Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.04.2018
Ran by Myriam (25-04-2018 18:40:25)
Running from C:\Users\Myriam\Downloads
Windows 8 (X64) (2013-06-16 17:41:35)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2870124582-2670056687-1688047813-500 - Administrator - Disabled)
Guest (S-1-5-21-2870124582-2670056687-1688047813-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2870124582-2670056687-1688047813-1003 - Limited - Enabled)
Myriam (S-1-5-21-2870124582-2670056687-1688047813-1001 - Administrator - Enabled) => C:\Users\Myriam
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Trend Micro OfficeScan Antivirus (Disabled - Up to date) {F2F88E6A-3C7A-545F-268A-5D0BDD38EE06}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro OfficeScan Anti-spyware (Disabled - Up to date) {49996F8E-1A40-5BD1-1C3A-6679A6BFA4BB}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
123 Free Solitaire v10.3 (HKLM-x32\...\123 Free Solitaire_is1) (Version: - TreeCardGames)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Box Sync (HKLM-x32\...\{25e2ab6e-0bb9-479e-947c-5dd5f6a309a6}) (Version: 4.0.7800.0 - Box Inc.) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 48.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
e5 Secure Download Manager (HKLM-x32\...\{6A979889-133D-4E64-99BB-1DA983CDCE75}) (Version: 3.2.262.0 - Kivuto Solutions Inc.)
Easy Photo Scan (HKLM-x32\...\{1A6DED1E-A024-455D-AA82-203D6B3B0CBC}) (Version: 1.00.0006 - Seiko Epson Corporation)
Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version: - )
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{896667C8-53F8-47B8-B6B0-B113B10F05BC}) (Version: 1.20.0000 - SEIKO EPSON CORPORATION)
Epson Printer Connection Checker (HKLM-x32\...\{83475ED4-8CCD-4F42-B877-7E2CC2BBD97B}) (Version: 2.0.0.0 - Seiko Epson Corporation)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-420 Series Printer Uninstall (HKLM\...\EPSON XP-420 Series) (Version: - SEIKO EPSON Corporation)
Epson XP-420_424 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-420_424 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{DF5200AB-5AE6-4598-846B-8ABC3AE121B1}) (Version: 3.0.2.0 - SEIKO EPSON Corporation)
iCloud (HKLM\...\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}) (Version: 6.2.2.39 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\Juniper_Setup_Client) (Version: 7.4.13.48589 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junos Pulse (HKLM\...\{E59CEF5A-DD72-4EE5-98D2-62FE1265941B}) (Version: 3.1.34907 - Juniper Networks) Hidden
Junos Pulse 3.1 (HKLM-x32\...\Junos Pulse 3.1) (Version: 3.1.34907 - Juniper Networks, Inc.)
Malwarebytes version 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\OneDriveSetup.exe) (Version: 18.044.0301.0006 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{40F55150-F43D-4C9F-9A00-1A0A6F1EB7F0}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.2.6656 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29031 - Realtek Semiconductor Corp.)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.103 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 4.0.2.1 - IObit)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.01.01 - Toshiba Corporation)
Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.08.6402 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.8.2C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6625.6402 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.1.0001 - Toshiba Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.1.1 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 1.0.0.5C - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B1F241E1-90BF-4201-8977-A0DF85A38EBB}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0013 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Trend Micro OfficeScan Agent (HKLM-x32\...\OfficeScanNT) (Version: 11.0.1028 - Trend Micro Inc.)
Umbrella Roaming Client (HKLM-x32\...\{47904E32-6950-4AF8-8F86-7DEA7F51EB56}) (Version: 2.1.0.0 - OpenDNS)
Update for Skype for Business 2015 (KB4018334) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{43E657C8-617B-4062-9580-690699462328}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4018334) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{43E657C8-617B-4062-9580-690699462328}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4018334) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{43E657C8-617B-4062-9580-690699462328}) (Version: - Microsoft)
Utility Common Driver (HKLM-x32\...\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.53.1 - Compal) Hidden
Utility Common Driver (HKLM-x32\...\InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.53.1 - Compal) Hidden
WD Backup (HKLM-x32\...\{4AACAFC7-951A-4215-B430-3DFCFF2E6CED}) (Version: 1.5.5953.19614 - Western Digital Technologies, Inc) Hidden
WD Backup (HKLM-x32\...\{a8c9535a-ecd9-4172-a330-0cb5ff9dbed9}) (Version: 1.5.5953.19614 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{965D28B5-3C86-41FD-994E-D6376815C9B3}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\WhatsApp) (Version: 0.2.5863 - WhatsApp)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17350 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2870124582-2670056687-1688047813-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Myriam\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-05-09] (Apple Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2012-10-24] (Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {360FE453-2428-4F01-B1E5-24B386904358} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-04-15] (Microsoft Corporation)
Task: {368FCF03-7D08-4E0D-8CF0-8E62F92032D6} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
Task: {3EE45B0D-322F-4233-B049-21E6503BE25C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {3F2ADA94-AD3A-4888-8AD6-BD748EDF9B58} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-05-09] (Apple Inc.)
