Langsom bærbar ( tjek )

Hej.
Vores Medion er efterhånden blevet langsom. det vil være skønt at få den tjekket for snavs og andet.

Malwarebytes

-Logoplysninger-
Scanningsdato: 01/10/2019
Scanningstidspunkt: 12.01
Logfil: 79f03f04-e432-11e9-ab89-4c72b9fb99ce.json

-Softwareoplysninger-
Version: 3.8.3.2965
Komponentversion: 1.0.627
Opdatér pakkeversion: 1.0.12721
Licens: Gratis

-Systemoplysninger-
OS: Windows 10 (Build 16299.248)
CPU: x64
Filsystem: NTFS
Bruger: MIN-PC\Rose

-Scanningsoversigt-
Scanningstype: Trusselsscanning
Scanning started af: Manuel
Resultat: Fuldført
Scannede objekter: 284655
Registrerede trusler: 3
Trusler i karantæne: 3
Forløbet tid: 23 min, 12 sek.

-Scanningsindstillinger-
Hukommelse: Aktiveret
Start: Aktiveret
Filsystem: Aktiveret
Arkiver: Aktiveret
Rootkits: Aktiveret
Heuristik: Aktiveret
PUP: Registrér
PUM: Registrér

-Scanningsoplysninger-
Proces: 0
(Ingen skadelige elementer registreret)

Modul: 0
(Ingen skadelige elementer registreret)

Registreringsnøgle: 0
(Ingen skadelige elementer registreret)

Registreringsværdi: 0
(Ingen skadelige elementer registreret)

Registreringsdata: 0
(Ingen skadelige elementer registreret)

Datastrøm: 0
(Ingen skadelige elementer registreret)

Mappe: 0
(Ingen skadelige elementer registreret)

Fil: 3
PUP.Optional.WinZipDriverUpdater, C:\USERS\ROSE\DOWNLOADS\WZDU34.EXE, I karantæne, [1709], [491374],1.0.12721
PUP.Optional.Uniblue, C:\USERS\ROSE\DOWNLOADS\PCMECHANICPM.EXE, I karantæne, [1444], [327228],1.0.12721
PUP.Optional.TweakBit, C:\USERS\ROSE\DOWNLOADS_TB_LA_PCR_NEW_DSK-REPAIRKIT.EXE, I karantæne, [1640], [693955],1.0.12721

Fysisk sektor: 0
(Ingen skadelige elementer registreret)

WMI: 0
(Ingen skadelige elementer registreret)

(end)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-09-2019
Ran by Rose (administrator) on MIN-PC (Medion E6234) (01-10-2019 12:43:17)
Running from C:\Users\Rose\Desktop
Loaded Profiles: Rose (Available Profiles: Rose)
Platform: Windows 10 Home Version 1709 16299.248 (X64) Language: Dansk (Danmark)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Rose\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM…\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM…\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM…\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-10-20] (Apple Inc. -> Apple Inc.)
HKLM…\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKU\S-1-5-21-1232691742-398919853-1836305073-1001…\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1232691742-398919853-1836305073-1001…\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1232691742-398919853-1836305073-1001…\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1232691742-398919853-1836305073-1001…\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1232691742-398919853-1836305073-1001…\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1232691742-398919853-1836305073-1001…\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22714912 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1232691742-398919853-1836305073-1001\Control Panel\Desktop\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [570880 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> %SystemRoot%\inf\unregmp2.exe /ShowWMP
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-26] (Google LLC -> Google LLC)
Startup: C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2018-08-07]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13804BE8-3660-482D-A89B-517B313AC1F3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [464456 2018-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {3205F34F-45FE-4C73-B56E-EB91AF9E134F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [464456 2018-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {375273B2-ADC8-4AEF-A5EC-14FF5107E837} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2017-10-19] (Apple Inc. -> Apple Inc.)
Task: {4F4F8EFE-2AEB-4B92-BADA-8B5881043574} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-11-10] (Google Inc -> Google Inc.)
Task: {520792E5-6F65-441C-ABFA-A3A93B19FDCE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [464456 2018-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {78F25A88-DB83-4D39-8BB1-86F1DC02813D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-11-10] (Google Inc -> Google Inc.)
Task: {7A34D8A1-E345-45D7-AD28-C10A33AE8C38} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [117728 2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {860EC021-C63E-4CA2-9F59-327A58868A00} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1571464 2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {93A1B724-A8B8-4C58-953D-4D79D4E088EF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2017-07-24] (Apple Inc. -> Apple Inc.)
Task: {9F8DD4BB-03D1-4F41-A628-D273F8603F59} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1428640 2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {A72077C6-9823-45B0-A6F3-98AE61FA21A6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {AACF56C9-D1DA-4CE0-AD27-4C90D7FD572F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [464456 2018-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC023716-411B-466F-90DA-7162EF209923} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {D0871806-169A-490F-8427-F3418923BF3E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1428640 2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC866D32-1DD0-49F3-B616-ACBB87AD8FF7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [134272480 2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEB4A590-04E3-4335-8834-B3FBB9EED715} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [117728 2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {E492A59F-33C3-49C2-84D5-8AD64F62FFEA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E5DBC0CA-6CE1-4081-B462-3CE2E91E45F7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-08-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E61D476B-BCE3-4805-996D-A22833E295F7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {F36FC710-40EB-4663-BFFE-751C128C22E7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16585328 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 81.167.36.5 81.167.36.12
Tcpip…\Interfaces{c9bc7ede-93af-4711-9023-cc997270a300}: [DhcpNameServer] 81.167.36.5 81.167.36.12

