cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Charlie (16-08-2018 14:32:51)
Running from C:\Users\Charlie\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-11-25 00:52:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4068796385-2865565576-2177801047-500 - Administrator - Disabled)
Charlie (S-1-5-21-4068796385-2865565576-2177801047-1000 - Administrator - Enabled) => C:\Users\Charlie
Guest (S-1-5-21-4068796385-2865565576-2177801047-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4068796385-2865565576-2177801047-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Antares Autotune VST RTAS TDM v5.08 (HKLM-x32\...\Antares Autotune VST RTAS TDM_is1) (Version: - Team AiR 2007)
Apple Mobile Device Support (HKLM\...\{A05FDFEC-4377-49E0-82CB-B6D1386E89DA}) (Version: 11.3.0.9 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.1.7 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.10 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
Authorizer 2.9.2d15 (HKLM\...\{F6762963-9AE5-4bc6-A70F-2D749F6AC02F}_is1) (Version: 2.9.2d15 - Propellerhead Software AB)
Avid Mbox Driver 1.1.10 (x64) (HKLM\...\{35BAD2B7-E2EF-4A06-80A2-C6C2F23B8F3E}) (Version: 1.1.10 - Avid)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0455 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 397.93 - NVIDIA Corporation) Hidden
FabFilter Pro-Q 2.12 (64-bit) (HKLM-x32\...\FabFilter Pro-Q 2.12 (64-bit)) (Version: - )
FabFilter Pro-Q VST RTAS v1.0.1.6 (HKLM-x32\...\FabFilter Pro-Q VST RTAS_is1) (Version: - TEAM AiR)
InputMapper (HKLM-x32\...\{026D2025-A7FA-4F5C-AF8C-A6F7A9B917FC}) (Version: 1.6.10.19991 - DSDCS)
inst (HKLM-x32\...\{364CF035-2A88-46A8-8F3E-23AF88B1C3AA}) (Version: 1.0.0.0 - Creative Software Solutions GmbH)
Intel(R) Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
iolo technologies' System Mechanic (HKLM-x32\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 12.5.0 - iolo technologies, LLC)
iTunes (HKLM\...\{8D28AA8E-D71D-4BC1-BAA0-4AB239553D3F}) (Version: 12.7.4.76 - Apple Inc.)
JBridge (HKLM-x32\...\JBridge) (Version: - JBridge)
K-Lite Codec Pack 13.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.0.0 - KLCP)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
M-Audio Fast Track Ultra 8R Driver 6.1.9 (x64) (HKLM\...\{B2292C0A-574E-4F10-B6D4-74EA004167AB}) (Version: 6.1.9 - M-Audio)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DD60A01E-B0C8-475D-A6A4-0D8AFE3FA29E}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6011.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 61.0.2 (x64 pt-PT) (HKLM\...\Mozilla Firefox 61.0.2 (x64 pt-PT)) (Version: 61.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.5.2.880 - Native Instruments)
Native Instruments Passive EQ (HKLM-x32\...\Native Instruments Passive EQ) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.0.0.276 - Native Instruments)
Native Instruments Solid Dynamics FX (HKLM-x32\...\Native Instruments Solid Dynamics FX) (Version: 1.0.0.276 - Native Instruments)
Native Instruments Solid EQ FX (HKLM-x32\...\Native Instruments Solid EQ FX) (Version: 1.0.0.276 - Native Instruments)
Native Instruments The Giant (HKLM-x32\...\Native Instruments The Giant) (Version: - Native Instruments)
Native Instruments Traktor Kontrol D2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol D2 Driver) (Version: - Native Instruments)
Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: - Native Instruments)
Native Instruments Vari Comp (HKLM-x32\...\Native Instruments Vari Comp) (Version: - Native Instruments)
Native Instruments VC 160 FX (HKLM-x32\...\Native Instruments VC 160 FX) (Version: - Native Instruments)
Native Instruments VC 2A FX (HKLM-x32\...\Native Instruments VC 2A FX) (Version: - Native Instruments)
Native Instruments VC 76 FX (HKLM-x32\...\Native Instruments VC 76 FX) (Version: - Native Instruments)
NomadFactory Blue Tubes Dynamics Pack VST RTAS v3.2 (HKLM-x32\...\NomadFactory Blue Tubes Dynamics Pack VST RTAS_is1) (Version: - )
