Email Doc a été cliqué et a envoyé l'utilisateur à Office365 Je ne sais pas si l'infection a également – Serveur d’impression
Je suis coupable de ne pas avoir lu complètement. Voir les journaux collés ci-dessous:
Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 30-05-2020 01
Ran par GemmitiA (administrateur) sur KM-PC (Dell Inc. OptiPlex 7010) (31-05-2020 11:06:43)
Exécution à partir de C: Users KMiele Downloads Gus
Profils chargés: GemmitiA & KMiele
Plateforme: Windows 7 Professional Service Pack 1 (X64) Langue: anglais (États-Unis)
Internet Explorer version 11 (navigateur par défaut: IE)
Mode de démarrage: Normal
==================== Processus (liste blanche) =================
(Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.)
(Actian Corporation -> Actian Corporation) C: Program Files (x86) Actian PSQL bin w3dbsmgr.exe
(Adobe Inc. -> Adobe Systems) C: Program Files (x86) Common Files Adobe ARM 1.0 armsvc.exe
(Apple Inc. -> Apple Inc.) C: Program Files (x86) Bonjour mDNSResponder.exe
(BUFFALO INC. -> BUFFALO INC.) C: Program Files (x86) BUFFALO NASNAVI nassvc.exe
(Cisco WebEx LLC -> Cisco WebEx LLC) C: Windows SysWOW64 atashost.exe
(DYMO) [File not signed] C: Program Files (x86) DYMO DYMO Label Software DYMO.DLS.Printing.Host.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C: Program Files (x86) Foxit Software Foxit PhantomPDF FoxitPhantomPDFUpdateService.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator FoxitProxyServer_Socket_PH.exe <2>
(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe <29>
(Hewlett-Packard Company -> HP) C: Windows System32 HPSIsvc.exe
(HP) [File not signed] C: Program Files (x86) HP HPLaserJetService HPLaserJetService.exe
(Intel Corporation – Micrologiciel Intel® Management Engine -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components DAL Jhi_service.exe
(Intel Corporation – Produits logiciels et micrologiciels -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components IMSS PrivacyIconClient.exe
(Intel Corporation – Produits logiciels et micrologiciels -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components LMS LMS.exe
(Intel Corporation -> Intel Corporation) C: Program Files (x86) Intel Intel® Rapid Storage Technology IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C: Program Files (x86) Intel Intel® Rapid Storage Technology IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C: Program Files (x86) Intel Intel® USB 3.0 eXtensible Host Controller Driver Application iusb3mon.exe
(Intel Corporation -> Intel Corporation) C: Windows System32 IPROSetMonitor.exe
(Intel® Corporation) [File not signed] C: Program Files Intel iCLS Client HeciServer.exe
(Intel® pGFX -> Intel Corporation) C: Windows System32 igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C: Windows System32 igfxEM.exe
(Intel® pGFX -> Intel Corporation) C: Windows System32 igfxHK.exe
(Intel® pGFX -> Intel Corporation) C: Windows System32 igfxTray.exe
(Microsoft Corporation -> Microsoft Corp.) C: Program Files Fichiers communs Microsoft Shared Windows Live WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C: Program Files Fichiers communs Microsoft Shared Windows Live WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C: Program Files (x86) Microsoft Office root Office16 EXCEL.EXE
(Microsoft Corporation -> Microsoft Corporation) C: Program Files (x86) Microsoft Office root Office16 ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C: Program Files (x86) Microsoft Office root Office16 WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C: Program Files Fichiers communs Microsoft Shared ClickToRun OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C: Program Files Microsoft Security Client MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C: Program Files Microsoft Security Client msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C: Program Files Microsoft Security Client NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C: Windows Microsoft.NET Framework64 v3.0 WPF PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 LogonUI.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 mobsync.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 rdpclip.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows SysWOW64 wbem WmiPrvSE.exe
(Éditeur de compatibilité matérielle Microsoft Windows -> SEIKO EPSON CORPORATION) C: ProgramData EPSON EPW! 3 SSRP E_S30RP1.EXE
(Microsoft) [File not signed] C: Program Files (x86) Common Files Sage Central AutoUpdateClient Sage.Central.AutoUpdateManager.Service.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C: Program Files (x86) ScanSoft PaperPort pptd40nt.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C: Program Files Realtek Audio HDA RtDCpl64.exe
(Sage Software, Inc. -> Sage Software, Inc.) C: Program Files (x86) Sage Peachtree SmartPostingService2020.exe
(Sanford, L.P.) [File not signed] C: Program Files (x86) DYMO DYMO Label Software DymoPnpService.exe
(Sanford, L.P.) [File not signed] C: Program Files (x86) DYMO DYMO Label Software DymoQuickPrint.exe
(Seagate Technology LLC -> Seagate Technology LLC) C: Program Files (x86) Seagate Seagate Dashboard 2.0 MobileService.exe
(Seagate Technology LLC -> Seagate Technology LLC) C: Program Files (x86) Seagate Seagate Dashboard 2.0 Seagate.Dashboard.DASWindowsService.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C: Program Files (x86) Epson Software Event Manager EEventManager.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C: Program Files (x86) Epson Software FAX Utility FUFAXRCV.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C: Program Files Fichiers communs EPSON EPW! 3 SSRP E_S60RPB.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C: Program Files EPSON EpsonCustomerParticipation EPCP.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C: Windows System32 escsvc64.exe
(Symantec Corporation -> Symantec Corporation) C: Program Files (x86) Norton Ghost Agent VProSvc.exe
(Symantec Corporation -> Symantec Corporation) C: Program Files (x86) Norton Ghost Agent VProTray.exe
(Symantec Corporation -> Symantec) C: Program Files (x86) Norton Ghost Shared Drivers SymSnapServicex64.exe
(Synology Inc. ->) C: Program Files (x86) Synology ActiveBackupforBusinessAgent service Synology Active Backup for Business Service.exe
(Synology Inc. -> Synology Inc.) C: Program Files (x86) Synology ActiveBackupforBusinessAgent ui ui Synology Active Backup for Business Agent.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer TeamViewer_Service.exe
(UPEK Inc. -> UPEK Inc.) C: Program Files Fichiers communs SPBA upeksvr.exe <2>
(Wave Systems Corp. ->) C: Program Files Dell Dell Data Protection Access Advanced Wave EMBASSY Client Core EmbassyServer.exe
(Wave Systems Corp. -> Wave Systems Corp.) C: Program Files Dell Dell Data Protection Access Advanced Wave Trusted Drive Manager TdmNotify.exe
(Wave Systems Corp. -> Wave Systems Corp.) C: Program Files Dell Dell Data Protection Access Advanced Wave Trusted Drive Manager TdmService.exe
(Wave Systems Corp.) [File not signed] C: Program Files Dell Dell Data Protection Access Advanced Wave Authentication Manager WaveAMService.exe
==================== Registre (liste blanche) ===================
(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM … Run: [RtHDVCpl] => C: Program Files Realtek Audio HDA RtDCpl64.exe [2907240 2011-07-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
HKLM … Run: [TdmNotify] => C: Program Files Dell Dell Data Protection Access Advanced Wave Trusted Drive Manager TdmNotify.exe [381296 2011-12-08] (Wave Systems Corp. -> Wave Systems Corp.)
