DOS Window flashes on screen. Slow++ PC. App window self-closing. | #microsoft | #hacking | #cybersecurity


Hi, thanks for looking into this. 

 

As described above, the DOS window will flash up momentarily on screen.  Also, the Libre Office word processor window has been closing itself when in use.  Computer is running at about 1/20th its usual speed.

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-06-2021
Ran by D&P (administrator) on SSD (Gigabyte Technology Co., Ltd. G31M-S2L) (09-06-2021 17:25:35)
Running from C:UsersD&PDesktop
Loaded Profiles: D&P
Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender SRL -> Bitdefender) C:Program FilesBitdefender AgentDiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:Program FilesBitdefender AgentProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:Program FilesBitdefender Antivirus Freebdagent.exe
(Bitdefender SRL -> Bitdefender) C:Program FilesBitdefender Antivirus Freebdredline.exe
(Bitdefender SRL -> Bitdefender) C:Program FilesBitdefender Antivirus Freedownloader.exe
(Bitdefender SRL -> Bitdefender) C:Program FilesBitdefender Antivirus Freeupdatesrv.exe
(Bitdefender SRL -> Bitdefender) C:Program FilesBitdefender Antivirus Freevsserv.exe
(Bitdefender SRL -> Bitdefender) C:Program FilesBitdefender Antivirus Freevsservppl.exe
(Emurasoft, Inc. -> Emurasoft, Inc.) C:UsersD&PAppDataLocalProgramsEmEditoremedtray.exe
(F.lux Software LLC -> f.lux Software LLC) C:UsersD&PAppDataLocalFluxSoftwareFluxflux.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:Program Files (x86)Foxit SoftwareFoxit ReaderFoxitReaderUpdateService.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:Program FilesClassic ShellClassicStartMenu.exe
(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesWindows DefenderMpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesWindows DefenderMsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesWindows DefenderNisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32Locator.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32WerFault.exe
(Mozilla Corporation -> Mozilla Corporation) C:Program Files (x86)Mozilla Firefoxfirefox.exe <6>
(Piriform Software Ltd -> Piriform Software Ltd) C:Program FilesCCleanerCCleaner64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:Program FilesCCleanertemp_ccupdateccupdate581_free.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:Program Files (x86)SamsungUSB Drivers27_ssconnconnss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:Program Files (x86)SamsungUSB Drivers28_ssconn2connss_conn_service2.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:Program FilesSUPERAntiSpywareSASCORE64.EXE
Failed to access process -> explorer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Run: [Classic Start Menu] => C:Program FilesClassic ShellClassicStartMenu.exe [161984 2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM…Run: [WindowsDefender] => “%ProgramFiles%Windows DefenderMSASCuiL.exe”
HKUS-1-5-21-3587151474-2898935432-3002049748-1001…Run: [SUPERAntiSpyware] => C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe [11221872 2021-06-03] (Support.com Inc -> SUPERAntiSpyware)
HKUS-1-5-21-3587151474-2898935432-3002049748-1001…Run: [f.lux] => C:UsersD&PAppDataLocalFluxSoftwareFluxflux.exe [1511824 2021-02-05] (F.lux Software LLC -> f.lux Software LLC)
HKUS-1-5-21-3587151474-2898935432-3002049748-1001…Run: [CCleaner Smart Cleaning] => C:Program FilesCCleanerCCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKUS-1-5-21-3587151474-2898935432-3002049748-1001…MountPoints2: {52ac944b-4ee0-11ea-833e-001d7da2cb12} – “E:LaunchU3.exe” -a
HKLM…Windows x64Print Processorshpzppw71: C:WindowsSystem32spoolprtprocsx64hpzppw71.dll [230400 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM…PrintMonitorsPCL hpz3lw71: C:Windowssystem32hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLMSoftwareMicrosoftActive SetupInstalled Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:Program FilesBraveSoftwareBrave-BrowserApplication91.1.25.70Installerchrmstp.exe [2021-06-04] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:UsersD&PAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupEmEditor.lnk [2020-12-26]
ShortcutTarget: EmEditor.lnk -> C:UsersD&PAppDataLocalProgramsEmEditoremedtray.exe (Emurasoft, Inc. -> Emurasoft, Inc.)
HKLMSOFTWAREPoliciesMozillaFirefox: Restriction <==== ATTENTION
HKLMSOFTWAREPoliciesGoogle: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {25738752-1027-43CF-A07F-02867A30C8AE} – System32TasksBraveSoftwareUpdateTaskMachineCore => C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [155848 2020-09-02] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {26F6E3CB-8AEC-48C1-83BA-179BD13C8381} – System32TasksBitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:Program FilesBitdefender AgentWatchDog.exe [888232 2021-01-29] (Bitdefender SRL -> Bitdefender)
Task: {37A380FF-0E33-4F76-8111-13AB93092456} – System32TasksCCleaner Update => C:Program FilesCCleanerCCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {49F68C0C-689E-4396-9713-8FFAE1E2A200} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:Program FilesWindows Defender\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {564F07A3-A674-4402-871D-5F6C97502277} – System32TasksMozillaFirefox Default Browser Agent E7CF176E110C211B => C:Program Files (x86)Mozilla Firefoxdefault-browser-agent.exe [636856 2021-06-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {645E069A-D016-48BE-B87D-D32C3A9B8498} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:Program FilesWindows Defender\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C6AB902-752E-4B8C-A743-A6D8687BADB7} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:Program FilesWindows Defender\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B842BD7-937D-4485-A61A-B4ADD3B05250} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:Program FilesWindows Defender\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {EAD81191-54BA-456A-82C7-A620D58747B6} – System32TasksBraveSoftwareUpdateTaskMachineUA => C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [155848 2020-09-02] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {F2AF1889-45E4-418C-9C80-8D200A2B9A88} – System32TasksCCleanerSkipUAC => C:Program FilesCCleanerCCleaner.exe [0 2021-06-09] ()
Task: {FB1006BD-F92B-4AA0-94DE-EE2C4D9E1C55} – System32TasksAVAST SoftwareAvast settings backup => C:Program FilesCommon FilesAVavast! Antivirusbackup.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