NVIDIA Graphics Driver 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 397.93 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Pianissimo (HKLM-x32\...\Pianissimo) (Version: - Acoustica)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Reason 9 9.5.1d19 (HKLM\...\Reason9.0Stable_64_is1) (Version: 9.5.1d19 - Propellerhead Software AB)
ReCycle 2.2.3 (HKLM\...\ReCycle2.2_64_is1) (Version: 2.2.3 - Propellerhead Software AB)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
SolidWorks 2013 x64 Edition SP03 (HKLM\...\{B6B5EA7E-B91F-443D-A958-B0062FB53804}) (Version: 21.130.60 - SolidWorks) Hidden
SolidWorks eDrawings 2013 x64 Edition SP03 (HKLM\...\{AC2165BD-762D-420B-AD33-20FACAA7112B}) (Version: 13.3.111 - Dassault Systèmes SolidWorks Corp) Hidden
SolidWorks Explorer 2013 SP03 x64 Edition (HKLM\...\{168EB20E-FC09-4D2E-83A9-49483710304C}) (Version: 21.30.60 - SolidWorks Corporation) Hidden
SolidWorks Plastics 2013 SP03 x64 Edition (HKLM\...\{BA812540-2D88-4A6A-A527-E7728D577D7D}) (Version: 21.30.60 - SolidWorks Corporation) Hidden
SONiVOX Big Bang Cinematic Percussion 2 (HKLM-x32\...\SONiVOX Big Bang Cinematic Percussion 2) (Version: 2.5 - SONiVOX)
Sonnox Oxford Inflator Native VST v1.5.1 (HKLM-x32\...\Sonnox Oxford Inflator Native VST_is1) (Version: - Team AiR 2007)
Sonnox Oxford Limiter Native VST v1.1.1 (HKLM-x32\...\Sonnox Oxford Limiter Native VST_is1) (Version: - Team AiR 2007)
Sonnox Oxford R3 Dynamics Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford R3 Dynamics Native VST_is1) (Version: - Team AiR 2007)
Sonnox Oxford R3 EQ Native VST v1.6.1 (HKLM-x32\...\Sonnox Oxford R3 EQ Native VST_is1) (Version: - Team AiR 2007)
Sonnox Oxford Reverb Native VST v1.0 (HKLM-x32\...\Sonnox Oxford Reverb Native VST_is1) (Version: - Team AiR 2007)
Sonnox Oxford TransMod Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford TransMod Native VST_is1) (Version: - Team AiR 2007)
Sonoris DDP Creator 64bit (HKLM\...\Sonoris DDP Creator 64bit) (Version: - Sonoris Audio Engineering)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.2 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
Suporte para Aplicações Apple (32-bits) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Suporte para Aplicações Apple (64-bits) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Waves Complete V9r1 (HKLM-x32\...\{90000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.0.1 - Waves)
Windows Driver Package - ASUS (ATP) Mouse (01/07/2014 1.0.0.197) (HKLM\...\2BEE838DC3D664A0CAB23AEA0332BB3877ED0685) (Version: 01/07/2014 1.0.0.197 - ASUS)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4068796385-2865565576-2177801047-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [ !!!smico] -> {C6E713CA-A7FD-4C73-9E34-AD7676CB957F} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => -> No File
ContextMenuHandlers1: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Windows\system32\Incinerator64.dll [2013-12-03] (iolo technologies, LLC)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => -> No File
ContextMenuHandlers1: [SMShellExts] -> {3871F95B-BF7A-4c17-950B-3ECBCA765A45} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-05-30] (Disc Soft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers2: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => -> No File
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-05-30] (Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Windows\system32\Incinerator64.dll [2013-12-03] (iolo technologies, LLC)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-09-04] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-05-22] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01EFBEDE-EFCE-4D2D-94DD-064BC0570FD3} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-22] (NVIDIA Corporation)
Task: {11C13B98-09D7-495D-A5E6-F73AB6DFD792} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-03-13] ()
Task: {12069F69-C1BA-4D52-B718-4E394EB411E5} - \AutoKMSDaily -> No File <==== ATTENTION
Task: {15E56A48-1431-454E-A49C-FE4171649927} - System32\Tasks\Enhanceuta => C:\Windows\system32\rundll32.exe "C:\Program Files\Enhanceuta\Enhanceuta.dll",JlfRolE <==== ATTENTION
Task: {196486F0-4F20-4D64-996A-D0D3E5CE3563} - \{96B91A37-F7D6-4CEA-8F60-F04D50FA5526} -> No File <==== ATTENTION
