Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Ran by hp (29-11-2023 20:18:20)
Running from C:\Users\hp\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) (2023-05-17 22:14:05)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3239584733-2071816809-1449778513-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3239584733-2071816809-1449778513-503 - Limited - Disabled)
Guest (S-1-5-21-3239584733-2071816809-1449778513-501 - Limited - Disabled)
hp (S-1-5-21-3239584733-2071816809-1449778513-1001 - Administrator - Enabled) => C:\Users\hp
WDAGUtilityAccount (S-1-5-21-3239584733-2071816809-1449778513-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.007.20095 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.61 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
DigitalPulse version 0.16.16 (HKU\S-1-5-21-3239584733-2071816809-1449778513-1001\...\{64F4736C-6169-4520-9368-BE1C9EAE552A}_is1) (Version: 0.16.16 - DigitalPulse, Ltd.) <==== ATTENTION
Easy Photo Scan (HKLM-x32\...\{93AEF2AF-86FB-42AD-8392-5DAEC0638B1A}) (Version: 1.00.0012 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{B1765501-59E8-4395-BF00-8A2C1F1FC1E0}) (Version: 3.10.0091 - Seiko Epson Corporation)
EPSON L3110 Series Printer Uninstall (HKLM\...\EPSON L3110 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{9A09FA7F-C756-4B47-98D0-6C8482980A46}) (Version: 2.1.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.650 - Huawei Technologies Co., Ltd.)
HP DeskJet 2130 series Basic Device Software (HKLM\...\{D82824A3-7576-4820-B68A-BB92F2ED1EDF}) (Version: 40.15.1230.21319 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{71175310-91E7-49E9-A714-15151F839268}) (Version: 44.5.501.81934 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{1DE1A510-1B9F-409E-A586-34C6DB1EDF1F}) (Version: 44.5.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{8202C130-5331-4FA4-9B94-CD5B7D595971}) (Version: 44.5.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{C7242B1F-50CF-4C88-92C0-6012281B0E72}) (Version: 44.5.501.81934 - HP)
HP LaserJet MFP M129-M134 Basic Device Software (HKLM\...\{4E0832D5-6728-41B4-9D62-4B237F5C1A08}) (Version: 44.11.2775.2268 - HP Inc.)
HP OneDrive Plugin (HKLM-x32\...\{88B06412-906E-473D-B69B-71EB040F15F5}) (Version: 44.5.0.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{C3547CAA-C272-4A32-9A53-358892E9026B}) (Version: 44.5.0.0 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6499.0 - IDT)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Kaspersky (HKLM-x32\...\{59D11F0A-ACA9-3CE7-8227-267AA4900780}) (Version: 21.15.8.493 - Kaspersky) Hidden
Kaspersky (HKLM-x32\...\InstallWIX_{59D11F0A-ACA9-3CE7-8227-267AA4900780}) (Version: 21.15.8.493 - Kaspersky)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
LM129 (HKLM-x32\...\{A2D25501-6F44-4CE2-9EFA-C9E5A0658FA9}) (Version: 0.00.0005 - HP)
Microsoft Access MUI (French) 2013 (HKLM-x32\...\{90150000-0015-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (French) 2013 (HKLM-x32\...\{90150000-0090-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Excel MUI (French) 2013 (HKLM-x32\...\{90150000-0016-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (French) 2013 (HKLM-x32\...\{90150000-00BA-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (French) 2013 (HKLM-x32\...\{90150000-0044-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (French) 2013 (HKLM-x32\...\{90150000-012B-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (HKLM\...\{90150000-002A-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (French) 2013 (HKLM-x32\...\{90150000-00E1-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (French) 2013 (HKLM-x32\...\{90150000-00E2-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professionnel Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Proofing (French) 2013 (HKLM-x32\...\{90150000-002C-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (HKLM-x32\...\{90150000-001F-0C0A-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM-x32\...\{90150000-001F-0413-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - اللغة العربية (HKLM-x32\...\{90150000-001F-0401-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (French) 2013 (HKLM\...\{90150000-002A-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2013 (HKLM-x32\...\{90150000-006E-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.226.1031.0003 - Microsoft Corporation)
Microsoft OneNote MUI (French) 2013 (HKLM-x32\...\{90150000-00A1-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (French) 2013 (HKLM-x32\...\{90150000-001A-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (French) 2013 (HKLM-x32\...\{90150000-0018-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Project - fr-fr (HKLM\...\ProjectProRetail - fr-fr) (Version: 16.0.16731.20316 - Microsoft Corporation)
Microsoft Publisher MUI (French) 2013 (HKLM-x32\...\{90150000-0019-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visio - fr-fr (HKLM\...\VisioProRetail - fr-fr) (Version: 16.0.16731.20316 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (French) 2013 (HKLM-x32\...\{90150000-001B-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20316 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20316 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.16731.20316 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PA Previewer 9.8 (HKLM-x32\...\PA Previewer_is1) (Version: - )
Power BI Report Builder (HKLM\...\{ADDC2159-BA6F-4DE7-A3B4-1B1B2710C50C}) (Version: 15.7.1802.126 - Microsoft Corporation)
Product Improvement Study for HP DeskJet 2130 series (HKLM\...\{70B105F7-908E-461F-8471-CFA944354397}) (Version: 40.15.1230.21319 - HP Inc.)