HKLM … Run: [MSC] => C: Program Files Microsoft Security Client msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32 … Exécuter: [IAStorIcon] => C: Program Files (x86) Intel Intel® Rapid Storage Technology IAStorIcon.exe [284440 2011-11-29] (Intel Corporation -> Intel Corporation)
HKLM-x32 … Exécuter: [IMSS] => C: Program Files (x86) Intel Intel® Management Engine Components IMSS PIconStartup.exe [134616 2013-11-13] (Intel Corporation – Logiciels et micrologiciels -> Intel Corporation)
HKLM-x32 … Exécuter: [USB3MON] => C: Program Files (x86) Intel Intel® USB 3.0 eXtensible Host Controller Driver Application iusb3mon.exe [291608 2012-02-27] (Intel Corporation -> Intel Corporation)
HKLM-x32 … Exécuter: [PeachtreePrefetcher.exe] => C: Program Files (x86) Sage Peachtree PeachtreePrefetcher.exe [328736 2019-10-01] (Sage Software, Inc. -> Sage Software, Inc.)
HKLM-x32 … Exécuter: [EEventManager] => C: Program Files (x86) Epson Software Event Manager EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32 … Exécuter: [SSBkgdUpdate] => C: Program Files (x86) Fichiers communs Scansoft Shared SSBkgdUpdate SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32 … Exécuter: [PaperPort PTD] => C: Program Files (x86) ScanSoft PaperPort pptd40nt.exe [29984 2008-01-14] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32 … Exécuter: [IndexSearch] => C: Program Files (x86) ScanSoft PaperPort IndexSearch.exe [46368 2008-01-14] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32 … Exécuter: [PPort11reminder] => C: Program Files (x86) ScanSoft PaperPort Ereg Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32 … Exécuter: [Norton Ghost 15.0] => C: Program Files (x86) Norton Ghost Agent VProTray.exe [2598760 2010-03-03] (Symantec Corporation -> Symantec Corporation)
HKLM-x32 … Exécuter: [FUFAXRCV] => C: Program Files (x86) Epson Software FAX Utility FUFAXRCV.exe [642664 2014-05-26] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32 … Exécuter: [FUFAXSTM] => C: Program Files (x86) Epson Software FAX Utility FUFAXSTM.exe [863848 2014-05-26] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32 … Exécuter: [] => [X]
HKLM-x32 … Exécuter: [HPUsageTrackingLEDM] => "C: Program Files (x86) HP HP UT LEDM bin hppusg.exe" "C: Program Files (x86) HP HP UT LEDM "
HKLM-x32 … Exécuter: [DBAgent] => C: Program Files (x86) Seagate Seagate Dashboard 2.0 DBAgent.exe [1540896 2015-07-15] (Seagate Technology LLC -> Seagate Technology LLC)
HKLM-x32 … Exécuter: [DLSWebSvc] => C: Program Files (x86) DYMO DYMO Label Software DYMO.DLS.Printing.Host.exe [4871680 2017-05-09] (DYMO) [File not signed]
HKLM-x32 … RunOnce: [ZZPT001] => C: Program Files (x86) Sage Peachtree Peachw.exe [354848 2019-10-01] (Sage Software, Inc. -> Sage Software, Inc.)
HKLM-x32 … RunOnce: [ZZPT002] => C: Program Files (x86) Sage Peachtree Peachw.exe [354848 2019-10-01] (Sage Software, Inc. -> Sage Software, Inc.)
HKLM … Policies Explorer: [NoStrCmpLogical] 1
HKU S-1-5-21-928097801-345109163-1125972616-1104 … Run: [DellSystemDetect] => C: Users GemmitiA AppData Local Apps 2.0 82RYGLLL.5KY TT48BPWH.BTP dell..tion_831211ca63b981c5_0008.0008_b150a6542eb950c1 DellSystemDetect.exe [314544 2017-09-13] (Dell Inc -> Dell)
HKU S-1-5-21-928097801-345109163-1125972616-1107 … Exécuter: [DymoQuickPrint] => C: Program Files (x86) DYMO DYMO Label Software DymoQuickPrint.exe [2033664 2017-05-09] (Sanford, L.P.) [File not signed]
HKU S-1-5-21-928097801-345109163-1125972616-1107 … Exécuter: [turnedneutral] => "C: Users KMiele AppData Local Turnneutral Turnneutral.exe"
HKLM … Windows x64 Processeurs d'impression GoToMyPC Print Processor: C: Windows System32 spool prtprocs x64 GoToPrintProcessor_x64.dll [52080 2011-11-13] (Citrix Online -> Citrix Online, une division de Citrix Systems, Inc.)
HKLM … Windows x64 Processeurs d'impression HP1100PrintProc: C: Windows System32 spool prtprocs x64 HP1100PP.DLL [74240 2012-08-31] (Éditeur de compatibilité matérielle Microsoft Windows ->)
HKLM … Windows x64 Processeurs d'impression hpfppw73: C: Windows System32 spool prtprocs x64 hpfppw73.dll [258048 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM … Windows x64 Processeurs d'impression hpzpplhn: C: Windows System32 spool prtprocs x64 hpzpplhn.dll [99840 2008-05-07] (Hewlett-Packard Corporation) [File not signed]
HKLM … Print Monitors C287SeriesPCL Language Monitor: C: Windows system32 KOAXTJ_L.DLL [16896 2017-07-04] (KONICA MINOLTA, INC.) [File not signed]
HKLM … Print Monitors CutePDF Writer Monitor v3.2: C: Windows system32 cpwmon64_v32.dll [90096 2017-05-26] (Acro Software Inc ->)
HKLM … Print Monitors DYMO LabelWriter Monitor: C: Windows system32 LW400MON.DLL [16384 2017-05-09] (Éditeur de compatibilité matérielle Microsoft Windows -> DYMO Corp.)
HKLM … Print Monitors EPSON Stylus Photo 1400 Series 64MonitorBA: C: Windows system32 E_ILMBUA.DLL [126976 2006-08-10] (Éditeur de compatibilité matérielle Microsoft Windows -> SEIKO EPSON CORPORATION)
HKLM … Print Monitors EPSON WF-7610 Series 64MonitorBE: C: Windows system32 E_YLMBKBE.DLL [179712 2013-10-22] (Éditeur de compatibilité matérielle Microsoft Windows -> SEIKO EPSON CORPORATION)
HKLM … Print Monitors EpsonNet Print Port: C: Windows system32 enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [File not signed]
HKLM … Print Monitors Port GoToMyPC: C: Windows system32 gotomon_x64.dll [120176 2011-11-13] (Citrix Online -> Citrix Online, une division de Citrix Systems, Inc.)
HKLM … Print Monitors HP1100LM: C: Windows system32 HP1100LM.DLL [288768 2012-08-31] (Éditeur de compatibilité matérielle Microsoft Windows ->)
HKLM … Print Monitors PCL hpf3lw73: C: Windows system32 hpf3lw73.dll [48640 2009-07-13] (Microsoft Windows -> Hewlett-Packard Company)
HKLM … Print Monitors PJL Language Monitor: C: Windows system32 PJLMON.DLL [22016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM … Print Monitors WSD Port: C: Windows system32 WSDMon.dll [224768 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
HKLM Software Microsoft Active Setup Installed Components: [2D46B6DC-2207-486B-B523-A557E6D54B47] -> C: Windows system32 cmd.exe / D / C démarrer C: Windows system32 ie4uinit.exe -ClearIconCache
HKLM Software Microsoft Active Setup Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C: Program Files (x86) Google Chrome Application 83.0.4103.61 Installer chrmstp.exe [2020-05-21] (Google LLC -> Google LLC)
HKLM Software Wow6432Node Microsoft Active Setup Installed Components: [2D46B6DC-2207-486B-B523-A557E6D54B47] -> C: Windows system32 cmd.exe / D / C démarrer C: Windows system32 ie4uinit.exe -ClearIconCache
HKLM Software Wow6432Node Microsoft Active Setup Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> "C: Program Files (x86) Google Chrome Application 58.0.3029.81 Installer chrmstp.exe" –configure-user-settings –verbose-logging –system-level
HKLM Software Wow6432Node Microsoft Active Setup Installed Components: [A6EADE66-0000-0000-484E-7E8A45000000] -> C: Program Files (x86) Adobe Acrobat Reader DC Esl AiodLite.dll [2020-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM Software … Authentication Credential Providers: [18CBEEAA-6708-41A1-9379-D08915333CF2] -> C: Program Files Fichiers communs SPBA provider.dll [2010-09-15] (UPEK Inc. -> UPEK Inc.)