Task: {24095DF7-84DC-488E-AE0E-A76ED4ADC49C} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe [2013-12-03] (iolo technologies, LLC)
Task: {249BF02A-EB08-494E-8D7B-B628A5B22FA0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-22] (NVIDIA Corporation)
Task: {287F5B64-9772-40B2-910F-B3DE7F0EE739} - \AutoKMS -> No File <==== ATTENTION
Task: {35711888-BC9A-4A58-A9C0-0C6F502B91D7} - System32\Tasks\{69F99887-BD0F-4B33-BE07-DA648DC182EB} => C:\Windows\system32\pcalua.exe -a C:\Users\Charlie\Desktop\data\Setup.exe -d C:\Users\Charlie\Desktop\data
Task: {421E0798-8AC0-4F48-842A-AB0329F174D6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe
Task: {4336436B-B321-4124-A88C-85878243EBD4} - System32\Tasks\ExclusiveTool => C:\Program Files (x86)\DSDCS\InputMapper\ExclusiveModeTool.exe [2016-10-04] (InputMapper)
Task: {4F1D6E1B-77AB-4950-995B-DEF7EBDF325C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {580982B2-A17E-4F76-8336-6801C03B31F0} - System32\Tasks\{4F9796D0-722D-4BC4-964A-B2325245174E} => C:\Windows\system32\pcalua.exe -a C:\Users\Charlie\Desktop\6305_Vista_PG537\setup.exe -d C:\Users\Charlie\Desktop\6305_Vista_PG537
Task: {5C36E6B1-6E10-47D3-AB65-875D51F4819E} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-22] (NVIDIA Corporation)
Task: {616D71BD-DB85-4966-9980-A13D22B24669} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-15] (Adobe Systems Incorporated)
Task: {627E5838-73A0-410C-9C92-98AD7095565B} - System32\Tasks\{4E2E0A88-4ED5-43EE-A70D-7B580C681535} => C:\Windows\system32\pcalua.exe -a C:\Users\Charlie\Desktop\AUD_ALLOS_5.10.0.5129_PV_UAA1.0.EXE -d C:\Users\Charlie\Desktop
Task: {63B5255C-2CC6-4DBB-AACE-6CC2F9F78627} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-15] (Adobe Systems Incorporated)
Task: {66C7D7CD-75E1-481F-BB6A-CFE20530AC92} - System32\Tasks\{35CEA2A1-3C0C-4CBE-A927-90757DCB499F} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.4.0.102/pp/abandoninstall?page=tsProgressBar
Task: {6FC1230D-FCFD-4566-BFB5-E875C55BA5BC} - System32\Tasks\{D1B82C5A-BBB8-4E31-AD67-0DB86FC0F736} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall ENTERPRISE /dll OSETUP.DLL
Task: {78F86C06-F312-4758-BC39-B712B39C6A0F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {7C4F8D27-2B5F-4C1B-B176-672BF2511AE6} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-22] (NVIDIA Corporation)
Task: {83BF0ACD-1878-4A73-A735-1A8A97D9F76E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-22] (NVIDIA Corporation)
Task: {85A283B2-3186-4622-B77E-E7B23C39F98F} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2014-05-15] (ASUSTek Computer Inc.)
Task: {85A4DC79-52B7-4CAF-98CE-B179F0DD10A5} - System32\Tasks\{CE1CE9FA-2528-4838-9AA1-239D1EBBEB3E} => C:\Windows\system32\pcalua.exe -a "C:\Users\Charlie\Desktop\New folder\ASIO\Install.exe" -d "C:\Users\Charlie\Desktop\New folder\ASIO"
Task: {9D1F531B-19EB-4C30-9EFE-3ADF4CC602F8} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-02-13] (AsusTek)
Task: {B68ED0E3-488B-451F-9740-ABA2ACF40B93} - System32\Tasks\{3FC10684-57B7-42E7-A2FE-925E863CF1F5} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Audinate\Dante Virtual Soundcard\uninstall_bundle.exe" -d "C:\Program Files (x86)\Audinate\Dante Virtual Soundcard"
Task: {C59B3AA5-5935-4B4D-82BB-0EDD42E17BFA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-22] (NVIDIA Corporation)
Task: {C9BD94E2-9F54-4E6A-9119-680FDE4F0266} - System32\Tasks\{22DEBF27-B677-42E0-AB48-A54365062E15} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}\setup.exe" -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Game Profiler"
Task: {CC4C0D94-C1E0-4DF3-8979-1A2D9664B10F} - System32\Tasks\{01275D00-B1D5-4763-ADDF-6DEFB47A2457} => C:\Windows\system32\pcalua.exe -a G:\SOFTWARE\VSTIS\Pianissimo-Installer-b12.exe -d G:\SOFTWARE\VSTIS
Task: {D094EA36-2512-442E-AD0B-4C673831244B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-22] (NVIDIA Corporation)
Task: {F29F544A-6A9D-4E1D-9309-5B4400E59C0A} - System32\Tasks\{2FA10EBE-68D1-4506-9E22-E6A1B2CEB906} => C:\Windows\system32\pcalua.exe -a C:\Users\Charlie\Desktop\32bit_Win7_Win8_Win81_R275.exe -d C:\Users\Charlie\Desktop

