Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-09-2019
Ran by Dave (04-09-2019 13:57:19)
Running from C:\Users\Dave\Desktop
Windows 10 Pro Version 1903 18362.295 (X64) (2019-08-29 10:11:43)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2375998001-1027120501-2333303859-500 - Administrator - Disabled)
Dave (S-1-5-21-2375998001-1027120501-2333303859-1111 - Administrator - Enabled) => C:\Users\Dave
David (S-1-5-21-2375998001-1027120501-2333303859-1000 - Administrator - Enabled) => C:\Users\plugnplay4
DefaultAccount (S-1-5-21-2375998001-1027120501-2333303859-503 - Limited - Disabled)
Guest (S-1-5-21-2375998001-1027120501-2333303859-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2375998001-1027120501-2333303859-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.238 - Adobe)
Apowersoft Online Launcher version 1.7.5 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.5 - APOWERSOFT LIMITED)
Ashampoo Internet Accelerator 3 (HKLM-x32\...\{4209F371-C803-200D-89A4-5479B6569259}_is1) (Version: 3.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 8 (HKLM-x32\...\{4209F371-D192-F401-E058-BBF7CF126AEA}_is1) (Version: 8.00.12 - Ashampoo GmbH & Co. KG)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Backup and Sync from Google (HKLM\...\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}) (Version: 3.45.5545.5747 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bose Updater (HKLM-x32\...\Bose Updater) (Version: 5.0.0.2500 - Bose Corporation)
cFosSpeed 10.51 (HKLM\...\cFosSpeed) (Version: 10.51 - cFos Software GmbH, Bonn)
CpuCoreParking (HKLM-x32\...\{0984C56D-2985-4786-AB62-39AB985E269C}) (Version: 2.1.2.0 - CpuCoreParking)
CPUID CPU-Z MSI 1.86 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.86 - CPUID, Inc.)
Discord (HKU\S-1-5-21-2375998001-1027120501-2333303859-1111\...\Discord) (Version: 0.0.305 - Discord Inc.)
DragonCenter (HKLM-x32\...\{B252FABF-9582-4824-B02B-6D2DC93685C7}}_is1) (Version: 1.0.0.10 - MSI)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 2.0.8 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{1CD178C9-BB49-4E59-9DA6-3C152E2A9844}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fe81cfd3-9db4-409d-b0f9-26707d1423c6}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
Étude pour l'amélioration du produit HP ENVY 4500 series (HKLM\...\{CBCCA175-DA19-424B-9D9F-5343140C884F}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
FXCM Trading Station Desktop (HKLM-x32\...\FXTS2) (Version: - Forex Capital Markets, LLC ("FXCM LLC"))
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP ENVY 4500 series Aide (HKLM-x32\...\{BAF28CCD-121D-4C6C-B29D-4F7B51B2D1B4}) (Version: 30.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Chipset Device Software (HKLM-x32\...\{ffddf9dd-c47f-453a-92f5-ac6c98af8b5b}) (Version: 10.1.17968.8131 - Intel(R) Corporation)
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{BB9BB437-83CC-4497-AE89-911D61973784}) (Version: 6.5.1.330 - Intel Corporation) Hidden
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{dfe98c64-9135-41f4-a771-0a6cb80289af}) (Version: 6.5.1.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1912.12.0.1246 - Intel Corporation)
Intel(R) Network Connections 23.5.0.0 (HKLM\...\PROSetDX) (Version: 23.5.0.0 - Intel)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.20.0.4 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7999800f-411b-4d04-aadd-32b576d84592}) (Version: 21.20.1 - Intel Corporation)
Logiciel de base du périphérique HP ENVY 4500 series (HKLM\...\{9A9B64A8-A9E8-4588-B924-D1898D3E6355}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Logitech - Assistant pour jeux vidéo 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mises à jour NVIDIA 38.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.0.0 - NVIDIA Corporation) Hidden
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
MSI APP Manager (HKLM-x32\...\{00F47104-12BA-4E58-A7E6-F456C1BA338E}}_is1) (Version: 1.0.0.32 - MSI)
MSI Kombustor 3.5.0 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version: - MSI Co., LTD)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.42 - MSI)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.105 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.105 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.10.2 - OBS Project)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.0 - Razer Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.5.21.1028 - Razer Inc.)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.27 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.21.1 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8765.1 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.1 (HKLM-x32\...\RTSS) (Version: 7.2.1 - Unwinder)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
Samsung NVM Express Driver (HKLM-x32\...\{d6df2f24-bd8d-49bc-b751-fac310b24a4b}) (Version: 3.1.0.1901 - Samsung Electronics)
Samsung NVM Express Driver 3.1.0.1901 (HKLM\...\{DF7667AF-FC11-48A4-9585-7378B5224C1A}) (Version: 3.1.0.1901 - Samsung Electronics Co., Ltd) Hidden
Speedify (HKLM\...\Speedify) (Version: 8.1.1.6945 - Connectify)
Spotify (HKU\S-1-5-21-2375998001-1027120501-2333303859-1111\...\Spotify) (Version: 1.1.14.475.g566c8beb - Spotify AB)
StreamElements OBS.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 19.8.25.452 - StreamElements)
Streamlabs OBS 0.17.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.17.1 - General Workings, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.14.1 - Synaptics Incorporated)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Trading Station Publisher (HKLM-x32\...\{C9F0231D-7C82-4D3D-BC5C-98FDA809C5AA}) (Version: 1.0.0 - Myfxbook Ltd)
Twitch (HKU\S-1-5-21-2375998001-1027120501-2333303859-1111\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
VPNSecure.me Client 2.1.6 (HKLM\...\{6C5A0307-2A93-448D-A3F2-BCEA2EFF560D}}_is1) (Version: - VPNSecure.me)
Winamax Installer (HKU\S-1-5-21-2375998001-1027120501-2333303859-1111\...\Winamax Installer 2.3.9.1545297276) (Version: 2.3.9.1545297276 - Winamax)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
WPS Office (11.2.0.8934) (HKU\S-1-5-21-2375998001-1027120501-2333303859-1111\...\Kingsoft Office) (Version: 11.2.0.8934 - Kingsoft Corp.)