Task: {75501669-22A7-4B7A-B445-5FEBA4CE9865} - System32\Tasks\EPSON XP-420 Series Update {CBC51009-C0F1-4B68-93C8-C3317DDE4B46} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {8E7CB33A-A093-4773-BB05-57CF44CFEE48} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-19] (Dropbox, Inc.)
Task: {8F5A2E53-2812-4A40-A6F9-0622F3E9FD82} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-04-15] (Microsoft Corporation)
Task: {99397F8A-0D69-40F7-9134-8718B2010CE4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-04-15] (Microsoft Corporation)
Task: {9B87DD21-09F6-4AC2-80DE-8AD9FBB5F199} - System32\Tasks\EPSON XP-420 Series Update {7506ED29-D2B3-408F-9C39-C6870A815C91} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {9E1F6F82-181A-491D-A86B-BEB2242D46BC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {9F5D5947-999C-4963-B43E-082A09152D56} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-06] (Microsoft Corporation)
Task: {AA0CF02E-543A-42CE-BD31-A987AA663C97} - System32\Tasks\{D6F156B6-B064-4539-92BF-5148DDA2DE3C} => C:\windows\system32\pcalua.exe -a C:\windows\UN091222.EXE -c /UNINST
Task: {AF711E7E-2FB4-4361-AC09-DB15D43A66DF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {BCB470AA-EE57-4363-83BF-9E81AA6C6C67} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-04-15] (Microsoft Corporation)
Task: {BEFC95F3-BF2B-4EA9-8A63-85A8326C1C1F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {C772D868-20AA-486B-9279-F62850BD871D} - System32\Tasks\{7A4FCD95-FFBF-464C-B5B8-1BB5836C4EB6} => C:\windows\system32\pcalua.exe -a F:\msert.exe -d F:\
Task: {C8A68697-E7BB-4FE9-97AD-362141F3F755} - System32\Tasks\StartMenu8_Start => C:\program files (x86)\iobit\Classic Start\Start_Active.exe
Task: {CBDABD43-0EA1-4668-86D9-F8ADD8A822C0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-04-15] (Microsoft Corporation)
Task: {DCBC3E2C-F360-4BBE-BB47-52004834554C} - System32\Tasks\EPSON XP-420 Series Update {EE36AA76-8C02-452D-AA01-97A485E70511} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {DEA0CD22-6315-4156-BBBF-379E19D52D4A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {DF34FF18-02C7-4293-87DD-945DF34EE050} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-19] (Dropbox, Inc.)
Task: {F15B1B5E-E9A0-43A7-8DA1-E9024CC09AED} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-06] (Microsoft Corporation)
Task: {FABA927C-6F55-4E10-A056-61F9D91A9AFE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\EPSON XP-420 Series Update {7506ED29-D2B3-408F-9C39-C6870A815C91}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE:/EXE:{7506ED29-D2B3-408F-9C39-C6870A815C91} /F:UpdateWORKGROUP\MYMI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-31 14:55 - 2011-08-31 14:55 - 000801792 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\sqlite3.dll
2007-05-16 12:42 - 2007-05-16 12:42 - 000089088 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\zlibwapi.dll
2012-12-19 05:06 - 2012-12-19 05:06 - 001300480 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\libprotobuf.dll
2012-10-24 01:44 - 2012-10-24 01:44 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-30 16:34 - 2012-08-30 16:34 - 002609064 _____ () C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
2012-07-18 20:38 - 2012-07-18 20:38 - 000020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-18 20:38 - 2012-07-18 20:38 - 000049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2012-08-13 21:13 - 2012-08-13 21:13 - 000018344 _____ () C:\Program Files\Toshiba\Teco\TecoMUI.dll
2011-08-12 16:57 - 2011-08-12 16:57 - 000437632 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe
2012-07-26 02:58 - 2012-07-26 02:53 - 000170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-08-04 17:01 - 2012-08-04 17:01 - 000213136 _____ () C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
2017-05-09 03:05 - 2017-05-09 03:05 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-05-09 03:05 - 2017-05-09 03:05 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
2013-01-16 10:19 - 2013-01-16 10:19 - 000048128 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\boost_date_time-vc110-mt-1_49.dll
2013-04-02 12:25 - 2013-04-02 12:25 - 000675840 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\sqlite3.dll
2013-01-16 10:23 - 2013-01-16 10:23 - 000058368 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\boost_thread-vc110-mt-1_49.dll
2011-10-15 07:31 - 2011-10-15 07:31 - 000431163 _____ () C:\Program Files (x86)\Common Files\Juniper Networks\WX Client\sqlite3.dll
2017-05-09 00:45 - 2017-05-09 00:45 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-06-12 13:41 - 2017-06-12 13:41 - 001037688 _____ () C:\Program Files (x86)\OpenDNS\Umbrella Roaming Client\libldns-1.dll
2017-06-12 13:42 - 2017-06-12 13:42 - 000047952 _____ () C:\Program Files (x86)\OpenDNS\Umbrella Roaming Client\libdcplugin_erc.dll
2013-06-02 20:23 - 2012-06-26 04:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2018-04-25 18:37 - 2018-04-23 05:15 - 000866120 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-04-25 18:37 - 2018-04-23 05:15 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-04-25 18:37 - 2018-04-23 05:15 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2018-04-11 19:59 - 2018-04-23 05:16 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2018-04-11 19:59 - 2018-04-23 05:15 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2018-04-25 18:37 - 2018-04-23 05:15 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000114136 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-04-11 19:59 - 2018-04-23 05:16 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-04-25 18:37 - 2018-04-23 05:17 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-04-25 18:37 - 2018-04-23 05:17 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-04-25 18:37 - 2018-04-23 05:16 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-04-25 18:37 - 2018-04-23 05:17 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Umbrella_RC => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\sharepoint.com -> hxxps://wavetulane.sharepoint.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 00:26 - 2015-07-16 20:03 - 000000027 _____ C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 127.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8C631FDE-265F-4413-B795-C37E3304894B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{460AA8CF-B166-45B3-939B-BBE591AD603D}] => (Allow) LPort=2869
