Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13.02.2019
Ran by VincentVV (13-02-2019 21:50:22)
Running from \\diskstation\public
Windows 10 Pro Version 1709 16299.248 (X64) (2018-03-03 11:16:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-501884528-3981272531-2506353386-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-501884528-3981272531-2506353386-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-501884528-3981272531-2506353386-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-501884528-3981272531-2506353386-501 - Limited - Disabled)
VincentVV (S-1-5-21-501884528-3981272531-2506353386-1001 - Administrator - Enabled) => C:\Users\VincentVV
WDAGUtilityAccount (S-1-5-21-501884528-3981272531-2506353386-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
AOMEI Partition Assistant Standard Edition 7.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Box Sync (HKLM-x32\...\{7a31e654-f419-48e9-8dad-aa87dd7294f1}) (Version: 4.0.7886.0 - Box Inc.) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FortiClient (HKLM\...\{92CBFA29-7A5F-4EBF-8EB1-627FC3DBFA7C}) (Version: 5.6.6.1167 - Fortinet Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.96 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Juniper Networks Network Connect 8.0 (HKLM-x32\...\Juniper Network Connect 8.0) (Version: 8.0.3.30619 - Juniper Networks)
Juniper Networks Setup Client (HKU\S-1-5-21-501884528-3981272531-2506353386-1001\...\Juniper_Setup_Client) (Version: 8.0.3.44983 - Juniper Networks)
Juniper Networks Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
KeePass Password Safe 1.35 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.35 - Dominik Reichl)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech - Assistant pour jeux vidéo 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.)
Macs Fan Control (HKLM-x32\...\Macs Fan Control_is1) (Version: 1.4.12.0 - CrystalIDEA Software)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.10730.20264 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-501884528-3981272531-2506353386-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-501884528-3981272531-2506353386-1001\...\Teams) (Version: 1.2.00.2460 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.10730.20264 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 62.0.2 (x64 en-US) (HKU\S-1-5-21-501884528-3981272531-2506353386-1001\...\Mozilla Firefox 62.0.2 (x64 en-US)) (Version: 62.0.2 - Mozilla)
MSP Remote Support by Splashtop (HKLM-x32\...\{B50A01B7-1780-4CFF-90A3-9E4143E415F5}) (Version: 1.0.2.0 - Splashtop Inc.)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10730.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10730.20264 - Microsoft Corporation) Hidden
OpenVPN 2.4.5-I601 (HKLM\...\OpenVPN) (Version: 2.4.5-I601 - OpenVPN Technologies, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.8 - Tracker Software Products Ltd)
Remote Desktop Manager (HKLM-x32\...\{E0FC5C61-6A12-4AE4-B561-70B0CC77202F}) (Version: 12.6.8.0 - Devolutions inc.)
RVTools (HKLM-x32\...\{9A0F8830-B1BD-4224-BF3E-52846649BCDC}) (Version: 3.10.1 - Robware)
Screenpresso (HKU\S-1-5-21-501884528-3981272531-2506353386-1001\...\Screenpresso) (Version: 1.7.5.0 - Learnpulse)
Services Boot Camp (HKLM\...\{FCFFE6B6-BAE8-490E-88D0-097A9DA1C43D}) (Version: 6.0.6136 - Apple Inc.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 44.2.55120 - Sonos, Inc.)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 3.1.8.0 - Splashtop Inc.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{133A2E34-3E09-4A1A-A9AA-F9D8E5417199}) (Version: 2.50.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VMware Client Integration Plug-in 5.6.0 (HKLM-x32\...\{89784425-6C7C-4DF6-B32E-C0B7AE2303EF}) (Version: 5.6.0.6211133 - VMware, Inc.)
VMware Enhanced Authentication Plug-in 6.5.0 (HKLM-x32\...\{A40DBC80-DB43-4EB0-BEB2-C1F0A8B5AD02}) (Version: 6.5.0.4809 - VMware, Inc.)
VMware Plug-in Service (HKLM-x32\...\{23278BE2-D963-4BE1-8513-79E563642926}) (Version: 6.5.0.151 - VMware, Inc.)
VMware Remote Console (HKLM-x32\...\{D1B89899-37C2-44D3-9CF5-64BAEEC0E09B}) (Version: 10.0.2 - VMware, Inc.)
WhatsApp (HKU\S-1-5-21-501884528-3981272531-2506353386-1001\...\WhatsApp) (Version: 0.3.2043 - WhatsApp)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Windows Driver Package - Apple Inc. (AppleCamera) Image (06/17/2015 5.1.6100.0) (HKLM\...\1F574B24D6219A3143F26122C3D7B67AC621218D) (Version: 06/17/2015 5.1.6100.0 - Apple Inc.)
Windows Driver Package - Apple Inc. (AppleUSBEthernet) Net (02/01/2008 3.10.3.10) (HKLM\...\D53CBF2C12DF51DA5E9C1A9DA97FF0DCA0C524C5) (Version: 02/01/2008 3.10.3.10 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Display (01/23/2009 3.0.0.0) (HKLM\...\E0EAD0CEA9119B77350ED4DE28D9A82E57014D94) (Version: 01/23/2009 3.0.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) (HKLM\...\D5BB697E7D0C75712F3AD00AB1B85412CB5C0FD3) (Version: 02/21/2008 2.0.4.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Keyboard (07/21/2015 5.1.6160.0) (HKLM\...\D2D3AB0DFD6CA4C10F9B608AC1A57D5D55A71596) (Version: 07/21/2015 5.1.6160.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Keyboard (09/04/2015 6.0.6200.0) (HKLM\...\880957E47EAAFD2D2B2977D3192A8E52A777838A) (Version: 09/04/2015 6.0.6200.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multi-Touch (03/30/2015 5.1.5900.0) (HKLM\...\85AD59D6F43923644E140D13C9494D0B9E6775F6) (Version: 03/30/2015 5.1.5900.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multi-Touch Pro (09/08/2015 6.0.6200.0) (HKLM\...\90F53401DD01030A1D7DFAF3F0F77D3C2BD08B9A) (Version: 09/08/2015 6.0.6200.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\D6B4CB6AD2F81752C2EF8DCF6AD5EBC567ADD45C) (Version: 05/17/2010 3.1.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple SD Card Reader (07/22/2013 1.0.0.1) (HKLM\...\D323E2C0C5E4948B07EE346CF62161281B0A8578) (Version: 07/22/2013 1.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple System Device (02/23/2015 5.1.4.0) (HKLM\...\7CCA73822D13048A6F7333D8BC7C76B2B9D4186F) (Version: 02/23/2015 5.1.4.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Mouse (08/31/2015 6.0.6200.0) (HKLM\...\65D516D0236CD0C531E12B8B4E59E2846D59DD30) (Version: 08/31/2015 6.0.6200.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Trackpad (10/29/2011 5.0.0.0) (HKLM\...\551732BB0872DA97E26385C221B172A5BD4DE93C) (Version: 10/29/2011 5.0.0.0 - Apple Inc.)
Windows Driver Package - Atheros Communications Inc. (athr) Net (11/13/2010 9.2.0.113) (HKLM\...\F0A3F8394866FA91E82C8D5AB92C918FE40FE1DF) (Version: 11/13/2010 9.2.0.113 - Atheros Communications Inc.)