wtfast 4.13 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 4.13.1.1808 - Initex & AAA Internet Publishing)
Packages:
=========
ACG Player -> C:\Program Files\WindowsApps\41038AXILESOFT.ACGMEDIAPLAYER_1.15.17502.0_x64__wxjjre7dryqb6 [2019-04-26] (Axilesoft) [MS Ad]
Courrier et calendrier -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3340.0_x64__rz1tebttyb220 [2019-09-03] (Dolby Laboratories)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2019-04-18] (Hewlett-Packard Company)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-31] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-06-29] (Netflix, Inc.)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2019-02-04] (Thumbmunkeys Ltd) [MS Ad]
PicsArt - Photo Studio -> C:\Program Files\WindowsApps\2FE3CB00.PicsArt-PhotoStudio_8.7.0.0_x86__crhqpqs3x1ygc [2019-08-12] (PicsArt Inc.) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-02-04] (Plex)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.4.187.0_x64__dt26b99r8h8gj [2019-08-31] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2375998001-1027120501-2333303859-1111_Classes\CLSID\{1ECDA7BF-4DFA-41D8-9380-1A27B26CFC41}\InprocServer32 -> C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\kpdfcontextmenushellext\kpdfcontextmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-2375998001-1027120501-2333303859-1111_Classes\CLSID\{5bc772f7-cf25-4282-85c0-2a67f8dbc445}\localserver32 -> "C:\Program Files\Intel\Intel(R) Performance Maximizer\IPMTrayApp.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2375998001-1027120501-2333303859-1111_Classes\CLSID\{66A22D9E-7C6D-4641-BBD7-E6C738CF32B0}\InprocServer32 -> C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\kopenwpsshellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-2375998001-1027120501-2333303859-1111_Classes\CLSID\{67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F}\InprocServer32 -> C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\qingshellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-2375998001-1027120501-2333303859-1111_Classes\CLSID\{70239788-4DAE-49B8-9270-5D8614384B49}\InprocServer32 -> C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-2375998001-1027120501-2333303859-1111_Classes\CLSID\{C47A7F16-0572-495A-BB96-89A825661722}\InprocServer32 -> C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\knewdocshellext\knewdocshellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-2375998001-1027120501-2333303859-1111_Classes\CLSID\{C873FB7F-D6F1-4E21-9D4B-BB9D38B67C86}\InprocServer32 -> C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\photo2pdfshellext\photo2pdfshellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-08-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => -> No File
ContextMenuHandlers1_S-1-5-21-2375998001-1027120501-2333303859-1111: [ kopenwpsshellext] -> {66A22D9E-7C6D-4641-BBD7-E6C738CF32B0} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\kopenwpsshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers1_S-1-5-21-2375998001-1027120501-2333303859-1111: [ qingshellext] -> {67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\qingshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers1_S-1-5-21-2375998001-1027120501-2333303859-1111: [ KingsoftOfficePDF.ContextMenu] -> {1ECDA7BF-4DFA-41D8-9380-1A27B26CFC41} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\kpdfcontextmenushellext\kpdfcontextmenushellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers1_S-1-5-21-2375998001-1027120501-2333303859-1111: [knewdocshellext] -> {C47A7F16-0572-495A-BB96-89A825661722} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\knewdocshellext\knewdocshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers1_S-1-5-21-2375998001-1027120501-2333303859-1111: [kpdf2wordshellext] -> {70239788-4DAE-49B8-9270-5D8614384B49} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers1_S-1-5-21-2375998001-1027120501-2333303859-1111: [photo2pdfshellext] -> {C873FB7F-D6F1-4E21-9D4B-BB9D38B67C86} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\photo2pdfshellext\photo2pdfshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-2375998001-1027120501-2333303859-1111: [ kopenwpsshellext] -> {66A22D9E-7C6D-4641-BBD7-E6C738CF32B0} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\kopenwpsshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-2375998001-1027120501-2333303859-1111: [ qingshellext] -> {67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\qingshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-2375998001-1027120501-2333303859-1111: [knewdocshellext] -> {C47A7F16-0572-495A-BB96-89A825661722} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\knewdocshellext\knewdocshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers5_S-1-5-21-2375998001-1027120501-2333303859-1111: [ qingshellext] -> {67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\qingshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers5_S-1-5-21-2375998001-1027120501-2333303859-1111: [knewdocshellext] -> {C47A7F16-0572-495A-BB96-89A825661722} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\knewdocshellext\knewdocshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-08-23 09:15 - 2019-08-23 09:16 - 085602816 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\libcef.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000089600 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\libEGL.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 003841536 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\libGLESv2.dll
2019-03-11 01:53 - 2005-07-18 13:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\APP Manager\unrar.dll
2019-09-02 19:54 - 2019-09-02 19:51 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\DragonCenter\Mystic_Light\LEDControl.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000053760 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_bz2.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 000084992 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_ctypes.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 000783360 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_hashlib.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 000137216 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_lzma.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 000047104 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_socket.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 000039424 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\psutil._psutil_windows.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 001861120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtCore.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 002002944 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtGui.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 004101120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 000009728 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\select.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 000075264 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\sip.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 000758784 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\unicodedata.pyd
2019-06-19 10:25 - 2019-06-19 10:25 - 000209920 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\AacHal_x86.dll
2018-03-20 14:34 - 2018-03-20 14:34 - 000265728 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\SB_SMBUS_SDK.dll
2018-10-05 12:13 - 2018-10-05 12:13 - 000144896 _____ () [File not signed] C:\Program Files\Logitech Gaming Software\LAClient\libssh2.dll
2018-10-05 12:13 - 2018-10-05 12:13 - 000077824 _____ () [File not signed] C:\Program Files\Logitech Gaming Software\LAClient\zlib.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 000113664 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\_ctypes.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000173568 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\_elementtree.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 001800192 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\_hashlib.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000032256 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\_multiprocessing.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000046080 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\_psutil_windows.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000047616 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\_socket.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 002230784 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\_ssl.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000026112 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\_yappi.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000080896 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\bz2.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 006277632 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\cello.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000014848 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\common.time34.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000007680 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\hashobjs_ext.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000301568 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\PIL._imaging.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000169472 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\pyexpat.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 001084416 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\pysqlite2._sqlite.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000548864 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\pythoncom27.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 000137728 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\pywintypes27.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 000010752 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\select.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000020992 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\thumbnails_ext.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000689664 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\unicodedata.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000118784 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\usb_ext.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000128512 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32api.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000438784 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32com.shell.shell.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000011776 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32crypt.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000023040 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32event.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000149504 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32file.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000223232 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32gui.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000048128 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32inet.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000029696 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32pdh.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000027648 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32pipe.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000044032 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32process.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000020480 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32profile.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000136192 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32security.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000026624 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32ts.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000034304 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\windows.conditional.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000038400 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\windows.connectivity.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000073216 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\windows.device_monitor.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000110592 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\windows.volumes.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000020480 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\windows.winwrap.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 001325056 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wx._controls_.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 001489408 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wx._core_.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 001007104 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wx._gdi_.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000103424 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wx._html2.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000916992 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wx._misc_.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 001039872 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wx._windows_.pyd
2019-02-04 19:00 - 2019-09-02 19:50 - 000243712 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\DragonCenter\Nahimic\NahimicAPI.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 001463808 _____ (Firelight Technologies) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\fmod.dll
2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 002741248 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\python34.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\python27.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 000596992 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\chrome_elf.dll
2018-10-05 12:13 - 2018-10-05 12:13 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files\Logitech Gaming Software\LAClient\LIBCURL.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000848896 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icudt53.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 001580032 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuin53.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 001079296 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuuc53.dll
2018-10-05 12:13 - 2018-10-05 12:13 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LAClient\LIBEAY32.dll
2018-10-05 12:13 - 2018-10-05 12:13 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LAClient\SSLEAY32.dll
2018-04-06 22:29 - 2018-04-06 22:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 22:29 - 2018-04-06 22:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qdds.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qgif.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000029184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qicns.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qico.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000381952 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjp2.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000206848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjpeg.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000218624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qmng.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000016384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtga.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000308736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtiff.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwbmp.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000287232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwebp.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000991744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\platforms\qwindows.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 004182528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Core.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 004877312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Gui.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 004490752 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Widgets.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\audio\qtaudio_windows.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qgif.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qico.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qjpeg.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qmng.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qsvg.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qtiff.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\platforms\qwindows.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQml\Models.2\modelsplugin.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick.2\qtquick2plugin.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Window.2\windowplugin.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Core.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Gui.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Multimedia.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Network.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Qml.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Quick.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5QuickControls2.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5QuickTemplates2.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Svg.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Widgets.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5WinExtras.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Xml.dll
2019-09-02 19:54 - 2019-09-02 19:53 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\DragonCenter\Mystic_Light\Lib\SDKDLL.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wxbase30u_net_vc90_x64.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wxbase30u_vc90_x64.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wxmsw30u_adv_vc90_x64.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wxmsw30u_core_vc90_x64.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wxmsw30u_html_vc90_x64.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-02-05 06:30 - 2019-02-05 06:29 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\Dave\AppData\Local\Microsoft\WindowsApps;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NGX;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2375998001-1027120501-2333303859-1111\Control Panel\Desktop\\Wallpaper -> C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKU\S-1-5-21-2375998001-1027120501-2333303859-1111\...\StartupApproved\Run: => "WTFast Tray"
HKU\S-1-5-21-2375998001-1027120501-2333303859-1111\...\StartupApproved\Run: => "BitTorrent"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{80675274-06BF-4FA7-BC60-1BD2CFFCFB9E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2B266E45-34C8-4B46-B357-9130F3CE632E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{888225E8-2AF6-449B-90FD-9872E8DAB079}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DE439A8D-42B3-4B97-9C0F-F85E2BA753F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5781A80C-7EEF-4A49-847D-2FC1AADD7B53}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C9FAF60C-16A6-41BE-941F-48550ABC9350}] => (Allow) C:\Program Files (x86)\wtfast\wtfast.exe (AAA Internet Publishing Inc. -> AAA Internet Publishing Inc.)
