Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.02.2018 Ran by daniel (20-02-2018 10:57:21) Running from C:\Users\daniel\Downloads Windows 10 Pro Version 1709 16299.248 (X64) (2017-12-08 10:09:14) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2649124161-4065937137-225622101-500 - Administrator - Enabled) => C:\Users\Administrator artur (S-1-5-21-2649124161-4065937137-225622101-1001 - Administrator - Enabled) => C:\Users\artur daniel (S-1-5-21-2649124161-4065937137-225622101-1005 - Administrator - Enabled) => C:\Users\daniel DefaultAccount (S-1-5-21-2649124161-4065937137-225622101-503 - Limited - Disabled) Guest (S-1-5-21-2649124161-4065937137-225622101-501 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-2649124161-4065937137-225622101-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) . . (HKLM\...\{9C40698F-A953-4658-AFF2-F7BB385A3910}) (Version: 7.1 - Intel) Hidden . . . (HKLM-x32\...\{870E5275-5457-4BBC-98C9-BFF4B70AA5D3}) (Version: 3.1.0.12 - Intel) Hidden 7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov) Adobe Acrobat Reader DC - Russian (HKLM-x32\...\{AC76BA86-7AD7-1049-7B44-AC0F074E4100}) (Version: 18.011.20036 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated) Adobe Creative Suite 6 Design Standard (HKLM-x32\...\{0327A4BF-62BF-48BB-8928-B971B749E9E1}) (Version: 6 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Illustrator CC 2017 (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC7}) (Version: 21.0 - Adobe Systems Incorporated) Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 8.0 - PainteR) Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated) Atom (HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\atom) (Version: 1.23.3 - GitHub Inc.) Brave (HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\Brave) (Version: 0.20.42 - Brave Software) CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform) Clink v0.4.8 (HKLM-x32\...\clink_0.4.8) (Version: 0.4.8 - Martin Ridgers) ConEmu 161206.x64 (HKLM\...\{7903B64C-30A1-4572-B8C5-8635D01B5E25}) (Version: 11.161.2060 - ConEmu-Maximus5) DebugBar v7.5.1 for Internet Explorer (remove only) (HKLM-x32\...\DebugBar) (Version: 7.5.1 - Core Services) Docker for Windows (HKLM\...\Docker for Windows) (Version: 17.12.0-ce-win47 - Docker Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 43.4.50 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden Far Manager 3 x64 (HKLM\...\{DF57AAAC-BA40-48C8-9D17-40E5DABA13CE}) (Version: 3.0.5100 - Eugene Roshal & Far Group) Firefox Developer Edition 59.0 (x64 en-US) (HKLM\...\Firefox Developer Edition 59.0 (x64 en-US)) (Version: 59.0 - Mozilla) fman (HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\fman) (Version: - Michael Herrmann) FocalFilter (HKLM-x32\...\{78156F61-016D-402A-9EF9-C2AA253DB22A}) (Version: 0.9.00 - FocalFilter) Git version 2.12.0 (HKLM\...\Git_is1) (Version: 2.12.0 - The Git Development Community) GnuWin32: Make-3.81 (HKLM-x32\...\Make-3.81_is1) (Version: 3.81 - GnuWin32) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.167 - Google Inc.) Google Chrome Canary (HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\Google Chrome SxS) (Version: 66.0.3350.0 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot) IETester v0.5.4 (remove only) (HKLM-x32\...\IETester) (Version: 0.5.4 - Core Services) ImageGlass (HKLM\...\{D539FBEF-4AA8-4415-B66F-6367DA5D0186}_is1) (Version: 4.5.11.27 - Duong Dieu Phap) Intel® Driver & Support Assistant (HKLM-x32\...\{2550a40e-aac6-4d21-9361-744d33bec573}) (Version: 3.1.0.12 - Intel) Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) JetBrains Toolbox (HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\JetBrainsToolbox) (Version: 1.6.2914 - JetBrains s.r.o.) KeePass Password Safe 2.37 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.37 - Dominik Reichl) LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass) LibreOffice 5.4.2.2 (HKLM\...\{71F5B603-BA9F-41E1-BC94-9839DFE5A83E}) (Version: 5.4.2.2 - The Document Foundation) Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0415-0000-0000000FF1CE}) (Version: 12.0.6334.5000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ Build Tools (HKLM-x32\...\{a9528995-e130-4501-ae19-bbfaddb779cc}) (Version: 14.0.25420.1 - Microsoft Corporation) Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.19.3 - Microsoft Corporation) Monosnap (HKLM-x32\...\{2CE96D70-718B-495D-9C58-C48CD89F7797}) (Version: 3.0.6.40 - Monosnap) Mozilla Firefox 57.0.4 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.4 (x64 en-US)) (Version: 57.0.4 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0 - Mozilla) Mozilla Thunderbird 52.5.2 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.5.2 (x86 en-US)) (Version: 52.5.2 - Mozilla) Ninja Download Manager build 38 (HKLM\...\DownloadNinja_is1) (Version: - Ninja Download Manager) Node.js (HKLM\...\{B7F6FEC2-3415-45CA-8E1A-9C7C00E02DDC}) (Version: 8.9.0 - Node.js Foundation) NVIDIA 3D Vision Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation) NVIDIA Graphics Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation) NVIDIA nView 141.