Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13.02.2019 Ran by Admin (13-02-2019 21:55:28) Running from \\diskstation\public Windows 10 Pro Version 1803 17134.590 (X64) (2018-05-26 01:27:13) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Admin (S-1-5-21-2683052957-914339474-147703212-1001 - Administrator - Enabled) => C:\Users\Admin Administrator (S-1-5-21-2683052957-914339474-147703212-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2683052957-914339474-147703212-503 - Limited - Disabled) Guest (S-1-5-21-2683052957-914339474-147703212-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2683052957-914339474-147703212-504 - Limited - Disabled) ___VMware_Conv_SA___ (S-1-5-21-2683052957-914339474-147703212-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov) Adblock Plus pour IE (32-bits et 64-bits) (HKLM\...\{1372FA30-110F-47F5-8B95-B1D498B49376}) (Version: 1.3 - Eyeo GmbH) Adobe Reader X (10.1.16) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated) Archiveur WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Belgium e-ID middleware 4.1.18 (build 1730) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71730}) (Version: 4.1.1730 - Belgian Government) Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) CiscoVirtualCom(x64) (HKLM-x32\...\{4741C69E-1B4E-43DA-9598-7F94BA6B66E7}) (Version: 1.00.0000 - Cisco Systems, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.96 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden HP Hotkey Support (HKLM-x32\...\{57FA60DA-585F-456A-B80E-17D1CDD22A30}) (Version: 5.0.27.1 - Hewlett-Packard Company) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) KeePass Password Safe 1.26 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.26 - Dominik Reichl) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARDR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2683052957-914339474-147703212-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation) Microsoft OneNote 2013 - fr-fr (HKLM\...\OneNoteFreeRetail - fr-fr) (Version: 15.0.5101.1002 - Microsoft Corporation) Microsoft Visio Professionnel 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Project Professionnel 2010 (HKLM-x32\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation) MultiPing 3.20.2 (HKLM-x32\...\{71A028F3-4AE3-498C-8CFB-9D5EF01E6559}) (Version: 3.20.2.30 - Pingman Tools, LLC) Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.8 - ) Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-040C-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden OpenVPN 2.3.11-I601 (HKLM\...\OpenVPN) (Version: 2.3.11-I601 - ) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.5 - Tracker Software Products Ltd) PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.8.19 - Prolific Technology INC) Remote Desktop Connection Manager (HKLM-x32\...\{0240359E-6A4C-4884-9E94-B397A02D893C}) (Version: 2.7.14060 - Microsoft Corporation) Screenpresso (HKU\S-1-5-21-2683052957-914339474-147703212-1001\...\Screenpresso) (Version: 1.7.2.0 - Learnpulse) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft) Skype Web Plugin (HKLM-x32\...\{CD62BCB9-02D2-443F-AC7A-443377DA5B38}) (Version: 7.31.0.56 - Skype Technologies S.A.) Skype Web Plugin (HKLM-x32\...\{EB96DF8B-65A7-4E72-BFB1-38DB36870D16}) (Version: 7.32.6.278 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.93332 - TeamViewer) Tftpd32 Standalone Edition (remove only) (HKLM-x32\...\Tftpd32) (Version: - ) Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version: - ) Update for Skype for Business 2015 (KB4461557) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{BB7D10A9-A135-4EB8-82F1-8A25FEB1B327}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{567756E0-361F-4E88-AF74-8B0E4628E5BC}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden VMware Client Integration Plug-in 5.5.0 (HKLM-x32\...\{922AD691-8713-4148-BA32-02CB638F27F7}) (Version: 5.5.0.1896808 - VMware, Inc.) VMware vSphere Client 5.5 (HKLM-x32\...\{4CFB0494-2E96-4631-8364-538E2AA91324}) (Version: 5.5.0.3165 - VMware, Inc.) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation) Windows Driver Package - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2683052957-914339474-147703212-1001_Classes\CLSID\{41052F6E-3662-4584-BCD3-77BCCAAE8470}\InprocServer32 -> C:\Users\Admin\AppData\Local\SkypePlugin\7.32.6.278\GatewayActiveX-x64.dll (Microsoft Corporation -> Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-2683052957-914339474-147703212-1001_Classes\CLSID\{E5A7A7B5-9D06-4DBE-BAC0-04B69FF070B5}\InprocServer32 -> C:\Users\Admin\AppData\Local\SkypePlugin\7.31.0.56\GatewayActiveX-x64.dll (Microsoft Corporation -> Skype Technologies S.A.