Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019 Ran by miran (22-01-2019 11:07:59) Running from C:\Users\miran\Desktop Windows 10 Home Version 1803 17134.523 (X64) (2018-06-04 21:02:25) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-981184571-1764792196-677826942-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-981184571-1764792196-677826942-503 - Limited - Disabled) defaultuser0 (S-1-5-21-981184571-1764792196-677826942-1000 - Limited - Disabled) => C:\Users\defaultuser0 Guest (S-1-5-21-981184571-1764792196-677826942-501 - Limited - Disabled) miran (S-1-5-21-981184571-1764792196-677826942-1001 - Administrator - Enabled) => C:\Users\miran WDAGUtilityAccount (S-1-5-21-981184571-1764792196-677826942-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Security (Disabled - Out of date) {A2708B76-6835-6565-CB96-694212954A75} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security (Disabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-981184571-1764792196-677826942-1001\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.) abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.08.2001 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated) Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3038 - Acer Incorporated) Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated) Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer) Acer Jumpstart (HKLM-x32\...\{4B92BFBE-917D-4FA1-97E9-DB9D91286E90}) (Version: 3.0.18135.100 - Acer) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated) Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3008 - Acer Incorporated) Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.02.3001 - Acer Incorporated) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated) AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated) App Explorer (HKU\S-1-5-21-981184571-1764792196-677826942-1001\...\Host App Service) (Version: 0.273.2.988 - SweetLabs) <==== ATTENTION Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.) Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.) DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3015 - Acer Incorporated) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden Hola™ 1.117.243 - Better Internet (HKLM\...\Hola) (Version: 1.117.243 - Hola Networks Ltd.) <==== ATTENTION Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.147 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4474 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1094 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Klennet Carver (HKLM\...\{D24624E1-09E8-45A7-9C47-AC968F2951B7}_is1) (Version: - www.klennet.com) Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.895.1 - McAfee, Inc.) Microsoft Office 365 - da-dk (HKLM\...\O365HomePremRetail - da-dk) (Version: 16.0.11126.20266 - Microsoft Corporation) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11126.20266 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-981184571-1764792196-677826942-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla) Norton Security (HKLM-x32\...\NGC) (Version: 22.16.3.21 - Symantec Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0406-0000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden OneClick, версия 2.2.0.0 (HKU\S-1-5-21-981184571-1764792196-677826942-1001\...\{42F8C402-22B5-42FC-BB6C-88BF4BE304E5}_is1) (Version: 2.2.0.0 - OneClick) Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access) Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10388 - Qualcomm Atheros) Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.278 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31231 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7930 - Realtek Semiconductor Corp.) Spotify Weblink (HKLM-x32\...\{8CADF0CB-E834-4019-9B11-B84E051F2A8E}) (Version: 1.16.1210 - Acer) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.5.33 - Synaptics Incorporated) Unity Web Player (HKU\S-1-5-21-981184571-1764792196-677826942-1001\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation) Viber (HKLM-x32\...\{1248EE0B-B456-495E-89D9-3D9B0268205F}) (Version: 8.7.0.7 - Viber Media Inc.) Hidden Viber (HKU\S-1-5-21-981184571-1764792196-677826942-1001\...\{12e627d3-0d85-4130-89de-fbfa06da7241}) (Version: 8.7.0.7 - Viber Media Inc.) Windows Driver Package - Intel Corporation (iagpioe) System (05/21/2015 604.10120.2652.361) (HKLM\...\AF9226384B030787C4D0F761A23F48F7649D6D17) (Version: 05/21/2015 604.10120.2652.361 - Intel Corporation) Windows Driver Package - Intel Corporation (iai2ce) System (06/30/2015 604.10146.2643.2818) (HKLM\...\42CFE5B10021C15BFC08687E1D339C8BB3D32DDA) (Version: 06/30/2015 604.10146.2643.2818 - Intel Corporation) Windows Driver Package - Intel Corporation (iauarte) System (05/21/2015 604.10120.2653.391) (HKLM\...\1D4FF76A05A14FF5BA3636A41E0AB237F3A55E14) (Version: 05/21/2015 604.10120.2653.391 - Intel Corporation) Wondershare Recoverit(Build 7.2.4.7) (HKLM-x32\...\{829555DC-31E5-4FEA-B350-8FCF24CECD95}_is1) (Version: 7.2.4.7 - Wondershare Software Co.,Ltd.) ZAR X (HKLM\...