Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2017 01 Ran by Administrator (28-09-2017 08:13:37) Running from C:\Users\administrator.BOULET\Desktop Windows Server 2008 R2 Standard Service Pack 1 (X64) (2010-08-24 19:55:51) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1743471048-158811899-3428450236-500 - Administrator - Enabled) => C:\Users\Administrator Guest (S-1-5-21-1743471048-158811899-3428450236-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (HKLM\...\{30689060-43BD-46E9-8A54-E6CDB18AAB88}) (Version: 20.2.1 - HP Inc.) Hidden Adobe Customization Wizard 9 (HKLM-x32\...\{AC76BA86-1033-0000-0000-000000000004}) (Version: 9.0.0 - Adobe Systems, Inc.) Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated) Adobe Reader 64-bit fixes (HKLM\...\{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1) (Version: - Leo Davidson / Pretentious Name) Adobe Reader X (10.1.16) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-606344767-3282361405-600652822-500\...\Akamai) (Version: - Akamai Technologies, Inc) Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Autodesk DWG TrueView 2018 - Français (French) (HKLM\...\DWG TrueView 2018 - Français (French)) (Version: 22.0.50.0 - Autodesk) Bitdefender Endpoint Security Tools (HKLM\...\Endpoint Security) (Version: 6.2.25.944 - Bitdefender) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) BringMeSports Internet Explorer Homepage and New Tab (HKU\S-1-5-21-606344767-3282361405-600652822-1121\...\BringMeSportsTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION Bullzip PDF Printer 7.1.0.1218 (HKLM\...\Bullzip PDF Printer_is1) (Version: 7.1.0.1218 - Bullzip) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.41.3.0173 - DT Soft Ltd) DWG TrueView 2018 - Français (French) (HKLM\...\{28B89EEF-1028-040C-0100-CF3F3A09B77D}) (Version: 22.0.50.0 - Autodesk) Hidden EPSON WF-100 Series Printer Uninstall (HKLM\...\EPSON WF-100 Series) (Version: - SEIKO EPSON Corporation) Evernote Sticky Notes (HKLM-x32\...\{4FC3ACD7-105C-42E2-9A48-4FFF58C76D19}) (Version: 1.5.9 - Evernote Sticky Notes) FileMaker Pro 5.5 (HKLM-x32\...\{4A425F14-0561-11D4-9027-0060089CDAE1}) (Version: 5.5.1.0 - FileMaker, Inc.) FileOpen Client (x64) B945 (HKLM\...\{739832CC-EAFB-4E1D-A306-CE21B836AC6F}) (Version: 3.0.105.945 - FileOpen Systems, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden GPL Ghostscript Lite 8.70 (HKLM-x32\...\GPL Ghostscript Lite_is1) (Version: - ) hppLaserJetService (HKLM-x32\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden hppP1100P1560P1600SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden hppusgP1100P1560P1600Series (HKLM-x32\...\{853F464A-B2B8-404E-BA3E-B98FF6862C41}) (Version: 1.0.0.1 - Hewlett-Packard) Hidden MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation) Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft) Microsoft Office Professionnel Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual FoxPro 7.0 Professional - English (HKLM-x32\...\Visual FoxPro 7.0 Professional - English) (Version: - Microsoft) Microsoft Visual FoxPro 9.0 Professional - English (HKLM-x32\...\Visual FoxPro 9.0 Professional - English) (Version: - Microsoft) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation) TelevisionFanatic Internet Explorer Homepage and New Tab (HKU\S-1-5-21-606344767-3282361405-600652822-1121\...\TelevisionFanaticTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION VMware Tools (HKLM\...\{2CC6DDCE-708B-416C-8DA6-D1862544668D}) (Version: 9.4.15.2827462 - VMware, Inc.) VMware vSphere Client 4.0 (HKLM-x32\...\{C40698F9-A861-4531-9F8C-FA7F8961375B}) (Version: 4.0.0.15751 - VMware, Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1115_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2012 - French\dwgviewrficn.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1115_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2012 - French\dwgviewr.exe => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1121_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - Français (French)\fr-FR\dwgviewrficn.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1121_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - Français (French)\dwgviewr.exe => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1174_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - Français (French)\fr-FR\dwgviewrficn.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1174_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - Français (French)\dwgviewr.exe => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1174_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2012 - French\dwgviewr.exe => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1185_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - Français (French)\fr-FR\dwgviewrficn.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1185_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\melodie\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1185_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - Français (French)\dwgviewr.exe => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1185_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\melodie\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1185_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2012 - French\dwgviewr.exe => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1185_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\melodie\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1215_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2012 - French\dwgviewrficn.