Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by owner (07-11-2018 11:28:55)
Running from C:\Users\owner\Desktop
Windows 10 Pro Version 1809 17763.104 (X64) (2018-10-03 04:02:42)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1112066077-4254746724-1257480092-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1112066077-4254746724-1257480092-503 - Limited - Disabled)
Guest (S-1-5-21-1112066077-4254746724-1257480092-501 - Limited - Disabled)
owner (S-1-5-21-1112066077-4254746724-1257480092-1001 - Administrator - Enabled) => C:\Users\owner
WDAGUtilityAccount (S-1-5-21-1112066077-4254746724-1257480092-504 - Limited - Disabled)
___VMware_Conv_SA___ (S-1-5-21-1112066077-4254746724-1257480092-1015 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{569F29BA-2D46-439B-8B7C-01D999B9201D}) (Version: 7.1 - Intel) Hidden
. . (HKLM\...\{B753FD71-4EB8-4842-9016-B1B97ACBDC79}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{E43C1D03-D1BF-4DF9-A6F3-E483EA8B01CA}) (Version: 3.6.0.4 - Intel) Hidden
3RVX (HKLM-x32\...\{400A8514-5440-410A-B318-44061BD7EE8E}) (Version: 2.9.2.0 - Matthew Malensek)
7+ Taskbar Tweaker v5.5.0.5 (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\7 Taskbar Tweaker) (Version: 5.5.0.5 - RaMMicHaeL)
Ableton Live 10 Suite (HKLM\...\{268E343A-9E5B-4992-9C46-9A387390A2D9}) (Version: 10.0.0.0 - Ableton)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 3.5.5 - Mirillis)
Actual Transparent Window 8.13.1 (HKLM-x32\...\Actual Transparent Windows_is1) (Version: 8.13.1 - Actual Tools)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe After Effects CC 2019 (HKLM-x32\...\AEFT_16_0) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Audition CC 2019 (HKLM-x32\...\AUDT_12_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Bridge CC 2019 (HKLM-x32\...\KBRG_9_0_1) (Version: 9.0.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2019 (HKLM-x32\...\DRWV_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2019 (HKLM-x32\...\AME_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
Advanced Date Time Calculator 9.0 (HKLM-x32\...\Advanced Date Time Calculator_is1) (Version: - TriSun Software Limited)
AHD Subtitles Maker Pro version 5.19.239 (HKLM-x32\...\{CA69934C-EACB-4B41-A5F6-7F2A2873987E}_is1) (Version: 5.19.239 - AHD, Inc.)
AIDA64 Engineer v5.98 (HKLM-x32\...\AIDA64 Engineer_is1) (Version: 5.98 - FinalWire Ltd.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.100.303.238 - ALPS ELECTRIC CO., LTD.)
Alternate DLL Analyzer 1.580 (HKLM-x32\...\Alternate DLL Analyzer_is1) (Version: - Alternate Tools)
Alternate FontSizer 1.080 (HKLM-x32\...\Alternate FontSizer_is1) (Version: - Alternate Tools)
Amazon Kindle (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)
AniView version 1.5 (HKLM-x32\...\{A85F328E-E719-4747-B5E5-D91912911521}_is1) (Version: 1.5 - CodeDead)
Anki (HKLM-x32\...\Anki) (Version: - )
AnmanieSMP 2.4 i (HKLM-x32\...\AnmanieSMP_is1) (Version: - Christoph Walter)
Ant Renamer (HKLM-x32\...\Ant Renamer 2_is1) (Version: 2.12.0 - Ant Software)
AOMEI Partition Assistant Unlimited Edition version 7.5 (HKLM-x32\...\AOMEI Partition Assistant Unlimited Edition_is1) (Version: 7.5 - AOMEI)
Arasan 21.0 (HKLM-x32\...\Arasan_is1) (Version: - )
Argente Utilities (HKLM\...\AUtilities) (Version: 3.1.1.4 - Raúl Argente)
Arturia Analog Lab 3 (HKLM\...\Analog Lab 3_is1) (Version: 3.2.1.1819 - Arturia & Team V.R)
Arturia B-3 V (HKLM\...\B-3 V_is1) (Version: 1.3.1.1782 - Arturia & Team V.R)
Arturia Buchla Easel V (HKLM\...\Buchla Easel V_is1) (Version: 1.2.1.1782 - Arturia & Team V.R)
Arturia Clavinet V (HKLM\...\Clavinet V_is1) (Version: 1.2.1.1782 - Arturia & Team V.R)
Arturia CS-80 V3 (HKLM\...\CS-80 V3_is1) (Version: 3.3.1.1785 - Arturia & Team V.R)
Arturia DX7 V (HKLM\...\DX7 V_is1) (Version: 1.2.1.1797 - Arturia & Team V.R)
Arturia Farfisa V (HKLM\...\Farfisa V_is1) (Version: 1.3.1.1782 - Arturia & Team V.R)
Arturia Jup-8 V3 (HKLM\...\Jup-8 V3_is1) (Version: 3.3.1.1782 - Arturia & Team V.R)
Arturia Matrix-12 V2 (HKLM\...\Matrix-12 V2_is1) (Version: 2.3.1.1784 - Arturia & Team V.R)
Arturia Stage-73 V (HKLM\...\Stage-73 V_is1) (Version: 1.3.1.1782 - Arturia & Team V.R)
Arturia VOX Continental V2 (HKLM\...\VOX Continental V2_is1) (Version: 2.3.1.1782 - Arturia & Team V.R)
Arturia Wurli V2 (HKLM\...\Wurli V2_is1) (Version: 2.3.1.1782 - Arturia & Team V.R)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
AtHome Camera Version 3.4.1 (HKLM-x32\...\{B659A0AE-7339-41DF-A7BA-81EBEBF91321}_is1) (Version: - iChano Inc.)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
AudioRetoucher 4.8.0.0 (HKLM-x32\...\AudioRetoucher_is1) (Version: 4.8.0.0 - AbyssMedia.com)
Audiority Harmonic Maximizer (HKLM\...\Audiority Harmonic Maximizer_is1) (Version: v1.1.1 - Audiority)
AutoHotkey 1.1.30.00 (HKLM\...\AutoHotkey) (Version: 1.1.30.00 - Lexikos)
AutoIt v3.3.14.5 (HKLM-x32\...\AutoItv3) (Version: 3.3.14.5 - AutoIt Team)
AutoSizer (HKLM-x32\...\AutoSizer) (Version: - )
BetterDesktopTool version 1.94 (HKLM-x32\...\{D51FADF8-48F9-4234-8BB5-9D99A973AC65}_is1) (Version: 1.94 - Florian Schwarz)
Birdfont (HKLM-x32\...\Birdfont) (Version: - )
Bluetooth(R) Link (HKLM\...\{3F3DCC8C-2C93-4082-A6DE-BBDC74804FA0}) (Version: 4.3.03 - Toshiba Corporation)
BWMeter (HKLM-x32\...\BWMeter) (Version: 7.7.2 - DeskSoft)
Camtasia 9 (HKLM\...\{9A1BFE8E-398E-497D-B3BE-C1D8688010FC}) (Version: 9.1.1.2546 - TechSmith Corporation) Hidden
ChessX version 1.4.6 (HKLM-x32\...\{278EF322-A05B-4F81-B23B-F7D8050F6837}_is1) (Version: 1.4.6 - chessx.sourceforge.net)
Classic Sticky Notes (HKLM\...\Classic Sticky Notes_is1) (Version: 1.0 - Winaero)
Clavier+ 10.8.2 (HKLM\...\Clavier+_is1) (Version: 10.8.2 - Guillaume Ryder)
CMEDIA USB2.0 Audio Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392016500}) (Version: 1.00.0003 - C-Media Electronics, Inc.)
Complete Internet Repair 5.2.3.4005 (HKLM\...\Complete Internet Repair_is1) (Version: 5.2.3.4005 - Rizonesoft)
Crayon Physics Deluxe version 55 (HKLM-x32\...\{4CA1E8E2-B2A9-40C1-8EC4-BBCB23BAAA19}_is1) (Version: 55 - Kloonigames, Ltd)
Crescendo Music Notation Editor (HKLM-x32\...\Crescendo) (Version: 3.05 - NCH Software)
Cursor Commander (HKLM-x32\...\Cursor Commander) (Version: 1.0 - Winaero.com)
CyberLink PowerDVD 18 (HKLM-x32\...\{0F4F617F-E8D5-46A3-A0F9-43855182A3B1}) (Version: 18.0.2202.62 - CyberLink Corp.)