FirewallRules: [{CEC0AD45-93DC-424E-99A2-AC85F9BA8C2C}] => (Allow) LPort=1900
FirewallRules: [{A91F71E6-AE00-489D-BA4F-2D81706F3849}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{EB2D8515-0D1A-4244-B9E8-18B61BD9B067}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{5EC79733-02E8-4007-8B87-F0684EB91E4B}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{816BA1D5-48D6-4A23-9251-AB5AC3E070FB}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{36E4F7A8-C4BE-4D97-BFE5-D2F855E6BD1D}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{DD353AB8-174A-4770-8C8E-0EEEFEC603A7}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [TCP Query User{F266E0A6-7C72-4625-8114-E17805615B13}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B9F3856E-B474-4FFD-9654-AF13E9810797}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{EFEC3005-747B-477B-88C3-EE09EBA0148E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{112D68F8-6889-4D4C-81A6-6A3848FE1334}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{E8996EC8-2971-4F07-B4FC-3FBF21C87B03}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{38930CD3-E080-4F92-99BA-17422BFA3626}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{051ACE53-830E-4782-B126-536B3412AD3C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{39D4E517-272D-4572-8491-1452E4BDFA2E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{3EAB0BB4-8B60-47B1-8C21-7B87A17D08DE}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6E8B4FB5-C79A-4945-8C71-47894B0F6EAD}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [{5E65BE58-918E-48D4-9951-9AE950007AB3}] => (Allow) C:\Users\Myriam\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{7020F699-236B-486F-A9F9-F1DD681ABDDB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2AF9DC13-2540-4EF6-98BB-4C69378A1293}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5C3A11F2-E0AE-47E4-9C43-3733B0F7BB19}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9B8A3FB0-3360-4DB9-A294-7902293D456E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{5A8B45EA-A736-45F1-9E24-A30EAF8E60D9}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{B1498BD8-A57E-4846-9D14-9CCA426613B1}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{7808E7A1-C5B0-4116-987E-4E94667DD1DC}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{01D9D0A1-F735-4665-AA48-3D053E1FB675}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{25249221-0EED-480D-8306-F101B7C21BAA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{29763E86-D5F1-4301-89A4-25E81BB993FC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{2320B5E8-93BC-4943-AFD5-286B1184AA69}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6E82DDF3-2648-495B-BC4F-3F7B09349C27}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1AC58D3D-8399-4802-8C65-2102FAC89161}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{88AAFA3E-53B2-496C-8BA3-167110B58CFC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{54C7EB92-8886-4F71-813F-D32CEBE47C67}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FEED4B2F-E743-4242-AEE4-7C21C95B1FE1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C6A5ED18-9F65-4170-B325-E7912180B9D6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6DF3BB91-B359-461E-9D96-93F7F139FEDC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7CE942A9-91FD-4F52-9D21-D8BC7927750B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{7089CB11-6B33-4847-8377-1C8EFD96122E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{737D3152-B17C-44B9-AA1A-39EFD62E81C7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{EE339300-7A1E-48C4-942D-AAC7D1F312AF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{09FA5353-09CE-401B-8960-E97D2CA77182}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2F933BA3-5231-4F72-A2F7-CAAE9F5AF23D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{04A64927-F9F6-4F80-BEEE-70F40FE7F01C}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{AA62DBE2-BDD1-4BAB-AE40-716719A72661}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{3600B74B-1573-42F4-BE65-38B63FFFF908}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0B1B2B6D-B12F-47AE-AD8B-3205067D9B9B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4C3362D5-D221-47E2-A95A-FDDC3B80C659}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{83D67A63-F8AF-4DC5-B042-B97005D123BE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{8F1FB95C-E62D-46B6-A5CC-A4B9BFC6DEDB}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BF606A8D-7838-4472-B2FB-6D217D2669D7}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0610831C-40A5-4712-B382-E9E66F2A092A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9D7E90B9-603F-4F1C-94E4-E9E629B947CE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{DE106C6A-7808-44C9-B317-944140DD8BEE}] => (Allow) LPort=35188
FirewallRules: [{BB2F5D19-57B3-41B3-937C-54247208D6DA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Restore Points =========================
15-04-2018 19:00:52 Windows Backup
22-04-2018 19:00:54 Windows Backup
23-04-2018 18:29:36 Restore Point Created by FRST
24-04-2018 17:52:19 Restore Point Created by FRST
25-04-2018 18:23:01 Restore Point Created by FRST
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/25/2018 06:42:29 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/25/2018 06:33:03 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)
Error: (04/25/2018 06:29:13 PM) (Source: TmCCSF) (EventID: 1) (User: )
Description: Event-ID 1
Error: (04/25/2018 06:26:00 PM) (Source: COM) (EventID: 18221) (User: NT AUTHORITY)
Description: The attempt to connect to the RPCSS service was denied access for the COM Server application C:\windows\system32\taskeng.exe to the user Unavailable\Unavailable SID (S-1-5-18) running in the application container Unavailable SID (Unavailable). The most likely cause is that the machine wide Access Limits do not grant the user or application local access permissions. The Access Limits can be modified using the Component Services administrative tool.
