Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-11-2019 Ran by Christian (14-11-2019 13:33:16) Running from C:\Users\Christian\Desktop Windows 10 Pro Version 1909 18363.476 (X64) (2019-06-13 20:38:33) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4215277605-4089420941-575653807-500 - Administrator - Disabled) Christian (S-1-5-21-4215277605-4089420941-575653807-1000 - Administrator - Enabled) => C:\Users\Christian DefaultAccount (S-1-5-21-4215277605-4089420941-575653807-503 - Limited - Disabled) Guest (S-1-5-21-4215277605-4089420941-575653807-501 - Limited - Disabled) => C:\Users\Guest WDAGUtilityAccount (S-1-5-21-4215277605-4089420941-575653807-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden A9CAD (HKLM-x32\...\{C8E104FE-D57E-4082-9524-6C3A1C8DBDD7}) (Version: 2.2.0 - A9Tech) Acceo Application (HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\acceo) (Version: 3.0.5 - ACCEO) AdCleaner 1.2 (HKLM-x32\...\AdCleaner_is1) (Version: - eEriEsoft,Inc.) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe) AIO_CDA_ProductContext (HKLM-x32\...\{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden AIO_CDA_Software (HKLM-x32\...\{CBB55719-C875-4C5A-A0B6-2473F77DD164}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden ANT Drivers Installer x64 (HKLM\...\{8F3BCD5E-6E82-4C79-ABDC-8B9ACE5F9F63}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.) AOMEI Partition Assistant Standard Edition 6.6 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.) Apowersoft Online Launcher version 1.7.1 (HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.1 - APOWERSOFT LIMITED) Apple Application Support (32 bits) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Attribute Changer 9.10c (HKLM\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 9.10c - Romain Petges) Autodesk DWG TrueView 2015 - Français (French) (HKLM\...\DWG TrueView 2015 - Français (French)) (Version: 20.0.51.0 - Autodesk) AVI-FLV-MP4-WMV Converter 2.2 (HKLM-x32\...\AVI-FLV-MP4-WMV Converter_is1) (Version: - Auvisoft, Inc.) Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.) barre d'outils Orange (HKLM-x32\...\OrangeToolbar) (Version: 4.4.3.0 - Orange) Bel Atout 5.71 (HKLM-x32\...\BelAtoutFr_is1) (Version: - Vincent Brévart) BlueStacks App Player (HKLM-x32\...\{2A19A03A-A339-4697-99A4-EBA3D035D41A}) (Version: 2.2.19.6015 - BlueStack Systems, Inc.) BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden C6100 (HKLM-x32\...\{0DEF8C02-2EAB-4BFE-A7E0-7990665DF1A9}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden c6100_Help (HKLM-x32\...\{4BD5B5D2-406D-4bc5-BB10-2F0D1D367C95}) (Version: 82.0.256.000 - Hewlett-Packard) Hidden CamStudio 2.02 Fr (HKLM-x32\...\CamStudio 2.02 Fr_is1) (Version: - ) CardRecoveryPro 2.5.5 (HKLM-x32\...\{7B3C1EB7-6878-4DE6-A1E6-02C3F63C4470}_is1) (Version: 2.5.5 - LionSea SoftWare) CardRecoveryPro 2.6.5 (HKLM-x32\...\{D9E1CADA-D103-47AE-B3F8-0C0CD0E5856E}_is1) (Version: 2.6.5 - LionSea Software co., ltd) CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform) CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 77.1.1834.93 - Auteurs de CCleaner Browser) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) CodeTwo QR Code Desktop Reader (HKLM-x32\...\{8E03824D-0FCC-4AAE-BBE3-3B544BE3876F}) (Version: 1.0.0 - CodeTwo) CompeGPS LAND 7.0.2 (HKLM-x32\...\CompeGPS LAND_is1) (Version: - CompeGPS TEAM, S.L.) CompeGPS LAND 7.6.6 (HKLM-x32\...\CompeGPS_is1) (Version: 7.6.6 - CompeGPS TEAM, S.L.) CompeGPSDownloader version 1.18 (HKLM-x32\...\CompeGPSDownloader_is1) (Version: 1.18 - CompeGPS TEAM, S.L.) Configuration DivX (HKLM-x32\...\DivX Setup) (Version: 2.6.1.84 - DivX, LLC) Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden CopyQ 2.6.1 (HKLM-x32\...\{9DF1F443-EA0B-4C75-A4D3-767A7783228E}_is1) (Version: 2.6.1 - Lukas Holecek) CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden Dexpot (HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\Dexpot) (Version: 1.6.14 - Dexpot GbR) Diagram Designer (HKLM-x32\...\{22C6C784-2D9C-4B7A-8A1E-97D817DB3883}) (Version: 1.29.3 - MeeSoft) DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden doPDF (HKLM\...\{09BE69E4-B9AD-447D-8A2F-E1D6CBE9C417}) (Version: 10.1.112 - Softland) Hidden doPDF (HKLM\...\{63573EF2-898E-4379-B58A-FAAAC0C662E3}) (Version: 9.6.244 - Softland) Hidden doPDF 10 (HKLM-x32\...\{f5020cd6-f9e7-47b4-ba38-35989d3528ac}) (Version: 10.1.112 - Softland) doPDF 10 add-in for Microsoft Office (x64) (HKLM\...\{F9F53ACC-96EE-49A9-B947-0BDBC9F29A70}) (Version: 10.1.112 - Softland) doPDF 10 add-in for Microsoft Office (x86) (HKLM-x32\...\{F274B289-723E-46E4-A2E5-50F9DA00EC92}) (Version: 10.1.112 - Softland) doPDF 10 Printer Driver (HKLM\...\{F2AA4489-36C5-428A-A715-DD4BFE05361F}) (Version: 10.1.112 - Softland) doPDF 9 (HKLM-x32\...\{3867c51a-8d12-471a-ad9e-e476bfbd6558}) (Version: 9.6.244 - Softland) doPDF 9 add-in for Microsoft Office (x64) (HKLM\...\{AF07B338-C094-4D5E-969E-802BC7679790}) (Version: 9.6.244 - Softland) doPDF 9 add-in for Microsoft Office (x86) (HKLM-x32\...\{CD3EBCAF-5BAC-45C1-AF0A-A809179F717A}) (Version: 9.6.244 - Softland) doPDF 9 Printer Driver (HKLM\...\{5601DCB6-F209-4C77-A040-480E93327DC5}) (Version: 9.6.244 - Softland) dr.fone toolkit pour Android (Version 8.3.3) (HKLM-x32\...\{7B08A1E1-3644-4237-B39D-762B5F5564D0}_is1) (Version: 8.3.3.64 - Wondershare Technology Co.,Ltd.) Duplicate Cleaner Free 3.2.7 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.2.7 - DigitalVolcano Software Ltd) <==== ATTENTION DWG TrueView 2015 - Français (French) (HKLM\...\{5783F2D7-E028-040C-0100-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden DWGSee DWG Viewer (HKLM-x32\...\{B40DED06-B52E-4970-8689-578D162638ED}) (Version: - ) Elevated Installer (HKLM-x32\...\{D65F0A69-836E-419F-B817-A82A1A0B04A3}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Hidden ENE USB Card Reader Driver (HKLM\...\8426FCB8FBFE7DD936977F568A58E018229E5BC1) (Version: 5.89.0.71 - ENE) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden erLT (HKLM-x32\...