Data Lifeguard Diagnostic version 1.36 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
DiskFresh 1.1 (HKLM\...\DiskFresh_is1) (Version: - Puran Software)
DiskMark 1.0.0.8 (HKLM\...\DiskMark_is1) (Version: 1.0.0.8 - NetworkDLS)
Door Control version 3.9. (HKLM-x32\...\{C580556F-89DD-4267-BD8B-BA777B2293B4}_is1) (Version: 3.9. - Digola)
Door Control version 4.4 (HKLM-x32\...\{341CFE70-1D51-4898-9779-76DEBEA64EBC}_is1) (Version: 4.4 - Digola)
Dr. Folder version 2.6.0.0 (HKLM\...\{1E989158-7B7C-4A69-9038-B010AF3F775A}_is1) (Version: 2.6.0.0 - YL Computing)
Êâåòêà 4.1.1 (HKLM-x32\...\Êâåòêà_is1) (Version: - Áîäÿãèí Äìèòðèé)
EaseUS Partition Master 12.10 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
eBook Converter Bundle version 3.17 (HKLM-x32\...\{74173236-3507-49A7-A0FC-1BDABF0A9338}_is1) (Version: 3.17 - eBook Converter Team)
Edraw Max 9.3 (HKLM-x32\...\Edraw Max_is1) (Version: - EdrawSoft)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2 - )
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 11.2.49.0 - ESET, spol. s r.o.)
EveryonePiano 2.1 (HKLM-x32\...\EveryonePiano_is1) (Version: 2.1.7.13 - EveryonePiano.com)
Exact Audio Copy 1.3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.3 - Andre Wiethoff)
ExamDiff Pro 10.0 (10.0.1.4, 64-bit) (HKLM\...\ExamDiff Pro 10.0_is1) (Version: 10.0.1.4 - PrestoSoft LLC)
ExeIcon (remove only) (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\ExeIcon) (Version: - )
FastStone MaxView 3.1 (HKLM-x32\...\FastStone MaxView) (Version: 3.1 - FastStone Soft.)
FastStone Photo Resizer 3.8 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.8 - FastStone Soft.)
FileMarker.NET Pro (GAOTD Edition) (HKLM\...\{A5A0E0B5-578C-43CE-B201-1C01A0388DA9}_is1) (Version: 1.0 - ArcticLine Software)
FileMenu Tools 7.5 (HKLM\...\FileMenuTools_is1) (Version: 7.5 - LopeSoft)
Find.Same.Images.OK (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Find.Same.Images.OK) (Version: - )
Folder Size Explorer (HKLM-x32\...\{CD453A88-D560-47A2-9D4D-414134F5A73D}) (Version: 2.0.0 - Bazwise)
FolderIco 5.1 (HKLM\...\{22C37D82-6137-40BF-8625-7A846ED65F3A}_is1) (Version: - teorex)
FontBase 2.6.4 (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\ffc1e284-e25b-515d-b453-93eb9fe955eb) (Version: 2.6.4 - Dominik Levitsky Studio)
foobar2000 v1.4.1 beta 5 (HKLM-x32\...\foobar2000) (Version: 1.4.1 beta 5 - Peter Pawlowski)
Free Video Cutter version 1.2.1 (HKLM-x32\...\{B089C7D5-C978-4DB0-AFDE-471A42759CB0}_is1) (Version: 1.2.1 - Free Studio)
Futuremark SystemInfo (HKLM-x32\...\{58CCB74E-6E9A-4649-A49D-B4D0A7DF65A5}) (Version: 5.12.686.0 - Futuremark)
Geekbench 4 (HKLM-x32\...\Geekbench 4) (Version: - Primate Labs Inc.)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.33.000 - Runtime Software)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HandBrake 1.1.2 (HKLM-x32\...\HandBrake) (Version: 1.1.2 - )
Hard Disk Sentinel Pro (HKLM-x32\...\Hard Disk Sentinel Pro) (Version: - )
HashTab 6.0.0.34 (HKLM\...\HashTab) (Version: 6.0.0.34 - Implbits Software)
High-Logic FontCreator 11.5 (HKLM\...\FontCreator11-x64_is1) (Version: - High-Logic B.V.)
HostsMan 4.8.106 (HKLM-x32\...\{1A3DD1A9-7B7B-4ECA-AD2F-98466F49F62C}_is1) (Version: 4.8.106.0 - abelhadigital.com)
Icaros 3.1.0 (HKLM\...\Icaros_is1) (Version: 3.1.0.0 - Tabibito Technology)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel Extreme Tuning Utility (HKLM-x32\...\{1EB9D639-08BE-4DB1-96EE-C126D8EF402A}) (Version: 6.4.1.19 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{275588D7-6C9D-4FB0-BBAE-2FA3F7C2DADB}) (Version: 6.4.1.25 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{64432AF2-9AB3-4F5C-8F97-D6D6FCC89C18}) (Version: 6.3.0.54 - Intel Corporation) Hidden
Intel Processor Diagnostic Tool 64bit (HKLM\...\{00527426-AC8E-48E7-AE63-EC19D3BE6D9A}) (Version: 4.1.0.31 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Network Connections 22.7.18.0 (HKLM\...\PROSetDX) (Version: 22.7.18.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.10.0.1016 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.139.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{fd62de85-bda9-4280-a95b-fa2f86e0dc58}) (Version: 1.48.139.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001070-0200-1036-84C8-B8D95FA3C8C3}) (Version: 20.70.1 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{e5a12991-d0a9-4922-a125-fce431f55219}) (Version: 3.6.0.4 - Intel)
Intel-SA-00075 Detection and Mitigation Tool 1.0.3.215 (HKLM-x32\...\{3C31C05F-0788-400F-A21E-8EC3B52214F2}) (Version: 1.0.3.215 - Intel Corporation)
InternetOff 3.0, 32\64 bit edition (HKLM-x32\...\InternetOff_is1) (Version: - Crystal Rich, Ltd)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1.2.1 - IObit)
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
KC Softwares PortExpert (HKLM-x32\...\KC Softwares PortExpert_is1) (Version: 1.7.3.13 - KC Softwares)
KC Softwares RAMExpert (HKLM-x32\...\KC Softwares RAMExpert_is1) (Version: 1.10.2.25 - KC Softwares)
Kolor Autopano Giga 4.4 (HKLM\...\AutopanoGiga4.4) (Version: V4.4.2 - Kolor)
Kyodai Mahjongg 2006 v1.42 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version: - Rene-Gilles Deberdt)
LAV Filters 0.72 (HKLM-x32\...\lavfilters_is1) (Version: 0.72 - Hendrik Leppkes)
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.7.1 - Hermann Schinagl)
Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
Logitech Options (HKLM\...\LogiOptions) (Version: 6.94.17 - Logitech)
LRTimelapse 5.0.8 (HKLM\...\{25499041-D76C-4010-95CD-02374529C59B}}_is1) (Version: 5.0.8 - Gunther Wegner)
Macrium Reflect Workstation Edition (HKLM\...\{84D5616A-9316-4DBE-A681-DBBAE28448DA}) (Version: 7.2.3825 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Workstation Edition (HKLM\...\MacriumReflect) (Version: 7.2 - Paramount Software (UK) Ltd.)