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.36 - NVIDIA Corporation) NVIDIA WMI 2.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.18.0 - NVIDIA Corporation) NVM for Windows 1.1.6 (HKLM\...\40078385-F676-4C61-9A9C-F9028599D6D3_is1) (Version: 1.1.6 - Ecor Ventures LLC) PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden PDFsam Basic (HKLM-x32\...\{0314BB4C-2B68-491C-B4FB-40F1EC6CA881}) (Version: 3.30.5.0 - Andrea Vacondio) Postman-win64-5.5.2 (HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\Postman) (Version: 5.5.2 - Postman) PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham) Python 2.7.13 (HKLM-x32\...\{4A656C6C-D24A-473F-9747-3A8D00907A03}) (Version: 2.7.13150 - Python Software Foundation) Python 2.7.14 (HKLM-x32\...\{0398A685-FD8D-46B3-9816-C47319B0CF5E}) (Version: 2.7.14150 - Python Software Foundation) Python 3.6.3 (32-bit) (HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\{1bb10b8c-6e63-4897-9fb2-3873ce30d7e1}) (Version: 3.6.3150.0 - Python Software Foundation) Python 3.6.3 (64-bit) (HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\{4d474775-4381-473f-bf77-52503ff9709a}) (Version: 3.6.3150.0 - Python Software Foundation) Python 3.6.3 Add to Path (32-bit) (HKLM-x32\...\{04AE65E4-FC7A-43A7-AC1E-E3E019EF07F5}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Add to Path (64-bit) (HKLM\...\{7F03A05D-3A38-4915-B9E8-23D36D1D8D33}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Core Interpreter (32-bit) (HKLM-x32\...\{52D39C34-E5F5-41AE-88CD-5DE66C9150B4}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Core Interpreter (64-bit) (HKLM\...\{5CAB3F9C-AC0C-4796-984C-292FF82FB112}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Development Libraries (32-bit) (HKLM-x32\...\{F7D9BDE7-2C35-4F7E-AEBE-9F3028451087}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Development Libraries (64-bit) (HKLM\...\{B6B221CE-20AA-46D6-8156-911613216968}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Documentation (32-bit) (HKLM-x32\...\{20EB04A7-B5EF-485E-9440-F36214C5501D}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Documentation (64-bit) (HKLM\...\{404A8C42-6B82-4B32-AC7F-0583644A04F2}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Executables (32-bit) (HKLM-x32\...\{CA16E2AA-4499-4FE5-A88C-174612920734}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Executables (64-bit) (HKLM\...\{D3ABC2C4-85AF-4AFD-94D4-F2B84F49BFEA}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 pip Bootstrap (32-bit) (HKLM-x32\...\{DA64A828-F7A9-4A19-97BD-3A9A63CEB972}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 pip Bootstrap (64-bit) (HKLM\...\{48EC8399-294B-40F5-8274-E2AFBF0CFCBE}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Standard Library (32-bit) (HKLM-x32\...\{14843392-E9B3-4031-BCF6-FC00D5791AA8}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Standard Library (64-bit) (HKLM\...\{60B3332C-989F-4609-8D4F-7B1FD1DB0A5D}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{AE89BB1E-1C06-4556-AA05-A6628DE07BA9}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Tcl/Tk Support (64-bit) (HKLM\...\{8FE3FFD1-2F7E-4EBB-A4B7-627E279DA70E}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Test Suite (32-bit) (HKLM-x32\...\{63208505-67AD-4AAC-BD7B-00DE5B83BAF0}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Test Suite (64-bit) (HKLM\...\{2C6B5217-ACF4-4082-B19C-3463C9340E41}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Utility Scripts (32-bit) (HKLM-x32\...\{6CF91DC2-CED3-410B-88BB-E048C994AA1A}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Utility Scripts (64-bit) (HKLM\...\{E3F016B8-A524-4F97-9095-944C31A971E0}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{C093353B-F9EE-4A06-923D-C1B340B82886}) (Version: 3.6.6119.0 - Python Software Foundation) QTranslate 6.4.0 (HKLM-x32\...\QTranslate) (Version: 6.4.0 - QuestSoft) RescueTime 2.13.0.1538 (HKLM-x32\...\{2505571C-03B3-4F9F-AC35-33F1CB4B5E9E}_is1) (Version: - RescueTime.com) Resilio Sync (HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\Resilio Sync) (Version: 2.5.12 - Resilio, Inc.) Skype version 8.15 (HKLM-x32\...\Skype_is1) (Version: 8.15 - Skype Technologies S.A.) SourceTree (HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\SourceTree) (Version: 2.3.5 - Atlassian) Spotify (HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\Spotify) (Version: 1.0.74.380.g1fcff12a - Spotify AB) Sublime Text Build 3143 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer) TortoiseGit 2.2.0.0 (64 bit) (HKLM\...\{2B0F50E0-145C-49F3-A02A-303FF7F1B5E2}) (Version: 2.2.0.0 - TortoiseGit) TortoiseSVN 1.9.4.27285 (64 bit) (HKLM\...\{62C19AB2-8485-4E18-A9D3-EFA612B8AE74}) (Version: 1.9.27285 - TortoiseSVN) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 beta 13 - Ghisler Software GmbH) Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden WinDirStat 1.1.2 (HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\WinDirStat) (Version: - ) WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack) WinRAR 5.40 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WinSCP 5.9.3 (HKLM-x32\...