\{A498D9EB-927B-459B-85D6-DD6EF8C2C564}) (Version: 1.20.0137 - Logitech, Inc.) Hidden Etiquettes PRO (DEMO) (HKLM-x32\...\Etiquettes PRO (DEMO)_is1) (Version: - AXEL) Étude pour l'amélioration du produit HP ENVY 4520 series (HKLM\...\{A4A64935-E38B-4DB0-97C5-452928C381C1}) (Version: 40.11.1122.1796 - HP Inc.) Euro2016 (HKLM-x32\...\Euro2016_is1) (Version: - Olivier RAVET) Fax (HKLM-x32\...\{9294F169-72EE-4D74-AE92-CA25F64B4FF8}) (Version: 140.0.307.000 - Hewlett-Packard) Hidden FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - ) FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time) FotoMix version 9.2.5 (HKLM-x32\...\{10A0255E-0B73-4397-AB4E-E3667EDA70E4}_is1) (Version: 9.2.5 - Digital Photo Software) Free DWG Viewer 7.0 (HKLM-x32\...\{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}) (Version: 7.0.1 - IGC) Free Opener (HKLM\...\{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1) (Version: 1.4 - EZ Freeware) Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version: - Jodix Technologies Ltd.) Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.28.831 - Digital Wave Ltd) FreeCAD 0.16 - A free open source CAD system (HKLM\...\FreeCAD 0.16) (Version: 0.16.6700 - Juergen Riegel) FreeFileSync 6.10 (HKLM-x32\...\FreeFileSync) (Version: 6.10 - Zenju) Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Garmin BaseCamp (HKLM-x32\...\{1ac25e24-a380-4f68-bb3c-f9b1d7cdb2df}) (Version: 4.7.0.0 - Garmin Ltd or its subsidiaries) Garmin BaseCamp (HKLM-x32\...\{3B93218E-3D19-4063-A578-2722B8C4E161}) (Version: 4.7.0.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{4A1D1574-78D4-48E5-A587-84392EEA5C8A}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{624907e5-2ad8-4617-a97f-9e051f9179dd}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Garmin MapInstall (HKLM-x32\...\{0FBAFFD8-BCBA-4631-97E8-433DE7D1D753}) (Version: 4.0.1 - Garmin Ltd or its subsidiaries) Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries) Garmin Trip and Waypoint Manager v5 (HKLM-x32\...\{414A373B-59DF-4102-94CA-9FE9A74CBDDA}) (Version: 5.0.0.0 - Garmin Ltd or its subsidiaries) Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries) Garmin WebUpdater (HKLM-x32\...\{CCB71FF8-DE82-469C-8641-44378F4443EB}) (Version: 2.5.4 - Garmin Ltd or its subsidiaries) Gestionnaire pour appareils Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team) Glary Utilities 5.130 (HKLM-x32\...\Glary Utilities 5) (Version: 5.130.0.156 - Glarysoft Ltd) GMapTool 0.8.186a (HKLM-x32\...\{1873789F-59D5-4002-8A2F-60A827B78F98}_is1) (Version: - AP) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.97 - Google LLC) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google) Google Gmail Notifier (HKLM-x32\...\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}) (Version: - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden GPL Ghostscript (HKLM\...\GPL Ghostscript 9.16) (Version: 9.16 - Artifex Software Inc.) Gpstrack 2014 (HKLM-x32\...\{DDCFE420-4CCC-400D-85B5-F9B44A205D74}) (Version: 14.1.1 - Gpstrack Team) GreenCloud Printer 7.5.3.0 (HKLM\...\{F36B43F0-3BE6-48BA-A22D-3C098092BB3F}_is1) (Version: 7.5.3.0 - ObviousIdea) Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot) GSplit 3 (HKLM-x32\...\GSplit3Set) (Version: 3.0.1.0 - G.D.G. Software) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Dropbox Plugin (HKLM-x32\...\{6401399A-F5DA-4C04-87AA-E8107DF00751}) (Version: 36.0.41.58587 - HP) HP ENVY 4520 series Aide (HKLM-x32\...\{D9C0AB86-384B-49FF-A667-717724F07740}) (Version: 36.0.0 - Hewlett Packard) HP Google Drive Plugin (HKLM-x32\...\{63BCC696-0FB4-4E9C-8144-2DA4F248FC17}) (Version: 36.0.41.58587 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photo Creations (HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\HP Photo Creations) (Version: 1.0.0.22192 - HP) HP Photosmart All-In-One Driver Software (HKLM\...\{4F6C1178-3FC0-44BB-8F9A-28D8516DFEE2}) (Version: 14.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Solutions Framework (HKLM-x32\...\{446AA6E0-104D-40FB-A18A-A3431AED2F14}) (Version: 12.13.42.1 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden Icecream PDF Split and Merge version 2.4 (HKLM-x32\...\{95DC4DB4-99FB-4FB2-ADBD-97F194EDEB4D}_is1) (Version: 2.4 - Icecream Apps) Icecream Screen Recorder version 5.10 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 5.10 - Icecream Apps) Icecream Slideshow Maker version 3.15 (HKLM-x32\...\{3674ADB5-6374-4EBA-BB46-7C6EFB266661}_is1) (Version: 3.15 - Icecream Apps) IcoFX 1.6.4 (HKLM-x32\...\IcoFX_is1) (Version: - ) IcoFX 2.11 (HKLM-x32\...\IcoFX 2_is1) (Version: - ) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Inkscape 0.92.2 (HKLM-x32\...\Inkscape) (Version: 0.92.2 - Inkscape Project) InstallClick Connector (HKLM-x32\...\{2F57C004-1FED-4C30-81FC-EE305D4D0A2E}) (Version: 3.5.0 - RIFT Technologies) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation) Internet TV pour Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation) ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com) ITN Converter 1.87 (HKLM-x32\...\ITN Converter_is1) (Version: 1.87 - Benichou Software) iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.) IZArc 4.2 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.2 - Ivan Zahariev) Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.6.0.0 - QFX Software Corporation) K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - ) K-Lite Codec Pack 9.9.9 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.9.9 - ) LAND 8.2.2 (HKLM-x32\...\LAND_is1) (Version: 8.2.2 - CompeGPS TEAM, S.L.) Les départements français (HKLM-x32\...\Les départements français) (Version: - ) LibreCAD (HKLM-x32\...\LibreCAD) (Version: 2.1.3 - LibreCAD Team) Ligue1 2016-17 Version 1.1 (HKLM-x32\...\Ligue1_is1) (Version: - Olivier RAVET) Logiciel de base du périphérique HP ENVY 4520 series (HKLM\...