TcpipParameters: [DhcpNameServer] 10.1.1.1
Tcpip..Interfaces{2FD74EE0-FF2E-4401-AEF5-D103873BDD84}: [DhcpNameServer] 10.1.1.1

FireFox:
========
FF DefaultProfile: 55emv482.default-1575954705741
FF ProfilePath: C:UsersD&PAppDataRoamingMozillaFirefoxProfiles55emv482.default-1575954705741 [2021-06-09]
FF Extension: (AdBlocker Ultimate) – C:UsersD&PAppDataRoamingMozillaFirefoxProfiles55emv482.default-1575954705741Extensionsadblockultimate@adblockultimate.net.xpi [2020-12-08]
FF Extension: (Dark Background and Light Text) – C:UsersD&PAppDataRoamingMozillaFirefoxProfiles55emv482.default-1575954705741Extensionsjid1-QoFqdK4qzUfGWQ@jetpack.xpi [2021-02-12]
FF Extension: (TrafficLight) – C:UsersD&PAppDataRoamingMozillaFirefoxProfiles55emv482.default-1575954705741Extensionstrafficlight@bitdefender.com.xpi [2021-06-09]
FF Extension: (Malwarebytes Browser Guard) – C:UsersD&PAppDataRoamingMozillaFirefoxProfiles55emv482.default-1575954705741Extensions{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-06-05]
FF Extension: (Easy Youtube Video Downloader Express) – C:UsersD&PAppDataRoamingMozillaFirefoxProfiles55emv482.default-1575954705741Extensions{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-06-01]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:Program Files (x86)BraveSoftwareUpdate1.3.99.0npBraveUpdate3.dll [2020-09-02] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:Program Files (x86)BraveSoftwareUpdate1.3.99.0npBraveUpdate3.dll [2020-09-02] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin HKUS-1-5-21-3587151474-2898935432-3002049748-1001: @zoom.us/ZoomVideoPlugin -> C:UsersD&PAppDataRoamingZoombinnpzoomplugin.dll [2020-05-23] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF ExtraCheck: C:Program Files (x86)mozilla firefoxdefaultsprefbd_js_config.js [2021-06-09] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:Program Files (x86)mozilla firefoxbd_config.cfg [2021-06-09] <==== ATTENTION