Product Improvement Study for HP LaserJet MFP M129-M134 (HKLM\...\{00087596-A1AA-49A6-9743-0DF787B8F2CC}) (Version: 44.11.2775.2268 - HP Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.22621.21358 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
Uninstaller (HKU\S-1-5-21-3239584733-2071816809-1449778513-1001\...\Uninstaller) (Version: - Uninstaller)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{8F2D6CEB-BC98-4B69-A5C1-78BED238FE77}) (Version: 2.71.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
YoutubeDownloader (HKLM-x32\...\A5B2E9DE-804B-461B-A731-529DF0B69DAC) (Version: 2.0.0.2694 - )
YoutubeDownloader (HKLM-x32\...\B8FDEED2-3FFC-4E3E-8F6F-5922A4955A1D) (Version: 2.0.0.2637 - )
Zoom (HKU\S-1-5-21-3239584733-2071816809-1449778513-1001\...\ZoomUMX) (Version: 5.15.2 (18096) - Zoom Video Communications, Inc.)
Packages:
=========
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-09-18] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.18.1011.0_x64__rz1tebttyb220 [2023-09-29] (Dolby Laboratories)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_149.1.1056.0_x64__v10z8vjag6ke6 [2023-09-15] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-02-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-02-16] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-25] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2338.7.0_x64__cv1g1gvanyjgm [2023-09-29] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{04271989-C4D2-DA76-B51D-07B01A936FE3} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{1248BD21-B584-4EB8-85D0-8EC479CD043B}\Shell\Open\Command -> C:\Program Files (x86)\HiSuite\HiSuite.exe (Huawei Technologies Co., Ltd. -> 华为技术有限公司 版权所有) [File not signed]
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{1248BD21-B584-4EB8-85D0-8EC479CD043B} -> [华为手机助手] => C:\Program Files (x86)\HiSuite [2023-08-04 17:16]
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{608D599A-DCA6-4A7C-BED7-AFCD8465345A}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{64C6EFB9-8F79-4106-B975-067448DC768F}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{E3D57E77-FE71-4D06-BD34-D48820074909}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{F1CBF5EB-347F-4E4C-90AC-E43339FC34EC}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.173.55\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [Kaspersky Standard 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll [2023-11-07] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Standard 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll [2023-11-07] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [Kaspersky Standard 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll [2023-11-07] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Kaspersky Standard 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll [2023-11-07] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
0000-00-00 00:00 - 0000-00-00 00:00 - 000000000 _____ () <==== ATTENTION [zero byte File/Folder] \\?\C:\Users\hp\AppData\Roaming\Java\jre8\bin\java.exe:jll
2021-02-25 07:25 - 2021-02-25 07:25 - 003675632 _____ (Adobe Systems, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\amtlib.dll
2017-02-13 14:54 - 2017-02-13 14:54 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 21:46 - 2017-09-29 21:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3239584733-2071816809-1449778513-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 172.16.4.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
HKU\S-1-5-21-3239584733-2071816809-1449778513-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8230D309-BC59-4856-B201-8FFA65467846}] => (Allow) C:\Program Files (x86)\360\360DrvMgr\LiveUpdate360.exe => No File
FirewallRules: [{F32D606E-8417-45B3-9809-D5068A523BCE}] => (Allow) C:\Program Files (x86)\360\360DrvMgr\LiveUpdate360.exe => No File
FirewallRules: [{6681F425-D328-4319-B87D-1B7EE62F7E71}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D85537AC-65E0-4125-9988-3FA16E659F46}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{48864C64-CA97-49F7-B8EC-C27E71992C87}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DE417219-55C5-4D8C-A825-59EDB840EAF6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F34AE439-AC1B-4F99-9991-7139D034AA2F}] => (Allow) C:\Users\hp\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{781B50F8-A3A1-4F90-8997-D7A852B917B7}] => (Allow) C:\Users\hp\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{9C4DA39B-23BC-4FA1-AB1D-918A153446D7}] => (Allow) C:\Users\hp\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{B0A2E98B-268C-4DB1-B707-7674E80F5A8E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{584ED1DA-F5F9-42F1-98B3-3051FD1DC35F}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{33F7AA2F-30DB-4C86-8884-1B48AE83B3A3}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\EWSProxy.exe (HP Inc. -> HP Inc.)
