Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-08-2019 Ran by Adrian (16-08-2019 14:00:34) Running from C:\Users\Adrian\Desktop Windows 7 Professional Service Pack 1 (X64) (2014-07-23 16:30:14) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4055709356-1465872850-4113285666-500 - Administrator - Disabled) Adrian (S-1-5-21-4055709356-1465872850-4113285666-1000 - Administrator - Enabled) => C:\Users\Adrian Guest (S-1-5-21-4055709356-1465872850-4113285666-501 - Limited - Disabled) => C:\Users\Guest ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Telia SAFE by F-Secure (Disabled - Up to date) {8AC831E5-DF57-0DC0-D07B-4DE1A5FFFD9A} AS: Telia SAFE by F-Secure (Disabled - Up to date) {31A9D001-F96D-024E-EACB-7693DE78B727} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\uTorrent) (Version: 3.5.5.45311 - BitTorrent Inc.) 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft) 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 19.012.20036 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated) Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated) Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden Computer Security 17.215.129.0 (release) (HKLM-x32\...\{658FDBCA-B7A1-43E4-A849-9F0812473331}) (Version: 17.215.129.0 - F-Secure Corporation) Hidden Dell System Detect (HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\9204f5692a8faf3b) (Version: 5.9.0.5 - Dell) DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.99 - Dell Inc.) FileZilla Client 3.44.1 (HKLM-x32\...\FileZilla Client) (Version: 3.44.1 - Tim Kosse) F-Secure Ultralight 1.1.24.0 (release) (HKLM-x32\...\{9FAE989F-A043-4017-B60F-9134E992BB55}) (Version: 1.1.24.0 - F-Secure Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot) Hotspot Shield 4.15.3 (HKLM-x32\...\HotspotShield) (Version: 4.15.3 - AnchorFree Inc.) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) K-Lite Codec Pack 15.0.4 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.0.4 - KLCP) LibreOffice 4.2.5.2 (HKLM-x32\...\{93AD8CBD-C32E-4318-90BB-A294BE2D712C}) (Version: 4.2.5.2 - The Document Foundation) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Mp3tag v2.91 (HKLM-x32\...\Mp3tag) (Version: 2.91 - Florian Heidenreich) Online Safety 2.215.7452.4118 (HKLM-x32\...\{0DD64CD2-B23F-4A3D-A88D-EF6848A20167}) (Version: 2.215.7452.4118 - F-Secure Corporation) Hidden OpenOffice 4.1.1 (HKLM-x32\...\{121727D5-FDF3-4723-BA57-EB383440ED72}) (Version: 4.11.9775 - Apache Software Foundation) Pale Moon 27.4.2 (x64 en-US) (HKLM\...\Pale Moon 27.4.2 (x64 en-US)) (Version: 27.4.2 - Moonchild Productions) Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.018 - Dell Inc.) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.61.612.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6788 - Realtek Semiconductor Corp.) RomStation (HKLM-x32\...\{223B62A8-F6FF-4BEB-BC17-230D12723CD0}_is1) (Version: - RomStation) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype version 8.23 (HKLM-x32\...\Skype_is1) (Version: 8.23 - Skype Technologies S.A.) SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.5.2 - Krzysztof Kowalczyk) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1040 - SUPERAntiSpyware.com) Telia SAFE (HKLM-x32\...\{12CFC2FB-3ED2-45D8-94E4-7C20511A232C}) (Version: 3.15.612.0 - F-Secure Corporation) Hidden Telia SAFE (HKLM-x32\...\F-Secure ServiceEnabler 36506) (Version: 3.15.612.0 - F-Secure Corporation) VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) Windows 7 Logon Background Changer (HKLM-x32\...\{2E6044C5-3495-485F-91BC-46D1B6430E51}) (Version: 1.5.2 - Julien MANICI) Windows Resource Kit Tools (HKLM-x32\...\{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}) (Version: 5.2.3790 - Microsoft Corporation) WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4055709356-1465872850-4113285666-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll => No File ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217848 2009-02-12] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-11-30] (Florian Heidenreich) [File not signed] ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-11-30] (Florian Heidenreich) [File not signed] ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-11-30] (Florian Heidenreich) [File not signed] ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2014-07-23 20:28 - 2014-07-23 20:19 - 007923712 _____ (Dell Inc.) [File not signed] C:\Windows\system32\BCMWLCPL.CPL 2013-08-30 21:18 - 2013-08-30 21:18 - 000517120 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll 2013-08-30 21:18 - 2013-08-30 21:18 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll 2014-08-01 09:53 - 2014-08-01 09:53 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll 2018-03-05 20:19 - 2018-03-05 20:19 - 000096256 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.DLL 2015-07-30 19:00 - 2015-07-30 19:00 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\dell.com -> dell.com IE trusted site: HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-01-12 16:14 - 2018-10-01 18:17 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: com.deezer.deezer-desktop => C:\Users\Adrian\AppData\Local\Programs\deezer.desktop\Deezer.exe MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4 MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{228A0AE0-6F13-4860-BBE1-D19466BE7488}] => (Allow) LPort=58172 FirewallRules: [{12716EE3-E24D-4FC7-9F52-A63006D7DAC6}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe No File FirewallRules: [{DCD7F423-87CE-4174-9CFC-455EC4371EA5}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe No File FirewallRules: [{1A655AF1-66A6-461D-AEA9-EF49B2ADEC5E}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll No File FirewallRules: [{F2A95EA8-79AA-44B6-9464-1E79E9179E82}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll No File FirewallRules: [{19DD00E4-DC50-4723-A55D-FCC4B5C2EA03}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll No File FirewallRules: [{45D9A44F-40E6-46F3-A2CB-006605A87D68}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll No File FirewallRules: [{B632795C-79D5-4851-B034-EB97624CE22F}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftAC.dll No File FirewallRules: [{893A49B1-97CC-4D49-B60A-EC2D612FDE9B}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftAC.dll No File