Internet Explorer:

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2018-07-01] (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-27] (Microsoft Corporation -> Microsoft Corporation)

Edge:

DownloadDir: C:\Users\Rose\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1232691742-398919853-1836305073-1001 -> hxxp://www.google.dk/

FireFox:

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-28] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-08-21] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:

CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> “hxxp://www.google.com/”
CHR Profile: C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default [2019-10-01]
CHR Extension: (Slides) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-11]
CHR Extension: (Docs) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-10]
CHR Extension: (Google Drev) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-10]
CHR Extension: (YouTube) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-10]
CHR Extension: (Adobe Acrobat) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-11]
CHR Extension: (Sheets) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-11]
CHR Extension: (Google Docs Offline) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-10]
CHR Extension: (Betalinger i Chrome Webshop) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-04]
CHR Extension: (Gmail) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-10]
CHR Extension: (Chrome Media Router) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-04]
CHR HKLM-x32…\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11568144 2019-08-30] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-12-02] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-12-02] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BrSerIb; C:\WINDOWS\System32\drivers\BrSerIb.sys [95344 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\WINDOWS\System32\drivers\BrUsbSIb.sys [21872 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-10-01] (Malwarebytes Corporation -> Malwarebytes)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2017-09-29] (Microsoft Windows -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Microsoft Windows -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-10-08] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [43680 2015-12-17] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-12-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [328696 2018-12-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-12-02] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-09-2019
Ran by Rose (01-10-2019 12:40:24)
Running from C:\Users\Rose\Desktop
Windows 10 Home Version 1709 16299.248 (X64) (2017-12-07 07:29:57)
Boot Mode: Normal

==================== Accounts: =============================

Administrator (S-1-5-21-1232691742-398919853-1836305073-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1232691742-398919853-1836305073-503 - Limited - Disabled)
Gæst (S-1-5-21-1232691742-398919853-1836305073-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1232691742-398919853-1836305073-1005 - Limited - Enabled)
Rose (S-1-5-21-1232691742-398919853-1836305073-1001 - Administrator - Enabled) => C:\Users\Rose
WDAGUtilityAccount (S-1-5-21-1232691742-398919853-1836305073-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Dansk (HKLM-x32…{AC76BA86-7AD7-1030-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM…{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32…{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Apple-programunderstøttelse (32 bit) (HKLM-x32…{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple-programunderstøttelse (64 bit) (HKLM…{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Bonjour (HKLM…{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM…\CCleaner) (Version: 5.61 - Piriform)
Dropbox (HKU\S-1-5-21-1232691742-398919853-1836305073-1001…\Dropbox) (Version: 38.4.27 - Dropbox, Inc.)
Evernote v. 6.13.14 (HKLM-x32…{D16B1D50-7D70-11E8-81F3-005056951CAD}) (Version: 6.13.14.7474 - Evernote Corp.)
Google Chrome (HKLM-x32…\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32…{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
iCloud (HKLM…{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)
iTunes (HKLM…{A1C9D89F-8F56-4589-86D4-E3931FEF75D1}) (Version: 12.7.1.14 - Apple Inc.)
Malwarebytes version 3.8.3.2965 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office 365 - da-dk (HKLM…\O365HomePremRetail - da-dk) (Version: 16.0.11929.20300 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1232691742-398919853-1836305073-1001…\OneDriveSetup.exe) (Version: 19.152.0801.0009 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32…{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM…{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM…{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32…{90160000-008C-0406-0000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden
Opdateringsassistent til Windows 10 (HKLM-x32…{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM…\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM…{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM…{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM…{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Watchtower Library - Dansk (HKLM-x32…{F52CCB97-0920-42BE-9590-F5B9A703C290}) (Version: 18.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM…{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )

Packages:

Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2017-11-10] (Adobe Systems Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-09-27] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.1.4.0_x86__kgqvnymyfvs32 [2019-09-27] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.148.400.0_x86__kgqvnymyfvs32 [2019-09-27] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-09-27] (HP Inc.)
JW Library -> C:\Program Files\WindowsApps\WatchtowerBibleandTractSo.45909CDBADF3C_11.3.93.0_x64__5rz59y55nfz3e [2019-09-27] (Watchtower Bible and Tract Society of New York)
KONICA MINOLTA Print Experience -> C:\Program Files\WindowsApps\KONICAMINOLTAINC.KONICAMINOLTAPrintExperience_1.3.0.13_neutral__s63fsn2sety0r [2019-09-27] (KONICA MINOLTA INC)
Mail og Kalender -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.3.1.1_x86__h6adky7gbf63m [2019-09-27] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-08] (Microsoft Corporation) [MS Ad]
Microsoft News – Nyheder -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Studios) [MS Ad]
Microsoft Telefon -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-16] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.101.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Studios)
MSN Vejr -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1232691742-398919853-1836305073-1001_Classes\CLSID{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Rose\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1232691742-398919853-1836305073-1001_Classes\CLSID{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Rose\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1232691742-398919853-1836305073-1001_Classes\CLSID{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rose\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1232691742-398919853-1836305073-1001_Classes\CLSID{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rose\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1232691742-398919853-1836305073-1001_Classes\CLSID{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rose\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1232691742-398919853-1836305073-1001_Classes\CLSID{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rose\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1232691742-398919853-1836305073-1001_Classes\CLSID{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rose\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1232691742-398919853-1836305073-1001_Classes\CLSID{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rose\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1232691742-398919853-1836305073-1001_Classes\CLSID{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rose\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1232691742-398919853-1836305073-1001_Classes\CLSID{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rose\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1232691742-398919853-1836305073-1001_Classes\CLSID{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rose\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1232691742-398919853-1836305073-1001_Classes\CLSID{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rose\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1232691742-398919853-1836305073-1001_Classes\CLSID{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Rose\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-1232691742-398919853-1836305073-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Rose\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1232691742-398919853-1836305073-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Rose\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1232691742-398919853-1836305073-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Rose\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc -> Dropbox, Inc.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Rose\Desktop\Windows 8 Info.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.windows.com/getstarted

==================== Loaded Modules (Whitelisted) ==============

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => “”=“Service”

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-27 21:20 - 2017-09-27 21:15 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1232691742-398919853-1836305073-1001\Control Panel\Desktop\Wallpaper -> C:\Users\Rose\Pictures\Camera Uploads\2015-05-24 15.13.30.jpg
DNS Servers: 81.167.36.5 - 81.167.36.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DC2DE1C5-DA5C-4115-A85F-F7B2461B9B18}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{03161332-E397-4379-BFA1-E237A5F246A9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E4109C3E-EC13-4561-8AD8-03230616FBBC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CF25D21F-2069-4F88-B725-759EF7C6AEEB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{79013AE9-48B8-4BB3-A7AB-43F92160BFA5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{734B3C1A-0369-4CB1-A07F-23139AC70675}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{14513AA4-217E-4ED9-A6AB-7524631963A0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

28-09-2019 05:50:32 Planlagt kontrolpunkt
01-10-2019 09:39:26 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

Error: (10/01/2019 09:56:48 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Den åbne procedure for tjenesten “BITS” i DLL-filen “C:\Windows\System32\bitsperf.dll” mislykkedes. Ydelsesdata for denne tjeneste vil ikke være tilgængelige. De første fire byte (DWORD) af dataafsnittet indeholder fejlkoden.