FirewallRules: [{FCFBA671-D1DA-46A5-A890-2BE5B8A7568D}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{3B6100E1-16C7-4568-9DC2-80B2A5C9D135}] => (Allow) LPort=5357
FirewallRules: [{BEF4C5C3-AB0F-442E-91B0-BD70F4E09E08}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{CD97F378-5A5B-459D-9DE5-EE266F63D2FC}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\DigitalWizards.exe (HP Inc. -> HP Inc.)
FirewallRules: [{BB9E33A3-8CE1-415B-A1B5-B68CA9DD9A62}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\FaxPrinterUtility.exe (HP Inc. -> HP Inc.)
FirewallRules: [{7897966D-2AD4-4F16-9A20-CAF0C71A0830}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\USBSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{EFE4041F-4531-4E15-99EC-B475A5912A03}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{DCB96316-CC65-4EE3-BC35-F6FE00A63CDD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B94963BF-2039-4D72-8CE9-E9F4C831D1DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E7E118CD-C18F-4099-B0CA-139D69190842}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{952DF130-FE6F-4EF6-ABDD-AF423F6E1A68}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2CAF31A5-9247-47FF-BE88-401514CD3E20}] => (Allow) C:\Users\hp\Pictures\HmGjW1GvjQREnW2sTwfGl4Wr.exe => No File
FirewallRules: [{6CA896C2-54E8-4ABD-8F19-CA7AF5EB9447}] => (Allow) C:\Users\hp\Pictures\HmGjW1GvjQREnW2sTwfGl4Wr.exe => No File
FirewallRules: [{A8329122-2D96-4589-892E-EB3C158770B9}] => (Allow) C:\Users\hp\Pictures\YpS3z7CWfY9kciwQANcmSP4r.exe => No File
FirewallRules: [{21A4D477-5751-493D-B3EA-554F75196F23}] => (Allow) C:\Users\hp\Pictures\YpS3z7CWfY9kciwQANcmSP4r.exe => No File
FirewallRules: [{37FBFF91-9EBC-4055-A860-E9EB751B7551}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:62.26 GB) (Free:11.8 GB) (19%)
==================== Faulty Device Manager Devices ============
Name: SCSI Scanner Device
Description: SCSI Scanner Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: scsiscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/29/2023 06:59:04 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004E016
Partial Pkey=J4YRC
ACID=?
Detailed Error[?]
Error: (11/13/2023 06:39:49 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004E016
Partial Pkey=J4YRC
ACID=?
Detailed Error[?]
Error: (11/13/2023 06:38:20 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004E016
Partial Pkey=J4YRC
ACID=?
Detailed Error[?]
Error: (11/13/2023 06:35:26 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004E016
Partial Pkey=J4YRC
ACID=?
Detailed Error[?]
Error: (11/13/2023 06:35:01 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004E016
Partial Pkey=J4YRC
ACID=?
Detailed Error[?]
Error: (11/13/2023 06:27:54 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (11/13/2023 06:27:41 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (11/13/2023 04:02:33 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007267C
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
System errors:
=============
Error: (11/07/2023 02:59:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Software Protection service failed to start due to the following error:
Access is denied.