\winscp3_is1) (Version: 5.9.3 - Martin Prikryl) XAMPP (HKLM-x32\...\xampp) (Version: 7.1.7-0 - Bitnami) Yarn (HKLM-x32\...\{C334A3DA-6095-4F12-94EE-15ECEDE17C3A}) (Version: 0.27.5 - Yarn Contributors) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2649124161-4065937137-225622101-1005_Classes\CLSID\{3D57E4E4-0008-4BA6-B23E-2ECA2A581B91}\InprocServer32 -> C:\Users\daniel\AppData\Local\fman\Update\1.3.99.0\psuser_64.dll (fman) CustomCLSID: HKU\S-1-5-21-2649124161-4065937137-225622101-1005_Classes\CLSID\{581FFA00-FC33-000C-0502-95003A5CDE89}\InprocServer32 -> C:\Users\daniel\AppData\Roaming\Resilio Sync\ShellExtensionPath64_4A7.dll () CustomCLSID: HKU\S-1-5-21-2649124161-4065937137-225622101-1005_Classes\CLSID\{581FFA01-FC33-000C-0502-95003A5CDE89}\InprocServer32 -> C:\Users\daniel\AppData\Roaming\Resilio Sync\ShellExtensionPath64_4A7.dll () CustomCLSID: HKU\S-1-5-21-2649124161-4065937137-225622101-1005_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\daniel\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2649124161-4065937137-225622101-1005_Classes\CLSID\{B55AF512-B9B2-44D1-9CA1-8033FA443738}\InprocServer32 -> C:\Users\daniel\AppData\Local\fman\Update\1.3.99.0\psuser_64.dll (fman) CustomCLSID: HKU\S-1-5-21-2649124161-4065937137-225622101-1005_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\daniel\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ !Resilio Sync 2.5.12Done] -> {581FFA04-FC33-000C-0502-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_4A7.dll [2018-01-29] () ShellIconOverlayIdentifiers: [ !Resilio Sync 2.5.12RO] -> {581FFA03-FC33-000C-0502-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_4A7.dll [2018-01-29] () ShellIconOverlayIdentifiers: [ !Resilio Sync 2.5.12RW] -> {581FFA02-FC33-000C-0502-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_4A7.dll [2018-01-29] () ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ !Resilio Sync 2.5.12Done] -> {581FFA04-FC33-000C-0502-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_4A7.dll [2018-01-29] () ShellIconOverlayIdentifiers-x32: [ !Resilio Sync 2.5.12RO] -> {581FFA03-FC33-000C-0502-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_4A7.dll [2018-01-29] () ShellIconOverlayIdentifiers-x32: [ !Resilio Sync 2.5.12RW] -> {581FFA02-FC33-000C-0502-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_4A7.dll [2018-01-29] () ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers1: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => C:\Program Files\TortoiseGit\bin\TortoiseGitStub.dll [2016-07-02] (hxxps://tortoisegit.org/) ContextMenuHandlers1: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2016-04-24] (hxxp://tortoisesvn.net) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-09-19] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-09-19] (Alexander Roshal) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers2: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => C:\Program Files\TortoiseGit\bin\TortoiseGitStub.dll [2016-07-02] (hxxps://tortoisegit.org/) ContextMenuHandlers2: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2016-04-24] (hxxp://tortoisesvn.net) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers4: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => C:\Program Files\TortoiseGit\bin\TortoiseGitStub.dll [2016-07-02] (hxxps://tortoisegit.org/) ContextMenuHandlers4: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2016-04-24] (hxxp://tortoisesvn.net) ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2015-06-30] () ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation) ContextMenuHandlers5: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => C:\Program Files\TortoiseGit\bin\TortoiseGitStub.dll [2016-07-02] (hxxps://tortoisegit.org/) ContextMenuHandlers5: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2016-04-24] (hxxp://tortoisesvn.net) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) ContextMenuHandlers6: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => C:\Program Files\TortoiseGit\bin\TortoiseGitStub.dll [2016-07-02] (hxxps://tortoisegit.org/) ContextMenuHandlers6: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2016-04-24] (hxxp://tortoisesvn.net) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-09-19] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-09-19] (Alexander Roshal) ContextMenuHandlers1_S-1-5-21-2649124161-4065937137-225622101-1005: [Resilio Sync 2.5.12] -> {581FFA00-FC33-000C-0502-95003A5CDE89} => C:\Users\daniel\AppData\Roaming\Resilio Sync\ShellExtensionPath64_4A7.dll [2018-01-29] () ContextMenuHandlers4_S-1-5-21-2649124161-4065937137-225622101-1005: [Resilio Sync 2.5.12] -> {581FFA00-FC33-000C-0502-95003A5CDE89} => C:\Users\daniel\AppData\Roaming\Resilio Sync\ShellExtensionPath64_4A7.dll [2018-01-29] () ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {02924CEB-D473-45A8-B313-8FED589A62DE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-02] (Dropbox, Inc.) Task: {049BB0D5-8C3F-47A5-B729-F7D7BA85EA30} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-22] (Google Inc.) Task: {11171AEF-CA96-4D75-A644-28782C971B9A} - System32\Tasks\fmanUpdateTaskUserS-1-5-21-2649124161-4065937137-225622101-1005Core => C:\Users\daniel\AppData\Local\fman\Update\fmanUpdate.exe [2017-11-28] (fman) Task: {1D482905-B401-4935-97D0-85B212E320A3} - System32\Tasks\fmanUpdateTaskUserS-1-5-21-2649124161-4065937137-225622101-1005UA => C:\Users\daniel\AppData\Local\fman\Update\fmanUpdate.exe [2017-11-28] (fman) Task: {30743E14-C089-48B5-9324-A639183B7923} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-01-17] (Adobe Systems Incorporated) Task: {418EB963-3337-4A01-9245-24556537F053} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-22] (Microsoft Corporation) Task: {46638E9B-4F2A-445D-84CB-2A72AA773C42} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-22] (Microsoft Corporation) Task: {4CF78007-21F8-4366-86CB-741E09BED65E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {4DDEA85D-B089-487B-AF16-C2B12BBA8839} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-22] (Microsoft Corporation) Task: {63F9C170-CF27-4E9D-B0DF-A21B63D73D2B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2649124161-4065937137-225622101-1005UA => C:\Users\daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2018-02-08] (Google Inc.) Task: {64F5086C-8FFE-4526-8D62-07FB4B530085} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-25CKQNC-dima => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated) Task: {6614BD4E-6535-4466-9606-BA433C432264} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-02] (Dropbox, Inc.) Task: {8182670D-4F86-44AC-AAB6-66244C922B6E} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation) Task: {8543C186-229C-4A1E-96B4-7813D757A2A7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-01] (Piriform Ltd) Task: {AF6D9602-CF0C-4C47-814F-1FDC65A780B0} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-25CKQNC-mariusz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated) Task: {BCE80DCA-3EAC-4EDC-94FE-F537E9F5269D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-28] (AVAST Software) Task: {C0155094-1C22-4AE4-9E08-FD80CFFAB896} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-22] (Microsoft Corporation) Task: {DCDD787A-0D59-419A-8831-22200A3931A7} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-25CKQNC-daniel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated) Task: {F0600697-8271-4D87-918E-9D5859DF5BBC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2649124161-4065937137-225622101-1005Core => C:\Users\daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2018-02-08] (Google Inc.) Task: {F1745559-E169-4700-BDB5-C30E030EEA31} - System32\Tasks\{A4A72D0F-58EC-4414-B578-D8CCCDCBC1B9} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe" -d "C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows" Task: {F6E2D708-FEFA-46A4-B4A6-F74AD84BA8E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-22] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\fmanUpdateTaskUserS-1-5-21-2649124161-4065937137-225622101-1005Core.job => C:\Users\daniel\AppData\Local\fman\Update\fmanUpdate.exe Task: C:\WINDOWS\Tasks\fmanUpdateTaskUserS-1-5-21-2649124161-4065937137-225622101-1005UA.job => C:\Users\daniel\AppData\Local\fman\Update\fmanUpdate.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Public\Desktop\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation) ShortcutWithArgument: C:\Users\daniel\Desktop\Work - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default" ShortcutWithArgument: C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\drumbit.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=mplpmdejoamenolpcojgegminhcnmibo ShortcutWithArgument: C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Edge_ The Web Ruler.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=njlkegdphefeellhaongiopcfgcinikh ShortcutWithArgument: C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Floating for YouTube™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=jjphmlaoffndcnecccgemfdaaoighkel ShortcutWithArgument: C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki ShortcutWithArgument: C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Pocket.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mjcnijlhddpbdemagnpefmlkjdagkogk ShortcutWithArgument: C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Postman (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fhbjgbiflinjbdggehcddcbncdddomop ShortcutWithArgument: C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Postman.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=fhbjgbiflinjbdggehcddcbncdddomop ShortcutWithArgument: C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\TrackingTime _ Time Tracker.