MacType (HKLM\...\{E68951B7-9D7A-4727-9203-34909E3358D1}) (Version: 1.17.0628 - FlyingSnow) Hidden
MacType (HKLM\...\MacType 1.17.0628) (Version: 1.17.0628 - FlyingSnow)
Magic Bullet Suite v13.0.6 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.6 - Red Giant, LLC)
MakeMKV v1.12.3 (HKLM-x32\...\MakeMKV) (Version: v1.12.3 - GuinpinSoft inc)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MediaInfo 18.08 (HKLM\...\MediaInfo) (Version: 18.08 - MediaArea.net)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Mem Reduct (HKLM\...\memreduct) (Version: 3.3.4 - Henry++)
Mem Reduct (HKLM-x32\...\memreduct) (Version: 3.3.2 - Henry++)
MemInfo (remove only) (HKLM-x32\...\MemInfo) (Version: - )
Microsoft Office Professional Plus 2019 - fr-fr (HKLM\...\Proplus2019Retail - fr-fr) (Version: 16.0.11101.20000 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - ja-jp (HKLM\...\Proplus2019Retail - ja-jp) (Version: 16.0.11101.20000 - Microsoft Corporation)
Microsoft Office 專業增強版 2019 - zh-tw (HKLM\...\Proplus2019Retail - zh-tw) (Version: 16.0.11101.20000 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{C3682243-2218-4F80-A94A-EB0D7B7AF739}) (Version: 11.3.6020.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Windows XP Video Decoder Checkup Utility (HKLM-x32\...\DECCHECK) (Version: - )
MKVToolNix 28.2.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 28.2.0 - Moritz Bunkus)
MonitorTest V3.2 (HKLM\...\MonitorTest_is1) (Version: 3.2 - PassMark Software)
Moo0 Menu Transparent 1.20 (HKLM-x32\...\Moo0 TransparentMenu) (Version: - )
MusicExtractor (HKLM-x32\...\MusicExtractor_is1) (Version: 3.1 - Abelssoft)
MyPc version 9.5.0.6 (HKLM-x32\...\MyPc_is1) (Version: 9.5.0.6 - )
NetLimiter 4 (HKLM\...\{C1D77330-4EDB-46D4-86B9-4990BF7F3507}) (Version: 4.0.40.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.40.0) (Version: 4.0.40.0 - Locktime Software)
NetWorx 6.2.3 (HKLM\...\NetWorx_is1) (Version: - SoftPerfect Pty Ltd)
NewFolderEx (remove only) (HKLM-x32\...\NewFolderEx) (Version: - )
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NirSoft WebBrowserPassView (HKLM-x32\...\NirSoft WebBrowserPassView) (Version: - )
Nmap 7.70 (HKLM-x32\...\Nmap) (Version: 7.70 - Nmap Project)
NordVPN (HKLM-x32\...\{9C77CA61-460C-4A03-91B7-AA0F4040A8E6}) (Version: 6.18.5 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.18.5) (Version: 6.18.5 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
Npcap 0.99-r2 (HKLM-x32\...\NpcapInst) (Version: 0.99-r2 - Nmap Project)
OEM Registration Program (HKLM-x32\...\{B69F4E72-CCA4-4352-BF1C-708CE3D96E25}) (Version: 1.1.0 - Toshiba Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11101.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11101.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0404-1000-0000000FF1CE}) (Version: 16.0.11101.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.11101.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0411-1000-0000000FF1CE}) (Version: 16.0.11101.20000 - Microsoft Corporation) Hidden
Old Calculator for Windows 10 (HKLM-x32\...\OldCalcForWin10) (Version: 1.1 - hxxp://winaero.com)
Old Task Manager for Windows 10 (HKLM-x32\...\Old Task Manager for Windows 10) (Version: 1.0 - hxxp://winaero.com)
Open-Shell (HKLM\...\{FD722BB1-4960-455F-89C6-EFAEB79527EF}) (Version: 4.4.131 - The Open-Shell Team)
Opera Stable 56.0.3051.52 (HKLM-x32\...\Opera 56.0.3051.52) (Version: 56.0.3051.52 - Opera Software)
Package de pilotes Windows - Intel (Netwtw06) net (06/25/2018 20.70.0.5) (HKLM\...\4C1A4D715AB9BA973572D7BA86C88B47A7F2BAFC) (Version: 06/25/2018 20.70.0.5 - Intel)
Package de pilotes Windows - Intel (Netwtw06) net (07/04/2018 20.70.0.100) (HKLM\...\DEC7B59D64D2D271008FA319A0196BD3752E33CD) (Version: 07/04/2018 20.70.0.100 - Intel)
Paragon Hard Disk Manager™ 16.5 (HKLM\...\{115E0624-48E6-4305-BD25-6C6B39CA3CA4}) (Version: 10.7.1.3356 - Paragon Software) Hidden
Paragon Hard Disk Manager™ 16.5 (HKLM-x32\...\{58b7d335-0219-4dd7-94f8-72d69d1a6479}) (Version: 10.7.1.3356 - Paragon Software GmbH)
Paragon UIM (HKLM\...\{38FBDB20-F62D-4CD6-A04E-87FD30F3E43A}) (Version: 24.17.0.293 - Paragon Software) Hidden
PC8DeviceAgent 3.0.242 (HKLM\...\PC8DeviceAgent) (Version: 3.0.242 - SRM, Inc.)
PCあんしん点検ユーティリティ (HKLM-x32\...\{D9CD7DB3-E2BE-4BC6-85A6-EF9235C0B096}) (Version: 2.00.01.02 - Toshiba Corporation)
PDF Annotator 7.0.0.703 (HKLM-x32\...\PDFAnnotator_is1) (Version: 7.0.0.703 - GRAHL software design)
photoFXlab (HKLM-x32\...\photoFXlab) (Version: 1.2.11 - Topaz Labs)
PhotoWizard (HKLM\...\{3C100F93-4F0E-4C32-9AEB-EFB3E2CA34F8}) (Version: 1.6.0 - Microsoft)
PopChar 8.2 (HKLM\...\ergonis PopChar_is1) (Version: 8.2 - Ergonis Software)
PreSonus Studio One 4 (HKLM\...\PreSonus Studio One 4) (Version: 4.1.0.49247 - PreSonus Audio Electronics)
Prey Anti-Theft (HKLM-x32\...\{41F08CF7-6774-4E46-A0DE-AEF068C49DAF}) (Version: 1.8.1 - Prey, Inc.) Hidden
Prey Anti-Theft (HKLM-x32\...\{4D91189D-F5FD-45A9-B63E-58291ADA338B}) (Version: 1.6.5 - Prey, Inc.) Hidden
Process Network Monitor (HKLM-x32\...\{16C2C93F-A7EF-4950-B89F-E5E5F020118A}) (Version: 6.0 - SecurityXploded) Hidden
Process Network Monitor (HKLM-x32\...\Process Network Monitor 6.0) (Version: 6.0 - SecurityXploded)
proDAD ReSpeedr 1.0 (64bit) (HKLM\...\proDAD-ReSpeedr-1.0) (Version: 1.0.42.1 - proDAD GmbH)
Progress Telerik Fiddler (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Fiddler2) (Version: 5.0.20182.28034 - Telerik)
Python 3.7.0 (64-bit) (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\{f684de81-73c2-4924-ad43-e7ae400d47b5}) (Version: 3.7.150.0 - Python Software Foundation)
Python 3.7.0 Core Interpreter (64-bit) (HKLM\...\{F046BD5A-33F4-4ABA-BD2D-0227F6291EC9}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Development Libraries (64-bit) (HKLM\...\{61246987-8D99-44A9-8FF5-E2E3F503B72D}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Documentation (64-bit) (HKLM\...\{E7C56E72-C80E-453B-9345-FAEAE5DB51A4}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Executables (64-bit) (HKLM\...\{84B7971A-F59F-4247-AD34-BEC02CF85FBD}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 pip Bootstrap (64-bit) (HKLM\...\{8A6F7991-1955-4C46-8C0C-8D7C6F7042FA}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Standard Library (64-bit) (HKLM\...\{18D93BBC-06F6-449D-96FB-CD473CFC6A6D}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Tcl/Tk Support (64-bit) (HKLM\...\{A2FC01E0-059E-4D21-AFD2-B63A7E1EF3CD}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Test Suite (64-bit) (HKLM\...\{E4266358-1C9B-4AF0-ABF7-72BE136904CF}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Utility Scripts (64-bit) (HKLM\...\{9E24E01B-CBD8-4558-A56D-6188F1A3C822}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{D6BDDB48-938A-4384-A7BE-2B4E4931B111}) (Version: 3.7.6386.0 - Python Software Foundation)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.3 beta r3253 - Rainmeter)
RarmaRadio 2.71.9 (HKLM-x32\...\RarmaRadio_is1) (Version: - RaimerSoft)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21302 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.)
recALL version 16.12 (HKLM-x32\...\recALL_is1) (Version: 16.12 - )
RecordPad - Enregistreur audio (HKLM-x32\...\Recordpad) (Version: 7.05 - NCH Software)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.11.2 - Red Giant, LLC)
Registry Finder 2.31 (HKLM\...\{CC3C7E59-8611-4542-8BFD-FFC6759AD0FB}_is1) (Version: 2.31 - Sergey Filippov)
Resource Hacker Version 5.1.6 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games)
Scrabble solutions (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Scrabble solutions) (Version: - )
scrabbleproB 1.1.7 (HKLM-x32\...\scrabbleproB_is1) (Version: - scrabblepro)
Screen Locker (HKLM-x32\...\{681059E3-1E0B-4E25-8F2E-B8476703E9A7}) (Version: 1.0.0 - Musabbir Mamun)
SearchWithMyBrowser version 1.1.2 (HKLM\...\SearchWithMyBrowser_is1) (Version: 1.1.2 - Charles Milette)
ServiceCommander Version 4 (HKLM-x32\...\ServiceCommander_is1) (Version: 4.0 - Core Technologies Consulting, LLC)
Simple Sticky Notes 4.3 (HKLM-x32\...\Simple Sticky Notes_is1) (Version: - Simnet Ltd.)
Soldats Inconnus Mémoires de la Grande Guerre 1.0.140373 (HKLM-x32\...\Soldats Inconnus Mémoires de la Grande Guerre 1.0.140373) (Version: 1.0.140373 - Huyustus)
SOUND FORGE Pro 12.1 (x64) (HKLM\...\{60C7CECF-93D3-11E8-9B8E-408D5CC672F4}) (Version: 12.1.170 - MAGIX)
SoundTap Streaming Audio Recorder (HKLM-x32\...\SoundTap) (Version: 5.06 - NCH Software)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spybot Anti-Beacon (HKLM-x32\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 3.1 - Safer-Networking Ltd.)