Brave:
=======
BRA Profile: C:UsersD&PAppDataLocalBraveSoftwareBrave-BrowserUser DataDefault [2021-06-05]
BRA DefaultSearchKeyword: Default -> :g
BRA Extension: (Brave Local Data Files Updater) – C:UsersD&PAppDataLocalBraveSoftwareBrave-BrowserUser Dataafalakplffnnnlkncjhbmahjfjhmlkal [2021-02-22]
BRA Extension: (Brave Ad Block Updater (Default)) – C:UsersD&PAppDataLocalBraveSoftwareBrave-BrowserUser Datacffkpbalmllkdoenhmdmpbkajipdjfam [2021-06-05]
BRA Extension: (Brave NTP sponsored images) – C:UsersD&PAppDataLocalBraveSoftwareBrave-BrowserUser Datahlcinbnbfgoealjpgmoacabdkapmjjfj [2021-06-05]
BRA Extension: (Brave SpeedReader Updater) – C:UsersD&PAppDataLocalBraveSoftwareBrave-BrowserUser Datajicbkmdloagakknpihibphagfckhjdih [2021-06-05]
BRA Extension: (Brave HTTPS Everywhere Updater) – C:UsersD&PAppDataLocalBraveSoftwareBrave-BrowserUser Dataoofiananboodjbbmdelgdommihjbkfag [2021-06-05]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:Program FilesSUPERAntiSpywareSASCORE64.EXE [173472 2017-02-11] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 bdredline; C:Program FilesBitdefender Antivirus Freebdredline.exe [2461792 2019-03-27] (Bitdefender SRL -> Bitdefender)
S2 brave; C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [155848 2020-09-02] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [155848 2020-09-02] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 FoxitReaderUpdateService; C:Program Files (x86)Foxit SoftwareFoxit ReaderFoxitReaderUpdateService.exe [1995184 2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7391408 2021-06-01] (Malwarebytes Inc -> Malwarebytes)
R2 ProductAgentService; C:Program FilesBitdefender AgentProductAgentService.exe [1358248 2021-01-29] (Bitdefender SRL -> Bitdefender)
R2 ss_conn_service; C:Program Files (x86)SamsungUSB Drivers27_ssconnconnss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:Program Files (x86)SamsungUSB Drivers28_ssconn2connss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 updatesrv; C:Program FilesBitdefender Antivirus Freeupdatesrv.exe [236128 2020-11-26] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C:Program FilesBitdefender Antivirus Freevsserv.exe [559200 2021-04-02] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:Program FilesBitdefender Antivirus Freevsservppl.exe [240352 2020-11-26] (Bitdefender SRL -> Bitdefender)
R3 WdNisSvc; C:Program FilesWindows DefenderNisSrv.exe [361824 2017-01-13] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:Program FilesWindows DefenderMsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 atc; C:WindowsSystem32DRIVERSatc.sys [2718744 2021-02-26] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:Windowssystem32DRIVERSbddci.sys [802976 2020-12-04] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:WindowsSystem32driversbdelam.sys [22976 2020-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 edrsensor; C:WindowsSystem32DRIVERSedrsensor.sys [309120 2020-02-03] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 Gemma; C:WindowsSystem32DRIVERSgemma.sys [488592 2021-02-16] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 HWiNFO32; C:WindowsSysWOW64driversHWiNFO64A.SYS [27552 2019-12-10] (Martin Malik – REALiX -> REALiX™)
R2 MBAMChameleon; C:WindowsSystem32DriversMbamChameleon.sys [220752 2021-06-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:WindowsSystem32DRIVERSfarflt.sys [198888 2021-06-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:Windowssystem32DRIVERSmbam.sys [77496 2021-06-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:WindowsSystem32Driversmbamswissarmy.sys [248992 2021-06-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:Windowssystem32DRIVERSmwac.sys [156880 2021-06-09] (Malwarebytes Inc -> Malwarebytes)
