Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.04.2018
Ran by Myriam (15-04-2018 15:07:21)
Running from C:\Users\Myriam\Desktop
Windows 8 (X64) (2013-06-16 17:41:35)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2870124582-2670056687-1688047813-500 - Administrator - Disabled)
Guest (S-1-5-21-2870124582-2670056687-1688047813-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2870124582-2670056687-1688047813-1003 - Limited - Enabled)
Myriam (S-1-5-21-2870124582-2670056687-1688047813-1001 - Administrator - Enabled) => C:\Users\Myriam
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Trend Micro OfficeScan Antivirus (Enabled - Up to date) {F2F88E6A-3C7A-545F-268A-5D0BDD38EE06}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro OfficeScan Anti-spyware (Enabled - Up to date) {49996F8E-1A40-5BD1-1C3A-6679A6BFA4BB}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
123 Free Solitaire v10.3 (HKLM-x32\...\123 Free Solitaire_is1) (Version: - TreeCardGames)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Box Sync (HKLM-x32\...\{25e2ab6e-0bb9-479e-947c-5dd5f6a309a6}) (Version: 4.0.7800.0 - Box Inc.) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 47.4.74 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
e5 Secure Download Manager (HKLM-x32\...\{6A979889-133D-4E64-99BB-1DA983CDCE75}) (Version: 3.2.262.0 - Kivuto Solutions Inc.)
Easy Photo Scan (HKLM-x32\...\{1A6DED1E-A024-455D-AA82-203D6B3B0CBC}) (Version: 1.00.0006 - Seiko Epson Corporation)
Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version: - )
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{896667C8-53F8-47B8-B6B0-B113B10F05BC}) (Version: 1.20.0000 - SEIKO EPSON CORPORATION)
Epson Printer Connection Checker (HKLM-x32\...\{83475ED4-8CCD-4F42-B877-7E2CC2BBD97B}) (Version: 2.0.0.0 - Seiko Epson Corporation)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-420 Series Printer Uninstall (HKLM\...\EPSON XP-420 Series) (Version: - SEIKO EPSON Corporation)
Epson XP-420_424 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-420_424 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{DF5200AB-5AE6-4598-846B-8ABC3AE121B1}) (Version: 3.0.2.0 - SEIKO EPSON Corporation)
iCloud (HKLM\...\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}) (Version: 6.2.2.39 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\Juniper_Setup_Client) (Version: 7.4.13.48589 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junos Pulse (HKLM\...\{E59CEF5A-DD72-4EE5-98D2-62FE1265941B}) (Version: 3.1.34907 - Juniper Networks) Hidden
Junos Pulse 3.1 (HKLM-x32\...\Junos Pulse 3.1) (Version: 3.1.34907 - Juniper Networks, Inc.)
Malwarebytes version 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.9126.2116 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\OneDriveSetup.exe) (Version: 18.044.0301.0006 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{40F55150-F43D-4C9F-9A00-1A0A6F1EB7F0}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.2.6656 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29031 - Realtek Semiconductor Corp.)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.103 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 4.0.2.1 - IObit)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.01.01 - Toshiba Corporation)
Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.08.6402 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.8.2C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6625.6402 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.1.0001 - Toshiba Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.1.1 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 1.0.0.5C - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B1F241E1-90BF-4201-8977-A0DF85A38EBB}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0013 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Trend Micro OfficeScan Agent (HKLM-x32\...\OfficeScanNT) (Version: 11.0.1028 - Trend Micro Inc.)
Umbrella Roaming Client (HKLM-x32\...\{47904E32-6950-4AF8-8F86-7DEA7F51EB56}) (Version: 2.1.0.0 - OpenDNS)
Update for Skype for Business 2015 (KB4018334) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{43E657C8-617B-4062-9580-690699462328}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4018334) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{43E657C8-617B-4062-9580-690699462328}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4018334) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{43E657C8-617B-4062-9580-690699462328}) (Version: - Microsoft)
Utility Common Driver (HKLM-x32\...\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.53.1 - Compal) Hidden
Utility Common Driver (HKLM-x32\...\InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.53.1 - Compal) Hidden
WD Backup (HKLM-x32\...\{4AACAFC7-951A-4215-B430-3DFCFF2E6CED}) (Version: 1.5.5953.19614 - Western Digital Technologies, Inc) Hidden
WD Backup (HKLM-x32\...\{a8c9535a-ecd9-4172-a330-0cb5ff9dbed9}) (Version: 1.5.5953.19614 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{965D28B5-3C86-41FD-994E-D6376815C9B3}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\WhatsApp) (Version: 0.2.5863 - WhatsApp)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17350 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2870124582-2670056687-1688047813-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Myriam\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ContextMenuHandlers1: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-05-09] (Apple Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ContextMenuHandlers4: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2012-10-24] (Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1E4034C9-F27F-42CD-9F56-4CD675860005} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-24] (Microsoft Corporation)
Task: {3420D630-E1EA-4EBE-8456-F16F025B6331} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-30] (Microsoft Corporation)
Task: {368FCF03-7D08-4E0D-8CF0-8E62F92032D6} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
Task: {3EE45B0D-322F-4233-B049-21E6503BE25C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {3F2ADA94-AD3A-4888-8AD6-BD748EDF9B58} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-05-09] (Apple Inc.)