Error: (10/01/2019 08:43:43 AM) (Source: Microsoft-Windows-WMI) (EventID: 5601) (User: NT AUTHORITY)
Description: Tjenesten Windows Management Instrumentation Service kunne ikke indlæse lagerfilerne under mappen %windir%\system32\wbem\repository. Det kan skyldes en beskadigelse af lagerfilerne, sikkerhedsindstillingerne på mappen, manglende diskplads eller andre problemer med systemressourcer som f.eks. manglende hukommelse. Hvis denne fejl opstår, hver gang computeren genstartes, skal administratoren af denne computer måske stoppe WMI-tjenesten, gennemgå sikkerhedsindstillingen på denne mappe og filerne under denne mappe og køre WMIDiag for at validere tilstanden af Windows Management Instrumentation

Error: (09/27/2019 09:30:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MIN-PC)
Description: Pakken WatchtowerBibleandTractSo.45909CDBADF3C_11.3.93.0_x64__5rz59y55nfz3e+App blev afsluttet, fordi det midlertidige stop tog for lang tid.

Error: (09/27/2019 09:12:00 PM) (Source: Microsoft Office) (EventID: 2011) (User: )
Description: Event-ID 2011

Error: (09/27/2019 09:12:00 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x9; CorrelationId: {BC715187-E750-44FD-9729-EC8DA13891B1}

Error: (09/27/2019 09:11:24 PM) (Source: Microsoft Office) (EventID: 2011) (User: )
Description: Event-ID 2011

Error: (09/27/2019 09:11:24 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x9; CorrelationId: {BC715187-E750-44FD-9729-EC8DA13891B1}

Error: (09/27/2019 07:25:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MIN-PC)
Description: Pakken WatchtowerBibleandTractSo.45909CDBADF3C_10.6.31153.0_x64__5rz59y55nfz3e+App blev afsluttet, fordi det midlertidige stop tog for lang tid.

System errors:

Error: (10/01/2019 12:42:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Adgangsindstillingerne programspecifikke giver ikke Lokal Aktivering adgang til COM-serverprogrammet med CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
og APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
for brugeren NT AUTHORITY\LOKAL TJENESTE SID (S-1-5-19) fra adressen LocalHost (via LRPC), der kører i programbeholderen Ikke tilgængelig SID (Ikke tilgængelig). Denne sikkerhedstilladelse kan redigeres ved hjælp af administrationsværktøjet til komponenttjenester.

Error: (10/01/2019 12:37:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Adgangsindstillingerne programspecifikke giver ikke Lokal Aktivering adgang til COM-serverprogrammet med CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
og APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
for brugeren NT AUTHORITY\LOKAL TJENESTE SID (S-1-5-19) fra adressen LocalHost (via LRPC), der kører i programbeholderen Ikke tilgængelig SID (Ikke tilgængelig). Denne sikkerhedstilladelse kan redigeres ved hjælp af administrationsværktøjet til komponenttjenester.

Error: (10/01/2019 12:29:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Adgangsindstillingerne programspecifikke giver ikke Lokal Aktivering adgang til COM-serverprogrammet med CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
og APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
for brugeren NT AUTHORITY\LOKAL TJENESTE SID (S-1-5-19) fra adressen LocalHost (via LRPC), der kører i programbeholderen Ikke tilgængelig SID (Ikke tilgængelig). Denne sikkerhedstilladelse kan redigeres ved hjælp af administrationsværktøjet til komponenttjenester.

Error: (10/01/2019 12:29:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Adgangsindstillingerne programspecifikke giver ikke Lokal Aktivering adgang til COM-serverprogrammet med CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
og APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
for brugeren NT AUTHORITY\LOKAL TJENESTE SID (S-1-5-19) fra adressen LocalHost (via LRPC), der kører i programbeholderen Ikke tilgængelig SID (Ikke tilgængelig). Denne sikkerhedstilladelse kan redigeres ved hjælp af administrationsværktøjet til komponenttjenester.