Error: (11/07/2023 02:59:13 PM) (Source: DCOM) (EventID: 10001) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800} as NT Authority/NetworkService. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}
Error: (11/07/2023 02:59:13 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
Error: (11/07/2023 02:59:13 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
Error: (11/07/2023 02:59:13 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
Error: (11/07/2023 02:59:13 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
Error: (11/07/2023 02:59:13 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
Error: (11/07/2023 02:59:13 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
Windows Defender:
================
Date: 2023-10-02 14:09:04
Description:
Microsoft Defender 防病毒 检测到恶意软件或其他可能不需要的软件。
有关详细信息,请参阅以下内容:
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0
名称: VirTool:Win32/DefenderTamperingRestore
严重性: 严重
类别: 工具
路径: regkeyvalue:_hklm\software\policies\microsoft\windows defender\real-time protection\\DisableBehaviorMonitoring
检测起源: 未知
检测类型: 实际
检测源: 系统
用户: NT AUTHORITY\SYSTEM
进程名称: Unknown
安全智能版本: AV: 1.397.1927.0, AS: 1.397.1927.0, NIS: 0.0.0.0
引擎版本: AM: 1.1.23080.2005, NIS: 0.0.0.0
Date: 2023-09-29 21:22:06
Description:
在完成前停止了 Microsoft Defender 防病毒 扫描。
扫描 ID: {494CBF3F-61BA-4DBF-995C-4C67DD4783E8}
扫描类型: 反恶意软件
扫描参数: 快速扫描
用户: NT AUTHORITY\SYSTEM
Date: 2023-09-29 20:33:16
Description:
在完成前停止了 Microsoft Defender 防病毒 扫描。
扫描 ID: {0E3F4012-36C9-4335-BE7D-8A2F8D01ED83}
扫描类型: 反恶意软件
扫描参数: 快速扫描
用户: NT AUTHORITY\SYSTEM
Date: 2023-09-26 22:41:41
Description:
在完成前停止了 Microsoft Defender 防病毒 扫描。
扫描 ID: {F3291228-5DAF-4754-8A77-2946E003F033}
扫描类型: 反恶意软件
扫描参数: 快速扫描
用户: NT AUTHORITY\SYSTEM
Date: 2023-09-26 22:26:30
Description:
在完成前停止了 Microsoft Defender 防病毒 扫描。
扫描 ID: {0B5421A4-1252-4ADB-9A19-B0E5543E11BE}
扫描类型: 反恶意软件
扫描参数: 快速扫描
用户: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-09-09 17:08:09
Description:
Microsoft Defender 防病毒 尝试更新安全智能时遇到错误。
新安全智能版本:
以前的安全智能版本: 1.397.566.0
更新源: Microsoft 更新服务器
安全智能类型: 防病毒
更新类型: 完全
用户: NT AUTHORITY\SYSTEM
当前引擎版本:
上一个引擎版本: 1.1.23080.2005
错误代码: 0x80072ee2
错误说明: 操作超时
Date: 2023-09-09 16:49:22
Description:
Microsoft Defender 防病毒 尝试更新安全智能时遇到错误。
新安全智能版本:
以前的安全智能版本: 1.397.566.0
更新源: Microsoft 更新服务器
安全智能类型: 防病毒
更新类型: 完全
用户: NT AUTHORITY\SYSTEM
当前引擎版本:
上一个引擎版本: 1.1.23080.2005
错误代码: 0x80072ee2
错误说明: 操作超时
Date: 2023-09-09 16:08:45
Description:
Microsoft Defender 防病毒 尝试更新安全智能时遇到错误。
新安全智能版本:
以前的安全智能版本: 1.397.566.0
更新源: Microsoft 更新服务器
安全智能类型: 防病毒
更新类型: 完全
用户: NT AUTHORITY\SYSTEM
当前引擎版本:
上一个引擎版本: 1.1.23080.2005
错误代码: 0x80072ee2
错误说明: 操作超时
Date: 2023-09-09 04:34:39
Description:
Microsoft Defender 防病毒 尝试更新安全智能时遇到错误。
新安全智能版本:
以前的安全智能版本: 1.397.566.0
更新源: Microsoft 更新服务器
安全智能类型: 防病毒
更新类型: 完全
用户: NT AUTHORITY\SYSTEM
当前引擎版本:
上一个引擎版本: 1.1.23080.2005
错误代码: 0x80072ee2
错误说明: 操作超时
Date: 2023-09-09 03:50:52
Description:
Microsoft Defender 防病毒 尝试更新安全智能时遇到错误。
新安全智能版本:
以前的安全智能版本: 1.397.566.0
更新源: Microsoft 更新服务器
安全智能类型: 防病毒
更新类型: 完全
用户: NT AUTHORITY\SYSTEM
当前引擎版本:
上一个引擎版本: 1.1.23080.2005
错误代码: 0x80072ee2
错误说明: 操作超时
CodeIntegrity:
===============
Date: 2023-11-29 22:09:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\com_antivirus.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Hewlett-Packard L71 Ver. 01.11 04/29/2014
Motherboard: Hewlett-Packard 1991
Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 87%
Total physical RAM: 4009.11 MB
Available physical RAM: 506.12 MB
Total Virtual: 7803.41 MB
Available Virtual: 867.11 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:62.26 GB) (Free:11.8 GB) (Model: Netac SSD 120GB) NTFS
Drive d: () (Fixed) (Total:48.31 GB) (Free:44.5 GB) (Model: Netac SSD 120GB) NTFS
\\?\Volume{d5a99103-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{d5a99103-0000-0000-0000-50b30f000000}\ () (Fixed) (Total:0.67 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: D5A99103)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=62.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=691 MB) - (Type=27)
Partition 4: (Not Active) - (Size=48.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Ran by hp (29-11-2023 20:18:20)
Running from C:\Users\hp\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) (2023-05-17 22:14:05)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3239584733-2071816809-1449778513-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3239584733-2071816809-1449778513-503 - Limited - Disabled)
Guest (S-1-5-21-3239584733-2071816809-1449778513-501 - Limited - Disabled)
hp (S-1-5-21-3239584733-2071816809-1449778513-1001 - Administrator - Enabled) => C:\Users\hp
WDAGUtilityAccount (S-1-5-21-3239584733-2071816809-1449778513-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.007.20095 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.61 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
DigitalPulse version 0.16.16 (HKU\S-1-5-21-3239584733-2071816809-1449778513-1001\...\{64F4736C-6169-4520-9368-BE1C9EAE552A}_is1) (Version: 0.16.16 - DigitalPulse, Ltd.) <==== ATTENTION
Easy Photo Scan (HKLM-x32\...\{93AEF2AF-86FB-42AD-8392-5DAEC0638B1A}) (Version: 1.00.0012 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{B1765501-59E8-4395-BF00-8A2C1F1FC1E0}) (Version: 3.10.0091 - Seiko Epson Corporation)
EPSON L3110 Series Printer Uninstall (HKLM\...\EPSON L3110 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{9A09FA7F-C756-4B47-98D0-6C8482980A46}) (Version: 2.1.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.650 - Huawei Technologies Co., Ltd.)