Task: {3F78C448-C324-4579-893B-28D0C73A78DD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-30] (Microsoft Corporation)
Task: {7096CB5A-E8C5-4DB1-9262-E0DBE560424A} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-12-17] (IObit)
Task: {75501669-22A7-4B7A-B445-5FEBA4CE9865} - System32\Tasks\EPSON XP-420 Series Update {CBC51009-C0F1-4B68-93C8-C3317DDE4B46} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {77770830-8886-4FA2-B3D1-54EAAF9323E7} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-12-09] (IObit)
Task: {8E7CB33A-A093-4773-BB05-57CF44CFEE48} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-19] (Dropbox, Inc.)
Task: {9B87DD21-09F6-4AC2-80DE-8AD9FBB5F199} - System32\Tasks\EPSON XP-420 Series Update {7506ED29-D2B3-408F-9C39-C6870A815C91} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {9E1F6F82-181A-491D-A86B-BEB2242D46BC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {AA0CF02E-543A-42CE-BD31-A987AA663C97} - System32\Tasks\{D6F156B6-B064-4539-92BF-5148DDA2DE3C} => C:\windows\system32\pcalua.exe -a C:\windows\UN091222.EXE -c /UNINST
Task: {AF711E7E-2FB4-4361-AC09-DB15D43A66DF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {B0732647-9201-4934-BC8C-EC9CC59514E3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-30] (Microsoft Corporation)
Task: {BEFC95F3-BF2B-4EA9-8A63-85A8326C1C1F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {BF1E62E2-FFE9-4644-B716-878B3F48BD8F} - System32\Tasks\Driver Booster SkipUAC (Myriam) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {C772D868-20AA-486B-9279-F62850BD871D} - System32\Tasks\{7A4FCD95-FFBF-464C-B5B8-1BB5836C4EB6} => C:\windows\system32\pcalua.exe -a F:\msert.exe -d F:\
Task: {C8A68697-E7BB-4FE9-97AD-362141F3F755} - System32\Tasks\StartMenu8_Start => C:\program files (x86)\iobit\Classic Start\Start_Active.exe [2016-11-15] ()
Task: {CBDABD43-0EA1-4668-86D9-F8ADD8A822C0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-03-30] (Microsoft Corporation)
Task: {DCBC3E2C-F360-4BBE-BB47-52004834554C} - System32\Tasks\EPSON XP-420 Series Update {EE36AA76-8C02-452D-AA01-97A485E70511} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {DEA0CD22-6315-4156-BBBF-379E19D52D4A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {DF34FF18-02C7-4293-87DD-945DF34EE050} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-19] (Dropbox, Inc.)
Task: {EEB51248-9A23-44BB-B9D7-5F644B9A55CD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-30] (Microsoft Corporation)
Task: {F4879460-98A3-4059-95A3-F8ABBC47C89A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-24] (Microsoft Corporation)
Task: {FABA927C-6F55-4E10-A056-61F9D91A9AFE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\EPSON XP-420 Series Update {7506ED29-D2B3-408F-9C39-C6870A815C91}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE:/EXE:{7506ED29-D2B3-408F-9C39-C6870A815C91} /F:UpdateWORKGROUP\MYMI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\windows\Tasks\StartMenu8_Start.job => C:\program files (x86)\iobit\Classic Start\Start_Active.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-31 14:55 - 2011-08-31 14:55 - 000801792 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\sqlite3.dll
2018-03-30 13:09 - 2018-02-05 14:44 - 002299168 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2007-05-16 12:42 - 2007-05-16 12:42 - 000089088 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\zlibwapi.dll
2012-12-19 05:06 - 2012-12-19 05:06 - 001300480 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\libprotobuf.dll
2013-01-16 10:19 - 2013-01-16 10:19 - 000048128 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\boost_date_time-vc110-mt-1_49.dll
2013-04-02 12:25 - 2013-04-02 12:25 - 000675840 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\sqlite3.dll
2013-01-16 10:23 - 2013-01-16 10:23 - 000058368 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\boost_thread-vc110-mt-1_49.dll
2012-07-26 02:58 - 2012-07-26 02:53 - 000170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-07-25 15:44 - 2012-07-25 15:35 - 000129024 _____ () C:\windows\system32\WinMetadata\Windows.UI.winmd
2012-07-25 15:44 - 2012-07-25 15:35 - 000036864 _____ () C:\windows\system32\WinMetadata\Windows.Data.winmd
2012-07-25 15:44 - 2012-07-25 15:35 - 000022016 _____ () C:\windows\system32\WinMetadata\Windows.Foundation.winmd
2011-10-15 07:31 - 2011-10-15 07:31 - 000431163 _____ () C:\Program Files (x86)\Common Files\Juniper Networks\WX Client\sqlite3.dll
2017-07-19 16:30 - 2015-12-29 11:30 - 000355616 _____ () C:\program files (x86)\iobit\Classic Start\madExcept_.bpl
2017-07-19 16:30 - 2015-12-29 11:29 - 000190240 _____ () C:\program files (x86)\iobit\Classic Start\madBasic_.bpl
2017-07-19 16:30 - 2015-12-29 11:30 - 000057632 _____ () C:\program files (x86)\iobit\Classic Start\madDisAsm_.bpl
2017-07-19 16:30 - 2015-12-29 11:30 - 000275576 _____ () C:\program files (x86)\iobit\Classic Start\sqlite3.dll
2017-07-19 16:30 - 2015-12-29 11:30 - 000059680 _____ () C:\program files (x86)\iobit\Classic Start\parseAuto.dll
2017-07-19 16:30 - 2016-10-20 09:59 - 000631072 _____ () C:\program files (x86)\iobit\Classic Start\ProductStatistics.dll