\{3FFE72AE-0C03-4126-A3C8-EBF4D409C991}) (Version: 40.11.1122.1796 - HP Inc.) Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.82 - Logitech) ma Livebox (HKLM-x32\...\ma Livebox) (Version: 3.4.8.0 - Orange) Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Manager (HKLM-x32\...\{6256D767-63FF-4772-8BA0-05D4922A91A1}) (Version: 4.1.12.37570 - SOBER LEMUR SAS DI VACONDIO ANDREA) Hidden Manuels EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.40.0.0 - SEIKO EPSON CORPORATION) MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden Microsoft File Transfer Manager (HKLM-x32\...\{4C8169AB-B6C1-413B-81B6-73B77127D82F}) (Version: 5.00.34 - Microsoft) Microsoft Office Word Viewer 2003 (HKLM-x32\...\{9085040C-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation) Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{3B160861-7250-451E-B5EE-8B92BF30A710}) (Version: 9.7.0621 - Microsoft Corporation) Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-040C-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation) MoboPlay for iOS (HKLM-x32\...\iMoboPlay) (Version: 3.0.6.339 - Xianzhi) Module de compatibilité pour Microsoft Office System 2007 (HKLM-x32\...\{90120000-0020-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.7.2 - Mozilla) Mozilla Thunderbird 60.7.2 (x86 fr) (HKLM-x32\...\Mozilla Thunderbird 60.7.2 (x86 fr)) (Version: 60.7.2 - Mozilla) MPC-HC 1.7.0 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Naviextras Toolbox (HKLM-x32\...\Naviextras Toolbox) (Version: 3.18.5.658621 - NNG Llc.) Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.) Nero 8 Essentials (HKLM-x32\...\{61B5D553-85DD-4B25-893E-B352FD9D1036}) (Version: 8.3.436 - Nero AG) Nero BurnLite 10 (HKLM-x32\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG) Nero BurnLite 10 (HKLM-x32\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG) Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG) NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.48.00 - NETGEAR Inc.) Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden Notification Mail (HKLM-x32\...\MailNotifier) (Version: 4.2.0-Fr1.0 - Orange) novaPDF 8 SDK COM (x64) (HKLM\...\{F0A1FC93-B861-4300-B5B3-1F54B08916C8}) (Version: 8.5.937 - Softland) novaPDF 8 SDK COM (x86) (HKLM-x32\...\{F1404F42-DC02-4AE9-A02F-0E03B16E8AC4}) (Version: 8.5.937 - Softland) novaPDF Standard Desktop 7.6 printer (HKLM\...\novaPDF Standard Desktop 7 printer_is1) (Version: - Softland) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) Oracle VM VirtualBox 5.2.0 (HKLM\...\{3E34086D-2D0A-4E8B-84BE-CC185D64EE8E}) (Version: 5.2.0 - Oracle Corporation) Orange Adventurer (HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\Adventurer) (Version: 4.0.0.0 - Orange) Orange Inside (HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\Orange Inside) (Version: 3.2.0.1 - Orange) Orange Installer (HKLM-x32\...\Orange Installer) (Version: 2.0.0.13 - Orange) Orange mes contenus v1.0.0.043090 (HKLM\...\{D6972518-1377-41ea-8129-E5FADBED5789}_is1) (Version: 1.0.0.043090 - Orange) Package de pilotes Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Package de pilotes Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Packard Bell Software Suite (HKLM-x32\...\Packard Bell Software Suite) (Version: 2.00.3000 - Acer Incorporated) paint.net (HKLM\...\{B998B716-4001-4919-BA90-BA14B51DFEB5}) (Version: 4.1.6 - dotPDN LLC) PDFsam Basic (HKLM-x32\...\{0314BB4C-2B68-491C-B4FB-40F1EC6CA881}) (Version: 3.30.5.0 - Andrea Vacondio) PDFsam Enhanced 4 (HKLM-x32\...\PDFsam Enhanced 4) (Version: 4.0.3.32301 - Copyright 2017 Andrea Vacondio) PDFsam Enhanced 4 Asian Fonts Pack (HKLM\...\{23186912-8615-4924-B677-D032739A0861}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden PDFsam Enhanced 4 Convert Module (HKLM\...\{82E16ABB-95AB-43E7-A402-1638B03C8391}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden PDFsam Enhanced 4 Create Module (HKLM\...\{DB8BDD2C-FA37-4B7C-B43A-443FB1D268F6}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden PDFsam Enhanced 4 Edit Module (HKLM\...\{93082EB3-E24B-44A0-9ACB-F1F700F8977F}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden PDFsam Enhanced 4 Forms Module (HKLM\...\{D66F2332-0894-4B48-99E7-3C25C108ECE8}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden PDFsam Enhanced 4 Insert Module (HKLM\...\{57DCEFC3-54A2-40C8-B833-3CAE945FFC0C}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden PDFsam Enhanced 4 OCR Module (HKLM\...\{41B8D2E1-47FC-4BB4-A4EA-BC2F1471996D}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden PDFsam Enhanced 4 Review Module (HKLM\...\{A8BEAD35-464C-459E-B572-06CF3270370D}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden PDFsam Enhanced 4 Secure Module (HKLM\...\{C66640E8-BAEB-43FB-BE87-C184E866405F}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden PDFsam Enhanced 4 View Module (HKLM\...\{193A600E-D248-4D12-95BE-8FD5B25DD0AD}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden PDFTK Builder 3.5.3 (HKLM-x32\...\PDFTK Builder_is1) (Version: - ) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.2 - Tracker Software Products Ltd) PDF-XChange 3 Pro (HKLM\...\PDF-XChange 3 Pro_is1) (Version: - Tracker Software) Photo d'identité (HKLM-x32\...\{798BCE40-E56A-4841-B08D-EDA5023E2D3A}_is1) (Version: 12.1 - Emjysoft) Photosmart and Deskjet Drivers 14.0 Rel. A (HKLM\...\{F58E1340-3FD5-40B8-A07C-4893CFC29749}) (Version: 14.0 - HP) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) PNotes 9.3.0 (HKLM-x32\...\{949D34E5-F53F-4830-9A50-1E2C39109043}_is1) (Version: 9.3.0 - Andrey Gruber) PopTrayU 5.2.6 (HKLM-x32\...\PopTrayU) (Version: 5.2.6 - Jessica Brown) PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale) POSTERIZA 1.1.1 (HKLM-x32\...\POSTERIZA) (Version: 1.1.1 - e-Presencia) PowerpointImageExtractor (HKLM-x32\...\PowerpointImageExtractor_is1) (Version: V 1.2b (hxxp://alainlecomte.free.fr/Download.htm) - ) Privacy Eraser (HKLM\...