FirewallRules: [{B235A5DC-3BDE-4669-9662-A5AF19B0071A}] => (Allow) %ProgramFiles% (x86)\World of Warcraft\World of Warcraft Launcher.exe No File
FirewallRules: [{B8B04744-1EAF-49BD-9F4E-777C6A165D51}] => (Allow) LPort=6012
FirewallRules: [{C6A10BBB-4E9A-4EA7-9EF4-3091A0183E89}] => (Allow) LPort=6012
FirewallRules: [{17E55A32-5012-4828-964E-589C94058D07}] => (Allow) C:\Users\Dave\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{4DC15310-2D1A-405F-864B-9648AD0465A9}] => (Allow) C:\Users\Dave\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{F688216A-5DED-4F02-AD02-DD3C8F527357}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{6C3FD835-0DFA-4485-AA52-D0100B03C896}] => (Allow) LPort=5357
FirewallRules: [{406A8522-B75D-4F51-8DF6-D2F1A26078DF}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [UDP Query User{F81043D3-FE73-42AF-948D-BAA630185A21}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{E15513E4-BE82-4204-85A3-1D0D9245B2E5}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{AF9BEA7E-854F-44A1-8103-CF9BC9AA3D46}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [TCP Query User{143A10F9-9947-4BAA-86F4-A735FFE13DEE}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [UDP Query User{919BF56C-52A2-4F6B-B14F-EEBE5619DC33}C:\users\dave\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dave\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{8BECCBDA-05BC-49E4-AC17-E77157CCD58F}C:\users\dave\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dave\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4C381E62-25BE-4C73-8E45-527956471E34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C0F7E43-2CDC-4DAC-990F-86894837A022}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{0681B541-B068-43D9-A901-585E24019346}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{E9E5A2F6-9AB9-4C16-8411-D53EEE7DBCEA}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{59F589C7-766F-487E-9FDE-190290580F76}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{CC23FD06-D3FD-401F-81C3-48C25B7D19AC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{39C96D8D-FA2B-470D-A0E9-8513A93ECC99}C:\users\dave\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dave\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{25CCF020-3B3F-4F40-82ED-9DAE0AE31DC6}C:\users\dave\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dave\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{44AD3D83-9690-4E2B-A189-DD81655FF3DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8301C6C3-4973-467E-B788-45FC3ABAB826}] => (Allow) C:\Program Files (x86)\wtfast\wtfast.exe (AAA Internet Publishing Inc. -> AAA Internet Publishing Inc.)
FirewallRules: [{590AC3F1-D4ED-42BB-9D84-7D965E53A97A}] => (Allow) LPort=26820
FirewallRules: [{E9AD198C-3931-465F-BFF8-273550F33534}] => (Allow) LPort=26822
==================== Restore Points =========================
02-09-2019 19:53:14 ENE RGB HAL
02-09-2019 19:53:31 ENE_EHD_HAL
03-09-2019 23:58:12 System Restore Point created by NetBalancer Setup
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/04/2019 12:20:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Candleworks\FXTS2\MFC80.DLL ».
Assembly dépendant Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (09/04/2019 12:20:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Candleworks\FXTS2\MFC80.DLL ».
Assembly dépendant Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (09/04/2019 12:19:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Candleworks\FXTS2\MFC80.DLL ».
Assembly dépendant Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (09/04/2019 12:19:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Candleworks\FXTS2\MFC80.DLL ».
Assembly dépendant Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (09/04/2019 11:25:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante AUDIODG.EXE, version : 10.0.18362.267, horodatage : 0xfeb44817
Nom du module défaillant : NAHIMICV3apo.dll, version : 3.7.6.58970, horodatage : 0x5d1a1735
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000034f0e5
ID du processus défaillant : 0xad4
Heure de début de l’application défaillante : 0x01d562f1e6c672fa
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\AUDIODG.EXE
Chemin d’accès du module défaillant: C:\WINDOWS\System32\NAHIMICV3apo.dll
ID de rapport : 90b671d9-4c5e-481b-8e13-6bfdbfa8290b
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (09/04/2019 10:48:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante AUDIODG.EXE, version : 10.0.18362.267, horodatage : 0xfeb44817
Nom du module défaillant : NAHIMICV3apo.dll, version : 3.7.6.58970, horodatage : 0x5d1a1735
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000034f0e5
ID du processus défaillant : 0x1e30
Heure de début de l’application défaillante : 0x01d562ec8f0a7703
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\AUDIODG.EXE
Chemin d’accès du module défaillant: C:\WINDOWS\System32\NAHIMICV3apo.dll
ID de rapport : ae316c56-ff97-43d7-9517-8fa47f655a31
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (09/04/2019 10:47:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante AUDIODG.EXE, version : 10.0.18362.267, horodatage : 0xfeb44817
Nom du module défaillant : NAHIMICV3apo.dll, version : 3.7.6.58970, horodatage : 0x5d1a1735
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000034f0e5
ID du processus défaillant : 0xd1c
Heure de début de l’application défaillante : 0x01d562ec7ffe2a9c
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\AUDIODG.EXE
Chemin d’accès du module défaillant: C:\WINDOWS\System32\NAHIMICV3apo.dll
ID de rapport : 814be737-4f6f-4d83-9924-0fef0a088e65
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (09/04/2019 10:14:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante AUDIODG.EXE, version : 10.0.18362.267, horodatage : 0xfeb44817
Nom du module défaillant : NAHIMICV3apo.dll, version : 3.7.6.58970, horodatage : 0x5d1a1735
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000031f767
ID du processus défaillant : 0x4598
Heure de début de l’application défaillante : 0x01d562e7f847538a
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\AUDIODG.EXE
Chemin d’accès du module défaillant: C:\WINDOWS\System32\NAHIMICV3apo.dll
ID de rapport : e93af2fe-26cd-47b2-ae32-9cc0d19c09ad
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
System errors:
=============
Error: (09/04/2019 11:27:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service Google Update (gupdate) n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.