Error: (04/25/2018 06:23:00 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {fbebf763-6e5d-4c58-aa71-e6d7825e6412}
Error: (04/25/2018 06:16:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MYMI)
Description: Activation of app SymantecCorporation.NortonStudio_v68kp9n051hdp!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (04/25/2018 01:34:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MYMI)
Description: Activation of app SymantecCorporation.NortonStudio_v68kp9n051hdp!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (04/25/2018 03:14:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MYMI)
Description: Activation of app SymantecCorporation.NortonStudio_v68kp9n051hdp!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
System errors:
=============
Error: (04/25/2018 06:32:57 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
Error: (04/25/2018 06:31:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
and APPID
{B292921D-AF50-400C-9B75-0C57A7F29BA1}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/25/2018 06:29:14 PM) (Source: DCOM) (EventID: 10016) (User: MYMI)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Mymi\Myriam SID (S-1-5-21-2870124582-2670056687-1688047813-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/25/2018 06:29:13 PM) (Source: DCOM) (EventID: 10016) (User: MYMI)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Mymi\Myriam SID (S-1-5-21-2870124582-2670056687-1688047813-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/25/2018 06:29:13 PM) (Source: DCOM) (EventID: 10016) (User: MYMI)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Mymi\Myriam SID (S-1-5-21-2870124582-2670056687-1688047813-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/25/2018 06:29:13 PM) (Source: DCOM) (EventID: 10016) (User: MYMI)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Mymi\Myriam SID (S-1-5-21-2870124582-2670056687-1688047813-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/25/2018 06:29:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The OfficeScan Common Client Solution Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (04/25/2018 06:29:12 PM) (Source: DCOM) (EventID: 10016) (User: MYMI)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Mymi\Myriam SID (S-1-5-21-2870124582-2670056687-1688047813-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2015-08-26 21:27:39.607
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {A04ADA9C-F7F3-486A-B07C-AAC75ACCEBF0}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-24 20:26:43.326
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {F461CD8C-E934-4A19-8EE8-F81A83E7B50D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-23 12:23:35.723
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {3E3BD3DF-60D4-4691-B9C7-B66562A8A83B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-23 11:54:38.352
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {704B85F8-6E1B-40EC-B34E-80757DDBABCF}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-23 11:23:19.772
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {8242F810-20EE-49D9-ADD0-BDE6903B0F5D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-27 20:51:23.134
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2015-08-27 20:51:23.133
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2015-08-24 21:06:29.167
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2015-08-24 21:06:29.167
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2015-08-23 21:12:57.447
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x800704c7
Error description: The operation was canceled by the user.
CodeIntegrity:
===================================
Date: 2018-04-24 18:31:23.610
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-21 13:17:21.770
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-20 10:24:32.770
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\Settings.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-20 02:23:28.270
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-19 02:19:36.988
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-16 17:23:06.315
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-15 18:25:16.312
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-15 09:13:52.393
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 49%
Total physical RAM: 6033.95 MB
Available physical RAM: 3058.34 MB
Total Virtual: 12177.95 MB
Available Virtual: 9169.48 MB
==================== Drives ================================
Drive c: (TI10658800D) (Fixed) (Total:687.39 GB) (Free:439.82 GB) NTFS
Drive f: (My Passport) (Fixed) (Total:1862.98 GB) (Free:424.16 GB) NTFS
Drive g: (HD-GDU3) (Fixed) (Total:2794.52 GB) (Free:218.2 GB) NTFS
\\?\Volume{8c37a611-60fa-11e2-b77c-b888e3139d3f}\ (System) (Fixed) (Total:0.44 GB) (Free:0.15 GB) NTFS
\\?\Volume{066ae605-4bc9-405f-a6f8-534e3fb93882}\ (Recovery) (Fixed) (Total:10.43 GB) (Free:0.68 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 698.6 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 356187B6)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== End of Addition.txt ============================
Ran by Myriam (25-04-2018 18:40:25)
Running from C:\Users\Myriam\Downloads
Windows 8 (X64) (2013-06-16 17:41:35)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2870124582-2670056687-1688047813-500 - Administrator - Disabled)
Guest (S-1-5-21-2870124582-2670056687-1688047813-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2870124582-2670056687-1688047813-1003 - Limited - Enabled)
Myriam (S-1-5-21-2870124582-2670056687-1688047813-1001 - Administrator - Enabled) => C:\Users\Myriam
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Trend Micro OfficeScan Antivirus (Disabled - Up to date) {F2F88E6A-3C7A-545F-268A-5D0BDD38EE06}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro OfficeScan Anti-spyware (Disabled - Up to date) {49996F8E-1A40-5BD1-1C3A-6679A6BFA4BB}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
123 Free Solitaire v10.3 (HKLM-x32\...\123 Free Solitaire_is1) (Version: - TreeCardGames)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Box Sync (HKLM-x32\...\{25e2ab6e-0bb9-479e-947c-5dd5f6a309a6}) (Version: 4.0.7800.0 - Box Inc.) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 48.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
e5 Secure Download Manager (HKLM-x32\...\{6A979889-133D-4E64-99BB-1DA983CDCE75}) (Version: 3.2.262.0 - Kivuto Solutions Inc.)
