Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-07-2019 01 Ran by owner (31-07-2019 13:03:53) Running from C:\Users\owner\Desktop Windows 10 Pro Version 1903 18362.267 (X64) (2019-04-09 13:10:15) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1112066077-4254746724-1257480092-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1112066077-4254746724-1257480092-503 - Limited - Disabled) Guest (S-1-5-21-1112066077-4254746724-1257480092-501 - Limited - Disabled) owner (S-1-5-21-1112066077-4254746724-1257480092-1001 - Administrator - Enabled) => C:\Users\owner WDAGUtilityAccount (S-1-5-21-1112066077-4254746724-1257480092-504 - Limited - Disabled) ___VMware_Conv_SA___ (S-1-5-21-1112066077-4254746724-1257480092-1023 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) . . (HKLM\...\{569F29BA-2D46-439B-8B7C-01D999B9201D}) (Version: 7.1 - Intel) Hidden 3DYD Youtube Source (remove only) (HKLM-x32\...\3DYD Youtube Source) (Version: - ) 3RVX (HKLM-x32\...\{400A8514-5440-410A-B318-44061BD7EE8E}) (Version: 2.9.2.0 - Matthew Malensek) 7+ Taskbar Tweaker v5.7.0.3 (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\7 Taskbar Tweaker) (Version: 5.7.0.3 - RaMMicHaeL) Ableton Live 10 Suite (HKLM\...\{BF5B0440-80C4-4F3B-B0FD-AB43B2CC106D}) (Version: 10.0.0.0 - Ableton) AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky) Actual Transparent Window 8.13.2 (HKLM-x32\...\Actual Transparent Windows_is1) (Version: 8.13.2 - Actual Tools) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated) Adobe After Effects 2019 (HKLM-x32\...\AEFT_16_1_2) (Version: 16.1.2 - Adobe Systems Incorporated) Adobe Audition 2019 (HKLM-x32\...\AUDT_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated) Adobe Bridge 2019 (HKLM-x32\...\KBRG_9_1) (Version: 9.1 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.9.0.504 - Adobe Systems Incorporated) Adobe Dreamweaver 2019 (HKLM-x32\...\DRWV_19_2) (Version: 19.2 - Adobe Systems Incorporated) Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe) Adobe Illustrator 2019 (HKLM-x32\...\ILST_23_0_5) (Version: 23.0.5 - Adobe Systems Incorporated) Adobe InDesign 2019 (HKLM-x32\...\IDSN_14_0_2) (Version: 14.0.2 - Adobe Systems Incorporated) Adobe Lightroom Classic (HKLM-x32\...\LTRM_8_3_1) (Version: 8.3.1 - Adobe Systems Incorporated) Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_2_1) (Version: 8.2.1 - Adobe Systems Incorporated) Adobe Media Encoder 2019 (HKLM-x32\...\AME_13_1_3) (Version: 13.1.3 - Adobe Systems Incorporated) Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_5) (Version: 20.0.5 - Adobe Systems Incorporated) Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_4) (Version: 13.1.4 - Adobe Systems Incorporated) Advanced Date Time Calculator 9.1 (HKLM-x32\...\Advanced Date Time Calculator_is1) (Version: - TriSun Software Limited) AHD Subtitles Maker Pro version 5.21.23 (HKLM-x32\...\{CA69934C-EACB-4B41-A5F6-7F2A2873987E}_is1) (Version: 5.21.23 - AHD, Inc.) AIDA64 Engineer v6.00 (HKLM-x32\...\AIDA64 Engineer_is1) (Version: 6.00 - FinalWire Ltd.) ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.100.303.238 - ALPS ELECTRIC CO., LTD.) Alternate FontSizer 1.190 (HKLM-x32\...\Alternate FontSizer_is1) (Version: - Alternate Tools) Amazing Slow Downer (remove only) (HKLM-x32\...\Amazing Slow Downer) (Version: - ) Amazon Kindle (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon) AniView version 1.5 (HKLM-x32\...\{A85F328E-E719-4747-B5E5-D91912911521}_is1) (Version: 1.5 - CodeDead) Anki (HKLM-x32\...\Anki) (Version: - ) AnmanieSMP 2.4 i (HKLM-x32\...\AnmanieSMP_is1) (Version: - Christoph Walter) Ant Renamer (HKLM-x32\...\Ant Renamer 2_is1) (Version: 2.12.0 - Ant Software) AOMEI Backupper Technician (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.) AOMEI Partition Assistant Demo Edition 8.3 (HKLM-x32\...\{04F850ED-FD0F-4ED1-AE1B-4498165BF3D2}_is1) (Version: - AOMEI Technology Co., Ltd.) Arasan 21.3 (HKLM-x32\...\Arasan_is1) (Version: - ) Argente Utilities (HKLM\...\AUtilities) (Version: 3.1.1.4 - Raúl Argente) Arturia Analog Lab 3 (HKLM\...\Analog Lab 3_is1) (Version: 3.2.1.1819 - Arturia & Team V.R) Arturia B-3 V (HKLM\...\B-3 V_is1) (Version: 1.3.1.1782 - Arturia & Team V.R) Arturia Buchla Easel V (HKLM\...\Buchla Easel V_is1) (Version: 1.2.1.1782 - Arturia & Team V.R) Arturia Clavinet V (HKLM\...\Clavinet V_is1) (Version: 1.2.1.1782 - Arturia & Team V.R) Arturia CS-80 V3 (HKLM\...\CS-80 V3_is1) (Version: 3.3.1.1785 - Arturia & Team V.R) Arturia DX7 V (HKLM\...\DX7 V_is1) (Version: 1.2.1.1797 - Arturia & Team V.R) Arturia Farfisa V (HKLM\...\Farfisa V_is1) (Version: 1.3.1.1782 - Arturia & Team V.R) Arturia Jup-8 V3 (HKLM\...\Jup-8 V3_is1) (Version: 3.3.1.1782 - Arturia & Team V.R) Arturia Matrix-12 V2 (HKLM\...\Matrix-12 V2_is1) (Version: 2.3.1.1784 - Arturia & Team V.R) Arturia Stage-73 V (HKLM\...\Stage-73 V_is1) (Version: 1.3.1.1782 - Arturia & Team V.R) Arturia VOX Continental V2 (HKLM\...\VOX Continental V2_is1) (Version: 2.3.1.1782 - Arturia & Team V.R) Arturia Wurli V2 (HKLM\...\Wurli V2_is1) (Version: 2.3.1.1782 - Arturia & Team V.R) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach) Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team) AudioRetoucher 4.9.0.0 (HKLM-x32\...\AudioRetoucher_is1) (Version: 4.9.0.0 - AbyssMedia.com) Aurora HDR 2019 64 Bit version 1.0.0.2549 (HKLM-x32\...\Aurora HDR 2019 64 Bit_is1) (Version: 1.0.0.2549 - ) Auto Dark Mode (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\{470BC918-3740-4A97-9797-8570A7961130}_is1) (Version: 2.2.0 - Armin Osaj) AutoHotkey 1.1.30.03 (HKLM\...\AutoHotkey) (Version: 1.1.30.03 - Lexikos) AutoIt v3.3.14.5 (HKLM-x32\...\AutoItv3) (Version: 3.3.14.5 - AutoIt Team) AutoSizer (HKLM-x32\...\AutoSizer) (Version: - ) Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version: - ) BetterDesktopTool version 1.94 (HKLM-x32\...\{D51FADF8-48F9-4234-8BB5-9D99A973AC65}_is1) (Version: 1.94 - Florian Schwarz) Birdfont (HKLM-x32\...\Birdfont) (Version: - ) Bluetooth(R) Link (HKLM\...\{3F3DCC8C-2C93-4082-A6DE-BBDC74804FA0}) (Version: 4.3.03 - Toshiba Corporation) Browser Password Decryptor (HKLM-x32\...\{859E76A9-E0D9-48FA-A0F8-D23FF81A14FF}) (Version: 11.0 - SecurityXploded) Hidden BWMeter (HKLM-x32\...\BWMeter) (Version: 8.1.2 - DeskSoft) Camtasia 9 (HKLM\...\{9A1BFE8E-398E-497D-B3BE-C1D8688010FC}) (Version: 9.1.1.2546 - TechSmith Corporation) Hidden ChessX version 1.5.0 (HKLM\...\{C986B3E1-D922-4A9F-BF0B-71144C51438A}}_is1) (Version: 1.5.0 - chessx.sourceforge.net) Classic Sticky Notes (HKLM\...\Classic Sticky Notes_is1) (Version: 1.0 - Winaero) CMEDIA USB2.0 Audio Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392016500}) (Version: 1.00.0003 - C-Media Electronics, Inc.) Complete Internet Repair 5.2.3.4010 (HKLM\...\Complete Internet Repair_is1) (Version: 5.2.3.4010 - Rizonesoft) Corel Graphics - Windows Shell Extension (HKLM\...\_{DBC45C03-B465-4558-A285-94A4A012C165}) (Version: 20.1.0.707 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM\...\{DBC45C03-B465-4558-A285-94A4A012C165}) (Version: 20.1.707 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{0FB65DCF-4B05-473F-83FC-DD3B77AC4AF2}) (Version: 20.1.707 - Corel Corporation) Hidden Corel PaintShop Pro 2019 (HKLM-x32\...\_{90B0B84D-5C50-4EED-89E3-59791663B7E5}) (Version: 21.1.0.22 - Corel Corporation) Corel Update Manager (HKLM\...\{35F11FE8-08DD-4606-8C6B-1A18BDC083CF}) (Version: 2.9.386 - Corel corporation) Hidden Corel Update Manager (HKLM\...\{7A731C52-8DC6-47AB-B2BC-3FE70F6C6968}) (Version: 2.9.389 - Corel corporation) Hidden CorelDRAW Technical Suite 2018 - Capture (x64) (HKLM\...\{EE354AD3-2E8F-4CA0-AEE4-F0E235068EDF}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - Common (x64) (HKLM\...\{56385FDD-3902-4DEA-8CB8-9D612A025366}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - Common App (x64) (HKLM\...\{17EEAD48-C30F-4993-B614-0DED7A81B4BE}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - Connect (x64) (HKLM\...\{9721CDCE-974F-4709-8706-E3D18D0DE119}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - Core (x64) (HKLM\...\{E44BA258-BF13-4C6C-90A8-42ACE09C9A9B}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - Custom Data (x64) (HKLM\...\{90F758B4-FE0B-467F-AE79-E0AC533F298C}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - Designer (x64) (HKLM\...\{6172CC2F-607F-4068-8D90-54CED1D783A2}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - Draw (x64) (HKLM\...\{C523EA00-B5A4-4688-B366-4373E75DD0D9}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - Equation Editor (HKLM-x32\...\{4789E972-054D-47CB-8B0C-B8A5FD55A8A3}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - Filters (x64) (HKLM\...\{C9605C55-9F4A-4699-8036-E559AD55816A}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - Font Manager (x64) (HKLM\...\{8E926A2A-09AF-470A-A69A-8570B1C8AE73}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - FR (x64) (HKLM\...\{5B747B84-FE40-4D21-9FCC-41C105B15AB8}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - IPM Content (x64) (HKLM\...\{28F7BDA8-753F-4883-B33E-7F55CD2F205A}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - IPM Lattice (x64) (HKLM\...\{9FCAC56A-02F3-4168-A69B-558122709944}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - IPM T (x64) (HKLM\...\{8A32BFC5-161A-4839-A9D5-242E7A32E7E9}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - PHOTO-PAINT (x64) (HKLM\...\{9DC98380-1FCB-4978-B9D3-AC429542CCA2}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - Redist (x64) (HKLM\...\{B1C4464C-EEBF-468B-8F80-BFF282F14C13}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - Setup Files (x64) (HKLM\...\{596F06D3-6891-44FB-A1B9-2378DE27E3CA}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - VBA (x64) (HKLM\...\{3E3A090C-DF18-4028-B55C-24A9E078761B}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - Workspaces (x64) (HKLM\...\{66F9325B-B80A-4E90-825D-C76071DBD36E}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 - Writing Tools (x64) (HKLM\...\{EC95BAD3-FF40-47FF-B71F-4F9BE6DBE89E}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Technical Suite 2018 (64-Bit) (HKLM\...\_{596F06D3-6891-44FB-A1B9-2378DE27E3CA}) (Version: 20.1.0.707 - Corel Corporation) Crayon Physics Deluxe version 55 (HKLM-x32\...\{4CA1E8E2-B2A9-40C1-8EC4-BBCB23BAAA19}_is1) (Version: 55 - Kloonigames, Ltd) Crescendo Music Notation Editor (HKLM-x32\...\Crescendo) (Version: 3.05 - NCH Software) Cursor Commander (HKLM-x32\...\Cursor Commander) (Version: 1.0 - Winaero.com) CyberLink PowerDVD 19 (HKLM-x32\...\{729D20C8-FC13-4BE9-B0BB-E86F76600647}) (Version: 19.0.1912.62 - CyberLink Corp.) CyberLink Screen Recorder 4 (HKLM-x32\...\{6819D136-7F3F-4A0D-96C1-368BE830BFDA}) (Version: 4.0.0.6288 - CyberLink Corp.) Data Lifeguard Diagnostic version 1.36 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation) DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version: - ) Deezer 4.12.2 (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\67490f87-0893-5593-ae76-b1e5d0acd13f) (Version: 4.12.2 - Deezer) DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version: - ) DiskFresh 1.1 (HKLM\...\DiskFresh_is1) (Version: - Puran Software) DiskMark 1.0.0.8 (HKLM\...\DiskMark_is1) (Version: 1.0.0.8 - NetworkDLS) Door Control version 4.8 (HKLM-x32\...\{341CFE70-1D51-4898-9779-76DEBEA64EBC}_is1) (Version: 4.8 - Digola) Êâåòêà 4.1.1 (HKLM-x32\...\Êâåòêà_is1) (Version: - Áîäÿãèí Äìèòðèé) EaseUS Partition Master 13.5 (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS) eBook Converter Bundle version 3.17 (HKLM-x32\...\{74173236-3507-49A7-A0FC-1BDABF0A9338}_is1) (Version: 3.17 - eBook Converter Team) Edraw Max 9.3 (HKLM-x32\...\Edraw Max_is1) (Version: - EdrawSoft) EDS Windows10 Tuner version 1.0.3.5 (HKLM-x32\...\EDS Windows10 Tuner_is1) (Version: 1.0.3.5 - EveryDaySoft) eM Client (HKLM-x32\...\{B8EB4804-A928-4169-9CAB-61B7A5AF8806}) (Version: 7.2.36164.0 - eM Client Inc.) Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2.1 - ) ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 12.2.23.0 - ESET, spol. s r.o.) Exact Audio Copy 1.3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.3 - Andre Wiethoff) ExamDiff Pro 10.0 (10.0.1.14, 64-bit) (HKLM\...\ExamDiff Pro 10.0_is1) (Version: 10.0.1.14 - PrestoSoft LLC) ExeIcon (remove only) (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\ExeIcon) (Version: - ) ffdshow v1.3.4533 [2014-09-29] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4533.0 - ) FileMarker.NET Pro (GAOTD Edition) (HKLM\...\{A5A0E0B5-578C-43CE-B201-1C01A0388DA9}_is1) (Version: 1.0 - ArcticLine Software) FileMenu Tools 7.6.2 (HKLM\...\FileMenuTools_is1) (Version: 7.6.2 - LopeSoft) Find.Same.Images.OK (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Find.Same.Images.OK) (Version: - ) Folder Size Explorer (HKLM-x32\...\{CD453A88-D560-47A2-9D4D-414134F5A73D}) (Version: 2.0.0 - Bazwise) FolderIco 5.1 (HKLM\...\{22C37D82-6137-40BF-8625-7A846ED65F3A}_is1) (Version: - teorex) FontBase 2.8.3 (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\ffc1e284-e25b-515d-b453-93eb9fe955eb) (Version: 2.8.3 - Dominik Levitsky Studio) foobar2000 v1.5 beta 7 (HKLM-x32\...\foobar2000) (Version: 1.5 beta 7 - Peter Pawlowski) Free Video Cutter version 1.2.1 (HKLM-x32\...\{B089C7D5-C978-4DB0-AFDE-471A42759CB0}_is1) (Version: 1.2.1 - Free Studio) Futuremark SystemInfo (HKLM-x32\...\{58CCB74E-6E9A-4649-A49D-B4D0A7DF65A5}) (Version: 5.12.686.0 - Futuremark) Geekbench 4 (HKLM-x32\...\Geekbench 4) (Version: - Primate Labs Inc.) GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.33.000 - Runtime Software) GetDataBack Pro version 5.50 (HKLM\...\GetDataBack Pro Install_is1) (Version: 5.50 - Runtime Software, LLC) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden GPU Caps Viewer 1.42.2.0 (HKLM-x32\...\{F6E04BE8-2FA4-44C4-9BD3-142CE3EB15B4}_is1) (Version: - Geeks3D.com) Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot) HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - ) HandBrake Nightly (HKLM-x32\...\HandBrake Nightly) (Version: Nightly - ) HashTab 6.0.0.34 (HKLM\...\HashTab) (Version: 6.0.0.34 - Implbits Software) Hekasoft Backup & Restore 0.81 (HKLM\...\{PBR27112011-M1447-7KS6-C3E2-1X8374W715U4}_is1) (Version: 0.81 - Hekasoft) High-Logic FontCreator 11.5 (HKLM\...\FontCreator11-x64_is1) (Version: - High-Logic B.V.) ICA (HKLM-x32\...\{90B0B84D-5C50-4EED-89E3-59791663B7E5}) (Version: 21.1.0.22 - Corel Corporation) Hidden Icaros 3.1.0 (HKLM\...\Icaros_is1) (Version: 3.1.0.0 - Tabibito Technology) ImDisk Toolkit (HKLM\...\ImDiskApp) (Version: 20190629 - ) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Inkscape 0.92.3 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.92.3.0 - Inkscape project) Intel Processor Diagnostic Tool 64bit (HKLM-x32\...\{33c2aa5e-03d0-46ea-bc0b-a3311366796b}) (Version: 4.1.1.33 - ) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Intel(R) Network Connections 24.0.0.11 (HKLM\...\PROSetDX) (Version: 24.0.0.11 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.10.0.1016 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.139.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{fd62de85-bda9-4280-a95b-fa2f86e0dc58}) (Version: 1.48.139.0 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001010-0210-1036-84C8-B8D95FA3C8C3}) (Version: 21.10.1.1 - Intel Corporation) Intel® Processor Identification Utility (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Utilitaire d'identification du processeur Intel® 6.0.0211) (Version: 6.0.0211 - Intel Corporation) Intel-SA-00075 Detection and Mitigation Tool 1.0.3.215 (HKLM-x32\...\{3C31C05F-0788-400F-A21E-8EC3B52214F2}) (Version: 1.0.3.215 - Intel Corporation) Internet Download Manager 6.32.6 (HKLM-x32\...\Internet Download Manager_is1) (Version: 6.32.6 - ) InternetOff 3.0, 32\64 bit edition (HKLM-x32\...\InternetOff_is1) (Version: - Crystal Rich, Ltd) IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1.2.1 - IObit) IPM_PSP_COM64 (HKLM\...\{1BB2EFF4-F69B-4637-9885-758CD0C2009D}) (Version: 21.1.0.22 - Corel Corporation) Hidden IrfanView 4.53 (64-bit) (HKLM\...\IrfanView64) (Version: 4.53 - Irfan Skiljan) KC Softwares BATExpert (HKLM-x32\...\KC Softwares BATExpert_is1) (Version: 1.13.0.19 - KC Softwares) KC Softwares PortExpert (HKLM-x32\...\KC Softwares PortExpert_is1) (Version: 1.7.6.16 - KC Softwares) KC Softwares RAMExpert (HKLM-x32\...\KC Softwares RAMExpert_is1) (Version: 1.10.4.27 - KC Softwares) Kolor Autopano Giga 4.4 (HKLM\...\AutopanoGiga4.4) (Version: V4.4.2 - Kolor) Kyodai Mahjongg 2006 v1.42 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version: - Rene-Gilles Deberdt) LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes) Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.9.2.5 - Hermann Schinagl) Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation) Logitech Options (HKLM\...\LogiOptions) (Version: 7.14.70 - Logitech) LRTimelapse 5.2.1 (HKLM\...\{25499041-D76C-4010-95CD-02374529C59B}}_is1) (Version: 5.2.1 - Gunther Wegner) Macrium Reflect Workstation Edition (HKLM\...\{FBA454FD-D298-4BED-B1DF-4625B9E4E6AC}) (Version: 7.2.4325 - Paramount Software (UK) Ltd.) Hidden Macrium Reflect Workstation Edition (HKLM\...\MacriumReflect) (Version: 7.2 - Paramount Software (UK) Ltd.) MacType (HKLM\...\{E68951B7-9D7A-4727-9203-34909E3358D1}) (Version: 1.17.0628 - FlyingSnow) Hidden MacType (HKLM\...\MacType 1.17.0628) (Version: 1.17.0628 - FlyingSnow) MadVR (remove only) (HKLM-x32\...\MadVR) (Version: - ) Magic Bullet Suite v13.0.6 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.6 - Red Giant, LLC) MakeMKV v1.14.4 (HKLM-x32\...\MakeMKV) (Version: v1.14.4 - GuinpinSoft inc) Malwarebytes Windows Firewall Control (HKLM\...\Windows Firewall Control) (Version: 6.0.2.0 - BiniSoft.org) MediaInfo 19.04 (HKLM\...\MediaInfo) (Version: 19.04 - MediaArea.net) Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software) Mem Reduct (HKLM\...\memreduct) (Version: 3.3.5 - Henry++) MemInfo (remove only) (HKLM-x32\...\MemInfo) (Version: - ) Microsoft Office Professional Plus 2019 - ja-jp (HKLM\...\Proplus2019Retail - ja-jp) (Version: 16.0.11901.20176 - Microsoft Corporation) Microsoft Office Professionnel Plus 2019 - fr-fr (HKLM\...\Proplus2019Retail - fr-fr) (Version: 16.0.11901.20176 - Microsoft Corporation) Microsoft Office 專業增強版 2019 - zh-tw (HKLM\...\Proplus2019Retail - zh-tw) (Version: 16.0.11901.20176 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{C18B132E-4032-4425-826A-24B1CA9DFF0C}) (Version: 11.4.7001.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{7ED2561C-FBC2-421E-A2B5-C7BEFD623145}) (Version: 11.4.7001.0 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{CECCBAE9-1880-411E-9D28-8E562F6DAAE2}) (Version: 11.4.7001.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{9B3F0A88-790D-3AD9-9F96-B19CF2746452}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт) Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27029 (HKLM-x32\...\{64ff2cb0-807c-4ee9-87ef-ec1b2ede0daf}) (Version: 14.16.27029.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation) MKVToolNix 35.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 35.0.0 - Moritz Bunkus) MonitorTest V3.2 (HKLM\...\MonitorTest_is1) (Version: 3.2 - PassMark Software) Moo0 Menu Transparent 1.22 (HKLM-x32\...\Moo0 TransparentMenu) (Version: - ) Mozilla Firefox 69.0 (x64 fr) (HKLM\...\Mozilla Firefox 69.0 (x64 fr)) (Version: 69.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla) MPC Audio Filters (remove only) (HKLM-x32\...\MPC Audio Filters) (Version: - ) MusicExtractor (HKLM-x32\...\MusicExtractor_is1) (Version: 3.1 - Abelssoft) MyPc version 9.5.0.6 (HKLM-x32\...\MyPc_is1) (Version: 9.5.0.6 - ) NetLimiter 4 (HKLM\...\{D8EB2152-FF07-4BA1-8361-0A64CBCFA58F}) (Version: 4.0.50.0 - Locktime Software) Hidden NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.50.0) (Version: 4.0.50.0 - Locktime Software) NetWorx 6.2.4 (HKLM\...\NetWorx_is1) (Version: - SoftPerfect Pty Ltd) NewFolderEx (remove only) (HKLM-x32\...\NewFolderEx) (Version: - ) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) Nmap 7.70 (HKLM-x32\...\Nmap) (Version: 7.70 - Nmap Project) NordVPN (HKLM-x32\...\{7FA7F74B-7FD0-440F-ADA6-5EC283A63F2B}) (Version: 6.23.8 - NordVPN) Hidden NordVPN (HKLM-x32\...\NordVPN 6.23.8) (Version: 6.23.8 - NordVPN) NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN) Npcap 0.995 (HKLM-x32\...\NpcapInst) (Version: 0.995 - Nmap Project) OEM Registration Program (HKLM-x32\...\{B69F4E72-CCA4-4352-BF1C-708CE3D96E25}) (Version: 1.1.0 - Toshiba Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0404-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0411-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden Old Calculator for Windows 10 (HKLM-x32\...\OldCalcForWin10) (Version: 1.1 - hxxp://winaero.com) Old Task Manager for Windows 10 (HKLM-x32\...\Old Task Manager for Windows 10) (Version: 1.0 - hxxp://winaero.com) ON1 Photo RAW 2019 (HKLM\...\ON1 Photo RAW 2019 PE) (Version: 13.5.0.7007 - ON1) Open-Shell (HKLM\...\{ADEC5FFD-705C-4CCB-878D-0B3ABB304432}) (Version: 4.4.138 - The Open-Shell Team) Opera Stable 62.0.3331.99 (HKLM-x32\...\Opera 62.0.3331.99) (Version: 62.0.3331.99 - Opera Software) Package de pilotes Windows - Intel (Netwtw06) net (07/04/2018 20.70.0.100) (HKLM\...\DEC7B59D64D2D271008FA319A0196BD3752E33CD) (Version: 07/04/2018 20.70.0.100 - Intel) PanoramaStudio 3.3 Pro ((désinstaller)) (HKLM\...\PanoramaStudio3Pro) (Version: - ) PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev) PC8DeviceAgent 3.0.245 (HKLM\...\PC8DeviceAgent) (Version: 3.0.245 - SRM, Inc.) PCあんしん点検ユーティリティ (HKLM-x32\...\{D9CD7DB3-E2BE-4BC6-85A6-EF9235C0B096}) (Version: 2.00.01.02 - Toshiba Corporation) PDF Annotator 7.1.0.719 (HKLM-x32\...\PDFAnnotator_is1) (Version: 7.1.0.719 - GRAHL software design) Photo Mechanic (HKLM\...\{F75C479A-55E9-49F4-8290-CD59D4ECD78E}) (Version: 6.0.3437 - Camera Bits, Inc.) photoFXlab (HKLM-x32\...\photoFXlab) (Version: 1.2.11 - Topaz Labs) PopChar 8.3 (HKLM\...\ergonis PopChar_is1) (Version: 8.3 - Ergonis Software) PreSonus Studio One 4 (HKLM\...\Studio One 4_is1) (Version: 4.1.1 - PreSonus) Prey Anti-Theft (HKLM-x32\...\{4D91189D-F5FD-45A9-B63E-58291ADA338B}) (Version: 1.6.5 - Prey, Inc.) Hidden Process Network Monitor (HKLM-x32\...\{16C2C93F-A7EF-4950-B89F-E5E5F020118A}) (Version: 6.0 - SecurityXploded) Hidden Process Network Monitor (HKLM-x32\...\Process Network Monitor 6.0) (Version: 6.0 - SecurityXploded) Progress Telerik Fiddler (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Fiddler2) (Version: 5.0.20182.28034 - Telerik) ProtonMail Bridge (HKLM\...\{F2563AAA-4EBC-421A-BB3F-37249869E619}) (Version: 1.1.5 - Proton Technologies AG) Hidden ProtonMail Bridge (HKLM\...\ProtonMail Bridge 1.1.5) (Version: 1.1.5 - Proton Technologies AG) PSPPContent (HKLM-x32\...\{616D4070-129A-48B3-85A1-25E0FDFBAB38}) (Version: 21.1.0.22 - Corel Corporation) Hidden PSPPHelp (HKLM-x32\...\{5FF01DFE-2B62-4568-BB54-06F79CB82B22}) (Version: 21.1.0.22 - Corel Corporation) Hidden PSPPro64 (HKLM\...\{01CC6252-25FC-4A2D-9FBD-68E20C8C44B8}) (Version: 21.1.0.22 - Corel Corporation) Hidden PTGui Pro Trial 11.13 (HKLM-x32\...\PTGui) (Version: - New House Internet Services B.V.) Python 3.7.2 (64-bit) (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\{c0f1e976-f585-48f8-968d-48c870496d4e}) (Version: 3.7.2150.0 - Python Software Foundation) Python 3.7.2 Core Interpreter (64-bit) (HKLM\...\{8BDA6D6E-234F-4DD8-A7CA-6DB55F6B609E}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Development Libraries (64-bit) (HKLM\...\{D2CC67CD-ED4E-40BC-94FD-3EA65A6824D6}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Documentation (64-bit) (HKLM\...\{1A91F9E1-13CE-4D8B-9257-61376EC9ED92}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Executables (64-bit) (HKLM\...