HKLM Software … Authentication Credential Providers: [F8A0B131-5F68-486c-8040-7E8FC3C85BB6] -> C: Program Files Fichiers communs Microsoft Shared Windows Live WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
HKLM Software … Authentication Credential Provider Filters: [AE583D93-8D1B-424F-9858-5623FB7824EE] -> C: Program Files Fichiers communs SPBA provider.dll [2010-09-15] (UPEK Inc. -> UPEK Inc.)
Lsa: [Authentication Packages] msv1_0 wvauth
Démarrage: C: Users KMiele AppData Roaming Microsoft Windows Start Menu Programs Startup Send to OneNote.lnk [2019-04-15]
ShortcutTarget: Envoyer à OneNote.lnk -> C: Program Files (x86) Microsoft Office root Office16 ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Démarrage: C: Users KMiele AppData Roaming Microsoft Windows Start Menu Programs Startup Synology Active Backup for Business Agent.lnk [2020-05-30]
ShortcutTarget: Synology Active Backup for Business Agent.lnk -> C: Program Files (x86) Synology ActiveBackupforBusinessAgent ui ui Synology Active Backup for Business Agent.exe (Synology Inc. -> Synology Inc.)
GroupPolicy: Restriction? <==== ATTENTION
==================== Tâches planifiées (liste blanche) ============
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)
Tâche: 081E9A99-734F-4FAE-8444-FF5BCE42CC94 – System32 Tasks GoogleUpdateTaskMachineCore => C: Program Files (x86) Google Update GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Tâche: 14E0E16B-CDD3-4715-A764-AB5077A8387C – System32 Tasks B923A7E4-5A7D-4E36-A826-F910D94CCC00 => C: Windows system32 pcalua.exe -a C: sage SAGE50_2015_2 setup.exe -dc: sage SAGE50_2015_2
Tâche: 15BC1BFC-E634-469A-A715-ECE4F1F62C74 – System32 Tasks Microsoft Microsoft Antimalware Microsoft Antimalware Scheduled Scan => C: Program Files Microsoft Security Client \ MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Tâche: 1C64426A-6BD3-46D2-A7B2-4A8B602C7956 – System32 Tasks Microsoft Office Office Feature Updates => C: Program Files (x86) Microsoft Office root Office16 sdxhelper.exe [115024 2020-05-16] (Microsoft Corporation -> Microsoft Corporation)
Tâche: 4684A218-CD5E-469F-B669-CF01DCA07962 – System32 Tasks 67ACF55C-EB72-425E-AB3F-35948FD488B3 => C: Program Files (x86) Camlink GBExplorer.exe
Tâche: 4BDABF97-7E25-4293-841E-C93B30A11D39 – System32 Tasks EPSON WF-7610 Series Invitation FF28E7AF-4CCD-468C-A99D-00F55294ED94 => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Tâche: 59372F2D-71EE-468D-9F15-C6607CAC405D – Mise à jour de la série System32 Tasks EPSON WF-7610 39C1617B-E859-4EF3-B298-7E9FB6CA08E0 => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Tâche: 5A1C4ED0-83EC-4907-995D-8B5D13CAA627 – System32 Tasks EPSON WF-7610 Series Invitation 5C8C4560-2AA2-4E44-AEF1-4B9AEDB0323F => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Tâche: 5C5C9012-45CD-4B0C-8027-3E9F82A6AE46 – System32 Tasks Seagate_Install_Launch => C: Program Files (x86) Seagate Seagate Dashboard 2.0 Dashboard.exe [1964832 2015-07-15] (Seagate Technology LLC -> Seagate Technology LLC)
Tâche: 5EE99B02-4140-4D82-A422-4CD8BAD5FF97 – Mise à jour de la série System32 Tasks EPSON WF-7610 5C8C4560-2AA2-4E44-AEF1-4B9AEDB0323F => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Tâche: 7C00AC32-2329-4E49-A396-84813BEC25CE – Maintenance des abonnements System32 Tasks Microsoft Office Office => C: Program Files (x86) Microsoft Office root vfs ProgramFilesCommonx86 Microsoft Shared Office16 OLicenseHeartbeat.exe [1443712 2020-05-16] (Microsoft Corporation -> Microsoft Corporation)
Tâche: 8AF49B31-0E1E-41E9-BC82-9F5FC25A5251 – System32 Tasks Adobe Flash Player Updater => C: Windows SysWOW64 Macromed Flash FlashPlayerUpdateService.exe [335416 2020-05-12] (Adobe Inc. -> Adobe)
Tâche: 8B3D8F3C-87B3-4138-94D0-086AD77F90FB – System32 Tasks 3BA22ECB-313A-484F-9D1F-BDCCEEFD4B0F => C: Windows system32 pcalua.exe -a "C: Users KM AppData Local Microsoft Windows Temporary Internet Files Content.IE5 9UYR0S67 gosetup.exe "-d C: Users KM Desktop
Tâche: 8C9007F7-F400-414A-A9A1-5EA247100A36 – Mise à jour de la série System32 Tasks EPSON WF-7610 FF28E7AF-4CCD-468C-A99D-00F55294ED94 => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Tâche: 94C8FCE1-A0E0-4925-99A3-CBF4876FBC5A – Tâche de mise à jour System32 Tasks Microsoft Windows Live SOXE Extractor Definitions => 3519154C-227E-47F3-9CC9-12C3F05817F1
Tâche: 9DEF0C85-9A20-45A8-9F83-94B6E19AD0E2 – System32 Tasks 232A9230-3654-4161-A4A5-63B3A050B7B2 => C: Windows system32 pcalua.exe -a C: Users KM Téléchargements gosetup.exe -d C: Users KM Desktop
Tâche: 9F766520-5A1E-43C2-A4E5-14024BFC427C – System32 Tasks EPSON WF-7610 Series Invitation F041DFFD-6EE2-46E8-AF61-EDAD1E811B30 => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Tâche: A512C446-CF09-4DC3-BF68-9350E109231D – System32 Tasks G2MUpdateTask-S-1-5-21-302665900-850237627-724062673-1000 => C: Program Files (x86) GoToMeeting 7495 g2mupdate.exe [31808 2017-08-24] (LogMeIn, Inc. -> LogMeIn, Inc.)