2017-07-19 16:30 - 2015-12-29 11:31 - 000047904 _____ () C:\program files (x86)\iobit\Classic Start\winkey.dll
2013-06-02 20:23 - 2012-06-26 04:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2017-06-12 13:41 - 2017-06-12 13:41 - 001037688 _____ () C:\Program Files (x86)\OpenDNS\Umbrella Roaming Client\libldns-1.dll
2017-06-12 13:42 - 2017-06-12 13:42 - 000047952 _____ () C:\Program Files (x86)\OpenDNS\Umbrella Roaming Client\libdcplugin_erc.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Umbrella_RC => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\sharepoint.com -> hxxps://wavetulane.sharepoint.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 00:26 - 2015-07-16 20:03 - 000000027 _____ C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 127.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8C631FDE-265F-4413-B795-C37E3304894B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{460AA8CF-B166-45B3-939B-BBE591AD603D}] => (Allow) LPort=2869
FirewallRules: [{CEC0AD45-93DC-424E-99A2-AC85F9BA8C2C}] => (Allow) LPort=1900
FirewallRules: [{A91F71E6-AE00-489D-BA4F-2D81706F3849}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{EB2D8515-0D1A-4244-B9E8-18B61BD9B067}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{5EC79733-02E8-4007-8B87-F0684EB91E4B}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{816BA1D5-48D6-4A23-9251-AB5AC3E070FB}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{36E4F7A8-C4BE-4D97-BFE5-D2F855E6BD1D}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{DD353AB8-174A-4770-8C8E-0EEEFEC603A7}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [TCP Query User{F266E0A6-7C72-4625-8114-E17805615B13}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B9F3856E-B474-4FFD-9654-AF13E9810797}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{EFEC3005-747B-477B-88C3-EE09EBA0148E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{112D68F8-6889-4D4C-81A6-6A3848FE1334}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{E8996EC8-2971-4F07-B4FC-3FBF21C87B03}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{38930CD3-E080-4F92-99BA-17422BFA3626}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{051ACE53-830E-4782-B126-536B3412AD3C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{39D4E517-272D-4572-8491-1452E4BDFA2E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{3EAB0BB4-8B60-47B1-8C21-7B87A17D08DE}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6E8B4FB5-C79A-4945-8C71-47894B0F6EAD}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [{5E65BE58-918E-48D4-9951-9AE950007AB3}] => (Allow) C:\Users\Myriam\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{7020F699-236B-486F-A9F9-F1DD681ABDDB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2AF9DC13-2540-4EF6-98BB-4C69378A1293}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5C3A11F2-E0AE-47E4-9C43-3733B0F7BB19}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9B8A3FB0-3360-4DB9-A294-7902293D456E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{5A8B45EA-A736-45F1-9E24-A30EAF8E60D9}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{B1498BD8-A57E-4846-9D14-9CCA426613B1}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{7808E7A1-C5B0-4116-987E-4E94667DD1DC}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{01D9D0A1-F735-4665-AA48-3D053E1FB675}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{25249221-0EED-480D-8306-F101B7C21BAA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{29763E86-D5F1-4301-89A4-25E81BB993FC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{2320B5E8-93BC-4943-AFD5-286B1184AA69}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6E82DDF3-2648-495B-BC4F-3F7B09349C27}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1AC58D3D-8399-4802-8C65-2102FAC89161}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{88AAFA3E-53B2-496C-8BA3-167110B58CFC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{54C7EB92-8886-4F71-813F-D32CEBE47C67}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FEED4B2F-E743-4242-AEE4-7C21C95B1FE1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C6A5ED18-9F65-4170-B325-E7912180B9D6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6DF3BB91-B359-461E-9D96-93F7F139FEDC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7CE942A9-91FD-4F52-9D21-D8BC7927750B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{7089CB11-6B33-4847-8377-1C8EFD96122E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{737D3152-B17C-44B9-AA1A-39EFD62E81C7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{EE339300-7A1E-48C4-942D-AAC7D1F312AF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{09FA5353-09CE-401B-8960-E97D2CA77182}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2F933BA3-5231-4F72-A2F7-CAAE9F5AF23D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{04A64927-F9F6-4F80-BEEE-70F40FE7F01C}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{AA62DBE2-BDD1-4BAB-AE40-716719A72661}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{3600B74B-1573-42F4-BE65-38B63FFFF908}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0B1B2B6D-B12F-47AE-AD8B-3205067D9B9B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4C3362D5-D221-47E2-A95A-FDDC3B80C659}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{83D67A63-F8AF-4DC5-B042-B97005D123BE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{8F1FB95C-E62D-46B6-A5CC-A4B9BFC6DEDB}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BF606A8D-7838-4472-B2FB-6D217D2669D7}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0610831C-40A5-4712-B382-E9E66F2A092A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9D7E90B9-603F-4F1C-94E4-E9E629B947CE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{AE5277CA-15C3-497E-8F78-A870ABE2C276}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{59222862-1874-48FD-8961-32E6720E85BC}] => (Allow) LPort=35188