Windows Driver Package - Broadcom (b57nd60a) Net (09/12/2014 16.8.0.4) (HKLM\...\52A3E8A4470A399105E841E06FD7C6347B788285) (Version: 09/12/2014 16.8.0.4 - Broadcom)
Windows Driver Package - Broadcom (B57ports) Net (10/15/2012 1.0.0.3) (HKLM\...\01396BB9E2633BC0DF02F4456D00791CEC0386A6) (Version: 10/15/2012 1.0.0.3 - Broadcom)
Windows Driver Package - Broadcom (BCM43XX) Net (07/12/2017 7.35.118.73) (HKLM\...\87429917783DD23239BD6A417DAFCF56A6331D8D) (Version: 07/12/2017 7.35.118.73 - Broadcom)
Windows Driver Package - Broadcom (BCM43XX) Net (07/24/2015 7.35.118.40) (HKLM\...\636525759A12D18B7BB257132F353A1C85A0D8AA) (Version: 07/24/2015 7.35.118.40 - Broadcom)
Windows Driver Package - Broadcom (BCM43XX) Net (11/13/2012 5.106.199.1) (HKLM\...\3D6DDDCF8961C8C866F6660579A59B5B6CFA281F) (Version: 11/13/2012 5.106.199.1 - Broadcom)
Windows Driver Package - Broadcom Corporation (bScsiSDa) System (01/10/2014 1.0.0.256) (HKLM\...\35B16C75F55CBB304E72CB9CC504E2846F4006C7) (Version: 01/10/2014 1.0.0.256 - Broadcom Corporation)
Windows Driver Package - Cirrus Logic, Inc. (CirrusFilter) MEDIA (02/14/2014 6.6001.1.41) (HKLM\...\4267FF90A76783DDB2611E1C402D40C7EE6BC827) (Version: 02/14/2014 6.6001.1.41 - Cirrus Logic, Inc.)
Windows Driver Package - Cirrus Logic, Inc. MEDIA (03/25/2015 6.6001.3.24) (HKLM\...\B138FC4CD929DD9900FF8B76C907AA282604F43F) (Version: 03/25/2015 6.6001.3.24 - Cirrus Logic, Inc.)
Windows Driver Package - Intel (e1express) Net (03/26/2010 9.13.41.0) (HKLM\...\159439476E3A00F9FAE49DD6C1A78F2F6288A5B9) (Version: 03/26/2010 9.13.41.0 - Intel)
Windows Driver Package - Intel (e1kexpress) Net (04/12/2010 11.6.92.0) (HKLM\...\5BEF08C10896D86DC13394FFA75874564B700368) (Version: 04/12/2010 11.6.92.0 - Intel)
Windows Driver Package - Intel (e1qexpress) Net (12/04/2009 11.4.7.0) (HKLM\...\57AFA39B22ADEC4E383572E9331167546EB3C9C7) (Version: 12/04/2009 11.4.7.0 - Intel)
Windows Driver Package - Intel (e1rexpress) Net (01/07/2010 11.4.16.0) (HKLM\...\F71DB41300D30088C8D3716343D1429488E605C1) (Version: 01/07/2010 11.4.16.0 - Intel)
Windows Driver Package - Intel (e1yexpress) Net (04/07/2010 10.1.9.0) (HKLM\...\CB599752301BCA080D135697FDD05900F5A5CF4C) (Version: 04/07/2010 10.1.9.0 - Intel)
Windows Driver Package - Intel Corporation (iaLPSS_GPIO) System (06/13/2014 1.1.226.2) (HKLM\...\8BC4E9FD6C3043002821AE8637B64D1F49158967) (Version: 06/13/2014 1.1.226.2 - Intel Corporation)
Windows Driver Package - Intel Corporation (iaLPSS_I2C) System (06/13/2014 1.1.226.2) (HKLM\...\12B5BD67769FF25AA5FD3176BB05C144EE57E87E) (Version: 06/13/2014 1.1.226.2 - Intel Corporation)
Windows Driver Package - Intel Corporation (iaLPSS_SPI) System (06/13/2014 1.1.226.2) (HKLM\...\D31B79C75E3A9BF07A6B49DECBE8AF63DD032F4E) (Version: 06/13/2014 1.1.226.2 - Intel Corporation)
Windows Driver Package - Intel Corporation (iaLPSS_UART2) System (01/08/2015 1.1.226.4) (HKLM\...\BBFE1447BB09A9341D77F1B3F64069F9B1FD852C) (Version: 01/08/2015 1.1.226.4 - Intel Corporation)
Windows Driver Package - Marvell (yukonx64) Net (12/06/2007 10.51.1.3) (HKLM\...\CDD703ED0B390A5643DB748EBFA5BD55FEEC0D8A) (Version: 12/06/2007 10.51.1.3 - Marvell)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-501884528-3981272531-2506353386-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\VincentVV\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.18361.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-501884528-3981272531-2506353386-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\VincentVV\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.18361.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-07-23] (Notepad++ -> )
ContextMenuHandlers1: [FortiClient] -> {7AE5C558-994B-40B7-8730-2DAC2B96781B} => C:\Program Files (x86)\Fortinet\FortiClient\x64\FortiCliSh64.Dll [2018-03-06] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [FortiClient] -> {1935F098-AF3C-4AFC-ADA2-12C74B452DF1} => C:\Program Files (x86)\Fortinet\FortiClient\x64\FortiCliSh64.Dll [2018-03-06] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0202DC4A-09FB-4170-9049-BFF0A20C144F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {1A185CF9-EC57-4004-978B-516E15FD4B2C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {1CEDA836-9031-4D19-B33A-1F8C97055DA3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {2574BFF3-6FC7-4B45-8C2F-CC749AF7E827} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {337F42CF-C426-4F9B-AD0A-58FBE69494C0} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {5508E7D4-30C5-4E0F-994E-A6839B06F69F} - System32\Tasks\BGInfo_REFRESH => C:\Users\VincentVV\OneDrive - Assistec\My Tools\BGInfo\Bginfo64.exe (Microsoft Corporation -> Sysinternals - www.sysinternals.com)
Task: {705C2790-117F-4485-B9D0-FAAA83960BFC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {72DA55CF-3C54-4C3A-A4BF-44C284766318} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7414F98E-BDAA-49C5-B0D9-CD300B564A97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {7C7D85D1-2FE3-4D40-89F1-C92969AFBC43} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {88B7561F-D4CD-479D-A6FD-43B4BAFDBB8F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {A03A4B1F-543E-4973-8733-D57792102423} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A4EFA27E-2B8E-4BD7-9403-BC1C51728218} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {ABF72792-FE18-4147-80CF-6A28CF7761A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {CF682FE5-69CB-4052-96DF-04285873E316} - System32\Tasks\MacsFanControl => C:\Program Files (x86)\Macs Fan Control\MacsFanControl.exe (CrystalBit Solutions -> CrystalIDEA Software)
Task: {D6A541CE-EE06-4626-9B52-AD3EC19B31CB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F3CF6328-DA60-4578-8792-8EEE0147742D} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F958EE8C-2997-4318-B829-4EC7C2921B28} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {FEE452C9-0109-45CD-824F-C87BE32033CC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\VincentVV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Easy Viewer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=anjoggeimnldigfcihcggejncophmhjc
ShortcutWithArgument: C:\Users\VincentVV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig
==================== Loaded Modules (Whitelisted) ==============
2016-02-15 20:01 - 2016-02-15 20:01 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll
2016-03-31 12:29 - 2016-03-31 12:29 - 000205600 _____ () C:\Windows\system32\AppleOSSMgr.exe
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-20 16:42 - 2017-10-20 16:42 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-07-23 01:14 - 2018-07-23 01:14 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2018-03-03 14:39 - 2018-02-10 05:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-03 14:39 - 2018-02-10 05:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-10-20 04:29 - 2017-10-20 04:29 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-10-20 04:29 - 2017-10-20 04:29 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2018-03-06 14:19 - 2018-03-06 14:19 - 000563520 _____ () C:\Program Files (x86)\Fortinet\FortiClient\sqlite3.dll
2014-10-10 09:37 - 2014-10-10 09:37 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-09-20 21:03 - 2018-09-20 21:03 - 001075168 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll
2018-09-20 21:07 - 2018-09-20 21:07 - 001475680 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\ClientTelemetry.dll