\{24260BC9-6F83-4F8F-96AE-6D654621DDF7}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 pip Bootstrap (64-bit) (HKLM\...\{E33F2815-DA54-4554-87A2-FD25EAB1A963}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Standard Library (64-bit) (HKLM\...\{BE46C9B8-DD8E-4835-B686-644EA6415FEE}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Tcl/Tk Support (64-bit) (HKLM\...\{1ED81958-CE51-4748-ABFA-583227794FDB}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Test Suite (64-bit) (HKLM\...\{C1CA4559-3153-4EF9-8B74-CC804965E441}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Utility Scripts (64-bit) (HKLM\...\{259C5D04-A6E0-47F3-AB23-91F2E9828466}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{FA2A3867-8965-4CF7-83E2-C8960652F5AD}) (Version: 3.7.6565.0 - Python Software Foundation) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.3 r3298 - Rainmeter) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21302 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8757.1 - Realtek Semiconductor Corp.) Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.11.2 - Red Giant, LLC) Resource Hacker Version 5.1.7 (HKLM-x32\...\ResourceHacker_is1) (Version: - ) RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games) Runtime VS2005 SP1 All 6195 (HKLM-x32\...\{ED5CB552-FD01-4B3A-985B-13EA1F423294}) (Version: 0 - Lattice Technology Co.,Ltd.) Hidden Runtime VS2005 SP1 CRT 6195 (HKLM-x32\...\{99EEF5D1-7A88-4C5C-942D-420530EC1F64}) (Version: 0 - Lattice Technology Co.,Ltd.) Hidden Runtime VS2005 SP1 MFC 6195 (HKLM-x32\...\{10290838-B697-4C48-84CD-45580DE5A340}) (Version: 0 - Lattice Technology Co.,Ltd.) Hidden Runtime VS2005 SP1 x64 All 6195 (HKLM-x32\...\{47C75B36-072C-47BD-8102-2869A8280240}) (Version: 0 - Lattice Technology Co.,Ltd.) Hidden Runtime VS2005 SP1 x64 CRT 762 (HKLM-x32\...\{079B3BA4-C6E1-4319-84D9-FCDF797B5839}) (Version: 0 - Lattice Technology Co.,Ltd.) Hidden Runtime VS2005 SP1 x64 OpenMP 762 (HKLM-x32\...\{191C4427-D9DB-440E-B8BF-7C5E98491D6E}) (Version: 0 - Lattice Technology Co.,Ltd.) Hidden Runtime VS2008 x64 CRT 1 (HKLM-x32\...\{764A4DB0-A68F-4A74-9E22-457EB17E24C9}) (Version: 0 - Lattice Technology Co.,Ltd.) Hidden Runtime_MSI_VS2005_SP1_CRT_6195 (HKLM-x32\...\{B41D0762-E061-4C9F-A3AD-E690FD97D9DD}) (Version: 1.00.0000 - Your Company Name) Hidden Runtime_MSI_VS2005_SP1_MFC_6195 (HKLM-x32\...\{6D5062E2-8F4E-45FE-8A68-26BC703372DB}) (Version: 1.00.0000 - Your Company Name) Hidden Runtime_MSI_VS2005_SP1_MFCLOC_6195 (HKLM-x32\...\{ACD2155B-DC08-4084-8D15-AAFF1CCB2423}) (Version: 1.00.0000 - Lattice Technology) Hidden Runtime_MSI_VS2005_SP1_x64_CRT_6195 (HKLM\...\{66B0AFAB-D47B-4913-B3E7-3356DA178A47}) (Version: 1.00.0000 - Your Company Name) Hidden Runtime_MSI_VS2005_SP1_x64_MFC_6195 (HKLM\...\{A54EA700-ED46-4A0A-890A-2310246FC238}) (Version: 1.00.0000 - Your Company Name) Hidden Runtime_MSI_VS2005_SP1_x64_MFCLOC_6195 (HKLM\...\{22B01A84-AFA6-48A9-A921-7053295FE9D2}) (Version: 1.00.0000 - Lattice Technology) Hidden Scrabble solutions (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Scrabble solutions) (Version: - ) scrabbleproB 1.1.7 (HKLM-x32\...\scrabbleproB_is1) (Version: - scrabblepro) SearchWithMyBrowser version 1.1.2 (HKLM\...\SearchWithMyBrowser_is1) (Version: 1.1.2 - Charles Milette) SecurityXploded Browser Password Decryptor 11.0 (HKLM-x32\...\Browser Password Decryptor 11.0) (Version: 11.0 - SecurityXploded) ServiceCommander Version 4 (HKLM-x32\...\ServiceCommander_is1) (Version: 4.0 - Core Technologies Consulting, LLC) Setup (HKLM-x32\...\{099E900F-5CFF-4BB4-816C-D6BFE3044341}) (Version: 21.1.0.22 - Nom de votre société) Hidden Simple Sticky Notes 4.6 (HKLM-x32\...\Simple Sticky Notes_is1) (Version: - Simnet Ltd.) SIW Enterprise Edition (HKLM\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2019.01.15 - Topala Software Solutions) Soldats Inconnus Mémoires de la Grande Guerre 1.0.140373 (HKLM-x32\...\Soldats Inconnus Mémoires de la Grande Guerre 1.0.140373) (Version: 1.0.140373 - Huyustus) SOUND FORGE Pro 13.0 (x64) (HKLM\...\{4E5DD0F0-AE62-11E9-AAFB-50E549394757}) (Version: 13.0.100 - MAGIX) SRMX version 3.2.606 (HKLM-x32\...\{64BEE57A-50EA-46AE-939C-898BA1A0D22F}_is1) (Version: 3.2.606 - SRM GmbH) Startup Delayer v3.0 (build 366) (HKLM-x32\...\Startup Delayer) (Version: 3.0 (build 366) - r2 Studios) SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.2.11105 - Krzysztof Kowalczyk) SuperCopier2 (HKLM-x32\...\SuperCopier2) (Version: - ) SyncBackPro x64 (HKLM-x32\...\SyncBackPro64_is1_is1) (Version: 9.0.8.15 - 2BrightSparks) TAP-NordVPN 9.21.2 (HKLM\...\TAP-NordVPN) (Version: 9.21.2 - NordVPN.com) Text Editor Pro version 6.2.0 (HKLM-x32\...\{FC8AD371-A765-4E22-B25F-D5914D7193F1}}_is1) (Version: 6.2.0 - Lasse Markus Rautiainen) Textify v1.6.2 (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Textify) (Version: 1.6.2 - RaMMicHaeL) The Bat! v8.8.9 (64-bit) (HKLM\...\{7991C446-93E5-4CC5-978B-89706A8FB667}) (Version: 8.8.9 - Ritlabs, SRL) Topaz A.I. GigaPixel (HKLM\...\{67112AFB-D053-4F3E-815D-49DE57CF30E6}) (Version: 1.0.1 - Topaz Labs) Hidden Topaz A.I. GigaPixel (HKLM\...\Topaz A.I. GigaPixel 1.0.1) (Version: 1.0.1 - Topaz Labs) Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.2.0 - Topaz Labs, LLC) Topaz B&W Effects (HKLM-x32\...\Topaz BW Effects 2) (Version: 2.1.0 - Topaz Labs, LLC) Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.1.0 - Topaz Labs, LLC) Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.2.0 - Topaz Labs, LLC) Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.1.0 - Topaz Labs, LLC) Topaz DeNoise 6 (HKLM-x32\...\Topaz DeNoise 6) (Version: 6.0.1 - Topaz Labs, LLC) Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.3.0 - Topaz Labs, LLC) Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC) Topaz Glow 2 (HKLM\...\Topaz Glow 2) (Version: 2.0.0 - Topaz Labs, LLC) Topaz Impression 2 (HKLM-x32\...\Topaz Impression 2) (Version: 2.0.4 - Topaz Labs, LLC) Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.1.0 - Topaz Labs, LLC) Topaz JPEG to RAW AI (HKLM\...\Topaz JPEG to RAW AI 2.1.1) (Version: 2.1.1 - Topaz Labs) Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.3.0 - Topaz Labs, LLC) Topaz ReMask 5 (HKLM-x32\...\Topaz ReMask 5) (Version: 5.0.1 - Topaz Labs, LLC) Topaz ReStyle (HKLM-x32\...\Topaz ReStyle) (Version: 1.1.0 - Topaz Labs, LLC) Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.2.0 - Topaz Labs, LLC) Topaz Star Effects (HKLM-x32\...\Topaz Star Effects) (Version: 1.2.0 - Topaz Labs, LLC) TOSHIBA Blu-ray Disc Player (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 3.0.0.23 - Toshiba Client Solutions Co., Ltd.) TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.08.6402 - Toshiba Corporation) TOSHIBA eco Utility (HKLM\...\{72EFCFA8-3923-451D-AF52-7CE9D87BC2A1}) (Version: 3.1.4.6401 - Toshiba Client Solutions Co., Ltd.) TOSHIBA Écran Effet miroir pour Smartphone / tablette (HKLM-x32\...\InstallShield_{0DF27A1C-8379-4F1B-ADCE-820A2554D15B}) (Version: 1.1.15.4 - APUSONE Technology Inc.) TOSHIBA Function Key (HKLM\...\{ABB33FFD-6D6C-4670-9EF4-6181BB4D0DF2}) (Version: 1.1.17.6400 - Toshiba Client Solutions Co., Ltd.) TOSHIBA PalaDouga (HKLM-x32\...\{21CEB4A6-0FF1-444F-A0CC-6F648F74C7F6}) (Version: 2014.0301.0002 - Toshiba Corporation) TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 4.06.01.6401 - Toshiba Client Solutions Co., Ltd.) TOSHIBA Service Station (HKLM\...\{F9943B88-9ED0-4FD5-A9AC-D34B94D694DF}) (Version: 6.0.3.6402 - Toshiba Client Solutions Co., Ltd.) TOSHIBA Speech Synthesis (HKLM\...\{36B0B896-6CD8-4C5F-B7E1-2AC8E9588ACC}) (Version: 1.5.2.0 - Toshiba Corporation) TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0041 - Toshiba Corporation) TOSHIBA System Settings (HKLM\...\{B040D5C9-C9AA-430A-A44E-696656012E61}) (Version: 3.1.2.6401 - Toshiba Client Solutions Co., Ltd.) Total Recorder 8.6 VideoPro Edition (HKLM-x32\...\TotalRecorder) (Version: - ) TreeSize V7.1.1 (64 bit) (HKLM\...\TreeSize_is1) (Version: 7.1.1 - JAM Software) UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 3.5.0.0 - Manuel Hoefs (Zottel)) Utilitaire d'identification du processeur Intel® (HKLM-x32\...\{BA3CF118-924B-49D3-94FD-63F79DCC0EBB}) (Version: 6.0.0211 - Intel Corporation) Hidden Veeam Agent for Microsoft Windows (HKLM\...\{3A55C2EE-551A-4626-A211-22D400F5352E}) (Version: 3.0.1.1039 - Veeam Software Group GmbH) VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN) VMware vCenter Converter Standalone (HKLM-x32\...\{DA09FD63-5AE7-4bf6-8B86-0FCA4DEA8F8F}) (Version: 6.2.0.8466193 - VMware, Inc.) VMware Workstation (HKLM\...\{2B5DAA91-E0C9-4307-90B7-5688E910C894}) (Version: 15.1.0 - VMware, Inc.) Volume2 1.1.6 (HKLM-x32\...\Volume2) (Version: 1.1.6 - Alexandr Irza) Waterfox 56.2.11 (x64 en-US) (HKLM\...\Waterfox 56.2.11 (x64 en-US)) (Version: 56.2.11 - Waterfox Ltd) WhoCrashed 6.00 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.) Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 0.15.1.0 - Winaero) WinDirStat 1.1.2 (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\WinDirStat) (Version: - ) WindowManager (HKLM-x32\...\WindowManager) (Version: 7.0.3 - DeskSoft) Windows 10 Manager (HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Windows 10 Manager 3.1.2) (Version: 3.1.2 - Yamicsoft) Windows Explorer Tracker 2.0 (HKLM-x32\...\Windows Explorer Tracker_is1) (Version: - TriSun Software Inc.) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) WinSplit Revolution (v11.04) (HKLM-x32\...\WinSplit Revolution) (Version: 11.04 - Raphael Lencrerot) WinUAE 4.2.0 (HKLM-x32\...\{C02BF0C1-82EB-4BF6-995F-EF4B9816314E}) (Version: 4.2.0.0 - Arabuusimiehet) Wireshark 3.0.3 64-bit (HKLM-x32\...\Wireshark) (Version: 3.0.3 - The Wireshark developer community, hxxps://www.wireshark.org) Wise Folder Hider (HKLM-x32\...\Wise Folder Hider_is1) (Version: 4.2.7 - WiseCleaner.com, Inc.) XnConvert 1.80 (HKLM\...\XnConvert_is1) (Version: 1.80 - Gougelet Pierre-e) XnView Shell Extension 3.5.1 (64bits) (HKLM\...\XnView Shell Extension_is1) (Version: 3.5.1 - Gougelet Pierre-e) Zentimo PRO 2.1 (HKLM-x32\...\Zentimo PRO_is1) (Version: - Zentimo.com) Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version: 15 - Inmatrix LTD) Zoom Player French language (remove only) (HKLM-x32\...