Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.12.2018 Ran by David (26-12-2018 14:03:29) Running from C:\Users\David\Desktop Windows 10 Pro Version 1803 17134.472 (X64) (2018-05-18 19:28:29) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1842900721-2209424687-1813072984-500 - Administrator - Disabled) David (S-1-5-21-1842900721-2209424687-1813072984-1001 - Administrator - Enabled) => C:\Users\David DefaultAccount (S-1-5-21-1842900721-2209424687-1813072984-503 - Limited - Disabled) Guest (S-1-5-21-1842900721-2209424687-1813072984-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1842900721-2209424687-1813072984-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5} FW: Bitdefender Firewall (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.) Ableton Live 9 Suite (HKLM\...\{7597F2DC-003A-476E-9281-774AB112B7BE}) (Version: 9.0.0.0 - Ableton) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team) AIMP (HKLM-x32\...\AIMP) (Version: v4.50.2058, 27.12.2017 - AIMP DevTeam) Alcatech BPM Studio Professional v4.9.1 (HKLM-x32\...\Alcatech BPM Studio Professional v4.9.1) (Version: - ) Apple Application Support (32-bit) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) aTube Catcher versie 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Belgium e-ID middleware 4.2.8 (build 3252) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73252}) (Version: 4.2.3252 - Belgian Government) Belgium e-ID viewer 4.2.11 (build 3344) (HKLM-x32\...\{F3DC7F06-92FF-4C98-87F5-72C0B7863344}) (Version: 4.2.3344 - Belgian Government) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 23.0.8.132 - Bitdefender) Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 23.0.10.34 - Bitdefender) Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 23.0.16.72 - Bitdefender) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.) Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - ) Canon PhotoRecord (HKLM-x32\...\{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}) (Version: 02.02.03002 - Cisra) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) Canon Utilities Easy-PhotoPrint (HKLM-x32\...\Easy-PhotoPrint) (Version: - ) Canon Utilities Easy-PrintToolBox (HKLM-x32\...\Easy-PrintToolBox) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform) CopyTrans Suite Alleen Verwijderen (HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\CopyTrans Suite) (Version: 4.017 - WindSolutions) Corel PaintShop Pro 2018 (HKLM-x32\...\_{6000096B-318C-40F8-A450-043B6A602D16}) (Version: 20.0.0.132 - Corel Corporation) Corel PaintShop Pro 2018 (HKLM-x32\...\{5A150D1D-326B-4C75-8984-2D2C602D1CA1}) (Version: 20.0.0.132 - Corel Corporation) Hidden Corel Update Manager (HKLM\...\{67881956-8135-4804-9465-BA1419010638}) (Version: 2.4.245 - Corel corporation) Hidden Corel Update Manager (HKLM-x32\...\{3F8C582C-B21D-49EC-AD5F-C9890041A0CC}) (Version: 2.4.245 - Corel corporation) Hidden DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden Easy-WebPrint (HKLM-x32\...\Easy-WebPrint) (Version: - ) GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.) Glary Utilities 5.74 (HKLM-x32\...\Glary Utilities 5) (Version: 5.74.0.95 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden ICA (HKLM-x32\...\{6000096B-318C-40F8-A450-043B6A602D16}) (Version: 20.0.0.132 - Corel Corporation) Hidden iCloud (HKLM\...\{28ABC5D7-AF47-4476-A6AA-C2DD822ED40F}) (Version: 7.9.0.9 - Apple Inc.) IPM_PSP_COM (HKLM-x32\...\{E366C7D5-FD35-482C-AA33-38AE3BC48021}) (Version: 20.0.0.132 - Corel Corporation) Hidden IPM_PSP_COM64 (HKLM\...\{2013AABB-7212-4D79-B13B-25E567C2D0E4}) (Version: 20.0.0.132 - Corel Corporation) Hidden iTunes (HKLM\...\{C043EB43-410A-4EB2-826E-BED9F8574BC2}) (Version: 12.9.2.6 - Apple Inc.) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Letasoft Sound Booster 1.8.0.453 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.8.0.453 - Letasoft LLC) Logitech Options (HKLM\...\LogiOptions) (Version: 7.10.3 - Logitech) Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) MixMeister Studio Demo 7.4.4 (HKLM-x32\...\mmssetup_is1) (Version: - MixMeister Technology LLC) Movavi Video Editor 14 (x64) (HKLM\...