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) ContextMenuHandlers1: [Notepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_01.dll [2009-11-25] () ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-01-25] () ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-01-25] () ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-01-25] () ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0C8EB0DB-C0BE-47F4-9A6C-2C8E799EC460} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {11A41675-DA2D-483F-8230-6F33B76112DA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {1D8070C7-768D-4F16-9F76-FA5ECB496F5F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {35533734-1FFB-4A59-B8EC-C361D104F4E5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {4E4EEA65-C5D8-423C-9441-D62D9B91D3F5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {4FCE3A56-E1FC-4B27-BF68-1232380CFACD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {5172824F-3020-4D34-82ED-622ADBD62B26} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {5AC279D9-8F28-4AC8-8F7A-C2DE787640B9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {5D4F336E-33F6-467C-83EB-7D5F86349A1D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation) Task: {678EB347-0BE9-4BDE-9C23-7B37BF0B67AF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {6A556A53-E140-49D9-87B3-81DB75267568} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {6AD2AAD6-DB5E-4953-81F2-786B94DD8779} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {6C0974F4-A683-4130-AD76-F005476C8AB6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {6CF0631D-3F8D-47D7-A507-3C12A5B5ED7A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {7472A38C-3105-4CE6-AE50-4C3044F3524C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {760ACEA4-2B82-4EC5-937E-CB297B2E2362} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {914E3277-6940-4BD0-A84E-5FB8560078A8} - \WPD\SqmUpload_S-1-5-21-2683052957-914339474-147703212-1001 -> No File <==== ATTENTION Task: {954E5D16-6930-4947-9D98-92AF6DB69EF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {A6DA858F-5126-4BCE-AA52-BFB4BE41844F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {AB975EF6-13BF-46BC-A69D-733ABE39233D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {BDBD0C68-581F-4312-8CBD-A1B60441B575} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION Task: {C1F58C6B-1DC3-4BE4-8A7C-F1166ABCFE11} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {C8B227B3-A168-404C-A152-CB1D67AB5010} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: {D1142C86-1573-4F90-9395-894983F29AD6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation) Task: {D992962E-4FE8-4350-8DF5-93631F70E3EF} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) Task: {E9667CD4-47B4-4B12-A928-765414578BD2} - System32\Tasks\AutoPico Daily Restart => C:\Users\Admin\Desktop\KMSpico [Argument = Portable\AutoPico.exe /silent] Task: {F9857DD7-D25B-4AAD-9AAA-4D48269DFB8B} - System32\Tasks\{838EEF2B-8D10-42B2-B13C-662146490947} => C:\Windows\system32\pcalua.exe -a "C:\Users\Admin\Desktop\Winrar\Crack WinRAR v3.30fr.exe" -d C:\Users\Admin\Desktop\Winrar Task: {F9F5F396-1BA6-4902-B6D4-5091AB7B286E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Easy Viewer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=anjoggeimnldigfcihcggejncophmhjc ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig ==================== Loaded Modules (Whitelisted) ============== 2015-07-05 12:30 - 2018-02-27 09:51 - 000020208 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2015-07-03 10:49 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2019-01-10 21:46 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2009-11-25 00:36 - 2009-11-25 00:36 - 000125440 _____ () C:\Program Files (x86)\Notepad++\NppShell_01.dll 2017-01-27 00:00 - 2017-01-27 00:00 - 000401912 _____ () C:\WINDOWS\system32\igfxTray.exe 2019-02-12 22:00 - 2019-02-06 03:25 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2019-01-30 22:44 - 2019-01-30 22:48 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2019-01-30 22:44 - 2019-01-30 22:48 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll 2018-11-22 20:46 - 2018-11-22 20:46 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2019-01-30 22:44 - 2019-01-30 22:48 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2019-01-30 22:44 - 2019-01-30 22:48 - 011029504 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\LibWrapper.dll 2019-01-30 22:44 - 2019-01-30 22:48 - 002923520 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\skypert.dll 2019-01-30 22:44 - 2019-01-30 22:48 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2018-07-10 15:37 - 2018-07-10 15:43 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll 2019-02-12 23:10 - 2018-12-06 00:47 - 001066784 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll 2019-02-12 