\{CB5AC03C-B8AD-980F-998E-51969A6DFC9F}_is1) (Version: 4.39.0.2644 - Cybertron Software Co., Ltd.) PrivaZer (HKLM-x32\...\PrivaZer) (Version: 3.0.59.0 - Goversoft LLC) PrtScr 1.7 (HKLM-x32\...\PrtScr_is1) (Version: - FireStarter) Quicksys RegDefrag 2.9 (HKLM-x32\...\{5D26BF7B-BEF6-477D-8FC1-0C1C159B6364}_is1) (Version: - ) Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - ) Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.16.0 - Ralink) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8467 - Realtek Semiconductor Corp.) Renault Media Nav Toolbox (HKLM-x32\...\Renault Media Nav Toolbox) (Version: 3.18.5.740218 - NNG Llc.) Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.) Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16061.19 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16061.19 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.) Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden SCM (HKLM\...\{D591EF7A-DC7C-40F3-BE17-818305781436}) (Version: 13.016.12025 - Application) Screenpresso (HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\Screenpresso) (Version: 1.7.0.0 - Learnpulse) Scribus 1.4.5 (64bit) (HKLM\...\Scribus 1.4.5) (Version: 1.4.5 - The Scribus Team) Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia) Send To Toys v2.5 (HKLM-x32\...\Send To Toys_is1) (Version: - Gabriele Ponti) Send To Toys v2.61 (HKLM\...\Send To Toys_is1) (Version: - Gabriele Ponti) SF_CDA_Software (HKLM-x32\...\{73BA4AE3-2BDF-4B25-9567-F43B177ABE06}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 12.4.1 - ShareX Team) Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden Snap Express v.13.8 (HKLM-x32\...\Snap Express_is1) (Version: - Ivan BUBLOZ) SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden SYBEX Power Sudoku (HKLM-x32\...\SYBEX Power Sudoku_is1) (Version: - SYBEX GmbH) System Control Manager (HKLM-x32\...\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}) (Version: 2.210.0205.006.06 - Micro-Star International Co., Ltd.) System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC) Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden Tweaks.com Logon Changer (HKLM-x32\...\{D2223C9B-0AB9-4546-A4C0-A1ED27C42039}) (Version: 3.1.0 - Advanced PC Media LLC) TwoNavDownloader version 1.37 (HKLM-x32\...\TwoNavDownloader_is1) (Version: 1.37 - CompeGPS TEAM, S.L.) UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.2.3 - uvnc bvba) UnityPDF version 1.0.10.0 (HKLM-x32\...\{DBA31E1D-4CD2-4E8E-9EEB-ADBE24D8C04F}_is1) (Version: 1.0.10.0 - UnityPDF) UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation) VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden Verbatim GREEN BUTTON 1.52 (HKLM-x32\...\Verbatim GREEN BUTTON_is1) (Version: - Verbatim) Verbatim Hard Drive Formatter (HKLM-x32\...\Verbatim Hard Drive Formatter_is1) (Version: - Verbatim) Visionneuse Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) WebM Project Directshow Filters (HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\webmdshow) (Version: 1.0.4.1 - WebM Project) WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin) Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) XnViewMP 0.93.1 (HKLM\...\XnViewMP_is1) (Version: 0.93.1 - Gougelet Pierre-e) Packages: ========= AutoCAD mobile - DWG Viewer, Editor & CAD Drawing Tools -> C:\Program Files\WindowsApps\89006A2E.AutoCAD360_4.16.0.0_x64__tf1gferkr813w [2019-10-25] (Autodesk Inc.) Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.) Courrier et calendrier -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation) [MS Ad] Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-01-02] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-25] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-06-13] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad] Microsoft News: les actualités à ne pas manquer -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-11] (Microsoft Studios) [MS Ad] MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-10-25] (Microsoft Corporation) [MS Ad] MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0 [2019-11-13] (Spotify AB) [Startup Task] Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2019-01-02] (Twitter Inc.) WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2019-01-02] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4215277605-4089420941-575653807-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - French\dwgviewr.exe (Autodesk, Inc -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-4215277605-4089420941-575653807-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - French\fr-FR\dwgviewrficn.dll (Autodesk Development Sarl -> Autodesk, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-02-07] (Autodesk, Inc -> Autodesk) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers1: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2012-07-20] () [File not signed] ContextMenuHandlers2: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files\Attribute Changer\acshell.dll [2018-06-07] (Romain Petges) [File not signed] ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers3: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files\Attribute Changer\acshell.dll [2018-06-07] (Romain Petges) [File not signed] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> ) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google) ContextMenuHandlers4: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2012-07-20] () [File not signed] ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> ) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed] HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [127488 2013-06-21] () [File not signed] HKLM\...\Drivers32: [msacm.aacacm] => C:\Windows\SysWOW64\AACACM.acm [344064 2011-10-03] (fccHandler) [File not signed] HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [745472 2011-10-16] (hxxp://www.mp3dev.org/) [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2011-07-23] (fccHandler) [File not signed] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-09-25] ( ) [File not signed] HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [74752 2011-07-12] () [File not signed] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [4738560 2011-10-23] () [File not signed] HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [497664 2009-08-11] () [File not signed] HKLM\...