Sony Vaio VGN-NW240F Not staying connected to WiFi

P

PakseFrustration

Posts: 16   +0
Hello,

My laptop will not stay connected to the WiFi anywhere in town for more than a few minutes at a time. Special notes: I am living in a guesthouse in Southern Laos so I do not have access to the router, my cell phone has no issues connecting or staying connected to the WiFi.

Here are the logs from FARBAR:

FRST. txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-08-2020
Ran by SONY (administrator) on SONY-PC (Sony Corporation VGN-NW125J) (12-08-2020 11:44:38)
Running from C:\Users\SONY\Desktop
Loaded Profiles: SONY
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Eltima Software -> Eltima Software) C:\Program Files (x86)\Eltima Software\Recover PDF Password\agent\RPPc.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksdeui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avpui.exe
(KeepSolid Inc.) [File not signed] C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM\ DisallowedCertificates: 1990649205B55EAB5D692E9EDB1BE0DDD3B037DE (Sennheiser) <==== ATTENTION
HKLM\ DisallowedCertificates: C597D4E7FF9CE5BD3EC321C11827FCA9294A6BA1 (DarkMatter CA) <==== ATTENTION
HKU\S-1-5-21-1738186064-958222864-1310178189-1000\...\Run: [Google Update] => C:\Users\SONY\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-1738186064-958222864-1310178189-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\SYSTEM32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb] -> Internet Explorer (Enable DEP)
HKLM\Software\...\AppCompatFlags\InstalledSDB\{a9264802-8a7a-40fe-a135-5c6d204aed7a}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb [2011-12-19]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15CC6238-46AF-4196-A3A6-1C01E25DBFFD} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1738186064-958222864-1310178189-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2019-05-15] (Microsoft Windows -> Microsoft Corporation)
Task: {3297F8F9-9C2F-443D-8F38-B5E161CA62C9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-08] (Adobe Inc. -> Adobe)
Task: {46B59945-5228-40B4-BF53-FB0DDB36BFB1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1738186064-958222864-1310178189-1000Core => C:\Users\SONY\AppData\Local\Google\Update\GoogleUpdate.exe [156456 2019-06-18] (Google Inc -> Google LLC)
Task: {5B85198A-9CDE-4E46-B35C-DCE34FCC286C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1738186064-958222864-1310178189-1000UA => C:\Users\SONY\AppData\Local\Google\Update\GoogleUpdate.exe [156456 2019-06-18] (Google Inc -> Google LLC)
Task: {709E935D-D367-409A-95DE-D297EA1E8457} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [123600 2020-08-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {7D277012-2A2B-4AA0-A999-42D676AF6D99} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {886452C0-6EAB-4A3E-839E-EE48C828B265} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-11] (Adobe Inc. -> Adobe)
Task: {E447FBFF-FB27-477B-B95F-7FB5C5BECE4E} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [491320 2020-05-12] (Bitdefender SRL -> Bitdefender)
Task: {E71BADFF-7089-4E55-A27A-E2C8F4E50416} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-06-08] (Adobe Inc. -> Adobe)
Task: {F8F09A42-CE5C-4982-9A58-C0BB037A550C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)
Task: {FE3A9D98-5056-4B9B-A05F-8A5B56C80858} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 183.182.100.1 8.8.4.4
Tcpip\..\Interfaces\{310A450C-2256-4579-ACF9-3D29393C4556}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4E57A67F-2F45-4C15-9AA6-EAE31389E3C6}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4E57A67F-2F45-4C15-9AA6-EAE31389E3C6}: [DhcpNameServer] 183.182.100.1 8.8.4.4
Tcpip\..\Interfaces\{CD144B2F-7574-4F66-A738-3DB8C758D9BA}: [NameServer] 10.100.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-1738186064-958222864-1310178189-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-us
HKU\S-1-5-21-1738186064-958222864-1310178189-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1738186064-958222864-1310178189-1000 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\IEExt\ie_plugin.dll [2020-07-23] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\IEExt\ie_plugin.dll [2020-07-23] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\IEExt\ie_plugin.dll [2020-07-23] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\IEExt\ie_plugin.dll [2020-07-23] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-1738186064-958222864-1310178189-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