R1 SASDIFSV; C:Program FilesSUPERAntiSpywareSASDIFSV64.SYS [14928 2011-07-23] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:Program FilesSUPERAntiSpywareSASKUTIL64.SYS [12368 2011-07-13] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudmdm; C:Windowssystem32DRIVERSssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 trufos; C:WindowsSystem32driverstrufos.sys [641728 2021-02-26] (Bitdefender SRL -> Bitdefender)
R0 vlflt; C:WindowsSystem32DRIVERSvlflt.sys [386800 2020-10-20] (Bitdefender SRL -> Bitdefender)
S0 WdBoot; C:WindowsSystem32driversWdBoot.sys [46600 2017-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:WindowsSystem32driversWdFilter.sys [274776 2017-01-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:WindowsSystem32DriversWdNisDrv.sys [117592 2017-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz148; ??C:Windowstempcpuz148cpuz148_x64.sys [X]
S3 cpuz149; ??C:Windowstempcpuz149cpuz149_x64.sys [X]
S3 hitmanpro37; ??C:Windowssystem32drivershitmanpro37.sys [X]
S4 IUFileFilter; ??C:Program Files (x86)IObitIObit Uninstallerdriverswin7_amd64IUFileFilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-09 17:25 – 2021-06-09 17:28 – 000018179 _____ C:UsersD&PDesktopFRST.txt
2021-06-09 17:24 – 2021-06-09 17:27 – 000000000 ____D C:FRST
2021-06-09 17:18 – 2021-06-09 17:18 – 000088268 _____ C:ProgramDataagent.update.1623222902.bdinstall.v2.bin
2021-06-09 17:06 – 2021-06-09 17:06 – 002300416 _____ (Farbar) C:UsersD&PDesktopFRST64.exe
2021-06-09 16:52 – 2020-12-18 00:37 – 000022976 _____ (Bitdefender) C:Windowssystem32Driversbdelam.sys
2021-06-09 16:47 – 2021-02-26 16:31 – 000641728 _____ (Bitdefender) C:Windowssystem32Driverstrufos.sys
2021-06-09 16:46 – 2021-06-09 16:46 – 000001114 _____ C:UsersPublicDesktopBitdefender Antivirus Free.lnk
2021-06-09 16:46 – 2021-06-09 16:46 – 000001114 _____ C:ProgramDataDesktopBitdefender Antivirus Free.lnk
2021-06-09 16:46 – 2020-02-03 14:53 – 000309120 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:Windowssystem32Driversedrsensor.sys
2021-06-09 16:45 – 2020-10-20 12:18 – 000386800 _____ (Bitdefender) C:Windowssystem32Driversvlflt.sys
2021-06-09 16:44 – 2021-02-26 11:40 – 002718744 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:Windowssystem32Driversatc.sys
2021-06-09 16:44 – 2021-02-16 13:31 – 000488592 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:Windowssystem32Driversgemma.sys
2021-06-09 16:44 – 2020-12-04 13:15 – 000802976 _____ (Bitdefender) C:Windowssystem32Driversbddci.sys
2021-06-09 16:42 – 2021-06-09 17:30 – 000000000 ____D C:Program FilesBitdefender Antivirus Free
2021-06-09 16:37 – 2021-06-09 16:37 – 000248992 _____ (Malwarebytes) C:Windowssystem32Driversmbamswissarmy.sys
2021-06-09 16:37 – 2021-06-09 16:37 – 000220752 _____ (Malwarebytes) C:Windowssystem32DriversMbamChameleon.sys
2021-06-09 16:37 – 2021-06-09 16:37 – 000198888 _____ (Malwarebytes) C:Windowssystem32Driversfarflt.sys
2021-06-09 16:37 – 2021-06-09 16:37 – 000156880 _____ (Malwarebytes) C:Windowssystem32Driversmwac.sys
2021-06-09 16:37 – 2021-06-09 16:37 – 000077496 _____ (Malwarebytes) C:Windowssystem32Driversmbam.sys
2021-06-09 16:34 – 2021-06-09 16:34 – 000019164 _____ C:ProgramDataagent.1623220447.bdinstall.v2.bin
2021-06-09 16:25 – 2021-06-09 16:25 – 013543384 _____ C:UsersD&PDesktopbitdefender_online.exe
2021-06-09 15:18 – 2021-06-09 15:18 – 000055840 _____ (Bitdefender) C:Windowssystem32Driversbduefiscan.sys
2021-06-09 10:10 – 2021-06-05 15:23 – 000417280 _____ (Microsoft Corporation) C:Windowssystem32html.iec