2019-02-08 01:53 - 2019-02-08 01:53 - 001526128 _____ () C:\Users\VincentVV\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.18361.3\x86\Microsoft.Applications.Telemetry.Windows.dll
2018-03-04 17:04 - 2018-03-04 17:04 - 004990464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\RemoteDeskt2afdaa75#\792fd6e90137a2ef1bb431945a023a30\RemoteDesktopManager.Core.XmlSerializers.ni.dll
2018-03-04 17:03 - 2018-03-04 17:03 - 000171520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Devolutions82ec8655#\8ecbc71844f3a2ae0459a57ad9b30e5e\Devolutions.WaykCustomControl.ni.dll
2017-09-10 17:56 - 2017-09-10 17:56 - 004929024 _____ () C:\Program Files (x86)\Devolutions\Remote Desktop Manager\x86\DevolutionsWayk.DLL
2018-03-04 17:04 - 2018-03-04 17:04 - 002731520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\XenServer\2d616260e9b7b68718cd58d700f8f626\XenServer.ni.dll
2018-03-04 17:00 - 2018-03-04 17:00 - 001090560 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AxInterop.MSTSCLib\3c4713d9e80c284e024a2a1454f4f151\AxInterop.MSTSCLib.ni.dll
2018-03-04 17:03 - 2018-03-04 17:03 - 007461376 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\RemoteDeskt1c03fe68#\77362d8143c50480b94977863306da04\RemoteDesktopManager.Business.XmlSerializers.ni.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [474]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
AlternateDataStreams: C:\Users\VincentVV\OneDrive - Assistec\Documents\Partners:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\VincentVV\OneDrive - Assistec\Documents\Scanned Documents:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-501884528-3981272531-2506353386-1001\...\sharepoint.com -> hxxps://assistecbe-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-501884528-3981272531-2506353386-1001\...\srv-it -> hxxp://srv-it
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 12:47 - 2018-09-28 08:04 - 000000970 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 crm.devolutions.net
192.168.10.50 vc.vvnet.local
192.168.1.51 esx01.vvnet.local
192.168.1.32 homemultimedia
192.168.1.22 diskstation
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-501884528-3981272531-2506353386-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\VINCEN~1\AppData\Local\Temp\BGInfo.bmp
DNS Servers: 192.168.10.10 - 192.168.11.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{5E9D2B6F-B53E-4B5C-AB97-E9601D60A6F7}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Technologies, Inc. -> The OpenVPN Project)
FirewallRules: [UDP Query User{E0FBD519-8FBB-4D7A-BDC6-D14E48B8BC00}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Technologies, Inc. -> The OpenVPN Project)
FirewallRules: [{1BA897E4-5F33-4136-80B3-077C9124722C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A214175F-352A-4C9D-A91D-5F7AB6EF9D82}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DFC64DC4-3FB1-4044-9E1B-D8CBFF22961A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D829BFA1-6FFB-4910-95A8-871E27D22975}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{894B893E-F9C1-44F7-9DDE-FC23E3081542}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{3BF4B948-245A-429D-B016-2F01944445D8}] => (Allow) C:\Program Files (x86)\CentraStage\CagService.exe No File
FirewallRules: [{50D82034-1B4F-477C-9428-B5DFED46CB59}] => (Allow) C:\Program Files (x86)\CentraStage\CagService.exe No File
FirewallRules: [{104862A1-B3E0-4E2B-A72F-7459C0884FF3}] => (Allow) C:\Program Files (x86)\CentraStage\Gui.exe No File
FirewallRules: [{BB403087-6C0C-48AF-BC46-C8273EF3196D}] => (Allow) C:\Program Files (x86)\CentraStage\Gui.exe No File
FirewallRules: [{F17223AE-8206-4BF6-903A-489A0D55571B}] => (Allow) C:\Program Files (x86)\CentraStage\UltraVNC\winvnc.exe No File
FirewallRules: [{F06DACD6-3243-49C2-AF96-4C0C8D7A8B0C}] => (Allow) C:\Program Files (x86)\CentraStage\UltraVNC\winvnc.exe No File
FirewallRules: [{1CC60A11-FCEB-42AF-BAD7-9819E4BF4725}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Client for STB\wbs-agent\projects\viewit\wbs_agent.exe No File
FirewallRules: [TCP Query User{F9A82D4A-2C2D-4A58-BE07-BCCA5AA1C761}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{8879608C-C2B4-45AE-8774-63A450DF5596}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{FA73041B-72D3-4CB9-83D2-DABE2BC71A71}C:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{0636086D-F240-4108-9BC4-948A916DE1E5}C:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{BFAA4D4F-1A33-4542-907F-E63201B802ED}C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{CA7E7989-0A95-4556-BEBF-D0B3C4ACAA07}C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{E884C427-9CCD-410D-B291-D6DB7FA5F9EB}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{151BD02D-2469-46BC-8C89-982FA7F50370}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [TCP Query User{16CC8175-160E-4B75-A23D-FECE8EFEBADE}C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{BFD62D20-67E2-4CF9-ACAE-6842EA9552BE}C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{68265906-5F09-4827-8147-C35320DCE604}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{4566D279-25D7-4B34-B84B-3EE4EE5EE3CE}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [{B3F24282-8791-4640-A824-4FC7EAAC9AAF}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_161\bin\java.exe No File
FirewallRules: [{F8ACF9C5-F256-4D83-8BF6-2775F4E554AC}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_161\bin\java.exe No File
FirewallRules: [{91D46F0A-B39C-43C9-80F8-8A8B1C194360}] => (Allow) C:\Users\VincentVV\Ubiquiti UniFi\bin\mongod.exe ()
FirewallRules: [{2C82B69E-2BA5-46D0-9DDE-2882612041BB}] => (Allow) C:\Users\VincentVV\Ubiquiti UniFi\bin\mongod.exe ()
FirewallRules: [TCP Query User{E9A34DB5-F727-4872-9224-2E2B265F55B4}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe No File
FirewallRules: [UDP Query User{0EF2616E-156E-48C6-906F-C8F4B2424E4E}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe No File
FirewallRules: [{7B418B19-AB8E-494C-BCA5-D6DB2284E64B}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe No File
FirewallRules: [{E6D0A5A3-9B1D-44BC-8684-604AD9BC7038}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\ipsec.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{D26CF5F8-1B9A-47DC-830E-4A496905592E}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiWad.exe No File
FirewallRules: [{18EFCB4B-77FF-4F6E-B2B9-1B5E20EA90DC}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortiesnac.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{85BC4DE7-33F2-43AC-A995-DF1678D5D443}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortifws.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [TCP Query User{AAB694C8-EF32-4A3A-809A-D796E67111BA}C:\users\vincentvv\appdata\local\counterpath\x-lite\current\x-lite.exe] => (Allow) C:\users\vincentvv\appdata\local\counterpath\x-lite\current\x-lite.exe No File
FirewallRules: [UDP Query User{1D82DAFA-523E-4412-9C22-2A7672222B6F}C:\users\vincentvv\appdata\local\counterpath\x-lite\current\x-lite.exe] => (Allow) C:\users\vincentvv\appdata\local\counterpath\x-lite\current\x-lite.exe No File
FirewallRules: [TCP Query User{3161D908-9CA0-44EA-9EF5-673D347C34FC}C:\program files (x86)\zoiper5\zoiper5.exe] => (Allow) C:\program files (x86)\zoiper5\zoiper5.exe No File
FirewallRules: [UDP Query User{E86BA432-9CBA-4834-947D-F91344335DEB}C:\program files (x86)\zoiper5\zoiper5.exe] => (Allow) C:\program files (x86)\zoiper5\zoiper5.exe No File
FirewallRules: [{854DB440-0E82-42A5-B9E3-014D0C4C93F1}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe (Sonos, Inc. -> Sonos, Inc.)