FireFox:
========
FF DefaultProfile: ytww0b7u.default
FF ProfilePath: C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\ytww0b7u.default [2020-06-25]
FF Homepage: Mozilla\Firefox\Profiles\ytww0b7u.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10420__191126
FF NewTab: Mozilla\Firefox\Profiles\ytww0b7u.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10420__191126
FF Extension: (Avast Online Security) - C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\ytww0b7u.default\Extensions\wrc@avast.com.xpi [2020-02-08]
FF ProfilePath: C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\i4fl49ei.default-release [2020-08-12]
FF NewTab: Mozilla\Firefox\Profiles\i4fl49ei.default-release -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10420__191126
FF Extension: (Privacy Badger) - C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\i4fl49ei.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2020-07-24]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\i4fl49ei.default-release\Extensions\sp@avast.com.xpi [2020-07-04]
FF Extension: (LastPass: Free Password Manager) - C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\i4fl49ei.default-release\Extensions\support@lastpass.com.xpi [2020-08-05]
FF Extension: (uBlock Origin) - C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\i4fl49ei.default-release\Extensions\uBlock0@raymondhill.net.xpi [2020-08-12]
FF Extension: (Avast Online Security) - C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\i4fl49ei.default-release\Extensions\wrc@avast.com.xpi [2020-06-17]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-06-08] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-06-08] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-07-23] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-07-23] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default [2020-08-12]
CHR DownloadDir: C:\Users\SONY\Desktop
CHR Notifications: Default -> hxxps://166716742877603.webpush.freshchat.com; hxxps://app.slack.com; hxxps://voice.google.com
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Docs) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-15]
CHR Extension: (Google Drive) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-15]
CHR Extension: (YouTube) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-15]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-08-08]
CHR Extension: (MozBar) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2019-11-03]
CHR Extension: (Adobe Acrobat) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-08-06]
CHR Extension: (Kaspersky Protection) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2020-07-23]
CHR Extension: (Google Docs Offline) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-07]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2019-06-18]
CHR Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2020-08-09]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2020-05-21]
CHR Extension: (Evernote Web) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2019-06-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-25]
CHR Profile: C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-04-01]
CHR Extension: (Slides) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-18]
CHR Extension: (Docs) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-18]
CHR Extension: (Google Drive) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-18]
CHR Extension: (YouTube) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-18]
CHR Extension: (Adobe Acrobat) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-10]
CHR Extension: (Sheets) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-18]
CHR Extension: (Google Docs Offline) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-05]
CHR Extension: (Gmail) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-18]
CHR Extension: (Chrome Media Router) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-01]
CHR Profile: C:\Users\SONY\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-19]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
StartMenuInternet: Google Chrome.OZ6TULZGLO2PJGYLWWOESANBQM - C:\Users\SONY\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-08] (Adobe Inc. -> Adobe)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE4.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe [619752 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1352120 2020-05-12] (Bitdefender SRL -> Bitdefender)
R2 RppClientService; C:\Program Files (x86)\Eltima Software\Recover PDF Password\agent\RPPc.exe [687104 2012-04-20] (Eltima Software -> Eltima Software)
R2 VPNUnlimitedService; C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [49664 2020-06-29] (KeepSolid Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2019-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuardTunnel$VPNUWireguard; C:\Program Files (x86)\VPN Unlimited\WireVPNUImpl.exe [17920 2020-05-21] () [File not signed]
R2 wuauserv; C:\Windows\system32\wuaueng2.dll [2651648 2019-05-16] (Microsoft Corporation) [File not signed]
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531584 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79768 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145504 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [251800 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [643840 2020-06-26] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1277704 2020-06-26] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [998296 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [79760 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48592 2018-03-16] (AnchorFree Inc -> The OpenVPN Project)
R1 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [211048 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [232344 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab)
R2 rimsptsk; C:\Windows\System32\DRIVERS\rimspx64.sys [55296 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 SFEP; C:\Windows\System32\DRIVERS\SFEP.sys [11392 2007-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2019-06-19] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [35768 2018-09-07] (ProtonVPN AG -> The OpenVPN Project)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\System32\DRIVERS\wintun.sys [29576 2019-12-30] (WireGuard LLC -> WireGuard LLC)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [398112 2011-09-14] (Marvell Semiconductor -> Marvell)
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
U1 aswbdisk; no ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-12 11:44 - 2020-08-12 11:46 - 000027734 _____ C:\Users\SONY\Desktop\FRST.txt
2020-08-12 11:44 - 2020-08-12 11:44 - 000000000 ____D C:\Users\SONY\Desktop\FRST-OlderVersion
2020-08-10 12:13 - 2020-08-10 12:13 - 000527441 _____ C:\Users\SONY\Desktop\Companies-1 (1).csv
2020-08-04 13:01 - 2020-08-12 11:44 - 002296320 _____ (Farbar) C:\Users\SONY\Desktop\FRST64.exe
2020-08-03 16:56 - 2020-08-12 11:43 - 000000000 ____D C:\Users\SONY\Desktop\UK Work
2020-08-03 16:55 - 2020-08-03 19:50 - 000000000 ____D C:\Users\SONY\Desktop\Work
2020-08-01 12:53 - 2020-08-04 18:23 - 000000000 ____D C:\Users\SONY\AppData\LocalLow\uTorrent
2020-08-01 10:49 - 2020-08-01 10:49 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-08-01 10:48 - 2020-08-01 10:48 - 000000740 _____ C:\Users\SONY\Desktop\Start Tor Browser.lnk
2020-08-01 10:47 - 2020-08-01 10:47 - 000000000 ____D C:\Users\SONY\Desktop\Tor Browser
2020-08-01 10:44 - 2020-08-01 11:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-07-27 12:00 - 2020-07-27 12:00 - 445789999 _____ C:\Windows\MEMORY.DMP
2020-07-23 12:16 - 2020-08-12 11:45 - 000000000 ____D C:\FRST
2020-07-23 09:57 - 2020-07-23 09:57 - 000000318 _____ C:\Windows\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job
2020-07-23 09:57 - 2020-07-23 09:57 - 000000000 ____D C:\Program Files\Common Files\AV
2020-07-23 09:55 - 2020-07-23 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2020-07-23 09:54 - 2020-07-23 09:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Cloud
2020-07-23 09:53 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2020-07-23 09:52 - 2020-08-12 11:45 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-07-23 09:52 - 2020-07-23 09:54 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2020-07-23 09:52 - 2020-05-19 09:11 - 000998296 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2020-07-23 09:52 - 2020-05-19 09:11 - 000251800 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2020-07-23 09:44 - 2020-07-23 09:45 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2020-07-17 13:13 - 2020-07-22 13:12 - 000000000 ____D C:\Users\SONY\AppData\Roaming\Slack
2020-07-17 13:12 - 2020-07-17 13:15 - 000000000 ____D C:\Users\SONY\AppData\Local\slack