\Drivers32: [msacm.avis] => C:\Windows\SysWOW64\ff_acm.acm [45056 2010-12-28] () [File not signed] HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed] HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Christian\Desktop\Logiciel de randonnée gratuit.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=aegemldhdaoiiiljojofahjhjpdgneik ShortcutWithArgument: C:\Users\Christian\Desktop\utilitaires\Chromium.lnk -> C:\Users\Christian\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) -> hxxp://r.orange.fr/r/Oodc_CHshortcut_oi_v2?ref=O_OI_defaultPage_CH_odc_shortcut ShortcutWithArgument: C:\Users\Christian\Desktop\utilitaires\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> hxxps://r.orange.fr/r/Oodc_oi_odc_shortcut?ref=O_OI_defaultPage_CHe64_w10e64_odc_shortcut ShortcutWithArgument: C:\Users\Christian\Desktop\utilitaires\Heidi's Infinite Sudoku.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ccbhekjfmokgloklnjnidfhlaofegeno ShortcutWithArgument: C:\Users\Christian\Desktop\utilitaires\Orange Adventurer.lnk -> C:\Users\Christian\AppData\Local\Adventurer\Application\adventurer.exe () -> hxxp://r.orange.fr/r/Oodc_ADshortcut_oi_v2?ref=O_OI_defaultPage_AD_odc_shortcut ShortcutWithArgument: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Lanceur d'applications Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list ShortcutWithArgument: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Web Applications\www.cjoint.com\http_80\Accueil de Cjoint.com.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://www.cjoint.com/ ShortcutWithArgument: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Web Applications\cjoint.com\http_80\Accueil de Cjoint.com.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://cjoint.com/?url=http%3A//cjoint.com/info.htm%23z2 ShortcutWithArgument: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Logiciel de randonnée gratuit.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=aegemldhdaoiiiljojofahjhjpdgneik ShortcutWithArgument: C:\Users\Christian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> hxxps://r.orange.fr/r/Oodc_oi_odc_shortcut?ref=O_OI_defaultPage_CHe64_w10e64_odc_shortcut ShortcutWithArgument: C:\Users\Christian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> hxxps://r.orange.fr/r/Oodc_oi_odc_shortcut?ref=O_OI_defaultPage_CHe64_w10e64_odc_shortcut ==================== Loaded Modules (Whitelisted) ============= 2013-02-20 09:15 - 2012-07-20 12:39 - 002469888 _____ () [File not signed] C:\Program Files (x86)\IZArc\IZArcCM64.dll 2014-09-15 10:01 - 2014-09-15 10:01 - 000549888 _____ () [File not signed] C:\Program Files (x86)\Orange\ma Livebox\dedicarz\netsnmp.dll 2014-09-15 10:01 - 2014-09-15 10:01 - 000182784 _____ () [File not signed] C:\Program Files (x86)\Orange\ma Livebox\dedicarz\ProxyDetection.dll 2014-09-15 10:01 - 2014-09-15 10:01 - 000157184 _____ () [File not signed] C:\Program Files (x86)\Orange\ma Livebox\dedicarz\pupnp.dll 2017-02-07 12:52 - 2017-02-07 12:52 - 000132608 _____ () [File not signed] C:\Program Files (x86)\Orange\ma Livebox\dist\NetworkAPI.dll 2017-02-07 12:52 - 2017-02-07 12:52 - 000019456 _____ () [File not signed] C:\Program Files (x86)\Orange\ma Livebox\dist\NetWPSAPI.dll 2017-02-07 12:52 - 2017-02-07 12:52 - 000073216 _____ () [File not signed] C:\Program Files (x86)\Orange\ma Livebox\dist\rt\bin\java.dll 2017-02-07 12:52 - 2017-02-07 12:52 - 000013312 _____ () [File not signed] C:\Program Files (x86)\Orange\ma Livebox\dist\rt\bin\jetvm\jvm.dll 2017-02-07 12:52 - 2017-02-07 12:52 - 000067072 _____ () [File not signed] C:\Program Files (x86)\Orange\ma Livebox\dist\rt\bin\zip.dll 2017-02-07 12:52 - 2017-02-07 12:52 - 000151552 _____ () [File not signed] C:\Program Files (x86)\Orange\ma Livebox\dist\Tools.DLL 2012-11-16 09:37 - 2012-11-16 09:37 - 000118784 _____ () [File not signed] C:\Program Files (x86)\Orange\Orange Installer\libgcc_s_dw2-1.dll 2013-10-05 18:17 - 2013-10-05 18:17 - 001000974 _____ () [File not signed] C:\Program Files (x86)\Orange\Orange Installer\libstdc++-6.dll 2012-01-10 14:15 - 2011-12-21 11:46 - 000087040 _____ () [File not signed] C:\WINDOWS\System32\custmon64.dll 2013-01-14 13:42 - 2012-03-06 15:05 - 000054784 _____ () [File not signed] C:\WINDOWS\System32\gcprpm.dll 2011-05-19 16:44 - 2005-03-12 00:07 - 000087040 _____ () [File not signed] C:\WINDOWS\System32\pdfcmnnt.dll 2011-05-25 18:58 - 2010-04-14 09:37 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll 2012-07-03 13:20 - 2011-04-05 18:14 - 000140800 _____ (Gabriele Ponti) [File not signed] C:\Program Files\Send To Toys\SendToClipboardShellExt.dll 2012-07-03 13:20 - 2011-04-05 18:14 - 000137216 _____ (Gabriele Ponti) [File not signed] C:\Program Files\Send To Toys\SendToFolderShellExt.dll 2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll 2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll 2011-05-25 18:58 - 2010-04-14 09:33 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll 2019-06-14 05:49 - 2019-06-14 05:49 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll 2016-12-02 13:10 - 2016-12-02 13:10 - 001598464 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIWmiAcpi.dll 2014-09-15 10:01 - 2014-09-15 10:01 - 002517504 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Orange\ma Livebox\dedicarz\QtCore4.dll 2014-09-15 10:01 - 2014-09-15 10:01 - 001007104 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Orange\ma Livebox\dedicarz\QtNetwork4.dll 2012-11-16 09:37 - 2012-11-16 09:37 - 000094300 _____ (Open Source Software community LGPL) [File not signed] C:\Program Files (x86)\Orange\Orange Installer\pthreadGC2.dll 