Tâche: AC6732F2-23EC-47C4-B6B0-E35829E3A930 – System32 Tasks Microsoft Office Office Automatic Updates 2.0 => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [24608104 2020-05-07] (Microsoft Corporation -> Microsoft Corporation)
Tâche: C62FAD65-BF38-4B2E-BE4A-F3C77CABA3E2 – Connexion aux mises à jour des fonctionnalités System32 Tasks Microsoft Office Office => C: Program Files (x86) Microsoft Office root Office16 sdxhelper.exe [115024 2020-05-16] (Microsoft Corporation -> Microsoft Corporation)
Tâche: D0842C2F-834D-49C4-BF3B-CF3E9C6545DF – System32 Tasks G2MUploadTask-S-1-5-21-302665900-850237627-724062673-1000 => C: Program Files (x86) GoToMeeting 7495 g2mupload.exe [31808 2017-08-24] (LogMeIn, Inc. -> LogMeIn, Inc.)
Tâche: D63E8E00-9071-40B5-B259-97A5D07697CC – System32 Tasks Microsoft Office Office ClickToRun Service Monitor => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [24608104 2020-05-07] (Microsoft Corporation -> Microsoft Corporation)
Tâche: D8C389D4-15F0-4926-B965-FCE13ABB651F – System32 Tasks 5536D2D1-0187-4B91-BF5B-BDD9B8792EFA => C: Program Files (x86) Camlink GBExplorer.exe
Tâche: E357B89D-9D72-4889-9C8B-B5067C6DA9EC – System32 Tasks GoogleUpdateTaskMachineUA => C: Program Files (x86) Google Update GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Tâche: E5F20D9E-C9B5-49CB-B6DE-934F1D537789 – System32 Tasks EPSON WF-7610 Series Invitation 39C1617B-E859-4EF3-B298-7E9FB6CA08E0 => C: Windows system32 spool DRI DRI 3 E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Tâche: EB87F4E5-1239-453E-8914-6D524EEA822A – Tâche de mise à jour System32 Tasks Adobe Acrobat => C: Program Files (x86) Common Files Adobe ARM 1.0 AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Tâche: F60ECC63-0AC2-46F1-A928-D7DE00352D1A – System32 Tasks KM DBAgent 2 0 => C: Program Files (x86) Seagate Seagate Dashboard 2.0 DBAgent.exe [1540896 2015-07-15] (Seagate Technology LLC -> Seagate Technology LLC)
Tâche: FE14E6A5-EF5A-4338-BF4C-8B9EE7A4EC2C – System32 Tasks EPSON WF-7610 Series Update F041DFFD-6EE2-46E8-AF61-EDAD1E811B30 => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
(Si une entrée est incluse dans la liste de correctifs, le fichier de tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Tâche: C: Windows Tasks EPSON WF-7610 Series Invitation 39C1617B-E859-4EF3-B298-7E9FB6CA08E0 .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE
Tâche: C: Windows Tasks EPSON WF-7610 Series Invitation 5C8C4560-2AA2-4E44-AEF1-4B9AEDB0323F .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE
Tâche: C: Windows Tasks EPSON WF-7610 Series Invitation F041DFFD-6EE2-46E8-AF61-EDAD1E811B30 .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE
Tâche: C: Windows Tasks EPSON WF-7610 Series Invitation FF28E7AF-4CCD-468C-A99D-00F55294ED94 .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE
Tâche: C: Windows Tasks EPSON WF-7610 Series Update 39C1617B-E859-4EF3-B298-7E9FB6CA08E0 .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE: / EXE: 39C1617B-E859-4EF3-B298-7E9FB6CA08E0 / F: UpdateSYSTEMĊRecherche les mises à jour du logiciel EPSON et vous avertit lorsque des mises à jour sont disponibles.Si cette tâche est désactivée ou arrêtée, votre logiciel EPSON ne sera pas automatiquement mis à jour automatiquement. Thi
Tâche: C: Windows Tasks EPSON WF-7610 Series Update 5C8C4560-2AA2-4E44-AEF1-4B9AEDB0323F .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE: / EXE: 5C8C4560-2AA2-4E44-AEF1-4B9AEDB0323F / F: UpdateSYSTEMĊRecherche les mises à jour du logiciel EPSON et vous avertit lorsque des mises à jour sont disponibles.Si cette tâche est désactivée ou arrêtée, votre logiciel EPSON ne sera pas automatiquement mis à jour automatiquement. Thi
Tâche: C: Windows Tasks EPSON WF-7610 Series Update F041DFFD-6EE2-46E8-AF61-EDAD1E811B30 .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE: / EXE: F041DFFD-6EE2-46E8-AF61-EDAD1E811B30 / F: UpdateSYSTEMĊRecherche les mises à jour du logiciel EPSON et vous avertit lorsque des mises à jour sont disponibles.Si cette tâche est désactivée ou arrêtée, votre logiciel EPSON ne sera pas automatiquement mis à jour automatiquement. Thi
Tâche: C: Windows Tasks EPSON WF-7610 Series Update FF28E7AF-4CCD-468C-A99D-00F55294ED94 .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE: / EXE: FF28E7AF-4CCD-468C-A99D-00F55294ED94 / F: UpdateSYSTEMĊ Recherche les mises à jour du logiciel EPSON et vous avertit lorsque des mises à jour sont disponibles. Si cette tâche est désactivée ou arrêtée, votre logiciel EPSON ne sera pas automatiquement mis à jour automatiquement. Thi
Tâche: C: Windows Tasks G2MUpdateTask-S-1-5-21-302665900-850237627-724062673-1000.job => C: Program Files (x86) GoToMeeting 7495 g2mupdate.exe
Tâche: C: Windows Tasks G2MUploadTask-S-1-5-21-302665900-850237627-724062673-1000.job => C: Program Files (x86) GoToMeeting 7495 g2mupload.exe
==================== Internet (liste blanche) ====================
(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément du registre, il sera supprimé ou restauré par défaut.)
Winsock: Catalog5 07 C: Program Files (x86) Fichiers communs Microsoft Shared Windows Live WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C: Program Files (x86) Fichiers communs Microsoft Shared Windows Live WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C: Program Files (x86) Bonjour mdnsNSP.dll [152864 2010-05-18] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C: Program Files Fichiers communs Microsoft Shared Windows Live WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C: Program Files Fichiers communs Microsoft Shared Windows Live WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C: Program Files Bonjour mdnsNSP.dll [193824 2010-05-18] (Apple Inc. -> Apple Inc.)