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/15/2018 12:15:36 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/15/2018 11:25:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Scheduler.exe, version: 2.0.0.58, time stamp: 0x548ffb1a
Faulting module name: rtl120.bpl, version: 6.2.9200.17581, time stamp: 0x5644f0df
Exception code: 0xc0000135
Fault offset: 0x00078dd2
Faulting process id: 0x1430
Faulting application start time: 0x01d3d4d661ccd9c5
Faulting application path: C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
Faulting module path: rtl120.bpl
Report Id: a37d06b7-40c9-11e8-8462-b888e31f69d2
Faulting package full name:
Faulting package-relative application ID:
Error: (04/15/2018 11:16:15 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {fceea86b-2917-404a-9169-a058cdd8e5cc}
Error: (04/15/2018 09:16:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MYMI)
Description: Activation of app SymantecCorporation.NortonStudio_v68kp9n051hdp!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (04/15/2018 09:14:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MYMI)
Description: Activation of app SymantecCorporation.NortonStudio_v68kp9n051hdp!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (04/15/2018 09:13:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.2.9200.16384, time stamp: 0x5010a994
Faulting module name: ntdll.dll, version: 6.2.9200.17581, time stamp: 0x5644f0df
Exception code: 0x060c201e
Fault offset: 0x0009cfcf
Faulting process id: 0xe50
Faulting application start time: 0x01d3d4c3faabd01b
Faulting application path: C:\windows\syswow64\backgroundTaskHost.exe
Faulting module path: C:\windows\SYSTEM32\ntdll.dll
Report Id: 39a6297e-40b7-11e8-8461-b888e31f69d2
Faulting package full name: SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp
Faulting package-relative application ID: App
Error: (04/15/2018 09:10:02 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.
Context: Windows Application
Details:
The volume change journal is being deleted. (HRESULT : 0x8007049a) (0x8007049a)
Error: (04/14/2018 12:39:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MYMI)
Description: Activation of app SymantecCorporation.NortonStudio_v68kp9n051hdp!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
System errors:
=============
Error: (04/15/2018 12:27:50 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (04/15/2018 11:18:11 AM) (Source: DCOM) (EventID: 10010) (User: MYMI)
Description: The server {2E3EA04A-5ECA-47C0-9CD1-AEFDF7BEFC20} did not register with DCOM within the required timeout.
Error: (04/15/2018 11:16:54 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
An instance of the service is already running.
Error: (04/15/2018 11:16:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (04/15/2018 11:16:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (04/15/2018 11:16:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The IconMan_R service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (04/15/2018 11:16:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).
Error: (04/15/2018 11:16:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel(R) Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Windows Defender:
===================================
Date: 2015-08-26 21:27:39.607
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {A04ADA9C-F7F3-486A-B07C-AAC75ACCEBF0}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-24 20:26:43.326
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {F461CD8C-E934-4A19-8EE8-F81A83E7B50D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-23 12:23:35.723
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {3E3BD3DF-60D4-4691-B9C7-B66562A8A83B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-23 11:54:38.352
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {704B85F8-6E1B-40EC-B34E-80757DDBABCF}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-23 11:23:19.772
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {8242F810-20EE-49D9-ADD0-BDE6903B0F5D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-27 20:51:23.134
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2015-08-27 20:51:23.133
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2015-08-24 21:06:29.167
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2015-08-24 21:06:29.167
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2015-08-23 21:12:57.447
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x800704c7
Error description: The operation was canceled by the user.
