Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.12.2018 Ran by David (27-12-2018 13:21:52) Running from C:\Users\David\Desktop Windows 10 Pro Version 1803 17134.472 (X64) (2018-05-18 19:28:29) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1842900721-2209424687-1813072984-500 - Administrator - Disabled) David (S-1-5-21-1842900721-2209424687-1813072984-1001 - Administrator - Enabled) => C:\Users\David DefaultAccount (S-1-5-21-1842900721-2209424687-1813072984-503 - Limited - Disabled) Guest (S-1-5-21-1842900721-2209424687-1813072984-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1842900721-2209424687-1813072984-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5} FW: Bitdefender Firewall (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.) Ableton Live 9 Suite (HKLM\...\{7597F2DC-003A-476E-9281-774AB112B7BE}) (Version: 9.0.0.0 - Ableton) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team) AIMP (HKLM-x32\...\AIMP) (Version: v4.50.2058, 27.12.2017 - AIMP DevTeam) Alcatech BPM Studio Professional v4.9.1 (HKLM-x32\...\Alcatech BPM Studio Professional v4.9.1) (Version: - ) Apple Application Support (32-bit) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) aTube Catcher versie 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Belgium e-ID middleware 4.2.8 (build 3252) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73252}) (Version: 4.2.3252 - Belgian Government) Belgium e-ID viewer 4.2.11 (build 3344) (HKLM-x32\...\{F3DC7F06-92FF-4C98-87F5-72C0B7863344}) (Version: 4.2.3344 - Belgian Government) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 23.0.8.132 - Bitdefender) Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 23.0.10.34 - Bitdefender) Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 23.0.16.72 - Bitdefender) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.) Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - ) Canon PhotoRecord (HKLM-x32\...\{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}) (Version: 02.02.03002 - Cisra) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) Canon Utilities Easy-PhotoPrint (HKLM-x32\...\Easy-PhotoPrint) (Version: - ) Canon Utilities Easy-PrintToolBox (HKLM-x32\...\Easy-PrintToolBox) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform) CopyTrans Suite Alleen Verwijderen (HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\CopyTrans Suite) (Version: 4.017 - WindSolutions) Corel PaintShop Pro 2018 (HKLM-x32\...\_{6000096B-318C-40F8-A450-043B6A602D16}) (Version: 20.0.0.132 - Corel Corporation) Corel PaintShop Pro 2018 (HKLM-x32\...\{5A150D1D-326B-4C75-8984-2D2C602D1CA1}) (Version: 20.0.0.132 - Corel Corporation) Hidden Corel Update Manager (HKLM\...\{67881956-8135-4804-9465-BA1419010638}) (Version: 2.4.245 - Corel corporation) Hidden Corel Update Manager (HKLM-x32\...\{3F8C582C-B21D-49EC-AD5F-C9890041A0CC}) (Version: 2.4.245 - Corel corporation) Hidden DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden Easy-WebPrint (HKLM-x32\...\Easy-WebPrint) (Version: - ) GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.) Glary Utilities 5.74 (HKLM-x32\...\Glary Utilities 5) (Version: 5.74.0.95 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden ICA (HKLM-x32\...\{6000096B-318C-40F8-A450-043B6A602D16}) (Version: 20.0.0.132 - Corel Corporation) Hidden iCloud (HKLM\...\{28ABC5D7-AF47-4476-A6AA-C2DD822ED40F}) (Version: 7.9.0.9 - Apple Inc.) IPM_PSP_COM (HKLM-x32\...\{E366C7D5-FD35-482C-AA33-38AE3BC48021}) (Version: 20.0.0.132 - Corel Corporation) Hidden IPM_PSP_COM64 (HKLM\...\{2013AABB-7212-4D79-B13B-25E567C2D0E4}) (Version: 20.0.0.132 - Corel Corporation) Hidden iTunes (HKLM\...\{C043EB43-410A-4EB2-826E-BED9F8574BC2}) (Version: 12.9.2.6 - Apple Inc.) Letasoft Sound Booster 1.8.0.453 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.8.0.453 - Letasoft LLC) Logitech Options (HKLM\...\LogiOptions) (Version: 7.10.3 - Logitech) Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech) Malwarebytes versie 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) MixMeister Studio Demo 7.4.4 (HKLM-x32\...\mmssetup_is1) (Version: - MixMeister Technology LLC) Movavi Video Editor 14 (x64) (HKLM\...\Movavi Video Editor 14 (x64)) (Version: 14.5.0 - Movavi) Mozilla Firefox 56.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 56.0.2 (x64 nl)) (Version: 56.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla) NVIDIA 3D Vision controllerstuurprogramma 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA 3D Vision stuurprogramma 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation) NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) Opera Stable 57.0.3098.106 (HKLM-x32\...\Opera 57.0.3098.106) (Version: 57.0.3098.106 - Opera Software) Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden PSPPContent (HKLM-x32\...