ C:\Users\HELLO\Desktop\Microsoft Edge.lnk
2021-07-18 12:15 - 2021-07-18 12:15 - 000000020 ___SH C:\Users\HELLO\ntuser.ini
2021-07-18 12:15 - 2021-07-18 12:15 - 000000000 ___DL C:\Users\HELLO\AppData\Roaming\Microsoft\Windows\Start Menu\程式集
2021-07-18 12:15 - 2021-07-18 12:15 - 000000000 ___DL C:\Users\HELLO\「開始」功能表
2021-07-18 12:15 - 2021-07-18 12:15 - 000000000 ____D C:\Users\Public\AccountPictures
2021-07-18 12:15 - 2021-07-18 12:15 - 000000000 ____D C:\Users\HELLO\AppData\Roaming\Adobe
2021-07-18 12:15 - 2021-07-18 12:15 - 000000000 ____D C:\Users\HELLO\AppData\Local\VirtualStore
2021-07-18 12:15 - 2021-07-18 12:15 - 000000000 ____D C:\Users\HELLO\AppData\Local\Publishers
2021-07-18 12:15 - 2021-07-18 12:15 - 000000000 ____D C:\Users\HELLO\AppData\Local\ConnectedDevicesPlatform
2021-07-18 12:15 - 2021-07-18 12:15 - 000000000 ____D C:\Users\HELLO\AppData\Local\Comms
2021-07-18 12:15 - 2021-07-18 12:15 - 000000000 ____D C:\Users\HELLO\3D Objects
2021-07-18 12:13 - 2021-07-18 12:13 - 000000000 ___DL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\程式集
2021-07-18 12:13 - 2021-07-18 12:13 - 000000000 ___DL C:\Users\Default\「開始」功能表
2021-07-18 12:13 - 2021-07-18 12:13 - 000000000 ___DL C:\ProgramData\桌面
2021-07-18 12:13 - 2021-07-18 12:13 - 000000000 ___DL C:\ProgramData\Microsoft\Windows\Start Menu\程式集
2021-07-18 12:13 - 2021-07-18 12:13 - 000000000 ___DL C:\ProgramData\「開始」功能表
2021-07-18 12:13 - 2021-07-18 12:13 - 000000000 ___DL C:\Documents and Settings
2021-07-18 12:11 - 2021-07-18 18:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-07-18 12:11 - 2021-07-18 17:07 - 000273512 _____ C:\Windows\system32\FNTCACHE.DAT
2021-07-18 12:11 - 2021-07-18 16:51 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-07-18 12:11 - 2021-07-18 14:47 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-07-18 12:11 - 2021-07-18 13:16 - 000008192 ____N C:\DumpStack.log.tmp
2021-07-18 12:11 - 2021-07-18 12:11 - 000003136 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-18 12:11 - 2021-07-18 12:11 - 000003012 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-18 12:11 - 2021-07-18 12:11 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-18 12:11 - 2021-07-18 12:11 - 000000000 ____D C:\Windows\ServiceProfiles
2021-07-18 12:11 - 2021-07-18 12:11 - 000000000 _____ C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-07-18 12:09 - 2021-07-18 16:51 - 000414038 __RSH C:\bootmgr
2021-07-18 12:09 - 2021-07-18 16:19 - 000000000 ____D C:\Windows\Panther
2021-07-18 12:09 - 2021-07-18 12:09 - 000008192 _____ C:\BOOTSECT.BAK
2021-07-18 12:09 - 2019-12-07 17:08 - 000000001 ___SH C:\BOOTNXT
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-18 18:58 - 2019-12-07 17:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-18 18:57 - 2019-12-07 22:52 - 000000000 ____D C:\Windows\OCR
2021-07-18 18:57 - 2019-12-07 17:03 - 000262144 _____ C:\Windows\system32\config\BBI
2021-07-18 18:57 - 2019-12-07 17:03 - 000000000 ____D C:\Windows\CbsTemp
2021-07-18 18:44 - 2019-12-07 22:49 - 000400702 _____ C:\Windows\system32\prfh0404.dat
2021-07-18 18:44 - 2019-12-07 22:49 - 000120724 _____ C:\Windows\system32\prfc0404.dat
2021-07-18 18:44 - 2019-12-07 17:13 - 000000000 ____D C:\Windows\INF
2021-07-18 18:42 - 2019-12-07 17:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-18 18:42 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\AppReadiness
2021-07-18 18:35 - 2019-12-07 22:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-07-18 18:35 - 2019-12-07 22:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-07-18 18:35 - 2019-12-07 22:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-07-18 18:35 - 2019-12-07 22:49 - 000000000 ____D C:\Windows\SysWOW64\winrm
2021-07-18 18:35 - 2019-12-07 22:49 - 000000000 ____D C:\Windows\SysWOW64\WCN
2021-07-18 18:35 - 2019-12-07 22:49 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2021-07-18 18:35 - 2019-12-07 22:49 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2021-07-18 18:35 - 2019-12-07 22:49 - 000000000 ____D C:\Windows\system32\winrm
2021-07-18 18:35 - 2019-12-07 22:49 - 000000000 ____D C:\Windows\system32\WCN
2021-07-18 18:35 - 2019-12-07 22:49 - 000000000 ____D C:\Windows\system32\slmgr
2021-07-18 18:35 - 2019-12-07 22:49 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2021-07-18 18:35 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\SysWOW64\F12
2021-07-18 18:35 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\SysWOW64\DiagSvcs
2021-07-18 18:35 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-07-18 18:35 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-07-18 18:35 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2021-07-18 18:35 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-07-18 18:35 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\F12
2021-07-18 18:35 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\dsc
2021-07-18 18:35 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\DiagSvcs
2021-07-18 18:35 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\ImmersiveControlPanel
2021-07-18 18:35 - 2019-12-07 17:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-07-18 18:35 - 2019-12-07 17:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-07-18 18:35 - 2019-12-07 17:03 - 000000000 ____D C:\Windows\servicing
2021-07-18 17:06 - 2019-12-07 22:51 - 000000000 ____D C:\Windows\system32\OpenSSH
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\SystemResources