Easy Photo Scan (HKLM-x32\...\{1A6DED1E-A024-455D-AA82-203D6B3B0CBC}) (Version: 1.00.0006 - Seiko Epson Corporation)
Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version: - )
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{896667C8-53F8-47B8-B6B0-B113B10F05BC}) (Version: 1.20.0000 - SEIKO EPSON CORPORATION)
Epson Printer Connection Checker (HKLM-x32\...\{83475ED4-8CCD-4F42-B877-7E2CC2BBD97B}) (Version: 2.0.0.0 - Seiko Epson Corporation)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-420 Series Printer Uninstall (HKLM\...\EPSON XP-420 Series) (Version: - SEIKO EPSON Corporation)
Epson XP-420_424 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-420_424 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{DF5200AB-5AE6-4598-846B-8ABC3AE121B1}) (Version: 3.0.2.0 - SEIKO EPSON Corporation)
iCloud (HKLM\...\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}) (Version: 6.2.2.39 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\Juniper_Setup_Client) (Version: 7.4.13.48589 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junos Pulse (HKLM\...\{E59CEF5A-DD72-4EE5-98D2-62FE1265941B}) (Version: 3.1.34907 - Juniper Networks) Hidden
Junos Pulse 3.1 (HKLM-x32\...\Junos Pulse 3.1) (Version: 3.1.34907 - Juniper Networks, Inc.)
Malwarebytes version 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\OneDriveSetup.exe) (Version: 18.044.0301.0006 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{40F55150-F43D-4C9F-9A00-1A0A6F1EB7F0}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.2.6656 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29031 - Realtek Semiconductor Corp.)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.103 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 4.0.2.1 - IObit)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.01.01 - Toshiba Corporation)
Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.08.6402 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.8.2C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6625.6402 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.1.0001 - Toshiba Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.1.1 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 1.0.0.5C - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B1F241E1-90BF-4201-8977-A0DF85A38EBB}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0013 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Trend Micro OfficeScan Agent (HKLM-x32\...\OfficeScanNT) (Version: 11.0.1028 - Trend Micro Inc.)
Umbrella Roaming Client (HKLM-x32\...\{47904E32-6950-4AF8-8F86-7DEA7F51EB56}) (Version: 2.1.0.0 - OpenDNS)
Update for Skype for Business 2015 (KB4018334) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{43E657C8-617B-4062-9580-690699462328}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4018334) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{43E657C8-617B-4062-9580-690699462328}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4018334) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{43E657C8-617B-4062-9580-690699462328}) (Version: - Microsoft)
Utility Common Driver (HKLM-x32\...\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.53.1 - Compal) Hidden
Utility Common Driver (HKLM-x32\...\InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.53.1 - Compal) Hidden
WD Backup (HKLM-x32\...\{4AACAFC7-951A-4215-B430-3DFCFF2E6CED}) (Version: 1.5.5953.19614 - Western Digital Technologies, Inc) Hidden
WD Backup (HKLM-x32\...\{a8c9535a-ecd9-4172-a330-0cb5ff9dbed9}) (Version: 1.5.5953.19614 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{965D28B5-3C86-41FD-994E-D6376815C9B3}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\WhatsApp) (Version: 0.2.5863 - WhatsApp)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17350 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2870124582-2670056687-1688047813-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Myriam\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-05-09] (Apple Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2012-10-24] (Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {360FE453-2428-4F01-B1E5-24B386904358} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-04-15] (Microsoft Corporation)
Task: {368FCF03-7D08-4E0D-8CF0-8E62F92032D6} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
Task: {3EE45B0D-322F-4233-B049-21E6503BE25C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {3F2ADA94-AD3A-4888-8AD6-BD748EDF9B58} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-05-09] (Apple Inc.)
Task: {75501669-22A7-4B7A-B445-5FEBA4CE9865} - System32\Tasks\EPSON XP-420 Series Update {CBC51009-C0F1-4B68-93C8-C3317DDE4B46} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {8E7CB33A-A093-4773-BB05-57CF44CFEE48} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-19] (Dropbox, Inc.)
Task: {8F5A2E53-2812-4A40-A6F9-0622F3E9FD82} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-04-15] (Microsoft Corporation)
Task: {99397F8A-0D69-40F7-9134-8718B2010CE4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-04-15] (Microsoft Corporation)
Task: {9B87DD21-09F6-4AC2-80DE-8AD9FBB5F199} - System32\Tasks\EPSON XP-420 Series Update {7506ED29-D2B3-408F-9C39-C6870A815C91} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {9E1F6F82-181A-491D-A86B-BEB2242D46BC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {9F5D5947-999C-4963-B43E-082A09152D56} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-06] (Microsoft Corporation)
Task: {AA0CF02E-543A-42CE-BD31-A987AA663C97} - System32\Tasks\{D6F156B6-B064-4539-92BF-5148DDA2DE3C} => C:\windows\system32\pcalua.exe -a C:\windows\UN091222.EXE -c /UNINST
Task: {AF711E7E-2FB4-4361-AC09-DB15D43A66DF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {BCB470AA-EE57-4363-83BF-9E81AA6C6C67} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-04-15] (Microsoft Corporation)
Task: {BEFC95F3-BF2B-4EA9-8A63-85A8326C1C1F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {C772D868-20AA-486B-9279-F62850BD871D} - System32\Tasks\{7A4FCD95-FFBF-464C-B5B8-1BB5836C4EB6} => C:\windows\system32\pcalua.exe -a F:\msert.exe -d F:\
Task: {C8A68697-E7BB-4FE9-97AD-362141F3F755} - System32\Tasks\StartMenu8_Start => C:\program files (x86)\iobit\Classic Start\Start_Active.exe
Task: {CBDABD43-0EA1-4668-86D9-F8ADD8A822C0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-04-15] (Microsoft Corporation)
Task: {DCBC3E2C-F360-4BBE-BB47-52004834554C} - System32\Tasks\EPSON XP-420 Series Update {EE36AA76-8C02-452D-AA01-97A485E70511} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {DEA0CD22-6315-4156-BBBF-379E19D52D4A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {DF34FF18-02C7-4293-87DD-945DF34EE050} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-19] (Dropbox, Inc.)
Task: {F15B1B5E-E9A0-43A7-8DA1-E9024CC09AED} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-06] (Microsoft Corporation)
Task: {FABA927C-6F55-4E10-A056-61F9D91A9AFE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\EPSON XP-420 Series Update {7506ED29-D2B3-408F-9C39-C6870A815C91}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE:/EXE:{7506ED29-D2B3-408F-9C39-C6870A815C91} /F:UpdateWORKGROUP\MYMI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-31 14:55 - 2011-08-31 14:55 - 000801792 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\sqlite3.dll
2007-05-16 12:42 - 2007-05-16 12:42 - 000089088 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\zlibwapi.dll
2012-12-19 05:06 - 2012-12-19 05:06 - 001300480 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\libprotobuf.dll
2012-10-24 01:44 - 2012-10-24 01:44 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-30 16:34 - 2012-08-30 16:34 - 002609064 _____ () C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
2012-07-18 20:38 - 2012-07-18 20:38 - 000020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-18 20:38 - 2012-07-18 20:38 - 000049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2012-08-13 21:13 - 2012-08-13 21:13 - 000018344 _____ () C:\Program Files\Toshiba\Teco\TecoMUI.dll
2011-08-12 16:57 - 2011-08-12 16:57 - 000437632 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe
2012-07-26 02:58 - 2012-07-26 02:53 - 000170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-08-04 17:01 - 2012-08-04 17:01 - 000213136 _____ () C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
2017-05-09 03:05 - 2017-05-09 03:05 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-05-09 03:05 - 2017-05-09 03:05 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
2013-01-16 10:19 - 2013-01-16 10:19 - 000048128 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\boost_date_time-vc110-mt-1_49.dll
2013-04-02 12:25 - 2013-04-02 12:25 - 000675840 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\sqlite3.dll
2013-01-16 10:23 - 2013-01-16 10:23 - 000058368 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\boost_thread-vc110-mt-1_49.dll
2011-10-15 07:31 - 2011-10-15 07:31 - 000431163 _____ () C:\Program Files (x86)\Common Files\Juniper Networks\WX Client\sqlite3.dll
2017-05-09 00:45 - 2017-05-09 00:45 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-06-12 13:41 - 2017-06-12 13:41 - 001037688 _____ () C:\Program Files (x86)\OpenDNS\Umbrella Roaming Client\libldns-1.dll
2017-06-12 13:42 - 2017-06-12 13:42 - 000047952 _____ () C:\Program Files (x86)\OpenDNS\Umbrella Roaming Client\libdcplugin_erc.dll
2013-06-02 20:23 - 2012-06-26 04:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2018-04-25 18:37 - 2018-04-23 05:15 - 000866120 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-04-25 18:37 - 2018-04-23 05:15 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-04-25 18:37 - 2018-04-23 05:15 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2018-04-11 19:59 - 2018-04-23 05:16 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2018-04-11 19:59 - 2018-04-23 05:15 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2018-04-25 18:37 - 2018-04-23 05:15 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000114136 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-04-11 19:59 - 2018-04-23 05:16 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2018-04-11 19:59 - 2018-04-23 05:15 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2018-04-25 18:37 - 2018-04-23 05:17 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-04-25 18:37 - 2018-04-23 05:15 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-04-25 18:37 - 2018-04-23 05:17 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-04-25 18:37 - 2018-04-23 05:17 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-04-25 18:37 - 2018-04-23 05:16 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-04-25 18:37 - 2018-04-23 05:17 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-04-25 18:37 - 2018-04-23 05:16 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Umbrella_RC => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\sharepoint.com -> hxxps://wavetulane.sharepoint.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 00:26 - 2015-07-16 20:03 - 000000027 _____ C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 127.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8C631FDE-265F-4413-B795-C37E3304894B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{460AA8CF-B166-45B3-939B-BBE591AD603D}] => (Allow) LPort=2869