\{85DA9B81-D7F9-4165-8E62-F776B57213F8}_is1) (Version: - www.z-a-recovery.com) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-981184571-1764792196-677826942-1001_Classes\CLSID\{5884FE7C-1AC9-4F11-9818-A7DC2437E8F3}\InprocServer32 -> C:\Users\miran\AppData\Local\OneClick\OneClickBand.64.dll => No File ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation) ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.16.3.21\NavShExt.dll [2018-12-12] (Symantec Corporation) ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.16.3.21\NavShExt.dll [2018-12-12] (Symantec Corporation) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-06-29] (Intel Corporation) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.16.3.21\NavShExt.dll [2018-12-12] (Symantec Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {024AEB17-CB20-417E-B3F7-39142ECD5E6E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-01-19] (Microsoft Corporation) Task: {0EA12EDF-D3EA-4A00-8C5D-B72CEE44C9D6} - System32\Tasks\S-1-5-21-981184571-1764792196-677826942-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-12-08] (Microsoft Corporation) Task: {10F7F981-CD81-4F68-ABDD-2B0B19EE9838} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation) Task: {15845293-5E42-4ECC-A773-384C5CC6A811} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2017-06-27] () Task: {1E2186B0-4908-40EB-BF58-1600E5996579} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {33AC76CC-9756-44E8-8299-BD16963D75DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation) Task: {35808CDC-DF61-4316-9F62-EF94725F6A02} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.16.3.21\SymErr.exe [2018-12-12] (Symantec Corporation) Task: {40814DD8-FA1F-4916-A9AC-2B4CDB8A31C9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.16.3.21\WSCStub.exe [2018-12-12] (Symantec Corporation) Task: {4900A2C4-EE0B-4458-AEC3-02F2E6BC8CBF} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe Task: {53C399ED-0589-44AE-887F-342547AC8031} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation) Task: {57ECE186-2C9E-4FEF-BE17-BDA8428E4D0F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-24] (Google Inc.) Task: {64860A63-3A7C-42D9-A89B-B8CDF972F17D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {6D2B611F-AEFD-49A7-BB58-D94FF00400C4} - System32\Tasks\App Explorer => C:\Users\miran\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2018-12-12] (SweetLabs, Inc) <==== ATTENTION Task: {7296C38D-FD11-423A-901B-2AE4CCE97B2D} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [2015-05-14] () Task: {796BF0D9-804C-4B04-A3CA-80C38093BE4A} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: ) Task: {816D5B51-31B4-443A-B73A-6804389835DC} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"] Task: {835B112A-9227-40D0-99E8-2A2E713DFEE8} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2016-09-13] (Acer Incorporated) Task: {87D4748F-A024-4244-8B99-45ED3B8C1366} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation) Task: {8FA02417-1DC0-4EBF-863B-39D0360C81BA} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [2017-12-14] () Task: {8FBFF7FB-CAA2-47CF-808D-17D5ADD9A477} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2018-05-28] () Task: {94CEE065-A00C-424F-9494-81ACE4AE5E9E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated) Task: {9AF13AD5-36C6-4E7D-A6AC-4064D67CF90B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-01-19] (Microsoft Corporation) Task: {9F45A6AA-F9DA-4DAC-8D2A-1A837D69707B} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2018-05-28] () Task: {A5867002-0406-4D12-97D7-637F09C5292B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation) Task: {A8AFF1AB-3F29-40B7-9E08-90491E653F56} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-03-20] (Acer Incorporated) Task: {AC0DA809-1B8E-4578-823B-C21A143E0556} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [2016-09-20] () Task: {B6842CD1-1FAE-4073-BE8E-73F04254C9DC} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2018-12-12] (Symantec Corporation) Task: {C5A37B97-5B42-4A16-B9F9-BC7DB979AE12} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2019-01-19] (Microsoft Corporation) Task: {D93E7C5A-9492-4DA7-8EFE-E229FC76909E} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [2017-12-13] (Acer Incorporated) Task: {DC5E8CA4-3044-4E48-8BBC-E1F0D5C86CC5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2016-06-25] (Acer Incorporated) Task: {E0EA03C5-64EC-42C9-A87C-270FA94B2F55} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [2018-09-26] (Acer) Task: {E32909A1-EBCC-4811-9A73-9A5C4B8E6861} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-19] (Microsoft Corporation) Task: {E6A47B6F-8D61-4635-B1D9-35F5DF5014CC} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.16.3.21\SymErr.exe [2018-12-12] (Symantec Corporation) Task: {EA533A8E-4E7A-4BA1-8A67-B6D478CF6917} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security\Engine\22.16.3.21\SymErr.exe [2018-12-12] (Symantec Corporation) Task: {EC79489B-6DAA-4DBF-96FF-D17527851052} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2016-09-13] (Acer Incorporated) Task: {EDAE52A0-82D0-49B8-9D5B-F550907EF9CE} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2016-06-25] () Task: {F5613D4C-3D98-438B-A2BF-D6058D57B837} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-19] (Microsoft Corporation) Task: {F989EF4E-EA3F-4BFB-A314-E548D41824AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-24] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2018-08-30 20:43 - 2019-01-16 11:16 - 001427376 _____ () C:\Program Files\Hola\app\lum_sdk64_clr.