HP DeskJet 2130 series Basic Device Software (HKLM\...\{D82824A3-7576-4820-B68A-BB92F2ED1EDF}) (Version: 40.15.1230.21319 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{71175310-91E7-49E9-A714-15151F839268}) (Version: 44.5.501.81934 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{1DE1A510-1B9F-409E-A586-34C6DB1EDF1F}) (Version: 44.5.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{8202C130-5331-4FA4-9B94-CD5B7D595971}) (Version: 44.5.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{C7242B1F-50CF-4C88-92C0-6012281B0E72}) (Version: 44.5.501.81934 - HP)
HP LaserJet MFP M129-M134 Basic Device Software (HKLM\...\{4E0832D5-6728-41B4-9D62-4B237F5C1A08}) (Version: 44.11.2775.2268 - HP Inc.)
HP OneDrive Plugin (HKLM-x32\...\{88B06412-906E-473D-B69B-71EB040F15F5}) (Version: 44.5.0.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{C3547CAA-C272-4A32-9A53-358892E9026B}) (Version: 44.5.0.0 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6499.0 - IDT)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Kaspersky (HKLM-x32\...\{59D11F0A-ACA9-3CE7-8227-267AA4900780}) (Version: 21.15.8.493 - Kaspersky) Hidden
Kaspersky (HKLM-x32\...\InstallWIX_{59D11F0A-ACA9-3CE7-8227-267AA4900780}) (Version: 21.15.8.493 - Kaspersky)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
LM129 (HKLM-x32\...\{A2D25501-6F44-4CE2-9EFA-C9E5A0658FA9}) (Version: 0.00.0005 - HP)
Microsoft Access MUI (French) 2013 (HKLM-x32\...\{90150000-0015-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (French) 2013 (HKLM-x32\...\{90150000-0090-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Excel MUI (French) 2013 (HKLM-x32\...\{90150000-0016-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (French) 2013 (HKLM-x32\...\{90150000-00BA-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (French) 2013 (HKLM-x32\...\{90150000-0044-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (French) 2013 (HKLM-x32\...\{90150000-012B-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (HKLM\...\{90150000-002A-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (French) 2013 (HKLM-x32\...\{90150000-00E1-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (French) 2013 (HKLM-x32\...\{90150000-00E2-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professionnel Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Proofing (French) 2013 (HKLM-x32\...\{90150000-002C-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (HKLM-x32\...\{90150000-001F-0C0A-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM-x32\...\{90150000-001F-0413-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - اللغة العربية (HKLM-x32\...\{90150000-001F-0401-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (French) 2013 (HKLM\...\{90150000-002A-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2013 (HKLM-x32\...\{90150000-006E-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.226.1031.0003 - Microsoft Corporation)
Microsoft OneNote MUI (French) 2013 (HKLM-x32\...\{90150000-00A1-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (French) 2013 (HKLM-x32\...\{90150000-001A-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (French) 2013 (HKLM-x32\...\{90150000-0018-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Project - fr-fr (HKLM\...\ProjectProRetail - fr-fr) (Version: 16.0.16731.20316 - Microsoft Corporation)
Microsoft Publisher MUI (French) 2013 (HKLM-x32\...\{90150000-0019-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visio - fr-fr (HKLM\...\VisioProRetail - fr-fr) (Version: 16.0.16731.20316 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (French) 2013 (HKLM-x32\...\{90150000-001B-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20316 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20316 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.16731.20316 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PA Previewer 9.8 (HKLM-x32\...\PA Previewer_is1) (Version: - )
Power BI Report Builder (HKLM\...\{ADDC2159-BA6F-4DE7-A3B4-1B1B2710C50C}) (Version: 15.7.1802.126 - Microsoft Corporation)
Product Improvement Study for HP DeskJet 2130 series (HKLM\...\{70B105F7-908E-461F-8471-CFA944354397}) (Version: 40.15.1230.21319 - HP Inc.)