23:10 - 2018-11-20 01:56 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll 2019-02-12 23:10 - 2018-11-20 01:56 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll 2019-02-12 23:10 - 2018-11-20 01:56 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll 2019-02-01 17:31 - 2019-02-01 17:36 - 000481280 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2019-02-01 17:31 - 2019-02-01 17:36 - 080636416 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2018-03-04 18:23 - 2018-03-04 18:33 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2019-02-01 17:31 - 2019-02-01 17:36 - 003824640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2019-01-15 13:37 - 2019-01-15 13:37 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll 2019-02-01 17:31 - 2019-02-01 17:36 - 014225408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2019-02-01 17:31 - 2019-02-01 17:36 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2018-09-01 20:45 - 2018-09-01 20:46 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2018-07-26 19:19 - 2018-07-26 20:12 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2019-02-01 17:31 - 2019-02-01 17:36 - 000146432 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\SKU.dll 2019-02-01 17:31 - 2019-02-01 17:36 - 000094720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\MediaEngineVideoDataProvider.UWP.dll 2019-02-13 11:10 - 2019-02-13 11:10 - 000017408 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe 2019-02-13 11:10 - 2019-02-13 11:10 - 016974848 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.dll 2019-01-10 19:03 - 2019-01-10 19:03 - 005391752 _____ () C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll 2016-03-04 16:18 - 2016-03-04 16:19 - 000291328 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2017-06-27 13:26 - 2017-06-27 13:26 - 000325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll 2019-01-10 19:05 - 2018-12-06 00:47 - 000885536 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2019-01-10 19:05 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2019-01-10 19:05 - 2019-02-02 18:33 - 002667296 _____ () C:\Program Files (x86)\Steam\video.dll 2019-01-10 19:05 - 2018-11-05 19:53 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll 2019-01-10 19:05 - 2018-11-05 19:53 - 000810784 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll 2019-01-10 19:05 - 2018-11-05 19:53 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll 2019-01-10 19:05 - 2018-11-05 19:53 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll 2019-01-10 19:05 - 2018-11-05 19:53 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll 2019-01-10 19:05 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2019-01-10 19:05 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2019-01-10 19:05 - 2019-02-02 18:33 - 001031456 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2019-01-10 19:05 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-10-03 11:18 - 2018-07-29 15:19 - 000000878 _____ C:\WINDOWS\system32\drivers\etc\hosts 192.168.1.22 diskstation 192.168.10.50 vc.vvnet.local 2015-08-01 17:24 - 2016-12-01 13:10 - 000000642 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 192.168.137.1 HP-VVV.mshome.net # 2021 11 2 30 12 10 17 893 192.168.137.123 MacBook-VVV.mshome.net # 2016 12 3 7 14 13 11 239 192.168.137.15 Vincent.mshome.net # 2016 12 3 7 10 32 31 769 29 192.168.137.15 Vincent.mshome.net # 2016 12 1 5 13 49 20 200 4 6 779 ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenVPN\bin;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-2683052957-914339474-147703212-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\thumb-1920-937610.png DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKU\S-1-5-21-2683052957-914339474-147703212-1001\...\StartupApproved\StartupFolder: => "FastStone Capture.lnk" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{FF132D5F-8DFF-4ADA-BC0C-CF350F34A8BA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{8BDD37EB-1313-4695-9AC8-15FFE451FCAD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{118F787D-C4AC-4C9A-BBE2-1AAC955AC747}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{6F6896AF-57DD-4B1F-B84C-ECFB0F93D5A5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [UDP Query User{942045FA-F6BC-4AB0-B211-90618416D964}C:\program files\openvpn\bin\openvpn.exe] => (Block) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Technologies, Inc. -> The OpenVPN Project) FirewallRules: [TCP Query User{48DEBB3A-C013-419B-BBEE-AE1F8F6ECE27}C:\program files\openvpn\bin\openvpn.exe] => (Block) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Technologies, Inc. -> The OpenVPN Project) FirewallRules: [UDP Query User{C94A2A81-C7B3-4B34-9B73-85652FB0ECA5}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Technologies, Inc. -> The