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1215_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2012 - French\dwgviewr.exe => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1218_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Alexandra\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1218_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Alexandra\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1218_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2012 - French\dwgviewrficn.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1218_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Alexandra\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1218_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Alexandra\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1218_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Alexandra\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1218_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Alexandra\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1218_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Alexandra\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1218_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Alexandra\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1218_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Alexandra\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1218_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Alexandra\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1218_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Alexandra\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1218_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2012 - French\dwgviewr.exe => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1218_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Alexandra\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1218_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Alexandra\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1614_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - Français (French)\fr-FR\dwgviewrficn.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1614_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - Français (French)\dwgviewr.exe => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1621_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\JulieD\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1621_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - Français (French)\fr-FR\dwgviewrficn.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1621_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\JulieD\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1621_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - Français (French)\dwgviewr.exe => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1621_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\JulieD\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1621_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\JulieD\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1621_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\JulieD\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1621_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\JulieD\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1621_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\JulieD\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1634_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - Français (French)\fr-FR\dwgviewrficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1634_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - Français (French)\dwgviewr.exe => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-1634_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - Français (French)\dwgviewr.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-500_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-500_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - Français (French)\fr-FR\dwgviewrficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-500_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - Français (French)\dwgviewr.exe => No File CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-500_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - Français (French)\dwgviewr.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-500_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-500_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-500_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-500_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-500_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-500_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-500_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-606344767-3282361405-600652822-500_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-08-18] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-08-18] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-08-18] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-08-18] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-08-18] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-08-18] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-08-18] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-08-18] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-15] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ID de superposition d'icônes des signatures numériques AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-15] (Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-08-18] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-08-18] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-08-18] (Dropbox, Inc.) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-15] (Autodesk) ContextMenuHandlers1_S-1-5-21-606344767-3282361405-600652822-500: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-08-18] (Dropbox, Inc.) ContextMenuHandlers4_S-1-5-21-606344767-3282361405-600652822-500: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-08-18] (Dropbox, Inc.) ContextMenuHandlers5_S-1-5-21-606344767-3282361405-600652822-500: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-08-18] (Dropbox, Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {17D8E0F8-D5B8-451E-A4D2-DC633665F3FA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-606344767-3282361405-600652822-1185UA => C:\Users\melodie\AppData\Local\Google\Update\GoogleUpdate.exe [2016-04-26] (Google Inc.) Task: {277621DE-8A90-4605-835B-15BC9845999D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {2C6F45C4-3BF2-4B5F-A994-F9EC3F6E9E48} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-11] (Google Inc.) Task: {327149EF-6279-4428-B008-B012CAE4810B} - System32\Tasks\Reboot => C:\redemarrage.bat [2011-05-09] () <==== ATTENTION Task: {34CABD8E-E626-4DAF-B7FD-9CA52F6D42F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-11] (Google Inc.) Task: {54C6ADDA-C359-4E4C-9482-94F79E3BC02B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated) Task: {5D11D70C-E72C-4071-B014-104765EAF8F0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-606344767-3282361405-600652822-1622Core => C:\Users\STEPHANIEG\AppData\Local\Google\Update\GoogleUpdate.exe [2015-04-01] (Google Inc.) Task: {5E9EE1FF-1CE2-4105-A848-3014570BC075} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-606344767-3282361405-600652822-1218Core => C:\Users\Alexandra\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {62B7F54B-B44E-490A-9146-172A96CA0F9D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-606344767-3282361405-600652822-1118Core => C:\Users\richard\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-11] (Google Inc.) Task: {63EE8552-A444-4BA2-8E1E-C8350D6D412A} - System32\Tasks\Microsoft\Windows\Server Manager\ServerManager => C:\Windows\system32\ServerManagerLauncher.exe [2009-07-13] (Microsoft Corporation) Task: {6764C258-DD9C-4392-AFCC-07A7192D9A61} - System32\Tasks\Microsoft\Windows\termsrv\licensing\TlsWarning => C:\Windows\system32\tlsbln.exe [2010-11-20] (Microsoft Corporation) Task: {69110D7B-41DC-4E9D-BDD3-C826C7DB613B} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Server\ServerRoleUsageCollector => C:\Windows\system32\ceipdata.exe [2010-11-20] (Microsoft Corporation) Task: {6B548DA6-A1A8-4DB1-93AC-BECB6648688E} - System32\Tasks\G2MUpdateTask-S-1-5-21-606344767-3282361405-600652822-1195 => C:\Users\pvanier.BOULET.000\AppData\Local\GoToMeeting\7713\g2mupdate.exe [2017-09-27] (LogMeIn, Inc.) Task: {70B926F1-211C-48BB-9F1F-E5EFC2C1066E} - System32\Tasks\{FFC2EA4C-8EC5-4B22-86E0-10FEB52A0C71} => C:\Users\administrator.BOULET\Desktop\Exchange\setup.exe Task: {90BE0EA1-380B-4B4B-9648-F005C88AFD05} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-606344767-3282361405-600652822-1118UA => C:\Users\richard\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-11] (Google Inc.) Task: {91620972-14F7-4A4B-B526-2A4A592E570F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) Task: {96B58609-EC63-49EB-85BC-EBB49B811069} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-606344767-3282361405-600652822-1622UA => C:\Users\STEPHANIEG\AppData\Local\Google\Update\GoogleUpdate.exe [2015-04-01] (Google Inc.) Task: {9EEB4DE3-C3D7-4627-99BD-634253B87368} - System32\Tasks\G2MUploadTask-S-1-5-21-606344767-3282361405-600652822-1195 => C:\Users\pvanier.BOULET.000\AppData\Local\GoToMeeting\7713\g2mupload.exe [2017-09-27] (LogMeIn, Inc.) Task: {9EFF0788-3262-4BC1-BB60-1C2588A44279} - System32\Tasks\G2MUpdateTask-S-1-5-21-606344767-3282361405-600652822-1128 => C:\Users\gabrielle\AppData\Local\GoToMeeting\7713\g2mupdate.exe [2017-09-27] (LogMeIn, Inc.) Task: {A86ED961-E8EA-42B4-8155-8A77F52FB977} - System32\Tasks\G2MUploadTask-S-1-5-21-606344767-3282361405-600652822-1128 => C:\Users\gabrielle\AppData\Local\GoToMeeting\7713\g2mupload.exe [2017-09-27] (LogMeIn, Inc.) Task: {AA9EB670-50B0-4737-9A69-D33B5A518EBC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-606344767-3282361405-600652822-1185Core => C:\Users\melodie\AppData\Local\Google\Update\GoogleUpdate.exe [2016-04-26] (Google Inc.) Task: {AB99AE1B-F693-4FE0-A0F2-4AE12AD2D780} - System32\Tasks\{32E9746C-9516-4D67-A9F2-512F86654D3A} => msiexec.exe /package "C:\Users\administrator.BOULET\Desktop\Exchange\exchangeserver.msi" Task: {AFECE848-8DA2-461B-B5E6-CBEF57A4DF7D} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Server\ServerRoleCollector => C:\Windows\system32\ceiprole.exe [2010-11-20] (Microsoft Corporation) Task: {D49A10DA-0F70-4779-BD96-B2D976A4F2E3} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Server\ServerCeipAssistant => C:\Windows\system32\ceipdata.exe [2010-11-20] (Microsoft Corporation) Task: {ECD89337-FA9C-4EEA-9125-B0EB1F002C16} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-606344767-3282361405-600652822-1218UA => C:\Users\Alexandra\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {F2557D41-C2BE-4C91-A2C8-0D1BCDEB5FD9} - System32\Tasks\{2E438B94-F670-47A0-A636-2F1D8245F075} => msiexec.exe /package "C:\Users\administrator.BOULET\Desktop\Exchange\exchangeserver.msi" (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-606344767-3282361405-600652822-1128.job => C:\Users\gabrielle\AppData\Local\GoToMeeting\7713\g2mupdate.exe Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-606344767-3282361405-600652822-1195.job => C:\Users\pvanier.BOULET.000\AppData\Local\GoToMeeting\7713\g2mupdate.exe C:\Users\pvanier.BOU Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-606344767-3282361405-600652822-1128.job => C:\Users\gabrielle\AppData\Local\GoToMeeting\7713\g2mupload.exe Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-606344767-3282361405-600652822-1195.job => C:\Users\pvanier.BOULET.000\AppData\Local\GoToMeeting\7713\g2mupload.exe C:\Users\pvanier.BOU Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-606344767-3282361405-600652822-1118Core.job => C:\Users\richard\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-606344767-3282361405-600652822-1118UA.job => C:\Users\richard\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-606344767-3282361405-600652822-1185Core.job => C:\Users\melodie\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-606344767-3282361405-600652822-1185UA.job => C:\Users\melodie\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-606344767-3282361405-600652822-1218Core.job => C:\Users\Alexandra\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-606344767-3282361405-600652822-1218UA.job => C:\Users\Alexandra\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-606344767-3282361405-600652822-1622Core.job => C:\Users\STEPHANIEG\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-606344767-3282361405-600652822-1622UA.job => C:\Users\STEPHANIEG\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2013-03-22 16:27 - 2012-08-21 16:07 - 000288768 _____ () C:\Windows\System32\HP1100LM.DLL 2013-03-22 16:27 - 2012-08-21 16:07 - 000074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL 2013-03-22 16:27 - 2012-08-31 19:02 - 001038336 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HP1100GC.DLL 2013-03-22 16:27 - 2012-08-31 19:03 - 000373760 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HP1100SD.DLL 2013-03-22 16:27 - 2012-08-31 19:03 - 003034112 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\hp1100su.dll 2016-08-22 10:15 - 2016-09-27 05:33 - 000280576 _____ () C:\Program Files\Bitdefender\Endpoint Security\txmlutil.dll 2016-08-22 10:46 - 2017-07-04 01:02 - 000279608 _____ () C:\Program Files\Bitdefender\Endpoint Security\zlib.dll 2011-03-17 00:07 - 2011-03-17 00:07 - 004297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2011-03-24 09:47 - 2011-03-24 10:23 - 000040193 ____N () F:\Apps\vfp70\Services\launcher.exe 2011-03-17 00:11 - 2011-03-17 00:11 - 004297568 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf 2010-12-21 01:15 - 2010-12-21 01:15 - 001041248 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll 2009-08-04 17:23 - 2009-08-04 17:23 - 000063032 _____ () C:\Program Files (x86)\HP\HP UT LEDM\bin\HPTools.dll 2009-08-04 17:23 - 2009-08-04 17:23 - 000075320 _____ () C:\Program Files (x86)\HP\HP UT LEDM\bin\HPToolkit.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\administrator.BOULET\Desktop\FRST64.exe:BDU [0] AlternateDataStreams: C:\Users\administrator.BOULET\Downloads\CKScanner.exe:BDU [0] AlternateDataStreams: C:\Users\administrator.BOULET\Downloads\DWGTrueView_2018_FRA_64bit.sfx.exe:BDU [0] AlternateDataStreams: C:\Users\administrator.BOULET\Downloads\winchk_2.0.exe:BDU [0] AlternateDataStreams: C:\Users\administrator.BOULET\Downloads\ZHPDiag3.exe:BDU [0] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKU\S-1-5-21-606344767-3282361405-600652822-1115\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1" HKU\S-1-5-21-606344767-3282361405-600652822-1121\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1" HKU\S-1-5-21-606344767-3282361405-600652822-1174\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1" HKU\S-1-5-21-606344767-3282361405-600652822-1185\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1" HKU\S-1-5-21-606344767-3282361405-600652822-1215\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1" HKU\S-1-5-21-606344767-3282361405-600652822-1218\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1" HKU\S-1-5-21-606344767-3282361405-600652822-1614\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1" HKU\S-1-5-21-606344767-3282361405-600652822-1621\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1" HKU\S-1-5-21-606344767-3282361405-600652822-1634\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1" HKU\S-1-5-21-606344767-3282361405-600652822-500\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-1114\...\microsoft.com -> fullproduct.download.microsoft.com IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-1115\...\microsoft.com -> fullproduct.download.microsoft.com IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-1121\...\microsoft.com -> fullproduct.download.microsoft.com IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-1174\...\microsoft.com -> fullproduct.download.microsoft.com IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-1185\...\microsoft.com -> fullproduct.download.microsoft.com IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-1215\...\microsoft.com -> fullproduct.download.microsoft.com IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-1218\...\microsoft.com -> fullproduct.download.microsoft.com IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-1614\...