Product Improvement Study for HP LaserJet MFP M129-M134 (HKLM\...\{00087596-A1AA-49A6-9743-0DF787B8F2CC}) (Version: 44.11.2775.2268 - HP Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.22621.21358 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
Uninstaller (HKU\S-1-5-21-3239584733-2071816809-1449778513-1001\...\Uninstaller) (Version: - Uninstaller)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{8F2D6CEB-BC98-4B69-A5C1-78BED238FE77}) (Version: 2.71.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
YoutubeDownloader (HKLM-x32\...\A5B2E9DE-804B-461B-A731-529DF0B69DAC) (Version: 2.0.0.2694 - )
YoutubeDownloader (HKLM-x32\...\B8FDEED2-3FFC-4E3E-8F6F-5922A4955A1D) (Version: 2.0.0.2637 - )
Zoom (HKU\S-1-5-21-3239584733-2071816809-1449778513-1001\...\ZoomUMX) (Version: 5.15.2 (18096) - Zoom Video Communications, Inc.)
Packages:
=========
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-09-18] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.18.1011.0_x64__rz1tebttyb220 [2023-09-29] (Dolby Laboratories)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_149.1.1056.0_x64__v10z8vjag6ke6 [2023-09-15] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-02-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-02-16] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-25] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2338.7.0_x64__cv1g1gvanyjgm [2023-09-29] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{04271989-C4D2-DA76-B51D-07B01A936FE3} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{1248BD21-B584-4EB8-85D0-8EC479CD043B}\Shell\Open\Command -> C:\Program Files (x86)\HiSuite\HiSuite.exe (Huawei Technologies Co., Ltd. -> 华为技术有限公司 版权所有) [File not signed]
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{1248BD21-B584-4EB8-85D0-8EC479CD043B} -> [华为手机助手] => C:\Program Files (x86)\HiSuite [2023-08-04 17:16]
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{608D599A-DCA6-4A7C-BED7-AFCD8465345A}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{64C6EFB9-8F79-4106-B975-067448DC768F}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{E3D57E77-FE71-4D06-BD34-D48820074909}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3239584733-2071816809-1449778513-1001_Classes\CLSID\{F1CBF5EB-347F-4E4C-90AC-E43339FC34EC}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\EdgeUpdate\1.3.173.55\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [Kaspersky Standard 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll [2023-11-07] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Standard 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll [2023-11-07] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [Kaspersky Standard 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll [2023-11-07] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Kaspersky Standard 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll [2023-11-07] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
0000-00-00 00:00 - 0000-00-00 00:00 - 000000000 _____ () <==== ATTENTION [zero byte File/Folder] \\?\C:\Users\hp\AppData\Roaming\Java\jre8\bin\java.exe:jll
2021-02-25 07:25 - 2021-02-25 07:25 - 003675632 _____ (Adobe Systems, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\amtlib.dll
2017-02-13 14:54 - 2017-02-13 14:54 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-09-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 21:46 - 2017-09-29 21:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3239584733-2071816809-1449778513-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 172.16.4.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
HKU\S-1-5-21-3239584733-2071816809-1449778513-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8230D309-BC59-4856-B201-8FFA65467846}] => (Allow) C:\Program Files (x86)\360\360DrvMgr\LiveUpdate360.exe => No File
FirewallRules: [{F32D606E-8417-45B3-9809-D5068A523BCE}] => (Allow) C:\Program Files (x86)\360\360DrvMgr\LiveUpdate360.exe => No File
FirewallRules: [{6681F425-D328-4319-B87D-1B7EE62F7E71}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D85537AC-65E0-4125-9988-3FA16E659F46}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{48864C64-CA97-49F7-B8EC-C27E71992C87}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DE417219-55C5-4D8C-A825-59EDB840EAF6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F34AE439-AC1B-4F99-9991-7139D034AA2F}] => (Allow) C:\Users\hp\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{781B50F8-A3A1-4F90-8997-D7A852B917B7}] => (Allow) C:\Users\hp\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{9C4DA39B-23BC-4FA1-AB1D-918A153446D7}] => (Allow) C:\Users\hp\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{B0A2E98B-268C-4DB1-B707-7674E80F5A8E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{584ED1DA-F5F9-42F1-98B3-3051FD1DC35F}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{33F7AA2F-30DB-4C86-8884-1B48AE83B3A3}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\EWSProxy.exe (HP Inc. -> HP Inc.)