2014-09-15 10:01 - 2014-09-15 10:01 - 000086070 _____ (Open Source Software community project) [File not signed] C:\Program Files (x86)\Orange\ma Livebox\dedicarz\pthreadVC2.dll 2017-02-07 12:52 - 2017-02-07 12:52 - 000069120 _____ (Oracle Corporation) [File not signed] C:\Program Files (x86)\Orange\ma Livebox\dist\rt\bin\net.dll 2017-02-07 12:52 - 2017-02-07 12:52 - 000117248 _____ (Oracle Corporation) [File not signed] C:\Program Files (x86)\Orange\ma Livebox\dist\rt\bin\sunec.dll 2018-12-31 15:15 - 2018-06-07 22:06 - 000461824 _____ (Romain Petges) [File not signed] C:\Program Files\Attribute Changer\acshell.dll 2019-05-08 19:36 - 2019-05-08 19:36 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn10.dll 2018-11-05 16:28 - 2018-11-05 16:28 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn9.dll 2014-09-15 10:01 - 2014-09-15 10:01 - 001098240 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Orange\ma Livebox\dedicarz\LIBEAY32.dll 2012-01-09 15:55 - 2006-01-30 08:32 - 000006656 _____ (Tracker Software) [File not signed] C:\Windows\system32\pxc35pm.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2014-03-01 11:21 - 2019-02-14 19:36 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 2012-12-22 19:09 - 2019-05-02 16:27 - 000000594 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\AOMEI Backupper;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-4215277605-4089420941-575653807-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\Services: RalinkRegistryWriter => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Christian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming MSCONFIG\startupreg: GoogleChromeAutoLaunch_F95133299531DA24C7CB703BC8432DCE => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KeyScrambler => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a MSCONFIG\startupreg: MGSysCtrl => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background MSCONFIG\startupreg: Packard Bell Software Suite => "C:\Program Files (x86)\Packard Bell\Software Suite\PBSoftSuite.exe" /run MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: Uninstall C: => MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk" HKLM\...\StartupApproved\Run: => "RtHDVCpl" HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run: => "EvtMgr6" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "SCM" HKLM\...\StartupApproved\Run: => "AvRepair" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "MGSysCtrl" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "ZHPCleaner_File1" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "96_10385031817683" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\StartupFolder: => "PopTrayU.lnk" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\StartupFolder: => "ShareX.lnk" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\Run: => "GUDelayStartup" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\Run: => "Packard Bell Software Suite" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\Run: => "Rainlendar2" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\Run: => "BlueStacks Agent" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\Run: => "NETGEARGenie" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\Run: => "Privacy Eraser" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\Run: => "Delete Cached Standalone Update Binary" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\Run: => "Delete Cached Update Binary" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\Run: => "GarminExpress" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\Run: => "Chromium" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\Run: => "HP ENVY 4520 series (NET)" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\Run: => "98_16472681817683" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\Run: => "Uninstall 19.123.0624.0005" HKU\S-1-5-21-4215277605-4089420941-575653807-1000\...\StartupApproved\Run: => "Uninstall 19.123.0624.0005\amd64" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{960C7262-42AB-4B07-AFB2-BF9E5740716F}] => (Allow) C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe (Orange -> ) [File not signed] FirewallRules: [{2CE03157-6339-4404-8592-EA020246A784}] => (Allow) C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe (Orange -> ) [File not signed] FirewallRules: [{F15FB8AE-A536-4554-84F7-E5B605818CC9}] => (Allow) LPort=8501 FirewallRules: [{F0232825-7915-433C-8DD8-A21DFCB5762F}] => (Allow) LPort=8501 FirewallRules: [UDP Query User{90B6BAA5-AACE-48C3-871C-B927623C3341}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{06DEA810-3B9E-4F18-B151-7E7F3F6CDE3D}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{7030A798-219C-4C10-8A1F-8F6C4CE8011B}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{A8AC9456-54BE-4EB1-80C6-3F62BA3527A3}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{D184C9F5-C6CA-4A4E-B0B4-8051D3BBDC2D}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceProxy.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd) FirewallRules: [{7F883C76-E29C-4D4F-BBD6-ADF12060A72D}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceProxy.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd) FirewallRules: [{3B48880B-5F82-4FE7-BC4F-8BB3BC887099}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceProxy.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd) FirewallRules: [{298AA515-4E97-4C8F-8486-885684F2A562}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceProxy.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd) FirewallRules: [{F8CB1BF2-B520-4AD0-A1BB-A038A2D7BAD1}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceService.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd) FirewallRules: [{BDA0D070-D75E-42D5-B8A9-E9F56C648C5C}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceService.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd) FirewallRules: [{A68C10B7-8DA3-4233-921D-899355626074}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceService.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd) FirewallRules: [{E4C55CF7-74AE-46F9-8F47-652102170163}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceService.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd) FirewallRules: [{1253B7DD-82F0-4D05-8E60-21272E28B404}] => (Allow) C:\Program Files (x86)\ExtendRes\ExtendRes.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> ) FirewallRules: [{1878161F-A521-42C0-8A6C-9C13BD8C1431}] => (Allow) C:\Program Files (x86)\ExtendRes\ExtendRes.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> ) FirewallRules: [{4976DA1E-70E5-44C6-9C6D-6E2B8668C8F5}] => (Allow) C:\Program Files (x86)\ExtendRes\ExtendRes.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> ) FirewallRules: [{F9CA0A1B-5726-409C-8813-9DCEB1954912}] => (Allow) C:\Program Files (x86)\ExtendRes\ExtendRes.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> ) FirewallRules: [{4ED68460-5B94-447D-8F73-79F8E57C005F}] => (Allow) C:\Program Files (x86)\Xianzhi\iMoboPlay\iMoboPlay.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd) FirewallRules: [{0D75C103-2785-40B5-98C1-8E80AE18126E}] => (Allow) C:\Program Files (x86)\Xianzhi\iMoboPlay\iMoboPlay.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd) FirewallRules: [{9520D1F8-4968-406B-9292-544BD6E59D10}] => (Allow) C:\Program Files (x86)\Xianzhi\iMoboPlay\iMoboPlay.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd) FirewallRules: [{99D88964-AFC8-4F4A-B87B-F4B2EA2B8660}] => (Allow) C:\Program Files (x86)\Xianzhi\iMoboPlay\iMoboPlay.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd) FirewallRules: [TCP Query User{0098F77D-3597-4223-A12D-4F25A1C4F3CB}C:\program files\hp\hp envy 4520 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 4520 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> HP Inc.) FirewallRules: [UDP Query User{8F296A17-A6E8-459B-B9F8-39CBC0D8A241}C:\program files\hp\hp envy 4520 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 4520 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> HP Inc.) FirewallRules: [TCP Query User{B9C0C51E-CF4D-4AE2-AD8C-CFCD55E788E3}C:\program files\hp\hp envy 4520 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp envy 4520 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> HP Inc.) FirewallRules: [UDP Query User{1C5D0FAC-B2BB-46F9-9163-38789FCBB1DB}C:\program files\hp\hp envy 4520 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp envy 4520 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{11F2510F-CDF3-4F36-BF15-644CF27A42EF}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software) FirewallRules: [{8682CE65-C3EB-4900-970E-77E5A5028B0F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{D2968B6D-3A12-49FC-9F06-E57C17AE5609}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{EB213082-3EC0-45C4-A1B6-D5CE48901880}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{2F5D9E7F-9D88-49A1-945E-DB14555C6E44}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BFB06D63-E9C3-4778-BDBE-96AF9DEA2E27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{52A6EF9E-4D14-46B5-9737-14579DF9A7C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{865A2C20-37A4-4D6D-8553-C203029E2FBE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A28740E4-D4F9-46FD-B91A-395806A9E576}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{56AC46C8-CBA4-475B-A32F-8E2C8CC39961}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A926D6D0-2FBB-47D9-A094-A5B43B408085}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1248F006-EA8B-406F-9BE7-FE551F9675C4}] => (Allow) C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe (Orange -> ) [File not signed] FirewallRules: [{561CF29B-7736-4EBC-BAB3-0B6E480F951C}] => (Allow) C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe (Orange -> ) [File not signed] ==================== Restore Points ========================= 07-11-2019 22:32:06 ZHPcleaner 08-11-2019 15:16:46 Windows Backup 11-11-2019 15:01:05 ZHPcleaner 12-11-2019 18:28:18 12-11-19avant désinfection 14-11-2019 12:47:02 ZHPcleaner ==================== Faulty Device Manager Devices ============ Name: Garmin USB GPS Description: Garmin USB GPS Class Guid: {a12a4c5a-e1a3-4151-9927-7f724ca5dc92} Manufacturer: Garmin Service: grmnusb Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ======================== Application errors: ================== Error: (11/14/2019 01:22:10 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (6824,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (11/14/2019 01:11:26 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (12512,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (11/14/2019 01:00:02 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: CCleaner Update Helper -- Error 1316. The specified account already exists. Error: (11/14/2019 12:47:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddWin32ServiceFiles: Unable to back up image of service Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE since QueryServiceConfig API failed System Error: Le fichier spécifié est introuvable. . Error: (11/14/2019 12:47:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary WinQuic. System Error: Le chargeur de ressources n’a pas pu trouver le fichier MUI. . Error: (11/14/2019 12:24:02 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (2352,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (11/14/2019 12:00:01 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: CCleaner Update Helper -- Error 1316. The specified account already exists. Error: (11/14/2019 11:57:09 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3996,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. System errors: ============= Error: (11/14/2019 01:35:31 PM) (Source: disk) (EventID: 11) (User: ) Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1. Error: (11/14/2019 11:06:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service BlueStacks Plus Android