FirewallRules: [{F5B6FBD4-692A-4B53-A64B-8958C6DF64C8}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftPlayer.dll No File FirewallRules: [{367F45C6-9E2A-4052-91B7-870A3EB51EBB}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftPlayer.dll No File FirewallRules: [{FF46CAFD-7600-44CC-9639-0EF9531625D2}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDownloaderHelp.dll No File FirewallRules: [{7E9359AF-9B8C-4520-93D5-CC06F4E29DA4}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDownloaderHelp.dll No File FirewallRules: [{44E978EA-EC2D-4AD4-B952-56ACF2E4C22A}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftHDSDump.dll No File FirewallRules: [{A58D3AC1-AF2E-49F2-BB13-16628C379895}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftHDSDump.dll No File FirewallRules: [{5356D667-A010-40FD-ACCE-9FED6E3D5173}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Emily is Away\emily is away.exe No File FirewallRules: [{E088059E-7B8D-47B3-92FC-0FACDB2C1108}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Emily is Away\emily is away.exe No File FirewallRules: [{B9F7D17E-4082-42F6-B0B1-7BDD4E7F6C30}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{A53348B5-1F7A-4BC8-BCC0-6EF5B1D59BD7}] => (Allow) C:\Windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{07371B7A-416A-4911-A03B-0EC0F5BD1C94}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{05AF48DB-F1D6-4EEC-834B-A897FD3182F2}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{B1126129-4B44-40A6-8AE7-26BE587E7E51}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{E84C2D42-972A-48B3-9261-13DBD4F3101A}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{FB38E441-2767-440B-B70F-8B25A3549EC4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{3AD7ADF5-9463-4E4B-B212-8EEEC39F3FF6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{B3EB5581-F7ED-4E83-A9AB-62F8441E0BF0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{D1D4E919-90FE-45C2-B7BB-C1F266D3D06F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{4645B545-81FF-4E34-9383-666C0DDCA074}] => (Allow) C:\Users\Adrian\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft) FirewallRules: [{2BAFA307-9045-4F92-8772-DBA851D3D370}] => (Allow) C:\Users\Adrian\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft) FirewallRules: [{25F572D9-3C46-4FE9-8CD0-88778ABD98A5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{9EAB06DF-822E-45DD-B5A5-CDFDE3687ED5}] => (Allow) C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{6A47B10B-92CE-4953-AC20-75DDFD947166}] => (Allow) C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{933CA299-E436-403D-8F26-FF7C7E259230}] => (Allow) C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{1F1C42D2-8D93-47B1-921B-2D5EDF68C6B6}] => (Allow) C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{4F06BA22-3EE8-464B-91E9-EEA949F520ED}] => (Allow) C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{1ABE4BC7-A232-4DA3-80CD-BF7DC0D02AF9}] => (Allow) C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Bluetooth Peripheral Device Description: Bluetooth Peripheral Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: SM Bus Controller Description: SM Bus Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Bluetooth Peripheral Device Description: Bluetooth Peripheral Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: USB2.0-CRW Description: USB2.0-CRW Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Bluetooth Peripheral Device Description: Bluetooth Peripheral Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/13/2019 11:07:50 AM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-4055709356-1465872850-4113285666-1000}/">. Error: (07/18/2019 07:07:04 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-4055709356-1465872850-4113285666-1000}/">. Error: (07/18/2019 07:05:54 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (07/18/2019 07:05:54 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: The index cannot be initialized. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (07/18/2019 07:05:54 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: The application cannot be initialized. Context: Windows Application Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (07/18/2019 07:05:54 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: The gatherer object cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (07/18/2019 07:05:54 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: The plug-in in cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: Element not found. (HRESULT : 0x80070490) (0x80070490) Error: (07/18/2019 07:05:51 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: The plug-in in cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) System errors: ============= Error: (08/16/2019 08:14:57 AM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume XP. Error: (08/16/2019 08:14:56 AM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume I:. Error: (08/16/2019 08:14:36 AM) (Source: Ntfs) (EventID: 137) (User: ) Description: The default transaction resource manager on volume I: encountered a non-retryable error and could not start. The data contains the error code. Error: (08/16/2019 08:14:22 AM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume XP. Error: (08/16/2019 08:14:15 AM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume I:. Error: (08/16/2019 08:14:03 AM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume I:. Error: (08/16/2019 08:13:59 AM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume XP. Error: (08/16/2019 08:13:56 AM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume XP. CodeIntegrity: =================================== Date: 2018-10-01 18:15:09.027 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-10-01 18:15:08.980 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== BIOS: Dell Inc. A12 10/25/2013 Motherboard: Dell Inc. 0FXP6Y Processor: Intel(R) Pentium(R) CPU 2127U @ 1.90GHz Percentage of memory in use: 94% Total physical RAM: 3983.36 MB Available physical RAM: 217.56 MB Total Virtual: 9981.54 MB Available Virtual: 4294.16 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:17.79 GB) NTFS \\?\Volume{bb6bccd0-1285-11e4-95e7-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 7A5EBAFA) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================