FirewallRules: [{FCFBA671-D1DA-46A5-A890-2BE5B8A7568D}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{3B6100E1-16C7-4568-9DC2-80B2A5C9D135}] => (Allow) LPort=5357
FirewallRules: [{BEF4C5C3-AB0F-442E-91B0-BD70F4E09E08}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{CD97F378-5A5B-459D-9DE5-EE266F63D2FC}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\DigitalWizards.exe (HP Inc. -> HP Inc.)
FirewallRules: [{BB9E33A3-8CE1-415B-A1B5-B68CA9DD9A62}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\FaxPrinterUtility.exe (HP Inc. -> HP Inc.)
FirewallRules: [{7897966D-2AD4-4F16-9A20-CAF0C71A0830}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\USBSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{EFE4041F-4531-4E15-99EC-B475A5912A03}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{DCB96316-CC65-4EE3-BC35-F6FE00A63CDD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B94963BF-2039-4D72-8CE9-E9F4C831D1DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E7E118CD-C18F-4099-B0CA-139D69190842}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{952DF130-FE6F-4EF6-ABDD-AF423F6E1A68}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2CAF31A5-9247-47FF-BE88-401514CD3E20}] => (Allow) C:\Users\hp\Pictures\HmGjW1GvjQREnW2sTwfGl4Wr.exe => No File
FirewallRules: [{6CA896C2-54E8-4ABD-8F19-CA7AF5EB9447}] => (Allow) C:\Users\hp\Pictures\HmGjW1GvjQREnW2sTwfGl4Wr.exe => No File
FirewallRules: [{A8329122-2D96-4589-892E-EB3C158770B9}] => (Allow) C:\Users\hp\Pictures\YpS3z7CWfY9kciwQANcmSP4r.exe => No File
FirewallRules: [{21A4D477-5751-493D-B3EA-554F75196F23}] => (Allow) C:\Users\hp\Pictures\YpS3z7CWfY9kciwQANcmSP4r.exe => No File
FirewallRules: [{37FBFF91-9EBC-4055-A860-E9EB751B7551}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:62.26 GB) (Free:11.8 GB) (19%)
==================== Faulty Device Manager Devices ============
Name: SCSI Scanner Device
Description: SCSI Scanner Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: scsiscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/29/2023 06:59:04 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004E016
Partial Pkey=J4YRC
ACID=?
Detailed Error[?]
Error: (11/13/2023 06:39:49 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004E016
Partial Pkey=J4YRC
ACID=?
Detailed Error[?]
Error: (11/13/2023 06:38:20 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004E016
Partial Pkey=J4YRC
ACID=?
Detailed Error[?]
Error: (11/13/2023 06:35:26 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004E016
Partial Pkey=J4YRC
ACID=?
Detailed Error[?]
Error: (11/13/2023 06:35:01 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004E016
Partial Pkey=J4YRC
ACID=?
Detailed Error[?]
Error: (11/13/2023 06:27:54 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (11/13/2023 06:27:41 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (11/13/2023 04:02:33 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007267C
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
System errors:
=============
Error: (11/07/2023 02:59:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Software Protection service failed to start due to the following error:
Access is denied.