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-06-01 01:45 - 2018-05-23 19:23 - 000029216 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2018-03-16 15:19 - 2018-03-16 15:19 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-03-16 15:19 - 2018-03-16 15:19 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2010-10-20 13:30 - 2010-10-20 13:30 - 004297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2018-03-28 17:05 - 2018-03-28 17:05 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-03-28 17:05 - 2018-03-28 17:05 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-06-01 03:06 - 2018-06-01 03:06 - 004555264 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\7b1b2ada3b32a6e91e0cb28637e789b1\DiscSoft.NET.Common.ni.dll
2018-06-01 03:06 - 2018-06-01 03:06 - 003071488 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\DotNetCommon\1075d63eb3c16a2d9115bb9c22da3392\DotNetCommon.ni.dll
2015-01-06 18:37 - 2014-09-04 16:31 - 000455784 _____ () C:\Windows\system32\igfxTray.exe
2018-06-01 01:45 - 2018-05-23 19:23 - 000028928 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-01-06 16:08 - 2013-05-13 23:17 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-11-26 17:49 - 2008-06-19 18:35 - 000333288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\sqlite3.dll
2014-11-26 17:49 - 2008-03-04 15:52 - 000790392 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Chai.dll
2014-11-26 17:49 - 2008-03-05 10:34 - 000795520 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Fennel.dll
2014-11-26 17:49 - 2008-02-26 12:04 - 000717176 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Mate.dll
2014-11-26 17:49 - 2007-12-24 02:05 - 000121344 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\ProgramData\Microsoft:3kh9wokP3GQZF2kZ [2314]
AlternateDataStreams: C:\ProgramData\Microsoft:qINNuCbt3t9AfRgvTI8OSqy94Q [2482]
AlternateDataStreams: C:\ProgramData\Microsoft:rgG5BaPfOFPpTm460Hd11 [2366]
AlternateDataStreams: C:\ProgramData\Microsoft:sjQ16uSonYRzYMg1eirMKY6 [2046]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [119]
AlternateDataStreams: C:\Users\Charlie\Local Settings:VmHkBBFBatUNPInBPUlc8R [2264]
AlternateDataStreams: C:\Users\Charlie\AppData\Local:VmHkBBFBatUNPInBPUlc8R [2264]
AlternateDataStreams: C:\Users\Charlie\AppData\Local\Application Data:VmHkBBFBatUNPInBPUlc8R [2264]
AlternateDataStreams: C:\Users\Charlie\AppData\Local\Temporary Internet Files:V7yJCY57pS4ojFFZH3ZDT [2136]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-4068796385-2865565576-2177801047-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-08-16 14:25 - 000169937 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 wemsofts.com
127.0.0.1 bongadoom.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 internalcampaigntargets.com
127.0.0.1 bongadoom.com
127.0.0.1 getthefilenow.com
127.0.0.1 bigpicturepop.com
127.0.0.1 wizzcaster.com
127.0.0.1 bestoffersfortoday.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 agent.wizztrakys.com
127.0.0.1 csdimonetize.com
127.0.0.1 dl.azalee.site
127.0.0.1 titiaredh.com
127.0.0.1 wepcdisplaysystem.com
127.0.0.1 wepcanalyticsystem.com
127.0.0.1 healthydownload.com
127.0.0.1 leading2download.com
127.0.0.1 dwl0.wizzlabs.com
127.0.0.1 dwl1.wizzlabs.com
127.0.0.1 mess1.wizzmonetize.com
127.0.0.1 dl.azalee.site
127.0.0.1 dl.smashdl.com
127.0.0.1 downloadmyhost.com
127.0.0.1 lapapahoster.com
127.0.0.1 asedownloadgate.com
127.0.0.1 ladomainadeserver.com
127.0.0.1 mess1.wizzmonetize.com
127.0.0.1 dl.wizzuniquify.com
127.0.0.1 www.wizzmonetize.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4068796385-2865565576-2177801047-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 172.20.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: DAEMON Tools Lite =>