2021-06-09 10:10 – 2021-06-05 14:42 – 002132992 _____ (Microsoft Corporation) C:Windowssystem32inetcpl.cpl
2021-06-09 10:10 – 2021-06-05 14:30 – 002058752 _____ (Microsoft Corporation) C:WindowsSysWOW64inetcpl.cpl
2021-06-09 09:58 – 2021-06-09 15:31 – 000029256 _____ C:UsersD&PDesktopDoug.odt
2021-06-04 09:27 – 2021-06-04 09:27 – 000000000 ____D C:Windowssystem32TasksMozilla
2021-06-01 13:05 – 2021-06-01 14:10 – 000000000 ____D C:UsersD&PDesktopNew folder
2021-05-12 10:52 – 2021-04-06 16:51 – 001678056 _____ (Microsoft Corporation) C:Windowssystem32winload.efi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-09 17:31 – 2017-12-28 19:13 – 000003870 _____ C:Windowssystem32TasksCCleaner Update
2021-06-09 17:28 – 2014-11-15 19:41 – 000000000 ____D C:Program FilesCCleaner
2021-06-09 17:26 – 2014-11-09 10:38 – 000000000 ____D C:UsersD&PAppDataRoamingClassicShell
2021-06-09 17:20 – 2020-07-06 12:03 – 000003648 _____ C:Windowssystem32TasksBitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2021-06-09 17:18 – 2020-07-06 12:01 – 000000000 ____D C:Program FilesBitdefender Agent
2021-06-09 17:13 – 2017-12-21 15:42 – 000000000 ____D C:Program Files (x86)Mozilla Firefox
2021-06-09 17:11 – 2013-08-23 01:36 – 000000000 ___HD C:WindowsELAMBKUP
2021-06-09 16:56 – 2016-11-30 14:21 – 000000000 ____D C:UsersD&PAppDataLocalLowMozilla
2021-06-09 16:22 – 2014-03-19 01:26 – 000004080 _____ C:Windowssystem32PerfStringBackup.INI
2021-06-09 16:18 – 2013-08-23 00:45 – 000000006 ____H C:WindowsTasksSA.DAT
2021-06-09 16:18 – 2013-08-23 00:44 – 000494744 _____ C:Windowssystem32FNTCACHE.DAT
2021-06-09 16:18 – 2013-08-22 23:36 – 000000000 ____D C:WindowsInf
2021-06-09 15:37 – 2013-08-22 23:25 – 000262144 ___SH C:Windowssystem32configBBI
2021-06-09 15:36 – 2014-03-19 00:58 – 000000000 ____D C:Windowssystem32Driversen-GB
2021-06-09 15:36 – 2013-08-23 01:36 – 000000000 ___RD C:WindowsToastData
2021-06-09 15:36 – 2013-08-23 01:36 – 000000000 ____D C:Program FilesWindows Defender
2021-06-09 15:36 – 2013-08-23 01:20 – 000000000 ____D C:WindowsCbsTemp
2021-06-09 14:48 – 2013-08-22 23:25 – 000262144 ___SH C:Windowssystem32configELAM
2021-06-09 14:47 – 2014-11-29 16:58 – 000000000 ____D C:Program FilesSUPERAntiSpyware
2021-06-09 10:23 – 2014-11-12 16:19 – 000000000 ____D C:Windowssystem32MRT
2021-06-09 10:17 – 2014-11-12 16:19 – 132447432 ____C (Microsoft Corporation) C:Windowssystem32MRT.exe
2021-06-05 11:15 – 2014-11-05 19:13 – 000003600 _____ C:Windowssystem32TasksOptimize Start Menu Cache Files-S-1-5-21-3587151474-2898935432-3002049748-1001
2021-06-04 09:27 – 2019-08-25 13:25 – 000000000 ____D C:ProgramDataMozilla
2021-06-04 09:27 – 2017-12-21 15:42 – 000001175 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2021-06-04 08:54 – 2020-09-02 13:43 – 000002267 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsBrave.lnk
2021-06-04 08:54 – 2020-09-02 13:43 – 000002226 _____ C:UsersPublicDesktopBrave.lnk
2021-06-04 08:54 – 2020-09-02 13:43 – 000002226 _____ C:ProgramDataDesktopBrave.lnk
2021-06-01 18:05 – 2020-08-17 09:25 – 000001936 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk
2021-06-01 18:05 – 2019-11-01 13:47 – 000001924 _____ C:UsersPublicDesktopMalwarebytes.lnk
2021-06-01 18:05 – 2019-11-01 13:47 – 000001924 _____ C:ProgramDataDesktopMalwarebytes.lnk
2021-06-01 14:20 – 2013-08-23 01:36 – 000000000 ____D C:Windowsrescache
2021-06-01 14:10 – 2016-10-29 14:56 – 000000000 ____D C:UsersD&PDesktop2019 phone videos pictures
2021-06-01 13:13 – 2020-12-26 12:50 – 000000000 ____D C:UsersD&PDesktop26-12-2020 phone videos and pictures