SRMX version 3.2.606 (HKLM-x32\...\{64BEE57A-50EA-46AE-939C-898BA1A0D22F}_is1) (Version: 3.2.606 - SRM GmbH)
Startup Delayer v3.0 (build 366) (HKLM-x32\...\Startup Delayer) (Version: 3.0 (build 366) - r2 Studios)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
SuperCopier2 (HKLM-x32\...\SuperCopier2) (Version: - )
SyncBackPro x64 (HKLM-x32\...\SyncBackPro64_is1_is1) (Version: 8.5.97.0 - 2BrightSparks)
TAP-NordVPN 9.21.2 (HKLM\...\TAP-NordVPN) (Version: 9.21.2 - NordVPN.com)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Text Editor Pro version 5.2.1 (HKLM-x32\...\{FC8AD371-A765-4E22-B25F-D5914D7193F1}}_is1) (Version: 5.2.1 - Lasse Markus Rautiainen)
Textify v1.6.2 (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Textify) (Version: 1.6.2 - RaMMicHaeL)
The Bat! v8.6.0 (64-bit) (HKLM\...\{A7751F6E-C4A1-42D3-85E0-801486F170BF}) (Version: 8.6.0 - Ritlabs, SRL)
Topaz A.I. GigaPixel (HKLM\...\{67112AFB-D053-4F3E-815D-49DE57CF30E6}) (Version: 1.0.1 - Topaz Labs) Hidden
Topaz A.I. GigaPixel (HKLM\...\Topaz A.I. GigaPixel 1.0.1) (Version: 1.0.1 - Topaz Labs)
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.2.0 - Topaz Labs, LLC)
Topaz B&W Effects (HKLM-x32\...\Topaz BW Effects 2) (Version: 2.1.0 - Topaz Labs, LLC)
Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.1.0 - Topaz Labs, LLC)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.2.0 - Topaz Labs, LLC)
Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.1.0 - Topaz Labs, LLC)
Topaz DeNoise 6 (HKLM-x32\...\Topaz DeNoise 6) (Version: 6.0.1 - Topaz Labs, LLC)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.3.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
Topaz Glow 2 (HKLM\...\Topaz Glow 2) (Version: 2.0.0 - Topaz Labs, LLC)
Topaz Impression 2 (HKLM-x32\...\Topaz Impression 2) (Version: 2.0.4 - Topaz Labs, LLC)
Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.1.0 - Topaz Labs, LLC)
Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.3.0 - Topaz Labs, LLC)
Topaz ReMask 5 (HKLM-x32\...\Topaz ReMask 5) (Version: 5.0.1 - Topaz Labs, LLC)
Topaz ReStyle (HKLM-x32\...\Topaz ReStyle) (Version: 1.1.0 - Topaz Labs, LLC)
Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.2.0 - Topaz Labs, LLC)
Topaz Star Effects (HKLM-x32\...\Topaz Star Effects) (Version: 1.2.0 - Topaz Labs, LLC)
Topaz Texture Effects 2 (HKLM-x32\...\Topaz Texture Effects 2) (Version: 2.1.0 - Topaz Labs, LLC) <==== ATTENTION
TOSHIBA Blu-ray Disc Player (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 3.0.0.23 - Toshiba Client Solutions Co., Ltd.)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.08.6402 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{72EFCFA8-3923-451D-AF52-7CE9D87BC2A1}) (Version: 3.1.2.6402 - Toshiba Client Solutions Co., Ltd.)
TOSHIBA Function Key (HKLM\...\{ABB33FFD-6D6C-4670-9EF4-6181BB4D0DF2}) (Version: 1.1.17.6400 - Toshiba Client Solutions Co., Ltd.)
TOSHIBA PalaDouga (HKLM-x32\...\{21CEB4A6-0FF1-444F-A0CC-6F648F74C7F6}) (Version: 2014.0301.0002 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 4.06.01.6401 - Toshiba Client Solutions Co., Ltd.)
TOSHIBA Service Station (HKLM\...\{ECAF783B-5512-4BC1-8073-15BD9FDE616F}) (Version: 3.1.2.0 - Toshiba Corporation)
TOSHIBA Speech Synthesis (HKLM\...\{36B0B896-6CD8-4C5F-B7E1-2AC8E9588ACC}) (Version: 1.5.2.0 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0041 - Toshiba Corporation)
TOSHIBA System Settings (HKLM\...\{B040D5C9-C9AA-430A-A44E-696656012E61}) (Version: 3.1.2.6401 - Toshiba Client Solutions Co., Ltd.)
TreeSize Professional V6.3.7 (HKLM\...\{E2E37452-CB02-476E-AB39-C9A1DA9B9849}) (Version: 6.3.7.1236 - JAM Software)
UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 3.5.0.0 - Manuel Hoefs (Zottel))
Unknown Device Identifier 9.01 (HKLM\...\Unknown Device Identifier_is1) (Version: 9.01 - Huntersoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VMware ThinApp (HKLM-x32\...\{164B6D77-345B-4137-A92A-89E21D1C22AD}) (Version: 5.2.28433 - VMware, Inc.)
VMware vCenter Converter Standalone (HKLM-x32\...\{DA09FD63-5AE7-4bf6-8B86-0FCA4DEA8F8F}) (Version: 6.2.0.7348398 - VMware, Inc.)
VMware Workstation (HKLM\...\{A6D7B449-8F4F-4FA9-B80A-101345AA998A}) (Version: 15.0.0 - VMware, Inc.)
Volume2 1.1.6 (HKLM-x32\...\Volume2) (Version: 1.1.6 - Alexandr Irza)
Waterfox 56.2.5 (x64 en-US) (HKLM\...\Waterfox 56.2.5 (x64 en-US)) (Version: 56.2.5 - Waterfox Ltd)
WhoCrashed 6.00 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Win10 Spy Disabler v1.4 (HKLM\...\Win10 Spy Disabler_is1) (Version: 1.4.0.0 - site2unblock.com)
WinDirStat 1.1.2 (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\WinDirStat) (Version: - )
WindowManager (HKLM-x32\...\WindowManager) (Version: 6.3.1 - DeskSoft)
Windows 10 Manager (HKLM-x32\...\Windows 10 Manager) (Version: - YamicSoft)
Windows Explorer Tracker 2.0 (HKLM-x32\...\Windows Explorer Tracker_is1) (Version: - TriSun Software Inc.)
Windows Firewall Control (HKLM\...\Windows Firewall Control) (Version: 5.4.0.0 - BiniSoft.org)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinSplit Revolution (v11.04) (HKLM-x32\...\WinSplit Revolution) (Version: 11.04 - Raphael Lencrerot)
WinUAE 64-bit 4.0.1 (HKLM\...\{F018E828-F454-4D44-B298-C904116D9142}) (Version: 4.0.1.0 - Arabuusimiehet)
Wireshark 2.6.4 64-bit (HKLM-x32\...\Wireshark) (Version: 2.6.4 - The Wireshark developer community, hxxps://www.wireshark.org)
Wise Folder Hider (HKLM-x32\...\Wise Folder Hider_is1) (Version: 4.2.3 - WiseCleaner.com, Inc.)
XnConvert 1.77 (HKLM\...\XnConvert_is1) (Version: 1.77 - Gougelet Pierre-e)
XnView Shell Extension 3.5.1 (64bits) (HKLM\...\XnView Shell Extension_is1) (Version: 3.5.1 - Gougelet Pierre-e)
Zentimo PRO 2.1 (HKLM-x32\...\Zentimo PRO_is1) (Version: - Zentimo.com)
東芝スクリーンミラーリング (HKLM-x32\...\{FB840BB8-82D9-43F8-B7AD-C1DE01185294}) (Version: 1.0.13.3 - APUSONE Technology Inc.) Hidden
東芝スクリーンミラーリング for スマートフォン/タブレット (HKLM-x32\...\InstallShield_{FB840BB8-82D9-43F8-B7AD-C1DE01185294}) (Version: 1.0.13.3 - APUSONE Technology Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-813CB5835A7A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll ()
CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{b7c2f028-a138-4ad4-aaa1-77cf720d5c66}\InprocServer32 -> C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{d63b0bea-dc64-4c3b-af8b-d860551f91d4}\InprocServer32 -> C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-24] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-24] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayJunction] -> {0A479751-02BC-11d3-A855-0004AC2568FF} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-24] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-24] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-24] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-24] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlayJunction] -> {0A479751-02BC-11d3-A855-0004AC2568FF} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-24] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-24] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-16] (Adobe Systems Inc.)