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{4264A269-B488-43D2-BE84-B466794A3ED3}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{604C9813-A65E-466B-BE22-9FA147EFE5DC}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{A59D492F-0EF2-42BF-B55F-1F86AC06A99F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{94449B72-BF93-4A49-9B75-03597EB6137C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7396B380-4B74-4CCF-824A-0E1EE3368C31}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4207AA1C-4C81-4632-8AAE-EE1358DE809F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{F859F5E2-F67F-4554-884D-03C2CF7F9706}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{1F8D9623-E964-4197-859D-8B9E3293045C}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{304FEE5E-68CF-4998-9E26-CEE14369F118}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{B7F7B5EB-AE5B-4DC5-9F59-5977E1CC85E5}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{7E95D589-ED11-4427-82A5-B1D6BFB5C82E}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{E94690B3-0A57-4AFC-9956-938C3D996113}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{DD827C53-BE14-44A3-9AD9-B7DF9ACBF46A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{958F3769-DB2C-4457-984B-33DE6A149153}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{216BE918-966F-48D5-B259-18B80D2652FD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{46A693B2-68D1-4063-93FD-407C406DA260}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B975BBB9-EF61-429E-8D0C-EB8247A8542D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7C5E5FF3-B488-40A8-87B3-89BF59ADC449}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{57B30C32-2106-4E66-B118-2FADE613E2A6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4C06D6A7-807D-4908-9F66-75CC05E47AE8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{C2410706-3AB4-4939-B513-44B80CCC43FA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5827C138-A06A-40A7-B70B-D5C5E7277771}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{60E70A4C-C588-4582-ABA7-27ACFDF01A87}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C107E7CE-1684-4391-B4FD-4768C740AD25}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C7ED50F2-FFA5-4D05-AFA5-472AEFFEF391}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
FirewallRules: [{08331475-7FDC-4059-8BE8-4A7EC4E78A52}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{FA724DDD-B93B-4659-9B35-EC1EC3FA6F0E}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{975201F9-2A73-49A9-A800-6BDFA5099DF2}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{460BC262-609D-481D-B211-16C8942A1A7B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{9E0D7A08-B5D8-4E07-88D0-1C5303C762C7}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{5CFC6FF0-78BC-49F8-831F-CC371B29A535}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{9D60B18E-B777-4639-B7BA-2DADB3FABDA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