\ZoomPlayer_French) (Version: - ) Packages: ========= B.tv -> C:\Program Files\WindowsApps\BouyguesTelecom.B.tv_4.25.0.0_x64__zffmaw26y6va6 [2019-06-18] (Bouygues Telecom) Chinese English Dictionary -> C:\Program Files\WindowsApps\36082HeinHtat.ChineseEnglishDictionary_1.3.2.0_neutral__dsrmr79vyak8p [2018-11-28] (Hein Htat) Diagnostic Data Viewer -> C:\Program Files\WindowsApps\Microsoft.DiagnosticDataViewer_3.1904.1071.0_x64__8wekyb3d8bbwe [2019-05-02] (Microsoft Corporation) EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.4.0_x86__1sdd7yawvg6ne [2019-07-31] (File-New-Project) Hiragana Book -> C:\Program Files\WindowsApps\22644Beridaru.HiraganaBook_1.2.0.2_neutral__adja9b0p368hp [2019-04-09] (Beridaru) Ireland Radio -> C:\Program Files\WindowsApps\9656Futuristic.IrelandRadio_1.1.0.0_neutral__qn8ee0v676waw [2019-04-09] (Futuristic) Jamendo -> C:\Program Files\WindowsApps\Jamendo.Jamendo_1.4.0.20_neutral__w6ewnbhm5pzvr [2016-08-04] (Jamendo) Japanese Radio -> C:\Program Files\WindowsApps\9656Futuristic.JapaneseRadio_1.1.0.0_neutral__qn8ee0v676waw [2019-04-09] (Futuristic) Journaux Français! -> C:\Program Files\WindowsApps\15020BruceDulion.JournauxFranais_1.1.3.0_x64__f0xmam1ybj8kw [2019-01-09] (Bruce Dulion) [MS Ad] Kali Linux -> C:\Program Files\WindowsApps\KaliLinux.54290C8133FEE_1.1.9.0_x64__ey8k8hqnwqnmg [2019-05-17] (Kali Linux) Kanji Book -> C:\Program Files\WindowsApps\22644Beridaru.KanjiBook_1.1.1.20_neutral__adja9b0p368hp [2019-04-09] (Beridaru) Katakana Book -> C:\Program Files\WindowsApps\22644Beridaru.KatakanaBook_1.1.0.1_neutral__adja9b0p368hp [2019-04-09] (Beridaru) Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2016-06-12] (AMZN Mobile LLC) Learn Chinese for Beginners -> C:\Program Files\WindowsApps\18658Zeemish.LearnChineseforBeginners_1.0.0.2_neutral__krx3ymyjn7t6t [2019-06-20] (Zeemish) LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_5.18.2.0_x86__8ptj331gd3tyt [2019-07-31] (LINE Corporation) ma Livebox -> C:\Program Files\WindowsApps\OrangeFrance.MaLivebox_1.1.0.27_neutral__3nekra66ya1hy [2019-04-09] (Orange) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1804.2.0_x64__8wekyb3d8bbwe [2018-10-03] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1804.2.0_x86__8wekyb3d8bbwe [2018-10-03] (Microsoft Corporation) [MS Ad] Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.7.4300.0_x86__8wekyb3d8bbwe [2018-06-26] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-06-30] (Netflix, Inc.) QuickLook -> C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.6.5.0_neutral__egxr34yet59cg [2019-06-02] (Paddy Xu) Radios Francaises -> C:\Program Files\WindowsApps\TODAEMEDIA.RadiosFrancaises_1.4.0.0_x64__3dbn6fkmxyps2 [2016-06-12] (TODAE MEDIA) [MS Ad] Send to OneNote -> C:\Program Files\WindowsApps\Microsoft.SendtoOneNote_1.0.5.0_x86__8wekyb3d8bbwe [2019-04-09] (Microsoft Corporation) Skyscanner -> C:\Program Files\WindowsApps\MicrosoftStore.Skyscanner_1.5.0.0_neutral__erq66z2qet26j [2019-03-22] (Microsoft Store) SNCF -> C:\Program Files\WindowsApps\SNCF.SNCF_1.8.3.0_x64__tnfytfv6j4scp [2018-09-09] (SNCF) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0 [2019-07-26] (Spotify AB) Takoboto: Japanese Dictionary -> C:\Program Files\WindowsApps\32064Takoboto.TakobotoJapaneseDictionary_1.1.0.1_neutral__9b12gkevbv5ht [2019-04-04] (Takoboto) XE Currency -> C:\Program Files\WindowsApps\XE.com.XECurrency_2.1.1.0_neutral__03yfs222qanwj [2019-04-09] (XE.com) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-813CB5835A7A} -> [Creative Cloud Files] => C:\Users\owner\Creative Cloud Files [2016-06-12 10:51] CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll () [File not signed] CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{b7c2f028-a138-4ad4-aaa1-77cf720d5c66} -> [Divers] => C:\Users\owner\Documents\Divers [2016-07-07 14:23] CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{d63b0bea-dc64-4c3b-af8b-d860551f91d4} -> [Programmes Windows 10] => C:\Users\owner\Documents\Programmes Windows 10\Programmes Windows 10 [2015-07-29 16:35] CustomCLSID: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed] ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed] ShellIconOverlayIdentifiers: [IconOverlayJunction] -> {0A479751-02BC-11d3-A855-0004AC2568FF} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed] ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed] ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2019-06-09] (Open-Shell) [File not signed] ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ShellIconOverlayIdentifiers-x32: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed] ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed] ShellIconOverlayIdentifiers-x32: [IconOverlayJunction] -> {0A479751-02BC-11d3-A855-0004AC2568FF} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed] ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed] ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2019-06-09] (Open-Shell) [File not signed] ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File ContextMenuHandlers1: [$PowerDVD19] -> {F29ECC0C-F1D0-4132-B1BC-E317171FFC76} => C:\ProgramData\CyberLink\PowerDVD19\OpenWith\PDVD_Shell64.dll [2019-07-16] (CyberLink Corp. -> CyberLink Corp.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-16] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers1: [EDPShell] -> {58549232-7081-4541-882C-767DB238453C} => C:\Program Files\ExamDiff Pro\EDPShell.dll [2019-06-22] (PrestoSoft -> PrestoSoft LLC) [File not signed] ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-26] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [File Marker] -> {B70B7A24-5180-4092-B3BA-6266F914C053} => C:\Program Files (x86)\FileMarker.NET\FileMarkerShlExt64.dll [2017-05-17] (ArcticLine Software -> ArcticLine Software) ContextMenuHandlers1: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed] ContextMenuHandlers1: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files\XnView\ShellEx\XnViewShellExt64.dll [2015-02-18] () [File not signed] ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-06-05] (Paramount Software UK Ltd -> Paramount Software UK Ltd) ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit Information Technology -> IObit) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> No File ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-26] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-06-05] (Paramount Software UK Ltd -> Paramount Software UK Ltd) ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2019-05-04] (VMware, Inc. -> VMware, Inc.) ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2019-05-04] (VMware, Inc. -> VMware, Inc.) ContextMenuHandlers3: [FileMenuTools] -> {C1B2C38F-3DCA-4E3D-BC34-D5B87B636543} => C:\Program Files\LopeSoft\FileMenu Tools\FileMenuTools64.dll [2019-03-31] (LopeSoft) [File not signed] ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers4: [AutopanoShell.ShellContextMenu] -> {4B4F4C4F-5220-4798-ABF3-EC03F7C8A498} => C:\Program Files\Kolor\Autopano Giga 4.4\AutopanoShell_x64.dll [2017-03-30] (Kolor sarl -> Kolor) ContextMenuHandlers4: [FileMenuTools] -> {C1B2C38F-3DCA-4E3D-BC34-D5B87B636543} => C:\Program Files\LopeSoft\FileMenu Tools\FileMenuTools64.dll [2019-03-31] (LopeSoft) [File not signed] ContextMenuHandlers4: [PMShellExt] -> {D33CAA34-6010-4798-A3A3-11600C03EDDB} => C:\Program Files\Camera Bits\Photo Mechanic\PMShellMenu\PMShellMenu.dll [2019-07-23] (Camera Bits, Inc.) [File not signed] ContextMenuHandlers4: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> No File ContextMenuHandlers4: [ZPShellExt] -> {ABE00001-0123-ABED-1248-0248ADFA1909} => C:\Program Files (x86)\Zoom Player\zpshlext64.dll [2017-07-05] (Inmatrix LTD -> ) ContextMenuHandlers5: [FileMenuTools] -> {C1B2C38F-3DCA-4E3D-BC34-D5B87B636543} => C:\Program Files\LopeSoft\FileMenu Tools\FileMenuTools64.dll [2019-03-31] (LopeSoft) [File not signed] ContextMenuHandlers5: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed] ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-16] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [EDPShell] -> {58549232-7081-4541-882C-767DB238453C} => C:\Program Files\ExamDiff Pro\EDPShell.dll [2019-06-22] (PrestoSoft -> PrestoSoft LLC) [File not signed] ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-26] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [FileMenuTools] -> {C1B2C38F-3DCA-4E3D-BC34-D5B87B636543} => C:\Program Files\LopeSoft\FileMenu Tools\FileMenuTools64.dll [2019-03-31] (LopeSoft) [File not signed] ContextMenuHandlers6: [Folderico] -> {CC0C45C5-EFDE-4B8A-A8B0-9ED733D9E6AC} => C:\Program Files\FolderIco\FolderIco.dll [2017-01-01] (TeoreX) [File not signed] ContextMenuHandlers6: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed] ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2019-06-09] (Open-Shell) [File not signed] ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\Program Files (x86)\OldNewExplorer\OldNewExplorer64.dll [2017-08-16] (www.startisback.com) [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vidéo\Zoom Player\Buy or Upgrade Zoom Player.lnk -> hxxp://inmatrix.com/shop_relay/buyshortcut.shtm Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vidéo\Zoom Player\Download Skins.lnk -> hxxp://skins.inmatrix.com Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vidéo\Zoom Player\Video Tutorials.lnk -> hxxp://inmatrix.com/tutorial_redir.htm Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vidéo\Zoom Player\Help\Forum.lnk -> hxxp://forum.inmatrix.com Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vidéo\Zoom Player\Help\Frequently Asked Questions.lnk -> hxxp://www.inmatrix.com/zplayer/fa Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vidéo\Zoom Player\Help\Home Page.lnk -> hxxp://www.inmatrix.com Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vidéo\Zoom Player\Help\Online Help.lnk -> hxxp://www.inmatrix.com/zplaye Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vidéo\Zoom Player\Help\Usage Guides.lnk -> hxxp://www.inmatrix.com/articles.shtm Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Système\Link Shell Extension\Donate.lnk -> hxxp://schinagl.priv.at/nt/hardlinkshellext/linkshellextension.htm Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet\Reset Data Usage.bat.lnk -> C:\Program Files (x86)\Reset Data Usage - Script\Reset_Data_Usage.bat () Shortcut: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image\Inkscape 0.92.3\Inkscape Homepage.lnk -> hxxp://www.inkscape.org ==================== Loaded Modules (Whitelisted) ============== 2018-04-29 14:54 - 2018-04-29 13:21 - 000396800 _____ () [File not signed] C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe 2018-04-29 14:54 - 2018-04-29 13:21 - 000337920 _____ () [File not signed] C:\Program Files (x86)\BetterDesktopTool\BetterDesktopToolServer.exe 2018-04-29 14:54 - 2018-04-29 13:20 - 000117248 _____ () [File not signed] C:\Program Files (x86)\BetterDesktopTool\HookLibrary.dll 2016-06-09 13:37 - 2014-04-07 12:18 - 002592256 _____ () [File not signed] C:\Program Files (x86)\Gest\Gest.exe 2019-01-21 13:55 - 2019-01-21 13:55 - 000251392 _____ () [File not signed] C:\Program Files (x86)\NordVPN\x86\Liberation.Native.Firewall.dll 2016-06-08 18:28 - 2007-09-02 13:57 - 000069632 _____ () [File not signed] C:\Program Files (x86)\RocketDock\RocketDock.dll 2016-06-08 18:28 - 2007-09-02 13:58 - 000495616 _____ () [File not signed] C:\Program Files (x86)\RocketDock\RocketDock.exe 2011-04-12 22:53 - 2011-04-12 22:53 - 003951616 _____ () [File not signed] C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe 2011-04-12 22:53 - 2011-04-12 22:53 - 000015872 _____ () [File not signed] C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr32.exe 2011-04-12 22:53 - 2011-04-12 22:53 - 000017920 _____ () [File not signed] C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr64.exe 2011-04-12 22:53 - 2011-04-12 22:53 - 000013312 _____ () [File not signed] C:\Program Files (x86)\WinSplit Revolution\WinSplitHook32.DLL 2011-04-12 22:53 - 2011-04-12 22:53 - 000015360 _____ () [File not signed] C:\Program Files (x86)\WinSplit Revolution\WinSplitHook64.DLL 2011-04-12 22:53 - 2011-04-12 22:53 - 000011264 _____ () [File not signed] C:\Program Files (x86)\WinSplit Revolution\WinSplitLib.dll 2019-06-17 08:48 - 2019-06-29 09:18 - 000012288 _____ () [File not signed] C:\Program Files\ImDisk\ImDiskTk-svc.exe 2019-06-02 21:12 - 2019-03-05 12:54 - 000905216 _____ () [File not signed] C:\Program Files\NetWorx\sqlite3.dll 2019-03-18 17:02 - 2019-03-18 17:02 - 000110592 _____ () [File not signed] C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll 2018-04-17 17:48 - 2018-03-28 02:04 - 000100864 _____ () [File not signed] C:\Program Files\ShellFolderFix64\ShellFolderFix.dll 2018-04-17 17:48 - 2018-03-28 02:43 - 002630656 _____ () [File not signed] C:\Program Files\ShellFolderFix64\ShellFolderFixUI.exe 2016-06-12 10:29 - 2015-02-18 20:46 - 002383360 _____ () [File not signed] C:\Program Files\XnView\ShellEx\XnViewShellExt64.dll 2017-05-01 17:55 - 2012-04-28 07:01 - 000350720 _____ () [File not signed] C:\Programmes Portables\Stick it 1.00.0b\Stick-It!.exe 2017-03-19 11:00 - 2014-10-03 14:06 - 000014848 _____ () [File not signed] C:\Programmes Portables\volumouse-x64\volumouse32.exe 2019-07-28 22:06 - 2019-07-28 22:01 - 001097728 _____ () [File not signed] C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox - Back and forwards keyboard shortcuts.exe 2019-07-28 22:06 - 2019-07-28 22:03 - 001097728 _____ () [File not signed] C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox - Start - Minimized - Restore.exe 2019-07-29 14:11 - 2019-07-29 14:11 - 001097728 _____ () [File not signed] C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Météo shortcut - F1.exe 2017-10-05 01:13 - 2017-10-05 01:13 - 000263680 _____ () [File not signed] C:\Users\owner\AppData\Roaming\Textify\Textify.exe 2014-02-27 06:31 - 2014-02-27 06:31 - 000013312 _____ () [File not signed] C:\Windows\SysWOW64\SMITSC.exe 2018-01-04 20:30 - 2019-07-19 22:04 - 004798976 _____ (Alexandr Irza) [File not signed] C:\Program Files (x86)\Volume2\Volume2.exe 2018-11-17 23:23 - 2018-08-29 03:59 - 000086016 _____ (blackholeearth) [File not signed] C:\Programmes Portables\Windows 10 Brightness Slider.exe 2019-07-23 11:46 - 2019-07-23 11:46 - 000063488 _____ (Camera Bits, Inc.) [File not signed] C:\Program Files\Camera Bits\Photo Mechanic\PMShellMenu\PMShellMenu.dll 2019-07-26 14:14 - 2019-06-20 07:32 - 001196032 _____ (Care Your Eyes) [File not signed] C:\Programmes Portables\CareUEyes\App\ProgramFiles\CareUEyes.exe 2019-04-05 22:24 - 2019-04-05 22:24 - 001031680 _____ (Carthago Software) [File not signed] C:\Program Files (x86)\MemInfo\meminfo.exe 2018-08-13 08:46 - 2019-03-27 09:50 - 007040608 _____ (Crystal Rich Ltd -> Crystal Rich Ltd) [File not signed] C:\Programmes Portables\Zentimo\Zentimo.exe 2019-05-21 03:56 - 2019-05-11 06:54 - 000167936 _____ (Guillaume Ryder (hxxp://utilfr42.free.fr)) [File not signed] C:\Programmes Portables\Clavier+ x64\Clavier.exe 2019-06-10 14:19 - 2019-06-10 14:19 - 000008704 _____ (GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe 2019-07-26 13:46 - 2019-07-11 13:21 - 005715968 _____ (H.D.S. Hungary) [File not signed] C:\Programmes Portables\HardDiskSentinel\HDSentinel.exe 2019-02-10 07:44 - 2019-02-10 07:44 - 000309248 _____ (Henry++) [File not signed] C:\Program Files\Mem Reduct\memreduct.exe 2019-07-26 08:10 - 2019-07-26 08:10 - 000498096 _____ (Hermann Schinagl -> Hermann Schinagl) [File not signed] C:\Program Files\LinkShellExtension\HardlinkShellExt.dll 2019-04-01 18:58 - 2019-03-31 11:46 - 011108352 _____ (LopeSoft) [File not signed] C:\Program Files\LopeSoft\FileMenu Tools\FileMenuTools64.dll 2019-04-09 14:46 - 2019-04-09 14:46 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll 2016-06-06 21:22 - 2015-10-20 12:30 - 000280064 _____ (My Portable Software) [File not signed] C:\Programmes Portables\My CPU Monitor\My CPU Monitor.exe 2019-06-18 16:00 - 2019-06-18 15:04 - 000127488 _____ (navhaxs.au.eu.org) [File not signed] C:\Programmes Portables\BrightnessTray.exe 2018-05-03 11:35 - 2017-11-14 08:47 - 000065536 _____ (OpenLibSys.org) [File not signed] C:\Programmes Portables\Throttle Stop\WinRing0.dll 2019-06-09 18:29 - 2019-06-09 18:29 - 000881152 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\ClassicExplorer64.dll 2019-06-09 18:29 - 2019-06-09 18:29 - 000218624 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe 2019-06-09 18:29 - 2019-06-09 18:29 - 003442688 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenuDLL.dll 2019-06-09 18:28 - 2019-06-09 18:28 - 000303616 _____ (Open-Shell) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll 2019-06-05 18:24 - 2019-06-10 16:39 - 005463376 _____ (Paramount Software UK Ltd -> Paramount Software UK Ltd) [File not signed] C:\Program Files\Macrium\Common\MacriumService.exe 2019-06-05 18:16 - 2019-06-10 16:39 - 005632232 _____ (Paramount Software UK Ltd -> Paramount Software UK Ltd) [File not signed] C:\Program Files\Macrium\Common\ReflectUI.exe 2019-06-22 19:56 - 2019-06-22 19:57 - 000282064 _____ (PrestoSoft -> PrestoSoft LLC) [File not signed] C:\Program Files\ExamDiff Pro\EDPShell.dll 2019-07-07 19:27 - 2019-07-07 19:27 - 000465920 _____ (RaMMicHaeL) [File not signed] C:\Users\owner\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe 2019-07-07 19:27 - 2019-07-07 19:27 - 000301056 _____ (RaMMicHaeL) [File not signed] C:\Users\owner\AppData\Roaming\7+ Taskbar Tweaker\inject.dll 2009-08-16 21:36 - 2009-08-16 21:36 - 000955392 _____ (SFX TEAM) [File not signed] C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe 2019-06-02 21:12 - 2019-06-02 21:15 - 012937728 _____ (SoftPerfect) [File not signed] C:\Program Files\NetWorx\networx.exe 2018-09-30 08:23 - 2017-01-01 20:55 - 000251392 _____ (TeoreX) [File not signed] C:\Program Files\FolderIco\FolderIco.dll 2019-06-02 21:12 - 2018-09-20 00:49 - 002278912 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\NetWorx\libeay32.dll 2019-06-02 21:12 - 2018-09-20 00:49 - 000386560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\NetWorx\ssleay32.dll 2018-05-03 11:35 - 2018-09-19 09:15 - 000503296 _____ (uWebb Software) [File not signed] C:\Programmes Portables\Throttle Stop\ThrottleStop.exe 2017-10-19 07:23 - 2017-08-16 10:37 - 000253952 _____ (www.startisback.com) [File not signed] C:\Program Files (x86)\OldNewExplorer\OldNewExplorer32.dll 2017-10-19 07:23 - 2017-08-16 10:39 - 000259072 _____ (www.startisback.com) [File not signed] C:\Program Files (x86)\OldNewExplorer\OldNewExplorer64.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\WINDOWS\system.ini:c10_encryption_d [14] AlternateDataStreams: C:\WINDOWS\win.ini:c10_encryption_d [14] AlternateDataStreams: C:\ProgramData\TEMP:3241321C [131] AlternateDataStreams: C:\ProgramData\TEMP:6DAA43DB [406] AlternateDataStreams: C:\ProgramData\TEMP:844B944C [128] AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [270] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-09-29 15:46 - 2019-07-28 09:55 - 000000043 _____ C:\WINDOWS\system32\drivers\etc\hosts 0.0.0.0 cap.cyberlink.com 2017-09-16 13:36 - 2019-04-14 18:41 - 000000615 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.17.176.214 4b0be28a-32d5-48e2-b0c3-b6d940713db6.mshome.net # 2019 4 0 21 15 49 55 561 172.17.94.109 a1c576ba-3de1-42e8-8e44-0726f99b3911.mshome.net # 2019 4 2 16 15 18 16 32 192.168.49.161 pc.mshome.net # 2024 4 5 12 16 41 55 597 75 ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\;C:\Program Files (x86)\Roxio 2010\OEM\AudioCore\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\AOMEI Backupper;C:\Users\owner\AppData\Local\Microsoft\WindowsApps;C:\Program Files (x86)\Nmap;C:\Users\owner\AppData\Local\Programs\Fiddler;C:\Users\owner\AppData\Local\Microsoft\WindowsApps;C:\Users\owner\AppData\Local\Microsoft\WindowsApps HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\Control Panel\Desktop\\Wallpaper -> C:\Fond d'ecran\Copie de Kyoto.jpeg DNS Servers: 80.67.169.12 - 80.67.169.40 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [Microsoft-Windows-Unified-Telemetry-Client] => (Block) C:\WINDOWS\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{F94FC8D1-77C6-4A6E-A03A-54314D87CAF5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> ) FirewallRules: [{A201C980-E7A3-40E3-932D-8C5AC8BF078E}] => (Block) C:\Program Files (x86)\HighCriteria\TotalRecorder\TRVideo.dll (High Criteria Inc. -> High Criteria inc.) FirewallRules: [{01480E1A-5C22-41F4-B2DD-3327370D4D58}] => (Block) C:\Program Files (x86)\HighCriteria\TotalRecorder\WmpClipInfoForTrVis.dll (High Criteria Inc. -> High Criteria inc.) FirewallRules: [{AD1BCE4D-125A-4F20-BE63-4322CB4307AA}] => (Block) C:\Program Files (x86)\HighCriteria\TotalRecorder\WmpClipInfoForTrBkgr.dll (High Criteria Inc. -> High Criteria inc.) FirewallRules: [{2B6135BF-38D9-4001-A714-3838957CA635}] => (Block) C:\Program Files (x86)\HighCriteria\TotalRecorder\TRRhapsodyNowPlaying.dll (High Criteria Inc. -> High Criteria inc.) FirewallRules: [{77B384E0-D9FF-4332-8BA0-4F3602F5BACB}] => (Block) C:\Program Files (x86)\HighCriteria\TotalRecorder\TrWdmDrvTrace.exe (High Criteria Inc. -> High Criteria inc.) FirewallRules: [{6415641B-C973-4D36-8E1A-547169102DB1}] => (Block) C:\Program Files (x86)\HighCriteria\TotalRecorder\TRInst64Drv.exe (High Criteria Inc. -> High Criteria inc.) FirewallRules: [{652741C7-FDEB-4BEC-81AB-2ACF70367136}] => (Block) C:\Program Files (x86)\HighCriteria\TotalRecorder\TrDumpAnalyzer.exe (High Criteria Inc. -> High Criteria inc.) FirewallRules: [{6A587763-A1F7-4470-99C8-9D6626AF9EE8}] => (Block) C:\Program Files (x86)\HighCriteria\TotalRecorder\TRDrvTesting.exe (High Criteria Inc. -> High Criteria inc.) FirewallRules: [{BD828386-AB71-439C-A160-978EED94C714}] => (Block) C:\Program Files (x86)\HighCriteria\TotalRecorder\TRDevTesting.exe (High Criteria Inc. -> High Criteria inc.) FirewallRules: [{32153A0E-84CD-46D3-BD6B-C6ADACE603D1}] => (Block) C:\Program Files (x86)\HighCriteria\TotalRecorder\TRAdminFuncs.exe (High Criteria Inc. -> ) FirewallRules: [{BCFD7727-A825-472A-BA39-9DBC072AE75F}] => (Block) C:\Program Files (x86)\HighCriteria\TotalRecorder\TR_VideoAccelOff.exe (High Criteria Inc. -> High Criteria inc.) FirewallRules: [{AEA6FE84-23BB-4CDB-BC39-F45786C23A28}] => (Block) C:\Program Files (x86)\HighCriteria\TotalRecorder\TotalRecorder.exe (High Criteria Inc. -> High Criteria inc.) [File not signed] FirewallRules: [{179391A6-7057-4BB7-B292-086AB335FBBB}] => (Block) C:\Program Files (x86)\HighCriteria\TotalRecorder\setup.exe (High Criteria Inc. -> High Criteria inc.) FirewallRules: [{52D2C063-D96F-4E5E-B179-DCFDFB4BF6C1}] => (Block) C:\Programmes Portables\Destroy Windows 10 Spying\Destroy Windows 10 Spying.exe (WZT) [File not signed] FirewallRules: [{3B95F5B4-527C-4BA3-B723-307AE0BF53F1}] => (Block) C:\Programmes Portables\O&O AppBuster\OOAPB.exe (O&O Software GmbH -> O&O Software GmbH) FirewallRules: [{2F3ABA43-22EE-4E35-9C03-8C7828FF03CD}] => (Block) C:\Program Files\SIW\SiwViewer.exe (Topala Software Solutions -> Topala Software Solutions) FirewallRules: [{B7C47470-1247-4A13-AB1A-30E554AD7A80}] => (Block) C:\Program Files\SIW\siw.exe (Topala Software Solutions -> Topala Software Solutions) FirewallRules: [{92904F85-F9FA-4C8F-B42A-C386C129CF54}] => (Block) C:\Program Files\SIW\siw32.exe (Topala Software Solutions -> Topala Software Solutions) [File not signed] FirewallRules: [{467BD511-1578-46B3-82E0-A7919BA36D5A}] => (Block) C:\Program Files\SIW\siw64.exe (Topala Software Solutions -> Topala Software Solutions) [File not signed] FirewallRules: [{992529FE-4180-4003-B0FC-356AB226AE35}] => (Allow) C:\Program Files\NetWorx\networx.exe (SoftPerfect) [File not signed] FirewallRules: [UDP Query User{E777DE74-0D3D-406E-BF85-58FBCE78F1C7}C:\program files\adobe\adobe media encoder cc 2019\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2019\adobe media encoder.exe (Adobe Inc. -> Adobe) [File not signed] FirewallRules: [TCP Query User{5E976D72-4D15-4986-9163-FCD675F3C089}C:\program files\adobe\adobe media encoder cc 2019\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2019\adobe media encoder.exe (Adobe Inc. -> Adobe) [File not signed] FirewallRules: [{82045952-9110-41D1-9D69-589FA5209D48}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) FirewallRules: [{49CC4E4C-3E4D-434E-83B3-252FFAEB4184}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) FirewallRules: [{4FD20DB2-568B-4C31-B8B6-C5621F2AA9C1}] => (Allow) C:\Program Files\Malwarebytes\Windows Firewall Control\wfc.exe (Malwarebytes Corporation -> Malwarebytes) FirewallRules: [{7BC89A7B-0773-4E5F-A7A9-4638F68C155F}] => (Block) C:\Program Files (x86)\FileMarker.NET\FileMarkerService.exe (ArcticLine Software -> ArcticLine Software) FirewallRules: [{B454E304-56E6-4513-8262-521ED30EA289}] => (Block) C:\Program Files (x86)\FileMarker.NET\FileMarker.NET.exe (ArcticLine Software -> ArcticLine Software) FirewallRules: [{ED4DA16A-23B1-4AA8-846C-CB043E833850}] => (Block) C:\Program Files\CyberLink\ScreenRecorder4\VideoEditor\SRVE.