\Movavi Video Editor 14 (x64)) (Version: 14.5.0 - Movavi) Mozilla Firefox 56.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 56.0.2 (x64 nl)) (Version: 56.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla) NVIDIA 3D Vision controllerstuurprogramma 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA 3D Vision stuurprogramma 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation) NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.7.0 - Microleaves) Hidden <==== ATTENTION Opera Stable 57.0.3098.106 (HKLM-x32\...\Opera 57.0.3098.106) (Version: 57.0.3098.106 - Opera Software) Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden PSPPContent (HKLM-x32\...\{CC719875-8939-48D2-BA50-D5F5673C4C6A}) (Version: 20.0.0.132 - Corel Corporation) Hidden PSPPHelp (HKLM-x32\...\{BBF5A9A0-82BD-4C51-9EAD-624651FE765B}) (Version: 20.0.0.132 - Corel Corporation) Hidden PSPPro64 (HKLM\...\{A8A7345E-0111-4A73-9F0F-560A837BF901}) (Version: 20.0.0.132 - Corel Corporation) Hidden Reason 5.0 (HKLM-x32\...\Reason5_is1) (Version: 5.0 - Propellerhead Software AB) Setup (HKLM-x32\...\{C9C9ACD1-F275-45CB-B507-96486DB5E608}) (Version: 20.0.0.132 - Uw bedrijfsnaam) Hidden Skyrim - Legendary Edition (HKLM-x32\...\Skyrim - Legendary Edition_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) SoulseekQt versie 2017.2.20 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2017.2.20 - Soulseek LLC) Subtitle Edit 3.4.6 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.4.6.544 - Nikse) Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation) VirtualDJ 8 (HKLM-x32\...\{90AE6F39-3EE1-45A1-90D5-FB6C82391EDF}) (Version: 8.0.2338.0 - Atomix Productions) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN) VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.36 - VSO Software) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) YoutubeAdBlock (HKLM-x32\...\1655C0CA-7AE7-4012-8502-970C8675E5F8) (Version: 2.0.0.725 - Company Inc.) <==== ATTENTION ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1842900721-2209424687-1813072984-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-7FCB8A6F166E}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File CustomCLSID: HKU\S-1-5-21-1842900721-2209424687-1813072984-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-17] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-17] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-17] () ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-17] () ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-12-28] (AIMP DevTeam) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-23] (Glarysoft Ltd) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-12-03] (Apple Inc.) ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-07-05] (Power Software Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] () ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-23] (Glarysoft Ltd) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-12-28] (AIMP DevTeam) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-07-05] (Power Software Ltd) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] () ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-17] () ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-23] (Glarysoft Ltd) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-07-05] (Power Software Ltd) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] () ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {07AA3868-DE31-46F2-9DF3-D7646C310209} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2017-04-24] (Glarysoft Ltd) Task: {0CBDA53E-0DD7-4359-9874-F7C793F00F79} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-09-26] (Corel Corporation) Task: {1E822842-3DB1-4CFA-8153-1695882B548F} - System32\Tasks\CorelUpdateHelperTask => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-09-26] (Corel Corporation) Task: {22D73205-F8D9-408E-BFCF-8A665237EE16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-27] (Google Inc.) Task: {25C968FC-0208-422B-8002-1AE762942468} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.) Task: {264A8A23-554E-4AAF-A41A-49AE1A388FA4} - System32\Tasks\mMzvDpxKxjJVUr => rundll32 "C:\Program Files (x86)\hUmbquBpttZU2\CpagFSVROGPeT.dll",#1 Task: {2B8BF14C-FA26-42A8-93DE-9252D8C963E4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-06] (Adobe Systems Incorporated) Task: {2EFDEE3D-9637-4DD6-B184-E7CEB1E64F32} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [2018-11-23] (Bitdefender) Task: {35AE2434-17EA-42EE-9644-36F1B26DE0ED} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-11-15] (Bitdefender) Task: {4B30387C-1271-4C52-9A3C-A5022B500968} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-24] (NVIDIA Corporation) Task: {58A12088-9BF6-4773-A598-1A7FDF204C53} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-03-24] (NVIDIA Corporation) Task: {5AA87AB8-0B28-4918-A86D-FA41B86734CC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated) Task: {60798088-171D-4333-8D3E-26A61F89F1A3} - System32\Tasks\SafeZone scheduled Autoupdate 1512300469 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {6386109B-893A-4490-BE9C-FFB9055B524F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-27] (Google Inc.) Task: {63B0162A-473D-4C1B-B077-2218DFD3EC3C} - System32\Tasks\UXshqEpiPQcXH2 => C:\WINDOWS\system32\wscript.exe "C:\ProgramData\BuHcEEPgNwocAWVB\CsvqYPw.wsf" Task: {655E2F45-8FCC-45BF-B5F2-118254BE9F8C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {7B536D2F-DB89-4A21-AEF2-993B87579C73} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd) Task: {7D3D9E09-B110-4846-8E70-C902D90A0C2E} - System32\Tasks\Opera scheduled Autoupdate 1500207683 => C:\Program Files\Opera\launcher.exe [2018-12-19] (Opera Software) Task: {8792784D-682C-425E-A1E9-30DDA517F562} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2017-04-24] (Glarysoft Ltd) Task: {8B2C4EB9-962F-4574-9B4A-9E0C721A0A82} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-11-01] (AVAST Software) Task: {9287CA55-A73A-4DEC-AE82-0EEB406C2C09} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-24] (NVIDIA Corporation) Task: {96B7E7AA-A566-4FDE-BCDD-96F10D22FC56} - System32\Tasks\DvwLFWwXutwLxJgmB2 => rundll32 "C:\Program Files (x86)\ooxzIAzTqruiVIszQdR\LdBunKR.dll",#1 Task: {99ED4113-D437-4D67-9CEE-59DD097D6901} - System32\Tasks\snp => C:\ProgramData\Quoteex\Quoteex.exe <==== ATTENTION Task: {A1938C70-A9F8-4624-847A-0553F21D80EA} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe [2017-11-02] (Microleaves) <==== ATTENTION Task: {A308EDFA-2406-4B41-9870-8DE8B6BB13BF} - System32\Tasks\S-1-5-21-1842900721-2209424687-1813072984-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-12-08] (Microsoft Corporation) Task: {A61FB639-3373-4478-84CC-0E017299A1DE} - System32\Tasks\SOVqgpLsuXhFCxp2 => rundll32 "C:\Program Files (x86)\fHDlqDVwU\pgSRGe.dll",#1 Task: {B1187F6B-F117-41DD-A60B-26EAB30FEA27} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-03-24] (NVIDIA Corporation) Task: {B16185F1-078C-4C81-A04F-3B05F3E55425} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-24] (NVIDIA Corporation) Task: {B3837E32-926F-4343-9119-DE2A07FF0FD7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe [2018-12-06] (Adobe Systems Incorporated) Task: {D0296985-5EC2-4A6C-AE7C-61FF5DAF4624} - System32\Tasks\iYMvCriySoqaGgPjbmR2 => rundll32 "C:\Program Files (x86)\qUgzYKxVLnesC\JjWYUDw.dll",#1 Task: {D37D5157-EED2-4939-BC98-41F9DA447506} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-davkezero@proximus.be => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated) Task: {D3B4697E-8F80-4781-8F4A-18C09B32CA53} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe Task: {D57A69CD-6C9F-4F4D-96F2-314A5F3FF6DF} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-03-24] (NVIDIA Corporation) Task: {D9B40FA8-C9ED-43C9-A8FF-45A72E70BAAA} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2018-12-03] (Apple Inc.) Task: {E041D5B2-4FCF-4505-8AE9-0A1CECFFC8DD} - System32\Tasks\ugbHS => C:\Users\David\AppData\Roaming\ObFUv\ugbHS.vbs [2018-12-24] () Task: {E66D474F-8B8B-40D8-96E8-2BDD1C1EF498} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-24] (NVIDIA Corporation) Task: {F758A787-FEF7-44C2-B497-0F4313631815} - System32\Tasks\snf => C:\ProgramData\Quoteex\Quoteex.exe <==== ATTENTION Task: {FA2588E8-3FC2-4480-A464-975A328D4683} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-24] (NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki Shortcut: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF% ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF% ==================== Loaded Modules (Whitelisted) ============== 2018-12-24 12:37 - 2018-11-14 20:36 - 000994752 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpbr.mdl 2018-12-24 12:37 - 2018-11-14 20:36 - 000544880 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpdsp.mdl 2018-12-24 12:37 - 2018-11-14 20:36 - 003240080 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpph.mdl 2018-12-24 12:37 - 2018-11-14 20:36 - 001530368 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttprbl.mdl 2018-12-21 18:08 - 2018-03-24 02:19 - 000544192 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000444416 _____ () c:\windows\system32\SSDM.dll 2017-11-30 18:54 - 2017-11-30 18:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2018-11-01 05:27 - 2018-11-01 05:27 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2018-12-21 18:08 - 2018-03-24 02:19 - 001267648 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2017-07-17 23:50 - 2017-07-17 23:50 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll 2016-06-14 05:25 - 2016-06-14 05:25 - 008911552 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-12-12 11:54 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2017-07-16 14:02 - 2011-03-02 11:40 - 000164864 _____ () C:\Program Files\WinRAR\rarext.dll 2018-12-21 07:50 - 2018-12-14 07:50 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-10-23 22:28 - 2018-10-23 22:28 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2018-12-13 21:49 - 2018-12-13 21:49 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2018-12-13 21:49 - 2018-12-13 21:50 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll 2018-12-13 21:49 - 2018-12-13 21:49 - 010927616 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\LibWrapper.dll 2018-12-13 21:49 - 2018-12-13 21:50 - 002916864 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\skypert.dll 2018-12-13 21:49 - 2018-12-13 21:50 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2018-12-13 21:49 - 2018-12-13 21:50 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2017-04-07 08:41 - 2017-04-07 08:41 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll 2017-05-19 19:17 - 2017-05-19 19:17 - 000073728 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2018-12-21 15:43 - 2018-12-21 15:43 - 107561560 _____ () C:\Program Files\Opera\57.0.3098.106\opera_browser.dll 2018-12-21 15:43 - 2018-12-21 15:43 - 004991576 _____ () C:\Program Files\Opera\57.0.3098.106\libglesv2.dll 2018-12-21 15:43 - 2018-12-21 15:43 - 000116824 _____ () C:\Program Files\Opera\57.0.3098.106\libegl.dll 2018-06-08 13:20 - 2018-06-08 13:20 - 000019456 _____ () C:\Program Files\WindowsApps\TuneIn.TuneInRadio_4.0.5.0_x64__6bhtb546zcxnj\TuneIn.exe 2018-06-08 13:20 - 2018-06-08 13:20 - 048331776 _____ () C:\Program Files\WindowsApps\TuneIn.TuneInRadio_4.0.5.0_x64__6bhtb546zcxnj\TuneIn.dll 2018-11-13 07:34 - 2018-11-13 07:34 - 005673832 _____ () C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll 2017-04-24 02:45 - 2017-04-24 02:45 - 000089088 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll 2018-11-01 05:28 - 2018-11-01 05:28 - 001042744 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2017-11-30 18:55 - 2017-11-30 18:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-03-18 22:03 - 2018-12-26 13:48 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\David\Desktop\439888.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "InstallerLauncher" HKLM\...