OpenVPN Project) FirewallRules: [TCP Query User{538D5E36-B960-4965-B650-175B343C6129}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Technologies, Inc. -> The OpenVPN Project) FirewallRules: [UDP Query User{2CE526BC-8383-45CC-8FE4-6FFBDE656D30}C:\program files (x86)\tftpd32\tftpd32.exe] => (Allow) C:\program files (x86)\tftpd32\tftpd32.exe (Ph. Jounin) FirewallRules: [TCP Query User{67815474-AEF3-42D7-8B36-9327024660BD}C:\program files (x86)\tftpd32\tftpd32.exe] => (Allow) C:\program files (x86)\tftpd32\tftpd32.exe (Ph. Jounin) FirewallRules: [TCP Query User{946A4B96-7EBC-46B7-A5C1-84ACA84E9A07}C:\users\admin\appdata\local\skypeplugin\7.5.0.123\pluginhost.exe] => (Allow) C:\users\admin\appdata\local\skypeplugin\7.5.0.123\pluginhost.exe No File FirewallRules: [UDP Query User{0925EE0C-0509-47EB-B781-27CCB2164367}C:\users\admin\appdata\local\skypeplugin\7.5.0.123\pluginhost.exe] => (Allow) C:\users\admin\appdata\local\skypeplugin\7.5.0.123\pluginhost.exe No File FirewallRules: [TCP Query User{1B97A870-7178-4E0D-AFD2-2EB4AE0A289A}C:\users\admin\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\admin\appdata\local\skypeplugin\pluginhost.exe (Microsoft Corporation -> Skype Technologies S.A.) FirewallRules: [UDP Query User{FCFECD35-74B1-4100-BB7F-5B8561ED0D24}C:\users\admin\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\admin\appdata\local\skypeplugin\pluginhost.exe (Microsoft Corporation -> Skype Technologies S.A.) FirewallRules: [{8FFB5F81-E916-4812-9D88-EBC8A5F32A07}] => (Block) C:\users\admin\appdata\local\skypeplugin\pluginhost.exe (Microsoft Corporation -> Skype Technologies S.A.) FirewallRules: [{F6637D68-8328-4863-801B-75FEB817F2A5}] => (Block) C:\users\admin\appdata\local\skypeplugin\pluginhost.exe (Microsoft Corporation -> Skype Technologies S.A.) FirewallRules: [TCP Query User{A1EB041F-C5F5-449F-8494-85DCC67F8757}C:\program files (x86)\winpcap\rpcapd.exe] => (Block) C:\program files (x86)\winpcap\rpcapd.exe (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) FirewallRules: [UDP Query User{E7E060F4-524E-4FD7-955C-49B5187CD454}C:\program files (x86)\winpcap\rpcapd.exe] => (Block) C:\program files (x86)\winpcap\rpcapd.exe (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) FirewallRules: [TCP Query User{725DE277-6805-45FB-BA6F-0196D0A7859A}C:\program files (x86)\vsk5online\vsk5online.exe] => (Allow) C:\program files (x86)\vsk5online\vsk5online.exe No File FirewallRules: [UDP Query User{03036574-9173-4F18-A052-2E136B39F3B5}C:\program files (x86)\vsk5online\vsk5online.exe] => (Allow) C:\program files (x86)\vsk5online\vsk5online.exe No File FirewallRules: [{BA4A1052-4E43-443D-9CEA-160764D1361F}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{4CBC7CCD-9C95-46ED-96CF-8387A68CAAA7}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_131\bin\java.exe () FirewallRules: [{6C2F61A7-3567-4D55-9461-151F55E2756A}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_131\bin\java.exe () FirewallRules: [{6D469999-06A6-401B-8E54-497B80AA4588}] => (Allow) C:\Users\Admin\Ubiquiti UniFi\bin\mongod.exe () FirewallRules: [{D3FF11E1-E574-4EA0-B06D-BC4A45579D7B}] => (Allow) C:\Users\Admin\Ubiquiti UniFi\bin\mongod.exe () FirewallRules: [{3AAFFD6A-BA34-4789-A8C7-9C1B3E97DFB5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{1F9320C1-7383-4822-A4EC-4D0CF1B06B79}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{6698CD85-6765-4C85-B0CF-6D82D299347B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{4995D6FC-AA54-4B59-A2F3-E9DB7A74D3CB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{435143E4-C2D6-41F7-BF4F-7618076672EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Project Hospital\ProjectHospital.exe () FirewallRules: [{FDE8A547-279A-4C03-A888-EF3F542F194D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Project Hospital\ProjectHospital.exe () FirewallRules: [{0DB3DD11-A8E1-41D7-A1D9-321DC7A8FD2C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) FirewallRules: [{9C079A39-AB98-40BB-AC1D-15A8EB3D9147}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{D360E24F-7FB2-4997-A638-48FFF804DC31}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) ==================== Restore Points ========================= 20-01-2019 18:19:02 Windows Update 29-01-2019 11:03:14 Scheduled Checkpoint 04-02-2019 22:27:07 Windows Update 11-02-2019 22:27:19 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/05/2019 02:27:21 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: ) Description: The volume TINY7 X86 R1 (D:) was not optimized because an error was encountered: This volume cannot be optimized. (0x8900000D) Error: (01/29/2019 11:22:52 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program iexplore.exe version 11.0.17134.