FirewallRules: [{CEC0AD45-93DC-424E-99A2-AC85F9BA8C2C}] => (Allow) LPort=1900
FirewallRules: [{A91F71E6-AE00-489D-BA4F-2D81706F3849}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{EB2D8515-0D1A-4244-B9E8-18B61BD9B067}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{5EC79733-02E8-4007-8B87-F0684EB91E4B}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{816BA1D5-48D6-4A23-9251-AB5AC3E070FB}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{36E4F7A8-C4BE-4D97-BFE5-D2F855E6BD1D}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{DD353AB8-174A-4770-8C8E-0EEEFEC603A7}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [TCP Query User{F266E0A6-7C72-4625-8114-E17805615B13}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B9F3856E-B474-4FFD-9654-AF13E9810797}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{EFEC3005-747B-477B-88C3-EE09EBA0148E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{112D68F8-6889-4D4C-81A6-6A3848FE1334}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{E8996EC8-2971-4F07-B4FC-3FBF21C87B03}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{38930CD3-E080-4F92-99BA-17422BFA3626}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{051ACE53-830E-4782-B126-536B3412AD3C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{39D4E517-272D-4572-8491-1452E4BDFA2E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{3EAB0BB4-8B60-47B1-8C21-7B87A17D08DE}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6E8B4FB5-C79A-4945-8C71-47894B0F6EAD}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [{5E65BE58-918E-48D4-9951-9AE950007AB3}] => (Allow) C:\Users\Myriam\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{7020F699-236B-486F-A9F9-F1DD681ABDDB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2AF9DC13-2540-4EF6-98BB-4C69378A1293}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5C3A11F2-E0AE-47E4-9C43-3733B0F7BB19}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9B8A3FB0-3360-4DB9-A294-7902293D456E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{5A8B45EA-A736-45F1-9E24-A30EAF8E60D9}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{B1498BD8-A57E-4846-9D14-9CCA426613B1}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{7808E7A1-C5B0-4116-987E-4E94667DD1DC}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{01D9D0A1-F735-4665-AA48-3D053E1FB675}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{25249221-0EED-480D-8306-F101B7C21BAA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{29763E86-D5F1-4301-89A4-25E81BB993FC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{2320B5E8-93BC-4943-AFD5-286B1184AA69}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6E82DDF3-2648-495B-BC4F-3F7B09349C27}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1AC58D3D-8399-4802-8C65-2102FAC89161}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{88AAFA3E-53B2-496C-8BA3-167110B58CFC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{54C7EB92-8886-4F71-813F-D32CEBE47C67}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FEED4B2F-E743-4242-AEE4-7C21C95B1FE1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C6A5ED18-9F65-4170-B325-E7912180B9D6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6DF3BB91-B359-461E-9D96-93F7F139FEDC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7CE942A9-91FD-4F52-9D21-D8BC7927750B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{7089CB11-6B33-4847-8377-1C8EFD96122E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{737D3152-B17C-44B9-AA1A-39EFD62E81C7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{EE339300-7A1E-48C4-942D-AAC7D1F312AF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{09FA5353-09CE-401B-8960-E97D2CA77182}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2F933BA3-5231-4F72-A2F7-CAAE9F5AF23D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{04A64927-F9F6-4F80-BEEE-70F40FE7F01C}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{AA62DBE2-BDD1-4BAB-AE40-716719A72661}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{3600B74B-1573-42F4-BE65-38B63FFFF908}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0B1B2B6D-B12F-47AE-AD8B-3205067D9B9B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4C3362D5-D221-47E2-A95A-FDDC3B80C659}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{83D67A63-F8AF-4DC5-B042-B97005D123BE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{8F1FB95C-E62D-46B6-A5CC-A4B9BFC6DEDB}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BF606A8D-7838-4472-B2FB-6D217D2669D7}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0610831C-40A5-4712-B382-E9E66F2A092A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9D7E90B9-603F-4F1C-94E4-E9E629B947CE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{DE106C6A-7808-44C9-B317-944140DD8BEE}] => (Allow) LPort=35188
FirewallRules: [{BB2F5D19-57B3-41B3-937C-54247208D6DA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Restore Points =========================
15-04-2018 19:00:52 Windows Backup
22-04-2018 19:00:54 Windows Backup
23-04-2018 18:29:36 Restore Point Created by FRST
24-04-2018 17:52:19 Restore Point Created by FRST
25-04-2018 18:23:01 Restore Point Created by FRST
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/25/2018 06:42:29 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/25/2018 06:33:03 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)
Error: (04/25/2018 06:29:13 PM) (Source: TmCCSF) (EventID: 1) (User: )
Description: Event-ID 1
Error: (04/25/2018 06:26:00 PM) (Source: COM) (EventID: 18221) (User: NT AUTHORITY)
Description: The attempt to connect to the RPCSS service was denied access for the COM Server application C:\windows\system32\taskeng.exe to the user Unavailable\Unavailable SID (S-1-5-18) running in the application container Unavailable SID (Unavailable). The most likely cause is that the machine wide Access Limits do not grant the user or application local access permissions. The Access Limits can be modified using the Component Services administrative tool.