CodeIntegrity:
===================================
Date: 2018-04-15 09:13:52.393
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-13 13:31:59.583
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-06 21:25:32.931
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-05 09:27:07.714
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-04 14:39:09.898
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\Settings.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-04 06:35:56.696
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\Settings.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-03-30 16:38:37.003
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-03-29 15:12:36.881
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 68%
Total physical RAM: 6033.95 MB
Available physical RAM: 1878.63 MB
Total Virtual: 12177.95 MB
Available Virtual: 7409.86 MB
==================== Drives ================================
Drive c: (TI10658800D) (Fixed) (Total:687.39 GB) (Free:446.04 GB) NTFS
Drive f: (My Passport) (Fixed) (Total:1862.98 GB) (Free:428.33 GB) NTFS
Drive g: (HD-GDU3) (Fixed) (Total:2794.52 GB) (Free:254.12 GB) NTFS
\\?\Volume{8c37a611-60fa-11e2-b77c-b888e3139d3f}\ (System) (Fixed) (Total:0.44 GB) (Free:0.15 GB) NTFS
\\?\Volume{066ae605-4bc9-405f-a6f8-534e3fb93882}\ (Recovery) (Fixed) (Total:10.43 GB) (Free:0.68 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 698.6 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 356187B6)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== End of Addition.txt ============================
Ran by Myriam (15-04-2018 15:07:21)
Running from C:\Users\Myriam\Desktop
Windows 8 (X64) (2013-06-16 17:41:35)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2870124582-2670056687-1688047813-500 - Administrator - Disabled)
Guest (S-1-5-21-2870124582-2670056687-1688047813-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2870124582-2670056687-1688047813-1003 - Limited - Enabled)
Myriam (S-1-5-21-2870124582-2670056687-1688047813-1001 - Administrator - Enabled) => C:\Users\Myriam
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Trend Micro OfficeScan Antivirus (Enabled - Up to date) {F2F88E6A-3C7A-545F-268A-5D0BDD38EE06}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro OfficeScan Anti-spyware (Enabled - Up to date) {49996F8E-1A40-5BD1-1C3A-6679A6BFA4BB}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
123 Free Solitaire v10.3 (HKLM-x32\...\123 Free Solitaire_is1) (Version: - TreeCardGames)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Box Sync (HKLM-x32\...\{25e2ab6e-0bb9-479e-947c-5dd5f6a309a6}) (Version: 4.0.7800.0 - Box Inc.) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 47.4.74 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
e5 Secure Download Manager (HKLM-x32\...\{6A979889-133D-4E64-99BB-1DA983CDCE75}) (Version: 3.2.262.0 - Kivuto Solutions Inc.)
Easy Photo Scan (HKLM-x32\...\{1A6DED1E-A024-455D-AA82-203D6B3B0CBC}) (Version: 1.00.0006 - Seiko Epson Corporation)
Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version: - )
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{896667C8-53F8-47B8-B6B0-B113B10F05BC}) (Version: 1.20.0000 - SEIKO EPSON CORPORATION)
Epson Printer Connection Checker (HKLM-x32\...\{83475ED4-8CCD-4F42-B877-7E2CC2BBD97B}) (Version: 2.0.0.0 - Seiko Epson Corporation)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-420 Series Printer Uninstall (HKLM\...\EPSON XP-420 Series) (Version: - SEIKO EPSON Corporation)
Epson XP-420_424 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-420_424 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{DF5200AB-5AE6-4598-846B-8ABC3AE121B1}) (Version: 3.0.2.0 - SEIKO EPSON Corporation)
iCloud (HKLM\...\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}) (Version: 6.2.2.39 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\Juniper_Setup_Client) (Version: 7.4.13.48589 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junos Pulse (HKLM\...\{E59CEF5A-DD72-4EE5-98D2-62FE1265941B}) (Version: 3.1.34907 - Juniper Networks) Hidden
Junos Pulse 3.1 (HKLM-x32\...\Junos Pulse 3.1) (Version: 3.1.34907 - Juniper Networks, Inc.)
Malwarebytes version 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.9126.2116 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\OneDriveSetup.exe) (Version: 18.044.0301.0006 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{40F55150-F43D-4C9F-9A00-1A0A6F1EB7F0}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.2.6656 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29031 - Realtek Semiconductor Corp.)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.103 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 4.0.2.1 - IObit)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.01.01 - Toshiba Corporation)
Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.08.6402 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.8.2C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6625.6402 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.1.0001 - Toshiba Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.1.1 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 1.0.0.5C - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B1F241E1-90BF-4201-8977-A0DF85A38EBB}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0013 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Trend Micro OfficeScan Agent (HKLM-x32\...\OfficeScanNT) (Version: 11.0.1028 - Trend Micro Inc.)
Umbrella Roaming Client (HKLM-x32\...\{47904E32-6950-4AF8-8F86-7DEA7F51EB56}) (Version: 2.1.0.0 - OpenDNS)
Update for Skype for Business 2015 (KB4018334) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{43E657C8-617B-4062-9580-690699462328}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4018334) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{43E657C8-617B-4062-9580-690699462328}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4018334) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{43E657C8-617B-4062-9580-690699462328}) (Version: - Microsoft)
Utility Common Driver (HKLM-x32\...\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.53.1 - Compal) Hidden
Utility Common Driver (HKLM-x32\...\InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.53.1 - Compal) Hidden
WD Backup (HKLM-x32\...\{4AACAFC7-951A-4215-B430-3DFCFF2E6CED}) (Version: 1.5.5953.19614 - Western Digital Technologies, Inc) Hidden
WD Backup (HKLM-x32\...\{a8c9535a-ecd9-4172-a330-0cb5ff9dbed9}) (Version: 1.5.5953.19614 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{965D28B5-3C86-41FD-994E-D6376815C9B3}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\WhatsApp) (Version: 0.2.5863 - WhatsApp)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17350 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2870124582-2670056687-1688047813-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Myriam\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ContextMenuHandlers1: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-05-09] (Apple Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ContextMenuHandlers4: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-09] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2012-10-24] (Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1E4034C9-F27F-42CD-9F56-4CD675860005} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-24] (Microsoft Corporation)
Task: {3420D630-E1EA-4EBE-8456-F16F025B6331} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-30] (Microsoft Corporation)
Task: {368FCF03-7D08-4E0D-8CF0-8E62F92032D6} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
Task: {3EE45B0D-322F-4233-B049-21E6503BE25C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {3F2ADA94-AD3A-4888-8AD6-BD748EDF9B58} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-05-09] (Apple Inc.)