Tcpip .. Interfaces D863FDF7-69D2-4F29-AC3C-50AD8EA40F8B: [NameServer] 192.168.1.10,8.8.8.8
HKLM System … Parameters PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.1.1,-1]
Internet Explorer:
==================
HKU S-1-5-21-928097801-345109163-1125972616-1104 Software Microsoft Internet Explorer Main, Start Page Redirect Cache = hxxp: //www.msn.com/? Ocid = iehp
HKU S-1-5-21-928097801-345109163-1125972616-1107 Software Microsoft Internet Explorer Main, Start Page Redirect Cache = hxxp: //www.msn.com/? Ocid = iehp
SearchScopes: HKLM -> DefaultScope E6C80228-1FAB-4837-BB34-C5677F14829A URL = hxxp: //www.bing.com/search? Q = searchTerms & form = DLRDF8 & pc = MDDR & src = IE-SearchBox
SearchScopes: HKLM -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
SearchScopes: HKLM -> E6C80228-1FAB-4837-BB34-C5677F14829A URL = hxxp: //www.bing.com/search? Q = searchTerms & form = DLRDF8 & pc = MDDR & src = IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope E6C80228-1FAB-4837-BB34-C5677F14829A URL = hxxp: //www.bing.com/search? Q = searchTerms & form = DLRDF8 & pc = MDDR & src = IE-SearchBox
SearchScopes: HKLM-x32 -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
SearchScopes: HKLM-x32 -> E6C80228-1FAB-4837-BB34-C5677F14829A URL = hxxp: //www.bing.com/search? Q = searchTerms & form = DLRDF8 & pc = MDDR & src = IE-SearchBox
SearchScopes: HKU S-1-5-21-928097801-345109163-1125972616-1104 -> DefaultScope E6C80228-1FAB-4837-BB34-C5677F14829A URL =
SearchScopes: HKU S-1-5-21-928097801-345109163-1125972616-1104 -> E6C80228-1FAB-4837-BB34-C5677F14829A URL =
SearchScopes: HKU S-1-5-21-928097801-345109163-1125972616-1107 -> DefaultScope E6C80228-1FAB-4837-BB34-C5677F14829A URL =
SearchScopes: HKU S-1-5-21-928097801-345109163-1125972616-1107 -> E6C80228-1FAB-4837-BB34-C5677F14829A URL =
BHO: Classe TmIEPlugInBHO -> 1CA1377B-DC1D-4A52-9585-6E06050FAC53 -> c: Program Files (x86) Trend Micro Client Server Security Agent bho 1009 TmIEPlg.dll => Aucun fichier
BHO: Skype Entreprise Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C: Program Files (x86) Microsoft Office root VFS ProgramFilesX64 Microsoft Office Office16 OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Aide à la connexion Windows Live ID -> 9030D464-4C02-4ABF-8ECC-5164760863C6 -> C: Program Files Fichiers communs Microsoft Shared Windows Live WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Foxit PhantomPDF Create PDF ToolBar Helper -> A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A -> C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator IEAddin IEAddin_x64.dll [2020-04-22] (LOGICIEL FOXIT INC. ->)
BHO: Gestionnaire de cache de documents Office -> B4F3A835-0E21-4959-BA22-42B3008E02FF -> C: Program Files (x86) Microsoft Office root VFS ProgramFilesX64 Microsoft Office Office16 URLREDIR.DLL [2020-05-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Classe TmIEPlugInBHO -> 1CA1377B-DC1D-4A52-9585-6E06050FAC53 -> c: Program Files (x86) Trend Micro Client Server Security Agent bho 1009 TmIEPlg32.dll => Aucun fichier
BHO-x32: Norton Vulnerability Protection -> 6D53EC84-6AAE-4787-AEEE-F4628F01010C -> C: Program Files (x86) Norton Internet Security Engine 21.7.0.11 IPS IPSBHO.DLL => Aucun fichier
BHO-x32: Aide à la connexion Windows Live ID -> 9030D464-4C02-4ABF-8ECC-5164760863C6 -> C: Program Files (x86) Common Files Microsoft Shared Windows Live WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A -> C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator IEAddin IEAddin.dll [2020-04-22] (LOGICIEL FOXIT INC. ->)
BHO-x32: Gestionnaire de cache de documents Office -> B4F3A835-0E21-4959-BA22-42B3008E02FF -> C: Program Files (x86) Microsoft Office root Office16 URLREDIR.DLL [2020-05-16] (Microsoft Corporation -> Microsoft Corporation)
Barre d'outils: HKLM – Foxit PhantomPDF Create PDF ToolBar – BFD9D8A8-57FF-488A-B919-065EC77CF82F – C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator IEAddin IEAddin_x64.dll [2020-04-22] (LOGICIEL FOXIT INC. ->)
Barre d'outils: HKLM-x32 – Foxit PhantomPDF Créer une barre d'outils PDF – BFD9D8A8-57FF-488A-B919-065EC77CF82F – C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator IEAddin IEAddin.dll [2020-04-22] (LOGICIEL FOXIT INC. ->)
DPF: HKLM-x32 22945A69-1191-4DCF-9E6F-409BDE94D101 hxxp: //dl-ak.solidworks.com/nonsecure/edrawings/e2013sp03/13.3.0.111/cab//eDrawingsEnglish.cab
Handler-x32: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C: Program Files (x86) Microsoft Office root Office16 MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C: Program Files (x86) Microsoft Office root Office16 MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C: Program Files (x86) Microsoft Office root Office16 MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C: Program Files (x86) Microsoft Office root Office16 MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Gestionnaire: tmpx – 0E526CB5-7446-41D1-A403-19BFE95E8C23 – c: Program Files (x86) Trend Micro Client Server Security Agent bho 1009 TmIEPlg32.dll Aucun fichier
FireFox:
========
FF HKLM … Firefox Extensions: [FFExtnHTML2PDF@foxitsoftware.com] – C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator FirefoxAddin FFExtnHTML2PDF.xpi
Extension FF: (Foxit PDF Creator) – C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator FirefoxAddin FFExtnHTML2PDF.xpi [2020-04-22] [Legacy]
FF HKLM … Firefox Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] – C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator FirefoxAddin FireFoxNew-WebExtensions@foxitsoftware.com.xpi
Extension FF: (Foxit PDF Creator) – C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator FirefoxAddin FireFoxNew-WebExtensions@foxitsoftware.com.xpi [2020-04-22]
FF HKLM-x32 … Firefox Extensions: [22C7F6C6-8D67-4534-92B5-529A0EC09405] – c: Program Files (x86) Trend Micro Client Server Security Agent bho 1009 FirefoxExtension => introuvable
FF HKLM-x32 … Firefox Extensions: [quickprint@hp.com] – C: Program Files (x86) Hewlett-Packard SmartPrint QPExtension
Extension FF: (SmartPrintButton) – C: Program Files (x86) Hewlett-Packard SmartPrint QPExtension [2011-01-26] [Legacy] [not signed]
FF HKLM-x32…FirefoxExtensions: [FFExtnHTML2PDF@foxitsoftware.com] – C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsCreatorFirefoxAddinFFExtnHTML2PDF.xpi
FF HKLM-x32…FirefoxExtensions: [FireFoxNew-WebExtensions@foxitsoftware.com] – C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsCreatorFirefoxAddinFireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:Program FilesMicrosoft Silverlight5.1.50918.0npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIIPT.dll [2013-11-13] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIUpdater.dll [2013-11-13] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:Program Files (x86)Microsoft Silverlight5.1.50918.0npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program Files (x86)Microsoft OfficerootOffice16NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeAcrobat Reader DCReaderAIRnppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefault [2018-03-12]
CHR Extension: (Google Slides) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2017-09-13]
CHR Extension: (Google Docs) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2017-09-13]
CHR Extension: (Google Drive) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2017-09-13]
CHR Extension: (YouTube) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-13]
CHR Extension: (Google Sheets) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2017-09-13]
CHR Extension: (Google Docs Offline) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-13]
CHR Extension: (Chrome Web Store Payments) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2017-09-13]
CHR Extension: (Gmail) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2017-09-13]
CHR Extension: (Chrome Media Router) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-13]
CHR HKLM…ChromeExtension: [cifnddnffldieaamihfkhkdgnbhfmaci] – C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsCreatorChromeAddinChromeAddin.crx [2020-04-22]
CHR HKUS-1-5-21-928097801-345109163-1125972616-1107SOFTWAREGoogleChromeExtensions…ChromeExtension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32…ChromeExtension: [cifnddnffldieaamihfkhkdgnbhfmaci] – C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsCreatorChromeAddinChromeAddin.crx [2020-04-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [11111280 2020-05-07] (Microsoft Corporation -> Microsoft Corporation)
R2 DymoPnpService; C:Program Files (x86)DYMODYMO Label SoftwareDymoPnpService.exe [27136 2017-05-09] (Sanford, L.P.) [File not signed]
R2 EmbassyService; C:Program FilesDellDell Data ProtectionAccessAdvancedWaveEMBASSY Client CoreEmbassyServer.exe [218504 2012-01-17] (Wave Systems Corp. -> )
R2 EpsonScanSvc; C:Windowssystem32EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_01; C:ProgramDataEPSONEPW!3 SSRPE_S30RP1.EXE [102400 2006-04-18] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_06; C:Program FilesCommon FilesEPSONEPW!3 SSRPE_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 FoxitPhantomPDFUpdateService; C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFFoxitPhantomPDFUpdateService.exe [1995184 2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 GenericMount Helper Service; C:Program Files (x86)Norton GhostSharedDriversGenericMountHelperx64.exe [2227216 2010-02-12] (Symantec Corporation -> Symantec)
R2 HP LaserJet Service; C:Program Files (x86)HPHPLaserJetServiceHPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
R2 HPSIService; C:Windowssystem32HPSIsvc.exe [126880 2012-08-31] (Hewlett-Packard Company -> HP)
R2 igfxCUIService1.0.0.0; C:Windowssystem32igfxCUIService.exe [329192 2016-06-02] (Intel® pGFX -> Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:Program FilesInteliCLS ClientHeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
R2 jhi_service; C:Program Files (x86)IntelIntel® Management Engine ComponentsDALjhi_service.exe [169432 2013-11-13] (Intel Corporation – Intel® Management Engine Firmware -> Intel Corporation)
S3 LiveUpdate; C:Program Files (x86)SymantecLiveUpdateLuComServer_3_2.EXE [2999664 2007-09-12] (Symantec Corporation -> Symantec Corporation)
R2 MsMpSvc; C:Program FilesMicrosoft Security ClientMsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 NasPmService; C:Program Files (x86)BUFFALONASNAVInassvc.exe [251760 2012-03-29] (BUFFALO INC. -> BUFFALO INC.)