\{CC719875-8939-48D2-BA50-D5F5673C4C6A}) (Version: 20.0.0.132 - Corel Corporation) Hidden PSPPHelp (HKLM-x32\...\{BBF5A9A0-82BD-4C51-9EAD-624651FE765B}) (Version: 20.0.0.132 - Corel Corporation) Hidden PSPPro64 (HKLM\...\{A8A7345E-0111-4A73-9F0F-560A837BF901}) (Version: 20.0.0.132 - Corel Corporation) Hidden Reason 5.0 (HKLM-x32\...\Reason5_is1) (Version: 5.0 - Propellerhead Software AB) Setup (HKLM-x32\...\{C9C9ACD1-F275-45CB-B507-96486DB5E608}) (Version: 20.0.0.132 - Uw bedrijfsnaam) Hidden Skyrim - Legendary Edition (HKLM-x32\...\Skyrim - Legendary Edition_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) SoulseekQt versie 2017.2.20 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2017.2.20 - Soulseek LLC) Subtitle Edit 3.4.6 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.4.6.544 - Nikse) Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation) VirtualDJ 8 (HKLM-x32\...\{90AE6F39-3EE1-45A1-90D5-FB6C82391EDF}) (Version: 8.0.2338.0 - Atomix Productions) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN) VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.36 - VSO Software) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1842900721-2209424687-1813072984-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-17] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-17] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-17] () ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-17] () ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-12-28] (AIMP DevTeam) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-23] (Glarysoft Ltd) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-12-03] (Apple Inc.) ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-07-05] (Power Software Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] () ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-23] (Glarysoft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-12-28] (AIMP DevTeam) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-07-05] (Power Software Ltd) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] () ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-17] () ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-23] (Glarysoft Ltd) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-07-05] (Power Software Ltd) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] () ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {07AA3868-DE31-46F2-9DF3-D7646C310209} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2017-04-24] (Glarysoft Ltd) Task: {0CBDA53E-0DD7-4359-9874-F7C793F00F79} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-09-26] (Corel Corporation) Task: {1E822842-3DB1-4CFA-8153-1695882B548F} - System32\Tasks\CorelUpdateHelperTask => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-09-26] (Corel Corporation) Task: {22D73205-F8D9-408E-BFCF-8A665237EE16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-27] (Google Inc.) Task: {25C968FC-0208-422B-8002-1AE762942468} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.) Task: {2B8BF14C-FA26-42A8-93DE-9252D8C963E4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-06] (Adobe Systems Incorporated) Task: {2EFDEE3D-9637-4DD6-B184-E7CEB1E64F32} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [2018-11-23] (Bitdefender) Task: {35AE2434-17EA-42EE-9644-36F1B26DE0ED} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-11-15] (Bitdefender) Task: {4B30387C-1271-4C52-9A3C-A5022B500968} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION Task: {58A12088-9BF6-4773-A598-1A7FDF204C53} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-03-24] (NVIDIA Corporation) Task: {5AA87AB8-0B28-4918-A86D-FA41B86734CC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated) Task: {60798088-171D-4333-8D3E-26A61F89F1A3} - System32\Tasks\SafeZone scheduled Autoupdate 1512300469 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {6386109B-893A-4490-BE9C-FFB9055B524F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-27] (Google Inc.) Task: {655E2F45-8FCC-45BF-B5F2-118254BE9F8C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {7B536D2F-DB89-4A21-AEF2-993B87579C73} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd) Task: {7D3D9E09-B110-4846-8E70-C902D90A0C2E} - System32\Tasks\Opera scheduled Autoupdate 1500207683 => C:\Program Files\Opera\launcher.exe [2018-12-19] (Opera Software) Task: {8792784D-682C-425E-A1E9-30DDA517F562} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2017-04-24] (Glarysoft Ltd) Task: {8B2C4EB9-962F-4574-9B4A-9E0C721A0A82} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-11-01] (AVAST Software) Task: {9287CA55-A73A-4DEC-AE82-0EEB406C2C09} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION Task: {A308EDFA-2406-4B41-9870-8DE8B6BB13BF} - System32\Tasks\S-1-5-21-1842900721-2209424687-1813072984-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-12-08] (Microsoft Corporation) Task: {B1187F6B-F117-41DD-A60B-26EAB30FEA27} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-03-24] (NVIDIA Corporation) Task: {B16185F1-078C-4C81-A04F-3B05F3E55425} - \NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION Task: {B3837E32-926F-4343-9119-DE2A07FF0FD7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe [2018-12-06] (Adobe Systems Incorporated) Task: {D37D5157-EED2-4939-BC98-41F9DA447506} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-davkezero@proximus.be => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated) Task: {D57A69CD-6C9F-4F4D-96F2-314A5F3FF6DF} - \NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION Task: {D9B40FA8-C9ED-43C9-A8FF-45A72E70BAAA} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2018-12-03] (Apple Inc.) Task: {E66D474F-8B8B-40D8-96E8-2BDD1C1EF498} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION Task: {FA2588E8-3FC2-4480-A464-975A328D4683} - \NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki Shortcut: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com ==================== Loaded Modules (Whitelisted) ============== 2018-12-24 12:37 - 2018-11-14 20:36 - 000994752 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpbr.mdl 2018-12-24 12:37 - 2018-11-14 20:36 - 000544880 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpdsp.mdl 2018-12-24 12:37 - 2018-11-14 20:36 - 003240080 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpph.mdl 2018-12-24 12:37 - 2018-11-14 20:36 - 001530368 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttprbl.mdl 2018-12-21 18:08 - 2018-03-24 02:19 - 000544192 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000444416 _____ () c:\windows\system32\SSDM.dll 2017-11-30 18:54 - 2017-11-30 18:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2018-11-01 05:27 - 2018-11-01 05:27 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2018-12-21 18:08 - 2018-03-24 02:19 - 001267648 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-12-27 12:17 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-07-17 23:50 - 2017-07-17 23:50 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll 2016-06-14 05:25 - 2016-06-14 05:25 - 008911552 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-12-12 11:54 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2017-07-16 14:02 - 2011-03-02 11:40 - 000164864 _____ () C:\Program Files\WinRAR\rarext.dll 2018-12-21 15:43 - 2018-12-21 15:43 - 107561560 _____ () C:\Program Files\Opera\57.0.3098.106\opera_browser.dll 2018-12-21 15:43 - 2018-12-21 15:43 - 004991576 _____ () C:\Program Files\Opera\57.0.3098.106\libglesv2.dll 2018-12-21 15:43 - 2018-12-21 15:43 - 000116824 _____ () C:\Program Files\Opera\57.0.3098.106\libegl.dll 2018-12-21 07:50 - 2018-12-14 07:50 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-12-13 21:49 - 2018-12-13 21:49 - 002834944 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1811.3241.0_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll 2018-12-13 21:49 - 2018-12-13 21:49 - 000120320 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1811.3241.0_x64__8wekyb3d8bbwe\PeopleUtilRT.dll 2018-12-13 21:49 - 2018-12-13 21:49 - 009032704 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1811.3241.0_x64__8wekyb3d8bbwe\Microsoft.People.NativeComponents.dll 2018-12-13 21:49 - 2018-12-13 21:50 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2018-11-06 11:06 - 2018-11-06 11:06 - 000070144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll 2018-11-06 11:06 - 2018-11-06 11:06 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll 2018-10-23 22:28 - 2018-10-23 22:28 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2018-12-13 21:49 - 2018-12-13 21:49 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2018-10-09 13:14 - 2018-10-09 13:14 - 004389888 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1809.2571.0_x64__8wekyb3d8bbwe\OneConnect.dll 2018-09-08 11:41 - 2018-09-08 11:41 - 032745472 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1805.2331.0_x64__8wekyb3d8bbwe\PilotshubApp.dll 2018-09-08 11:41 - 2018-09-08 11:41 - 000528896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1805.2331.0_x64__8wekyb3d8bbwe\Helper.dll 2017-04-07 08:41 - 2017-04-07 08:41 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll 2017-05-19 19:17 - 2017-05-19 19:17 - 000073728 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2017-04-24 02:45 - 2017-04-24 02:45 - 000089088 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-03-18 22:03 - 2018-12-27 13:16 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\David\Desktop\439888.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "InstallerLauncher" HKLM\...