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-12 11:44 - 2020-05-04 13:31 - 000000000 ____D C:\Users\SONY\Desktop\Read Me
2020-08-12 11:40 - 2009-07-14 10:20 - 000000000 ____D C:\Windows\system32\NDF
2020-08-12 11:11 - 2009-07-14 11:45 - 000030112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-08-12 11:11 - 2009-07-14 11:45 - 000030112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-08-12 11:05 - 2020-06-25 11:34 - 000003648 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2020-08-12 11:02 - 2009-07-14 12:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-08-12 09:38 - 2019-06-18 20:00 - 000000000 ____D C:\Users\SONY\AppData\LocalLow\Mozilla
2020-08-11 15:06 - 2019-10-07 01:58 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-08-11 15:06 - 2019-10-07 01:58 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-08-11 15:04 - 2019-11-20 21:36 - 000002374 _____ C:\Users\SONY\Desktop\Google Chrome.lnk
2020-08-11 15:04 - 2019-06-15 19:19 - 000002411 _____ C:\Users\SONY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-08-10 15:26 - 2020-06-04 13:06 - 000001650 _____ C:\Users\SONY\Desktop\Companies-1.csv
2020-08-10 14:26 - 2019-06-29 09:43 - 000000000 ____D C:\Users\SONY\Desktop\ENC
2020-08-05 21:52 - 2019-10-07 01:58 - 000003450 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-08-04 19:44 - 2019-06-19 19:00 - 000000000 ____D C:\Users\SONY\Desktop\4K Video Downloader
2020-08-04 18:43 - 2019-06-15 20:06 - 000000000 ____D C:\Users\SONY\AppData\Local\ElevatedDiagnostics
2020-08-04 18:17 - 2009-07-14 12:08 - 000032652 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-08-04 14:22 - 2019-06-24 17:07 - 000000195 _____ C:\Users\SONY\Desktop\email.txt
2020-08-01 12:54 - 2019-06-18 22:58 - 000000000 ____D C:\Users\SONY\AppData\Local\BitTorrentHelper
2020-08-01 11:53 - 2019-06-18 20:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-08-01 10:52 - 2009-07-14 10:20 - 000000000 __RHD C:\Users\Public\Libraries
2020-08-01 10:48 - 2020-05-29 21:52 - 000000788 _____ C:\Users\SONY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2020-08-01 10:16 - 2019-06-25 13:32 - 000001292 _____ C:\Users\SONY\Desktop\measure.txt
2020-07-27 12:29 - 2019-06-15 19:20 - 000000000 ____D C:\Users\SONY\Downloads\Video
2020-07-27 12:15 - 2019-06-15 19:02 - 000000000 ____D C:\Users\SONY
2020-07-26 18:05 - 2020-06-09 12:26 - 000000000 ____D C:\Users\SONY\Downloads\Eyes on the Prize - America's Civil Rights Movement [.x264]
2020-07-23 12:25 - 2009-07-14 10:20 - 000000000 ____D C:\Windows\inf
2020-07-17 13:15 - 2019-11-03 14:50 - 000000000 ____D C:\Users\SONY\AppData\Local\SquirrelTemp
2020-07-17 08:37 - 2019-08-31 14:29 - 000000000 ____D C:\Users\SONY\Desktop\Video Capture and Edit
2020-07-14 17:26 - 2019-06-20 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPN Unlimited
2020-07-14 17:26 - 2019-06-20 15:56 - 000000000 ____D C:\Program Files (x86)\VPN Unlimited