FirewallRules: [{BCE44BFA-BEE7-4C56-9A74-1A8E53639C76}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe (Sonos, Inc. -> Sonos, Inc.)
FirewallRules: [{8BE1BDFB-8EED-40DD-96C9-DB14E51610FF}] => (Allow) LPort=3445
FirewallRules: [{9DE7C5E7-3CE4-456D-A9AC-D63BC11DD33C}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_161\bin\java.exe No File
FirewallRules: [{8C3456D1-3EA3-4A12-A71A-6E711131FA34}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_161\bin\java.exe No File
FirewallRules: [{20F17305-E7B3-4DC2-AE64-4ED8418145DD}] => (Allow) C:\Users\VincentVV\Ubiquiti UniFi\bin\mongod.exe ()
FirewallRules: [{2552888B-CF01-4BF4-8E8A-30CCE9BBE03D}] => (Allow) C:\Users\VincentVV\Ubiquiti UniFi\bin\mongod.exe ()
FirewallRules: [TCP Query User{C802232C-E255-410C-972E-EBBD01A2FF3B}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe No File
FirewallRules: [UDP Query User{F04EA128-37AB-4E17-96E8-05F98A1A7969}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe No File
FirewallRules: [{2A09CCBE-9E52-48FF-BA56-93F3B3C8AA87}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69602B33-77E6-456F-98CA-0B52BCD74105}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{32CE7F4E-86EA-4C1F-8D07-4B04FAA0F826}C:\games\world of warcraft\utils\wowvoiceproxy.exe] => (Block) C:\games\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{0D81CF9F-E6A1-4A30-AEF4-CEACF8A90281}C:\games\world of warcraft\utils\wowvoiceproxy.exe] => (Block) C:\games\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [{3D8FA9C0-9A29-4C1D-A632-D19C0CA6BDC8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{529B6D58-A8AA-4837-BADB-8FEA1684271E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{EE217E88-32E8-48C8-B27F-F136EA44CD0E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{89CE2ED3-E5E9-438A-A7A1-3A04193B871B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{CAA3DCFC-475C-46A3-B936-FA1737BD3ECA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe No File
FirewallRules: [{3F1DABEE-68E1-47BD-B4F7-A0A295C4D6BF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe No File
FirewallRules: [{DD27A34C-685A-4EBB-9BE3-7F5BB1F6150D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{B9E7C7B9-AF00-418F-BF8E-915D9FA1663C}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe (Splashtop Inc. -> Splashtop Inc.)
==================== Restore Points =========================
05-01-2019 01:10:49 Scheduled Checkpoint
31-01-2019 18:33:16 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
Name: Fortinet SSL VPN Virtual Ethernet Adapter
Description: Fortinet SSL VPN Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Fortinet Inc.
Service: ftsvnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/13/2019 09:15:48 PM) (Source: Outlook) (EventID: 35) (User: )
Description: Failed to determine if the store is in the crawl scope (error=0x8007045b).
Error: (02/13/2019 09:15:48 PM) (Source: Outlook) (EventID: 34) (User: )
Description: Failed to get the Crawl Scope Manager with error=0x8007045b.
Error: (02/13/2019 09:15:48 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
Details:
The content index catalog is corrupt. 0xc0041801 (0xc0041801)
Error: (02/13/2019 09:15:48 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4810 - onecoreuap\base\appmodel\search\search\ytrip\tripoli\inverted\decodinglayerpages.h (609)}. The service will attempt to automatically correct this problem by rebuilding the index.
Details:
The data is invalid. 0x8007000d (0x8007000d)
Error: (02/13/2019 07:06:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SRManager.exe, version: 3.18.8.6253, time stamp: 0x59f98a8d
Faulting module name: SRManager.exe, version: 3.18.8.6253, time stamp: 0x59f98a8d
Exception code: 0xc0000005
Fault offset: 0x000349b8
Faulting process id: 0x1270
Faulting application start time: 0x01d4b982eb2d4257
Faulting application path: C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
Faulting module path: C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
Report Id: acd9c104-7e09-4071-b674-79051b1a0dd2
Faulting package full name:
Faulting package-relative application ID:
Error: (02/10/2019 06:11:55 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/07/2019 10:54:10 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (02/07/2019 02:01:58 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (02/13/2019 09:15:03 PM) (Source: DCOM) (EventID: 10016) (User: LAP-VVV-001)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAP-VVV-001\VincentVV SID (S-1-5-21-501884528-3981272531-2506353386-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/13/2019 09:15:01 PM) (Source: DCOM) (EventID: 10016) (User: LAP-VVV-001)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAP-VVV-001\VincentVV SID (S-1-5-21-501884528-3981272531-2506353386-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/13/2019 07:42:20 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (02/13/2019 07:32:28 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.115.
The computer with the IP address 192.168.1.169 did not allow the name to be claimed by
this computer.
Error: (02/13/2019 07:27:26 PM) (Source: DCOM) (EventID: 10016) (User: LAP-VVV-001)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
and APPID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
to the user LAP-VVV-001\VincentVV SID (S-1-5-21-501884528-3981272531-2506353386-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/13/2019 07:27:18 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.115.
The computer with the IP address 192.168.1.169 did not allow the name to be claimed by
this computer.
Error: (02/13/2019 07:26:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/13/2019 07:26:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2019-02-13 21:28:11.510
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E7164EA9-E334-45E6-A479-09B7318B860E}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-01-05 00:42:33.592
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B9C62A62-429E-4A46-8547-20E5A72BE583}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-29 18:26:10.873
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3C4B41F6-ED37-4287-AE43-9A5D0F387567}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-24 23:43:16.976
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1B5CB4BA-6F79-4BED-A0B8-E6E99F353D03}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-14 19:03:08.610
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {809DF9B3-207A-4ED1-930E-AAC7FEA293A3}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-01-11 07:39:40.858
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.2616.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2018-10-06 21:42:13.164
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.277.657.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15300.6
Error code: 0x80080005
Error description: Server execution failed
Date: 2018-10-06 20:16:34.717
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.277.657.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15300.6
Error code: 0x80080005
Error description: Server execution failed
Date: 2018-10-06 17:55:39.205
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.277.657.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15300.6
Error code: 0x80080005
Error description: Server execution failed
Date: 2018-10-05 18:37:59.971
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.277.515.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15300.6
Error code: 0x80080005
Error description: Server execution failed
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4770HQ CPU @ 2.20GHz
Percentage of memory in use: 22%
Total physical RAM: 16260.26 MB
Available physical RAM: 12607.1 MB
Total Virtual: 18692.26 MB
Available Virtual: 14681.78 MB
==================== Drives ================================
Drive c: (BOOTCAMP) (Fixed) (Total:233.1 GB) (Free:174.85 GB) NTFS
\\?\Volume{0529ab34-5e94-4276-8b95-365c9af6e184}\ (EFI) (Fixed) (Total:0.19 GB) (Free:0.15 GB) FAT32
\\?\Volume{dd80c4d2-685d-464f-8f9a-94a51e45f6a5}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 233.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by VincentVV (13-02-2019 21:50:22)
Running from \\diskstation\public
Windows 10 Pro Version 1709 16299.248 (X64) (2018-03-03 11:16:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-501884528-3981272531-2506353386-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-501884528-3981272531-2506353386-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-501884528-3981272531-2506353386-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-501884528-3981272531-2506353386-501 - Limited - Disabled)
VincentVV (S-1-5-21-501884528-3981272531-2506353386-1001 - Administrator - Enabled) => C:\Users\VincentVV
WDAGUtilityAccount (S-1-5-21-501884528-3981272531-2506353386-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
AOMEI Partition Assistant Standard Edition 7.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Box Sync (HKLM-x32\...\{7a31e654-f419-48e9-8dad-aa87dd7294f1}) (Version: 4.0.7886.0 - Box Inc.) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FortiClient (HKLM\...\{92CBFA29-7A5F-4EBF-8EB1-627FC3DBFA7C}) (Version: 5.6.6.1167 - Fortinet Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.96 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Juniper Networks Network Connect 8.0 (HKLM-x32\...\Juniper Network Connect 8.0) (Version: 8.0.3.30619 - Juniper Networks)
Juniper Networks Setup Client (HKU\S-1-5-21-501884528-3981272531-2506353386-1001\...\Juniper_Setup_Client) (Version: 8.0.3.44983 - Juniper Networks)
Juniper Networks Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
KeePass Password Safe 1.35 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.35 - Dominik Reichl)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech - Assistant pour jeux vidéo 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.)