ContextMenuHandlers1: [EDPShell] -> {58549232-7081-4541-882C-767DB238453C} => C:\Program Files\ExamDiff Pro\EDPShell.dll [2016-01-30] (PrestoSoft LLC)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-10-23] (ESET)
ContextMenuHandlers1: [File Marker] -> {B70B7A24-5180-4092-B3BA-6266F914C053} => C:\Program Files (x86)\FileMarker.NET\FileMarkerShlExt64.dll [2017-05-17] (ArcticLine Software)
ContextMenuHandlers1: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-24] (Hermann Schinagl)
ContextMenuHandlers1: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files\XnView\ShellEx\XnViewShellExt64.dll [2015-02-18] ()
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2018-10-30] (Paramount Software UK Ltd)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-10-23] (ESET)
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2018-10-30] (Paramount Software UK Ltd)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2018-09-18] (VMware, Inc.)
ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2018-09-18] (VMware, Inc.)
ContextMenuHandlers4: [AutopanoShell.ShellContextMenu] -> {4B4F4C4F-5220-4798-ABF3-EC03F7C8A498} => C:\Program Files\Kolor\Autopano Giga 4.4\AutopanoShell_x64.dll [2017-03-30] (Kolor)
ContextMenuHandlers4: [DrFolderExtension] -> {4ca4fa65-0669-3a6b-8c16-f5c69eaf9fc9} => C:\WINDOWS\system32\mscoree.dll [2018-09-15] (Microsoft Corporation)
ContextMenuHandlers5: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-24] (Hermann Schinagl)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-04-17] (Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-16] (Adobe Systems Inc.)
ContextMenuHandlers6: [EDPShell] -> {58549232-7081-4541-882C-767DB238453C} => C:\Program Files\ExamDiff Pro\EDPShell.dll [2016-01-30] (PrestoSoft LLC)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-10-23] (ESET)
ContextMenuHandlers6: [Folderico] -> {CC0C45C5-EFDE-4B8A-A8B0-9ED733D9E6AC} => C:\Program Files\FolderIco\FolderIco.dll [2017-01-01] (TeoreX)
ContextMenuHandlers6: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-24] (Hermann Schinagl)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\Program Files (x86)\OldNewExplorer\OldNewExplorer64.dll [2017-08-16] (www.startisback.com)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {14205348-27EF-4E6D-AD82-2614674D41BE} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-10-17] (Realtek Semiconductor)
Task: {1659DFB5-DDBB-4D01-BB31-0BA1307B4957} - System32\Tasks\WindowManager => C:\Program Files (x86)\WindowManager\WindowManager.exe [2018-10-23] (DeskSoft)
Task: {1C56DCA8-10B0-4C37-ACE2-F8BC7F49A90F} - System32\Tasks\Wub_task => C:\Windows Update Minitools avec script Wrapper\Wub.exe [2018-08-12] (www.sordum.org)
Task: {33491DD7-0509-48FE-8042-C7A8AE0D8207} - System32\Tasks\Argente Utilities\Finalize => C:\Program Files\Argente Utilities\ATaskFinalizer.exe [2018-07-30] (Raúl Argente)
Task: {362E6C82-6B3B-4F3D-B96E-122437C95EEC} - System32\Tasks\Moo0 Transparent Menu 1.20 => C:\Program Files (x86)\Moo0\TransparentMenu 1.20\TransparentMenu.exe [2013-10-19] (Moo0)
Task: {448D28A8-2070-4724-B317-4E1C9B4B1B2B} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2015-07-30] (TOSHIBA Corporation)
Task: {4B5B5485-E5F0-406A-824D-0EAF1A894968} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-06] (Microsoft Corporation)
Task: {546806BB-2BA3-4E40-986E-70A30DCD18EB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-06] (Microsoft Corporation)
Task: {56641A8D-BED1-4BB0-9799-5E8D9A77177B} - System32\Tasks\Microsoft\Office\IMESharePointDictionary => c:\Program Files\Common Files\Microsoft Shared\IME16\IMESharePointDictionary.exe [2018-11-01] (Microsoft Corporation)
Task: {5D1D6240-2BE6-4E53-952A-B4E862EEC206} - System32\Tasks\BTSchedulerTask => C:\Program Files (x86)\TOSHIBA\Toshiba Bluetooth Device Profile Utility\TosBt_NotificationScheduler.exe [2015-07-08] (Toshiba Corporation)
Task: {5D80B7BF-ACE8-424B-A0F3-1338EE512D94} - System32\Tasks\Opera scheduled Autoupdate 1525985527 => C:\Program Files\Opera\launcher.exe [2018-10-17] (Opera Software)
Task: {5F54C73B-1688-4260-8ACB-A282B8182E4A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-06] (Microsoft Corporation)
Task: {63344482-0CCF-4EBC-84DA-C26938622746} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\WINDOWS\system32\usoclient.exe [2018-09-15] ()
Task: {654C37BA-A0CC-4C99-AE74-9E35E0BBDD73} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_owner => C:\Program Files (x86)\Hard Disk Sentinel Pro\HDSentinel.exe [2018-07-17] (H.D.S. Hungary)
Task: {6DC234E0-886F-4EC5-B223-2F661F93E97A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {7767E194-954A-46DD-A7DD-A49A9EF4F2E9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-06] (Microsoft Corporation)
Task: {7A35A2E3-3CB4-4E28-B98D-832C02003592} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {8294C954-AF28-4726-A6BA-81BECFAA689D} - System32\Tasks\{150FD0FE-9A31-4F2A-8BE1-F923285CBAC6} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe" -d "C:\Program Files (x86)\Toshiba\OEM Registration Program"
Task: {94414C80-EE3B-4096-B74B-1B8C68F9BBFA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {9C70CE95-2341-45E9-A7AD-47C185C99F1E} - System32\Tasks\Core Temp Autostart owner => C:\Program Files\CoreTemp64\Core Temp.exe [2018-05-20] (ALCPU)
Task: {9DF39293-7B66-419C-B5EB-E5A538CFC5D6} - System32\Tasks\BetterDesktopTool => C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe [2018-04-29] ()
Task: {A16E3851-C7B3-47B8-AEDD-CF34239DE3FD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-01] (Microsoft Corporation)
Task: {A4C1B08E-8902-44DC-B978-5D106B460A15} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-06] (Microsoft Corporation)
Task: {A57B479F-C28A-45A7-8634-B4DE6286241D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-21] (Google Inc.)
Task: {AD4E8AFB-A48C-4E13-BE83-B8D87600CFB4} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {B46B584D-2BF3-4FA6-BC43-535F0026CCD5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-06] (Microsoft Corporation)
Task: {BBCEB79D-54D3-4F3F-BDAA-779097079FCF} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Backup Scan => C:\WINDOWS\system32\usoclient.exe [2018-09-15] ()
Task: {BD21C377-5B30-4E5A-B6F2-37D2086885E5} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {BD398A7E-169D-4E33-A264-4D204353B2E2} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network
Task: {C36E1A0B-6D30-409C-8FC3-9F80F2F46F1E} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-gokpok@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {C58975CA-052C-4DDE-9061-7FDAE294B57A} - System32\Tasks\S-1-5-21-1112066077-4254746724-1257480092-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-09-15] (Microsoft Corporation)
Task: {D4317FD3-BBC9-48ED-902A-BD964A6C9C13} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-01] (Microsoft Corporation)
Task: {D8E852BD-203B-4CA5-BDDD-23D798BDE084} - System32\Tasks\WDU => "C:\Windows Update Minitools avec script Wrapper\WDU.cmd"
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {E7048644-EE23-411A-B60E-C5318DA5B4CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-21] (Google Inc.)
Task: {EAF74F2E-D00A-4EFA-A8E2-EA9E2F469641} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2018-09-13] (Adobe Inc.)