Task: {3F78C448-C324-4579-893B-28D0C73A78DD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-30] (Microsoft Corporation)
Task: {7096CB5A-E8C5-4DB1-9262-E0DBE560424A} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-12-17] (IObit)
Task: {75501669-22A7-4B7A-B445-5FEBA4CE9865} - System32\Tasks\EPSON XP-420 Series Update {CBC51009-C0F1-4B68-93C8-C3317DDE4B46} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {77770830-8886-4FA2-B3D1-54EAAF9323E7} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-12-09] (IObit)
Task: {8E7CB33A-A093-4773-BB05-57CF44CFEE48} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-19] (Dropbox, Inc.)
Task: {9B87DD21-09F6-4AC2-80DE-8AD9FBB5F199} - System32\Tasks\EPSON XP-420 Series Update {7506ED29-D2B3-408F-9C39-C6870A815C91} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {9E1F6F82-181A-491D-A86B-BEB2242D46BC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {AA0CF02E-543A-42CE-BD31-A987AA663C97} - System32\Tasks\{D6F156B6-B064-4539-92BF-5148DDA2DE3C} => C:\windows\system32\pcalua.exe -a C:\windows\UN091222.EXE -c /UNINST
Task: {AF711E7E-2FB4-4361-AC09-DB15D43A66DF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {B0732647-9201-4934-BC8C-EC9CC59514E3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-30] (Microsoft Corporation)
Task: {BEFC95F3-BF2B-4EA9-8A63-85A8326C1C1F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {BF1E62E2-FFE9-4644-B716-878B3F48BD8F} - System32\Tasks\Driver Booster SkipUAC (Myriam) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {C772D868-20AA-486B-9279-F62850BD871D} - System32\Tasks\{7A4FCD95-FFBF-464C-B5B8-1BB5836C4EB6} => C:\windows\system32\pcalua.exe -a F:\msert.exe -d F:\
Task: {C8A68697-E7BB-4FE9-97AD-362141F3F755} - System32\Tasks\StartMenu8_Start => C:\program files (x86)\iobit\Classic Start\Start_Active.exe [2016-11-15] ()
Task: {CBDABD43-0EA1-4668-86D9-F8ADD8A822C0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-03-30] (Microsoft Corporation)
Task: {DCBC3E2C-F360-4BBE-BB47-52004834554C} - System32\Tasks\EPSON XP-420 Series Update {EE36AA76-8C02-452D-AA01-97A485E70511} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {DEA0CD22-6315-4156-BBBF-379E19D52D4A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {DF34FF18-02C7-4293-87DD-945DF34EE050} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-19] (Dropbox, Inc.)
Task: {EEB51248-9A23-44BB-B9D7-5F644B9A55CD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-30] (Microsoft Corporation)
Task: {F4879460-98A3-4059-95A3-F8ABBC47C89A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-24] (Microsoft Corporation)
Task: {FABA927C-6F55-4E10-A056-61F9D91A9AFE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\EPSON XP-420 Series Update {7506ED29-D2B3-408F-9C39-C6870A815C91}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE:/EXE:{7506ED29-D2B3-408F-9C39-C6870A815C91} /F:UpdateWORKGROUP\MYMI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\windows\Tasks\StartMenu8_Start.job => C:\program files (x86)\iobit\Classic Start\Start_Active.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-31 14:55 - 2011-08-31 14:55 - 000801792 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\sqlite3.dll
2018-03-30 13:09 - 2018-02-05 14:44 - 002299168 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2007-05-16 12:42 - 2007-05-16 12:42 - 000089088 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\zlibwapi.dll
2012-12-19 05:06 - 2012-12-19 05:06 - 001300480 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\libprotobuf.dll
2013-01-16 10:19 - 2013-01-16 10:19 - 000048128 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\boost_date_time-vc110-mt-1_49.dll
2013-04-02 12:25 - 2013-04-02 12:25 - 000675840 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\sqlite3.dll
2013-01-16 10:23 - 2013-01-16 10:23 - 000058368 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\boost_thread-vc110-mt-1_49.dll
2012-07-26 02:58 - 2012-07-26 02:53 - 000170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-07-25 15:44 - 2012-07-25 15:35 - 000129024 _____ () C:\windows\system32\WinMetadata\Windows.UI.winmd
2012-07-25 15:44 - 2012-07-25 15:35 - 000036864 _____ () C:\windows\system32\WinMetadata\Windows.Data.winmd
2012-07-25 15:44 - 2012-07-25 15:35 - 000022016 _____ () C:\windows\system32\WinMetadata\Windows.Foundation.winmd
2011-10-15 07:31 - 2011-10-15 07:31 - 000431163 _____ () C:\Program Files (x86)\Common Files\Juniper Networks\WX Client\sqlite3.dll
2017-07-19 16:30 - 2015-12-29 11:30 - 000355616 _____ () C:\program files (x86)\iobit\Classic Start\madExcept_.bpl
2017-07-19 16:30 - 2015-12-29 11:29 - 000190240 _____ () C:\program files (x86)\iobit\Classic Start\madBasic_.bpl
2017-07-19 16:30 - 2015-12-29 11:30 - 000057632 _____ () C:\program files (x86)\iobit\Classic Start\madDisAsm_.bpl
2017-07-19 16:30 - 2015-12-29 11:30 - 000275576 _____ () C:\program files (x86)\iobit\Classic Start\sqlite3.dll
2017-07-19 16:30 - 2015-12-29 11:30 - 000059680 _____ () C:\program files (x86)\iobit\Classic Start\parseAuto.dll
2017-07-19 16:30 - 2016-10-20 09:59 - 000631072 _____ () C:\program files (x86)\iobit\Classic Start\ProductStatistics.dll
2017-07-19 16:30 - 2015-12-29 11:31 - 000047904 _____ () C:\program files (x86)\iobit\Classic Start\winkey.dll
2013-06-02 20:23 - 2012-06-26 04:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2017-06-12 13:41 - 2017-06-12 13:41 - 001037688 _____ () C:\Program Files (x86)\OpenDNS\Umbrella Roaming Client\libldns-1.dll