Error: (09/04/2019 11:24:36 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue.
Chemin d’accès du module : C:\WINDOWS\system32\IntelWifiIhv08.dll
Error: (09/04/2019 11:24:36 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue.
Chemin d’accès du module : C:\WINDOWS\system32\IntelWifiIhv08.dll
Error: (09/04/2019 11:24:34 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue.
Chemin d’accès du module : C:\WINDOWS\system32\IntelWifiIhv08.dll
Error: (09/04/2019 11:24:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Intel(R) Dynamic Application Loader Host Interface Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (09/04/2019 11:24:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Intel(R) PROSet/Wireless Event Log s’est terminé de façon inattendue pour la 1ème fois.
Error: (09/04/2019 11:24:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Razer Central Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (09/04/2019 11:24:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Razer Game Manager s’est terminé de façon inattendue pour la 1ème fois.
Windows Defender:
===================================
Date: 2019-09-03 04:56:10.819
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!plock&threatid=2147723626&enterprise=0
Nom : Trojan:Win32/Tiggre!plock
ID : 2147723626
Gravité : Severe
Catégorie : Trojan
Chemin : containerfile:_C:\Users\Dave\AppData\Roaming\hbxtufbdesgh\msxmkcvpyxfzojb.msi; file:_C:\Users\Dave\AppData\Roaming\hbxtufbdesgh\msxmkcvpyxfzojb.msi->media.cab->TempDll; file:_C:\WINDOWS\System32\Tasks\pytoiidcymdes->(UTF-16LE); file:_C:\WINDOWS\System32\Tasks\wcuxavpfncumgpx->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F39B3F1-D8D6-4A09-B191-E0F62F4DA8A9}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF4F8C73-66B2-42AE-A903-F098C4B1FDF4}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pytoiidcymdes; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\wcuxavpfncumgpx; taskscheduler:_C:\WINDOWS\System32\Tasks\pytoiidcymdes; taskscheduler:_C:\WINDOWS\System32\Tasks\wcuxavpfncumgpx
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Utilisateur
Utilisateur : DAVID-PC\Dave
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.301.381.0, AS: 1.301.381.0, NIS: 1.301.381.0
Version du moteur : AM: 1.1.16300.1, NIS: 1.1.16300.1
Date: 2019-09-03 04:55:22.256
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!plock&threatid=2147723626&enterprise=0
Nom : Trojan:Win32/Tiggre!plock
ID : 2147723626
Gravité : Severe
Catégorie : Trojan
Chemin : containerfile:_C:\Users\Dave\AppData\Roaming\hbxtufbdesgh\msxmkcvpyxfzojb.msi; file:_C:\Users\Dave\AppData\Roaming\hbxtufbdesgh\msxmkcvpyxfzojb.msi->media.cab->TempDll; file:_C:\WINDOWS\System32\Tasks\pytoiidcymdes->(UTF-16LE); file:_C:\WINDOWS\System32\Tasks\wcuxavpfncumgpx->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F39B3F1-D8D6-4A09-B191-E0F62F4DA8A9}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF4F8C73-66B2-42AE-A903-F098C4B1FDF4}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pytoiidcymdes; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\wcuxavpfncumgpx; taskscheduler:_C:\WINDOWS\System32\Tasks\pytoiidcymdes; taskscheduler:_C:\WINDOWS\System32\Tasks\wcuxavpfncumgpx
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Système
Utilisateur : NT AUTHORITY\SYSTEM
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.301.381.0, AS: 1.301.381.0, NIS: 1.301.381.0
Version du moteur : AM: 1.1.16300.1, NIS: 1.1.16300.1
Date: 2019-09-03 04:52:48.509
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nom : Trojan:Win32/Occamy.C
ID : 2147726780
Gravité : Severe
Catégorie : Trojan
Chemin : file:_C:\Users\Dave\AppData\Local\Microsoft\Windows\INetCache\IE\YFKW533V\4[1].exe
Origine de la détection : Internet
Type de détection : Chemin rapide
Source de détection : Utilisateur
Utilisateur : DAVID-PC\Dave
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.301.381.0, AS: 1.301.381.0, NIS: 1.301.381.0
Version du moteur : AM: 1.1.16300.1, NIS: 1.1.16300.1
Date: 2019-09-03 04:27:21.933
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nom : Trojan:Win32/Occamy.C
ID : 2147726780
Gravité : Severe
Catégorie : Trojan
Chemin : file:_C:\Users\Dave\AppData\Local\Microsoft\Windows\INetCache\IE\YFKW533V\4[1].exe
Origine de la détection : Internet
Type de détection : Chemin rapide
Source de détection : Protection en temps réel
Utilisateur : DAVID-PC\Dave
Nom du processus : C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 8\UI8.exe
Version de la veille de sécurité : AV: 1.301.381.0, AS: 1.301.381.0, NIS: 1.301.381.0
Version du moteur : AM: 1.1.16300.1, NIS: 1.1.16300.1
Date: 2019-09-03 03:23:06.385
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {9D5B88F5-7A05-4EC9-85A4-7B85EB4403BD}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse complète
Utilisateur : DAVID-PC\Dave
Date: 2019-09-03 09:44:04.416
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.301.392.0
Source de mise à jour : Serveur Microsoft Update
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur :
Version précédente du moteur : 1.1.16300.1
Code d’erreur : 0x80240438
Description de l’erreur : An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===================================
Date: 2019-09-04 13:15:17.710
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-09-03 19:38:54.115
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-09-03 12:53:56.697
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-08-31 18:36:59.515
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-08-30 20:36:34.630
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-08-30 12:53:18.376
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-08-30 12:52:55.154
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-08-30 09:46:22.192
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. A.10 09/28/2018
Motherboard: Micro-Star International Co., Ltd. MPG Z390 GAMING EDGE AC (MS-7B17)
Processor: Intel(R) Core(TM) i5-9600K CPU @ 3.70GHz
Percentage of memory in use: 46%
Total physical RAM: 16323.53 MB
Available physical RAM: 8794.73 MB
Total Virtual: 24003.53 MB
Available Virtual: 9525.74 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:475.93 GB) (Free:263.16 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:297.99 GB) (Free:20.35 GB) NTFS
Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: () (Fixed) (Total:222.54 GB) (Free:220.43 GB) NTFS
Drive i: (ELEMENTS) (Fixed) (Total:931.28 GB) (Free:567.79 GB) FAT32
\\?\Volume{68c89e95-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{ba5560b4-0000-0000-0000-d0a837000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{68c89e95-0000-0000-0000-b01a77000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 128A2F44)
Partition 1: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: BA5560B4)
Partition 1: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=505 MB) - (Type=27)
Partition 4: (Not Active) - (Size=449 MB) - (Type=84)
========================================================
Disk: 2 (Size: 476.9 GB) (Disk ID: 68C89E95)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=475.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=534 MB) - (Type=27)
========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: 75EE532A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0B)
==================== End of Addition.txt ============================
Ran by Dave (04-09-2019 13:57:19)
Running from C:\Users\Dave\Desktop
Windows 10 Pro Version 1903 18362.295 (X64) (2019-08-29 10:11:43)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2375998001-1027120501-2333303859-500 - Administrator - Disabled)
Dave (S-1-5-21-2375998001-1027120501-2333303859-1111 - Administrator - Enabled) => C:\Users\Dave
David (S-1-5-21-2375998001-1027120501-2333303859-1000 - Administrator - Enabled) => C:\Users\plugnplay4
DefaultAccount (S-1-5-21-2375998001-1027120501-2333303859-503 - Limited - Disabled)
Guest (S-1-5-21-2375998001-1027120501-2333303859-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2375998001-1027120501-2333303859-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.238 - Adobe)
Apowersoft Online Launcher version 1.7.5 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.5 - APOWERSOFT LIMITED)
Ashampoo Internet Accelerator 3 (HKLM-x32\...\{4209F371-C803-200D-89A4-5479B6569259}_is1) (Version: 3.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 8 (HKLM-x32\...\{4209F371-D192-F401-E058-BBF7CF126AEA}_is1) (Version: 8.00.12 - Ashampoo GmbH & Co. KG)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Backup and Sync from Google (HKLM\...\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}) (Version: 3.45.5545.5747 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bose Updater (HKLM-x32\...\Bose Updater) (Version: 5.0.0.2500 - Bose Corporation)
cFosSpeed 10.51 (HKLM\...\cFosSpeed) (Version: 10.51 - cFos Software GmbH, Bonn)
CpuCoreParking (HKLM-x32\...\{0984C56D-2985-4786-AB62-39AB985E269C}) (Version: 2.1.2.0 - CpuCoreParking)
CPUID CPU-Z MSI 1.86 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.86 - CPUID, Inc.)