Task: {EF521673-1858-4304-826B-E054707F0CF5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Système\VMware\ThinApp\ThinApp Help.lnk -> hxxp://www.vmware.com/info?id=90
Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Système\Link Shell Extension\Donate.lnk -> hxxp://schinagl.priv.at/nt/hardlinkshellext/linkshellextension.htm
Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet\Reset Data Usage.bat.lnk -> C:\Program Files (x86)\Reset Data Usage - Script\Reset_Data_Usage.bat ()
==================== Loaded Modules (Whitelisted) ==============
2016-06-07 07:20 - 2016-05-25 10:53 - 001634072 _____ () C:\Program Files (x86)\InternetOff\IOffSvc.exe
2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _____ () C:\Windows\System32\InputHost.dll
2018-10-06 02:54 - 2018-10-06 02:54 - 000125440 _____ () C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe
2018-01-31 12:35 - 2009-01-12 08:15 - 000082872 _____ () C:\WINDOWS\SysWOW64\NMSAccess64.exe
2018-10-16 13:14 - 2018-10-16 13:14 - 000437200 _____ () C:\Program Files (x86)\NordVPN\nordvpn-service.exe
2014-02-27 05:31 - 2014-02-27 05:31 - 000013312 _____ () C:\Windows\SysWOW64\SMITSC.exe
2017-08-21 08:15 - 2017-08-21 08:15 - 000453120 ____R () C:\Program Files\Intel\Wired Networking\NCS2\WMIPROV\Ncs2Provider.dll
2017-08-21 08:15 - 2017-08-21 08:15 - 000419328 ____R () C:\Program Files\Intel\Wired Networking\NCS2\Agent\AdapterAgnt.DLL
2016-08-31 08:49 - 2016-08-31 08:49 - 001088000 _____ () \\?\C:\Windows\Prey\versions\1.8.1\node_modules\sqlite3\lib\binding\node-v46-win32-x64\node_sqlite3.node
2011-04-12 21:53 - 2011-04-12 21:53 - 000015360 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplitHook64.DLL
2018-03-05 13:47 - 2018-03-05 13:47 - 000614848 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2004-09-30 19:15 - 2004-09-30 19:15 - 000192000 _____ () C:\Program Files\LinkShellExtension\RockallDLL.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-17 16:48 - 2018-03-28 01:04 - 000100864 _____ () C:\Program Files\ShellFolderFix64\ShellFolderFix.dll
2016-06-12 09:29 - 2015-02-18 19:46 - 002383360 _____ () C:\Program Files\XnView\ShellEx\XnViewShellExt64.dll
2018-04-17 16:03 - 2018-04-17 16:03 - 000401872 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-09-15 08:28 - 2018-09-15 08:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-29 13:54 - 2018-04-29 12:21 - 000396800 _____ () C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe
2018-04-29 13:54 - 2018-04-29 12:21 - 000337920 _____ () C:\Program Files (x86)\BetterDesktopTool\BetterDesktopToolServer.exe
2017-05-01 16:55 - 2012-04-28 06:01 - 000350720 _____ () C:\Program Files (x86)\Stick it 1.00.0b\Stick-It!.exe
2018-10-11 03:53 - 2018-09-26 04:18 - 000898560 _____ () C:\NetWorx\sqlite3.dll
2016-06-07 07:20 - 2016-05-25 10:53 - 003182360 _____ () C:\Program Files (x86)\InternetOff\InternetOff.exe
2016-06-08 17:28 - 2007-09-02 12:58 - 000495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2011-04-12 21:53 - 2011-04-12 21:53 - 003951616 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe
2011-04-12 21:53 - 2011-04-12 21:53 - 000015872 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr32.exe
2011-04-12 21:53 - 2011-04-12 21:53 - 000017920 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr64.exe
2017-10-05 00:13 - 2017-10-05 00:13 - 000263680 _____ () C:\Users\owner\AppData\Roaming\Textify\Textify.exe
2017-03-19 10:00 - 2014-10-03 13:06 - 000014848 _____ () C:\Program Files\volumouse-x64\volumouse32.exe
2018-09-28 13:14 - 2018-09-28 13:14 - 000110592 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll
2018-09-28 13:14 - 2018-09-28 13:14 - 000100352 _____ () C:\Program Files\Rainmeter\Plugins\WiFiStatus.DLL
2016-06-09 12:37 - 2014-04-07 11:18 - 002592256 _____ () C:\Program Files (x86)\Gest\Gest.exe
2018-04-17 16:48 - 2018-03-28 01:43 - 002630656 _____ () C:\Program Files\ShellFolderFix64\ShellFolderFixUI.exe
2016-10-05 12:41 - 2013-09-22 09:40 - 000132312 _____ () C:\Program Files (x86)\wizmouse 1.7.0.3 portable\WizMouse.exe
2018-05-24 13:45 - 2018-05-24 13:45 - 000250368 _____ () C:\Program Files (x86)\NordVPN\x86\Liberation.Native.Firewall.dll
2017-12-11 19:04 - 2017-12-11 19:04 - 000128424 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\expat.dll
2017-12-11 19:04 - 2017-12-11 19:04 - 000402776 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\ssoClient.dll
2017-12-11 19:04 - 2017-12-11 19:04 - 000096256 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\mspack.dll
2018-04-29 13:54 - 2018-04-29 12:20 - 000117248 _____ () C:\Program Files (x86)\BetterDesktopTool\HookLibrary.dll
2011-04-12 21:53 - 2011-04-12 21:53 - 000013312 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplitHook32.DLL
2016-06-08 17:28 - 2007-09-02 12:57 - 000069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2018-08-15 03:58 - 2018-08-15 03:58 - 000086016 _____ () C:\Program Files (x86)\AutoSizer\AutoSizer.dll
2011-04-12 21:53 - 2011-04-12 21:53 - 000011264 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplitLib.dll
2015-03-16 18:34 - 2015-03-16 18:34 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\fr_fr\acrotray.fra
2017-11-22 11:18 - 2017-11-22 11:18 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:6DAA43DB [406]
AlternateDataStreams: C:\ProgramData\TEMP:810B9F0D [136]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2018-11-01 14:53 - 000004315 ____R C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 activation.acronis.com
0.0.0.0 web-api-tih.acronis.com
0.0.0.0 web-api-tie.acronis.com
0.0.0.0 web-api-vmp.acronis.com
0.0.0.0 cloud-rs-ru2.acronis.com
0.0.0.0 cloud-fes-ru2.acronis.com
0.0.0.0 rpc.acronis.com
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nstac.net
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 reports.wes.df.telemetry.microsoft.com
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 settings-sandbox.data.microsoft.com
0.0.0.0 settings-win.data.microsoft.com
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.microsoft.com
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 vortex-sandbox.data.microsoft.com
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 vortex.data.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
There are 94 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\Control Panel\Desktop\\Wallpaper -> C:\Fond d'ecran\Copie de Kyoto.jpeg
DNS Servers: 80.67.169.12 - 80.67.169.40
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [Microsoft-Windows-Unified-Telemetry-Client] => (Block) C:\WINDOWS\system32\svchost.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [{5CEDE0DF-9778-4F97-B595-30ED72382764}] => (Allow) C:\Users\owner\AppData\Local\Programs\Fiddler\Fiddler.exe
FirewallRules: [{F9200EA3-BEA8-419E-A374-52BEA93113A4}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{8320DEB6-5919-4AA5-8D47-5C66EFD63C05}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{54B5D953-6D2E-42FD-B13B-35F429C34A25}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{A120E162-25D1-46DF-A72B-D1ED9843A424}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{86CB56F2-7EC6-4731-935F-F4DBBE4516FA}] => (Block) C:\Users\owner\AppData\Roaming\Gest\GestLauncher.exe
FirewallRules: [{6433748A-774C-43DE-A508-C2B31EE05154}] => (Block) C:\Users\owner\AppData\Roaming\Gest\GestUpdater.exe
FirewallRules: [{77E1BACF-3819-489D-A37C-6F8CD56C3BD8}] => (Block) C:\Program Files (x86)\Gest\Gest.exe
FirewallRules: [UDP Query User{8D2A84A1-BA6F-4EDA-A629-D7BE26DA681A}C:\users\owner\desktop\madvr\madtpg.exe] => (Allow) C:\users\owner\desktop\madvr\madtpg.exe
FirewallRules: [TCP Query User{D8491832-3060-4E03-8391-3C4B73054CAC}C:\users\owner\desktop\madvr\madtpg.exe] => (Allow) C:\users\owner\desktop\madvr\madtpg.exe
FirewallRules: [UDP Query User{59EBECA0-DAAB-4AA5-9497-B1D5F68D3FF8}C:\users\owner\desktop\madvr\madhcctrl.exe] => (Allow) C:\users\owner\desktop\madvr\madhcctrl.exe
FirewallRules: [TCP Query User{9E45959D-3E28-4046-B7D8-BAA86568D9C8}C:\users\owner\desktop\madvr\madhcctrl.exe] => (Allow) C:\users\owner\desktop\madvr\madhcctrl.exe