==================== Files in the root of some directories ========

2019-06-22 12:58 - 2019-06-22 12:58 - 000000000 _____ () C:\Users\SONY\AppData\Local\oobelibMkey.log
2020-02-09 20:44 - 2020-02-09 20:44 - 000007597 _____ () C:\Users\SONY\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-08-08 19:11
==================== End of FRST.txt ========================

Addition.txt in comment
 
ADDITION.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2020
Ran by SONY (12-08-2020 11:47:48)
Running from C:\Users\SONY\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2019-06-15 12:02:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1738186064-958222864-1310178189-500 - Administrator - Disabled)
Guest (S-1-5-21-1738186064-958222864-1310178189-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1738186064-958222864-1310178189-1002 - Limited - Enabled)
SONY (S-1-5-21-1738186064-958222864-1310178189-1000 - Administrator - Enabled) => C:\Users\SONY

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Security Cloud (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Security Cloud (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Security Cloud (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.7 (HKLM\...\{AC1A4B11-192E-45F2-A205-D3BF4CC8D938}) (Version: 4.7.2.2732 - Open Media LLC)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20074 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.371 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.371 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.344 - Adobe)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 5.54 - NCH Software)
FBReader for Windows (HKLM-x32\...\FBReader for Windows) (Version: - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.0.0.35798 - Foxit Software Inc.)
Google Chrome (HKU\S-1-5-21-1738186064-958222864-1310178189-1000\...\Google Chrome) (Version: 84.0.4147.125 - Google LLC)
IDM Crack 6.32 build 6 (HKLM-x32\...\IDM Crack 6.32 build 6) (Version: 6.32 build 6 - Crackingpatching.com Team)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
Kaspersky Secure Connection (HKLM-x32\...\{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky)
Kaspersky Security Cloud (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
K-Lite Mega Codec Pack 14.3.7 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.3.7 - KLCP)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 79.0 (x64 en-US) (HKLM\...\Mozilla Firefox 79.0 (x64 en-US)) (Version: 79.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.2 - Mozilla)
Recover PDF Password 4.0.238 (HKLM-x32\...\Recover PDF Password_is1) (Version: - Eltima Software, Inc.)
Skype version 8.53 (HKLM-x32\...\Skype_is1) (Version: 8.53 - Skype Technologies S.A.)
Slack (HKU\S-1-5-21-1738186064-958222864-1310178189-1000\...\slack) (Version: 4.7.0 - Slack Technologies Inc.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TunSetupVPNU (HKLM\...\{3E4BC5B7-104F-40B3-BEC4-9CEF0BCD0EF8}) (Version: 1.0.0 - Keepsolid Inc.)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 7.25 - NCH Software)
VPN Unlimited 7.4 (HKLM-x32\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 7.4 - KeepSolid Inc.)
WinDjView 1.0.3 (HKLM-x32\...\WinDjView) (Version: 1.0.3 - Andrew Zhezherun)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1738186064-958222864-1310178189-1000_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\SONY\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1738186064-958222864-1310178189-1000_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\SONY\AppData\Local\Google\Update\1.3.35.423\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1738186064-958222864-1310178189-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\SONY\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1738186064-958222864-1310178189-1000_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\SONY\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1738186064-958222864-1310178189-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\SONY\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1738186064-958222864-1310178189-1000_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\SONY\AppData\Local\Google\Chrome\Application\84.0.4147.125\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1738186064-958222864-1310178189-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\SONY\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1738186064-958222864-1310178189-1000_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\SONY\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1738186064-958222864-1310178189-1000_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\SONY\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\ShellEx.dll [2020-07-23] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\ShellEx.dll [2020-07-23] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\ShellEx.dll [2020-07-23] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-10-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\ShellEx.dll [2020-07-23] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SYSTEM32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SYSTEM32\lagarith.dll [148992 2011-12-08] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SYSTEM32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SYSTEM32\ff_vfw.dll [126976 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SYSTEM32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-08] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2019-06-20 15:56 - 2020-06-29 11:47 - 001876992 _____ () [File not signed] C:\Program Files (x86)\VPN Unlimited\vpnu_private_sdk.dll