Discord (HKU\S-1-5-21-2375998001-1027120501-2333303859-1111\...\Discord) (Version: 0.0.305 - Discord Inc.)
DragonCenter (HKLM-x32\...\{B252FABF-9582-4824-B02B-6D2DC93685C7}}_is1) (Version: 1.0.0.10 - MSI)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 2.0.8 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{1CD178C9-BB49-4E59-9DA6-3C152E2A9844}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fe81cfd3-9db4-409d-b0f9-26707d1423c6}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
Étude pour l'amélioration du produit HP ENVY 4500 series (HKLM\...\{CBCCA175-DA19-424B-9D9F-5343140C884F}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
FXCM Trading Station Desktop (HKLM-x32\...\FXTS2) (Version: - Forex Capital Markets, LLC ("FXCM LLC"))
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP ENVY 4500 series Aide (HKLM-x32\...\{BAF28CCD-121D-4C6C-B29D-4F7B51B2D1B4}) (Version: 30.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Chipset Device Software (HKLM-x32\...\{ffddf9dd-c47f-453a-92f5-ac6c98af8b5b}) (Version: 10.1.17968.8131 - Intel(R) Corporation)
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{BB9BB437-83CC-4497-AE89-911D61973784}) (Version: 6.5.1.330 - Intel Corporation) Hidden
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{dfe98c64-9135-41f4-a771-0a6cb80289af}) (Version: 6.5.1.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1912.12.0.1246 - Intel Corporation)
Intel(R) Network Connections 23.5.0.0 (HKLM\...\PROSetDX) (Version: 23.5.0.0 - Intel)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.20.0.4 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7999800f-411b-4d04-aadd-32b576d84592}) (Version: 21.20.1 - Intel Corporation)
Logiciel de base du périphérique HP ENVY 4500 series (HKLM\...\{9A9B64A8-A9E8-4588-B924-D1898D3E6355}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Logitech - Assistant pour jeux vidéo 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mises à jour NVIDIA 38.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.0.0 - NVIDIA Corporation) Hidden
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
MSI APP Manager (HKLM-x32\...\{00F47104-12BA-4E58-A7E6-F456C1BA338E}}_is1) (Version: 1.0.0.32 - MSI)
MSI Kombustor 3.5.0 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version: - MSI Co., LTD)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.42 - MSI)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.105 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.105 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.10.2 - OBS Project)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.0 - Razer Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.5.21.1028 - Razer Inc.)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.27 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.21.1 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8765.1 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.1 (HKLM-x32\...\RTSS) (Version: 7.2.1 - Unwinder)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
Samsung NVM Express Driver (HKLM-x32\...\{d6df2f24-bd8d-49bc-b751-fac310b24a4b}) (Version: 3.1.0.1901 - Samsung Electronics)
Samsung NVM Express Driver 3.1.0.1901 (HKLM\...\{DF7667AF-FC11-48A4-9585-7378B5224C1A}) (Version: 3.1.0.1901 - Samsung Electronics Co., Ltd) Hidden
Speedify (HKLM\...\Speedify) (Version: 8.1.1.6945 - Connectify)
Spotify (HKU\S-1-5-21-2375998001-1027120501-2333303859-1111\...\Spotify) (Version: 1.1.14.475.g566c8beb - Spotify AB)
StreamElements OBS.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 19.8.25.452 - StreamElements)
Streamlabs OBS 0.17.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.17.1 - General Workings, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.14.1 - Synaptics Incorporated)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Trading Station Publisher (HKLM-x32\...\{C9F0231D-7C82-4D3D-BC5C-98FDA809C5AA}) (Version: 1.0.0 - Myfxbook Ltd)
Twitch (HKU\S-1-5-21-2375998001-1027120501-2333303859-1111\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
VPNSecure.me Client 2.1.6 (HKLM\...\{6C5A0307-2A93-448D-A3F2-BCEA2EFF560D}}_is1) (Version: - VPNSecure.me)
Winamax Installer (HKU\S-1-5-21-2375998001-1027120501-2333303859-1111\...\Winamax Installer 2.3.9.1545297276) (Version: 2.3.9.1545297276 - Winamax)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
WPS Office (11.2.0.8934) (HKU\S-1-5-21-2375998001-1027120501-2333303859-1111\...\Kingsoft Office) (Version: 11.2.0.8934 - Kingsoft Corp.)