Service s’est arrêté avec l’erreur : Une exception s’est produite dans le service lors du traitement de la commande. Error: (11/14/2019 11:06:29 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: Le serveur {04F03400-3463-4673-B8F7-EB271BC08E3C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/14/2019 11:05:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (45000 millisecondes) a été atteint lors de l’attente de la connexion du service RaMediaServer. Error: (11/14/2019 11:05:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (45000 millisecondes) a été atteint lors de l’attente de la connexion du service WsAppService. Error: (11/14/2019 11:05:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service WsDrvInst n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (11/14/2019 11:05:42 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (45000 millisecondes) a été atteint lors de l’attente de la connexion du service WsDrvInst. Error: (11/14/2019 11:05:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service NetTcpActivator dépend du service NetTcpPortSharing qui n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Windows Defender: =================================== Date: 2019-11-14 13:23:35.238 Description: L'apport de modification par C:\Users\Christian\Desktop\FRST64.exe à %desktopdirectory%\ a été bloqué par l'Accès contrôlé aux dossiers. Heure de la détection : 2019-11-14T12:23:35.237Z Utilisateur : CHRISTIAN-PC\Christian Chemin d'accès : %desktopdirectory%\ Nom du processus : C:\Users\Christian\Desktop\FRST64.exe Version de la veille de sécurité : 1.305.2064.0 Version du moteur : 1.1.16500.1 Version du produit : 4.18.1910.4 Date: 2019-11-14 13:23:22.770 Description: L'apport de modification par C:\Users\Christian\Desktop\FRST64.exe à %desktopdirectory%\ a été bloqué par l'Accès contrôlé aux dossiers. Heure de la détection : 2019-11-14T12:23:22.769Z Utilisateur : CHRISTIAN-PC\Christian Chemin d'accès : %desktopdirectory%\ Nom du processus : C:\Users\Christian\Desktop\FRST64.exe Version de la veille de sécurité : 1.305.2064.0 Version du moteur : 1.1.16500.1 Version du produit : 4.18.1910.4 Date: 2019-11-14 13:23:10.766 Description: L'apport de modification par C:\Users\Christian\Desktop\FRST64.exe à %desktopdirectory%\ a été bloqué par l'Accès contrôlé aux dossiers. Heure de la détection : 2019-11-14T12:23:10.765Z Utilisateur : CHRISTIAN-PC\Christian Chemin d'accès : %desktopdirectory%\ Nom du processus : C:\Users\Christian\Desktop\FRST64.exe Version de la veille de sécurité : 1.305.2064.0 Version du moteur : 1.1.16500.1 Version du produit : 4.18.1910.4 Date: 2019-11-14 13:22:58.798 Description: L'apport de modification par C:\Users\Christian\Desktop\FRST64.exe à %desktopdirectory%\ a été bloqué par l'Accès contrôlé aux dossiers. Heure de la détection : 2019-11-14T12:22:58.796Z Utilisateur : CHRISTIAN-PC\Christian Chemin d'accès : %desktopdirectory%\ Nom du processus : C:\Users\Christian\Desktop\FRST64.exe Version de la veille de sécurité : 1.305.2064.0 Version du moteur : 1.1.16500.1 Version du produit : 4.18.1910.4 Date: 2019-11-14 13:22:46.552 Description: L'apport de modification par C:\Users\Christian\Desktop\FRST64.exe à %desktopdirectory%\ a été bloqué par l'Accès contrôlé aux dossiers. Heure de la détection : 2019-11-14T12:22:46.551Z Utilisateur : CHRISTIAN-PC\Christian Chemin d'accès : %desktopdirectory%\ Nom du processus : C:\Users\Christian\Desktop\FRST64.exe Version de la veille de sécurité : 1.305.2064.0 Version du moteur : 1.1.16500.1 Version du produit : 4.18.1910.4 Date: 2019-11-06 10:01:55.966 Description: La fonctionnalité de protection en temps réel Antivirus Windows Defender a rencontré une erreur et échoué. Fonctionnalité : Sur accès Code d’erreur : 0x80004005 Description de l’erreur : Unspecified error Raison : Le pilote de filtre a ignoré l’analyse des éléments et est en mode relais. Cela peut être dû à des ressources insuffisantes. CodeIntegrity: =================================== Date: 2019-11-14 10:54:24.645 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-14 10:54:24.576 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-14 10:54:24.507 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-14 10:54:24.333 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-14 10:54:24.309 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-14 10:54:24.274 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-14 10:54:22.296 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-14 10:54:21.685 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. E1736IMS.114 08/19/2010 Motherboard: MICRO-STAR INTERNATIONAL CO., LTD MS-1736 Processor: Intel(R) Pentium(R) CPU P6200 @ 2.13GHz Percentage of memory in use: 53% Total physical RAM: 7982.06 MB Available physical RAM: 3716.33 MB Total Virtual: 17710.06 MB Available Virtual: 11657.79 MB ==================== Drives ================================ Drive c: (OS_Install) (Fixed) (Total:273.39 GB) (Free:132.87 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (DOSSIERS) (Fixed) (Total:182.27 GB) (Free:34.06 GB) NTFS Drive f: (Packard Bell Sauvegarde 3) (Fixed) (Total:243.13 GB) (Free:116.41 GB) NTFS Drive i: (Packard Bell) (Fixed) (Total:688.38 GB) (Free:274.82 GB) NTFS \\?\Volume{176c8212-7d47-11e0-82b9-806e6f6e6963}\ (System) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{176c8211-7d47-11e0-82b9-806e6f6e6963}\ (BIOS_RVY) (Fixed) (Total:10 GB) (Free:9.25 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 912765BC) Partition 1: (Not Active) - (Size=10 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=27) Partition 3: (Not Active) - (Size=273.4 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=182.3 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: B9309BE6) Partition 1: (Not Active) - (Size=688.4 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=243.1 GB) - (Type=07 NTFS) ==================== End of Addition.txt =======================