2019-05-16 08:52 - 2019-05-16 08:52 - 002651648 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wuaueng2.dll
2019-06-20 15:56 - 2020-05-21 17:00 - 000058880 _____ (The c-ares library, hxxps://c-ares.haxx.se/) [File not signed] C:\Program Files (x86)\VPN Unlimited\cares.dll
2019-06-20 15:56 - 2020-05-21 17:00 - 000361984 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files (x86)\VPN Unlimited\libcurl.dll
2019-06-20 15:56 - 2020-05-21 17:00 - 002516480 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\VPN Unlimited\libcrypto-1_1.dll
2019-06-20 15:56 - 2020-05-21 17:00 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\VPN Unlimited\libssl-1_1.dll
2019-06-20 15:56 - 2018-02-16 17:17 - 004628480 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\VPN Unlimited\Qt5Core.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:02B2B479 [125]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1738186064-958222864-1310178189-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1738186064-958222864-1310178189-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 09:34 - 2019-08-06 12:15 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1738186064-958222864-1310178189-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\SONY\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Discord => C:\Users\SONY\AppData\Local\Discord\app-0.0.305\Discord.exe
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\SONY\AppData\Roaming\uTorrent\uTorrent.exe"
MSCONFIG\startupreg: utweb => "C:\Users\SONY\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9CAC9CCD-66DB-4E10-836B-FEDDFD51A6D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{88E3DD29-BED4-4DD3-85F5-A0A1057B0444}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B9C073C2-4CC3-438C-B5A9-B8038BF4562D}C:\users\sony\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\sony\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [UDP Query User{51480E15-3BF6-4C29-AAE7-06C565097C58}C:\users\sony\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\sony\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [TCP Query User{696C76F7-C8CC-4667-BA57-9FCD706E79E3}C:\users\sony\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\sony\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{F8CEDD9F-6717-499A-B45A-DA9884EDF62A}C:\users\sony\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\sony\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{43F64A85-4742-4520-B5D7-9941AB7185E5}C:\users\sony\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\sony\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{C4292981-0980-4FEF-86DE-F7514AC651C2}C:\users\sony\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\sony\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{031BFEBD-391A-439D-A78A-368EE7E21E60}C:\program files (x86)\eltima software\recover pdf password\server\rpp.exe] => (Allow) C:\program files (x86)\eltima software\recover pdf password\server\rpp.exe (Eltima Software -> Eltima Software)
FirewallRules: [UDP Query User{1E25E491-558C-4B1E-B453-3AF1AC634CB1}C:\program files (x86)\eltima software\recover pdf password\server\rpp.exe] => (Allow) C:\program files (x86)\eltima software\recover pdf password\server\rpp.exe (Eltima Software -> Eltima Software)
FirewallRules: [{32272219-F654-40D5-90FF-4337DCF3464F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7B0D4F3C-588A-4859-8956-0E90C027F87B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A75122F-5F52-461F-BDD9-A1267E9B0999}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe (The OpenVPN Project) [File not signed]
FirewallRules: [{24809C58-4ADA-4854-B5A2-891A723D92BF}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe (The OpenVPN Project) [File not signed]
FirewallRules: [TCP Query User{3FAA61BB-4314-4F34-9EC5-26F5F20E45C2}C:\program files (x86)\vpn unlimited\vpn-unlimited.exe] => (Allow) C:\program files (x86)\vpn unlimited\vpn-unlimited.exe (KeepSolid Inc.) [File not signed]
FirewallRules: [UDP Query User{20445883-975E-47C9-ACE9-2A3E5CD1C202}C:\program files (x86)\vpn unlimited\vpn-unlimited.exe] => (Allow) C:\program files (x86)\vpn unlimited\vpn-unlimited.exe (KeepSolid Inc.) [File not signed]
FirewallRules: [TCP Query User{CFF03755-B145-47B4-88D5-F105E91F31B4}C:\program files (x86)\vpn unlimited\vpn-unlimited.exe] => (Allow) C:\program files (x86)\vpn unlimited\vpn-unlimited.exe (KeepSolid Inc.) [File not signed]
FirewallRules: [UDP Query User{0631744D-6C26-4BBE-B5D3-B87C7D30F2A9}C:\program files (x86)\vpn unlimited\vpn-unlimited.exe] => (Allow) C:\program files (x86)\vpn unlimited\vpn-unlimited.exe (KeepSolid Inc.) [File not signed]
FirewallRules: [TCP Query User{BD673061-250C-4BF2-A6DF-3FDFC6111505}C:\users\sony\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sony\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{F938538B-89BB-41FC-9E67-34C24889D9EF}C:\users\sony\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sony\appdata\roaming\utorrent\utorrent.exe => No File