2017-06-12 13:42 - 2017-06-12 13:42 - 000047952 _____ () C:\Program Files (x86)\OpenDNS\Umbrella Roaming Client\libdcplugin_erc.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Umbrella_RC => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\sharepoint.com -> hxxps://wavetulane.sharepoint.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 00:26 - 2015-07-16 20:03 - 000000027 _____ C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 127.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8C631FDE-265F-4413-B795-C37E3304894B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{460AA8CF-B166-45B3-939B-BBE591AD603D}] => (Allow) LPort=2869
FirewallRules: [{CEC0AD45-93DC-424E-99A2-AC85F9BA8C2C}] => (Allow) LPort=1900
FirewallRules: [{A91F71E6-AE00-489D-BA4F-2D81706F3849}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{EB2D8515-0D1A-4244-B9E8-18B61BD9B067}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{5EC79733-02E8-4007-8B87-F0684EB91E4B}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{816BA1D5-48D6-4A23-9251-AB5AC3E070FB}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{36E4F7A8-C4BE-4D97-BFE5-D2F855E6BD1D}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{DD353AB8-174A-4770-8C8E-0EEEFEC603A7}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [TCP Query User{F266E0A6-7C72-4625-8114-E17805615B13}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B9F3856E-B474-4FFD-9654-AF13E9810797}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{EFEC3005-747B-477B-88C3-EE09EBA0148E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{112D68F8-6889-4D4C-81A6-6A3848FE1334}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{E8996EC8-2971-4F07-B4FC-3FBF21C87B03}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{38930CD3-E080-4F92-99BA-17422BFA3626}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{051ACE53-830E-4782-B126-536B3412AD3C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{39D4E517-272D-4572-8491-1452E4BDFA2E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{3EAB0BB4-8B60-47B1-8C21-7B87A17D08DE}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6E8B4FB5-C79A-4945-8C71-47894B0F6EAD}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [{5E65BE58-918E-48D4-9951-9AE950007AB3}] => (Allow) C:\Users\Myriam\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{7020F699-236B-486F-A9F9-F1DD681ABDDB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2AF9DC13-2540-4EF6-98BB-4C69378A1293}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5C3A11F2-E0AE-47E4-9C43-3733B0F7BB19}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9B8A3FB0-3360-4DB9-A294-7902293D456E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{5A8B45EA-A736-45F1-9E24-A30EAF8E60D9}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{B1498BD8-A57E-4846-9D14-9CCA426613B1}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{7808E7A1-C5B0-4116-987E-4E94667DD1DC}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{01D9D0A1-F735-4665-AA48-3D053E1FB675}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{25249221-0EED-480D-8306-F101B7C21BAA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{29763E86-D5F1-4301-89A4-25E81BB993FC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{2320B5E8-93BC-4943-AFD5-286B1184AA69}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6E82DDF3-2648-495B-BC4F-3F7B09349C27}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1AC58D3D-8399-4802-8C65-2102FAC89161}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{88AAFA3E-53B2-496C-8BA3-167110B58CFC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{54C7EB92-8886-4F71-813F-D32CEBE47C67}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FEED4B2F-E743-4242-AEE4-7C21C95B1FE1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C6A5ED18-9F65-4170-B325-E7912180B9D6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6DF3BB91-B359-461E-9D96-93F7F139FEDC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7CE942A9-91FD-4F52-9D21-D8BC7927750B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{7089CB11-6B33-4847-8377-1C8EFD96122E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{737D3152-B17C-44B9-AA1A-39EFD62E81C7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{EE339300-7A1E-48C4-942D-AAC7D1F312AF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{09FA5353-09CE-401B-8960-E97D2CA77182}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2F933BA3-5231-4F72-A2F7-CAAE9F5AF23D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{04A64927-F9F6-4F80-BEEE-70F40FE7F01C}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{AA62DBE2-BDD1-4BAB-AE40-716719A72661}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{3600B74B-1573-42F4-BE65-38B63FFFF908}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0B1B2B6D-B12F-47AE-AD8B-3205067D9B9B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4C3362D5-D221-47E2-A95A-FDDC3B80C659}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{83D67A63-F8AF-4DC5-B042-B97005D123BE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{8F1FB95C-E62D-46B6-A5CC-A4B9BFC6DEDB}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BF606A8D-7838-4472-B2FB-6D217D2669D7}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0610831C-40A5-4712-B382-E9E66F2A092A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9D7E90B9-603F-4F1C-94E4-E9E629B947CE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{AE5277CA-15C3-497E-8F78-A870ABE2C276}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{59222862-1874-48FD-8961-32E6720E85BC}] => (Allow) LPort=35188
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/15/2018 12:15:36 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/15/2018 11:25:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Scheduler.exe, version: 2.0.0.58, time stamp: 0x548ffb1a
Faulting module name: rtl120.bpl, version: 6.2.9200.17581, time stamp: 0x5644f0df
Exception code: 0xc0000135
Fault offset: 0x00078dd2