==================== Files in the root of some directories ========

2016-09-25 19:24 – 2020-07-06 15:40 – 000007599 _____ () C:UsersD&PAppDataLocalResmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2021-06-01 13:19
==================== End of FRST.txt ========================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-06-2021
Ran by D&P (09-06-2021 17:33:21)
Running from C:UsersD&PDesktop
Windows 8.1 (Update) (X64) (2014-11-05 08:11:20)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3587151474-2898935432-3002049748-500 – Administrator – Disabled)
D&P (S-1-5-21-3587151474-2898935432-3002049748-1001 – Administrator – Enabled) => C:UsersD&P
Guest (S-1-5-21-3587151474-2898935432-3002049748-501 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Antimalware (Enabled – Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AV: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Antimalware (Enabled – Up to date) {01B39510-DC3A-8AEE-266E-57F17FC5F447}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Agent Ransack (HKLM…{E91B2B4D-B133-4F93-BFF4-0FFC16AD2C14}) (Version: 8.5.2946.1 – Mythicsoft Ltd)
Bitdefender Agent (HKLM…Bitdefender Agent) (Version: 24.0.1.169 – Bitdefender)
Bitdefender Antivirus Free (HKLM…{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.21.234 – Bitdefender)
Brave (HKLM-x32…BraveSoftware Brave-Browser) (Version: 91.1.25.70 – Brave Software Inc)
CCleaner (HKLM…CCleaner) (Version: 5.81 – Piriform)
Classic Shell (HKLM…{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 – IvoSoft)
EmEditor (32-bit) (HKLM-x32…{040FFDD4-9D65-4CE1-8AEE-0879A0128B18}) (Version: 20.4.2 – Emurasoft, Inc.)
f.lux (HKUS-1-5-21-3587151474-2898935432-3002049748-1001…Flux) (Version:  – f.lux Software LLC)
File Viewer Lite (HKLM-x32…{C8B24B83-920A-446E-B027-38F72C9D8898}_is1) (Version: 1.5.0 – Sharpened Productions)
Foxit Reader (HKLM-x32…Foxit Reader_is1) (Version: 10.0.0.35798 – Foxit Software Inc.)
Google Update Helper (HKLM-x32…{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 – Google Inc.) Hidden
Greenshot 1.2.8.12 (HKLM…Greenshot_is1) (Version: 1.2.8.12 – Greenshot)
LibreOffice 7.0.4.2 (HKLM…{B3171B83-4945-43E0-A101-841638C05506}) (Version: 7.0.4.2 – The Document Foundation)
Malwarebytes version 4.4.0.117 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 – Malwarebytes)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 – Microsoft Corporation)
Mozilla Firefox 89.0 (x86 en-US) (HKLM-x32…Mozilla Firefox 89.0 (x86 en-US)) (Version: 89.0 – Mozilla)
Revo Uninstaller 2.1.5 (HKLM…{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.5 – VS Revo Group, Ltd.)
Samsung USB Driver for Mobile Phones (HKLM…{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 – Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32…{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.20113.5 – Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32…InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.20113.5 – Samsung Electronics Co., Ltd.)
SUPERAntiSpyware (HKLM…{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 – SUPERAntiSpyware.com)
VLC media player (HKLM-x32…VLC media player) (Version: 3.0.10 – VideoLAN)
Zoom (HKUS-1-5-21-3587151474-2898935432-3002049748-1001…ZoomUMX) (Version: 5.0 – Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:Program FilesClassic ShellClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:Program FilesClassic ShellClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:Windowssystem32StartMenuHelper64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers2_.DEFAULT: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:Program FilesMythicsoftAgent RansackShellExt.dll [2020-05-29] (Mythicsoft Ltd -> Mythicsoft Ltd)
ContextMenuHandlers4_.DEFAULT: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:Program FilesMythicsoftAgent RansackShellExt.dll [2020-05-29] (Mythicsoft Ltd -> Mythicsoft Ltd)