R3 NisSrv; C:Program FilesMicrosoft Security ClientNisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 Norton Ghost; C:Program Files (x86)Norton GhostAgentVProSvc.exe [4590432 2010-03-03] (Symantec Corporation -> Symantec Corporation)
R2 psqlWGE; C:Program Files (x86)ActianPSQLbinw3dbsmgr.exe [359464 2019-02-22] (Actian Corporation -> Actian Corporation)
R2 Sage 50 SmartPosting 2020; C:Program Files (x86)SagePeachtreeSmartPostingService2020.exe [343072 2019-10-01] (Sage Software, Inc. -> Sage Software, Inc.)
R2 Sage AutoUpdate Manager Service; C:Program Files (x86)Common FilesSageCentralAutoUpdateClientSage.Central.AutoUpdateManager.Service.exe [8192 2015-08-24] (Microsoft) [File not signed]
R2 Seagate Dashboard Services; C:Program Files (x86)SeagateSeagate Dashboard 2.0Seagate.Dashboard.DASWindowsService.exe [16216 2015-07-15] (Seagate Technology LLC -> Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:Program Files (x86)SeagateSeagate Dashboard 2.0MobileService.exe [143656 2015-07-15] (Seagate Technology LLC -> Seagate Technology LLC)
R3 Symantec SymSnap VSS Provider; C:Windowssystem32dllhost.exe /Processid:C8C82416-80A2-4D08-952F-2D26082F2978 [9728 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
R3 Symantec SymSnap VSS Provider; C:Windowssystem32dllhost.exe /Processid:C8C82416-80A2-4D08-952F-2D26082F2978 [9728 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
R3 SymSnapService; C:Program Files (x86)Norton GhostSharedDriversSymSnapServicex64.exe [2963960 2010-02-11] (Symantec Corporation -> Symantec)
R2 Synology Active Backup for Business Service; C:Program Files (x86)SynologyActiveBackupforBusinessAgentserviceSynology Active Backup for Business Service.exe [3061720 2020-03-19] (Synology Inc. -> )
S2 tcsd_win32.exe; C:Program Files (x86)NTRU CryptosystemsNTRU TCG Software Stackbintcsd_win32.exe [1637888 2011-10-08] () [File not signed]
R2 TeamViewer; C:Program Files (x86)TeamViewerTeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 Wave Authentication Manager Service; C:Program FilesDellDell Data ProtectionAccessAdvancedWaveAuthentication ManagerWaveAMService.exe [1679872 2012-01-05] (Wave Systems Corp.) [File not signed]
S3 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
S3 WvPCR; C:Program FilesDellDell Data ProtectionAccessAdvancedWaveCommonWvPCR.exe [198144 2012-01-16] (Wave Systems Corp.) [File not signed]
S2 GoToMyPC; "C:Program Files (x86)CitrixGoToMyPCg2svc.exe" "Start=service" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 GenericMount; C:WindowsSystem32DRIVERSGenericMount.sys [66608 2010-02-12] (Symantec Corporation -> Symantec Corporation)
R3 MEIx64; C:WindowsSystem32DRIVERSTeeDriverx64.sys [99288 2013-11-13] (Intel Corporation – Intel® Management Engine Firmware -> Intel Corporation)
R0 MpFilter; C:WindowsSystem32DRIVERSMpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 mvusbews; C:WindowsSystem32Driversmvusbews.sys [20480 2012-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 NisDrv; C:WindowsSystem32DRIVERSNisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R0 symsnap; C:WindowsSystem32DRIVERSsymsnap.sys [170032 2010-02-11] (Symantec Corporation -> StorageCraft)
S3 VProEventMonitor; C:WindowsSystem32DRIVERSvproeventmonitor.sys [20528 2009-09-21] (Symantec Corporation -> Symantec Corporation)
S1 ESProtectionDriver; ??C:Windowssystem32driversmbae64.sys [X]
S3 MBAMFarflt; ??C:Windowssystem32driversfarflt.sys [X]
S3 MBAMProtection; ??C:Windowssystem32driversmbam.sys [X]
S3 MBAMWebProtection; ??C:Windowssystem32driversmwac.sys [X]
S3 NAVENG; ??C:Program Files (x86)Norton Internet SecurityNortonData22.5.0.124DefinitionsSDSDefs20160713.021ENG64.SYS [X]
S3 NAVEX15; ??C:Program Files (x86)Norton Internet SecurityNortonData22.5.0.124DefinitionsSDSDefs20160713.021EX64.SYS [X]
U2 V2iMount; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2039-03-01 16:27 – 1998-06-05 14:54 – 000026832 _____ (Microsoft Corporation) C:WindowsSysWOW64CTL3DV2.DLL
2039-03-01 16:24 – 2039-03-01 16:24 – 000000000 ____D C:Program FilesCADKEY
2020-05-31 11:04 – 2020-05-31 11:06 – 000000000 ____D C:UsersKMieleDownloadsGus
2020-05-30 15:53 – 2020-05-31 10:49 – 000000000 ____D C:ProgramDataActiveBackupforBusinessAgent
2020-05-30 15:53 – 2020-05-30 15:53 – 000001405 _____ C:UsersPublicDesktopSynology Active Backup for Business Agent.lnk
2020-05-30 15:53 – 2020-05-30 15:53 – 000001405 _____ C:ProgramDataDesktopSynology Active Backup for Business Agent.lnk
2020-05-30 15:53 – 2020-05-30 15:53 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSynology
2020-05-30 15:53 – 2020-05-30 15:53 – 000000000 ____D C:Program Files (x86)Synology
2020-05-30 15:29 – 2020-05-30 15:29 – 037969920 _____ C:UsersKMieleDownloadsSynology Active Backup for Business Agent-2.1.1-1125-x64.msi
2020-05-30 14:47 – 2020-05-30 14:47 – 000001105 _____ C:UsersGemmitiADesktopESET Online Scanner.lnk
2020-05-30 14:47 – 2020-05-30 14:47 – 000000000 ____D C:UsersGemmitiAAppDataLocalESET
2020-05-30 14:46 – 2020-05-30 14:46 – 014665312 _____ (ESET spol. s r.o.) C:UsersKMieleDownloadsesetonlinescanner.exe