Macs Fan Control (HKLM-x32\...\Macs Fan Control_is1) (Version: 1.4.12.0 - CrystalIDEA Software)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.10730.20264 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-501884528-3981272531-2506353386-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-501884528-3981272531-2506353386-1001\...\Teams) (Version: 1.2.00.2460 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.10730.20264 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 62.0.2 (x64 en-US) (HKU\S-1-5-21-501884528-3981272531-2506353386-1001\...\Mozilla Firefox 62.0.2 (x64 en-US)) (Version: 62.0.2 - Mozilla)
MSP Remote Support by Splashtop (HKLM-x32\...\{B50A01B7-1780-4CFF-90A3-9E4143E415F5}) (Version: 1.0.2.0 - Splashtop Inc.)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10730.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10730.20264 - Microsoft Corporation) Hidden
OpenVPN 2.4.5-I601 (HKLM\...\OpenVPN) (Version: 2.4.5-I601 - OpenVPN Technologies, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.8 - Tracker Software Products Ltd)
Remote Desktop Manager (HKLM-x32\...\{E0FC5C61-6A12-4AE4-B561-70B0CC77202F}) (Version: 12.6.8.0 - Devolutions inc.)
RVTools (HKLM-x32\...\{9A0F8830-B1BD-4224-BF3E-52846649BCDC}) (Version: 3.10.1 - Robware)
Screenpresso (HKU\S-1-5-21-501884528-3981272531-2506353386-1001\...\Screenpresso) (Version: 1.7.5.0 - Learnpulse)
Services Boot Camp (HKLM\...\{FCFFE6B6-BAE8-490E-88D0-097A9DA1C43D}) (Version: 6.0.6136 - Apple Inc.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 44.2.55120 - Sonos, Inc.)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 3.1.8.0 - Splashtop Inc.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{133A2E34-3E09-4A1A-A9AA-F9D8E5417199}) (Version: 2.50.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VMware Client Integration Plug-in 5.6.0 (HKLM-x32\...\{89784425-6C7C-4DF6-B32E-C0B7AE2303EF}) (Version: 5.6.0.6211133 - VMware, Inc.)
VMware Enhanced Authentication Plug-in 6.5.0 (HKLM-x32\...\{A40DBC80-DB43-4EB0-BEB2-C1F0A8B5AD02}) (Version: 6.5.0.4809 - VMware, Inc.)
VMware Plug-in Service (HKLM-x32\...\{23278BE2-D963-4BE1-8513-79E563642926}) (Version: 6.5.0.151 - VMware, Inc.)
VMware Remote Console (HKLM-x32\...\{D1B89899-37C2-44D3-9CF5-64BAEEC0E09B}) (Version: 10.0.2 - VMware, Inc.)
WhatsApp (HKU\S-1-5-21-501884528-3981272531-2506353386-1001\...\WhatsApp) (Version: 0.3.2043 - WhatsApp)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Windows Driver Package - Apple Inc. (AppleCamera) Image (06/17/2015 5.1.6100.0) (HKLM\...\1F574B24D6219A3143F26122C3D7B67AC621218D) (Version: 06/17/2015 5.1.6100.0 - Apple Inc.)
Windows Driver Package - Apple Inc. (AppleUSBEthernet) Net (02/01/2008 3.10.3.10) (HKLM\...\D53CBF2C12DF51DA5E9C1A9DA97FF0DCA0C524C5) (Version: 02/01/2008 3.10.3.10 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Display (01/23/2009 3.0.0.0) (HKLM\...\E0EAD0CEA9119B77350ED4DE28D9A82E57014D94) (Version: 01/23/2009 3.0.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) (HKLM\...\D5BB697E7D0C75712F3AD00AB1B85412CB5C0FD3) (Version: 02/21/2008 2.0.4.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Keyboard (07/21/2015 5.1.6160.0) (HKLM\...\D2D3AB0DFD6CA4C10F9B608AC1A57D5D55A71596) (Version: 07/21/2015 5.1.6160.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Keyboard (09/04/2015 6.0.6200.0) (HKLM\...\880957E47EAAFD2D2B2977D3192A8E52A777838A) (Version: 09/04/2015 6.0.6200.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multi-Touch (03/30/2015 5.1.5900.0) (HKLM\...\85AD59D6F43923644E140D13C9494D0B9E6775F6) (Version: 03/30/2015 5.1.5900.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multi-Touch Pro (09/08/2015 6.0.6200.0) (HKLM\...\90F53401DD01030A1D7DFAF3F0F77D3C2BD08B9A) (Version: 09/08/2015 6.0.6200.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\D6B4CB6AD2F81752C2EF8DCF6AD5EBC567ADD45C) (Version: 05/17/2010 3.1.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple SD Card Reader (07/22/2013 1.0.0.1) (HKLM\...\D323E2C0C5E4948B07EE346CF62161281B0A8578) (Version: 07/22/2013 1.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple System Device (02/23/2015 5.1.4.0) (HKLM\...\7CCA73822D13048A6F7333D8BC7C76B2B9D4186F) (Version: 02/23/2015 5.1.4.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Mouse (08/31/2015 6.0.6200.0) (HKLM\...\65D516D0236CD0C531E12B8B4E59E2846D59DD30) (Version: 08/31/2015 6.0.6200.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Trackpad (10/29/2011 5.0.0.0) (HKLM\...\551732BB0872DA97E26385C221B172A5BD4DE93C) (Version: 10/29/2011 5.0.0.0 - Apple Inc.)
Windows Driver Package - Atheros Communications Inc. (athr) Net (11/13/2010 9.2.0.113) (HKLM\...\F0A3F8394866FA91E82C8D5AB92C918FE40FE1DF) (Version: 11/13/2010 9.2.0.113 - Atheros Communications Inc.)