Error: (10/01/2019 12:29:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Adgangsindstillingerne programspecifikke giver ikke Lokal Aktivering adgang til COM-serverprogrammet med CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
og APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
for brugeren NT AUTHORITY\LOKAL TJENESTE SID (S-1-5-19) fra adressen LocalHost (via LRPC), der kører i programbeholderen Ikke tilgængelig SID (Ikke tilgængelig). Denne sikkerhedstilladelse kan redigeres ved hjælp af administrationsværktøjet til komponenttjenester.

Error: (10/01/2019 12:29:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Adgangsindstillingerne programspecifikke giver ikke Lokal Aktivering adgang til COM-serverprogrammet med CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
og APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
for brugeren NT AUTHORITY\LOKAL TJENESTE SID (S-1-5-19) fra adressen LocalHost (via LRPC), der kører i programbeholderen Ikke tilgængelig SID (Ikke tilgængelig). Denne sikkerhedstilladelse kan redigeres ved hjælp af administrationsværktøjet til komponenttjenester.

Error: (10/01/2019 12:29:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Adgangsindstillingerne programspecifikke giver ikke Lokal Aktivering adgang til COM-serverprogrammet med CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
og APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
for brugeren NT AUTHORITY\LOKAL TJENESTE SID (S-1-5-19) fra adressen LocalHost (via LRPC), der kører i programbeholderen Ikke tilgængelig SID (Ikke tilgængelig). Denne sikkerhedstilladelse kan redigeres ved hjælp af administrationsværktøjet til komponenttjenester.

Error: (10/01/2019 12:29:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Adgangsindstillingerne programspecifikke giver ikke Lokal Aktivering adgang til COM-serverprogrammet med CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
og APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
for brugeren NT AUTHORITY\LOKAL TJENESTE SID (S-1-5-19) fra adressen LocalHost (via LRPC), der kører i programbeholderen Ikke tilgængelig SID (Ikke tilgængelig). Denne sikkerhedstilladelse kan redigeres ved hjælp af administrationsværktøjet til komponenttjenester.

Windows Defender:

Date: 2019-10-01 11:33:17.174
Description:
Windows Defender Antivirus-scanning er blevet stoppet, før den er gennemført.
Scannings-id: {88BC6340-5588-4B6F-92A4-99372C390AF9}
Scanningstype: AntiMalware
Scanningsparametre: Hurtig scanning
Bruger: NT AUTHORITY\SYSTEM

Date: 2019-10-01 09:55:10.610
Description:
Windows Defender Antivirus-scanning er blevet stoppet, før den er gennemført.
Scannings-id: {EF498648-0757-4850-95B0-BDFC82663826}
Scanningstype: AntiMalware
Scanningsparametre: Hurtig scanning
Bruger: NT AUTHORITY\SYSTEM

Date: 2017-12-23 20:38:32.881
Description:
Windows Defender Antivirus-scanning er blevet stoppet, før den er gennemført.
Scannings-id: {C91F31D8-6578-4B93-8D08-FD0A6056BFBA}
Scanningstype: AntiMalware
Scanningsparametre: Hurtig scanning
Bruger: NT AUTHORITY\SYSTEM

Date: 2017-12-23 20:28:30.055
Description:
Windows Defender Antivirus-scanning er blevet stoppet, før den er gennemført.
Scannings-id: {37A6692F-B42F-4AB6-8998-2DC7BF2A6E77}
Scanningstype: AntiMalware
Scanningsparametre: Hurtig scanning
Bruger: NT AUTHORITY\SYSTEM

Date: 2017-12-15 09:48:54.733
Description:
Windows Defender Antivirus-scanning er blevet stoppet, før den er gennemført.
Scannings-id: {3607CBF1-9DAB-4978-B8E3-F69D3FB4AC0C}
Scanningstype: AntiMalware
Scanningsparametre: Hurtig scanning
Bruger: NT AUTHORITY\SYSTEM

Date: 2019-09-26 14:19:12.027
Description:
Windows Defender Antivirus har registreret en fejl under forsøget på at opdatere signaturer.
Ny signaturversion:
Tidligere signaturversion:1.297.610.0
Opdateringskilde:Microsoft Malware Protection Center
Signaturtype:AntiVirus
Opdateringstype:Fuld
Bruger:NT AUTHORITY\NETVÆRKSTJENESTE
Nuværende programversion:
Tidligere programversion:1.1.16100.4
Fejlkode:0x80072ee7
Fejlbeskrivelse:Servernavnet eller -adressen blev ikke fundet.