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [00017e2d-1c2a-aa9a-a104-5bd81c197507] => (Block) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe (Adobe Inc. -> Adobe Systems Incorporated) FirewallRules: [fedc7e2d-1c2a-aa9a-a104-5bd81c197507] => (Block) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe (Adobe Inc. -> Adobe Systems Incorporated) FirewallRules: [{A7BD11F9-BD81-4ED0-99B0-697D85630CAF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{51AFC7F4-ABCB-47E0-9522-ED4583D77DDA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{B59E50F4-4359-4624-95EC-86167C03AD09}] => (Block) C:\Program Files (x86)\FileMarker.NET\FileMarker.NET.exe (ArcticLine Software -> ArcticLine Software) FirewallRules: [{AD000A10-4409-4464-946F-F715B4A37CB1}] => (Block) C:\Program Files (x86)\FileMarker.NET\FileMarkerService.exe (ArcticLine Software -> ArcticLine Software) FirewallRules: [UDP Query User{31E5C858-C9E1-41C5-8ED1-54E0DF60EB89}C:\program files\presonus\studio one 4\pluginscanner.exe] => (Block) C:\program files\presonus\studio one 4\pluginscanner.exe (PreSonus) [File not signed] FirewallRules: [TCP Query User{6B9AE63D-5E0D-44C2-B856-4E3688B6504E}C:\program files\presonus\studio one 4\pluginscanner.exe] => (Block) C:\program files\presonus\studio one 4\pluginscanner.exe (PreSonus) [File not signed] FirewallRules: [{6B908218-F303-4C2E-8D77-C59A7498DC49}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{7445BC52-04B6-46F8-979A-2B413184BAC1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{AA114FEA-81A7-4897-BE15-2B63B9B1D44D}] => (Allow) LPort=9089 FirewallRules: [{C27BAB66-9C89-46C5-B8B4-5CB41E2137BF}] => (Block) C:\Program Files (x86)\Actual Transparent Window\ActualTransparentWindowConfig.exe (Actual Tools) [File not signed] FirewallRules: [{F071A873-1322-420C-AFF8-408FB6273843}] => (Block) C:\Program Files (x86)\Actual Transparent Window\ActualTransparentWindowCenter.exe (Actual Tools) [File not signed] FirewallRules: [{7948490A-9AF9-4223-ABE2-100B69D212F8}] => (Block) C:\Program Files (x86)\Edraw Max 9.3\EdrawMax.exe (EDRAW LIMITED -> ) FirewallRules: [{635683B1-AA0F-48E9-97AF-544691311146}] => (Block) C:\Program Files (x86)\BetterDesktopTool\BetterDesktopToolServer.exe () [File not signed] FirewallRules: [0001a555-e2d6-0ddf-a6fe-8db4decfb0bf] => (Block) C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe () [File not signed] FirewallRules: [UDP Query User{4AF9B01C-CDD0-45FB-9263-9A664F1FC340}C:\program files (x86)\networkconnectlog\networkconnectlog.exe] => (Allow) C:\program files (x86)\networkconnectlog\networkconnectlog.exe (Nir Sofer -> NirSoft) FirewallRules: [TCP Query User{1EFC87AF-A0B2-447C-BA40-6B932BFAA2EC}C:\program files (x86)\networkconnectlog\networkconnectlog.exe] => (Allow) C:\program files (x86)\networkconnectlog\networkconnectlog.exe (Nir Sofer -> NirSoft) FirewallRules: [UDP Query User{108AC259-7467-48F7-9310-7AA50E5A3BA2}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe No File FirewallRules: [TCP Query User{9A261B67-246E-4417-84C1-2BE7A9A0F936}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe No File FirewallRules: [{2E9BD135-78EC-4905-B60B-F512D0D6616E}] => (Block) C:\WINDOWS\system32\spoolsv.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{1A825B0E-75AB-4F24-9C16-F0089BED656B}] => (Block) C:\Program Files (x86)\Volume2\Volume2PM.exe (Alexandr Irza) [File not signed] FirewallRules: [{08F0760E-BEDA-4B67-962C-CAC174745E14}] => (Block) C:\Program Files (x86)\Volume2\Volume2.exe (Alexandr Irza) [File not signed] FirewallRules: [{C6AF62E3-AB8A-432A-998A-FFB86CC6208D}] => (Block) C:\Program Files (x86)\Free Video Cutter\FreeVideoCutter.exe (HONGKONG JIHO CO., LIMITED -> ) FirewallRules: [{17339735-D644-49C2-9079-0E98CD23550B}] => (Block) C:\Program Files\WinRAR\WinRAR.exe (win.rar GmbH -> Alexander Roshal) FirewallRules: [{01BC0803-1306-4EE7-909F-7D2F2BE3A736}] => (Block) C:\Program Files\SumatraPDF\SumatraPDF.exe (Krzysztof Kowalczyk -> Krzysztof Kowalczyk) FirewallRules: [{4C356547-3C4D-4EFA-9D21-DB54EE9E0E1E}] => (Block) C:\WINDOWS\Explorer.EXE (Microsoft Windows -> Microsoft Corporation) FirewallRules: [UDP Query User{20F73919-3406-4586-9367-28A75003B4E1}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{0C45436E-3294-4394-A6D0-D9DA6744F501}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{FABB2FC8-00BF-4EE8-9D2E-C89E687CEE2C}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{1747461C-472A-46C3-BE21-B120D90531B7}] => (Allow) C:\Program Files\waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation) FirewallRules: [{EC5633D4-B1E2-44BD-B80E-747FBB6D11A6}] => (Block) C:\WINDOWS\system32\spoolsv.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{F8546430-C419-4C78-931D-8248F42B55B0}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation) FirewallRules: [{F43936C9-4F0F-48FA-9FB0-CE2E235C307B}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation) FirewallRules: [{FA74EE12-1948-4D65-9C2C-CFD50E69707E}] => (Block) LPort=8318 FirewallRules: [{6DE6F25A-F9C7-4EBC-85E7-A01A717E7676}] => (Allow) C:\Program Files (x86)\Steam\steamapps\Common\Spacewar\SteamworksExample.exe () [File not signed] FirewallRules: [{D73E069C-FC1A-4560-87EA-73B3F073435B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\Common\Spacewar\SteamworksExample.exe () [File not signed] FirewallRules: [{A4FA2263-E1DA-4109-A762-7406AEEB19EB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{83A8806C-9564-4516-AEFB-53807FBDE464}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{60E6D465-398E-4850-BE86-7EF7620A2377}] => (Block) C:\windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{71A96720-3EA5-47E0-8D05-B5ACD5A53FC7}] => (Block) C:\Program Files (x86)\BetterDesktopTool\BetterDesktopToolServer.exe () [File not signed] FirewallRules: [{70CBBC2D-9CEF-4E77-8E47-940CAAF40A20}] => (Block) C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe () [File not signed] FirewallRules: [{425D09C9-BE65-44E8-AECA-4C1BB306A2C5}] => (Block) C:\WINDOWS\system32\spoolsv.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{964F62C4-47FD-4D3A-AC72-6F06AE1A237A}] => (Block) C:\Program Files\Topaz Labs\Topaz A.I. GigaPixel\Topaz A.I. Gigapixel.exe () [File not signed] FirewallRules: [{6D287952-8A78-4E91-9064-5CC6A6002946}] => (Block) C:\Program Files\Topaz Labs\Topaz A.I. GigaPixel\UpdateManager.exe () [File not signed] FirewallRules: [{173FFB07-0278-4E55-87FA-F58321E79CD0}] => (Block) C:\Program Files\PreSonus\Studio One 4\Studio One.exe (PreSonus) [File not signed] FirewallRules: [TCP Query User{9E45959D-3E28-4046-B7D8-BAA86568D9C8}C:\users\owner\desktop\madvr\madhcctrl.exe] => (Allow) C:\users\owner\desktop\madvr\madhcctrl.exe No File FirewallRules: [UDP Query User{59EBECA0-DAAB-4AA5-9497-B1D5F68D3FF8}C:\users\owner\desktop\madvr\madhcctrl.exe] => (Allow) C:\users\owner\desktop\madvr\madhcctrl.exe No File FirewallRules: [TCP Query User{D8491832-3060-4E03-8391-3C4B73054CAC}C:\users\owner\desktop\madvr\madtpg.exe] => (Allow) C:\users\owner\desktop\madvr\madtpg.exe No File FirewallRules: [UDP Query User{8D2A84A1-BA6F-4EDA-A629-D7BE26DA681A}C:\users\owner\desktop\madvr\madtpg.exe] => (Allow) C:\users\owner\desktop\madvr\madtpg.exe No File FirewallRules: [{77E1BACF-3819-489D-A37C-6F8CD56C3BD8}] => (Block) C:\Program Files (x86)\Gest\Gest.exe () [File not signed] FirewallRules: [{6433748A-774C-43DE-A508-C2B31EE05154}] => (Block) C:\Users\owner\AppData\Roaming\Gest\GestUpdater.exe () [File not signed] FirewallRules: [{86CB56F2-7EC6-4731-935F-F4DBBE4516FA}] => (Block) C:\Users\owner\AppData\Roaming\Gest\GestLauncher.exe () [File not signed] FirewallRules: [{5CEDE0DF-9778-4F97-B595-30ED72382764}] => (Allow) C:\Users\owner\AppData\Local\Programs\Fiddler\Fiddler.exe (TELERIK EAD -> Telerik) FirewallRules: [HNS Container Networking - DNS (UDP-In) - 7D4203D0-B76A-4FED-A08A-4FE5329CC59C - 0] => (Allow) LPort=53 FirewallRules: [{AA46DFF6-B0FB-4B9D-9AA1-BA907EDE62EA}] => (Allow) C:\Program Files\ESET\ESET Security\egui.exe (ESET, spol. s r.o. -> ESET) FirewallRules: [{5DB01CD2-D5F2-4086-823E-476A4E3B60B6}] => (Allow) C:\Program Files\ESET\ESET Security\ekrn.exe (ESET, spol. s r.o. -> ESET) FirewallRules: [{376FB71D-44A6-4874-A903-31D0D74CB796}] => (Allow) C:\Program Files\ESET\ESET Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) FirewallRules: [{64B2AB83-ADB2-4B20-8EAF-12604A937EAD}] => (Allow) C:\Program Files\The Bat!\thebat64.exe (RITLABS S.R.L. -> Ritlabs, SRL) FirewallRules: [{773A5EA7-7741-4370-9822-F5685225AE38}] => (Allow) C:\Program Files (x86)\eM Client\MailClient.exe (eM Client s.r.o.) [File not signed] FirewallRules: [{50B02300-881D-4F53-BC41-A7A42EADE552}] => (Allow) C:\Program Files\Proton Technologies AG\ProtonMail Bridge\Desktop-Bridge.exe (Proton Technologies AG -> ) FirewallRules: [{B83F97E1-32D3-4C6C-B9D6-921C71636863}] => (Allow) C:\Program Files\Wireshark\Wireshark.exe (Wireshark Foundation, Inc. -> The Wireshark developer community, hxxps://www.wireshark.org/) FirewallRules: [{8F6378F8-4D66-40C6-905B-2EE54C865697}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{E4B52189-8421-44DE-9DB2-70FAA85CC7B2}] => (Allow) C:\Program Files (x86)\Steam\streaming_client.exe (Valve -> Valve Corporation) FirewallRules: [{BC01EC82-0FCC-4757-A79F-EDF8539F19AF}] => (Allow) C:\Program Files (x86)\Steam\steamerrorreporter64.exe (Valve -> Valve Corporation) FirewallRules: [{5A240965-5C41-4211-9EA9-4B849A8FE36A}] => (Allow) C:\Program Files (x86)\Steam\steamerrorreporter.exe (Valve -> Valve Corporation) FirewallRules: [{43161041-B0E8-41A0-AEB7-E7C1B5F374CD}] => (Allow) C:\Program Files (x86)\Steam\GameOverlayUI.exe (Valve -> Valve Corporation) FirewallRules: [{44A7EA75-A112-49C6-8CDF-F8CF1D476C34}] => (Allow) C:\Program Files (x86)\Steam\bin\steamservice.exe (Valve -> Valve Corporation) FirewallRules: [{20616266-D0F6-4066-95FE-3AA44C9538BA}] => (Allow) C:\Program Files (x86)\Steam\bin\x86launcher.exe (Valve -> Valve Corporation) FirewallRules: [{B43BE1B3-14E9-49A7-AD3D-89BEC3412960}] => (Allow) C:\Program Files (x86)\Steam\bin\x64launcher.exe (Valve -> Valve Corporation) FirewallRules: [{C03F8787-88B8-4C30-A984-72F1F124C091}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\html5app_steam.exe (Valve -> Valve Corporation) FirewallRules: [{244477D8-02EB-4036-90D1-9961EF3FD852}] => (Allow) C:\Program Files (x86)\Steam\bin\secure_desktop_capture.exe (Valve -> Valve Corporation) FirewallRules: [{3A98A83A-6A30-49C6-A858-2C0F3E11FD77}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{491723FC-C989-498D-9D57-5F4F64D4E84D}] => (Allow) C:\Program Files\Opera\launcher.exe (Opera Software AS -> Opera Software) FirewallRules: [{DC221C06-8919-4E9F-AD54-C6B697DDD54B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{B854441D-BBFD-41F1-BA40-8C2AA0FF9F92}] => (Allow) C:\Program Files\Mozilla Firefox\updater.exe (Mozilla Corporation -> Mozilla Foundation) FirewallRules: [{18480B48-AE31-432D-96DB-E889CA8E76A9}] => (Allow) C:\Program Files\Mozilla Firefox\maintenanceservice.exe (Mozilla Corporation -> Mozilla Foundation) FirewallRules: [{A3D2888A-F952-41BC-B2EF-337640E2EE8B}] => (Allow) C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{3E2494B1-0672-4895-BEA3-385A347D060A}] => (Allow) C:\Programmes Portables\4K Video Downloader\4KVideoDownloaderPortable.exe (Open Media LLC) [File not signed] FirewallRules: [{922B8D23-1426-435D-91C6-4466DE3F72D0}] => (Allow) C:\Programmes Portables\Tor Browser\Browser\firefox.exe (Mozilla Corporation) [File not signed] FirewallRules: [{41D9166C-DE48-43CE-90D0-7A37E7213390}] => (Allow) C:\Programmes Portables\Tor Browser\Browser\firefox.exe (Mozilla Corporation) [File not signed] FirewallRules: [{2B24C3C0-EBA2-4EAE-BA56-9635092EBAAC}] => (Allow) C:\Programmes Portables\Tor Browser\Browser\TorBrowser\Tor\tor.exe () [File not signed] FirewallRules: [{0667E190-EA00-4D9A-8D4D-DC5139EC0B50}] => (Allow) C:\Programmes Portables\Tor Browser\Browser\updater.exe (Mozilla Foundation) [File not signed] FirewallRules: [{42A52303-FD4C-4F91-B3C7-CCECA7E00CC5}] => (Allow) C:\Programmes Portables\Tor Browser\Browser\TorBrowser\Tor\PluggableTransports\meek-client-torbrowser.exe () [File not signed] FirewallRules: [{667121C1-A5D7-4112-B44D-649A3BBEDF3E}] => (Allow) C:\Programmes Portables\Tor