wtfast 4.13 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 4.13.1.1808 - Initex & AAA Internet Publishing)
Packages:
=========
ACG Player -> C:\Program Files\WindowsApps\41038AXILESOFT.ACGMEDIAPLAYER_1.15.17502.0_x64__wxjjre7dryqb6 [2019-04-26] (Axilesoft) [MS Ad]
Courrier et calendrier -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3340.0_x64__rz1tebttyb220 [2019-09-03] (Dolby Laboratories)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2019-04-18] (Hewlett-Packard Company)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-31] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-06-29] (Netflix, Inc.)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2019-02-04] (Thumbmunkeys Ltd) [MS Ad]
PicsArt - Photo Studio -> C:\Program Files\WindowsApps\2FE3CB00.PicsArt-PhotoStudio_8.7.0.0_x86__crhqpqs3x1ygc [2019-08-12] (PicsArt Inc.) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-02-04] (Plex)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.4.187.0_x64__dt26b99r8h8gj [2019-08-31] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2375998001-1027120501-2333303859-1111_Classes\CLSID\{1ECDA7BF-4DFA-41D8-9380-1A27B26CFC41}\InprocServer32 -> C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\kpdfcontextmenushellext\kpdfcontextmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-2375998001-1027120501-2333303859-1111_Classes\CLSID\{5bc772f7-cf25-4282-85c0-2a67f8dbc445}\localserver32 -> "C:\Program Files\Intel\Intel(R) Performance Maximizer\IPMTrayApp.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2375998001-1027120501-2333303859-1111_Classes\CLSID\{66A22D9E-7C6D-4641-BBD7-E6C738CF32B0}\InprocServer32 -> C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\kopenwpsshellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-2375998001-1027120501-2333303859-1111_Classes\CLSID\{67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F}\InprocServer32 -> C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\qingshellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-2375998001-1027120501-2333303859-1111_Classes\CLSID\{70239788-4DAE-49B8-9270-5D8614384B49}\InprocServer32 -> C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-2375998001-1027120501-2333303859-1111_Classes\CLSID\{C47A7F16-0572-495A-BB96-89A825661722}\InprocServer32 -> C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\knewdocshellext\knewdocshellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-2375998001-1027120501-2333303859-1111_Classes\CLSID\{C873FB7F-D6F1-4E21-9D4B-BB9D38B67C86}\InprocServer32 -> C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\photo2pdfshellext\photo2pdfshellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-08-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => -> No File
ContextMenuHandlers1_S-1-5-21-2375998001-1027120501-2333303859-1111: [ kopenwpsshellext] -> {66A22D9E-7C6D-4641-BBD7-E6C738CF32B0} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\kopenwpsshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers1_S-1-5-21-2375998001-1027120501-2333303859-1111: [ qingshellext] -> {67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\qingshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers1_S-1-5-21-2375998001-1027120501-2333303859-1111: [ KingsoftOfficePDF.ContextMenu] -> {1ECDA7BF-4DFA-41D8-9380-1A27B26CFC41} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\kpdfcontextmenushellext\kpdfcontextmenushellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers1_S-1-5-21-2375998001-1027120501-2333303859-1111: [knewdocshellext] -> {C47A7F16-0572-495A-BB96-89A825661722} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\knewdocshellext\knewdocshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers1_S-1-5-21-2375998001-1027120501-2333303859-1111: [kpdf2wordshellext] -> {70239788-4DAE-49B8-9270-5D8614384B49} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers1_S-1-5-21-2375998001-1027120501-2333303859-1111: [photo2pdfshellext] -> {C873FB7F-D6F1-4E21-9D4B-BB9D38B67C86} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\photo2pdfshellext\photo2pdfshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-2375998001-1027120501-2333303859-1111: [ kopenwpsshellext] -> {66A22D9E-7C6D-4641-BBD7-E6C738CF32B0} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\kopenwpsshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-2375998001-1027120501-2333303859-1111: [ qingshellext] -> {67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\qingshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-2375998001-1027120501-2333303859-1111: [knewdocshellext] -> {C47A7F16-0572-495A-BB96-89A825661722} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\knewdocshellext\knewdocshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers5_S-1-5-21-2375998001-1027120501-2333303859-1111: [ qingshellext] -> {67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\qingshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers5_S-1-5-21-2375998001-1027120501-2333303859-1111: [knewdocshellext] -> {C47A7F16-0572-495A-BB96-89A825661722} => C:\Users\Dave\AppData\Local\Kingsoft\WPS Office\11.2.0.8934\office6\addons\knewdocshellext\knewdocshellext64.dll [2019-08-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-08-23 09:15 - 2019-08-23 09:16 - 085602816 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\libcef.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000089600 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\libEGL.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 003841536 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\libGLESv2.dll
2019-03-11 01:53 - 2005-07-18 13:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\APP Manager\unrar.dll
2019-09-02 19:54 - 2019-09-02 19:51 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\DragonCenter\Mystic_Light\LEDControl.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000053760 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_bz2.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 000084992 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_ctypes.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 000783360 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_hashlib.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 000137216 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_lzma.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 000047104 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_socket.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 000039424 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\psutil._psutil_windows.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 001861120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtCore.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 002002944 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtGui.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 004101120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 000009728 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\select.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 000075264 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\sip.pyd
2019-09-02 09:06 - 2019-09-02 09:06 - 000758784 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\unicodedata.pyd
2019-06-19 10:25 - 2019-06-19 10:25 - 000209920 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\AacHal_x86.dll
2018-03-20 14:34 - 2018-03-20 14:34 - 000265728 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\SB_SMBUS_SDK.dll
2018-10-05 12:13 - 2018-10-05 12:13 - 000144896 _____ () [File not signed] C:\Program Files\Logitech Gaming Software\LAClient\libssh2.dll
2018-10-05 12:13 - 2018-10-05 12:13 - 000077824 _____ () [File not signed] C:\Program Files\Logitech Gaming Software\LAClient\zlib.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 000113664 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\_ctypes.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000173568 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\_elementtree.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 001800192 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\_hashlib.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000032256 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\_multiprocessing.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000046080 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\_psutil_windows.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000047616 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\_socket.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 002230784 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\_ssl.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000026112 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\_yappi.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000080896 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\bz2.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 006277632 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\cello.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000014848 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\common.time34.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000007680 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\hashobjs_ext.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000301568 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\PIL._imaging.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000169472 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\pyexpat.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 001084416 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\pysqlite2._sqlite.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000548864 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\pythoncom27.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 000137728 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\pywintypes27.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 000010752 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\select.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000020992 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\thumbnails_ext.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000689664 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\unicodedata.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000118784 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\usb_ext.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000128512 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32api.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000438784 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32com.shell.shell.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000011776 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32crypt.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000023040 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32event.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000149504 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32file.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000223232 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32gui.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000048128 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32inet.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000029696 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32pdh.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000027648 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32pipe.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000044032 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32process.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000020480 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32profile.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000136192 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32security.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000026624 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\win32ts.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000034304 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\windows.conditional.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000038400 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\windows.connectivity.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000073216 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\windows.device_monitor.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000110592 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\windows.volumes.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000020480 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\windows.winwrap.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 001325056 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wx._controls_.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 001489408 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wx._core_.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 001007104 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wx._gdi_.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000103424 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wx._html2.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 000916992 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wx._misc_.pyd
2019-09-04 11:25 - 2019-09-04 11:25 - 001039872 _____ () [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wx._windows_.pyd
2019-02-04 19:00 - 2019-09-02 19:50 - 000243712 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\DragonCenter\Nahimic\NahimicAPI.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 001463808 _____ (Firelight Technologies) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\fmod.dll
2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 002741248 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\python34.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\python27.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 000596992 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\chrome_elf.dll
2018-10-05 12:13 - 2018-10-05 12:13 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files\Logitech Gaming Software\LAClient\LIBCURL.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000848896 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icudt53.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 001580032 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuin53.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 001079296 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuuc53.dll
2018-10-05 12:13 - 2018-10-05 12:13 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LAClient\LIBEAY32.dll
2018-10-05 12:13 - 2018-10-05 12:13 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LAClient\SSLEAY32.dll
2018-04-06 22:29 - 2018-04-06 22:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 22:29 - 2018-04-06 22:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qdds.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qgif.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000029184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qicns.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qico.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000381952 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjp2.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000206848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjpeg.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000218624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qmng.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000016384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtga.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000308736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtiff.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwbmp.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000287232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwebp.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 000991744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\platforms\qwindows.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 004182528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Core.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 004877312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Gui.dll
2019-09-02 09:06 - 2019-09-02 09:06 - 004490752 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Widgets.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\audio\qtaudio_windows.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qgif.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qico.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qjpeg.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qmng.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qsvg.dll
2019-08-23 09:15 - 2019-08-23 09:15 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qtiff.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\platforms\qwindows.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQml\Models.2\modelsplugin.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick.2\qtquick2plugin.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Window.2\windowplugin.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Core.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Gui.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Multimedia.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Network.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Qml.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Quick.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5QuickControls2.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5QuickTemplates2.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Svg.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Widgets.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5WinExtras.dll
2019-08-23 09:16 - 2019-08-23 09:16 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Xml.dll
2019-09-02 19:54 - 2019-09-02 19:53 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\DragonCenter\Mystic_Light\Lib\SDKDLL.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wxbase30u_net_vc90_x64.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wxbase30u_vc90_x64.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wxmsw30u_adv_vc90_x64.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wxmsw30u_core_vc90_x64.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wxmsw30u_html_vc90_x64.dll
2019-09-04 11:25 - 2019-09-04 11:25 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Dave\AppData\Local\Temp\_MEI148082\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-02-05 06:30 - 2019-02-05 06:29 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\Dave\AppData\Local\Microsoft\WindowsApps;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NGX;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2375998001-1027120501-2333303859-1111\Control Panel\Desktop\\Wallpaper -> C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKU\S-1-5-21-2375998001-1027120501-2333303859-1111\...\StartupApproved\Run: => "WTFast Tray"
HKU\S-1-5-21-2375998001-1027120501-2333303859-1111\...\StartupApproved\Run: => "BitTorrent"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{80675274-06BF-4FA7-BC60-1BD2CFFCFB9E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2B266E45-34C8-4B46-B357-9130F3CE632E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{888225E8-2AF6-449B-90FD-9872E8DAB079}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DE439A8D-42B3-4B97-9C0F-F85E2BA753F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5781A80C-7EEF-4A49-847D-2FC1AADD7B53}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C9FAF60C-16A6-41BE-941F-48550ABC9350}] => (Allow) C:\Program Files (x86)\wtfast\wtfast.exe (AAA Internet Publishing Inc. -> AAA Internet Publishing Inc.)