Windows Driver Package - Broadcom (b57nd60a) Net (09/12/2014 16.8.0.4) (HKLM\...\52A3E8A4470A399105E841E06FD7C6347B788285) (Version: 09/12/2014 16.8.0.4 - Broadcom)
Windows Driver Package - Broadcom (B57ports) Net (10/15/2012 1.0.0.3) (HKLM\...\01396BB9E2633BC0DF02F4456D00791CEC0386A6) (Version: 10/15/2012 1.0.0.3 - Broadcom)
Windows Driver Package - Broadcom (BCM43XX) Net (07/12/2017 7.35.118.73) (HKLM\...\87429917783DD23239BD6A417DAFCF56A6331D8D) (Version: 07/12/2017 7.35.118.73 - Broadcom)
Windows Driver Package - Broadcom (BCM43XX) Net (07/24/2015 7.35.118.40) (HKLM\...\636525759A12D18B7BB257132F353A1C85A0D8AA) (Version: 07/24/2015 7.35.118.40 - Broadcom)
Windows Driver Package - Broadcom (BCM43XX) Net (11/13/2012 5.106.199.1) (HKLM\...\3D6DDDCF8961C8C866F6660579A59B5B6CFA281F) (Version: 11/13/2012 5.106.199.1 - Broadcom)
Windows Driver Package - Broadcom Corporation (bScsiSDa) System (01/10/2014 1.0.0.256) (HKLM\...\35B16C75F55CBB304E72CB9CC504E2846F4006C7) (Version: 01/10/2014 1.0.0.256 - Broadcom Corporation)
Windows Driver Package - Cirrus Logic, Inc. (CirrusFilter) MEDIA (02/14/2014 6.6001.1.41) (HKLM\...\4267FF90A76783DDB2611E1C402D40C7EE6BC827) (Version: 02/14/2014 6.6001.1.41 - Cirrus Logic, Inc.)
Windows Driver Package - Cirrus Logic, Inc. MEDIA (03/25/2015 6.6001.3.24) (HKLM\...\B138FC4CD929DD9900FF8B76C907AA282604F43F) (Version: 03/25/2015 6.6001.3.24 - Cirrus Logic, Inc.)
Windows Driver Package - Intel (e1express) Net (03/26/2010 9.13.41.0) (HKLM\...\159439476E3A00F9FAE49DD6C1A78F2F6288A5B9) (Version: 03/26/2010 9.13.41.0 - Intel)
Windows Driver Package - Intel (e1kexpress) Net (04/12/2010 11.6.92.0) (HKLM\...\5BEF08C10896D86DC13394FFA75874564B700368) (Version: 04/12/2010 11.6.92.0 - Intel)
Windows Driver Package - Intel (e1qexpress) Net (12/04/2009 11.4.7.0) (HKLM\...\57AFA39B22ADEC4E383572E9331167546EB3C9C7) (Version: 12/04/2009 11.4.7.0 - Intel)
Windows Driver Package - Intel (e1rexpress) Net (01/07/2010 11.4.16.0) (HKLM\...\F71DB41300D30088C8D3716343D1429488E605C1) (Version: 01/07/2010 11.4.16.0 - Intel)
Windows Driver Package - Intel (e1yexpress) Net (04/07/2010 10.1.9.0) (HKLM\...\CB599752301BCA080D135697FDD05900F5A5CF4C) (Version: 04/07/2010 10.1.9.0 - Intel)
Windows Driver Package - Intel Corporation (iaLPSS_GPIO) System (06/13/2014 1.1.226.2) (HKLM\...\8BC4E9FD6C3043002821AE8637B64D1F49158967) (Version: 06/13/2014 1.1.226.2 - Intel Corporation)
Windows Driver Package - Intel Corporation (iaLPSS_I2C) System (06/13/2014 1.1.226.2) (HKLM\...\12B5BD67769FF25AA5FD3176BB05C144EE57E87E) (Version: 06/13/2014 1.1.226.2 - Intel Corporation)
Windows Driver Package - Intel Corporation (iaLPSS_SPI) System (06/13/2014 1.1.226.2) (HKLM\...\D31B79C75E3A9BF07A6B49DECBE8AF63DD032F4E) (Version: 06/13/2014 1.1.226.2 - Intel Corporation)
Windows Driver Package - Intel Corporation (iaLPSS_UART2) System (01/08/2015 1.1.226.4) (HKLM\...\BBFE1447BB09A9341D77F1B3F64069F9B1FD852C) (Version: 01/08/2015 1.1.226.4 - Intel Corporation)
Windows Driver Package - Marvell (yukonx64) Net (12/06/2007 10.51.1.3) (HKLM\...\CDD703ED0B390A5643DB748EBFA5BD55FEEC0D8A) (Version: 12/06/2007 10.51.1.3 - Marvell)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-501884528-3981272531-2506353386-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\VincentVV\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.18361.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-501884528-3981272531-2506353386-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\VincentVV\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.18361.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-07-23] (Notepad++ -> )
ContextMenuHandlers1: [FortiClient] -> {7AE5C558-994B-40B7-8730-2DAC2B96781B} => C:\Program Files (x86)\Fortinet\FortiClient\x64\FortiCliSh64.Dll [2018-03-06] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [FortiClient] -> {1935F098-AF3C-4AFC-ADA2-12C74B452DF1} => C:\Program Files (x86)\Fortinet\FortiClient\x64\FortiCliSh64.Dll [2018-03-06] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0202DC4A-09FB-4170-9049-BFF0A20C144F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {1A185CF9-EC57-4004-978B-516E15FD4B2C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {1CEDA836-9031-4D19-B33A-1F8C97055DA3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {2574BFF3-6FC7-4B45-8C2F-CC749AF7E827} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {337F42CF-C426-4F9B-AD0A-58FBE69494C0} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {5508E7D4-30C5-4E0F-994E-A6839B06F69F} - System32\Tasks\BGInfo_REFRESH => C:\Users\VincentVV\OneDrive - Assistec\My Tools\BGInfo\Bginfo64.exe (Microsoft Corporation -> Sysinternals - www.sysinternals.com)
Task: {705C2790-117F-4485-B9D0-FAAA83960BFC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {72DA55CF-3C54-4C3A-A4BF-44C284766318} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7414F98E-BDAA-49C5-B0D9-CD300B564A97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {7C7D85D1-2FE3-4D40-89F1-C92969AFBC43} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {88B7561F-D4CD-479D-A6FD-43B4BAFDBB8F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {A03A4B1F-543E-4973-8733-D57792102423} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A4EFA27E-2B8E-4BD7-9403-BC1C51728218} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {ABF72792-FE18-4147-80CF-6A28CF7761A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {CF682FE5-69CB-4052-96DF-04285873E316} - System32\Tasks\MacsFanControl => C:\Program Files (x86)\Macs Fan Control\MacsFanControl.exe (CrystalBit Solutions -> CrystalIDEA Software)
Task: {D6A541CE-EE06-4626-9B52-AD3EC19B31CB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F3CF6328-DA60-4578-8792-8EEE0147742D} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F958EE8C-2997-4318-B829-4EC7C2921B28} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {FEE452C9-0109-45CD-824F-C87BE32033CC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\VincentVV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Easy Viewer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=anjoggeimnldigfcihcggejncophmhjc
ShortcutWithArgument: C:\Users\VincentVV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig
==================== Loaded Modules (Whitelisted) ==============
2016-02-15 20:01 - 2016-02-15 20:01 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll
2016-03-31 12:29 - 2016-03-31 12:29 - 000205600 _____ () C:\Windows\system32\AppleOSSMgr.exe
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-20 16:42 - 2017-10-20 16:42 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-07-23 01:14 - 2018-07-23 01:14 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2018-03-03 14:39 - 2018-02-10 05:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-03 14:39 - 2018-02-10 05:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-10-20 04:29 - 2017-10-20 04:29 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-10-20 04:29 - 2017-10-20 04:29 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2018-03-06 14:19 - 2018-03-06 14:19 - 000563520 _____ () C:\Program Files (x86)\Fortinet\FortiClient\sqlite3.dll
2014-10-10 09:37 - 2014-10-10 09:37 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-09-20 21:03 - 2018-09-20 21:03 - 001075168 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll
2018-09-20 21:07 - 2018-09-20 21:07 - 001475680 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\ClientTelemetry.dll