==================== Restore Points =========================

08-08-2020 16:23:06 Windows Update

==================== Faulty Device Manager Devices ============

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (08/12/2020 11:03:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/12/2020 09:34:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/11/2020 03:01:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/11/2020 09:11:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/10/2020 02:25:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/10/2020 11:31:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/10/2020 10:09:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/09/2020 09:37:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (08/12/2020 11:04:10 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (08/10/2020 05:32:05 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (08/10/2020 05:32:04 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (08/10/2020 11:07:12 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (08/07/2020 01:30:39 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AVP20.0 service.

Error: (08/06/2020 08:24:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:21:53 PM on ‎8/‎6/‎2020 was unexpected.

Error: (08/06/2020 07:27:55 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (08/06/2020 07:27:55 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.


Windows Defender:
===================================
Date: 2020-08-04 18:47:29.028
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{9A10434B-223E-4997-A5AC-2160EDB46397}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2020-07-26 16:21:06.585
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{856CB659-5365-4251-8CA4-ABAA05A9C39A}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2020-07-26 10:16:01.106
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{123892D2-5CE2-4E54-906D-F7BB39126757}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2020-06-27 14:32:02.078
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.17200.2
Previous Engine Version:1.1.6402.0
Update Source:User
Error Code:0x8050800c
Error description:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2020-06-27 10:37:25.159
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.17200.2
Previous Engine Version:1.1.6402.0
Update Source:User
Error Code:0x8050800c
Error description:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2020-06-26 15:39:16.661
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.17200.2
Previous Engine Version:1.1.6402.0
Update Source:User
Error Code:0x8050800c
Error description:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

==================== Memory info ===========================

BIOS: American Megatrends Inc. R0170Y4 05/22/2009
Motherboard: Sony Corporation VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz
Percentage of memory in use: 67%
Total physical RAM: 3935.02 MB
Available physical RAM: 1298.48 MB
Total Virtual: 7868.18 MB
Available Virtual: 5039.61 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.17 GB) (Free:10.26 GB) NTFS
Drive d: () (Fixed) (Total:200.43 GB) (Free:20.06 GB) NTFS

\\?\Volume{d6230fd6-8fd9-11e9-b262-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 82D76217)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
785
uber_beetle
uber_beetle
E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
Nicki
Solved Must have picked up something... some COVID computer variant???
Replies
9
Views
3K
Broni
Broni

Latest posts

Back