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 6f8c Start Time: 01d4b7ba69bc6af1 Termination Time: 20 Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Report Id: 3bb48bad-fe0a-489a-ac17-e75ecc9105fa Faulting package full name: Faulting package-relative application ID: Error: (01/23/2019 06:24:09 PM) (Source: Steam Client Service) (EventID: 1) (User: ) Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe Error: (01/21/2019 10:27:13 AM) (Source: Steam Client Service) (EventID: 1) (User: ) Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe Error: (01/17/2019 06:00:58 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: Product: Update for Windows 10 for x64-based Systems (KB4023057) -- A later version of Update for Windows 10 for x64-based Systems (KB4023057) is already installed. Setup will now exit. Error: (01/13/2019 12:03:16 PM) (Source: Steam Client Service) (EventID: 1) (User: ) Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe Error: (01/10/2019 07:14:59 PM) (Source: Steam Client Service) (EventID: 1) (User: ) Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe Error: (01/10/2019 07:05:51 PM) (Source: Steam Client Service) (EventID: 1) (User: ) Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe System errors: ============= Error: (02/13/2019 04:19:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/13/2019 04:09:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/13/2019 01:58:49 PM) (Source: DCOM) (EventID: 10016) (User: HP-VVV) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user HP-VVV\Admin SID (S-1-5-21-2683052957-914339474-147703212-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Error: (02/13/2019 03:16:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/13/2019 01:28:48 AM) (Source: DCOM) (EventID: 10016) (User: HP-VVV) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user HP-VVV\Admin SID (S-1-5-21-2683052957-914339474-147703212-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Error: (02/12/2019 11:12:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscDataProtection and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/12/2019 11:12:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscBrokerManager and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/12/2019 11:11:03 PM) (Source: DCOM) (EventID: 10016) (User: HP-VVV) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user HP-VVV\Admin SID (S-1-5-21-2683052957-914339474-147703212-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Windows Defender: =================================== Date: 2019-01-22 00:18:09.418 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {70B54E51-2A96-4770-AB1A-880992752A22} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-01-13 12:02:25.764 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {6174045A-D626-455E-90DA-4406FFD86838} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-02-03 22:44:36.742 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.285.785.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15600.4 Error code: 0x80240438 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2019-01-29 16:14:19.497 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.285.361.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15600.4 Error code: 0x80240438 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2019-01-24 11:14:33.033 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.283.3569.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15500.2 Error code: 0x80240438 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2019-01-20 18:19:01.792 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.283.3157.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15500.2 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2018-11-22 20:51:22.836 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Signature Type: Update Type: Current Engine Version: Previous Engine Version: Error code: 0x80070652 Error description: Another installation is already in progress. Complete that installation before proceeding with this install. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz Percentage of memory in use: 60% Total physical RAM: 3993.11 MB Available physical RAM: 1591.68 MB Total Virtual: 4697.11 MB Available Virtual: 2074.09 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:166.78 GB) (Free:48.03 GB) NTFS ==>[drive with boot components (obtained from BCD)] \\?\Volume{1d8903d3-0000-0000-0000-30b229000000}\ () (Fixed) (Total:0.9 GB) (Free:0.39 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 167.7 GB) (Disk ID: 1D8903D3) Partition 1: (Active) - (Size=166.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=917 MB) - (Type=27) ==================== End of Addition.txt ============================