FirewallRules: [{B235A5DC-3BDE-4669-9662-A5AF19B0071A}] => (Allow) %ProgramFiles% (x86)\World of Warcraft\World of Warcraft Launcher.exe No File
FirewallRules: [{B8B04744-1EAF-49BD-9F4E-777C6A165D51}] => (Allow) LPort=6012
FirewallRules: [{C6A10BBB-4E9A-4EA7-9EF4-3091A0183E89}] => (Allow) LPort=6012
FirewallRules: [{17E55A32-5012-4828-964E-589C94058D07}] => (Allow) C:\Users\Dave\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{4DC15310-2D1A-405F-864B-9648AD0465A9}] => (Allow) C:\Users\Dave\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{F688216A-5DED-4F02-AD02-DD3C8F527357}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{6C3FD835-0DFA-4485-AA52-D0100B03C896}] => (Allow) LPort=5357
FirewallRules: [{406A8522-B75D-4F51-8DF6-D2F1A26078DF}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [UDP Query User{F81043D3-FE73-42AF-948D-BAA630185A21}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{E15513E4-BE82-4204-85A3-1D0D9245B2E5}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{AF9BEA7E-854F-44A1-8103-CF9BC9AA3D46}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [TCP Query User{143A10F9-9947-4BAA-86F4-A735FFE13DEE}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [UDP Query User{919BF56C-52A2-4F6B-B14F-EEBE5619DC33}C:\users\dave\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dave\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{8BECCBDA-05BC-49E4-AC17-E77157CCD58F}C:\users\dave\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dave\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4C381E62-25BE-4C73-8E45-527956471E34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C0F7E43-2CDC-4DAC-990F-86894837A022}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{0681B541-B068-43D9-A901-585E24019346}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{E9E5A2F6-9AB9-4C16-8411-D53EEE7DBCEA}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{59F589C7-766F-487E-9FDE-190290580F76}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{CC23FD06-D3FD-401F-81C3-48C25B7D19AC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{39C96D8D-FA2B-470D-A0E9-8513A93ECC99}C:\users\dave\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dave\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{25CCF020-3B3F-4F40-82ED-9DAE0AE31DC6}C:\users\dave\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dave\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{44AD3D83-9690-4E2B-A189-DD81655FF3DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8301C6C3-4973-467E-B788-45FC3ABAB826}] => (Allow) C:\Program Files (x86)\wtfast\wtfast.exe (AAA Internet Publishing Inc. -> AAA Internet Publishing Inc.)
FirewallRules: [{590AC3F1-D4ED-42BB-9D84-7D965E53A97A}] => (Allow) LPort=26820
FirewallRules: [{E9AD198C-3931-465F-BFF8-273550F33534}] => (Allow) LPort=26822
==================== Restore Points =========================
02-09-2019 19:53:14 ENE RGB HAL
02-09-2019 19:53:31 ENE_EHD_HAL
03-09-2019 23:58:12 System Restore Point created by NetBalancer Setup
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/04/2019 12:20:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Candleworks\FXTS2\MFC80.DLL ».
Assembly dépendant Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (09/04/2019 12:20:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Candleworks\FXTS2\MFC80.DLL ».
Assembly dépendant Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (09/04/2019 12:19:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Candleworks\FXTS2\MFC80.DLL ».
Assembly dépendant Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (09/04/2019 12:19:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Candleworks\FXTS2\MFC80.DLL ».
Assembly dépendant Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (09/04/2019 11:25:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante AUDIODG.EXE, version : 10.0.18362.267, horodatage : 0xfeb44817
Nom du module défaillant : NAHIMICV3apo.dll, version : 3.7.6.58970, horodatage : 0x5d1a1735
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000034f0e5
ID du processus défaillant : 0xad4
Heure de début de l’application défaillante : 0x01d562f1e6c672fa
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\AUDIODG.EXE
Chemin d’accès du module défaillant: C:\WINDOWS\System32\NAHIMICV3apo.dll
ID de rapport : 90b671d9-4c5e-481b-8e13-6bfdbfa8290b
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (09/04/2019 10:48:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante AUDIODG.EXE, version : 10.0.18362.267, horodatage : 0xfeb44817
Nom du module défaillant : NAHIMICV3apo.dll, version : 3.7.6.58970, horodatage : 0x5d1a1735
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000034f0e5
ID du processus défaillant : 0x1e30
Heure de début de l’application défaillante : 0x01d562ec8f0a7703
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\AUDIODG.EXE
Chemin d’accès du module défaillant: C:\WINDOWS\System32\NAHIMICV3apo.dll
ID de rapport : ae316c56-ff97-43d7-9517-8fa47f655a31
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (09/04/2019 10:47:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante AUDIODG.EXE, version : 10.0.18362.267, horodatage : 0xfeb44817
Nom du module défaillant : NAHIMICV3apo.dll, version : 3.7.6.58970, horodatage : 0x5d1a1735
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000034f0e5
ID du processus défaillant : 0xd1c
Heure de début de l’application défaillante : 0x01d562ec7ffe2a9c
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\AUDIODG.EXE
Chemin d’accès du module défaillant: C:\WINDOWS\System32\NAHIMICV3apo.dll
ID de rapport : 814be737-4f6f-4d83-9924-0fef0a088e65
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (09/04/2019 10:14:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante AUDIODG.EXE, version : 10.0.18362.267, horodatage : 0xfeb44817
Nom du module défaillant : NAHIMICV3apo.dll, version : 3.7.6.58970, horodatage : 0x5d1a1735
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000031f767
ID du processus défaillant : 0x4598
Heure de début de l’application défaillante : 0x01d562e7f847538a
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\AUDIODG.EXE
Chemin d’accès du module défaillant: C:\WINDOWS\System32\NAHIMICV3apo.dll
ID de rapport : e93af2fe-26cd-47b2-ae32-9cc0d19c09ad
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
System errors:
=============
Error: (09/04/2019 11:27:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service Google Update (gupdate) n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.