2019-02-08 01:53 - 2019-02-08 01:53 - 001526128 _____ () C:\Users\VincentVV\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.18361.3\x86\Microsoft.Applications.Telemetry.Windows.dll
2018-03-04 17:04 - 2018-03-04 17:04 - 004990464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\RemoteDeskt2afdaa75#\792fd6e90137a2ef1bb431945a023a30\RemoteDesktopManager.Core.XmlSerializers.ni.dll
2018-03-04 17:03 - 2018-03-04 17:03 - 000171520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Devolutions82ec8655#\8ecbc71844f3a2ae0459a57ad9b30e5e\Devolutions.WaykCustomControl.ni.dll
2017-09-10 17:56 - 2017-09-10 17:56 - 004929024 _____ () C:\Program Files (x86)\Devolutions\Remote Desktop Manager\x86\DevolutionsWayk.DLL
2018-03-04 17:04 - 2018-03-04 17:04 - 002731520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\XenServer\2d616260e9b7b68718cd58d700f8f626\XenServer.ni.dll
2018-03-04 17:00 - 2018-03-04 17:00 - 001090560 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AxInterop.MSTSCLib\3c4713d9e80c284e024a2a1454f4f151\AxInterop.MSTSCLib.ni.dll
2018-03-04 17:03 - 2018-03-04 17:03 - 007461376 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\RemoteDeskt1c03fe68#\77362d8143c50480b94977863306da04\RemoteDesktopManager.Business.XmlSerializers.ni.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [474]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
AlternateDataStreams: C:\Users\VincentVV\OneDrive - Assistec\Documents\Partners:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\VincentVV\OneDrive - Assistec\Documents\Scanned Documents:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-501884528-3981272531-2506353386-1001\...\sharepoint.com -> hxxps://assistecbe-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-501884528-3981272531-2506353386-1001\...\srv-it -> hxxp://srv-it
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 12:47 - 2018-09-28 08:04 - 000000970 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 crm.devolutions.net
192.168.10.50 vc.vvnet.local
192.168.1.51 esx01.vvnet.local
192.168.1.32 homemultimedia
192.168.1.22 diskstation
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-501884528-3981272531-2506353386-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\VINCEN~1\AppData\Local\Temp\BGInfo.bmp
DNS Servers: 192.168.10.10 - 192.168.11.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{5E9D2B6F-B53E-4B5C-AB97-E9601D60A6F7}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Technologies, Inc. -> The OpenVPN Project)
FirewallRules: [UDP Query User{E0FBD519-8FBB-4D7A-BDC6-D14E48B8BC00}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Technologies, Inc. -> The OpenVPN Project)
FirewallRules: [{1BA897E4-5F33-4136-80B3-077C9124722C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A214175F-352A-4C9D-A91D-5F7AB6EF9D82}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DFC64DC4-3FB1-4044-9E1B-D8CBFF22961A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D829BFA1-6FFB-4910-95A8-871E27D22975}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{894B893E-F9C1-44F7-9DDE-FC23E3081542}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{3BF4B948-245A-429D-B016-2F01944445D8}] => (Allow) C:\Program Files (x86)\CentraStage\CagService.exe No File
FirewallRules: [{50D82034-1B4F-477C-9428-B5DFED46CB59}] => (Allow) C:\Program Files (x86)\CentraStage\CagService.exe No File
FirewallRules: [{104862A1-B3E0-4E2B-A72F-7459C0884FF3}] => (Allow) C:\Program Files (x86)\CentraStage\Gui.exe No File
FirewallRules: [{BB403087-6C0C-48AF-BC46-C8273EF3196D}] => (Allow) C:\Program Files (x86)\CentraStage\Gui.exe No File
FirewallRules: [{F17223AE-8206-4BF6-903A-489A0D55571B}] => (Allow) C:\Program Files (x86)\CentraStage\UltraVNC\winvnc.exe No File
FirewallRules: [{F06DACD6-3243-49C2-AF96-4C0C8D7A8B0C}] => (Allow) C:\Program Files (x86)\CentraStage\UltraVNC\winvnc.exe No File
FirewallRules: [{1CC60A11-FCEB-42AF-BAD7-9819E4BF4725}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Client for STB\wbs-agent\projects\viewit\wbs_agent.exe No File
FirewallRules: [TCP Query User{F9A82D4A-2C2D-4A58-BE07-BCCA5AA1C761}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{8879608C-C2B4-45AE-8774-63A450DF5596}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{FA73041B-72D3-4CB9-83D2-DABE2BC71A71}C:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{0636086D-F240-4108-9BC4-948A916DE1E5}C:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{BFAA4D4F-1A33-4542-907F-E63201B802ED}C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{CA7E7989-0A95-4556-BEBF-D0B3C4ACAA07}C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{E884C427-9CCD-410D-B291-D6DB7FA5F9EB}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{151BD02D-2469-46BC-8C89-982FA7F50370}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [TCP Query User{16CC8175-160E-4B75-A23D-FECE8EFEBADE}C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{BFD62D20-67E2-4CF9-ACAE-6842EA9552BE}C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{68265906-5F09-4827-8147-C35320DCE604}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{4566D279-25D7-4B34-B84B-3EE4EE5EE3CE}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [{B3F24282-8791-4640-A824-4FC7EAAC9AAF}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_161\bin\java.exe No File
FirewallRules: [{F8ACF9C5-F256-4D83-8BF6-2775F4E554AC}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_161\bin\java.exe No File
FirewallRules: [{91D46F0A-B39C-43C9-80F8-8A8B1C194360}] => (Allow) C:\Users\VincentVV\Ubiquiti UniFi\bin\mongod.exe ()
FirewallRules: [{2C82B69E-2BA5-46D0-9DDE-2882612041BB}] => (Allow) C:\Users\VincentVV\Ubiquiti UniFi\bin\mongod.exe ()
FirewallRules: [TCP Query User{E9A34DB5-F727-4872-9224-2E2B265F55B4}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe No File
FirewallRules: [UDP Query User{0EF2616E-156E-48C6-906F-C8F4B2424E4E}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe No File
FirewallRules: [{7B418B19-AB8E-494C-BCA5-D6DB2284E64B}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe No File
FirewallRules: [{E6D0A5A3-9B1D-44BC-8684-604AD9BC7038}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\ipsec.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{D26CF5F8-1B9A-47DC-830E-4A496905592E}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiWad.exe No File
FirewallRules: [{18EFCB4B-77FF-4F6E-B2B9-1B5E20EA90DC}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortiesnac.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{85BC4DE7-33F2-43AC-A995-DF1678D5D443}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortifws.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [TCP Query User{AAB694C8-EF32-4A3A-809A-D796E67111BA}C:\users\vincentvv\appdata\local\counterpath\x-lite\current\x-lite.exe] => (Allow) C:\users\vincentvv\appdata\local\counterpath\x-lite\current\x-lite.exe No File
FirewallRules: [UDP Query User{1D82DAFA-523E-4412-9C22-2A7672222B6F}C:\users\vincentvv\appdata\local\counterpath\x-lite\current\x-lite.exe] => (Allow) C:\users\vincentvv\appdata\local\counterpath\x-lite\current\x-lite.exe No File
FirewallRules: [TCP Query User{3161D908-9CA0-44EA-9EF5-673D347C34FC}C:\program files (x86)\zoiper5\zoiper5.exe] => (Allow) C:\program files (x86)\zoiper5\zoiper5.exe No File
FirewallRules: [UDP Query User{E86BA432-9CBA-4834-947D-F91344335DEB}C:\program files (x86)\zoiper5\zoiper5.exe] => (Allow) C:\program files (x86)\zoiper5\zoiper5.exe No File
FirewallRules: [{854DB440-0E82-42A5-B9E3-014D0C4C93F1}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe (Sonos, Inc. -> Sonos, Inc.)