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\setup
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\oobe
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\lt-LT
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\Dism
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\Provisioning
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\PrintDialog
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\DiagTrack
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\bcastdvr
2021-07-18 17:06 - 2019-12-07 17:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-18 16:55 - 2019-12-07 22:54 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2021-07-18 16:39 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\Globalization
2021-07-18 15:46 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\ELAMBKUP
2021-07-18 15:39 - 2019-12-07 22:54 - 000000000 ____D C:\Windows\BitLockerDiscoveryVolumeContents
2021-07-18 15:21 - 2021-02-19 21:09 - 000096008 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpnpflt.sys
2021-07-18 15:05 - 2019-12-07 17:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-07-18 14:00 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\Help
2021-07-18 13:25 - 2019-12-07 17:14 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_563
2021-07-18 13:10 - 2019-12-07 17:14 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_227
2021-07-18 12:35 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\GroupPolicy
2021-07-18 12:19 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\ServiceState
2021-07-18 12:17 - 2019-12-07 17:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-07-18 12:15 - 2019-12-07 22:51 - 000000000 ____D C:\Windows\system32\FxsTmp
2021-07-18 12:15 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2021-07-18 12:15 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\spool
2021-07-18 12:11 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\appcompat
2021-07-18 12:09 - 2019-12-07 17:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2021
Ran by HELLO (18-07-2021 19:00:03)
Running from C:\Users\HELLO\Desktop
Windows 10 Pro Version 21H1 19043.1110 (X64) (2021-07-18 04:14:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2296713964-2084279076-2192899481-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2296713964-2084279076-2192899481-503 - Limited - Disabled)
Guest (S-1-5-21-2296713964-2084279076-2192899481-501 - Limited - Disabled)
HELLO (S-1-5-21-2296713964-2084279076-2192899481-1001 - Administrator - Enabled) => C:\Users\HELLO
WDAGUtilityAccount (S-1-5-21-2296713964-2084279076-2192899481-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 卡巴斯基安全軟體 (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: 卡巴斯基安全軟體 (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.164 - Google LLC)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.23.318 - SurfRight B.V.)
HitmanPro.Alert 3 (HKLM\...\HitmanPro.Alert) (Version: 3.8.14.907 - SurfRight B.V.)
Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
NVIDIA 3D Vision 驅動程式 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD 音訊驅動程式 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA 圖形驅動程式 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
Qualys BrowserCheck (HKLM-x32\...\{AE50BCC5-3FA3-45D1-A675-A5F96EA12131}) (Version: 1.6.0 - Qualys)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
卡巴斯基安全軟體 (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
卡巴斯基安全軟體 (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-07-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-07-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2021-07-18] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2021-07-18] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [HitmanPro.Alert Shell Extension] -> {6FAC02B7-77D6-418B-AC11-962C65CDE8DD} => C:\Windows\system32\hmpshell.dll [2021-07-18] (SurfRight B.V. -> SurfRight B.V.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2021-07-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-07-18 14:00 - 2017-10-28 00:06 - 000874368 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2021-07-18 14:00 - 2017-10-28 00:06 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\455a5845.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\455a5845.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2296713964-2084279076-2192899481-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 17:14 - 2021-07-18 15:59 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2296713964-2084279076-2192899481-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: BTAGService => 3
MSCONFIG\Services: BthAvctpSvc => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 2
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: ScDeviceEnum => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: SEMgrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: XblAuthManager => 3
MSCONFIG\Services: XblGameSave => 3
MSCONFIG\Services: XboxGipSvc => 3
MSCONFIG\Services: XboxNetApiSvc => 3
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EF9C19E7-E829-41F2-893D-E2954D227B80}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:100 GB) (Free:74.44 GB) (74%)
Check "VSS" service
==================== Faulty Device Manager Devices ============
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (07/18/2021 04:10:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -550.