\StartupApproved\Run32: => "Easy-PrintToolBox" HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX" HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "ZaAntiRansomware" HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\StartupApproved\StartupFolder: => "PUSH Wallpaper.lnk" HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\StartupApproved\Run: => "AppleIEDAV" HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\StartupApproved\Run: => "iCloudPhotos" HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-1842900721-2209424687-1813072984-1001\...\StartupApproved\Run: => "PUSH Wallpaper" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{66BB60DB-152E-4682-A2B3-DF63CE69A9E9}] => (Allow) LPort=1688 FirewallRules: [{876AD587-763B-43DA-9AC0-53D82D33D6D6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) FirewallRules: [{8DA3D3CF-AB56-4BBD-920C-4CD338BA59F2}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{6DF104FC-818B-455F-AD07-1B5C0ABC891C}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{FF29346A-F47F-4772-9B84-A1EBE7AF08A1}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{216F9618-4840-4518-AD05-00BE384602CA}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{DC4D97C7-7CD8-4B20-8897-CDC630AA98D0}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{A82E02EB-8F6B-461C-A7FE-763CB2796CFF}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{6AAB5857-E08B-4182-BA53-006D2CFE5585}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{BFB020AE-C944-48A1-8A75-5B670C362A6A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{A00A6AA7-46FF-4A5B-9D92-4256440DC000}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{2DEFA994-BCC1-4121-9E27-E1BBEBA5C7B5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{C27FA87D-5D44-483C-BE6B-3C948F7E3A3A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{2E26066E-F529-495E-9184-A57231C3AF7E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [TCP Query User{31E67141-1177-4AA1-A299-02880389E150}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () FirewallRules: [UDP Query User{7A2F540B-C180-4877-B9D7-BAF69F5125D4}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () FirewallRules: [TCP Query User{FA2793A2-E757-4042-8214-62B075CF91C4}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN) FirewallRules: [UDP Query User{1DC85694-EA41-4304-850F-ABB44526164B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN) FirewallRules: [{55EDB177-2C83-4F22-8C65-05DDFF774BFA}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{0D535674-25DD-411F-B4CB-0F048E5FD09A}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{EE04F1BA-3E43-46CD-A1C6-238F6D14AE8C}] => (Allow) C:\Program Files\Opera\56.0.3051.116\opera.exe (Opera Software) FirewallRules: [{A54A4F21-2656-4783-8DFB-51C5BA02FB97}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) FirewallRules: [{C46AFBC9-0B10-44C5-9C1B-9BFC1F93BF15}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech, Inc.) FirewallRules: [TCP Query User{71D4AFBA-7E8E-4011-91FA-A60703BDB34E}C:\program files\airdc++\airdc.exe] => (Allow) C:\program files\airdc++\airdc.exe (AirDC++ Team) FirewallRules: [UDP Query User{81D94A3E-275D-4FB6-9D35-BD31220A92CD}C:\program files\airdc++\airdc.exe] => (Allow) C:\program files\airdc++\airdc.exe (AirDC++ Team) FirewallRules: [{CE67AF5D-9ED6-4611-AB62-B943E51210F7}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc.) FirewallRules: [{61CD9DB5-925C-4E34-B1E1-BC3F7883766C}] => (Allow) C:\Program Files\Opera\57.0.3098.106\opera.exe (Opera Software) FirewallRules: [{14F61A3E-3182-4431-94CF-FDFD50EC1E7A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) FirewallRules: [{00EED4CA-1A4E-4132-B6BD-01932F084021}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) FirewallRules: [{3798034F-2A5C-4960-969A-3B0020A58E0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) FirewallRules: [{0F71E72E-EED8-4912-A030-DA6F0E41E98F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) FirewallRules: [{121B53E0-6E90-4A92-9579-BAF05AE63DCC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation) FirewallRules: [{256F0F88-CCE6-4475-9968-333514703DEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation) ==================== Restore Points ========================= 21-12-2018 07:49:38 Windows Update 24-12-2018 11:13:51 Installed ESET Internet Security ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/27/2018 12:20:03 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (12/27/2018 12:18:39 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het uitvoeren van een query voor de IVssWriterCallback-interface. hr = 0x80070005, Access is denied. . Dit wordt vaak veroorzaakt door onjuiste beveiligingsinstellingen in het writer- of requestorproces. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {e01843ca-45f5-4146-af78-fd2bb9a01ced} Error: (12/27/2018 11:43:49 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (12/26/2018 07:58:31 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-L4AJP37) Description: httphttp-2147467263 Error: (12/26/2018 07:58:31 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-L4AJP37) Description: brave hendrikbrave hendrik-2147467263 Error: (12/26/2018 12:25:15 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-L4AJP37) Description: brave hendrikbrave hendrik-2147467263 Error: (12/26/2018 12:18:55 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-L4AJP37) Description: httphttp-2147467263 Error: (12/26/2018 12:18:55 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-L4AJP37) Description: brave hendrikbrave hendrik-2147467263 System errors: ============= Error: (12/27/2018 01:18:15 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-L4AJP37) Description: In de machtigingsinstellingen application-specific wordt de machtiging Launch niet verleend aan Local voor de COM-servertoepassing met CLSID Windows.SecurityCenter.WscCloudBackupProvider en APPID Unavailable aan de gebruiker DESKTOP-L4AJP37\David SID (S-1-5-21-1842900721-2209424687-1813072984-1001) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/27/2018 01:16:26 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-L4AJP37) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker DESKTOP-L4AJP37\David SID (S-1-5-21-1842900721-2209424687-1813072984-1001) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/27/2018 01:16:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/27/2018 01:16:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/27/2018 01:14:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Windows Remediation Service-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 0 milliseconden worden uitgevoerd: Restart the service. Error: (12/27/2018 01:14:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De NVIDIA LocalSystem Container-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 6000 milliseconden worden uitgevoerd: Restart the service. Error: (12/27/2018 01:14:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De Bitdefender Product Agent Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (12/27/2018 01:14:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De NVIDIA Telemetry Container-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 1000 milliseconden worden uitgevoerd: Restart the service. CodeIntegrity: =================================== Date: 2018-12-27 12:17:43.376 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Opera\57.0.3098.106\opera.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2018-12-24 11:23:11.223 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-12-24 11:23:11.220 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-12-24 11:22:53.918 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-12-24 11:22:53.712 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\gemma.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-12-24 11:22:53.632 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-12-23 13:13:03.738 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume3\ProgramData\Kaspersky Lab\AVP19.0.0\Data\updater\supd_4099afb1\updater.kdl that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-12-23 13:12:57.622 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume3\ProgramData\Kaspersky Lab\AVP19.0.0\Data\updater\supd_4099afb1\updater.kdl that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz Percentage of memory in use: 29% Total physical RAM: 10220.24 MB Available physical RAM: 7161.6 MB Total Virtual: 11820.24 MB Available Virtual: 8374.55 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:455.45 GB) (Free:87.93 GB) NTFS Drive e: (MP3 DEEL 1) (Fixed) (Total:931.28 GB) (Free:2.2 GB) FAT32 Drive f: (Elements) (Fixed) (Total:931.51 GB) (Free:122.63 GB) NTFS Drive g: (Seagate Expansion Drive) (Fixed) (Total:3725.9 GB) (Free:1824.6 GB) NTFS Drive h: (DATA) (Fixed) (Total:455.96 GB) (Free:393.31 GB) NTFS \\?\Volume{6e99a6a4-0000-0000-0000-100005000000}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{6e99a6a4-0000-0000-0000-100000000000}\ (PQSERVICE) (Fixed) (Total:20 GB) (Free:5.84 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6E99A6A4) Partition 1: (Not Active) - (Size=20 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=455.5 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=456 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: EECAD41D) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0002846E) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 3726 GB) (Disk ID: 11096EB9) Partition: GPT. ==================== End of Addition.txt ============================