2020-05-30 14:46 – 2020-05-30 14:46 – 000000000 ____D C:UsersKMieleAppDataLocalESET
2020-05-30 14:25 – 2020-05-31 11:07 – 000000000 ____D C:FRST
2020-05-29 08:12 – 2020-05-29 08:12 – 000000000 ____D C:UsersKMieleAppDataLocalF5631589-FFB7-4F02-AD42-20E544B909ED
2020-05-28 13:08 – 2020-05-28 13:08 – 000190571 _____ C:UsersKMieleDesktopABF BOL.pdf
2020-05-28 12:53 – 2020-05-28 12:58 – 000000000 ____D C:UsersKMieleAppDataRoamingFoxit Software
2020-05-28 12:53 – 2020-05-28 12:53 – 000000000 ____D C:UsersKMieleAppDataLocalLowFoxit
2020-05-28 12:51 – 2020-05-28 12:51 – 000001091 _____ C:UsersPublicDesktopFoxit PhantomPDF.lnk
2020-05-28 12:51 – 2020-05-28 12:51 – 000001091 _____ C:ProgramDataDesktopFoxit PhantomPDF.lnk
2020-05-28 12:51 – 2020-05-28 12:51 – 000000000 ____D C:UsersGemmitiAAppDataRoamingFoxit Software
2020-05-28 12:51 – 2020-05-28 12:51 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsFoxit PhantomPDF
2020-05-28 12:51 – 2020-05-28 12:51 – 000000000 ____D C:ProgramDataFoxit Software
2020-05-28 12:50 – 2020-05-28 12:50 – 000000000 ____D C:UsersPublicFoxit Software
2020-05-28 12:50 – 2020-05-28 12:50 – 000000000 ____D C:Program Files (x86)Foxit Software
2020-05-28 12:47 – 2020-05-28 12:48 – 632645472 _____ (Foxit Software Inc.) C:UsersKMieleDownloadsFoxitPhantomPDF100_enu_Setup_PPC.exe
2020-05-28 11:31 – 2020-05-28 11:31 – 000306209 _____ C:UsersKMieleDownloads8 collar instructions.pdf
2020-05-28 11:30 – 2020-05-28 11:30 – 000374045 _____ C:UsersKMieleDownloadsDS-CC quick sheet.pdf
2020-05-28 08:15 – 2020-05-28 08:15 – 000000000 ____D C:UsersKMieleAppDataLocalF0C7BAA7-3009-43DB-A497-8221090794EB
2020-05-27 08:07 – 2020-05-27 08:07 – 000000000 ____D C:UsersKMieleAppDataLocal9E81D49F-F46D-46E2-B109-1DE520F0D3E3
2020-05-26 14:10 – 2020-05-26 14:10 – 000000000 ____D C:UsersKMieleAppDataLocal3D3DB803-954F-4617-B089-1DC85BA0B8B5
2020-05-26 08:09 – 2020-05-26 08:09 – 000000000 ____D C:UsersKMieleAppDataLocal9BFC70BC-53F7-488D-B839-D418315F4A2F
2020-05-22 08:11 – 2020-05-22 08:11 – 000000000 ____D C:UsersKMieleAppDataLocal6FEC2B24-CB57-4A8A-88E3-95FA12DF797F
2020-05-21 08:09 – 2020-05-21 08:09 – 000000000 ____D C:UsersKMieleAppDataLocalD7C47DEA-A771-4BED-B39B-36A44343B4BB
2020-05-20 08:14 – 2020-05-20 08:14 – 000000000 ____D C:UsersKMieleAppDataLocal6D67C60A-5BD3-47FF-B1F3-0DE3CD8FA17B
2020-05-19 08:34 – 2020-05-19 08:34 – 000000000 ____D C:UsersKMieleAppDataLocalB6BE2DF0-9C3B-4738-BA81-41C7CA1785B4
2020-05-18 08:13 – 2020-05-18 08:13 – 000000000 ____D C:UsersKMieleAppDataLocalD76F431D-B886-4C63-B77D-7698F04D48D6
2020-05-15 08:12 – 2020-05-15 08:12 – 000000000 ____D C:UsersKMieleAppDataLocal1794CD21-455A-4269-A0EB-EEABE9CAFBDD
2020-05-14 08:11 – 2020-05-14 08:11 – 000000000 ____D C:UsersKMieleAppDataLocal3D91B3BE-87AC-4431-BEDC-FA5FE11A3BFF
2020-05-13 08:09 – 2020-05-13 08:09 – 000000000 ____D C:UsersKMieleAppDataLocalB41284BD-5D6F-438F-8519-E57588B4E09A
2020-05-12 08:15 – 2020-05-12 08:15 – 000000000 ____D C:UsersKMieleAppDataLocal6709064C-0B7B-4378-8A3B-F3321CDDED01
2020-05-11 08:09 – 2020-05-11 08:09 – 000000000 ____D C:UsersKMieleAppDataLocal87750C4F-951B-458A-8B3F-C452DEA10898
2020-05-08 08:18 – 2020-05-08 08:18 – 000000000 ____D C:UsersKMieleAppDataLocal6D5BB4FD-A712-4279-8BB3-5634D9F043CD
2020-05-07 08:16 – 2020-05-07 08:16 – 000000000 ____D C:UsersKMieleAppDataLocal3CA62EED-8774-415A-A0FF-ACB010E1860D
2020-05-06 08:14 – 2020-05-06 08:14 – 000000000 ____D C:UsersKMieleAppDataLocal4CBFBA70-F8C1-479C-BC33-3DFD6A74737E
2020-05-05 08:08 – 2020-05-05 08:08 – 000000000 ____D C:UsersKMieleAppDataLocalE418702D-7B58-4178-9C05-6363F4614083
2020-05-04 08:09 – 2020-05-04 08:09 – 000000000 ____D C:UsersKMieleAppDataLocalCC9DD8B1-3D94-4B78-9861-6B168285B939
2020-05-01 13:06 – 2020-05-01 13:06 – 000000000 ____D C:UsersKMieleAppDataLocal90D7F255-F149-4886-A401-192FE7510560
2020-05-01 08:25 – 2020-05-01 08:25 – 000000000 ____D C:UsersKMieleAppDataLocal6D35E746-E51D-4A0D-847B-C331EE6C35D0
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-05-31 11:05 – 2017-09-07 08:48 – 000000000 ____D C:UsersKMieleAppDataLocalDeployment
2020-05-31 10:57 – 2016-11-14 10:58 – 000000911 _____ C:WindowsTasksEPSON WF-7610 Series Update 5C8C4560-2AA2-4E44-AEF1-4B9AEDB0323F.job
2020-05-31 10:57 – 2016-11-14 10:58 – 000000725 _____ C:WindowsTasksEPSON WF-7610 Series Invitation 5C8C4560-2AA2-4E44-AEF1-4B9AEDB0323F.job
2020-05-31 10:53 – 2009-07-14 01:32 – 000000000 ____D C:Windowssystem32FxsTmp
2020-05-31 10:49 – 2017-09-06 10:29 – 000000112 _____ C:Windowssystem32confignetlogon.ftl
2020-05-31 10:49 – 2009-07-13 23:20 – 000000000 ____D C:WindowsRegistration
2020-05-31 04:37 – 2015-08-04 14:19 – 000000504 _____ C:WindowsTasksG2MUpdateTask-S-1-5-21-302665900-850237627-724062673-1000.job
2020-05-31 04:25 – 2016-08-22 14:25 – 000000911 _____ C:WindowsTasksEPSON WF-7610 Series Update 39C1617B-E859-4EF3-B298-7E9FB6CA08E0.job
2020-05-31 04:25 – 2016-08-22 14:25 – 000000725 _____ C:WindowsTasksEPSON WF-7610 Series Invitation 39C1617B-E859-4EF3-B298-7E9FB6CA08E0.job
2020-05-31 04:22 – 2016-11-14 10:22 – 000000911 _____ C:WindowsTasksEPSON WF-7610 Series Update FF28E7AF-4CCD-468C-A99D-00F55294ED94.job
2020-05-31 04:22 – 2016-11-14 10:22 – 000000725 _____ C:WindowsTasksEPSON WF-7610 Series Invitation FF28E7AF-4CCD-468C-A99D-00F55294ED94.job
2020-05-31 04:14 – 2009-07-14 00:45 – 000034832 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-31 04:14 – 2009-07-14 00:45 – 000034832 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-31 04:13 – 2016-11-14 10:14 – 000000911 _____ C:WindowsTasksEPSON WF-7610 Series Update F041DFFD-6EE2-46E8-AF61-EDAD1E811B30.job
2020-05-31 04:13 – 2016-11-14 10:14 – 000000725 _____ C:WindowsTasksEPSON WF-7610 Series Invitation F041DFFD-6EE2-46E8-AF61-EDAD1E811B30.job
2020-05-30 15:53 – 2017-09-06 10:35 – 000001415 _____ C:UsersKMieleAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Explorer.lnk
2020-05-30 15:47 – 2020-01-07 13:47 – 000000000 ____D C:UsersKMieleDesktopACCURATE I-backup2019.zip
2020-05-30 15:32 – 2015-08-04 14:19 – 000000600 _____ C:WindowsTasksG2MUploadTask-S-1-5-21-302665900-850237627-724062673-1000.job
2020-05-30 14:26 – 2009-07-14 01:13 – 000804870 _____ C:Windowssystem32PerfStringBackup.INI
2020-05-30 14:26 – 2009-07-13 23:20 – 000000000 ____D C:Windowsinf
2020-05-30 14:24 – 2017-09-06 10:35 – 000000000 __SHD C:UsersKMieleIntelGraphicsProfiles
2020-05-30 14:18 – 2018-03-29 14:38 – 000000000 ____D C:Program Files (x86)TeamViewer
2020-05-30 14:18 – 2009-07-14 01:08 – 000000006 ____H C:WindowsTasksSA.DAT
2020-05-29 15:32 – 2013-01-22 10:56 – 000004096 ___SH C:VSNAP.IDX
2020-05-29 14:29 – 2018-08-01 10:16 – 000000000 ____D C:UsersKMieleAppDataLocalCutePDF Writer
2020-05-29 12:38 – 2018-03-12 10:20 – 000000000 ____D C:scans
2020-05-28 12:51 – 2015-10-14 08:59 – 000000000 ____D C:ProgramDataPackage Cache
2020-05-26 12:19 – 2017-09-06 10:38 – 000000000 ____D C:UsersGemmitiA
2020-05-26 08:21 – 2016-12-05 21:15 – 000002061 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAcrobat Reader DC.lnk
2020-05-26 08:09 – 2018-06-20 10:35 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2020-05-26 08:08 – 2012-08-15 00:57 – 000000000 ____D C:Program Files (x86)Microsoft Office
2020-05-26 08:08 – 2009-07-14 00:45 – 000454456 _____ C:Windowssystem32FNTCACHE.DAT
2020-05-21 21:37 – 2014-12-08 14:04 – 000002226 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2020-05-21 21:37 – 2014-12-08 14:04 – 000002185 _____ C:UsersPublicDesktopGoogle Chrome.lnk
2020-05-21 21:37 – 2014-12-08 14:04 – 000002185 _____ C:ProgramDataDesktopGoogle Chrome.lnk
2020-05-13 03:02 – 2017-09-06 09:53 – 000000000 ____D C:Windowssystem32MRT
2020-05-13 03:00 – 2017-09-06 09:52 – 120636720 ____C (Microsoft Corporation) C:Windowssystem32MRT.exe
2020-05-12 15:28 – 2017-09-06 11:20 – 000000000 ____D C:UsersKMieleAppDataLocalCrashDumps
2020-05-12 14:10 – 2012-08-15 00:39 – 000842296 _____ (Adobe) C:WindowsSysWOW64FlashPlayerApp.exe
2020-05-12 14:10 – 2012-08-15 00:39 – 000175160 _____ (Adobe) C:WindowsSysWOW64FlashPlayerCPLApp.cpl
2020-05-12 14:10 – 2012-08-15 00:39 – 000004312 _____ C:Windowssystem32TasksAdobe Flash Player Updater
2020-05-12 14:10 – 2012-08-15 00:39 – 000000000 ____D C:WindowsSysWOW64Macromed
2020-05-12 14:10 – 2012-08-15 00:39 – 000000000 ____D C:Windowssystem32Macromed
2020-05-09 15:53 – 2017-11-09 15:54 – 000003166 _____ C:Windowssystem32TasksOneDrive Standalone Update Task-S-1-5-21-928097801-345109163-1125972616-1107
2020-05-09 15:53 – 2017-11-08 09:40 – 000002160 _____ C:UsersKMieleAppDataRoamingMicrosoftWindowsStart MenuProgramsMicrosoft OneDrive.lnk
2020-05-09 15:53 – 2017-11-08 09:40 – 000000000 ___RD C:UsersKMieleOneDrive
2020-05-05 13:29 – 2019-08-27 10:09 – 000000000 _____ C:UsersKMieleDocuments63aa4421-cdd9-4382-b7e9-8150eac235f3
==================== Files in the root of some directories ========
2013-04-14 11:36 – 2013-04-14 11:36 – 001393736 _____ (Citrix Online, a division of Citrix Systems, Inc.) C:UsersKMgotomypc_635.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-05-27 00:31
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2020 01
Ran by GemmitiA (31-05-2020 11:08:21)
Running from C:UsersKMieleDownloadsGus
Windows 7 Professional Service Pack 1 (X64) (2013-01-09 14:03:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-302665900-850237627-724062673-500 – Administrator – Disabled)
Guest (S-1-5-21-302665900-850237627-724062673-501 – Limited – Enabled)
KM (S-1-5-21-302665900-850237627-724062673-1000 – Administrator – Enabled) => C:UsersKM
scans (S-1-5-21-302665900-850237627-724062673-1001 – Administrator – Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled – Up to date) 71A27EC9-3DA6-45FC-60A7-004F623C6189
AS: Microsoft Security Essentials (Enabled – Up to date) CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34
AS: Windows Defender (Disabled – Out of date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 6.0 Sprint (HKLM-x32…ACF60000-22B9-4CE9-98D6-2CCF359BAC07) (Version: 6.00.1395.4512 – ABBYY Software House)
Actian PSQL v13 Workgroup (HKLM-x32…