\microsoft.com -> fullproduct.download.microsoft.com IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-1621\...\microsoft.com -> fullproduct.download.microsoft.com IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-1634\...\microsoft.com -> fullproduct.download.microsoft.com IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-1655\...\microsoft.com -> fullproduct.download.microsoft.com IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-1662\...\microsoft.com -> fullproduct.download.microsoft.com IE trusted site: HKU\S-1-5-21-606344767-3282361405-600652822-500\...\microsoft.com -> fullproduct.download.microsoft.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2009-06-10 17:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-606344767-3282361405-600652822-1114\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-606344767-3282361405-600652822-1121\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-606344767-3282361405-600652822-1185\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-606344767-3282361405-600652822-1215\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-606344767-3282361405-600652822-1218\Control Panel\Desktop\\Wallpaper -> C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-606344767-3282361405-600652822-1621\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-606344767-3282361405-600652822-1634\Control Panel\Desktop\\Wallpaper -> C:\Users\Taher.BOULET\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-606344767-3282361405-600652822-1655\Control Panel\Desktop\\Wallpaper -> C:\Users\Philippes\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-606344767-3282361405-600652822-1662\Control Panel\Desktop\\Wallpaper -> C:\Users\Francoisp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-606344767-3282361405-600652822-500\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.0.240 - 192.168.0.250 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupreg: VMware Tools => "C:\Program Files\VMware\VMware Tools\VMwareTray.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SCW-Allow-Inbound-Access-To-ScsHost-TCP-RPC] => (Allow) %systemroot%\system32\scshost.exe FirewallRules: [SCW-Allow-Inbound-Access-To-ScsHost-TCP-RPC-EndPointMapper] => (Allow) %systemroot%\system32\scshost.exe FirewallRules: [ComPlusRemoteAdministration-DCOM-In] => (Allow) %systemroot%\system32\dllhost.exe FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [DfsMgmt-In-TCP] => (Allow) %systemroot%\system32\dfsfrsHost.exe FirewallRules: [{B66B7004-5BB3-46E0-997F-E8FE47ADD8D4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{7F86283F-373E-4190-98B4-1DDB80A8F16D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{C03CE7CE-715E-42C5-BA85-381124E28B79}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{7BD58ADB-9119-4823-B1FD-FBEF73F1996C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{A1B69DB3-AC49-491E-A91C-38E449DE91E0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{D761D2FE-B046-40BA-945E-6A169AC56A98}] => (Allow) C:\Users\pierre\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{D41CA623-9355-4B22-86A7-346806022952}] => (Allow) C:\Users\pierre\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{58415FD5-2B20-4E5A-BF05-1C37014F5940}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe FirewallRules: [{EBEF534C-A5B9-4619-84DC-3F13C2FE7D26}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe FirewallRules: [{B85166B9-CC2C-453C-BC87-5BE6F6DEBE20}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE FirewallRules: [{76A1BFEA-B4AE-488D-970D-A47D4500E95D}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE FirewallRules: [{0976CED6-E294-412F-B7C4-8466D80CFD20}] => (Allow) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe FirewallRules: [{EF0F74F0-40CA-4CF1-8056-CFFC0021580E}] => (Allow) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe FirewallRules: [{3CB13079-37EE-4E2E-9A95-28700E97E6A2}] => (Allow) C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{2C6EBBBE-B75B-4FCA-9401-D7855CF338FF}] => (Allow) C:\Users\ALEXIS\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [FSRM-SrmReports-In (RPC)] => (Allow) %systemroot%\system32\srmhost.exe FirewallRules: [{A3B06222-1832-4073-A6AA-3F2F1C05A5CB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{AA9AD2DC-8FEF-4238-80CF-B3705D884063}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{6BFE4701-333A-4BB5-B421-B9FDB7ED849A}] => (Allow) LPort=63844 FirewallRules: [{3DC35521-01D1-4D34-899C-20D3BCF8F81F}] => (Allow) LPort=5000 ==================== Restore Points ========================= ATTENTION: System Restore is disabled Check "winmgmt" service or repair WMI. ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (09/27/2017 09:23:58 PM) (Source: Microsoft Office 14) (EventID: 2000) (User: ) Description: Microsoft Outlook: Accepted Safe Mode action : Échec lors du dernier démarrage de Outlook. Le redémarrer en mode sans échec vous permettra de corriger ou d'isoler ce problème afin de pouvoir démarrer le programme correctement. Certaines fonctionnalités seront peut-être désactivées sous ce mode. Souhaitez-vous démarrer Outlook en mode sans échec ?. Accepted Safe Mode action : Microsoft Outlook. Error: (09/27/2017 01:10:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: launcher.exe_unknown, version: 0.0.0.0, time stamp: 0x47139f24 Faulting module name: VFP9R.DLL, version: 9.0.0.5815, time stamp: 0x4713a718 Exception code: 0xc0000005 Fault offset: 0x000936d6 Faulting process id: 0x26a0 Faulting application start time: 0x01d3379b8888e1ba Faulting application path: F:\Apps\vfp70\Services\launcher.exe Faulting module path: F:\Apps\vfp70\Services\VFP9R.DLL Report Id: bc7f7296-a3a6-11e7-badd-000c29f08056 Error: (09/27/2017 01:09:53 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program OUTLOOK.EXE version 14.0.6025.1000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 29d8 Start Time: 01d3379aa478e146 Termination Time: 24 Application Path: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE Report Id: a5c7863f-a3a6-11e7-badd-000c29f08056 Error: (09/27/2017 10:33:26 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program launcher.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 20c0 Start Time: 01d3379d398b3817 Termination Time: 7 Application Path: F:\Apps\vfp70\Services\launcher.exe Report Id: Error: (09/27/2017 10:12:43 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program launcher.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 287c Start Time: 01d3378941a242f5 Termination Time: 3 Application Path: F:\Apps\vfp70\Services\launcher.exe Report Id: Error: (09/27/2017 10:11:36 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program launcher.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 19bc Start Time: 01d337865222dfcd Termination Time: 3 Application Path: F:\Apps\vfp70\Services\launcher.exe Report Id: Error: (09/27/2017 10:18:05 AM) (Source: Winlogon) (EventID: 4005) (User: ) Description: The Windows logon process has unexpectedly terminated. Error: (09/27/2017 10:12:07 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program OUTLOOK.EXE version 14.0.6025.1000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 3234 Start Time: 01d33789fa6688c7 Termination Time: 9 Application Path: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE Report Id: d0dccdbf-a38d-11e7-badc-000c29f08056 Error: (09/27/2017 09:43:38 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1504) (User: BOULET) Description: Windows Windows cannot update your roaming profile completely. Check previous events for more details. Error: (09/27/2017 09:42:53 AM) (Source: Application Error) (EventID: 1005) (User: ) Description: Windows cannot access the file for one of the following reasons: there is a problem with the network connection, the disk that the file is stored on, or the storage drivers installed on this computer; or the disk is missing. Windows closed the program vfp9.exe because of this error. Program: vfp9.exe File: The error value is listed in the Additional Data section. User Action 1. Open the file again. This situation might be a temporary problem that corrects itself when the program runs again. 2. If the file still cannot be accessed and - It is on the network, your network administrator should verify that there is not a problem with the network and that the server can be contacted. - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file from a backup copy. 5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for further assistance. Additional Data Error value: C00000BE Disk type: 0 System errors: ============= Error: (09/28/2017 08:05:00 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 1203. Error: (09/28/2017 08:05:00 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 1203. Error: (09/28/2017 06:48:30 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (09/28/2017 06:48:30 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 70. Error: (09/28/2017 06:48:29 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 70. Error: (09/28/2017 04:00:36 AM) (Source: TermDD) (EventID: 56) (User: ) Description: The Terminal Server security layer detected an error in the protocol stream and has disconnected the client. Client IP: 91.200.12.124. Error: (09/28/2017 04:00:36 AM) (Source: TermDD) (EventID: 56) (User: ) Description: The Terminal Server security layer detected an error in the protocol stream and has disconnected the client. Client IP: 91.200.12.124. Error: (09/28/2017 03:53:46 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 1203. Error: (09/28/2017 03:53:46 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 1203. Error: (09/28/2017 03:22:01 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 1203. CodeIntegrity: =================================== Date: 2017-09-28 08:03:59.411 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2017-09-28 07:52:46.955 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2017-09-28 07:38:34.368 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2017-09-28 07:22:58.166 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2017-09-28 07:10:25.041 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2017-09-28 06:59:46.357 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2017-09-28 05:36:05.768 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2017-09-28 01:34:37.493 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2017-09-28 01:29:30.567 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2017-09-27 22:51:17.834 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Xeon(R) CPU E5520 @ 2.27GHz Percentage of memory in use: 42% Total physical RAM: 12287.55 MB Available physical RAM: 7055.83 MB Total Virtual: 18427.75 MB Available Virtual: 13332.63 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:119.9 GB) (Free:9.93 GB) NTFS Drive f: () (Network) (Total:179.9 GB) (Free:10.94 GB) NTFS Drive p: () (Network) (Total:179.9 GB) (Free:10.94 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 120 GB) (Disk ID: AD422C18) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=119.9 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================