\StartupApproved\Run32: => "Easy-PrintToolBox" HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX" HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "ZaAntiRansomware" HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\StartupApproved\StartupFolder: => "PUSH Wallpaper.lnk" HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\StartupApproved\Run: => "AppleIEDAV" HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\StartupApproved\Run: => "iCloudPhotos" HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\StartupApproved\Run: => "PUSH Wallpaper" HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\StartupApproved\Run: => "2811496" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{66BB60DB-152E-4682-A2B3-DF63CE69A9E9}] => (Allow) LPort=1688 FirewallRules: [{876AD587-763B-43DA-9AC0-53D82D33D6D6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) FirewallRules: [{8DA3D3CF-AB56-4BBD-920C-4CD338BA59F2}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{6DF104FC-818B-455F-AD07-1B5C0ABC891C}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{FF29346A-F47F-4772-9B84-A1EBE7AF08A1}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{216F9618-4840-4518-AD05-00BE384602CA}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{DC4D97C7-7CD8-4B20-8897-CDC630AA98D0}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{A82E02EB-8F6B-461C-A7FE-763CB2796CFF}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{6AAB5857-E08B-4182-BA53-006D2CFE5585}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{BFB020AE-C944-48A1-8A75-5B670C362A6A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{A00A6AA7-46FF-4A5B-9D92-4256440DC000}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{2DEFA994-BCC1-4121-9E27-E1BBEBA5C7B5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{1E926E51-C41F-49F5-9879-8C7C95D11026}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe No File FirewallRules: [{0E0E1D17-4B6E-492B-A56A-B177681A3C87}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe No File FirewallRules: [{2C15E19E-4BC2-4D36-836B-B977472B539C}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe No File FirewallRules: [{374B12F6-C17B-4302-8A4F-AD59F3BF2FDC}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe No File FirewallRules: [{C27FA87D-5D44-483C-BE6B-3C948F7E3A3A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{2E26066E-F529-495E-9184-A57231C3AF7E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{1974CC7B-0B87-41B1-A870-979FE9F70AE5}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe No File FirewallRules: [TCP Query User{31E67141-1177-4AA1-A299-02880389E150}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () FirewallRules: [UDP Query User{7A2F540B-C180-4877-B9D7-BAF69F5125D4}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () FirewallRules: [TCP Query User{FA2793A2-E757-4042-8214-62B075CF91C4}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN) FirewallRules: [UDP Query User{1DC85694-EA41-4304-850F-ABB44526164B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN) FirewallRules: [{55EDB177-2C83-4F22-8C65-05DDFF774BFA}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{0D535674-25DD-411F-B4CB-0F048E5FD09A}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{EE04F1BA-3E43-46CD-A1C6-238F6D14AE8C}] => (Allow) C:\Program Files\Opera\56.0.3051.116\opera.exe (Opera Software) FirewallRules: [{A54A4F21-2656-4783-8DFB-51C5BA02FB97}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) FirewallRules: [{C46AFBC9-0B10-44C5-9C1B-9BFC1F93BF15}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech, Inc.) FirewallRules: [TCP Query User{71D4AFBA-7E8E-4011-91FA-A60703BDB34E}C:\program files\airdc++\airdc.exe] => (Allow) C:\program files\airdc++\airdc.exe (AirDC++ Team) FirewallRules: [UDP Query User{81D94A3E-275D-4FB6-9D35-BD31220A92CD}C:\program files\airdc++\airdc.exe] => (Allow) C:\program files\airdc++\airdc.exe (AirDC++ Team) FirewallRules: [{CE67AF5D-9ED6-4611-AB62-B943E51210F7}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc.) FirewallRules: [{61CD9DB5-925C-4E34-B1E1-BC3F7883766C}] => (Allow) C:\Program Files\Opera\57.0.3098.106\opera.exe (Opera Software) FirewallRules: [{14F61A3E-3182-4431-94CF-FDFD50EC1E7A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) FirewallRules: [{00EED4CA-1A4E-4132-B6BD-01932F084021}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) FirewallRules: [{3798034F-2A5C-4960-969A-3B0020A58E0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) FirewallRules: [{0F71E72E-EED8-4912-A030-DA6F0E41E98F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) FirewallRules: [{121B53E0-6E90-4A92-9579-BAF05AE63DCC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation) FirewallRules: [{256F0F88-CCE6-4475-9968-333514703DEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation) FirewallRules: [{98CB0A46-BE1A-4777-A9B0-13780F6FD213}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File FirewallRules: [{7C625CC1-D1DA-4777-9B9F-D16ED0A36869}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File FirewallRules: [{92E5F252-11FB-4BE2-8EDE-B33C3C4CCECC}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe No File FirewallRules: [{C8E3519D-47D5-475E-9A17-59BBEFD6F16D}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe No File FirewallRules: [{8FB88A15-C10E-460C-ACE6-C02BC4A5EE5F}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe No File FirewallRules: [{D7E89D65-F769-4A04-864B-4F26B5A4D2A0}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe No File ==================== Restore Points ========================= 21-12-2018 07:49:38 Windows Update 24-12-2018 11:13:51 Installed ESET Internet Security ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/26/2018 12:25:15 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-L4AJP37) Description: brave hendrikbrave hendrik-2147467263 Error: (12/26/2018 12:18:55 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-L4AJP37) Description: httphttp-2147467263 Error: (12/26/2018 12:18:55 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-L4AJP37) Description: brave hendrikbrave hendrik-2147467263 Error: (12/26/2018 11:28:09 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (12/25/2018 10:10:34 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (12/24/2018 12:38:17 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fout tijdens bijwerken van status naar SECURITY_PRODUCT_STATE_SNOOZED. Error: (12/24/2018 12:38:17 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fout tijdens bijwerken van status naar SECURITY_PRODUCT_STATE_SNOOZED. Error: (12/24/2018 11:33:25 AM) (Source: Application Error) (EventID: 1005) (User: ) Description: Geen toegang tot bestand om een van de volgende redenen: Er is een probleem met de netwerkverbinding, met de schijf waarop het bestand is opgeslagen, met de opslagstuurprogramma's op deze computer, of de schijf ontbreekt. Programma Correctsoon werd afgesloten vanwege deze fout. Programma: Correctsoon Bestand: De foutwaarde wordt weergegeven in de sectie Extra gegevens. Gebruikersactie 1. Open het bestand opnieuw. Mogelijk is dit een tijdelijk probleem dat vanzelf wordt opgelost als het programma opnieuw wordt uitgevoerd. 2. Als toegang tot het bestand nog steeds niet mogelijk is en - Als het bestand zich in het netwerk bevindt, dient de netwerkbeheerder te controleren of er geen probleem met het netwerk is en dat verbinding met de server kan worden gemaakt. - Als het bestand zich op een verwisselbare schijf bevindt, zoals een diskette of cd-rom, dient u te controleren of deze schijf correct in het schijfstation is geplaatst. 3. Controleer en repareer het bestandssysteem met CHKDSK. Klik hiervoor op Start, Uitvoeren en typ CMD. Klik OK en typ CHKDSK /F op de opdrachtprompt. Druk vervolgens op ENTER. 4. Als het probleem blijft bestaan, dient u het bestand terug te zetten via een back-upmedium. 5. Bepaal of andere bestanden op dezelfde schijf kunnen worden geopend. Als dit niet zo is, is de schijf beschadigd. Als het een harde schijf is, neemt u contact op met de netwerkbeheerder of hardwareleverancier voor ondersteuning. Aanvullende gegevens Foutwaarde: 00000000 Type schijf: 0 System errors: ============= Error: (12/26/2018 01:33:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Logitech Solar Keyboard Service-service is onverwacht gestopt. Dit is 4 keer gebeurd. De volgende herstelbewerking zal over 5000 milliseconden worden uitgevoerd: Restart the service. Error: (12/26/2018 01:33:03 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: De service Logitech