FirewallRules: [{BCE44BFA-BEE7-4C56-9A74-1A8E53639C76}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe (Sonos, Inc. -> Sonos, Inc.)
FirewallRules: [{8BE1BDFB-8EED-40DD-96C9-DB14E51610FF}] => (Allow) LPort=3445
FirewallRules: [{9DE7C5E7-3CE4-456D-A9AC-D63BC11DD33C}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_161\bin\java.exe No File
FirewallRules: [{8C3456D1-3EA3-4A12-A71A-6E711131FA34}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_161\bin\java.exe No File
FirewallRules: [{20F17305-E7B3-4DC2-AE64-4ED8418145DD}] => (Allow) C:\Users\VincentVV\Ubiquiti UniFi\bin\mongod.exe ()
FirewallRules: [{2552888B-CF01-4BF4-8E8A-30CCE9BBE03D}] => (Allow) C:\Users\VincentVV\Ubiquiti UniFi\bin\mongod.exe ()
FirewallRules: [TCP Query User{C802232C-E255-410C-972E-EBBD01A2FF3B}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe No File
FirewallRules: [UDP Query User{F04EA128-37AB-4E17-96E8-05F98A1A7969}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe No File
FirewallRules: [{2A09CCBE-9E52-48FF-BA56-93F3B3C8AA87}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69602B33-77E6-456F-98CA-0B52BCD74105}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{32CE7F4E-86EA-4C1F-8D07-4B04FAA0F826}C:\games\world of warcraft\utils\wowvoiceproxy.exe] => (Block) C:\games\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{0D81CF9F-E6A1-4A30-AEF4-CEACF8A90281}C:\games\world of warcraft\utils\wowvoiceproxy.exe] => (Block) C:\games\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [{3D8FA9C0-9A29-4C1D-A632-D19C0CA6BDC8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{529B6D58-A8AA-4837-BADB-8FEA1684271E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{EE217E88-32E8-48C8-B27F-F136EA44CD0E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{89CE2ED3-E5E9-438A-A7A1-3A04193B871B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{CAA3DCFC-475C-46A3-B936-FA1737BD3ECA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe No File
FirewallRules: [{3F1DABEE-68E1-47BD-B4F7-A0A295C4D6BF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe No File
FirewallRules: [{DD27A34C-685A-4EBB-9BE3-7F5BB1F6150D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{B9E7C7B9-AF00-418F-BF8E-915D9FA1663C}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe (Splashtop Inc. -> Splashtop Inc.)
==================== Restore Points =========================
05-01-2019 01:10:49 Scheduled Checkpoint
31-01-2019 18:33:16 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
Name: Fortinet SSL VPN Virtual Ethernet Adapter
Description: Fortinet SSL VPN Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Fortinet Inc.
Service: ftsvnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/13/2019 09:15:48 PM) (Source: Outlook) (EventID: 35) (User: )
Description: Failed to determine if the store is in the crawl scope (error=0x8007045b).
Error: (02/13/2019 09:15:48 PM) (Source: Outlook) (EventID: 34) (User: )
Description: Failed to get the Crawl Scope Manager with error=0x8007045b.
Error: (02/13/2019 09:15:48 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
Details:
The content index catalog is corrupt. 0xc0041801 (0xc0041801)
Error: (02/13/2019 09:15:48 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4810 - onecoreuap\base\appmodel\search\search\ytrip\tripoli\inverted\decodinglayerpages.h (609)}. The service will attempt to automatically correct this problem by rebuilding the index.
Details:
The data is invalid. 0x8007000d (0x8007000d)
Error: (02/13/2019 07:06:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SRManager.exe, version: 3.18.8.6253, time stamp: 0x59f98a8d
Faulting module name: SRManager.exe, version: 3.18.8.6253, time stamp: 0x59f98a8d
Exception code: 0xc0000005
Fault offset: 0x000349b8
Faulting process id: 0x1270
Faulting application start time: 0x01d4b982eb2d4257
Faulting application path: C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
Faulting module path: C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
Report Id: acd9c104-7e09-4071-b674-79051b1a0dd2
Faulting package full name:
Faulting package-relative application ID:
Error: (02/10/2019 06:11:55 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/07/2019 10:54:10 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (02/07/2019 02:01:58 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (02/13/2019 09:15:03 PM) (Source: DCOM) (EventID: 10016) (User: LAP-VVV-001)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAP-VVV-001\VincentVV SID (S-1-5-21-501884528-3981272531-2506353386-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/13/2019 09:15:01 PM) (Source: DCOM) (EventID: 10016) (User: LAP-VVV-001)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAP-VVV-001\VincentVV SID (S-1-5-21-501884528-3981272531-2506353386-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/13/2019 07:42:20 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (02/13/2019 07:32:28 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.115.
The computer with the IP address 192.168.1.169 did not allow the name to be claimed by
this computer.
Error: (02/13/2019 07:27:26 PM) (Source: DCOM) (EventID: 10016) (User: LAP-VVV-001)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
and APPID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
to the user LAP-VVV-001\VincentVV SID (S-1-5-21-501884528-3981272531-2506353386-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/13/2019 07:27:18 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.115.
The computer with the IP address 192.168.1.169 did not allow the name to be claimed by
this computer.
Error: (02/13/2019 07:26:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/13/2019 07:26:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2019-02-13 21:28:11.510
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E7164EA9-E334-45E6-A479-09B7318B860E}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-01-05 00:42:33.592
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B9C62A62-429E-4A46-8547-20E5A72BE583}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-29 18:26:10.873
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3C4B41F6-ED37-4287-AE43-9A5D0F387567}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-24 23:43:16.976
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1B5CB4BA-6F79-4BED-A0B8-E6E99F353D03}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-14 19:03:08.610
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {809DF9B3-207A-4ED1-930E-AAC7FEA293A3}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-01-11 07:39:40.858
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.2616.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2018-10-06 21:42:13.164
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.277.657.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15300.6
Error code: 0x80080005
Error description: Server execution failed
Date: 2018-10-06 20:16:34.717
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.277.657.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15300.6
Error code: 0x80080005
Error description: Server execution failed
Date: 2018-10-06 17:55:39.205
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.277.657.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15300.6
Error code: 0x80080005
Error description: Server execution failed
Date: 2018-10-05 18:37:59.971
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.277.515.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15300.6
Error code: 0x80080005
Error description: Server execution failed
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4770HQ CPU @ 2.20GHz
Percentage of memory in use: 22%
Total physical RAM: 16260.26 MB
Available physical RAM: 12607.1 MB
Total Virtual: 18692.26 MB
Available Virtual: 14681.78 MB
==================== Drives ================================
Drive c: (BOOTCAMP) (Fixed) (Total:233.1 GB) (Free:174.85 GB) NTFS
\\?\Volume{0529ab34-5e94-4276-8b95-365c9af6e184}\ (EFI) (Fixed) (Total:0.19 GB) (Free:0.15 GB) FAT32
\\?\Volume{dd80c4d2-685d-464f-8f9a-94a51e45f6a5}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 233.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================