Browser\Browser\TorBrowser\Tor\PluggableTransports\meek-client.exe () [File not signed] FirewallRules: [{9C395A19-922C-4791-BDC4-5B7F2B2E0C57}] => (Allow) C:\Program Files (x86)\NordVPN\NordVPN.exe (TEFINCOM S.A. -> NordVPN) FirewallRules: [{6BD95C52-EA42-40E9-BC0E-CC4C4143BEA7}] => (Allow) C:\Program Files (x86)\NordVPN\nordvpn-service.exe (TEFINCOM S.A. -> ) FirewallRules: [{4FB087BB-ECFB-4441-BDF7-E4D29309BB3C}] => (Allow) C:\Program Files (x86)\NordVPN\Diagnostics.exe (TEFINCOM S.A. -> ) FirewallRules: [{4A476EDB-E963-4770-A625-42C13BFA92DF}] => (Allow) C:\Program Files (x86)\NordVPN\Resources\Binaries\32bit\openssl.exe (TEFINCOM S.A. -> ) FirewallRules: [{31B97D52-6CB2-4724-A15D-B563E9606205}] => (Allow) C:\Program Files (x86)\NordVPN\Resources\Binaries\64bit\openssl.exe (TEFINCOM S.A. -> ) FirewallRules: [{22DB1B39-0E3C-4A13-9FC4-230C1DA7CD6A}] => (Allow) C:\Program Files (x86)\NordVPN\Resources\Binaries\32bit\openvpn-nordvpn.exe (TEFINCOM S.A. -> The OpenVPN Project) FirewallRules: [{7FD28C0E-371C-46EA-BD2D-547CE1863296}] => (Allow) C:\Program Files (x86)\NordVPN\Resources\Binaries\64bit\openvpn-nordvpn.exe (TEFINCOM S.A. -> The OpenVPN Project) FirewallRules: [{77EBE06F-04FC-44F0-A6A2-61F8228F98DD}] => (Allow) C:\Program Files (x86)\NordVPN\Resources\Binaries\32bit\openvpnserv.exe (TEFINCOM S.A. -> The OpenVPN Project) FirewallRules: [{111A59C0-56B2-4372-A706-83C330A4D86C}] => (Allow) C:\Program Files (x86)\NordVPN\Resources\Binaries\64bit\openvpnserv.exe (TEFINCOM S.A. -> The OpenVPN Project) FirewallRules: [{9474FB45-F157-4EDB-B047-075160121936}] => (Allow) C:\Program Files (x86)\NordVPN network TAP\bin\amd64\tapinstall.exe (OpenVPN Technologies, Inc. -> Windows (R) Win 7 DDK provider) FirewallRules: [{949047E0-9D9B-4159-86F5-FC8030E4AD89}] => (Allow) C:\Program Files (x86)\NordVPN network TAP\bin\i386\tapinstall.exe (OpenVPN Technologies, Inc. -> Windows (R) Win 7 DDK provider) FirewallRules: [{9EAC36B5-3E31-43A4-9CD4-F23C1A81C4AC}] => (Allow) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA CLIENT SOLUTIONS CO., LTD. -> Toshiba Client Solutions Co., Ltd.) FirewallRules: [{82B7BE62-240A-49E8-8051-41122B5D4BEC}] => (Allow) C:\Program Files\TOSHIBA\TOSHIBA Service Station\diagtool\TosDataUpload.exe (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) FirewallRules: [{A030334C-61C3-4C92-A182-5AAAE62DDAA4}] => (Allow) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) FirewallRules: [{E18C9CF9-AC55-41CF-9646-028F5412C394}] => (Allow) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TStationSrv.exe (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) FirewallRules: [{475B290E-9052-4647-A4A3-E295FF483F67}] => (Allow) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TAgree.exe (TOSHIBA CLIENT SOLUTIONS CO., LTD. -> Toshiba Client Solutions Co., Ltd.) FirewallRules: [{FA6D1224-59DA-4EA3-B8D3-5846412F7D45}] => (Allow) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TosGetSysInfo.exe (TOSHIBA CLIENT SOLUTIONS CO., LTD. -> Toshiba Client Solutions Co., Ltd.) FirewallRules: [{9CB48188-F0D8-4159-84FC-F44950D77001}] => (Allow) C:\Program Files\TOSHIBA\TOSHIBA Service Station\diagtool\TosDiagnosticTools.exe (TOSHIBA CLIENT SOLUTIONS CO., LTD. -> Toshiba Client Solutions Co., Ltd.) FirewallRules: [{045EA982-F08B-41CE-9D58-BCF494FB9CAC}] => (Allow) C:\Program Files\TOSHIBA\TOSHIBA Service Station\diagtool\TroubleShooting.exe (TOSHIBA CLIENT SOLUTIONS CO., LTD. -> Toshiba Client Solutions Co., Ltd.) FirewallRules: [{24E86CCB-41B5-47B5-88FF-1FE9BC0D4DEE}] => (Allow) C:\Program Files\TOSHIBA\TOSHIBA Service Station\diagtool\TosQuickTest.exe (TOSHIBA CLIENT SOLUTIONS CO., LTD. -> Toshiba Client Solutions Co., Ltd.) FirewallRules: [{603B9A78-83E5-4F67-9FAD-7030E9CE57F4}] => (Allow) C:\Programmes Portables\wscc x64\wscc.exe (KirySoft S.R.L. -> KirySoft) FirewallRules: [{0C2413E2-1B04-48B5-95DA-C5462C198D77}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{1169B10E-1E7A-4E7D-8DD7-BA9B5656893C}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Desktop App.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{1F605DBA-351F-4682-8A10-B40AF513E108}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\AppsPanel\Updater\Adobe Application Updater.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{4FDFBE88-27BD-4005-9630-5907B6ACFFB1}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{51186301-A3E5-4E97-AF1F-4F968BE7A8EF}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\FilesPanel\customhook\FilesAppCustomHook.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{4C0242BE-0F26-4812-9547-C05963A1061A}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\customhook\ACCCustomHook.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{69AE4F59-1DA8-475E-A92B-847BE00E0229}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\CRLogTransport.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{CBF84DD8-2E8D-4CEB-A48A-D4817920AF74}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\CRWindowsClientService.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{5AB7FE98-17DE-4F82-8795-95F2FFA5EA9C}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HDCore\Set-up.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{014F9B6F-7B1B-40BC-A616-21DDEB10282D}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HDCore\HDHelper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{A84ABF8D-19F8-4386-AC14-F8F9B4C059BA}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Systems Incorporated) FirewallRules: [{FBF61431-4022-4201-9392-7425A762D6DA}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe (Node.js Foundation -> Node.js) FirewallRules: [{F97EFA37-969D-4EA4-9795-B1A17D2618FB}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{C9F9F0B3-25BD-44A0-AF96-08EE99FA9194}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeServiceInstaller.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{77528839-D0D5-4052-B283-D1A5A5E31E4B}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{51B9061A-5C33-43C1-8C90-5047CD37AB4B}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{2C6A44B9-FB42-419E-B645-1EA7F46C2A7C}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{2AB380AA-DDEE-4DFC-8D50-BAA665BFCF68}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\CCLibraryUninstallHook.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{B0FD41A3-D430-44AA-8C57-4EF036CCF7EE}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) FirewallRules: [{260EAE6C-1C07-4619-B778-A3C747AEA811}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Helper.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) FirewallRules: [{5BAFB61C-0AC5-476B-A780-F51A7B7146E7}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\AdobeApplicationManager\AAMSetup\Set-up.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{50D4476A-12CF-4C81-AB42-D7F12C316ACB}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{D6A85610-5857-4546-A94C-7346793FA435}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{0CC9B6F0-778A-4D7A-A415-AC12E056505F}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\D6\Setup.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{68E1ACEF-8FA3-498A-A916-EF47695FBDA1}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DECore\Setup.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{1BF9E28B-AB4D-43E1-868A-C1A6DA4461EA}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\AAM Registration Notifier.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{2FCB1123-5556-4A43-B5CC-0F6CB2833128}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{51BEED93-81DD-4ED3-A2EF-5DC1B7536F0C}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\AAM Registration Notifier.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{2E4446F6-9D49-49D8-B714-D3260EA6E2EC}] => (Allow) C:\Programmes Portables\4K Video Downloader\4KVideoDownloaderPortable.exe (Open Media LLC) [File not signed] FirewallRules: [{6584BBAE-41E1-4C9C-99B3-4018BA7E328C}] => (Allow) C:\Programmes Portables\4K Video Downloader\App\4kvideodownloader\4kvideodownloader.exe (Open Media LLC -> Open Media LLC) FirewallRules: [{F6AF113A-0F96-49A2-BC5F-9E5743035889}] => (Allow) C:\Programmes Portables\sumo\SUMo.exe (KC SOFTWARES -> KC Softwares) FirewallRules: [{4C0F9475-765F-47D9-95A1-AC18B05B8A12}] => (Allow) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A47C733C-5359-4003-B016-84DB4BEFF460}] => (Allow) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{94F191F5-46DB-4935-8F3C-05CC7F4D4534}] => (Allow) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9F96F016-E96E-4C2D-B0C8-202A8E0629F5}] => (Allow) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{49A84AB8-5F65-4969-B156-879D67D2932A}] => (Allow) C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FDAFEC00-732F-4487-81F4-14432F302D3B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{21736F21-CDC4-448D-B413-CEEB0C9B2D44}] => (Allow) C:\Windows Update Minitools avec script Wrapper\wumt_x64.exe (stupid user) [File not signed] FirewallRules: [{A4F66137-24C1-46E8-9BA1-28C6835292DD}] => (Allow) C:\Windows Update Minitools avec script Wrapper\wumgr.exe () [File not signed] FirewallRules: [{0B4FB229-A060-409B-99E3-6B3FB0E2DE35}] => (Allow) C:\Windows Update Minitools avec script Wrapper\wub.exe (www.sordum.org) [File not signed] FirewallRules: [{CBD121A0-09CB-481B-B515-F5526333DA3E}] => (Allow) C:\Windows Update Minitools avec script Wrapper\NSudoCx64.exe (M2-Team) [File not signed] FirewallRules: [{63057928-24C6-47D2-8D87-DBC87049F497}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{56536441-E73A-4EBD-8000-017332D46F81}] => (Allow) C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D2F9936E-6B2D-47A4-BB85-A47D9C677381}] => (Allow) C:\Program Files\Mozilla Firefox\updater.exe (Mozilla Corporation -> Mozilla Foundation) FirewallRules: [{DBC9FBE0-971A-45E7-88BC-A21F0563101B}] => (Block) C:\Program Files\ON1\ON1 Photo RAW 2019\on1capture.exe (ON1, Inc -> ON1, Inc.) FirewallRules: [{79994711-B141-4A27-94DD-B0D9E3773034}] => (Block) C:\Program Files\ON1\ON1 Photo RAW 2019\on1capture.exe (ON1, Inc -> ON1, Inc.) FirewallRules: [{37D5A149-2E14-43E4-8FB0-B880C632CEA9}] => (Block) C:\Program Files\ON1\ON1 Photo RAW 2019\ON1 Photo RAW 2019.exe (ON1, Inc -> ON1, Inc.) FirewallRules: [{82FC08AC-90C6-4800-ADD4-777995BCE242}] => (Block) C:\Program Files\ON1\ON1 Photo RAW 2019\ON1 Photo RAW 2019.exe (ON1, Inc -> ON1, Inc.) FirewallRules: [{47F96B90-98CA-4928-9713-C41FDE778440}] => (Block) C:\Program Files\ON1\ON1 Photo RAW 2019\on1sandbox.exe (ON1, Inc -> ) FirewallRules: [{9848FE51-3A4F-4224-8334-2A8088255331}] => (Block) C:\Program Files\ON1\ON1 Photo RAW 2019\on1sandbox.exe (ON1, Inc -> ) FirewallRules: [{E69DA3AD-57DC-4513-B950-F541C643CF2E}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) FirewallRules: [{22052D76-254D-43C0-8AFE-EE50E16969FA}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) FirewallRules: [{9CF181F0-57DA-4587-8078-4628D8724AEA}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> ) FirewallRules: [{48EEECD7-0802-4320-82C2-CF9FA67D4161}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> ) FirewallRules: [{5F11CB98-E079-4E38-A4B0-ECA8B7C84760}] => (Allow) C:\Programmes Portables\4K Video Downloader\4KVideoDownloaderPortable.exe (Open Media LLC) [File not signed] FirewallRules: [{55AA71DA-9874-44F0-8DF8-918183651BEF}] => (Allow) C:\Programmes Portables\4K Video Downloader\App\4kvideodownloader\4kvideodownloader.exe (Open Media LLC -> Open Media LLC) FirewallRules: [{CEFB9DC1-5857-4811-917D-E937AADB55E9}] => (Allow) C:\Program Files\NetWorx\networx.exe (SoftPerfect) [File not signed] FirewallRules: [{12ABE062-8D57-4CF0-A65C-951B8A03ECA3}] => (Allow) C:\Program Files\NetWorx\networx.exe (SoftPerfect) [File not signed] FirewallRules: [{A0A51EFA-8CB0-41DE-8A99-7C3AC3338885}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{10EAC610-2AEB-4C12-B2B4-DA206D6E6C0C}] => (Allow) C:\Program