Error: (07/18/2021 03:58:01 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupStorageModificationEvent" whose target class "WSP_ReplicationGroupStorageModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (07/18/2021 03:58:01 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupStorageDepartureEvent" whose target class "WSP_ReplicationGroupStorageDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (07/18/2021 03:58:01 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupStorageArrivalEvent" whose target class "WSP_ReplicationGroupStorageArrivalEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (07/18/2021 03:58:01 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider attempted to register query "select * from WSP_ReplicationGroupStorageModificationEvent" whose target class "WSP_ReplicationGroupStorageModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (07/18/2021 03:58:01 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider attempted to register query "select * from WSP_ReplicationGroupStorageDepartureEvent" whose target class "WSP_ReplicationGroupStorageDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (07/18/2021 03:58:01 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider attempted to register query "select * from WSP_ReplicationGroupStorageArrivalEvent" whose target class "WSP_ReplicationGroupStorageArrivalEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (07/18/2021 03:58:01 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_health attempted to register query "select * from WSP_StorageHealthStatusChangeEvent" whose target class "WSP_StorageHealthStatusChangeEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
System errors:
=============
Error: (07/18/2021 06:58:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Browser service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (07/18/2021 06:58:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Browser service to connect.
Error: (07/18/2021 06:58:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Browser service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (07/18/2021 06:58:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Browser service to connect.
Error: (07/18/2021 06:58:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Browser service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (07/18/2021 06:58:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Browser service to connect.
Error: (07/18/2021 06:58:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Browser service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (07/18/2021 06:58:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Browser service to connect.
Windows Defender:
================
Date: 2021-07-18 14:46:12
Description:
Microsoft Defender 防毒軟體 在嘗試更新安全性情報時發生錯誤。
新的安全性情報版本:
上一個安全性情報版本: 1.303.25.0
更新來源: Microsoft Update 伺服器
安全性情報類型: 防毒軟體
更新類型: 完整型
使用者: NT AUTHORITY\SYSTEM
目前的引擎版本:
上一個引擎版本: 1.1.16400.2
錯誤碼: 0x80070422
錯誤描述: 無法啟動服務,可能因為服務已停用,或它沒有相關的啟用裝置。
Date: 2021-07-18 14:45:51
Description:
Microsoft Defender 防毒軟體 在嘗試更新安全性情報時發生錯誤。
新的安全性情報版本:
上一個安全性情報版本: 1.303.25.0
更新來源: Microsoft 惡意程式碼防護中心
安全性情報類型: 防毒軟體
更新類型: 完整型
使用者: NT AUTHORITY\NETWORK SERVICE
目前的引擎版本:
上一個引擎版本: 1.1.16400.2
錯誤碼: 0x80072ee7
錯誤描述: 無法解析伺服器名稱或位址
Date: 2021-07-18 14:45:51
Description:
Microsoft Defender 防毒軟體 在嘗試更新安全性情報時發生錯誤。
新的安全性情報版本:
上一個安全性情報版本: 1.303.25.0
更新來源: Microsoft 惡意程式碼防護中心
安全性情報類型: 反間諜功能
更新類型: 完整型
使用者: NT AUTHORITY\NETWORK SERVICE
目前的引擎版本:
上一個引擎版本: 1.1.16400.2
錯誤碼: 0x80072ee7
錯誤描述: 無法解析伺服器名稱或位址
Date: 2021-07-18 14:45:51
Description:
Microsoft Defender 防毒軟體 在嘗試更新安全性情報時發生錯誤。
新的安全性情報版本:
上一個安全性情報版本: 1.303.25.0
更新來源: Microsoft 惡意程式碼防護中心
安全性情報類型: 防毒軟體
更新類型: 完整型
使用者: NT AUTHORITY\NETWORK SERVICE
目前的引擎版本:
上一個引擎版本: 1.1.16400.2
錯誤碼: 0x80072ee7
錯誤描述: 無法解析伺服器名稱或位址
Date: 2021-07-18 14:45:51
Description:
Microsoft Defender 防毒軟體 在嘗試更新安全性情報時發生錯誤。
新的安全性情報版本:
上一個安全性情報版本: 1.303.25.0
更新來源: Microsoft 惡意程式碼防護中心
安全性情報類型: 防毒軟體
更新類型: 完整型
使用者: NT AUTHORITY\NETWORK SERVICE
目前的引擎版本:
上一個引擎版本: 1.1.16400.2
錯誤碼: 0x80072ee7
錯誤描述: 無法解析伺服器名稱或位址
CodeIntegrity:
===============
Date: 2021-07-18 19:00:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. FD4 SY7 04/21/2014
Motherboard: Gigabyte Technology Co., Ltd. H61M-S1
Processor: Intel® Core™ i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 16%
Total physical RAM: 16333.33 MB
Available physical RAM: 13689.62 MB
Total Virtual: 16333.33 MB
Available Virtual: 13691.9 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100 GB) (Free:74.44 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:123.57 GB) (Free:123.17 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: CF13DD2E)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=123.6 GB) - (Type=0F Extended)
==================== End of Addition.txt =======================
Attached Files
Topic in Virus and Malware .HELP - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer
Read More
No comments:
Post a Comment