Error: (09/04/2019 11:24:36 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue.
Chemin d’accès du module : C:\WINDOWS\system32\IntelWifiIhv08.dll
Error: (09/04/2019 11:24:36 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue.
Chemin d’accès du module : C:\WINDOWS\system32\IntelWifiIhv08.dll
Error: (09/04/2019 11:24:34 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue.
Chemin d’accès du module : C:\WINDOWS\system32\IntelWifiIhv08.dll
Error: (09/04/2019 11:24:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Intel(R) Dynamic Application Loader Host Interface Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (09/04/2019 11:24:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Intel(R) PROSet/Wireless Event Log s’est terminé de façon inattendue pour la 1ème fois.
Error: (09/04/2019 11:24:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Razer Central Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (09/04/2019 11:24:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Razer Game Manager s’est terminé de façon inattendue pour la 1ème fois.
Windows Defender:
===================================
Date: 2019-09-03 04:56:10.819
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!plock&threatid=2147723626&enterprise=0
Nom : Trojan:Win32/Tiggre!plock
ID : 2147723626
Gravité : Severe
Catégorie : Trojan
Chemin : containerfile:_C:\Users\Dave\AppData\Roaming\hbxtufbdesgh\msxmkcvpyxfzojb.msi; file:_C:\Users\Dave\AppData\Roaming\hbxtufbdesgh\msxmkcvpyxfzojb.msi->media.cab->TempDll; file:_C:\WINDOWS\System32\Tasks\pytoiidcymdes->(UTF-16LE); file:_C:\WINDOWS\System32\Tasks\wcuxavpfncumgpx->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F39B3F1-D8D6-4A09-B191-E0F62F4DA8A9}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF4F8C73-66B2-42AE-A903-F098C4B1FDF4}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pytoiidcymdes; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\wcuxavpfncumgpx; taskscheduler:_C:\WINDOWS\System32\Tasks\pytoiidcymdes; taskscheduler:_C:\WINDOWS\System32\Tasks\wcuxavpfncumgpx
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Utilisateur
Utilisateur : DAVID-PC\Dave
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.301.381.0, AS: 1.301.381.0, NIS: 1.301.381.0
Version du moteur : AM: 1.1.16300.1, NIS: 1.1.16300.1
Date: 2019-09-03 04:55:22.256
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!plock&threatid=2147723626&enterprise=0
Nom : Trojan:Win32/Tiggre!plock
ID : 2147723626
Gravité : Severe
Catégorie : Trojan
Chemin : containerfile:_C:\Users\Dave\AppData\Roaming\hbxtufbdesgh\msxmkcvpyxfzojb.msi; file:_C:\Users\Dave\AppData\Roaming\hbxtufbdesgh\msxmkcvpyxfzojb.msi->media.cab->TempDll; file:_C:\WINDOWS\System32\Tasks\pytoiidcymdes->(UTF-16LE); file:_C:\WINDOWS\System32\Tasks\wcuxavpfncumgpx->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F39B3F1-D8D6-4A09-B191-E0F62F4DA8A9}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF4F8C73-66B2-42AE-A903-F098C4B1FDF4}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pytoiidcymdes; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\wcuxavpfncumgpx; taskscheduler:_C:\WINDOWS\System32\Tasks\pytoiidcymdes; taskscheduler:_C:\WINDOWS\System32\Tasks\wcuxavpfncumgpx
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Système
Utilisateur : NT AUTHORITY\SYSTEM
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.301.381.0, AS: 1.301.381.0, NIS: 1.301.381.0
Version du moteur : AM: 1.1.16300.1, NIS: 1.1.16300.1
Date: 2019-09-03 04:52:48.509
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nom : Trojan:Win32/Occamy.C
ID : 2147726780
Gravité : Severe
Catégorie : Trojan
Chemin : file:_C:\Users\Dave\AppData\Local\Microsoft\Windows\INetCache\IE\YFKW533V\4[1].exe
Origine de la détection : Internet
Type de détection : Chemin rapide
Source de détection : Utilisateur
Utilisateur : DAVID-PC\Dave
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.301.381.0, AS: 1.301.381.0, NIS: 1.301.381.0
Version du moteur : AM: 1.1.16300.1, NIS: 1.1.16300.1
Date: 2019-09-03 04:27:21.933
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nom : Trojan:Win32/Occamy.C
ID : 2147726780
Gravité : Severe
Catégorie : Trojan
Chemin : file:_C:\Users\Dave\AppData\Local\Microsoft\Windows\INetCache\IE\YFKW533V\4[1].exe
Origine de la détection : Internet
Type de détection : Chemin rapide
Source de détection : Protection en temps réel
Utilisateur : DAVID-PC\Dave
Nom du processus : C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 8\UI8.exe
Version de la veille de sécurité : AV: 1.301.381.0, AS: 1.301.381.0, NIS: 1.301.381.0
Version du moteur : AM: 1.1.16300.1, NIS: 1.1.16300.1
Date: 2019-09-03 03:23:06.385
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {9D5B88F5-7A05-4EC9-85A4-7B85EB4403BD}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse complète
Utilisateur : DAVID-PC\Dave
Date: 2019-09-03 09:44:04.416
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.301.392.0
Source de mise à jour : Serveur Microsoft Update
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur :
Version précédente du moteur : 1.1.16300.1
Code d’erreur : 0x80240438
Description de l’erreur : An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===================================
Date: 2019-09-04 13:15:17.710
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-09-03 19:38:54.115
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-09-03 12:53:56.697
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-08-31 18:36:59.515
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-08-30 20:36:34.630
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-08-30 12:53:18.376
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-08-30 12:52:55.154
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-08-30 09:46:22.192
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. A.10 09/28/2018
Motherboard: Micro-Star International Co., Ltd. MPG Z390 GAMING EDGE AC (MS-7B17)
Processor: Intel(R) Core(TM) i5-9600K CPU @ 3.70GHz
Percentage of memory in use: 46%
Total physical RAM: 16323.53 MB
Available physical RAM: 8794.73 MB
Total Virtual: 24003.53 MB
Available Virtual: 9525.74 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:475.93 GB) (Free:263.16 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:297.99 GB) (Free:20.35 GB) NTFS
Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: () (Fixed) (Total:222.54 GB) (Free:220.43 GB) NTFS
Drive i: (ELEMENTS) (Fixed) (Total:931.28 GB) (Free:567.79 GB) FAT32
\\?\Volume{68c89e95-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{ba5560b4-0000-0000-0000-d0a837000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{68c89e95-0000-0000-0000-b01a77000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 128A2F44)
Partition 1: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: BA5560B4)
Partition 1: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=505 MB) - (Type=27)
Partition 4: (Not Active) - (Size=449 MB) - (Type=84)
========================================================
Disk: 2 (Size: 476.9 GB) (Disk ID: 68C89E95)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=475.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=534 MB) - (Type=27)
========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: 75EE532A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0B)
==================== End of Addition.txt ============================