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=knailkjkjcfegledhjhcfacdngnicimb ShortcutWithArgument: C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Web Server for Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=ofhbbkphhbklhfoeikjpcbhemlocgigb ShortcutWithArgument: C:\Users\daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Relax - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Loaded Modules (Whitelisted) ============== 2016-07-22 08:26 - 2015-06-30 06:53 - 002692296 _____ () C:\Windows\system32\nvwmi64.exe 2017-07-28 08:11 - 2016-11-14 12:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2018-01-04 10:24 - 2018-01-01 12:23 - 000023040 _____ () C:\Windows\System32\hnsproxy.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2016-07-02 00:49 - 2016-07-02 00:49 - 000964208 _____ () C:\Program Files\TortoiseGit\bin\libgit2_tgit.dll 2016-07-02 00:49 - 2016-07-02 00:49 - 000087656 _____ () C:\Program Files\TortoiseGit\bin\zlib1_tgit.dll 2016-04-24 15:07 - 2016-04-24 15:07 - 000094672 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll 2018-02-14 11:59 - 2018-02-10 05:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2018-02-14 11:59 - 2018-02-10 05:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-01-12 15:51 - 2018-01-12 15:51 - 000335360 _____ () C:\Program Files\Docker\Docker\Docker.Win32Helpers.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 001909248 _____ () C:\Windows\ShellExperiences\PeopleCommonControls.dll 2018-02-14 11:59 - 2018-02-10 05:46 - 001266176 _____ () C:\Windows\ShellExperiences\PeopleBarFlyout.dll 2017-12-08 19:25 - 2017-12-08 19:25 - 002988032 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.PeoplePicker.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 002459648 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.Relevance.dll 2017-11-13 21:43 - 2017-11-13 21:43 - 016009744 _____ () C:\Users\daniel\AppData\Local\JetBrains\Toolbox\bin\opengl32sw.dll 2016-07-02 00:46 - 2016-07-02 00:46 - 000716400 _____ () C:\Program Files\TortoiseGit\bin\libgit232_tgit.dll 2016-07-02 00:46 - 2016-07-02 00:46 - 000076912 _____ () C:\Program Files\TortoiseGit\bin\zlib132_tgit.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 08:24 - 2018-01-15 08:54 - 000002612 _____ C:\WINDOWS\system32\Drivers\etc\hosts 192.168.0.10 milk_food.severine.3digital 127.0.0.1 eineweltsong.de.local 127.0.0.1 mec-centersitesbase.local 127.0.0.1 mec-beetzsee.local 127.0.0.1 mec-bethanien.local 127.0.0.1 mec-brueckencenter.local 127.0.0.1 mec-dreieichnordpark.local 127.0.0.1 mec-duckwitz.local 127.0.0.1 mec-durlachcenter.local 127.0.0.1 mec-elisenpark.local 127.0.0.1 mec-emaillierwerk.local 127.0.0.1 mec-foerdepark.local 127.0.0.1 mec-freesen.local 127.0.0.1 mec-troisdorf.local 127.0.0.1 mec-halle.local 127.0.0.1 mec-indupark.local 127.0.0.1 mec-kronenberg.local 127.0.0.1 mec-kurpfalz.local 127.0.0.1 mec-lausitz.local 127.0.0.1 mec-marktplatz.local 127.0.0.1 mec-mercator-center.local 127.0.0.1 mec-oder.local 127.0.0.1 mec-ostseepark.local 127.0.0.1 mec-parkcenter.local 127.0.0.1 mec-pfalzcenter.local 127.0.0.1 mec-plauenpark.local 127.0.0.1 mec-remspark.local 127.0.0.1 mec-saarbasar.local 127.0.0.1 mec-shoppingcite.local 127.0.0.1 mec-siebenseen.local ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2649124161-4065937137-225622101-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 62.179.1.61 - 62.179.1.63 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run: => "Greenshot" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "Lightshot" HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\StartupApproved\Run: => "ConEmuDefaultTerminal" HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\StartupApproved\Run: => "Docker for Windows" HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2649124161-4065937137-225622101-1005\...\StartupApproved\Run: => "Skype for Desktop" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe FirewallRules: [VIRTCL-WMI-RPCSS-In-TCP-NoScope] => (Allow) $(runtime.system32)\svchost.exe FirewallRules: [VIRTCL-WMI-WINMGMT-In-TCP-NoScope] => (Allow) $(runtime.system32)\svchost.exe FirewallRules: [VIRTCL-WMI-WINMGMT-Out-TCP-NoScope] => (Allow) $(runtime.system32)\svchost.exe FirewallRules: [VIRTCL-WMI-ASYNC-In-TCP-NoScope] => (Allow) $(runtime.system32)\wbem\unsecapp.exe FirewallRules: [{F4F32A36-D024-426E-A4AE-E90D3DD1B75D}] => (Block) C:\users\daniel\appdata\roaming\spotify\spotify.exe FirewallRules: [{778A472D-1A7D-4662-9FE0-3A58FAD913D5}] => (Block) C:\users\daniel\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{DF9F2E24-7A25-469B-8BC6-808FC3B16721}C:\users\daniel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\daniel\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{E10FB2D5-4E46-424C-B5BC-673AB78E94DA}C:\users\daniel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\daniel\appdata\roaming\spotify\spotify.exe FirewallRules: [{9FAC44B7-A609-403A-BA52-56532B9EC2B3}] => (Allow) %ProgramFiles%\Docker\Docker\DockerCli.exe FirewallRules: [{2BE17DFA-460A-4CCE-A910-D7F259B18FE5}] => (Allow) %ProgramFiles%\Docker\Docker\Docker for windows