Error: (11/07/2023 02:59:13 PM) (Source: DCOM) (EventID: 10001) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800} as NT Authority/NetworkService. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}
Error: (11/07/2023 02:59:13 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
Error: (11/07/2023 02:59:13 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
Error: (11/07/2023 02:59:13 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
Error: (11/07/2023 02:59:13 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
Error: (11/07/2023 02:59:13 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
Error: (11/07/2023 02:59:13 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
Windows Defender:
================
Date: 2023-10-02 14:09:04
Description:
Microsoft Defender 防病毒 检测到恶意软件或其他可能不需要的软件。
有关详细信息,请参阅以下内容:
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0
名称: VirTool:Win32/DefenderTamperingRestore
严重性: 严重
类别: 工具
路径: regkeyvalue:_hklm\software\policies\microsoft\windows defender\real-time protection\\DisableBehaviorMonitoring
检测起源: 未知
检测类型: 实际
检测源: 系统
用户: NT AUTHORITY\SYSTEM
进程名称: Unknown
安全智能版本: AV: 1.397.1927.0, AS: 1.397.1927.0, NIS: 0.0.0.0
引擎版本: AM: 1.1.23080.2005, NIS: 0.0.0.0
Date: 2023-09-29 21:22:06
Description:
在完成前停止了 Microsoft Defender 防病毒 扫描。
扫描 ID: {494CBF3F-61BA-4DBF-995C-4C67DD4783E8}
扫描类型: 反恶意软件
扫描参数: 快速扫描
用户: NT AUTHORITY\SYSTEM
Date: 2023-09-29 20:33:16
Description:
在完成前停止了 Microsoft Defender 防病毒 扫描。
扫描 ID: {0E3F4012-36C9-4335-BE7D-8A2F8D01ED83}
扫描类型: 反恶意软件
扫描参数: 快速扫描
用户: NT AUTHORITY\SYSTEM
Date: 2023-09-26 22:41:41
Description:
在完成前停止了 Microsoft Defender 防病毒 扫描。
扫描 ID: {F3291228-5DAF-4754-8A77-2946E003F033}
扫描类型: 反恶意软件
扫描参数: 快速扫描
用户: NT AUTHORITY\SYSTEM
Date: 2023-09-26 22:26:30
Description:
在完成前停止了 Microsoft Defender 防病毒 扫描。
扫描 ID: {0B5421A4-1252-4ADB-9A19-B0E5543E11BE}
扫描类型: 反恶意软件
扫描参数: 快速扫描
用户: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-09-09 17:08:09
Description:
Microsoft Defender 防病毒 尝试更新安全智能时遇到错误。
新安全智能版本:
以前的安全智能版本: 1.397.566.0
更新源: Microsoft 更新服务器
安全智能类型: 防病毒
更新类型: 完全
用户: NT AUTHORITY\SYSTEM
当前引擎版本:
上一个引擎版本: 1.1.23080.2005
错误代码: 0x80072ee2
错误说明: 操作超时
Date: 2023-09-09 16:49:22
Description:
Microsoft Defender 防病毒 尝试更新安全智能时遇到错误。
新安全智能版本:
以前的安全智能版本: 1.397.566.0
更新源: Microsoft 更新服务器
安全智能类型: 防病毒
更新类型: 完全
用户: NT AUTHORITY\SYSTEM
当前引擎版本:
上一个引擎版本: 1.1.23080.2005
错误代码: 0x80072ee2
错误说明: 操作超时
Date: 2023-09-09 16:08:45
Description:
Microsoft Defender 防病毒 尝试更新安全智能时遇到错误。
新安全智能版本:
以前的安全智能版本: 1.397.566.0
更新源: Microsoft 更新服务器
安全智能类型: 防病毒
更新类型: 完全
用户: NT AUTHORITY\SYSTEM
当前引擎版本:
上一个引擎版本: 1.1.23080.2005
错误代码: 0x80072ee2
错误说明: 操作超时
Date: 2023-09-09 04:34:39
Description:
Microsoft Defender 防病毒 尝试更新安全智能时遇到错误。
新安全智能版本:
以前的安全智能版本: 1.397.566.0
更新源: Microsoft 更新服务器
安全智能类型: 防病毒
更新类型: 完全
用户: NT AUTHORITY\SYSTEM
当前引擎版本:
上一个引擎版本: 1.1.23080.2005
错误代码: 0x80072ee2
错误说明: 操作超时
Date: 2023-09-09 03:50:52
Description:
Microsoft Defender 防病毒 尝试更新安全智能时遇到错误。
新安全智能版本:
以前的安全智能版本: 1.397.566.0
更新源: Microsoft 更新服务器
安全智能类型: 防病毒
更新类型: 完全
用户: NT AUTHORITY\SYSTEM
当前引擎版本:
上一个引擎版本: 1.1.23080.2005
错误代码: 0x80072ee2
错误说明: 操作超时
CodeIntegrity:
===============
Date: 2023-11-29 22:09:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\com_antivirus.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Hewlett-Packard L71 Ver. 01.11 04/29/2014
Motherboard: Hewlett-Packard 1991
Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 87%
Total physical RAM: 4009.11 MB
Available physical RAM: 506.12 MB
Total Virtual: 7803.41 MB
Available Virtual: 867.11 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:62.26 GB) (Free:11.8 GB) (Model: Netac SSD 120GB) NTFS
Drive d: () (Fixed) (Total:48.31 GB) (Free:44.5 GB) (Model: Netac SSD 120GB) NTFS
\\?\Volume{d5a99103-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{d5a99103-0000-0000-0000-50b30f000000}\ () (Fixed) (Total:0.67 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: D5A99103)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=62.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=691 MB) - (Type=27)
Partition 4: (Not Active) - (Size=48.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================