Error: (04/25/2018 06:23:00 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {fbebf763-6e5d-4c58-aa71-e6d7825e6412}
Error: (04/25/2018 06:16:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MYMI)
Description: Activation of app SymantecCorporation.NortonStudio_v68kp9n051hdp!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (04/25/2018 01:34:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MYMI)
Description: Activation of app SymantecCorporation.NortonStudio_v68kp9n051hdp!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (04/25/2018 03:14:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MYMI)
Description: Activation of app SymantecCorporation.NortonStudio_v68kp9n051hdp!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
System errors:
=============
Error: (04/25/2018 06:32:57 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
Error: (04/25/2018 06:31:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
and APPID
{B292921D-AF50-400C-9B75-0C57A7F29BA1}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/25/2018 06:29:14 PM) (Source: DCOM) (EventID: 10016) (User: MYMI)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Mymi\Myriam SID (S-1-5-21-2870124582-2670056687-1688047813-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/25/2018 06:29:13 PM) (Source: DCOM) (EventID: 10016) (User: MYMI)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Mymi\Myriam SID (S-1-5-21-2870124582-2670056687-1688047813-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/25/2018 06:29:13 PM) (Source: DCOM) (EventID: 10016) (User: MYMI)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Mymi\Myriam SID (S-1-5-21-2870124582-2670056687-1688047813-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/25/2018 06:29:13 PM) (Source: DCOM) (EventID: 10016) (User: MYMI)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Mymi\Myriam SID (S-1-5-21-2870124582-2670056687-1688047813-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/25/2018 06:29:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The OfficeScan Common Client Solution Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (04/25/2018 06:29:12 PM) (Source: DCOM) (EventID: 10016) (User: MYMI)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Mymi\Myriam SID (S-1-5-21-2870124582-2670056687-1688047813-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2015-08-26 21:27:39.607
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {A04ADA9C-F7F3-486A-B07C-AAC75ACCEBF0}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-24 20:26:43.326
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {F461CD8C-E934-4A19-8EE8-F81A83E7B50D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-23 12:23:35.723
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {3E3BD3DF-60D4-4691-B9C7-B66562A8A83B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-23 11:54:38.352
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {704B85F8-6E1B-40EC-B34E-80757DDBABCF}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-23 11:23:19.772
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {8242F810-20EE-49D9-ADD0-BDE6903B0F5D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-27 20:51:23.134
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2015-08-27 20:51:23.133
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2015-08-24 21:06:29.167
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2015-08-24 21:06:29.167
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2015-08-23 21:12:57.447
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x800704c7
Error description: The operation was canceled by the user.
CodeIntegrity:
===================================
Date: 2018-04-24 18:31:23.610
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-21 13:17:21.770
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-20 10:24:32.770
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\Settings.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-20 02:23:28.270
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-19 02:19:36.988
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-16 17:23:06.315
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-15 18:25:16.312
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-15 09:13:52.393
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 49%
Total physical RAM: 6033.95 MB
Available physical RAM: 3058.34 MB
Total Virtual: 12177.95 MB
Available Virtual: 9169.48 MB
==================== Drives ================================
Drive c: (TI10658800D) (Fixed) (Total:687.39 GB) (Free:439.82 GB) NTFS
Drive f: (My Passport) (Fixed) (Total:1862.98 GB) (Free:424.16 GB) NTFS
Drive g: (HD-GDU3) (Fixed) (Total:2794.52 GB) (Free:218.2 GB) NTFS
\\?\Volume{8c37a611-60fa-11e2-b77c-b888e3139d3f}\ (System) (Fixed) (Total:0.44 GB) (Free:0.15 GB) NTFS
\\?\Volume{066ae605-4bc9-405f-a6f8-534e3fb93882}\ (Recovery) (Fixed) (Total:10.43 GB) (Free:0.68 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 698.6 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 356187B6)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== End of Addition.txt ============================