Installer.exe FirewallRules: [{92368667-5964-4776-B276-402D783EE452}] => (Block) C:\program files\jetbrains\intellij idea 2017.2.5\bin\idea64.exe FirewallRules: [{B0F20C17-B55E-4FBB-8FD9-FF60947A7A9B}] => (Block) C:\program files\jetbrains\intellij idea 2017.2.5\bin\idea64.exe FirewallRules: [UDP Query User{EA55744E-1598-4E0B-A58F-D987D3328821}C:\program files\jetbrains\intellij idea 2017.2.5\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea 2017.2.5\bin\idea64.exe FirewallRules: [TCP Query User{7A89E07B-7CDE-4601-A6B5-8A9A29592C8B}C:\program files\jetbrains\intellij idea 2017.2.5\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea 2017.2.5\bin\idea64.exe FirewallRules: [{7648DDE9-4DB5-444D-8859-36457C498B4D}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe FirewallRules: [{1A75DBCA-E630-463C-B7E0-BA6291F0FEF4}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe FirewallRules: [{232793EA-B35B-4D59-9128-2AB8A6A4B4EC}] => (Block) C:\program files\docker\docker\resources\vpnkit.exe FirewallRules: [{21FCD6A9-806C-402F-8611-4D59C9DE34E4}] => (Block) C:\program files\docker\docker\resources\vpnkit.exe FirewallRules: [UDP Query User{5DB53871-8747-49CB-A451-40F99A675862}C:\program files\docker\docker\resources\vpnkit.exe] => (Allow) C:\program files\docker\docker\resources\vpnkit.exe FirewallRules: [TCP Query User{2392507E-F454-47FC-9324-73F2E92A0AA2}C:\program files\docker\docker\resources\vpnkit.exe] => (Allow) C:\program files\docker\docker\resources\vpnkit.exe FirewallRules: [{B264EF4B-7BD0-4728-9580-C186A925A193}] => (Allow) C:\Users\dima\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4E842FCF-C7B6-4E6E-9423-F54717B2900B}] => (Allow) C:\Users\dima\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7B734079-D48A-4864-ABE1-5E0317525F3E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6159AF6C-FF5B-45F5-88F9-B71CE9F2B887}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{8CC2BC86-8D30-484E-9F89-28B8CC38B497}C:\railsinstaller\ruby2.3.0\bin\ruby.exe] => (Block) C:\railsinstaller\ruby2.3.0\bin\ruby.exe FirewallRules: [UDP Query User{FF38F7DE-6C4E-428C-89D6-36AEDA313E6D}C:\railsinstaller\ruby2.3.0\bin\ruby.exe] => (Block) C:\railsinstaller\ruby2.3.0\bin\ruby.exe FirewallRules: [TCP Query User{CC0C209C-9202-4778-B954-D57F83739E7D}C:\program files\nodejs\node.exe] => (Block) C:\program files\nodejs\node.exe FirewallRules: [UDP Query User{CF26449E-A79A-49D9-AA10-5DD06782424C}C:\program files\nodejs\node.exe] => (Block) C:\program files\nodejs\node.exe FirewallRules: [DNS Server Forward Rule - TCP - 2764031c-2bdb-4313-a2d0-e7c2484c6f37 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - 2764031c-2bdb-4313-a2d0-e7c2484c6f37 - 0] => (Allow) LPort=53 FirewallRules: [TCP Query User{99D7C21F-0F23-4311-AD50-C855E6A78D09}C:\users\daniel\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\173.3942.27\bin\idea64.exe] => (Allow) C:\users\daniel\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\173.3942.27\bin\idea64.exe FirewallRules: [UDP Query User{7D888AFC-F672-4E05-A20D-85A8EEA3D27D}C:\users\daniel\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\173.3942.27\bin\idea64.exe] => (Allow) C:\users\daniel\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\173.3942.27\bin\idea64.exe FirewallRules: [{479F7B33-5F65-43A9-A529-BB9C219ED45C}] => (Block) C:\users\daniel\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\173.3942.27\bin\idea64.exe FirewallRules: [{9629C61B-FFBB-42BB-A542-B99CE2B86D2E}] => (Block) C:\users\daniel\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\173.3942.27\bin\idea64.exe FirewallRules: [{A2EB12EE-227F-4865-93E5-C5F38BE27C0C}] => (Allow) C:\Users\daniel\AppData\Roaming\Resilio Sync\Resilio Sync.exe FirewallRules: [{910BDA94-0E96-485C-82F3-E81D71381992}] => (Allow) C:\Users\daniel\AppData\Roaming\Resilio Sync\Resilio Sync.exe FirewallRules: [TCP Query User{8DB374B9-0FB2-4288-8790-44A462866DDE}C:\program files\winhttrack\winhttrack.exe] => (Allow) C:\program files\winhttrack\winhttrack.exe FirewallRules: [UDP Query User{91AC452B-E28B-4F76-9AAB-C75893FAFB43}C:\program files\winhttrack\winhttrack.exe] => (Allow) C:\program files\winhttrack\winhttrack.exe FirewallRules: [{2034461D-B110-466F-859F-13487E7A6072}] => (Block) C:\program files\winhttrack\winhttrack.exe FirewallRules: [{65E431D7-98FF-44A3-9D9F-F667BC3B1235}] => (Block) C:\program files\winhttrack\winhttrack.exe FirewallRules: [{60021FCB-5249-4FDE-9E18-918527366382}] => (Allow) C:\Program Files (x86)\RescueTime\RescueTime.exe FirewallRules: [{47F6104F-31DE-4857-A081-9D005A778F97}] => (Allow) C:\Program Files (x86)\RescueTime\RescueTime.exe FirewallRules: [TCP Query User{8B164E47-65C0-4E6E-86C4-1B64C33C2D91}C:\users\daniel\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\173.4548.28\bin\idea64.exe] => (Allow) C:\users\daniel\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\173.4548.28\bin\idea64.exe FirewallRules: [UDP Query