FirewallRules: [UDP Query User{ADE25F56-ABAA-4A1F-976D-BB339D2DAC26}C:\sdi\sdi_x64_r1809.exe] => (Allow) C:\sdi\sdi_x64_r1809.exe
FirewallRules: [TCP Query User{F024C10D-8408-4DAC-8B3D-72F56693392A}C:\sdi\sdi_x64_r1809.exe] => (Allow) C:\sdi\sdi_x64_r1809.exe
FirewallRules: [{173FFB07-0278-4E55-87FA-F58321E79CD0}] => (Block) C:\Program Files\PreSonus\Studio One 4\Studio One.exe
FirewallRules: [{ECA182A3-EA08-43DC-8B6F-BE45072A3EF9}] => (Block) C:\Program Files\PreSonus\Studio One 4\PlugInScanner.exe
FirewallRules: [{74C8E107-44BA-49EA-B2D0-63863F57384D}] => (Block) C:\Program Files\PreSonus\Studio One 4\Studio One.exe
FirewallRules: [{6D287952-8A78-4E91-9064-5CC6A6002946}] => (Block) C:\Program Files\Topaz Labs\Topaz A.I. GigaPixel\UpdateManager.exe
FirewallRules: [{964F62C4-47FD-4D3A-AC72-6F06AE1A237A}] => (Block) C:\Program Files\Topaz Labs\Topaz A.I. GigaPixel\Topaz A.I. Gigapixel.exe
FirewallRules: [{0E250452-F526-438B-ACE3-B2E8BBE2DBD2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{38B9A3F7-CA5C-4C67-A344-69CD029DC8C6}] => (Block) C:\My CPU Monitor\My CPU Monitor.exe
FirewallRules: [{78C20C0F-0FAB-4049-895B-75CFB613449A}] => (Allow) C:\Program Files\Windows Firewall Control\wfc.exe
FirewallRules: [{4EC45434-9594-478F-A751-11FACF873E11}] => (Allow) C:\Windows\Prey\versions\1.8.1\bin\node.exe
FirewallRules: [{70CBBC2D-9CEF-4E77-8E47-940CAAF40A20}] => (Block) C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe
FirewallRules: [{71A96720-3EA5-47E0-8D05-B5ACD5A53FC7}] => (Block) C:\Program Files (x86)\BetterDesktopTool\BetterDesktopToolServer.exe
FirewallRules: [{60E6D465-398E-4850-BE86-7EF7620A2377}] => (Block) C:\windows\system32\svchost.exe
FirewallRules: [{4C751C72-0D13-4062-835D-50AC5B2269C5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{27A90A87-DF76-4149-A3B9-D853831D387B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{83A8806C-9564-4516-AEFB-53807FBDE464}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A4FA2263-E1DA-4109-A762-7406AEEB19EB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2ACC8486-FA60-45D6-99A0-57B6EEE73832}] => (Allow) C:\Program Files (x86)\Steam\steamapps\Common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{97BF53C6-661D-4C86-8B41-828956F528B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\Common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{D73E069C-FC1A-4560-87EA-73B3F073435B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\Common\Spacewar\SteamworksExample.exe
FirewallRules: [{6DE6F25A-F9C7-4EBC-85E7-A01A717E7676}] => (Allow) C:\Program Files (x86)\Steam\steamapps\Common\Spacewar\SteamworksExample.exe
FirewallRules: [{FA74EE12-1948-4D65-9C2C-CFD50E69707E}] => (Block) LPort=8318
FirewallRules: [{3276B4B5-4831-4FAD-86B7-966351A2A672}] => (Block) %ProgramFiles% (x86)\Destroy Windows 10 Spying\Destroy Windows 10 Spying.exe
FirewallRules: [{9C7026D5-6268-4457-B52E-ACD7827D0BD0}] => (Block) %ProgramFiles% (x86)\Destroy Windows 10 Spying\Destroy Windows 10 Spying.exe
FirewallRules: [{F43936C9-4F0F-48FA-9FB0-CE2E235C307B}] => (Allow) C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{F8546430-C419-4C78-931D-8248F42B55B0}] => (Allow) C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{398A6E4C-9A77-4D1E-B37F-ACE3A95B1A26}] => (Block) C:\Program Files\Windows Firewall Control\wfc.exe
FirewallRules: [{EC5633D4-B1E2-44BD-B80E-747FBB6D11A6}] => (Block) C:\WINDOWS\system32\spoolsv.exe
FirewallRules: [{1747461C-472A-46C3-BE21-B120D90531B7}] => (Allow) C:\Program Files\waterfox\waterfox.exe
FirewallRules: [{FABB2FC8-00BF-4EE8-9D2E-C89E687CEE2C}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
FirewallRules: [TCP Query User{0C45436E-3294-4394-A6D0-D9DA6744F501}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{20F73919-3406-4586-9367-28A75003B4E1}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{4C356547-3C4D-4EFA-9D21-DB54EE9E0E1E}] => (Block) C:\WINDOWS\Explorer.EXE
FirewallRules: [{FD1F2068-F697-46B0-81FF-2C112388FDAD}] => (Block) C:\Program Files\Notepad++\notepad++.exe
FirewallRules: [{01BC0803-1306-4EE7-909F-7D2F2BE3A736}] => (Block) C:\Program Files\SumatraPDF\SumatraPDF.exe
FirewallRules: [{17339735-D644-49C2-9079-0E98CD23550B}] => (Block) C:\Program Files\WinRAR\WinRAR.exe
FirewallRules: [{90F28D44-48CC-43B8-8A1B-CF1B48606A01}] => (Block) C:\Program Files\Win10 Spy Disabler\Win10SpyDisabler.exe
FirewallRules: [{C6AF62E3-AB8A-432A-998A-FFB86CC6208D}] => (Block) C:\Program Files (x86)\Free Video Cutter\FreeVideoCutter.exe
FirewallRules: [{08F0760E-BEDA-4B67-962C-CAC174745E14}] => (Block) C:\Program Files (x86)\Volume2\Volume2.exe
FirewallRules: [{1A825B0E-75AB-4F24-9C16-F0089BED656B}] => (Block) C:\Program Files (x86)\Volume2\Volume2PM.exe
FirewallRules: [{86A315BD-CFA0-4EC9-818C-8C413816AF9E}] => (Block) C:\Program Files\ExamDiff Pro\ExamDiff.exe
FirewallRules: [{AC39045C-9316-4A0D-9878-161FC2EF1FF5}] => (Block) C:\Program Files\Windows Firewall Control\wfc.exe
FirewallRules: [{2E9BD135-78EC-4905-B60B-F512D0D6616E}] => (Block) C:\WINDOWS\system32\spoolsv.exe
FirewallRules: [TCP Query User{9A261B67-246E-4417-84C1-2BE7A9A0F936}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{108AC259-7467-48F7-9310-7AA50E5A3BA2}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{1EFC87AF-A0B2-447C-BA40-6B932BFAA2EC}C:\program files (x86)\networkconnectlog\networkconnectlog.exe] => (Allow) C:\program files (x86)\networkconnectlog\networkconnectlog.exe
FirewallRules: [UDP Query User{4AF9B01C-CDD0-45FB-9263-9A664F1FC340}C:\program files (x86)\networkconnectlog\networkconnectlog.exe] => (Allow) C:\program files (x86)\networkconnectlog\networkconnectlog.exe
FirewallRules: [0001a555-e2d6-0ddf-a6fe-8db4decfb0bf] => (Block) C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe
FirewallRules: [{635683B1-AA0F-48E9-97AF-544691311146}] => (Block) C:\Program Files (x86)\BetterDesktopTool\BetterDesktopToolServer.exe
FirewallRules: [{DD4E849F-666F-46CD-B289-04237CD6D6A2}] => (Block) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD.exe
FirewallRules: [{E8486AC1-693B-4623-91AA-764438623982}] => (Block) C:\Program Files (x86)\CyberLink\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe
FirewallRules: [{9BCADC0F-582E-4A48-97EC-689BC7F6799C}] => (Block) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe
FirewallRules: [{526FFB43-542E-4C0B-8E7F-66C2D2E18CBE}] => (Block) C:\Program Files (x86)\CyberLink\PowerDVD18\Movie\PowerDVDMovie.exe
FirewallRules: [{FBE9DD93-0529-40BA-99FF-FD26D5D118D8}] => (Block) C:\Program Files (x86)\CyberLink\PowerDVD18\CastingStation.exe
FirewallRules: [{F66A061B-F3A6-47DE-84A2-B6DF6F16D8A2}] => (Allow) C:\NetWorx\networx.exe
FirewallRules: [{FE20D391-B385-4C64-A6A2-305E457BDF7E}] => (Block) C:\Program Files\Dr. Folder\DrFolderCmd.exe
FirewallRules: [{E90D1FE5-72BB-49A6-A38C-CBE9F5F6734D}] => (Block) C:\Program Files\Dr. Folder\DrFolder.exe
FirewallRules: [{1D7D593D-7CC3-4302-AABF-2C09C44D7178}] => (Allow) C:\Program Files\Opera\56.0.3051.43\opera.exe
FirewallRules: [{DD869CF7-5CF8-444C-9201-440D5AB1B6F8}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{382AC9DC-F4B0-4FC8-8F0C-EB164BF36B53}] => (Allow) C:\Program Files\Opera\56.0.3051.52\opera.exe
FirewallRules: [{7948490A-9AF9-4223-ABE2-100B69D212F8}] => (Block) C:\Program Files (x86)\Edraw Max 9.3\EdrawMax.exe
FirewallRules: [{F071A873-1322-420C-AFF8-408FB6273843}] => (Block) C:\Program Files (x86)\Actual Transparent Window\ActualTransparentWindowCenter.exe
FirewallRules: [{C27BAB66-9C89-46C5-B8B4-5CB41E2137BF}] => (Block) C:\Program Files (x86)\Actual Transparent Window\ActualTransparentWindowConfig.exe
FirewallRules: [{2F1FFA4A-D575-4508-95B2-C044B089C748}] => (Block) C:\Program Files (x86)\AOMEI Partition Assistant Unlimited Edition 7.5\PartAssist.exe
FirewallRules: [{8DCF6624-658B-4E9E-A016-0E20A210182C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{75E78A95-25B4-4F75-881F-B7734D18486D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7290F9D5-9301-47DC-AAB7-BC1E6A952B43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BED3919D-7E18-4985-90C1-6028E2622196}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8DC3D838-F8A8-4293-A8F3-C16CE2DC783B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{437BF612-3495-4A06-909B-16FC406F73AE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3A3D9760-BEE6-42B5-A7C4-60F3E9D2FBB9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{75AAC906-5AF0-4169-B534-C025B03D106F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E4C84C82-810A-41FD-ACF3-EE7233A17019}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE
FirewallRules: [{9A3848DC-9C3D-440B-B7B7-EEEEBDB26D6C}] => (Block) C:\Program Files (x86)\NCH Software\Recordpad\recordpad.exe
FirewallRules: [{52D5091B-68D1-41CC-9657-AE51B1A7581F}] => (Block) C:\Program Files (x86)\NCH Software\SoundTap\soundtap.exe
FirewallRules: [{4C5257FA-9E27-4D71-A7BB-2F5A8BF5617C}] => (Block) C:\Program Files (x86)\NCH Software\SoundTap\stdriverinstallerx86.exe
FirewallRules: [{8D245AD8-8EA3-466E-A72C-8703A3B3E27B}] => (Block) C:\Program Files (x86)\NCH Software\SoundTap\stdriverinstallerx64.exe
FirewallRules: [{010001EB-C8BC-41E5-8053-0C7E9A420577}] => (Block) C:\Program Files (x86)\NCH Software\SoundTap\mp3enc.exe
FirewallRules: [{5B2BE70E-398B-414E-B4B1-0FA1E26159C3}] => (Block) C:\Program Files (x86)\NCH Software\Recordpad\mp3el.exe
FirewallRules: [{2B42F28E-6D77-4CBE-960F-235575CF13F6}] => (Block) C:\Program Files (x86)\NCH Software\Recordpad\recordpadsetup_v7.05.exe
FirewallRules: [{459E96CF-4117-4464-A4A7-BFFE0EB7EF45}] => (Block) C:\Program Files (x86)\NCH Software\SoundTap\soundtapsetup_v5.06.exe
FirewallRules: [{2CAA9C67-7B5D-4185-A8A8-CFB09138B47E}] => (Block) C:\CareUEyes\CareUEyesPortable.exe
FirewallRules: [{F68BC663-0F62-4AFF-89C6-10DF98D0148C}] => (Block) C:\CareUEyes\App\ProgramFiles\careueyes.exe
FirewallRules: [{8C1388F4-0884-4A45-A92A-AEA355D305DC}] => (Block) C:\IObit Uninstaller\App\ProgramFiles\IObitUninstaler.exe
FirewallRules: [{2822006A-F5DE-4F5C-9D0F-98DC6880AAA0}] => (Block) C:\IObit Uninstaller\App\ProgramFiles\Uninstaler_SkipUac.exe
FirewallRules: [{BF085E16-4B72-40BB-A0FD-470429D8ABBD}] => (Block) C:\IObit Uninstaller\App\ProgramFiles\ScreenShot.exe
FirewallRules: [{9F7CBE9D-90B6-4550-91A4-BBB84E276AF4}] => (Block) C:\IObit Uninstaller\App\ProgramFiles\SpecUTool.exe
FirewallRules: [{1877B867-D0FA-4AEA-8ACA-403790F88A53}] => (Block) C:\IObit Uninstaller\App\ProgramFiles\iush.exe
FirewallRules: [{7E7E8D80-47CD-40D0-B1A1-736DF3BF1CC3}] => (Block) C:\IObit Uninstaller\App\ProgramFiles\IUService.exe
FirewallRules: [{8BBB01F0-79AA-45B9-8140-5703FDB5D692}] => (Block) C:\IObit Uninstaller\App\ProgramFiles\IUProtip.exe
FirewallRules: [{FDAECD6D-3108-4E5C-A173-F49B57E5974A}] => (Block) C:\IObit Uninstaller\App\ProgramFiles\DSPut.exe
FirewallRules: [{3E8929CA-423E-4FD3-9780-AED15C9C84C2}] => (Block) C:\IObit Uninstaller\App\ProgramFiles\CrRestore.exe
FirewallRules: [{A8DD00BF-2DC3-4758-A80A-F4563DC5AFB8}] => (Block) C:\Zentimo\Zentimo.exe
FirewallRules: [{D4F07E25-2CA9-4C8E-AD0F-67B8580DE41D}] => (Block) C:\Zentimo\KeyGen.exe
FirewallRules: [{BE394351-8C19-4B7A-8049-B4E670D612E3}] => (Block) C:\WinaeroTweaker\WinaeroTweaker.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/07/2018 11:20:20 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: PC)
Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126).
Error: (11/07/2018 11:20:20 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code d’état.
Error: (11/07/2018 11:20:19 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: PC)
Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126).
Error: (11/07/2018 11:20:18 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: PC)
Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126).
Error: (11/07/2018 11:20:19 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code d’état.
Error: (11/07/2018 11:20:18 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code d’état.
Error: (11/07/2018 10:48:33 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: PC)
Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126).
Error: (11/07/2018 10:48:32 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: PC)
Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126).
System errors:
=============
Error: (11/07/2018 11:21:32 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Le serveur {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (11/07/2018 11:19:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Les paramètres d’autorisation アプリケーション固有 n’accordent pas l’autorisation ローカル アクティブ化 pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID NT AUTHORITY\LOCAL SERVICE de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (LRPC 使用) s’exécutant dans le SID 利用不可 du conteneur d’applications (利用不可). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/07/2018 11:19:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Les paramètres d’autorisation アプリケーション固有 n’accordent pas l’autorisation ローカル アクティブ化 pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID NT AUTHORITY\LOCAL SERVICE de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (LRPC 使用) s’exécutant dans le SID 利用不可 du conteneur d’applications (利用不可). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/07/2018 11:19:33 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service NcaSvc dépend du service Dnscache qui n’a pas pu démarrer en raison de l’erreur :
Le service ne peut pas être démarré parce qu’il est désactivé ou qu’aucun périphérique activé ne lui est associé.
Error: (11/07/2018 11:19:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service WaaSMedicSvc s’est arrêté avec l’erreur :
Accès refusé.
Error: (11/07/2018 10:49:44 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Le serveur {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (11/07/2018 10:47:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Les paramètres d’autorisation アプリケーション固有 n’accordent pas l’autorisation ローカル アクティブ化 pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID NT AUTHORITY\LOCAL SERVICE de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (LRPC 使用) s’exécutant dans le SID 利用不可 du conteneur d’applications (利用不可). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (11/07/2018 10:47:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Les paramètres d’autorisation アプリケーション固有 n’accordent pas l’autorisation ローカル アクティブ化 pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID NT AUTHORITY\LOCAL SERVICE de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (LRPC 使用) s’exécutant dans le SID 利用不可 du conteneur d’applications (利用不可). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
CodeIntegrity:
===================================
Date: 2018-11-01 14:30:13.205
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\OldNewExplorer\OldNewExplorer64.dll that did not meet the Store signing level requirements.
Date: 2018-10-31 17:29:29.281
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\OldNewExplorer\OldNewExplorer64.dll that did not meet the Store signing level requirements.
Date: 2018-10-03 06:03:55.692
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\OldNewExplorer\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-10-03 06:03:21.278
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-10-03 06:03:21.268
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-10-03 06:03:21.253
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-10-03 06:03:21.241
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-10-03 06:03:21.226
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4710MQ CPU @ 2.50GHz
Percentage of memory in use: 19%
Total physical RAM: 16309.31 MB
Available physical RAM: 13131.51 MB
Total Virtual: 22309.31 MB
Available Virtual: 19084.54 MB
==================== Drives ================================
Drive c: (WINDOWS) (Fixed) (Total:474.82 GB) (Free:92.34 GB) NTFS
\\?\Volume{ab29ca1c-c1b0-4e61-9969-00a222608341}\ (System) (Fixed) (Total:1 GB) (Free:0.65 GB) NTFS
\\?\Volume{12aa91a7-a596-4fdd-9a56-99cb75c43ce3}\ () (Fixed) (Total:0.9 GB) (Free:0.43 GB) NTFS
\\?\Volume{265804b8-9136-407a-8277-c9cc2a7ef41a}\ () (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 71621405)
Partition: GPT.
==================== End of Addition.txt ============================