ContextMenuHandlers5_.DEFAULT: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:Program FilesMythicsoftAgent RansackShellExt.dll [2020-05-29] (Mythicsoft Ltd -> Mythicsoft Ltd)
ContextMenuHandlers6_.DEFAULT: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:Program FilesMythicsoftAgent RansackShellExt.dll [2020-05-29] (Mythicsoft Ltd -> Mythicsoft Ltd)
ContextMenuHandlers2_S-1-5-21-3587151474-2898935432-3002049748-1001: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:Program FilesMythicsoftAgent RansackShellExt.dll [2020-05-29] (Mythicsoft Ltd -> Mythicsoft Ltd)
ContextMenuHandlers4_S-1-5-21-3587151474-2898935432-3002049748-1001: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:Program FilesMythicsoftAgent RansackShellExt.dll [2020-05-29] (Mythicsoft Ltd -> Mythicsoft Ltd)
ContextMenuHandlers5_S-1-5-21-3587151474-2898935432-3002049748-1001: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:Program FilesMythicsoftAgent RansackShellExt.dll [2020-05-29] (Mythicsoft Ltd -> Mythicsoft Ltd)
ContextMenuHandlers6_S-1-5-21-3587151474-2898935432-3002049748-1001: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:Program FilesMythicsoftAgent RansackShellExt.dll [2020-05-29] (Mythicsoft Ltd -> Mythicsoft Ltd)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Drivers32: [vidc.i420] => C:Windowssystem32lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM…Drivers32: [vidc.i420] => C:WindowsSysWOW64lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2014-04-20 09:17 – 2014-04-20 09:17 – 000803520 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:Program FilesClassic ShellClassicExplorer64.dll
2014-04-20 09:17 – 2014-04-20 09:17 – 003374272 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:Program FilesClassic ShellClassicStartMenuDLL.dll
2014-04-20 09:17 – 2014-04-20 09:17 – 000284864 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:Windowssystem32StartMenuHelper64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKUS-1-5-21-3587151474-2898935432-3002049748-1001SoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache = hxxp://www.msn.com/en-au/?ocid=iehp
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:Program FilesClassic ShellClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:Program FilesClassic ShellClassicIEDLL_64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:Program FilesClassic ShellClassicExplorer32.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:Program FilesClassic ShellClassicIEDLL_32.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM – Classic Explorer Bar – {553891B7-A0D5-4526-BE18-D3CE461D6310} – C:Program FilesClassic ShellClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 – Classic Explorer Bar – {553891B7-A0D5-4526-BE18-D3CE461D6310} – C:Program FilesClassic ShellClassicExplorer32.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 23:25 – 2019-01-06 17:45 – 000000824 _____ C:Windowssystem32driversetchosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKUS-1-5-21-3587151474-2898935432-3002049748-1001Control PanelDesktop\Wallpaper -> C:UsersD&PAppDataRoamingMozillaFirefoxDesktop Background.bmp
DNS Servers: 10.1.1.1
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIGServices: GoogleChromeElevationService => 3
MSCONFIGServices: IObitUnSvr => 2

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B258E31E-54F7-45EF-99AA-AC6B5C434182}] => (Allow) C:Program FilesCCleanerCCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{EB14755F-D57C-45D6-B665-4AE36D1AC203}] => (Allow) C:Program FilesCCleanerCCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{625BE756-8C73-4247-B044-414DA2114930}] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E0F8B75D-EA43-49E0-886A-15AFBE9D45E2}] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AE815443-1C0D-4879-82DF-3E1BEE922980}] => (Allow) C:UsersD&PAppDataRoamingZoombinZoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A0F971F5-B31E-4502-9955-5475D0F3237E}] => (Allow) C:Program FilesBraveSoftwareBrave-BrowserApplicationbrave.exe (Brave Software, Inc. -> Brave Software, Inc.)