Date: 2019-09-26 14:19:12.027
Description:
Windows Defender Antivirus har registreret en fejl under forsøget på at opdatere signaturer.
Ny signaturversion:
Tidligere signaturversion:1.297.610.0
Opdateringskilde:Microsoft Malware Protection Center
Signaturtype:AntiSpyware
Opdateringstype:Fuld
Bruger:NT AUTHORITY\NETVÆRKSTJENESTE
Nuværende programversion:
Tidligere programversion:1.1.16100.4
Fejlkode:0x80072ee7
Fejlbeskrivelse:Servernavnet eller -adressen blev ikke fundet.

Date: 2019-09-26 14:19:12.027
Description:
Windows Defender Antivirus har registreret en fejl under forsøget på at opdatere signaturer.
Ny signaturversion:
Tidligere signaturversion:1.297.610.0
Opdateringskilde:Microsoft Malware Protection Center
Signaturtype:AntiVirus
Opdateringstype:Fuld
Bruger:NT AUTHORITY\NETVÆRKSTJENESTE
Nuværende programversion:
Tidligere programversion:1.1.16100.4
Fejlkode:0x80072ee7
Fejlbeskrivelse:Servernavnet eller -adressen blev ikke fundet.

Date: 2019-09-26 14:19:12.017
Description:
Windows Defender Antivirus har registreret en fejl under forsøget på at opdatere signaturer.
Ny signaturversion:
Tidligere signaturversion:1.297.610.0
Opdateringskilde:Microsoft Malware Protection Center
Signaturtype:AntiVirus
Opdateringstype:Fuld
Bruger:NT AUTHORITY\NETVÆRKSTJENESTE
Nuværende programversion:
Tidligere programversion:1.1.16100.4
Fejlkode:0x80072ee7
Fejlbeskrivelse:Servernavnet eller -adressen blev ikke fundet.

Date: 2019-09-26 14:19:12.016
Description:
Windows Defender Antivirus har registreret en fejl under forsøget på at opdatere signaturer.
Ny signaturversion:
Tidligere signaturversion:1.297.610.0
Opdateringskilde:Microsoft Malware Protection Center
Signaturtype:AntiSpyware
Opdateringstype:Fuld
Bruger:NT AUTHORITY\NETVÆRKSTJENESTE
Nuværende programversion:
Tidligere programversion:1.1.16100.4
Fejlkode:0x80072ee7
Fejlbeskrivelse:Servernavnet eller -adressen blev ikke fundet.

CodeIntegrity:

Date: 2019-10-01 12:42:29.005
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-01 12:42:29.002
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-01 12:42:28.577
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-01 12:42:28.574
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-01 12:41:18.464
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-10-01 12:41:18.462
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-10-01 12:37:56.240
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-10-01 12:37:56.237
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 503 09/29/2012
Motherboard: Medion E6234
Processor: Intel® Pentium® CPU B960 @ 2.20GHz
Percentage of memory in use: 63%
Total physical RAM: 3972.63 MB
Available physical RAM: 1462.31 MB
Total Virtual: 4676.63 MB
Available Virtual: 2151.92 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:402.75 GB) (Free:178.86 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:43.55 GB) NTFS

\?\Volume{989a4035-51d0-4f22-aaf4-6b99ee47ef5d}\ () (Fixed) (Total:0.49 GB) (Free:0.15 GB) NTFS
\?\Volume{4241cbc3-0fa5-4a42-8a5c-5c1c0c5848f3}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\?\Volume{d8118b57-9c54-46e6-973e-c703d6a0dc95}\ () (Fixed) (Total:0.96 GB) (Free:0.45 GB) NTFS
\?\Volume{73296f7a-fa6e-4e65-b804-da0fee479090}\ () (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3A192899)

Partition: GPT.

==================== End of Addition.txt ============================

Dette emne blev automatisk lukket 30 dage efter det seneste svar. Nye svar er ikke længere tilladt.