User{4EF3179B-80F7-4E9A-999A-88123C3716CD}C:\users\daniel\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\173.4548.28\bin\idea64.exe] => (Allow) C:\users\daniel\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\173.4548.28\bin\idea64.exe FirewallRules: [{92C3AD4B-84D2-4D9E-8FA0-5E424CA96A02}] => (Block) C:\users\daniel\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\173.4548.28\bin\idea64.exe FirewallRules: [{5CD74CAF-B30D-409B-B6A1-69D312C8C6D9}] => (Block) C:\users\daniel\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\173.4548.28\bin\idea64.exe FirewallRules: [{89241FBE-6E95-410E-A8AD-ED1B85F6914F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [{03B23C1E-7F85-4ADF-9323-BE4132BC3862}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [{A82ABC6C-41F9-46A3-BAC1-64BDD8150EE2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{29F270EE-3A10-4B5D-9BF5-77990054A91C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{1B75724A-30C3-4616-BE04-BADE975C4CF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{D3BA840E-FEF3-4C64-8C3F-BBE625182B3B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{0076F6DF-15B6-4E34-9D86-492F7B478642}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{73A22832-2AB9-4E5C-862A-C38688CD239F}] => (Allow) C:\Program Files\Docker\Docker\Resources\com.docker.proxy.exe FirewallRules: [{7C592D4D-3750-4FF0-AC9C-6C0CD54794A3}] => (Allow) LPort=445 FirewallRules: [{7A918F96-D56B-4F0D-99AB-3562EED4C7A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/20/2018 10:47:05 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: dwm.exe, version: 10.0.16299.15, time stamp: 0x7f22d77c Faulting module name: dwmcore.dll, version: 10.0.16299.248, time stamp: 0x083611ba Exception code: 0xc00001ad Fault offset: 0x000000000019449a Faulting process id: 0x184c Faulting application start time: 0x01d3aa2966931b53 Faulting application path: C:\WINDOWS\system32\dwm.exe Faulting module path: C:\WINDOWS\system32\dwmcore.dll Report Id: bc3cafee-255a-4f81-b184-3e91d5cc8c9f Faulting package full name: Faulting package-relative application ID: Error: (02/20/2018 10:01:22 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: dwm.exe, version: 10.0.16299.15, time stamp: 0x7f22d77c Faulting module name: dwmcore.dll, version: 10.0.16299.248, time stamp: 0x083611ba Exception code: 0xc00001ad Fault offset: 0x000000000019449a Faulting process id: 0x4ac Faulting application start time: 0x01d3aa1d6f35083c Faulting application path: C:\WINDOWS\system32\dwm.exe Faulting module path: C:\WINDOWS\system32\dwmcore.dll Report Id: 002a2ca6-ef00-4d2d-ac30-fb7b248f6f29 Faulting package full name: Faulting package-relative application ID: Error: (02/19/2018 03:18:06 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: IEXPLORE.EXE, version: 11.0.16299.15, time stamp: 0x091f43e7 Faulting module name: MSHTML.dll, version: 11.0.16299.248, time stamp: 0x5b97dba4 Exception code: 0xc00000fd Fault offset: 0x005ea6e6 Faulting process id: 0x4e34 Faulting application start time: 0x01d3a989b7b9dcc9 Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\WINDOWS\SYSTEM32\MSHTML.dll Report Id: 90964529-5ebf-40f9-92fc-bd7c8964b05b Faulting package full name: Faulting package-relative application ID: Error: (02/16/2018 08:11:30 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 10.0.16299.248 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1b04 Start Time: 01d3a743215c687d Termination Time: 4294967295 Application Path: C:\Windows\explorer.exe Report Id: bd9f30ad-1b4c-4186-b064-4d8daac0685c Faulting package full name: Faulting package-relative application ID: Error: (02/15/2018 10:43:42 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: sndvol.exe, version: 10.0.16299.15, time stamp: 0x80a30f76 Faulting module name: ntdll.dll, version: 10.0.16299.248, time stamp: 0xeffc9126 Exception code: 0xc0000409 Fault offset: 0x0000000000090d9f Faulting process id: 0x2054 Faulting application start time: 0x01d3a640a6b1ffad Faulting application path: C:\WINDOWS\system32\sndvol.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 1d8f9de8-697c-4be9-ab6c-3d3031578508 Faulting package full name: Faulting package-relative application ID: Error: (02/14/2018 03:42:06 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program idea64.exe version 2017.3.4.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1bc4 Start Time: 01d3a58063314374 Termination Time: 4294967295 Application Path: C:\Users\daniel\AppData\Local\JetBrains\Toolbox\apps\IDEA-U\ch-0\173.4548.28\bin\idea64.exe Report Id: fb342114-8160-4b0e-bb37-7eab38a5efd4 Faulting package full name: Faulting package-relative application ID: Error: (02/14/2018 12:18:19 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (02/13/2018 04:19:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: nvxdsync.exe, version: 8.17.13.4201, time stamp: 0x58298dcf Faulting module name: nvxdapix.dll, version: 8.17.13.4201, time stamp: 0x58298a82 Exception code: 0xc0000005 Fault offset: 0x000000000026190f Faulting process id: 0x71c Faulting application start time: 0x01d3a4a5d55b39fd Faulting application