==================== Restore Points =========================

16-08-2018 10:08:12 Removed Virtua Tennis 3
16-08-2018 10:09:44 Removed Skype™ 7.40
16-08-2018 12:18:57 UnHackMe Malware Removal
16-08-2018 12:54:30 Ponto de verificação por HitmanPro
16-08-2018 12:56:03 Ponto de verificação por HitmanPro
16-08-2018 14:23:54 Removed ePSXe

==================== Faulty Device Manager Devices =============

Name: Lexmark X422
Description: Lexmark X422
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Lexmark
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/16/2018 01:25:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/16/2018 01:23:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: DTAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.COMException
at DiscSoftBusServiceLib.IDSFileTransferManager.get_IsBusy()
at DTAgent.App.TrayBaseApp.Application_SessionEnding(System.Object, System.Windows.SessionEndingCancelEventArgs)
at System.Windows.Application.OnSessionEnding(System.Windows.SessionEndingCancelEventArgs)
at System.Windows.Application.WmQueryEndSession(IntPtr, IntPtr ByRef)
at System.Windows.Application.AppFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

Error: (08/16/2018 12:59:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/16/2018 12:56:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000188,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,000000000271EF90.72). hr = 0x80070005, Access is denied.
.

Error: (08/16/2018 12:56:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000914,(null),0,REG_BINARY,000000000AC1E4E0.72). hr = 0x80070005, Access is denied.
.


Operation:
BackupShutdown Event

Context:
Execution Context: Writer
Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
Writer Name: MSSearch Service Writer
Writer Instance ID: {9dade88c-b72f-4b4e-9199-42e2451d49dc}

Error: (08/16/2018 12:56:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000644,(null),0,REG_BINARY,000000000282E2C0.72). hr = 0x80070005, Access is denied.
.


Operation:
BackupShutdown Event

Context:
Execution Context: Writer
Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
Writer Name: WMI Writer
Writer Instance ID: {b092c0b6-2067-4ba0-bde8-f0216bae9a7f}

Error: (08/16/2018 12:56:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x0000030c,(null),0,REG_BINARY,0000000000F0DEB0.72). hr = 0x80070005, Access is denied.
.


Operation:
BackupShutdown Event

Context:
Execution Context: Writer
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {0698bac5-8ebd-4fc1-8560-07dea0a71ec0}

Error: (08/16/2018 12:56:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001b8,SYSTEM\CurrentControlSet\Services\VSS\Diag\Registry Writer,0,REG_BINARY,00000000027DEB30.72). hr = 0x80070005, Access is denied.
.


Operation:
BackupShutdown Event

Context:
Execution Context: Writer
Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
Writer Name: Registry Writer
Writer Instance ID: {888e3861-0b94-4ef5-b549-2b9a4c892fc8}


System errors:
=============
Error: (08/16/2018 02:22:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ZAM Controller Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/16/2018 01:24:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dante Virtual Soundcard Manager service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (08/16/2018 01:24:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dante Virtual Soundcard Manager service to connect.

Error: (08/16/2018 01:23:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (08/16/2018 01:23:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (08/16/2018 01:23:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) HD Graphics Control Panel Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/16/2018 01:23:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Disc Soft Lite Bus Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/16/2018 01:23:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.


Windows Defender:
===================================
Date: 2017-11-13 06:28:04.682
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{805B706B-EF78-4831-A2CF-797495C5E234}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2016-04-19 03:10:45.014
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{36792038-2590-4A70-AC68-60F3C3C27368}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2015-11-30 11:55:23.822
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/SBInstaller&threatid=223443
Name:SoftwareBundler:Win32/SBInstaller
ID:223443
Severity:High
Category:Software Bundler
Path Found:file:C:\Users\Charlie\AppData\Local\Installer\InstallpostInst_19151\DCytaiesmt_smtyc_setup.exe;file:C:\Windows\System32\Tasks\Installer_postInst;process:pid:4940;process:pid:4940,ProcessStart:130933578765774693;taskscheduler:C:\Windows\System32\Tasks\Installer_postInst
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:

Date: 2015-11-30 11:52:59.334
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/SBInstaller&threatid=223443
Name:SoftwareBundler:Win32/SBInstaller
ID:223443
Severity:High
Category:Software Bundler
Path Found:file:C:\Users\Charlie\AppData\Local\Installer\InstallpostInst_19151\DCytaiesmt_smtyc_setup.exe;file:C:\Windows\System32\Tasks\Installer_postInst;process:pid:4940;taskscheduler:C:\Windows\System32\Tasks\Installer_postInst
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:

Date: 2015-11-30 11:50:10.199
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/SBInstaller&threatid=223443
Name:SoftwareBundler:Win32/SBInstaller
ID:223443
Severity:High
Category:Software Bundler
Path Found:file:C:\Users\Charlie\AppData\Local\Installer\InstallpostInst_19151\DCytaiesmt_smtyc_setup.exe;file:C:\Windows\System32\Tasks\Installer_postInst;taskscheduler:C:\Windows\System32\Tasks\Installer_postInst
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Percentage of memory in use: 36%
Total physical RAM: 8075.39 MB
Available physical RAM: 5115.27 MB
Total Virtual: 16148.96 MB
Available Virtual: 12802.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:76.3 GB) NTFS

\\?\Volume{36dd6415-743c-11e4-850b-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 6366CA4E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité