Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.10.2018 Ran by owner (09-10-2018 11:08:46) Running from C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Protection Windows 10 Pro Version 1809 17763.1 (X64) (2018-10-03 04:02:42) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1112066077-4254746724-1257480092-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1112066077-4254746724-1257480092-503 - Limited - Disabled) Guest (S-1-5-21-1112066077-4254746724-1257480092-501 - Limited - Disabled) owner (S-1-5-21-1112066077-4254746724-1257480092-1001 - Administrator - Enabled) => C:\Users\owner WDAGUtilityAccount (S-1-5-21-1112066077-4254746724-1257480092-504 - Limited - Disabled) ___VMware_Conv_SA___ (S-1-5-21-1112066077-4254746724-1257480092-1015 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) . . (HKLM\...\{569F29BA-2D46-439B-8B7C-01D999B9201D}) (Version: 7.1 - Intel) Hidden . . (HKLM\...\{5F4E8D94-3947-4019-9239-D2541C9A35F2}) (Version: 7.1 - Intel) Hidden . . . (HKLM-x32\...\{7A5E4942-A527-42E6-A5FC-95109B756CA8}) (Version: 3.5.1.7 - Intel) Hidden 3RVX (HKLM-x32\...\{400A8514-5440-410A-B318-44061BD7EE8E}) (Version: 2.9.2.0 - Matthew Malensek) 7+ Taskbar Tweaker v5.5.0.4 (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\7 Taskbar Tweaker) (Version: 5.5.0.4 - RaMMicHaeL) Ableton Live 10 Suite (HKLM\...\{268E343A-9E5B-4992-9C46-9A387390A2D9}) (Version: 10.0.0.0 - Ableton) Acronis True Image (HKLM-x32\...\{62528BBA-21CF-4023-84EC-BB529662D496}) (Version: 23.3.14110 - Acronis) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.008.20074 - Adobe Systems Incorporated) Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_1_2) (Version: 15.1.2 - Adobe Systems Incorporated) Adobe Audition CC 2018 (HKLM-x32\...\AUDT_11_1_1) (Version: 11.1.1 - Adobe Systems Incorporated) Adobe Bridge CC 2018 (HKLM-x32\...\KBRG_8_1) (Version: 8.1 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated) Adobe Dreamweaver CC 2018 (HKLM-x32\...\DRWV_18_2) (Version: 18.2 - Adobe Systems Incorporated) Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated) Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated) Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated) Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_1) (Version: 22.1 - Adobe Systems Incorporated) Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_5) (Version: 7.5 - Adobe Systems Incorporated) Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated) Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_6) (Version: 19.1.6 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated) Advanced Date Time Calculator 9.0 (HKLM-x32\...\Advanced Date Time Calculator_is1) (Version: - TriSun Software Limited) AHD Subtitles Maker Pro version 5.19.239 (HKLM-x32\...\{CA69934C-EACB-4B41-A5F6-7F2A2873987E}_is1) (Version: 5.19.239 - AHD, Inc.) AIDA64 Engineer v5.98 (HKLM-x32\...\AIDA64 Engineer_is1) (Version: 5.98 - FinalWire Ltd.) ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.100.303.238 - ALPS ELECTRIC CO., LTD.) Alternate DLL Analyzer 1.580 (HKLM-x32\...\Alternate DLL Analyzer_is1) (Version: - Alternate Tools) Alternate FontSizer 1.080 (HKLM-x32\...\Alternate FontSizer_is1) (Version: - Alternate Tools) Amazon Kindle (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon) AniView version 1.5 (HKLM-x32\...\{A85F328E-E719-4747-B5E5-D91912911521}_is1) (Version: 1.5 - CodeDead) Anki (HKLM-x32\...\Anki) (Version: - ) AnmanieSMP 2.4 i (HKLM-x32\...\AnmanieSMP_is1) (Version: - Christoph Walter) Ant Renamer (HKLM-x32\...\Ant Renamer 2_is1) (Version: 2.12.0 - Ant Software) AOMEI Partition Assistant Technician Edition 7.2 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-5498165BF3D3}_is1) (Version: - AOMEI Technology Co., Ltd.) Arasan 21.0 (HKLM-x32\...\Arasan_is1) (Version: - ) Argente Utilities (HKLM\...\AUtilities) (Version: 3.1.1.4 - Raúl Argente) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach) AtHome Camera Version 3.4.1 (HKLM-x32\...\{B659A0AE-7339-41DF-A7BA-81EBEBF91321}_is1) (Version: - iChano Inc.) Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team) AudioRetoucher 4.7.5.1 (HKLM-x32\...\AudioRetoucher_is1) (Version: 4.7.5.1 - AbyssMedia.com) Audiority Harmonic Maximizer (HKLM\...\Audiority Harmonic Maximizer_is1) (Version: v1.1.1 - Audiority) AutoHotkey 1.1.30.00 (HKLM\...\AutoHotkey) (Version: 1.1.30.00 - Lexikos) AutoSizer (HKLM-x32\...\AutoSizer) (Version: - ) BetterDesktopTool version 1.94 (HKLM-x32\...\{D51FADF8-48F9-4234-8BB5-9D99A973AC65}_is1) (Version: 1.94 - Florian Schwarz) Birdfont (HKLM-x32\...\Birdfont) (Version: - ) BLACK WHITE projects 5 elements (64-Bit) (HKLM\...\SILVER_PROJECTS_5_2_28B15F1D_is1) (Version: 5.52 - Franzis Verlag GmbH) Bluetooth(R) Link (HKLM\...\{3F3DCC8C-2C93-4082-A6DE-BBDC74804FA0}) (Version: 4.3.03 - Toshiba Corporation) BWMeter (HKLM-x32\...\BWMeter) (Version: 7.7.2 - DeskSoft) Camtasia 9 (HKLM\...\{9A1BFE8E-398E-497D-B3BE-C1D8688010FC}) (Version: 9.1.1.2546 - TechSmith Corporation) Hidden ChessX version 1.4.6 (HKLM-x32\...\{278EF322-A05B-4F81-B23B-F7D8050F6837}_is1) (Version: 1.4.6 - chessx.sourceforge.net) Classic Sticky Notes (HKLM\...\Classic Sticky Notes_is1) (Version: 1.0 - Winaero) Clavier+ 10.8.2 (HKLM\...\Clavier+_is1) (Version: 10.8.2 - Guillaume Ryder) CMEDIA USB2.0 Audio Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392016500}) (Version: 1.00.0003 - C-Media Electronics, Inc.) Complete Internet Repair 5.2.3.3988 (HKLM\...\Complete Internet Repair_is1) (Version: 5.2.3.3988 - Rizonesoft) Crayon Physics Deluxe version 55 (HKLM-x32\...\{4CA1E8E2-B2A9-40C1-8EC4-BBCB23BAAA19}_is1) (Version: 55 - Kloonigames, Ltd) Crescendo Music Notation Editor (HKLM-x32\...\Crescendo) (Version: 3.05 - NCH Software) Cursor Commander (HKLM-x32\...\Cursor Commander) (Version: 1.0 - Winaero.com) CyberLink PowerDVD 18 (HKLM-x32\...\{0F4F617F-E8D5-46A3-A0F9-43855182A3B1}) (Version: 18.0.2202.62 - CyberLink Corp.) DiskFresh 1.1 (HKLM\...\DiskFresh_is1) (Version: - Puran Software) DiskMark 1.0.0.8 (HKLM\...\DiskMark_is1) (Version: 1.0.0.8 - NetworkDLS) Door Control version 4.3 (HKLM-x32\...\{341CFE70-1D51-4898-9779-76DEBEA64EBC}_is1) (Version: 4.3 - Digola) DxO FilmPack 5 (HKLM\...\{90C2DCFD-3DD7-510E-BF53-CB5A1B1D69E1}) (Version: 5.5.578.0 - DxO Labs) DxO PhotoLab (HKLM\...\{248C0BEB-04B4-4E34-87FC-BB86BE63EC2E}) (Version: 1.2.2 - DxO) DxO ViewPoint 3 (HKLM\...\{D2D6C604-9155-5319-8B89-71E4C4E4077B}) (Version: 3.1.259.0 - DxO Labs) Êâåòêà 4.1.1 (HKLM-x32\...\Êâåòêà_is1) (Version: - Áîäÿãèí Äìèòðèé) EaseUS Partition Master 12.10 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS) eBook Converter Bundle version 3.17 (HKLM-x32\...\{74173236-3507-49A7-A0FC-1BDABF0A9338}_is1) (Version: 3.17 - eBook Converter Team) Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2 - ) ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 11.2.49.0 - ESET, spol. s r.o.) EveryonePiano 2.1 (HKLM-x32\...\EveryonePiano_is1) (Version: 2.1.7.13 - EveryonePiano.com) Exact Audio Copy 1.3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.3 - Andre Wiethoff) ExamDiff Pro 10.0 (10.0.1.3, 64-bit) (HKLM\...\ExamDiff Pro 10.0_is1) (Version: 10.0.1.3 - PrestoSoft LLC) ExeIcon (remove only) (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\ExeIcon) (Version: - ) FastStone Image Viewer 6.6 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.6 - FastStone Soft) FastStone MaxView 3.1 (HKLM-x32\...\FastStone MaxView) (Version: 3.1 - FastStone Soft.) FastStone Photo Resizer 3.8 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.8 - FastStone Soft.) FileMarker.NET Pro (GAOTD Edition) (HKLM\...\{A5A0E0B5-578C-43CE-B201-1C01A0388DA9}_is1) (Version: 1.0 - ArcticLine Software) FileMenu Tools 7.5 (HKLM\...\FileMenuTools_is1) (Version: 7.5 - LopeSoft) Find.Same.Images.OK (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Find.Same.Images.OK) (Version: - ) Folder Size Explorer (HKLM-x32\...\{CD453A88-D560-47A2-9D4D-414134F5A73D}) (Version: 2.0.0 - Bazwise) FolderIco 5.1 (HKLM\...\{22C37D82-6137-40BF-8625-7A846ED65F3A}_is1) (Version: - teorex) FontBase 2.6.3 (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\ffc1e284-e25b-515d-b453-93eb9fe955eb) (Version: 2.6.3 - Dominik Levitsky Studio) foobar2000 v1.4 (HKLM-x32\...\foobar2000) (Version: 1.4 - Peter Pawlowski) Free Video Cutter version 1.2.1 (HKLM-x32\...\{B089C7D5-C978-4DB0-AFDE-471A42759CB0}_is1) (Version: 1.2.1 - Free Studio) Futuremark SystemInfo (HKLM-x32\...\{58CCB74E-6E9A-4649-A49D-B4D0A7DF65A5}) (Version: 5.12.686.0 - Futuremark) Geekbench 4 (HKLM-x32\...\Geekbench 4) (Version: - Primate Labs Inc.) GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.33.000 - Runtime Software) Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot) HandBrake 1.1.2 (HKLM-x32\...\HandBrake) (Version: 1.1.2 - ) Hard Disk Sentinel Pro (HKLM-x32\...\Hard Disk Sentinel Pro) (Version: - ) HashTab 6.0.0.34 (HKLM\...\HashTab) (Version: 6.0.0.34 - Implbits Software) High-Logic FontCreator 11.5 (HKLM\...\FontCreator11-x64_is1) (Version: - High-Logic B.V.) HostsMan 4.8.106 (HKLM-x32\...\{1A3DD1A9-7B7B-4ECA-AD2F-98466F49F62C}_is1) (Version: 4.8.106.0 - abelhadigital.com) Icaros 3.1.0 (HKLM\...\Icaros_is1) (Version: 3.1.0.0 - Tabibito Technology) ImDisk Toolkit (HKLM\...\ImDiskApp) (Version: 20180917 - ) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel Extreme Tuning Utility (HKLM-x32\...\{1EB9D639-08BE-4DB1-96EE-C126D8EF402A}) (Version: 6.4.1.19 - Intel Corporation) Hidden Intel Extreme Tuning Utility (HKLM-x32\...\{64432AF2-9AB3-4F5C-8F97-D6D6FCC89C18}) (Version: 6.3.0.54 - Intel Corporation) Hidden Intel Extreme Tuning Utility (HKLM-x32\...\{dde655b5-95f0-42fb-a5ab-608790284acc}) (Version: 6.4.1.19 - Intel Corporation) Intel Processor Diagnostic Tool 64bit (HKLM\...\{32756C77-14FD-46F9-9480-84D77BA4E60D}) (Version: 4.1.0.29 - Intel Corporation) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Intel(R) Network Connections 22.7.18.0 (HKLM\...\PROSetDX) (Version: 22.7.18.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.10.0.1016 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.139.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{fd62de85-bda9-4280-a95b-fa2f86e0dc58}) (Version: 1.48.139.0 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001070-0200-1036-84C8-B8D95FA3C8C3}) (Version: 20.70.1 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{ef2ad7ab-dd41-48ed-ae53-f7fe3cd903d8}) (Version: 3.5.1.7 - Intel) Intel-SA-00075 Detection and Mitigation Tool 1.0.3.215 (HKLM-x32\...\{3C31C05F-0788-400F-A21E-8EC3B52214F2}) (Version: 1.0.3.215 - Intel Corporation) InternetOff 3.0, 32\64 bit edition (HKLM-x32\...\InternetOff_is1) (Version: - Crystal Rich, Ltd) IObit Uninstaller 8 (HKLM-x32\...\IObitUninstall) (Version: 8.1.0.12 - IObit) IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1.2.1 - IObit) IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan) KC Softwares PortExpert (HKLM-x32\...\KC Softwares PortExpert_is1) (Version: 1.7.3.13 - KC Softwares) KC Softwares RAMExpert (HKLM-x32\...\KC Softwares RAMExpert_is1) (Version: 1.10.1.24 - KC Softwares) Kolor Autopano Giga 4.4 (HKLM\...\AutopanoGiga4.4) (Version: V4.4.2 - Kolor) Kyodai Mahjongg 2006 v1.42 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version: - Rene-Gilles Deberdt) LAV Filters 0.72 (HKLM-x32\...\lavfilters_is1) (Version: 0.72 - Hendrik Leppkes) Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.7.1 - Hermann Schinagl) Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden Logitech Options (HKLM\...\LogiOptions) (Version: 6.92.275 - Logitech) LRTimelapse 5.0.8 (HKLM\...\{25499041-D76C-4010-95CD-02374529C59B}}_is1) (Version: 5.0.8 - Gunther Wegner) Macrium Reflect Workstation Edition (HKLM\...\{DC9C1F8D-C2C8-4E01-BDC1-1E16D7095B5E}) (Version: 7.1.3317 - Paramount Software (UK) Ltd.) Hidden Macrium Reflect Workstation Edition (HKLM\...\MacriumReflect) (Version: 7.1 - Paramount Software (UK) Ltd.) MacType (HKLM\...\{E68951B7-9D7A-4727-9203-34909E3358D1}) (Version: 1.17.0628 - FlyingSnow) Hidden MacType (HKLM\...\MacType 1.17.0628) (Version: 1.17.0628 - FlyingSnow) Magic Bullet Suite v13.0.6 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.6 - Red Giant, LLC) MakeMKV v1.12.3 (HKLM-x32\...\MakeMKV) (Version: v1.12.3 - GuinpinSoft inc) Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) MediaInfo 18.08 (HKLM\...\MediaInfo) (Version: 18.08 - MediaArea.net) Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software) Mem Reduct (HKLM-x32\...\memreduct) (Version: 3.3.2 - Henry++) MemInfo (remove only) (HKLM-x32\...\MemInfo) (Version: - ) Microsoft Office Professional Plus 2019 - fr-fr (HKLM\...\Proplus2019Retail - fr-fr) (Version: 16.0.10927.20001 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{C3682243-2218-4F80-A94A-EB0D7B7AF739}) (Version: 11.3.6020.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710F4C1C-CC18-4C49-8CBF-51240C89A1A2}) (Version: - ) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052B-02A4-4627-81F2-1818DA5D550D}) (Version: - ) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{AD8A2FA1-06E7-4B0D-927D-6E54B3D31028}) (Version: - ) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: - ) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: - ) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: - ) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: - ) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Windows XP Video Decoder Checkup Utility (HKLM-x32\...\DECCHECK) (Version: - ) MKVToolNix 27.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 27.0.0 - Moritz Bunkus) Module externe DxO PhotoLab pour Adobe Lightroom (HKLM-x32\...\{91E4E071-DE20-45D9-91A1-F1A3BBD8333A}) (Version: 1.0.44 - DxO Labs) MonitorTest V3.2 (HKLM\...\MonitorTest_is1) (Version: 3.2 - PassMark Software) Moo0 Menu Transparent 1.20 (HKLM-x32\...\Moo0 TransparentMenu) (Version: - ) MusicExtractor (HKLM-x32\...\MusicExtractor_is1) (Version: 3.1 - Abelssoft) MyPc version 9.5.0.6 (HKLM-x32\...\MyPc_is1) (Version: 9.5.0.6 - ) NetLimiter 4 (HKLM\...\{577F11D6-D845-409B-999D-DC62C9AF855E}) (Version: 4.0.38.0 - Locktime Software) Hidden NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.38.0) (Version: 4.0.38.0 - Locktime Software) NewFolderEx (remove only) (HKLM-x32\...\NewFolderEx) (Version: - ) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) NirSoft WebBrowserPassView (HKLM-x32\...\NirSoft WebBrowserPassView) (Version: - ) Nmap 7.70 (HKLM-x32\...\Nmap) (Version: 7.70 - Nmap Project) NordVPN (HKLM-x32\...\{36D81B7E-3941-4D8D-B2E7-7D29141F4B77}) (Version: 6.16.9 - NordVPN) Hidden NordVPN (HKLM-x32\...\NordVPN 6.16.9) (Version: 6.16.9 - NordVPN) NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN) Npcap 0.99-r2 (HKLM-x32\...\NpcapInst) (Version: 0.99-r2 - Nmap Project) OEM Registration Program (HKLM-x32\...\{B69F4E72-CCA4-4352-BF1C-708CE3D96E25}) (Version: 1.1.0 - Toshiba Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10927.20001 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10927.20001 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.10927.20001 - Microsoft Corporation) Hidden Old Calculator for Windows 10 (HKLM-x32\...\OldCalcForWin10) (Version: 1.1 - hxxp://winaero.com) Old Task Manager for Windows 10 (HKLM-x32\...\Old Task Manager for Windows 10) (Version: 1.0 - hxxp://winaero.com) Open-Shell (HKLM\...\{FD722BB1-4960-455F-89C6-EFAEB79527EF}) (Version: 4.4.131 - The Open-Shell Team) Opera Stable 56.0.3051.36 (HKLM-x32\...\Opera 56.0.3051.36) (Version: 56.0.3051.36 - Opera Software) Package de pilotes Windows - Intel (Netwtw06) net (06/25/2018 20.70.0.5) (HKLM\...\4C1A4D715AB9BA973572D7BA86C88B47A7F2BAFC) (Version: 06/25/2018 20.70.0.5 - Intel) Package de pilotes Windows - Intel (Netwtw06) net (07/04/2018 20.70.0.100) (HKLM\...\DEC7B59D64D2D271008FA319A0196BD3752E33CD) (Version: 07/04/2018 20.70.0.100 - Intel) Paragon Hard Disk Manager™ 16.5 (HKLM\...\{115E0624-48E6-4305-BD25-6C6B39CA3CA4}) (Version: 10.7.1.3356 - Paragon Software) Hidden Paragon Hard Disk Manager™ 16.5 (HKLM-x32\...\{58b7d335-0219-4dd7-94f8-72d69d1a6479}) (Version: 10.7.1.3356 - Paragon Software GmbH) Paragon UIM (HKLM\...\{38FBDB20-F62D-4CD6-A04E-87FD30F3E43A}) (Version: 24.17.0.293 - Paragon Software) Hidden PC8DeviceAgent 3.0.242 (HKLM\...\PC8DeviceAgent) (Version: 3.0.242 - SRM, Inc.) PCあんしん点検ユーティリティ (HKLM-x32\...\{D9CD7DB3-E2BE-4BC6-85A6-EF9235C0B096}) (Version: 2.00.01.02 - Toshiba Corporation) PDF Annotator 7.0.0.703 (HKLM-x32\...\PDFAnnotator_is1) (Version: 7.0.0.703 - GRAHL software design) photoFXlab (HKLM-x32\...\photoFXlab) (Version: 1.2.11 - Topaz Labs) PhotoWizard (HKLM\...\{3C100F93-4F0E-4C32-9AEB-EFB3E2CA34F8}) (Version: 1.6.0 - Microsoft) PopChar 8.2 (HKLM\...\ergonis PopChar_is1) (Version: 8.2 - Ergonis Software) PreSonus Studio One 4 (HKLM\...\PreSonus Studio One 4) (Version: 4.1.0.49247 - PreSonus Audio Electronics) Prey Anti-Theft (HKLM-x32\...\{41F08CF7-6774-4E46-A0DE-AEF068C49DAF}) (Version: 1.8.1 - Prey, Inc.) Hidden Prey Anti-Theft (HKLM-x32\...\{4D91189D-F5FD-45A9-B63E-58291ADA338B}) (Version: 1.6.5 - Prey, Inc.) Hidden Process Network Monitor (HKLM-x32\...\{16C2C93F-A7EF-4950-B89F-E5E5F020118A}) (Version: 6.0 - SecurityXploded) Hidden Process Network Monitor (HKLM-x32\...\Process Network Monitor 6.0) (Version: 6.0 - SecurityXploded) proDAD ReSpeedr 1.0 (64bit) (HKLM\...\proDAD-ReSpeedr-1.0) (Version: 1.0.42.1 - proDAD GmbH) Progress Telerik Fiddler (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Fiddler2) (Version: 5.0.20182.28034 - Telerik) Python 3.7.0 (32-bit) (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\{ece37911-ffeb-4f29-95d6-abcf555d7364}) (Version: 3.7.150.0 - Python Software Foundation) Python 3.7.0 (64-bit) (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\{f684de81-73c2-4924-ad43-e7ae400d47b5}) (Version: 3.7.150.0 - Python Software Foundation) Python 3.7.0 Core Interpreter (32-bit) (HKLM-x32\...\{13BB06D9-FD38-47E5-946E-C2606C554030}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 Core Interpreter (64-bit) (HKLM\...\{F046BD5A-33F4-4ABA-BD2D-0227F6291EC9}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 Development Libraries (32-bit) (HKLM-x32\...\{B424BE74-3C96-4974-8754-9D6442286112}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 Development Libraries (64-bit) (HKLM\...\{61246987-8D99-44A9-8FF5-E2E3F503B72D}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 Documentation (32-bit) (HKLM-x32\...\{ABEE159E-FE5B-4E58-BDD7-1DED2F10AAEB}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 Documentation (64-bit) (HKLM\...\{E7C56E72-C80E-453B-9345-FAEAE5DB51A4}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 Executables (32-bit) (HKLM-x32\...\{4642A126-F999-4407-801B-C1C89BDA58C5}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 Executables (64-bit) (HKLM\...\{84B7971A-F59F-4247-AD34-BEC02CF85FBD}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 pip Bootstrap (32-bit) (HKLM-x32\...\{69CFC76B-3434-4919-8885-BA7960725137}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 pip Bootstrap (64-bit) (HKLM\...\{8A6F7991-1955-4C46-8C0C-8D7C6F7042FA}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 Standard Library (32-bit) (HKLM-x32\...\{09160A5D-8B99-4A89-9E9D-8A6D8E9C7EC1}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 Standard Library (64-bit) (HKLM\...\{18D93BBC-06F6-449D-96FB-CD473CFC6A6D}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{8A09EA6B-C86C-4ECA-8742-C4C1BCA96845}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 Tcl/Tk Support (64-bit) (HKLM\...\{A2FC01E0-059E-4D21-AFD2-B63A7E1EF3CD}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 Test Suite (32-bit) (HKLM-x32\...\{717DB3B4-C457-447B-A8A6-6921A4D917EF}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 Test Suite (64-bit) (HKLM\...\{E4266358-1C9B-4AF0-ABF7-72BE136904CF}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 Utility Scripts (32-bit) (HKLM-x32\...\{FC756D1E-1252-406E-8414-E11FAF97F3C7}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python 3.7.0 Utility Scripts (64-bit) (HKLM\...\{9E24E01B-CBD8-4558-A56D-6188F1A3C822}) (Version: 3.7.150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{D6BDDB48-938A-4384-A7BE-2B4E4931B111}) (Version: 3.7.6386.0 - Python Software Foundation) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.3 beta r3253 - Rainmeter) RarmaRadio 2.71.9 (HKLM-x32\...\RarmaRadio_is1) (Version: - RaimerSoft) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21302 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8491 - Realtek Semiconductor Corp.) recALL version 16.12 (HKLM-x32\...\recALL_is1) (Version: 16.12 - ) Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.11.2 - Red Giant, LLC) Registry Finder 2.29 (HKLM\...\{CC3C7E59-8611-4542-8BFD-FFC6759AD0FB}_is1) (Version: 2.29 - Sergey Filippov) Resource Hacker Version 5.1.6 (HKLM-x32\...\ResourceHacker_is1) (Version: - ) RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games) Scrabble solutions (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Scrabble solutions) (Version: - ) scrabbleproB 1.1.7 (HKLM-x32\...\scrabbleproB_is1) (Version: - scrabblepro) Screen Locker (HKLM-x32\...\{681059E3-1E0B-4E25-8F2E-B8476703E9A7}) (Version: 1.0.0 - Musabbir Mamun) ScreenToGif (HKLM-x32\...\{8A2ABF16-CF82-4FF5-989B-6407F503954C}) (Version: 2.14.0 - Nicke Manarin) SearchWithMyBrowser version 1.1.2 (HKLM\...\SearchWithMyBrowser_is1) (Version: 1.1.2 - Charles Milette) ServiceCommander Version 4 (HKLM-x32\...\ServiceCommander_is1) (Version: 4.0 - Core Technologies Consulting, LLC) Simple DNSCrypt x64 (HKLM\...\{F72438B8-D3FD-4E18-8FDD-64735DB5EA11}) (Version: 0.5.7 - bitbeans) Simple Sticky Notes 4.3 (HKLM-x32\...\Simple Sticky Notes_is1) (Version: - Simnet Ltd.) SoftPerfect RAM Disk version 4.0.7 (HKLM\...\{33A14ED9-0340-4193-BEDB-B95BC8196182}_is1) (Version: 4.0.7 - SoftPerfect) Soldats Inconnus Mémoires de la Grande Guerre 1.0.140373 (HKLM-x32\...\Soldats Inconnus Mémoires de la Grande Guerre 1.0.140373) (Version: 1.0.140373 - Huyustus) SOUND FORGE Pro 12.1 (x64) (HKLM\...\{60C7CECF-93D3-11E8-9B8E-408D5CC672F4}) (Version: 12.1.170 - MAGIX) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Spybot Anti-Beacon (HKLM-x32\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 2.3 - Safer-Networking Ltd.) SRMX version 3.1.597 (HKLM-x32\...\{64BEE57A-50EA-46AE-939C-898BA1A0D22F}_is1) (Version: 3.1.597 - SRM GmbH) Startup Delayer v3.0 (build 366) (HKLM-x32\...\Startup Delayer) (Version: 3.0 (build 366) - r2 Studios) SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk) SuperCopier2 (HKLM-x32\...\SuperCopier2) (Version: - ) SyncBackPro x64 (HKLM-x32\...\SyncBackPro64_is1_is1) (Version: 8.5.90.0 - 2BrightSparks) TAP-NordVPN 9.21.2 (HKLM\...\TAP-NordVPN) (Version: 9.21.2 - NordVPN.com) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) Text Editor Pro version 5.1.1 (HKLM-x32\...\{FC8AD371-A765-4E22-B25F-D5914D7193F1}}_is1) (Version: 5.1.1 - Lasse Markus Rautiainen) Textify v1.6.2 (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Textify) (Version: 1.6.2 - RaMMicHaeL) The Bat! v8.6.0 (64-bit) (HKLM\...\{A7751F6E-C4A1-42D3-85E0-801486F170BF}) (Version: 8.6.0 - Ritlabs, SRL) Topaz A.I. GigaPixel (HKLM\...\{67112AFB-D053-4F3E-815D-49DE57CF30E6}) (Version: 1.0.1 - Topaz Labs) Hidden Topaz A.I. GigaPixel (HKLM\...\Topaz A.I. GigaPixel 1.0.1) (Version: 1.0.1 - Topaz Labs) Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.2.0 - Topaz Labs, LLC) Topaz B&W Effects (HKLM-x32\...\Topaz BW Effects 2) (Version: 2.1.0 - Topaz Labs, LLC) Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.1.0 - Topaz Labs, LLC) Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.2.0 - Topaz Labs, LLC) Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.1.0 - Topaz Labs, LLC) Topaz DeNoise 6 (HKLM-x32\...\Topaz DeNoise 6) (Version: 6.0.1 - Topaz Labs, LLC) Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.3.0 - Topaz Labs, LLC) Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC) Topaz Glow 2 (HKLM\...\Topaz Glow 2) (Version: 2.0.0 - Topaz Labs, LLC) Topaz Impression 2 (HKLM-x32\...\Topaz Impression 2) (Version: 2.0.4 - Topaz Labs, LLC) Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.1.0 - Topaz Labs, LLC) Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.3.0 - Topaz Labs, LLC) Topaz ReMask 5 (HKLM-x32\...\Topaz ReMask 5) (Version: 5.0.1 - Topaz Labs, LLC) Topaz ReStyle (HKLM-x32\...\Topaz ReStyle) (Version: 1.1.0 - Topaz Labs, LLC) Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.2.0 - Topaz Labs, LLC) Topaz Star Effects (HKLM-x32\...\Topaz Star Effects) (Version: 1.2.0 - Topaz Labs, LLC) Topaz Texture Effects 2 (HKLM-x32\...\Topaz Texture Effects 2) (Version: 2.1.0 - Topaz Labs, LLC) <==== ATTENTION TOSHIBA Blu-ray Disc Player (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 3.0.0.23 - Toshiba Client Solutions Co., Ltd.) TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.08.6402 - Toshiba Corporation) TOSHIBA eco Utility (HKLM\...\{72EFCFA8-3923-451D-AF52-7CE9D87BC2A1}) (Version: 3.1.2.6402 - Toshiba Client Solutions Co., Ltd.) TOSHIBA Function Key (HKLM\...\{ABB33FFD-6D6C-4670-9EF4-6181BB4D0DF2}) (Version: 1.1.17.6400 - Toshiba Client Solutions Co., Ltd.) TOSHIBA PalaDouga (HKLM-x32\...\{21CEB4A6-0FF1-444F-A0CC-6F648F74C7F6}) (Version: 2014.0301.0002 - Toshiba Corporation) TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 4.06.01.6401 - Toshiba Client Solutions Co., Ltd.) TOSHIBA Service Station (HKLM\...\{ECAF783B-5512-4BC1-8073-15BD9FDE616F}) (Version: 3.1.2.0 - Toshiba Corporation) TOSHIBA Speech Synthesis (HKLM\...\{36B0B896-6CD8-4C5F-B7E1-2AC8E9588ACC}) (Version: 1.5.2.0 - Toshiba Corporation) TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0041 - Toshiba Corporation) TOSHIBA System Settings (HKLM\...\{B040D5C9-C9AA-430A-A44E-696656012E61}) (Version: 3.1.2.6401 - Toshiba Client Solutions Co., Ltd.) TreeSize Professional V6.3.7 (HKLM\...\{E2E37452-CB02-476E-AB39-C9A1DA9B9849}) (Version: 6.3.7.1236 - JAM Software) ueli 5.0.0 (HKLM\...\cfbc84b5-4a27-5e8d-8800-3f9c64bdb18d) (Version: 5.0.0 - Oliver Schwendener) UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 3.5.0.0 - Manuel Hoefs (Zottel)) Unknown Device Identifier 9.01 (HKLM\...\Unknown Device Identifier_is1) (Version: 9.01 - Huntersoft) VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN) VMware ThinApp (HKLM-x32\...\{164B6D77-345B-4137-A92A-89E21D1C22AD}) (Version: 5.2.28433 - VMware, Inc.) VMware vCenter Converter Standalone (HKLM-x32\...\{DA09FD63-5AE7-4bf6-8B86-0FCA4DEA8F8F}) (Version: 6.2.0.7348398 - VMware, Inc.) VMware Workstation (HKLM\...\{A6D7B449-8F4F-4FA9-B80A-101345AA998A}) (Version: 15.0.0 - VMware, Inc.) Volume2 1.1.6 (HKLM-x32\...\Volume2) (Version: 1.1.6 - Alexandr Irza) Waterfox 56.2.3 (x64 en-US) (HKLM\...\Waterfox 56.2.3 (x64 en-US)) (Version: 56.2.3 - Waterfox Ltd) WhoCrashed 6.00 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.) Win10 Spy Disabler v1.4 (HKLM\...\Win10 Spy Disabler_is1) (Version: 1.4.0.0 - site2unblock.com) WinDirStat 1.1.2 (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\WinDirStat) (Version: - ) WindowManager (HKLM-x32\...\WindowManager) (Version: 6.2.0 - DeskSoft) Windows 10 Manager 2.3.5 (HKLM-x32\...\Windows 10 Manager_is1) (Version: 2.3.5 - lrepacks.ru) Windows Explorer Tracker 2.0 (HKLM-x32\...\Windows Explorer Tracker_is1) (Version: - TriSun Software Inc.) Windows Firewall Control (HKLM\...\Windows Firewall Control) (Version: 5.4.0.0 - BiniSoft.org) Windows Repair Toolbox version 3.0.1.0 (HKLM-x32\...\{A8D7DA31-9E70-437D-97C4-C4887752E029}_is1) (Version: 3.0.1.0 - Alexandre Coelho) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH) WinSplit Revolution (v11.04) (HKLM-x32\...\WinSplit Revolution) (Version: 11.04 - Raphael Lencrerot) WinUAE 64-bit 4.0.1 (HKLM\...\{F018E828-F454-4D44-B298-C904116D9142}) (Version: 4.0.1.0 - Arabuusimiehet) Wireshark 2.6.3 64-bit (HKLM-x32\...\Wireshark) (Version: 2.6.3 - The Wireshark developer community, hxxps://www.wireshark.org) Wise Folder Hider (HKLM-x32\...\Wise Folder Hider_is1) (Version: 4.2.3 - WiseCleaner.com, Inc.) XnConvert 1.76 (HKLM\...\XnConvert_is1) (Version: 1.76 - Gougelet Pierre-e) XnView Shell Extension 3.5.1 (64bits) (HKLM\...\XnView Shell Extension_is1) (Version: 3.5.1 - Gougelet Pierre-e) XYplorer 19.20 (HKLM-x32\...\XYplorer) (Version: 19.20 - Donald Lessau, Cologne Code Company) Zentimo PRO 2.1 (HKLM-x32\...\Zentimo PRO_is1) (Version: - Zentimo.com) 東芝スクリーンミラーリング (HKLM-x32\...\{FB840BB8-82D9-43F8-B7AD-C1DE01185294}) (Version: 1.0.13.3 - APUSONE Technology Inc.) Hidden 東芝スクリーンミラーリング for スマートフォン/タブレット (HKLM-x32\...\InstallShield_{FB840BB8-82D9-43F8-B7AD-C1DE01185294}) (Version: 1.0.13.3 - APUSONE Technology Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-813CB5835A7A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll () CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{b7c2f028-a138-4ad4-aaa1-77cf720d5c66}\InprocServer32 -> C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{d63b0bea-dc64-4c3b-af8b-d860551f91d4}\InprocServer32 -> C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-09-21] () ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-09-21] () ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-09-21] () ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-09-21] () ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] () ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-25] (Hermann Schinagl) ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-25] (Hermann Schinagl) ShellIconOverlayIdentifiers: [IconOverlayJunction] -> {0A479751-02BC-11d3-A855-0004AC2568FF} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-25] (Hermann Schinagl) ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-25] (Hermann Schinagl) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ShellIconOverlayIdentifiers-x32: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-25] (Hermann Schinagl) ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-25] (Hermann Schinagl) ShellIconOverlayIdentifiers-x32: [IconOverlayJunction] -> {0A479751-02BC-11d3-A855-0004AC2568FF} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-25] (Hermann Schinagl) ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-25] (Hermann Schinagl) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) ContextMenuHandlers1: [$PowerDVD18] -> {EF1ED1FB-2224-4150-B12A-CDDE6D442D5A} => C:\ProgramData\CyberLink\PowerDVD18\OpenWith\PDVD_Shell64.dll [2018-10-02] (CyberLink Corp.) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] () ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.) ContextMenuHandlers1: [EDPShell] -> {58549232-7081-4541-882C-767DB238453C} => C:\Program Files\ExamDiff Pro\EDPShell.dll [2018-09-24] (PrestoSoft LLC) ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-09-12] (ESET) ContextMenuHandlers1: [File Marker] -> {B70B7A24-5180-4092-B3BA-6266F914C053} => C:\Program Files (x86)\FileMarker.NET\FileMarkerShlExt64.dll [2017-05-17] (ArcticLine Software) ContextMenuHandlers1: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-25] (Hermann Schinagl) ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit) ContextMenuHandlers1: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files\XnView\ShellEx\XnViewShellExt64.dll [2015-02-19] () ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2017-10-01] (Paramount Software UK Ltd) ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-10-01] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-10-01] (Alexander Roshal) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-09-12] (ESET) ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2017-10-01] (Paramount Software UK Ltd) ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2018-09-19] (VMware, Inc.) ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2018-09-19] (VMware, Inc.) ContextMenuHandlers4: [AutopanoShell.ShellContextMenu] -> {4B4F4C4F-5220-4798-ABF3-EC03F7C8A498} => C:\Program Files\Kolor\Autopano Giga 4.4\AutopanoShell_x64.dll [2017-03-30] (Kolor) ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit) ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit) ContextMenuHandlers5: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-25] (Hermann Schinagl) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-04-17] (Intel Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] () ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.) ContextMenuHandlers6: [EDPShell] -> {58549232-7081-4541-882C-767DB238453C} => C:\Program Files\ExamDiff Pro\EDPShell.dll [2018-09-24] (PrestoSoft LLC) ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-09-12] (ESET) ContextMenuHandlers6: [Folderico] -> {CC0C45C5-EFDE-4B8A-A8B0-9ED733D9E6AC} => C:\Program Files\FolderIco\FolderIco.dll [2017-01-02] (TeoreX) ContextMenuHandlers6: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2018-05-25] (Hermann Schinagl) ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit) ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2018-08-18] (Open-Shell) ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-10-01] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-10-01] (Alexander Roshal) FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\Program Files (x86)\OldNewExplorer\OldNewExplorer64.dll [2017-08-16] (www.startisback.com) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {14205348-27EF-4E6D-AD82-2614674D41BE} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-07-19] (Realtek Semiconductor) Task: {1E131478-9916-4352-BE7F-6658447642DF} - System32\Tasks\Wub_task => C:\Windows Update Minitools avec script Wrapper\Wub.exe [2018-08-13] (www.sordum.org) Task: {2A500303-7C3D-4F78-910B-AAA9F32A2968} - System32\Tasks\WindowManager => C:\Program Files (x86)\WindowManager\WindowManager.exe [2018-09-25] (DeskSoft) Task: {33491DD7-0509-48FE-8042-C7A8AE0D8207} - System32\Tasks\Argente Utilities\Finalize => C:\Program Files\Argente Utilities\ATaskFinalizer.exe [2018-07-30] (Raúl Argente) Task: {362E6C82-6B3B-4F3D-B96E-122437C95EEC} - System32\Tasks\Moo0 Transparent Menu 1.20 => C:\Program Files (x86)\Moo0\TransparentMenu 1.20\TransparentMenu.exe [2013-10-20] (Moo0) Task: {3D292888-612A-4B4B-A42C-940A9152910E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-10-09] (Microsoft Corporation) Task: {448D28A8-2070-4724-B317-4E1C9B4B1B2B} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2015-07-30] (TOSHIBA Corporation) Task: {45AA9CFC-D387-46AD-AF45-87A6C7B11AA1} - System32\Tasks\WDU => "C:\Windows Update Minitools avec script Wrapper\WDU.cmd" Task: {4DF83F2A-9B07-4027-80B8-88C5E1BFAF8F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-10-09] (Microsoft Corporation) Task: {52BF7C13-9647-4D1D-BB9A-24D27BB96108} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated) Task: {5D1D6240-2BE6-4E53-952A-B4E862EEC206} - System32\Tasks\BTSchedulerTask => C:\Program Files (x86)\TOSHIBA\Toshiba Bluetooth Device Profile Utility\TosBt_NotificationScheduler.exe [2015-07-08] (Toshiba Corporation) Task: {63344482-0CCF-4EBC-84DA-C26938622746} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\WINDOWS\system32\usoclient.exe Task: {654C37BA-A0CC-4C99-AE74-9E35E0BBDD73} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_owner => C:\Program Files (x86)\Hard Disk Sentinel Pro\HDSentinel.exe [2018-07-17] (H.D.S. Hungary) Task: {6DC234E0-886F-4EC5-B223-2F661F93E97A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {7A35A2E3-3CB4-4E28-B98D-832C02003592} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache Task: {7B5F24EE-38EA-4113-A3D1-C309A2C7332D} - System32\Tasks\Uninstaller_SkipUac_owner => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2018-09-29] (IObit) Task: {7F5BA90C-F2DA-41DE-8BE3-92464DC2AC30} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-09] (Microsoft Corporation) Task: {8294C954-AF28-4726-A6BA-81BECFAA689D} - System32\Tasks\{150FD0FE-9A31-4F2A-8BE1-F923285CBAC6} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe" -d "C:\Program Files (x86)\Toshiba\OEM Registration Program" Task: {83FC68F0-B326-4D1B-9DB8-5D0686BE7601} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-09] (Microsoft Corporation) Task: {86D1F303-A3F9-43CA-A765-78978098193E} - System32\Tasks\Open Hardware Monitor\Startup => C:\Program Files (x86)\OpenHardwareMonitor\OpenHardwareMonitor.exe [2016-11-07] () Task: {8A2FA640-D64E-4D6E-88A4-AA44DC20FDD7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-10-09] (Microsoft Corporation) Task: {9DF39293-7B66-419C-B5EB-E5A538CFC5D6} - System32\Tasks\BetterDesktopTool => C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe [2018-04-29] () Task: {9EDDA363-999A-4D27-93AE-E4D1550B971D} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2018-09-13] (Adobe Inc.) Task: {A57B479F-C28A-45A7-8634-B4DE6286241D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-22] (Google Inc.) Task: {AD4E8AFB-A48C-4E13-BE83-B8D87600CFB4} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync Task: {B4F7B0DE-2103-4BB5-95B2-9E0C376E8493} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-27] (Microsoft Corporation) Task: {BBCEB79D-54D3-4F3F-BDAA-779097079FCF} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Backup Scan => C:\WINDOWS\system32\usoclient.exe Task: {BD21C377-5B30-4E5A-B6F2-37D2086885E5} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives Task: {BD398A7E-169D-4E33-A264-4D204353B2E2} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network Task: {C36E1A0B-6D30-409C-8FC3-9F80F2F46F1E} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-gokpok@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated) Task: {C507E429-D9AF-4D32-8A87-1B3F19C56D7E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-27] (Microsoft Corporation) Task: {C58975CA-052C-4DDE-9061-7FDAE294B57A} - System32\Tasks\S-1-5-21-1112066077-4254746724-1257480092-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-09-15] (Microsoft Corporation) Task: {CAD11E9A-92A7-4857-8277-A22E9A72CDBA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-10-09] (Microsoft Corporation) Task: {D9AB513F-4663-4F87-B074-26F52FFA77D2} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation) Task: {DC59F50C-43B6-4B0A-ACDB-3163213AC4DF} - System32\Tasks\Opera scheduled Autoupdate 1525985527 => C:\Program Files\Opera\launcher.exe [2018-10-02] (Opera Software) Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] () Task: {E7048644-EE23-411A-B60E-C5318DA5B4CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-22] (Google Inc.) Task: {EF521673-1858-4304-826B-E054707F0CF5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start Task: {F81C6B7C-182A-42AE-BD53-5A124CF2A75E} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-gokpok@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\owner\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Système\VMware\ThinApp\ThinApp Help.lnk -> hxxp://www.vmware.com/info?id=90 Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Système\Link Shell Extension\Donate.lnk -> hxxp://schinagl.priv.at/nt/hardlinkshellext/linkshellextension.htm Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet\Reset Data Usage.bat.lnk -> C:\Program Files (x86)\Reset Data Usage - Script\Reset_Data_Usage.bat () ==================== Loaded Modules (Whitelisted) ============== 2016-06-07 14:20 - 2016-05-25 17:53 - 001634072 _____ () C:\Program Files (x86)\InternetOff\IOffSvc.exe 2018-09-15 15:28 - 2018-09-15 15:28 - 000834088 _____ () C:\Windows\System32\InputHost.dll 2018-10-06 09:54 - 2018-10-06 09:54 - 000125440 _____ () C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe 2018-07-09 18:23 - 2018-07-09 18:23 - 006314648 _____ () C:\Program Files\bitbeans\Simple DNSCrypt x64\dnscrypt-proxy\dnscrypt-proxy.exe 2018-09-21 01:10 - 2018-09-21 01:10 - 001157592 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe 2018-01-31 19:35 - 2009-01-12 08:15 - 000082872 _____ () C:\WINDOWS\SysWOW64\NMSAccess64.exe 2018-07-25 22:47 - 2018-07-25 22:47 - 000435664 _____ () C:\Program Files (x86)\NordVPN\nordvpn-service.exe 2018-09-30 09:53 - 2018-09-30 09:53 - 006285616 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe 2014-02-27 12:31 - 2014-02-27 12:31 - 000013312 _____ () C:\Windows\SysWOW64\SMITSC.exe 2011-04-13 04:53 - 2011-04-13 04:53 - 000015360 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplitHook64.DLL 2016-08-31 15:49 - 2016-08-31 15:49 - 001088000 _____ () \\?\C:\Windows\Prey\versions\1.8.1\node_modules\sqlite3\lib\binding\node-v46-win32-x64\node_sqlite3.node 2017-05-12 00:15 - 2016-11-07 00:15 - 000494592 _____ () C:\Program Files (x86)\OpenHardwareMonitor\OpenHardwareMonitor.exe 2018-04-17 23:03 - 2018-04-17 23:03 - 000401872 _____ () C:\WINDOWS\system32\igfxTray.exe 2018-04-29 20:54 - 2018-04-29 19:21 - 000396800 _____ () C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe 2018-04-29 20:54 - 2018-04-29 19:21 - 000337920 _____ () C:\Program Files (x86)\BetterDesktopTool\BetterDesktopToolServer.exe 2017-05-01 23:55 - 2012-04-28 13:01 - 000350720 _____ () C:\Program Files (x86)\Stick it 1.00.0b\Stick-It!.exe 2018-09-27 12:04 - 2018-06-20 15:02 - 000850432 _____ () C:\Networx portable\App\64-bit\sqlite3.dll 2018-09-21 01:10 - 2018-09-21 01:10 - 000754416 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe 2016-06-07 14:20 - 2016-05-25 17:53 - 003182360 _____ () C:\Program Files (x86)\InternetOff\InternetOff.exe 2016-06-09 00:28 - 2007-09-02 19:58 - 000495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe 2011-04-13 04:53 - 2011-04-13 04:53 - 003951616 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe 2011-04-13 04:53 - 2011-04-13 04:53 - 000015872 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr32.exe 2011-04-13 04:53 - 2011-04-13 04:53 - 000017920 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr64.exe 2017-10-05 07:13 - 2017-10-05 07:13 - 000263680 _____ () C:\Users\owner\AppData\Roaming\Textify\Textify.exe 2017-03-19 17:00 - 2014-10-03 20:06 - 000014848 _____ () C:\Program Files\volumouse-x64\volumouse32.exe 2018-09-21 02:01 - 2018-09-21 02:01 - 004575880 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe 2018-09-28 20:14 - 2018-09-28 20:14 - 000110592 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll 2018-04-17 23:48 - 2018-03-28 08:43 - 002630656 _____ () C:\Program Files\ShellFolderFix64\ShellFolderFixUI.exe 2018-04-17 23:48 - 2018-03-28 08:04 - 000100864 _____ () C:\Program Files\ShellFolderFix64\ShellFolderFix.dll 2016-10-05 19:41 - 2013-09-22 16:40 - 000132312 _____ () C:\Program Files (x86)\wizmouse 1.7.0.3 portable\WizMouse.exe 2018-09-21 01:11 - 2018-09-21 01:11 - 007003048 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe 2018-09-21 01:11 - 2018-09-21 01:11 - 005833864 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll 2018-03-05 20:47 - 2018-03-05 20:47 - 000614848 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll 2004-10-01 02:15 - 2004-10-01 02:15 - 000192000 _____ () C:\Program Files\LinkShellExtension\RockallDLL.dll 2018-10-08 20:08 - 2018-10-08 20:08 - 000436744 _____ () C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe 2018-09-15 15:28 - 2018-09-15 15:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-09-15 15:28 - 2018-09-15 15:28 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2016-06-12 16:29 - 2015-02-19 02:46 - 002383360 _____ () C:\Program Files\XnView\ShellEx\XnViewShellExt64.dll 2018-09-15 15:28 - 2018-09-15 15:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-06-09 19:37 - 2014-04-07 18:18 - 002592256 _____ () C:\Program Files (x86)\Gest\Gest.exe 2016-06-09 19:37 - 2016-06-09 19:37 - 000824320 _____ () C:\Users\owner\AppData\Roaming\Gest\GestUpdater.exe 2017-07-20 03:55 - 2017-07-20 03:55 - 000665088 _____ () C:\Program Files\EqualizerAPO\EqualizerAPO.dll 2015-11-23 04:05 - 2015-11-23 04:05 - 001530880 _____ () C:\Program Files\EqualizerAPO\libsndfile-1.dll 2017-07-08 18:52 - 2017-07-08 18:52 - 002983917 _____ () C:\Program Files\EqualizerAPO\libfftw3f-3.dll 2018-09-21 01:58 - 2018-09-21 01:58 - 000102272 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schdevid.dll 2018-09-25 00:22 - 2018-09-25 00:22 - 022984336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll 2018-09-21 01:20 - 2018-09-21 01:20 - 000415448 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll 2018-09-21 01:10 - 2018-09-21 01:10 - 001087272 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\schedule.dll 2018-05-24 20:45 - 2018-05-24 20:45 - 000250368 _____ () C:\Program Files (x86)\NordVPN\x86\Liberation.Native.Firewall.dll 2017-12-12 02:04 - 2017-12-12 02:04 - 000128424 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\expat.dll 2017-12-12 02:04 - 2017-12-12 02:04 - 000402776 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\ssoClient.dll 2017-12-12 02:04 - 2017-12-12 02:04 - 000096256 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\mspack.dll 2018-09-21 01:07 - 2018-09-21 01:07 - 000277538 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\LIBMAGIC.dll 2018-09-21 01:12 - 2018-09-21 01:12 - 002386352 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\xerces_c.dll 2018-09-21 01:07 - 2018-09-21 01:07 - 000160168 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\libevent.dll 2018-09-21 01:17 - 2018-09-21 01:17 - 000685488 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sqlite3.dll 2018-04-29 20:54 - 2018-04-29 19:20 - 000117248 _____ () C:\Program Files (x86)\BetterDesktopTool\HookLibrary.dll 2011-04-13 04:53 - 2011-04-13 04:53 - 000013312 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplitHook32.DLL 2016-06-09 00:28 - 2007-09-02 19:57 - 000069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll 2018-08-15 10:58 - 2018-08-15 10:58 - 000086016 _____ () C:\Program Files (x86)\AutoSizer\AutoSizer.dll 2011-04-13 04:53 - 2011-04-13 04:53 - 000011264 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplitLib.dll 2018-09-21 01:20 - 2018-09-21 01:20 - 010683096 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_resources.dll 2018-09-21 01:03 - 2018-09-21 01:03 - 000143904 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll 2018-09-21 01:10 - 2018-09-21 01:10 - 000804264 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_supp.dll 2018-09-21 01:26 - 2018-09-21 01:26 - 001485080 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_supp_ex.dll 2018-09-21 01:22 - 2018-09-21 01:22 - 000178376 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\archive3_adapter.dll 2018-09-21 01:09 - 2018-09-21 01:09 - 000271392 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\pcs_io.dll 2018-09-21 01:11 - 2018-09-21 01:11 - 000042928 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\winpthreads4.dll 2018-09-21 01:12 - 2018-09-21 01:12 - 000225312 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\zstd.dll 2018-09-21 01:20 - 2018-09-21 01:20 - 000057048 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll 2018-09-21 01:11 - 2018-09-21 01:11 - 000255008 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll 2018-09-21 01:11 - 2018-09-21 01:11 - 000444336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll 2018-09-21 01:04 - 2018-09-21 01:04 - 000115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\expat.dll 2017-11-22 18:18 - 2017-11-22 18:18 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2018-08-28 14:59 - 2018-05-02 17:42 - 000442128 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl 2018-08-28 14:59 - 2018-05-02 17:42 - 000210704 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl 2018-08-28 14:59 - 2018-05-02 17:42 - 000059664 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:6DAA43DB [406] AlternateDataStreams: C:\ProgramData\TEMP:810B9F0D [136] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-09-29 21:46 - 2018-10-03 20:28 - 000004315 _____ C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.0 activation.acronis.com 0.0.0.0 web-api-tih.acronis.com 0.0.0.0 web-api-tie.acronis.com 0.0.0.0 web-api-vmp.acronis.com 0.0.0.0 cloud-rs-ru2.acronis.com 0.0.0.0 cloud-fes-ru2.acronis.com 0.0.0.0 rpc.acronis.com 0.0.0.0 choice.microsoft.com 0.0.0.0 choice.microsoft.com.nstac.net 0.0.0.0 df.telemetry.microsoft.com 0.0.0.0 oca.telemetry.microsoft.com 0.0.0.0 oca.telemetry.microsoft.com.nsatc.net 0.0.0.0 redir.metaservices.microsoft.com 0.0.0.0 reports.wes.df.telemetry.microsoft.com 0.0.0.0 services.wes.df.telemetry.microsoft.com 0.0.0.0 settings-sandbox.data.microsoft.com 0.0.0.0 settings-win.data.microsoft.com 0.0.0.0 sqm.df.telemetry.microsoft.com 0.0.0.0 sqm.telemetry.microsoft.com 0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net 0.0.0.0 telecommand.telemetry.microsoft.com 0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net 0.0.0.0 telemetry.appex.bing.net 0.0.0.0 telemetry.microsoft.com 0.0.0.0 telemetry.urs.microsoft.com 0.0.0.0 vortex-sandbox.data.microsoft.com 0.0.0.0 vortex-win.data.microsoft.com 0.0.0.0 vortex.data.microsoft.com 0.0.0.0 watson.telemetry.microsoft.com 0.0.0.0 watson.telemetry.microsoft.com.nsatc.net There are 94 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\Control Panel\Desktop\\Wallpaper -> C:\Fond d'ecran\Copie de Kyoto.jpeg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [Microsoft-Windows-Unified-Telemetry-Client] => (Block) C:\WINDOWS\system32\svchost.exe FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe FirewallRules: [{ECE1C222-20DC-46D9-909E-6634EA9E329D}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe FirewallRules: [{EEE2486B-A4A9-49D1-8F62-2C70C2C3AA50}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe FirewallRules: [{754ECC86-9B01-42FB-B605-6127043FEB7D}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe FirewallRules: [{6DB792ED-37C0-46FE-B094-2604C371613F}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe FirewallRules: [{EE8371C2-1AAA-4BCC-97B5-12CB8359090E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe FirewallRules: [{AB81CF43-B9A2-4866-812D-BD2C76C05F8E}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe FirewallRules: [{9B33FE09-80A0-4701-8FAE-EBA7CD218A1A}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe FirewallRules: [{D71D43F3-3325-4ED7-97BF-4D856C2ADA48}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe FirewallRules: [{62AA4B2B-4B99-4A18-99E1-17DA64FEC2C0}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe FirewallRules: [{754A7588-48E4-4C43-A4A9-91C5C492C680}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe FirewallRules: [{2818A947-8231-4519-A09C-0FD3DA847FCA}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe FirewallRules: [{EF7AD686-6945-402E-9E5D-4F9A6218D8DF}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe FirewallRules: [{E873D7E1-F49E-4A13-BE53-08E0A6040A6B}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe FirewallRules: [{FFDA07FD-8E26-4F26-8139-2878EA4C970F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{5CEDE0DF-9778-4F97-B595-30ED72382764}] => (Allow) C:\Users\owner\AppData\Local\Programs\Fiddler\Fiddler.exe FirewallRules: [{F9200EA3-BEA8-419E-A374-52BEA93113A4}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe FirewallRules: [{8320DEB6-5919-4AA5-8D47-5C66EFD63C05}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe FirewallRules: [{54B5D953-6D2E-42FD-B13B-35F429C34A25}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe FirewallRules: [{A120E162-25D1-46DF-A72B-D1ED9843A424}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe FirewallRules: [{86CB56F2-7EC6-4731-935F-F4DBBE4516FA}] => (Block) C:\Users\owner\AppData\Roaming\Gest\GestLauncher.exe FirewallRules: [{6433748A-774C-43DE-A508-C2B31EE05154}] => (Block) C:\Users\owner\AppData\Roaming\Gest\GestUpdater.exe FirewallRules: [{77E1BACF-3819-489D-A37C-6F8CD56C3BD8}] => (Block) C:\Program Files (x86)\Gest\Gest.exe FirewallRules: [UDP Query User{8D2A84A1-BA6F-4EDA-A629-D7BE26DA681A}C:\users\owner\desktop\madvr\madtpg.exe] => (Allow) C:\users\owner\desktop\madvr\madtpg.exe FirewallRules: [TCP Query User{D8491832-3060-4E03-8391-3C4B73054CAC}C:\users\owner\desktop\madvr\madtpg.exe] => (Allow) C:\users\owner\desktop\madvr\madtpg.exe FirewallRules: [UDP Query User{59EBECA0-DAAB-4AA5-9497-B1D5F68D3FF8}C:\users\owner\desktop\madvr\madhcctrl.exe] => (Allow) C:\users\owner\desktop\madvr\madhcctrl.exe FirewallRules: [TCP Query User{9E45959D-3E28-4046-B7D8-BAA86568D9C8}C:\users\owner\desktop\madvr\madhcctrl.exe] => (Allow) C:\users\owner\desktop\madvr\madhcctrl.exe FirewallRules: [{E786BDCB-C628-4210-BF69-34398CB6DD56}] => (Allow) C:\Program Files\Opera\55.0.2994.61\opera.exe FirewallRules: [UDP Query User{ADE25F56-ABAA-4A1F-976D-BB339D2DAC26}C:\sdi\sdi_x64_r1809.exe] => (Allow) C:\sdi\sdi_x64_r1809.exe FirewallRules: [TCP Query User{F024C10D-8408-4DAC-8B3D-72F56693392A}C:\sdi\sdi_x64_r1809.exe] => (Allow) C:\sdi\sdi_x64_r1809.exe FirewallRules: [{173FFB07-0278-4E55-87FA-F58321E79CD0}] => (Block) C:\Program Files\PreSonus\Studio One 4\Studio One.exe FirewallRules: [{ECA182A3-EA08-43DC-8B6F-BE45072A3EF9}] => (Block) C:\Program Files\PreSonus\Studio One 4\PlugInScanner.exe FirewallRules: [{74C8E107-44BA-49EA-B2D0-63863F57384D}] => (Block) C:\Program Files\PreSonus\Studio One 4\Studio One.exe FirewallRules: [{8191E481-01F0-4586-B5EB-44C281D1F439}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE FirewallRules: [{ABE6A22B-4857-4324-A3BE-717EF02E98E0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{6C4A4B5B-2AC2-4AC8-BBB6-F0E74D593E8A}] => (Block) C:\Program Files\Bongiovi Acoustics\Bongiovi DPS\Bongiovi DPS.exe FirewallRules: [{BFBCB7FF-87CB-4C17-8010-CE6E9BD0BC79}] => (Block) C:\Program Files (x86)\IObit\IObit Uninstaller\IUSoftUpdateTip.exe FirewallRules: [{48A8A2AC-3FA7-4A9A-B6C9-EFECE88B6BA7}] => (Block) C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe FirewallRules: [{1EC70BA2-5CCE-4587-A26C-942C002FC5D2}] => (Block) C:\Program Files (x86)\IObit\IObit Uninstaller\AUpdate.exe FirewallRules: [{434250D9-4520-4489-AE88-71F5AC022E6B}] => (Block) C:\Program Files (x86)\IObit\IObit Uninstaller\AutoUpdate.exe FirewallRules: [{6D287952-8A78-4E91-9064-5CC6A6002946}] => (Block) C:\Program Files\Topaz Labs\Topaz A.I. GigaPixel\UpdateManager.exe FirewallRules: [{964F62C4-47FD-4D3A-AC72-6F06AE1A237A}] => (Block) C:\Program Files\Topaz Labs\Topaz A.I. GigaPixel\Topaz A.I. Gigapixel.exe FirewallRules: [{45183408-134A-4498-89A7-6DA9EA08BED2}] => (Block) C:\Program Files (x86)\AOMEI Partition Assistant Technician Edition 7.1\PartAssist.exe FirewallRules: [{0E250452-F526-438B-ACE3-B2E8BBE2DBD2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{DB0F3DC6-8E5B-422C-BEE2-9C699F5248CC}] => (Block) C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe FirewallRules: [{38B9A3F7-CA5C-4C67-A344-69CD029DC8C6}] => (Block) C:\My CPU Monitor\My CPU Monitor.exe FirewallRules: [{5F6EA31F-5A25-4C45-ACE1-8F07530BAAE2}] => (Block) C:\Program Files\ueli\ueli.exe FirewallRules: [{78C20C0F-0FAB-4049-895B-75CFB613449A}] => (Allow) C:\Program Files\Windows Firewall Control\wfc.exe FirewallRules: [{4EC45434-9594-478F-A751-11FACF873E11}] => (Allow) C:\Windows\Prey\versions\1.8.1\bin\node.exe FirewallRules: [{70CBBC2D-9CEF-4E77-8E47-940CAAF40A20}] => (Block) C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe FirewallRules: [{71A96720-3EA5-47E0-8D05-B5ACD5A53FC7}] => (Block) C:\Program Files (x86)\BetterDesktopTool\BetterDesktopToolServer.exe FirewallRules: [{60E6D465-398E-4850-BE86-7EF7620A2377}] => (Block) C:\windows\system32\svchost.exe FirewallRules: [{4C751C72-0D13-4062-835D-50AC5B2269C5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{27A90A87-DF76-4149-A3B9-D853831D387B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{83A8806C-9564-4516-AEFB-53807FBDE464}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{A4FA2263-E1DA-4109-A762-7406AEEB19EB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{2ACC8486-FA60-45D6-99A0-57B6EEE73832}] => (Allow) C:\Program Files (x86)\Steam\steamapps\Common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{97BF53C6-661D-4C86-8B41-828956F528B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\Common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{D73E069C-FC1A-4560-87EA-73B3F073435B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\Common\Spacewar\SteamworksExample.exe FirewallRules: [{6DE6F25A-F9C7-4EBC-85E7-A01A717E7676}] => (Allow) C:\Program Files (x86)\Steam\steamapps\Common\Spacewar\SteamworksExample.exe FirewallRules: [{FA74EE12-1948-4D65-9C2C-CFD50E69707E}] => (Block) LPort=8318 FirewallRules: [{3276B4B5-4831-4FAD-86B7-966351A2A672}] => (Block) %ProgramFiles% (x86)\Destroy Windows 10 Spying\Destroy Windows 10 Spying.exe FirewallRules: [{9C7026D5-6268-4457-B52E-ACD7827D0BD0}] => (Block) %ProgramFiles% (x86)\Destroy Windows 10 Spying\Destroy Windows 10 Spying.exe FirewallRules: [{F43936C9-4F0F-48FA-9FB0-CE2E235C307B}] => (Allow) C:\Program Files\Waterfox\waterfox.exe FirewallRules: [{F8546430-C419-4C78-931D-8248F42B55B0}] => (Allow) C:\Program Files\Waterfox\waterfox.exe FirewallRules: [{398A6E4C-9A77-4D1E-B37F-ACE3A95B1A26}] => (Block) C:\Program Files\Windows Firewall Control\wfc.exe FirewallRules: [{EC5633D4-B1E2-44BD-B80E-747FBB6D11A6}] => (Block) C:\WINDOWS\system32\spoolsv.exe FirewallRules: [{1747461C-472A-46C3-BE21-B120D90531B7}] => (Allow) C:\Program Files\waterfox\waterfox.exe FirewallRules: [{FABB2FC8-00BF-4EE8-9D2E-C89E687CEE2C}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe FirewallRules: [TCP Query User{0C45436E-3294-4394-A6D0-D9DA6744F501}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{20F73919-3406-4586-9367-28A75003B4E1}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe FirewallRules: [{4C356547-3C4D-4EFA-9D21-DB54EE9E0E1E}] => (Block) C:\WINDOWS\Explorer.EXE FirewallRules: [{FD1F2068-F697-46B0-81FF-2C112388FDAD}] => (Block) C:\Program Files\Notepad++\notepad++.exe FirewallRules: [{01BC0803-1306-4EE7-909F-7D2F2BE3A736}] => (Block) C:\Program Files\SumatraPDF\SumatraPDF.exe FirewallRules: [{17339735-D644-49C2-9079-0E98CD23550B}] => (Block) C:\Program Files\WinRAR\WinRAR.exe FirewallRules: [{90F28D44-48CC-43B8-8A1B-CF1B48606A01}] => (Block) C:\Program Files\Win10 Spy Disabler\Win10SpyDisabler.exe FirewallRules: [{C6AF62E3-AB8A-432A-998A-FFB86CC6208D}] => (Block) C:\Program Files (x86)\Free Video Cutter\FreeVideoCutter.exe FirewallRules: [{08F0760E-BEDA-4B67-962C-CAC174745E14}] => (Block) C:\Program Files (x86)\Volume2\Volume2.exe FirewallRules: [{1A825B0E-75AB-4F24-9C16-F0089BED656B}] => (Block) C:\Program Files (x86)\Volume2\Volume2PM.exe FirewallRules: [{86A315BD-CFA0-4EC9-818C-8C413816AF9E}] => (Block) C:\Program Files\ExamDiff Pro\ExamDiff.exe FirewallRules: [{AC39045C-9316-4A0D-9878-161FC2EF1FF5}] => (Block) C:\Program Files\Windows Firewall Control\wfc.exe FirewallRules: [{2E9BD135-78EC-4905-B60B-F512D0D6616E}] => (Block) C:\WINDOWS\system32\spoolsv.exe FirewallRules: [TCP Query User{9A261B67-246E-4417-84C1-2BE7A9A0F936}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{108AC259-7467-48F7-9310-7AA50E5A3BA2}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [TCP Query User{1EFC87AF-A0B2-447C-BA40-6B932BFAA2EC}C:\program files (x86)\networkconnectlog\networkconnectlog.exe] => (Allow) C:\program files (x86)\networkconnectlog\networkconnectlog.exe FirewallRules: [UDP Query User{4AF9B01C-CDD0-45FB-9263-9A664F1FC340}C:\program files (x86)\networkconnectlog\networkconnectlog.exe] => (Allow) C:\program files (x86)\networkconnectlog\networkconnectlog.exe FirewallRules: [TCP Query User{71B36B6D-9887-4B80-AF3F-41CEEC655F1E}C:\program files\adobe\adobe dreamweaver cc 2018\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2018\node\node.exe FirewallRules: [UDP Query User{A749ECEB-4C6D-4AD5-B64A-53C073B640DF}C:\program files\adobe\adobe dreamweaver cc 2018\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2018\node\node.exe FirewallRules: [TCP Query User{89D041BA-22A5-4FE8-B2AD-BA5A42CF16F7}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe FirewallRules: [UDP Query User{0FFE5DEB-26DE-40CF-A830-BB8E51A64FD1}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe FirewallRules: [TCP Query User{0D8834A0-CBAF-455A-98CB-73FA05AE82EF}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe FirewallRules: [UDP Query User{91A17E5D-1268-4256-9AB4-A691D449A111}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe FirewallRules: [0001a555-e2d6-0ddf-a6fe-8db4decfb0bf] => (Block) C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe FirewallRules: [{635683B1-AA0F-48E9-97AF-544691311146}] => (Block) C:\Program Files (x86)\BetterDesktopTool\BetterDesktopToolServer.exe FirewallRules: [{0A6F258F-0332-4C44-BF34-6204145119CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.90.268.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{FDCCFF41-756E-4B59-9C78-2336F6B2EB67}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.90.268.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{18910B48-CE25-408D-82DE-2B5E9990C728}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.90.268.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{87FE1E01-0512-43CA-BD80-0FD14A7FC0D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.90.268.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{81D2C421-E983-45BA-8AF1-7E27F520F689}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.90.268.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{17BA716A-1F39-40C7-AB61-947D4579BAB1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.90.268.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{D18238E3-677D-4D58-B296-4878FC2D3C71}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.90.268.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{26CCE162-DE34-412D-B09F-0AB52C761D32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.90.268.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{C99CCD64-BAAB-407F-B57A-9FF97597B092}] => (Allow) C:\Program Files\Opera\56.0.3051.36\opera.exe FirewallRules: [{DD4E849F-666F-46CD-B289-04237CD6D6A2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD.exe FirewallRules: [{E8486AC1-693B-4623-91AA-764438623982}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe FirewallRules: [{9BCADC0F-582E-4A48-97EC-689BC7F6799C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe FirewallRules: [{526FFB43-542E-4C0B-8E7F-66C2D2E18CBE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Movie\PowerDVDMovie.exe FirewallRules: [{FBE9DD93-0529-40BA-99FF-FD26D5D118D8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\CastingStation.exe ==================== Restore Points ========================= 04-10-2018 21:07:46 Windows Update 07-10-2018 10:42:56 Removed WinUAE 64-bit 3.6.1 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/09/2018 11:06:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante explorer.exe, version : 10.0.17763.1, horodatage : 0x8f6f57b3 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000002aa0fd8 ID du processus défaillant : 0x1724 Heure de début de l’application défaillante : 0x01d45f71f2d54ff0 Chemin d’accès de l’application défaillante : C:\WINDOWS\explorer.exe Chemin d’accès du module défaillant: unknown ID de rapport : 78b6ac7e-df2e-4f82-b05e-0fbcbad7bb85 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (10/09/2018 09:46:46 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante explorer.exe, version : 10.0.17763.1, horodatage : 0x8f6f57b3 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000009650fd8 ID du processus défaillant : 0x5f4 Heure de début de l’application défaillante : 0x01d45f71a990948b Chemin d’accès de l’application défaillante : C:\WINDOWS\explorer.exe Chemin d’accès du module défaillant: unknown ID de rapport : 77ea93cb-97f3-425e-9255-fa5dc7e734a3 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (10/09/2018 09:44:41 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Explorer.EXE, version : 10.0.17763.1, horodatage : 0x8f6f57b3 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000006540fd8 ID du processus défaillant : 0x1bec Heure de début de l’application défaillante : 0x01d45de67b61e6a9 Chemin d’accès de l’application défaillante : C:\WINDOWS\Explorer.EXE Chemin d’accès du module défaillant: unknown ID de rapport : e51a2792-c06f-4a99-b4bf-b6e778b927d7 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (10/07/2018 10:36:46 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1018) (User: PC) Description: La collecte des données des compteurs de performance a été désactivée pour cette session à partir du service « VMware » car la bibliothèque de compteurs de performance pour ce service a généré une ou plusieurs erreurs. Les erreurs à l’origine de cette action ont été écrites dans le journal des événements des applications. Error: (10/07/2018 10:36:46 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1022) (User: PC) Description: Windows ne peut pas ouvrir la DLL de compteur extensible 64 bits C:\Program Files (x86)\VMware\VMware Workstation\vmPerfmon.dll dans un environnement 32 bits (code d'erreur Win32 193). Contactez le fournisseur du fichier pour obtenir une version 32 bits. Si vous exécutez un environnement natif 64 bits, vous pouvez également ouvrir la DLL de compteur extensible 64 bits en utilisant la version 64 bits de l’Analyseur de performances. Pour utiliser cet outil, ouvrez le dossier Windows, puis le dossier System32 et démarrez Perfmon.exe. Error: (10/07/2018 10:36:46 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: PC) Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126). Error: (10/07/2018 10:36:45 AM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code d’état. Error: (10/07/2018 10:36:44 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1018) (User: PC) Description: La collecte des données des compteurs de performance a été désactivée pour cette session à partir du service « VMware » car la bibliothèque de compteurs de performance pour ce service a généré une ou plusieurs erreurs. Les erreurs à l’origine de cette action ont été écrites dans le journal des événements des applications. System errors: ============= Error: (10/08/2018 08:55:34 PM) (Source: DCOM) (EventID: 10016) (User: PC) Description: Les paramètres d’autorisation アプリケーション固有 n’accordent pas l’autorisation ローカル アクティブ化 pour l’application serveur COM avec le CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} et l’APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} au SID pc\owner de l’utilisateur (S-1-5-21-1112066077-4254746724-1257480092-1001) depuis l’adresse LocalHost (LRPC 使用) s’exécutant dans le SID 利用不可 du conteneur d’applications (利用不可). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/08/2018 08:08:10 PM) (Source: DCOM) (EventID: 10016) (User: PC) Description: Les paramètres d’autorisation アプリケーション固有 n’accordent pas l’autorisation ローカル アクティブ化 pour l’application serveur COM avec le CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} et l’APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} au SID pc\owner de l’utilisateur (S-1-5-21-1112066077-4254746724-1257480092-1001) depuis l’adresse LocalHost (LRPC 使用) s’exécutant dans le SID 利用不可 du conteneur d’applications (利用不可). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/08/2018 08:08:10 PM) (Source: DCOM) (EventID: 10016) (User: PC) Description: Les paramètres d’autorisation アプリケーション固有 n’accordent pas l’autorisation ローカル アクティブ化 pour l’application serveur COM avec le CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} et l’APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} au SID pc\owner de l’utilisateur (S-1-5-21-1112066077-4254746724-1257480092-1001) depuis l’adresse LocalHost (LRPC 使用) s’exécutant dans le SID 利用不可 du conteneur d’applications (利用不可). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/08/2018 08:08:09 PM) (Source: DCOM) (EventID: 10016) (User: PC) Description: Les paramètres d’autorisation アプリケーション固有 n’accordent pas l’autorisation ローカル アクティブ化 pour l’application serveur COM avec le CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} et l’APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} au SID pc\owner de l’utilisateur (S-1-5-21-1112066077-4254746724-1257480092-1001) depuis l’adresse LocalHost (LRPC 使用) s’exécutant dans le SID 利用不可 du conteneur d’applications (利用不可). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/08/2018 08:08:09 PM) (Source: DCOM) (EventID: 10016) (User: PC) Description: Les paramètres d’autorisation アプリケーション固有 n’accordent pas l’autorisation ローカル アクティブ化 pour l’application serveur COM avec le CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} et l’APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} au SID pc\owner de l’utilisateur (S-1-5-21-1112066077-4254746724-1257480092-1001) depuis l’adresse LocalHost (LRPC 使用) s’exécutant dans le SID 利用不可 du conteneur d’applications (利用不可). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/08/2018 07:58:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Les paramètres d’autorisation コンピューターの既定 n’accordent pas l’autorisation ローカル アクティブ化 pour l’application serveur COM avec le CLSID {0358B920-0AC7-461F-98F4-58E32CD89148} et l’APPID {3EB3C877-1F16-487C-9050-104DBCD66683} au SID NT AUTHORITY\LOCAL SERVICE de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (LRPC 使用) s’exécutant dans le SID 利用不可 du conteneur d’applications (利用不可). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/08/2018 07:58:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Les paramètres d’autorisation コンピューターの既定 n’accordent pas l’autorisation ローカル アクティブ化 pour l’application serveur COM avec le CLSID {0358B920-0AC7-461F-98F4-58E32CD89148} et l’APPID {3EB3C877-1F16-487C-9050-104DBCD66683} au SID NT AUTHORITY\LOCAL SERVICE de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (LRPC 使用) s’exécutant dans le SID 利用不可 du conteneur d’applications (利用不可). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/07/2018 02:08:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Les paramètres d’autorisation アプリケーション固有 n’accordent pas l’autorisation ローカル アクティブ化 pour l’application serveur COM avec le CLSID {9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C} et l’APPID {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} au SID NT AUTHORITY\LOCAL SERVICE de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (LRPC 使用) s’exécutant dans le SID 利用不可 du conteneur d’applications (利用不可). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. CodeIntegrity: =================================== Date: 2018-10-03 12:03:55.692 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\OldNewExplorer\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements. Date: 2018-10-03 12:03:21.278 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-10-03 12:03:21.268 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-10-03 12:03:21.253 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-10-03 12:03:21.241 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-10-03 12:03:21.226 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-10-03 12:03:21.218 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-10-03 11:59:27.479 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4710MQ CPU @ 2.50GHz Percentage of memory in use: 36% Total physical RAM: 16309.31 MB Available physical RAM: 10341.23 MB Total Virtual: 22309.31 MB Available Virtual: 16307.85 MB ==================== Drives ================================ Drive c: (WINDOWS) (Fixed) (Total:474.82 GB) (Free:54.53 GB) NTFS Drive d: () (Removable) (Total:14.83 GB) (Free:5.51 GB) FAT32 \\?\Volume{e1ab9437-ee59-4f0d-8d0e-a1d171ff7ca7}\ (System) (Fixed) (Total:1 GB) (Free:0.65 GB) NTFS \\?\Volume{87fbe76a-ba21-4281-ba10-52caae83d74b}\ () (Fixed) (Total:0.9 GB) (Free:0.43 GB) NTFS \\?\Volume{f6232360-9ace-4459-a112-4e3e75bacf0c}\ () (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32 ==================== MBR & Partition Table ================== ==================== End of Addition.txt ============================