Faulting process id: 0x1430
Faulting application start time: 0x01d3d4d661ccd9c5
Faulting application path: C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
Faulting module path: rtl120.bpl
Report Id: a37d06b7-40c9-11e8-8462-b888e31f69d2
Faulting package full name:
Faulting package-relative application ID:
Error: (04/15/2018 11:16:15 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {fceea86b-2917-404a-9169-a058cdd8e5cc}
Error: (04/15/2018 09:16:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MYMI)
Description: Activation of app SymantecCorporation.NortonStudio_v68kp9n051hdp!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (04/15/2018 09:14:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MYMI)
Description: Activation of app SymantecCorporation.NortonStudio_v68kp9n051hdp!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (04/15/2018 09:13:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.2.9200.16384, time stamp: 0x5010a994
Faulting module name: ntdll.dll, version: 6.2.9200.17581, time stamp: 0x5644f0df
Exception code: 0x060c201e
Fault offset: 0x0009cfcf
Faulting process id: 0xe50
Faulting application start time: 0x01d3d4c3faabd01b
Faulting application path: C:\windows\syswow64\backgroundTaskHost.exe
Faulting module path: C:\windows\SYSTEM32\ntdll.dll
Report Id: 39a6297e-40b7-11e8-8461-b888e31f69d2
Faulting package full name: SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp
Faulting package-relative application ID: App
Error: (04/15/2018 09:10:02 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.
Context: Windows Application
Details:
The volume change journal is being deleted. (HRESULT : 0x8007049a) (0x8007049a)
Error: (04/14/2018 12:39:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MYMI)
Description: Activation of app SymantecCorporation.NortonStudio_v68kp9n051hdp!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
System errors:
=============
Error: (04/15/2018 12:27:50 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (04/15/2018 11:18:11 AM) (Source: DCOM) (EventID: 10010) (User: MYMI)
Description: The server {2E3EA04A-5ECA-47C0-9CD1-AEFDF7BEFC20} did not register with DCOM within the required timeout.
Error: (04/15/2018 11:16:54 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
An instance of the service is already running.
Error: (04/15/2018 11:16:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (04/15/2018 11:16:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (04/15/2018 11:16:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The IconMan_R service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (04/15/2018 11:16:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).
Error: (04/15/2018 11:16:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel(R) Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Windows Defender:
===================================
Date: 2015-08-26 21:27:39.607
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {A04ADA9C-F7F3-486A-B07C-AAC75ACCEBF0}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-24 20:26:43.326
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {F461CD8C-E934-4A19-8EE8-F81A83E7B50D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-23 12:23:35.723
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {3E3BD3DF-60D4-4691-B9C7-B66562A8A83B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-23 11:54:38.352
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {704B85F8-6E1B-40EC-B34E-80757DDBABCF}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-23 11:23:19.772
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {8242F810-20EE-49D9-ADD0-BDE6903B0F5D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-27 20:51:23.134
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2015-08-27 20:51:23.133
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2015-08-24 21:06:29.167
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2015-08-24 21:06:29.167
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2015-08-23 21:12:57.447
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x800704c7
Error description: The operation was canceled by the user.
CodeIntegrity:
===================================
Date: 2018-04-15 09:13:52.393
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-13 13:31:59.583
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-06 21:25:32.931
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-05 09:27:07.714
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-04 14:39:09.898
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\Settings.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-04 06:35:56.696
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\Settings.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-03-30 16:38:37.003
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-03-29 15:12:36.881
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 68%
Total physical RAM: 6033.95 MB
Available physical RAM: 1878.63 MB
Total Virtual: 12177.95 MB
Available Virtual: 7409.86 MB
==================== Drives ================================
Drive c: (TI10658800D) (Fixed) (Total:687.39 GB) (Free:446.04 GB) NTFS
Drive f: (My Passport) (Fixed) (Total:1862.98 GB) (Free:428.33 GB) NTFS
Drive g: (HD-GDU3) (Fixed) (Total:2794.52 GB) (Free:254.12 GB) NTFS
\\?\Volume{8c37a611-60fa-11e2-b77c-b888e3139d3f}\ (System) (Fixed) (Total:0.44 GB) (Free:0.15 GB) NTFS
\\?\Volume{066ae605-4bc9-405f-a6f8-534e3fb93882}\ (Recovery) (Fixed) (Total:10.43 GB) (Free:0.68 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 698.6 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 356187B6)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== End of Addition.txt ============================