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2016-07-18 07:45 - 2016-06-29 15:34 - 000384496 _____ () C:\WINDOWS\system32\igfxTray.exe 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-12-12 17:04 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2019-01-09 11:21 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-10-04 20:23 - 2018-10-05 04:30 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2018-12-14 08:19 - 2018-12-14 08:19 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2018-12-14 08:19 - 2018-12-14 08:19 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll 2018-12-14 08:19 - 2018-12-14 08:19 - 010927616 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\LibWrapper.dll 2018-12-14 08:19 - 2018-12-14 08:19 - 002916864 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\skypert.dll 2018-12-14 08:19 - 2018-12-14 08:19 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2018-12-14 08:19 - 2018-12-14 08:19 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2017-02-18 21:28 - 2015-05-14 08:10 - 000030976 _____ () C:\OEM\Preload\FubTool\FubTool.exe 2017-12-14 17:10 - 2017-12-14 17:10 - 000479024 _____ () C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe 2018-05-28 20:00 - 2018-05-28 20:00 - 004696880 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe 2019-01-22 10:30 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2019-01-22 10:30 - 2018-11-21 11:07 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-12-19 18:27 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll 2018-12-19 18:27 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll 2019-01-21 00:10 - 2019-01-17 12:03 - 000047688 _____ () C:\Users\miran\AppData\Local\Viber\qrencode.dll 2019-01-21 00:10 - 2019-01-17 12:04 - 000291400 _____ () C:\Users\miran\AppData\Local\Viber\ViberRTC.dll 2019-01-21 00:10 - 2019-01-17 12:04 - 000472136 _____ () C:\Users\miran\AppData\Local\Viber\imageformats\qsvg.dll 2017-09-22 15:14 - 2017-09-22 15:14 - 000202528 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll 2017-09-22 15:17 - 2017-09-22 15:17 - 000654072 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll 2017-09-22 15:17 - 2017-09-22 15:17 - 000641312 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll 2017-09-22 15:16 - 2017-09-22 15:16 - 000119072 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll 2018-06-04 21:50 - 2018-06-04 21:50 - 000015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll 2017-03-20 14:24 - 2017-03-20 14:24 - 000013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll 2017-03-20 14:21 - 2017-03-20 14:21 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-981184571-1764792196-677826942-1001\...\hola.org -> hxxp://hola.org IE trusted site: HKU\S-1-5-21-981184571-1764792196-677826942-1001\...\sharepoint.com -> hxxps://jimacoaars-files.sharepoint.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-07-16 12:47 - 2019-01-21 14:36 - 000000879 _____ C:\WINDOWS\system32\drivers\etc\hosts 2019-01-15 09:41 - 2019-01-16 01:26 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-981184571-1764792196-677826942-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Acer01.jpg DNS Servers: 193.162.153.164 - 194.239.134.83 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{2735ED88-F9BD-4451-BA5E-9AC1CD03CA47}] => (Allow) C:\Users\miran\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{0268CEAF-8528-4A9C-A104-D55F23FA3632}] => (Allow) C:\Users\miran\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{8E8F5A0C-6EDB-4EEB-BE69-18FF49153826}] => (Allow) C:\Users\miran\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{382C85FD-878D-4E6A-888F-1D847C84CC59}] => (Allow) C:\Users\miran\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{14BC92F1-BE2F-4EAE-A79E-BF8EB19BACA8}] => (Allow) C:\Users\miran\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{699787E7-515E-4B05-819E-F53DBA25B89F}] => (Allow) C:\Users\miran\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{07D140FA-8BBB-4B8F-85EC-CC66E4EEA9A4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{BA5CEFE6-B47F-41E5-9554-7EAB3A47064F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{3FC9C2F7-CE87-4F51-9CE9-F9CD112F946A}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Cloud Technology) FirewallRules: [{DA4E0BF2-C6AB-4AD8-8BEC-D447CF54B408}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Cloud Technology) FirewallRules: [{75431CAB-84D1-4478-A266-B160D8731B61}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer) FirewallRules: [{F22169E8-678C-4118-8E3A-BE44E9F2E4A9}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer) FirewallRules: [{CDF5B0ED-F1F0-437B-8F58-8FCA7FCB9AD1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer) FirewallRules: [{E8D490BF-D5B0-4222-B933-07EA14DE6BAF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer) FirewallRules: [TCP Query User{A9034568-ECF9-4355-92E9-E43394E7C9A1}C:\users\miran\appdata\local\mediaget2\mediaget.exe] => (Block) C:\users\miran\appdata\local\mediaget2\mediaget.exe No File FirewallRules: [UDP Query User{3276E6F6-4493-4239-8051-5E6CD60FC1BA}C:\users\miran\appdata\local\mediaget2\mediaget.exe] => (Block) C:\users\miran\appdata\local\mediaget2\mediaget.exe No File FirewallRules: [{52E04C96-24E4-4B63-99C6-491D42230720}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{5D253442-1241-48DC-9C8F-89133E1029FA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{55595BEF-7FE2-42D1-B7BA-0FE56E48B39A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe No File FirewallRules: [{F9291C22-98B6-49F3-BDB8-D7DFE2CF6B78}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe No File FirewallRules: [{3B31CFB6-E676-4316-8899-630BEC1A05FA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation) FirewallRules: [{2942F2B9-8187-488B-B579-2933A293F7FB}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe No File FirewallRules: [{962F5BC4-23C3-4402-B14D-BD735E03DBEA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) FirewallRules: [{85AC8AA3-BEE8-4357-90FF-63D0332E69A5}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation) FirewallRules: [{01E364A0-F9B9-4B33-8D46-27B612F5A769}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation) FirewallRules: [{AC782653-683D-44E9-89F5-D0E86AE6E9F9}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation) ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/22/2019 10:31:18 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbamtray.exe, version: 3.1.0.1662, time stamp: 0x5c070ada Faulting module name: Qt5Core.dll, version: 5.11.1.0, time stamp: 0x5bd23201 Exception code: 0xc0000005 Fault offset: 0x0018dc19 Faulting process id: 0x2854 Faulting application start time: 0x01d4b235376f8fc9 Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll Report Id: 25398b9f-f46b-43db-b45b-9cc8e01205aa Faulting package full name: Faulting package-relative application ID: Error: (01/22/2019 10:23:01 AM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.147) TYPE: ERROR DPTF Build Version: 8.1.10600.147 DPTF Build Date: May 26 2015 13:35:22 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (01/22/2019 01:05:28 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4422 Error: (01/22/2019 01:05:28 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4422 Error: (01/22/2019 01:05:28 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/22/2019 01:05:26 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1891 Error: (01/22/2019 01:05:26 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1891 Error: (01/22/2019 01:05:26 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (01/22/2019 10:54:37 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-F78QGAI8) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user LAPTOP-F78QGAI8\miran SID (S-1-5-21-981184571-1764792196-677826942-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (01/22/2019 10:54:14 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-F78QGAI8) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user LAPTOP-F78QGAI8\miran SID (S-1-5-21-981184571-1764792196-677826942-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (01/22/2019 10:30:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (01/22/2019 10:26:39 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (01/22/2019 10:26:03 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-F78QGAI8) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user LAPTOP-F78QGAI8\miran SID (S-1-5-21-981184571-1764792196-677826942-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (01/22/2019 10:23:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (01/22/2019 10:23:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (01/22/2019 10:23:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Windows Defender: =================================== Date: 2019-01-14 19:25:49.726 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {6C6EFC77-48F5-446D-B867-139ACB35869C} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-01-13 17:55:35.903 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {597D4B43-E971-4D9F-99D1-093EC17840B2} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-01-05 15:33:37.377 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {345B89AE-4AFA-44BE-A2C4-EFAAA3E9B04A} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-12-28 11:12:56.199 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {EB7D3E63-3317-4A3B-859F-F9AF5112D4DC} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-12-26 17:01:23.500 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {70020B20-6571-4A62-A4BB-1F6FBEB4AE06} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-01-16 10:40:28.426 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.283.2991.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15500.2 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2019-01-10 23:47:59.493 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.283.2586.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15500.2 Error code: 0x80072ee2 Error description: The operation timed out Date: 2019-01-10 20:12:05.678 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.283.2586.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15500.2 Error code: 0x80072ee2 Error description: The operation timed out Date: 2019-01-10 18:08:08.414 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.283.2586.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15500.2 Error code: 0x80072ee2 Error description: The operation timed out Date: 2019-01-10 17:42:04.730 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.283.2586.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15500.2 Error code: 0x80072ee2 Error description: The operation timed out ==================== Memory info =========================== Processor: Intel(R) Celeron(R) CPU N3060 @ 1.60GHz Percentage of memory in use: 73% Total physical RAM: 4008.27 MB Available physical RAM: 1047.07 MB Total Virtual: 9640.27 MB Available Virtual: 5532.38 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:115.37 GB) (Free:40.56 GB) NTFS Drive d: () (Removable) (Total:29.71 GB) (Free:25.62 GB) FAT32 \\?\Volume{475befb8-21f2-48c8-95c1-529a86deec19}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.55 GB) NTFS \\?\Volume{c912d4cd-1afc-4296-8566-4a0314eb9c11}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 116.5 GB) (Disk ID: 5738ED7D) Partition: GPT. ======================================================== Disk: 1 (Protective MBR) (Size: 29.7 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================