==================== Restore Points =========================

01-06-2021 14:19:11 Scheduled Checkpoint
09-06-2021 10:16:38 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (06/09/2021 05:34:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b74

Start Time: 01d75cf754899bf3

Termination Time: 0

Application Path: C:WindowsExplorer.EXE

Report Id: a18277d7-c8ef-11eb-8368-001d7da2cb12

Faulting package full name:

Faulting package-relative application ID:

Error: (06/09/2021 05:12:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 5.75.0.8238 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d88

Start Time: 01d75cfdb19eb614

Termination Time: 29442

Application Path: C:Program FilesCCleanerCCleaner64.exe

Report Id: 0161185e-c8f2-11eb-8368-001d7da2cb12

Faulting package full name:

Faulting package-relative application ID:

Error: (06/09/2021 05:09:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 5.75.0.8238 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 518

Start Time: 01d75cfddb800282

Termination Time: 112

Application Path: C:Program FilesCCleanerCCleaner64.exe

Report Id: a35b1e84-c8f1-11eb-8368-001d7da2cb12

Faulting package full name:

Faulting package-relative application ID:

Error: (06/09/2021 04:22:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (06/09/2021 04:22:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (06/09/2021 02:52:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (06/09/2021 02:52:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (06/02/2021 12:15:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume System Reserved was not optimised because an error was encountered: The parameter is incorrect. (0x80070057)

System errors:
=============
Error: (06/09/2021 10:23:02 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007045b: 2021-06 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB5003671).

Error: (06/05/2021 11:16:27 AM) (Source: DCOM) (EventID: 10010) (User: SSD)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (06/05/2021 11:15:57 AM) (Source: DCOM) (EventID: 10010) (User: SSD)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (06/04/2021 09:18:32 AM) (Source: DCOM) (EventID: 10010) (User: SSD)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (06/04/2021 09:18:01 AM) (Source: DCOM) (EventID: 10010) (User: SSD)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (06/02/2021 12:16:17 PM) (Source: DCOM) (EventID: 10010) (User: SSD)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (06/02/2021 12:15:46 PM) (Source: DCOM) (EventID: 10010) (User: SSD)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (06/01/2021 01:19:40 PM) (Source: DCOM) (EventID: 10010) (User: SSD)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Windows Defender:
================
Date: 2021-06-09 17:11:24.165
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2015-07-23 14:33:27.251
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2015-07-13 14:20:51.346
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2015-02-07 18:39:14.310
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-12-24 14:11:48.883
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-08-25 14:06:10.339
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x8007045b
Error description: A system shut-down is in progress.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2019-08-25 14:06:10.339
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x8007045b
Error description: A system shut-down is in progress.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2019-08-25 14:06:10.339
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007045b
Error description: A system shut-down is in progress.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2019-08-25 13:56:32.894
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version: 1.1.16200.1
Previous Engine Version: 1.1.12002.0
Error Code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, then try to start the program again. For information on installing updates, see Help and Support.

Date: 2019-08-25 13:56:31.379
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80072f8f
Error description: A security error occurred

==================== Memory info ===========================

BIOS: Award Software International, Inc. F2 09/07/2007
Motherboard: Gigabyte Technology Co., Ltd. G31M-S2L
Processor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz
Percentage of memory in use: 81%
Total physical RAM: 2037.49 MB
Available physical RAM: 375.57 MB
Total Virtual: 3994.79 MB
Available Virtual: 865.95 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.45 GB) (Free:71.33 GB) NTFS

\?Volume{41fc7106-64aa-11e4-824f-806e6f6e6963} (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 7B29E3A2)
Partition 1: (Active) – (Size=350 MB) – (Type=07 NTFS)
Partition 2: (Not Active) – (Size=111.4 GB) – (Type=07 NTFS)

==================== End of Addition.txt =======================

 

 





Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

+ seventy eight = 80