Files\Mozilla Firefox\updater.exe (Mozilla Corporation -> Mozilla Foundation) FirewallRules: [{C8B242DE-2981-41A9-8BDC-041F90FF458D}] => (Allow) C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{56C1BC01-CDE0-4492-9191-12043F8D6FBD}] => (Allow) C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{72C23B57-A301-4C9F-857F-16D59DE9C8D1}] => (Allow) C:\Program Files\Mozilla Firefox\maintenanceservice.exe (Mozilla Corporation -> Mozilla Foundation) FirewallRules: [TCP Query User{478D3DAB-4DEF-447B-8E7E-21BC874148CF}C:\program files\adobe\adobe premiere pro cc 2019\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2019\adobe premiere pro.exe (Adobe Inc. -> Adobe) FirewallRules: [UDP Query User{3E488042-54A6-4DBE-9F0A-6939E210BADD}C:\program files\adobe\adobe premiere pro cc 2019\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2019\adobe premiere pro.exe (Adobe Inc. -> Adobe) FirewallRules: [{104CD1D0-C7BF-40C9-B689-2664CBE5A3C0}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Recovery.exe (Veeam Software AG -> Veeam Software Group GmbH) FirewallRules: [{0D4CC4C6-522E-4828-9216-ADCCE437F26D}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software AG -> Veeam Software Group GmbH) FirewallRules: [{3EC05EA2-A6E5-4D68-AF4B-40E120A018F9}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software AG -> Veeam Software Group GmbH) FirewallRules: [{7BC0175D-7A63-4786-8234-D12A5663D74B}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software AG -> Veeam Software Group GmbH) FirewallRules: [{D2620C73-51D7-4BE5-96A7-2DD419F0C87A}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software AG -> Veeam Software Group GmbH) FirewallRules: [{05D1ABF8-36BB-46FB-82F3-460B7A8CD7AC}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software AG -> Veeam Software Group GmbH) FirewallRules: [{E94A9F70-7DEC-460C-98F2-AABF0735F90B}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software AG -> Veeam Software Group GmbH) FirewallRules: [{12277B25-0E1E-410D-A026-0F38135294F9}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software AG -> Veeam Software Group GmbH) FirewallRules: [{4EEFFDA1-59BD-4E7D-8C7D-FE69F020984E}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software AG -> Veeam Software Group GmbH) FirewallRules: [{A9908736-F9E8-4648-ABE8-9424AD62A996}] => (Block) C:\Program Files\CyberLink\PowerDVD19\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{715C78CF-CD5D-497F-9D0E-20FE3A8482F4}] => (Block) C:\Program Files\CyberLink\PowerDVD19\ShareModule32\Kernel\DMS\CLMSServerPDVD19.exe (CyberLink Corp. -> CyberLink) FirewallRules: [{EE8CDA9D-2DEF-4FD7-B841-A2DF98845936}] => (Block) C:\Program Files\CyberLink\PowerDVD19\PowerDVD19Agent.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{0A6A60E2-C3FE-40D2-AC7D-08630B83C405}] => (Block) C:\Program Files\CyberLink\PowerDVD19\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{33E2C992-DD9F-49D7-AC9D-CDA6D16728C3}] => (Block) C:\Program Files\CyberLink\PowerDVD19\CastingStation.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{7B152CFA-5D37-47C7-BB18-84423369FFD3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{68C6C96E-64AE-4D10-8E8F-066836314868}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7BCD180D-9CC0-4237-AC8C-63B1688EC69D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{21095EB1-313E-4E4B-83EA-89187CB0A6B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{11F34D63-568C-46F6-9016-9117DA4B1E79}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{FE884CC0-BE8E-4326-B90E-D2918A9D5101}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{F3499468-E0D5-44EA-8DE8-85505CAF9770}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{F00EB543-BDC4-4618-AFF2-C52D0174CC2C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{6789A1F4-D25A-4E18-8A6A-6DCA0F6C968C}] => (Allow) C:\Program Files\Opera\launcher.exe (Opera Software AS -> Opera Software) FirewallRules: [{1E42A810-DC64-4A66-BC6B-B2DCCD22EB9F}] => (Allow) C:\Program Files\Opera\62.0.3331.99\installer.exe (Opera Software AS -> Opera Software) FirewallRules: [{0F51F117-FDA2-43FD-A159-E09EAF98E3C9}] => (Allow) C:\Program Files\Opera\62.0.3331.99\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{2E647F46-1149-4983-848A-EFF779DE926F}] => (Allow) C:\Program Files\Opera\62.0.3331.99\opera_autoupdate.exe (Opera Software AS -> Opera Software) FirewallRules: [{244E80D5-5015-418D-B111-141644B01239}] => (Block) C:\Programmes Portables\HardDiskSentinel\HDSentinel.exe (H.D.S. Hungary) [File not signed] FirewallRules: [{71BE855C-3BF3-437E-A639-42AB8BE853BF}] => (Block) C:\Programmes Portables\CareUEyes\CareUEyesPortable.exe (jooseng.blog.163.com) [File not signed] FirewallRules: [{E7FFB23D-E9F3-4010-B293-3236B31094DF}] => (Block) C:\Programmes Portables\CareUEyes\App\ProgramFiles\update.exe (Care Your Eyes) [File not signed] FirewallRules: [{9D137F97-4843-44DE-87B7-A08EAE971C0D}] => (Block) C:\Programmes Portables\CareUEyes\App\ProgramFiles\CareUEyes.exe (Care Your Eyes) [File not signed] FirewallRules: [{F773C286-6CD6-471E-B73E-2C370DFAF9DE}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.) FirewallRules: [{6BBF5B09-438D-42F7-AABE-BCD35639A076}] => (Allow) C:\Programmes Portables\4K Video Downloader\App\4kvideodownloader\4kvideodownloader.exe (Open Media LLC -> Open Media LLC) FirewallRules: [{860C184F-21C2-482C-BC21-608201E10094}] => (Allow) C:\Programmes Portables\4K Video Downloader\4KVideoDownloaderPortable.exe (Open Media LLC) [File not signed] FirewallRules: [TCP Query User{2906C25A-91BC-4504-B2A4-540ADE94AE77}C:\users\owner\appdata\local\programs\deezer.desktop\deezer.exe] => (Allow) C:\users\owner\appdata\local\programs\deezer.desktop\deezer.exe (Deezer -> Deezer) FirewallRules: [{D6E3F9C8-0CB9-4FC5-90C3-D0BA22A8FC85}] => (Allow) C:\Users\owner\AppData\Local\Programs\deezer.desktop\resources\build\win\WindowsComponent.exe (Deezer -> ) FirewallRules: [{36A27065-86DA-4DEB-9FF8-96005F29D1A5}] => (Allow) C:\Users\owner\AppData\Local\Programs\deezer.desktop\resources\elevate.exe (Deezer -> Johannes Passing) FirewallRules: [{B2B61212-ABF2-438D-A690-DDC058950822}] => (Allow) C:\Users\owner\AppData\Local\Programs\deezer.desktop\resources\build\win\WindowsComponent.exe (Deezer -> ) FirewallRules: [{A72DF3F0-BEF6-473D-9AAB-ACA562F2E07D}] => (Allow) C:\Users\owner\AppData\Local\Programs\deezer.desktop\Deezer.exe (Deezer -> Deezer) FirewallRules: [TCP Query User{A24661CB-1B08-46E2-A469-1324ED27042F}C:\programmes portables\sdi\sdio_x64_r702.exe] => (Allow) C:\programmes portables\sdi\sdio_x64_r702.exe (Mr Glenn Stuart Delahoy -> Glenn Delahoy) FirewallRules: [UDP Query User{C6EF2E19-F1A5-454F-9CAC-824512696207}C:\programmes portables\sdi\sdio_x64_r702.exe] => (Allow) C:\programmes portables\sdi\sdio_x64_r702.exe (Mr Glenn Stuart Delahoy -> Glenn Delahoy) FirewallRules: [{586B0A93-51FA-4090-BBEC-78F6D7C16A1E}] => (Allow) C:\Programmes Portables\wscc x64\wscc.exe (KirySoft S.R.L. -> KirySoft) ==================== Restore Points ========================= ATTENTION: System Restore is disabled (Total:928.95 GB) (Free:470.67 GB) (51%) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/31/2019 01:01:15 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4340,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (07/31/2019 12:59:54 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT) Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\PC$ via https://IFX-KeyId-78a409c457de6926f6df42c6114eb7e56a9b56e7.microsoftaik.azure.net/templates/Aik/scep : GetCACaps Méthode : GET(141ms) Étape : GetCACaps Impossible d’établir une connexion avec le serveur 0x80072efd (WinHttp: 12029 ERROR_WINHTTP_CANNOT_CONNECT) Error: (07/31/2019 11:40:00 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (6168,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (07/31/2019 11:35:01 AM) (Source: Firefox) (EventID: 5) (User: ) Description: Event-ID 5 Error: (07/31/2019 11:00:11 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PC) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (07/31/2019 11:00:09 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PC) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (07/31/2019 11:00:09 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PC) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (07/31/2019 11:00:07 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT) Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\PC$ via https://IFX-KeyId-78a409c457de6926f6df42c6114eb7e56a9b56e7.microsoftaik.azure.net/templates/Aik/scep : GetCACaps Méthode : GET(12015ms) Étape : GetCACaps L’adresse ou le nom de serveur n’a pas pu être résolu 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED) System errors: ============= Error: (07/31/2019 11:01:38 AM) (Source: DCOM) (EventID: 10001) (User: PC) Description: Impossible de démarrer un serveur DCOM : InputApp_1000.18362.267.0_neutral_neutral_cw5n1h2txyewy!App en tant que Non disponible/Non disponible. L’erreur « 2147942402 » s’est produite lors du démarrage de la commande : "C:\WINDOWS\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca Error: (07/31/2019 11:01:34 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (07/31/2019 10:59:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service CmService dépend du service HvHost qui n’a pas pu démarrer en raison de l’erreur : Le service ou le groupe de dépendance n’a pas pu démarrer. Error: (07/31/2019 10:59:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service HvHost dépend du service hvservice qui n’a pas pu démarrer en raison de l’erreur : Élément introuvable. Error: (07/31/2019 10:59:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service hvservice n’a pas pu démarrer en raison de l’erreur : Élément introuvable. Error: (07/31/2019 10:59:34 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service WaaSMedicSvc s’est arrêté avec l’erreur : Accès refusé. Error: (07/31/2019 10:41:09 AM) (Source: DCOM) (EventID: 10001) (User: PC) Description: Impossible de démarrer un serveur DCOM : InputApp_1000.18362.267.0_neutral_neutral_cw5n1h2txyewy!App en tant que Non disponible/Non disponible. L’erreur « 2147942402 » s’est produite lors du démarrage de la commande : "C:\WINDOWS\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca Error: (07/31/2019 09:27:56 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. CodeIntegrity: =================================== Date: 2019-07-31 11:02:56.654 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2019-07-31 09:36:25.249 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2019-07-31 09:36:25.234 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2019-07-31 09:28:07.374 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2019-07-30 20:53:20.149 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2019-07-30 20:53:20.133 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2019-07-30 20:52:38.076 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2019-07-30 20:15:53.290 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== BIOS: TOSHIBA Version 5.10 04/18/2018 Motherboard: TOSHIBA dynabook R73/PB Processor: Intel(R) Core(TM) i7-4710MQ CPU @ 2.50GHz Percentage of memory in use: 31% Total physical RAM: 16309.31 MB Available physical RAM: 11233.2 MB Total Virtual: 19309.31 MB Available Virtual: 13195.38 MB ==================== Drives ================================ Drive c: (WINDOWS) (Fixed) (Total:928.95 GB) (Free:470.67 GB) NTFS Drive r: (RamDisk) (Fixed) (Total:1 GB) (Free:0.92 GB) NTFS \\?\Volume{ab9d2d12-c7af-413a-a4b0-4864e00de78d}\ (System) (Fixed) (Total:0.96 GB) (Free:0.87 GB) NTFS \\?\Volume{d17a32d2-87e9-4c68-bd98-7dd9fe6dbcbe}\ () (Fixed) (Total:1.38 GB) (Free:0.9 GB) NTFS \\?\Volume{12d6d737-4ea6-4bec-b687-9e5dc54ff089}\ () (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 0F06AE0C) Partition: GPT. ==================== End of Addition.txt ============================