Solar Keyboard Service is gestopt met de volgende specifieke servicefout: De bewerking is voltooid. Error: (12/26/2018 12:28:29 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-L4AJP37) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker DESKTOP-L4AJP37\David SID (S-1-5-21-1842900721-2209424687-1813072984-1001) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/26/2018 11:28:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Logitech Solar Keyboard Service-service is onverwacht gestopt. Dit is 3 keer gebeurd. De volgende herstelbewerking zal over 5000 milliseconden worden uitgevoerd: Restart the service. Error: (12/26/2018 11:28:41 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: De service Logitech Solar Keyboard Service is gestopt met de volgende specifieke servicefout: De bewerking is voltooid. Error: (12/26/2018 11:25:51 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-L4AJP37) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} en APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} aan de gebruiker DESKTOP-L4AJP37\David SID (S-1-5-21-1842900721-2209424687-1813072984-1001) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/25/2018 10:10:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-L4AJP37) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} en APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} aan de gebruiker DESKTOP-L4AJP37\David SID (S-1-5-21-1842900721-2209424687-1813072984-1001) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/25/2018 06:25:01 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-L4AJP37) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker DESKTOP-L4AJP37\David SID (S-1-5-21-1842900721-2209424687-1813072984-1001) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. CodeIntegrity: =================================== Date: 2018-12-24 11:23:11.223 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-12-24 11:23:11.220 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-12-24 11:22:53.918 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-12-24 11:22:53.712 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\gemma.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-12-24 11:22:53.632 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-12-23 13:13:03.738 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume3\ProgramData\Kaspersky Lab\AVP19.0.0\Data\updater\supd_4099afb1\updater.kdl that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-12-23 13:12:57.622 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume3\ProgramData\Kaspersky Lab\AVP19.0.0\Data\updater\supd_4099afb1\updater.kdl that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-12-23 12:57:19.994 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume3\ProgramData\Kaspersky Lab\AVP19.0.0\Data\updater\supd_4099afb1\updater.kdl that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz Percentage of memory in use: 43% Total physical RAM: 10220.24 MB Available physical RAM: 5774.77 MB Total Virtual: 11820.24 MB Available Virtual: 6909.98 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:455.45 GB) (Free:88.53 GB) NTFS Drive e: (MP3 DEEL 1) (Fixed) (Total:931.28 GB) (Free:2.2 GB) FAT32 Drive f: (Elements) (Fixed) (Total:931.51 GB) (Free:122.63 GB) NTFS Drive g: (Seagate Expansion Drive) (Fixed) (Total:3725.9 GB) (Free:1824.6 GB) NTFS Drive h: (DATA) (Fixed) (Total:455.96 GB) (Free:393.31 GB) NTFS \\?\Volume{6e99a6a4-0000-0000-0000-100005000000}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{6e99a6a4-0000-0000-0000-100000000000}\ (PQSERVICE) (Fixed) (Total:20 GB) (Free:5.84 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6E99A6A4) Partition 1: (Not Active) - (Size=20 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=455.5 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=456 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: EECAD41D) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0002846E) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 3726 GB) (Disk ID: 11096EB9) Partition: GPT. ==================== End of Addition.txt ============================