path: C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe Faulting module path: C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll Report Id: 03b7b49e-f8ea-4af0-8643-c12176ce85ac Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (02/20/2018 10:50:51 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-25CKQNC) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-25CKQNC\daniel SID (S-1-5-21-2649124161-4065937137-225622101-1005) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/20/2018 10:47:53 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-25CKQNC) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-25CKQNC\daniel SID (S-1-5-21-2649124161-4065937137-225622101-1005) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/20/2018 10:47:05 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-25CKQNC) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-25CKQNC\daniel SID (S-1-5-21-2649124161-4065937137-225622101-1005) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/20/2018 10:47:03 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-25CKQNC) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-25CKQNC\daniel SID (S-1-5-21-2649124161-4065937137-225622101-1005) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/20/2018 10:47:03 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-25CKQNC) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-25CKQNC\daniel SID (S-1-5-21-2649124161-4065937137-225622101-1005) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/20/2018 10:47:02 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-25CKQNC) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-25CKQNC\daniel SID (S-1-5-21-2649124161-4065937137-225622101-1005) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/20/2018 10:47:01 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-25CKQNC) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-25CKQNC\daniel SID (S-1-5-21-2649124161-4065937137-225622101-1005) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/20/2018 10:47:00 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-25CKQNC) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-25CKQNC\daniel SID (S-1-5-21-2649124161-4065937137-225622101-1005) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Windows Defender: =================================== Date: 2018-02-16 18:07:20.364 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {92B12850-D688-4938-B03E-0E5BE6E38030} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-02-12 09:52:31.901 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {F4FAE891-F924-4B09-B81C-D27B41CDF438} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-02-09 10:20:29.993 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {B1F546A6-72C8-49FA-8A17-CF3A555D3CD1} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-02-08 13:33:20.166 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {D0A91CBD-5FD3-4ADA-B008-692C14B2B319} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-02-08 11:50:39.461 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {C6BCA207-B16C-4617-8594-312547AD1307} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-02-16 13:45:07.174 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.261.1277.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14500.5 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2018-02-14 11:45:50.297 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.261.1173.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14500.5 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2018-02-12 08:56:43.687 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.261.1079.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14500.5 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2018-02-05 09:10:20.394 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.261.761.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14500.5 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2018-02-01 09:40:13.257 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.261.610.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14500.5 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. ==================== Memory info =========================== Processor: Intel(R) Xeon(R) CPU W3520 @ 2.67GHz Percentage of memory in use: 21% Total physical RAM: 12285.59 MB Available physical RAM: 9632.01 MB Total Virtual: 12285.59 MB Available Virtual: 9731.11 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:78.5 GB) (Free:23.99 GB) NTFS Drive d: () (Fixed) (Total:292.97 GB) (Free:199.94 GB) NTFS Drive s: (SSD) (Fixed) (Total:232.76 GB) (Free:204.44 GB) NTFS \\?\Volume{01935fcb-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{01935fcb-0000-0000-0000-a0a613000000}\ () (Fixed) (Total:0.44 GB) (Free:0.17 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 01935FCB) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=78.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=293 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================