Email Doc a été cliqué et a envoyé l'utilisateur à Office365 Je ne sais pas si l'infection a également – Serveur d’impression

Je suis coupable de ne pas avoir lu complètement. Voir les journaux collés ci-dessous: Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 30-05-2020 01 Ran par GemmitiA (administrateur) sur KM-PC (Dell Inc. OptiPlex 7010) (31-05-2020 11:06:43) Exécution à partir de C: Users KMiele Downloads Gus Profils chargés: GemmitiA & KMiele Plateforme: Windows 7 Professional Service Pack 1 (X64) Langue: anglais (États-Unis) Internet Explorer version 11 (navigateur par défaut: IE) Mode de démarrage: Normal

==================== Processus (liste blanche) =================

(Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.)

(Actian Corporation -> Actian Corporation) C: Program Files (x86) Actian PSQL bin w3dbsmgr.exe (Adobe Inc. -> Adobe Systems) C: Program Files (x86) Common Files Adobe ARM 1.0 armsvc.exe (Apple Inc. -> Apple Inc.) C: Program Files (x86) Bonjour mDNSResponder.exe (BUFFALO INC. -> BUFFALO INC.) C: Program Files (x86) BUFFALO NASNAVI nassvc.exe (Cisco WebEx LLC -> Cisco WebEx LLC) C: Windows SysWOW64 atashost.exe (DYMO) [File not signed] C: Program Files (x86) DYMO DYMO Label Software DYMO.DLS.Printing.Host.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C: Program Files (x86) Foxit Software Foxit PhantomPDF FoxitPhantomPDFUpdateService.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator FoxitProxyServer_Socket_PH.exe (Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe (Hewlett-Packard Company -> HP) C: Windows System32 HPSIsvc.exe (HP) [File not signed] C: Program Files (x86) HP HPLaserJetService HPLaserJetService.exe (Intel Corporation – Micrologiciel Intel® Management Engine -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components DAL Jhi_service.exe (Intel Corporation – Produits logiciels et micrologiciels -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components IMSS PrivacyIconClient.exe (Intel Corporation – Produits logiciels et micrologiciels -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components LMS LMS.exe (Intel Corporation -> Intel Corporation) C: Program Files (x86) Intel Intel® Rapid Storage Technology IAStorDataMgrSvc.exe (Intel Corporation -> Intel Corporation) C: Program Files (x86) Intel Intel® Rapid Storage Technology IAStorIcon.exe (Intel Corporation -> Intel Corporation) C: Program Files (x86) Intel Intel® USB 3.0 eXtensible Host Controller Driver Application iusb3mon.exe (Intel Corporation -> Intel Corporation) C: Windows System32 IPROSetMonitor.exe (Intel® Corporation) [File not signed] C: Program Files Intel iCLS Client HeciServer.exe (Intel® pGFX -> Intel Corporation) C: Windows System32 igfxCUIService.exe (Intel® pGFX -> Intel Corporation) C: Windows System32 igfxEM.exe (Intel® pGFX -> Intel Corporation) C: Windows System32 igfxHK.exe (Intel® pGFX -> Intel Corporation) C: Windows System32 igfxTray.exe (Microsoft Corporation -> Microsoft Corp.) C: Program Files Fichiers communs Microsoft Shared Windows Live WLIDSVC.EXE (Microsoft Corporation -> Microsoft Corp.) C: Program Files Fichiers communs Microsoft Shared Windows Live WLIDSVCM.EXE (Microsoft Corporation -> Microsoft Corporation) C: Program Files (x86) Microsoft Office root Office16 EXCEL.EXE (Microsoft Corporation -> Microsoft Corporation) C: Program Files (x86) Microsoft Office root Office16 ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) C: Program Files (x86) Microsoft Office root Office16 WINWORD.EXE (Microsoft Corporation -> Microsoft Corporation) C: Program Files Fichiers communs Microsoft Shared ClickToRun OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C: Program Files Microsoft Security Client MsMpEng.exe (Microsoft Corporation -> Microsoft Corporation) C: Program Files Microsoft Security Client msseces.exe (Microsoft Corporation -> Microsoft Corporation) C: Program Files Microsoft Security Client NisSrv.exe (Microsoft Corporation -> Microsoft Corporation) C: Windows Microsoft.NET Framework64 v3.0 WPF PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe (Microsoft Windows -> Microsoft Corporation) C: Windows System32 LogonUI.exe (Microsoft Windows -> Microsoft Corporation) C: Windows System32 mobsync.exe (Microsoft Windows -> Microsoft Corporation) C: Windows System32 prevhost.exe (Microsoft Windows -> Microsoft Corporation) C: Windows System32 rdpclip.exe (Microsoft Windows -> Microsoft Corporation) C: Windows SysWOW64 wbem WmiPrvSE.exe (Éditeur de compatibilité matérielle Microsoft Windows -> SEIKO EPSON CORPORATION) C: ProgramData EPSON EPW! 3 SSRP E_S30RP1.EXE (Microsoft) [File not signed] C: Program Files (x86) Common Files Sage Central AutoUpdateClient Sage.Central.AutoUpdateManager.Service.exe (Nuance Communications, Inc. -> Nuance Communications, Inc.) C: Program Files (x86) ScanSoft PaperPort pptd40nt.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C: Program Files Realtek Audio HDA RtDCpl64.exe (Sage Software, Inc. -> Sage Software, Inc.) C: Program Files (x86) Sage Peachtree SmartPostingService2020.exe (Sanford, L.P.) [File not signed] C: Program Files (x86) DYMO DYMO Label Software DymoPnpService.exe (Sanford, L.P.) [File not signed] C: Program Files (x86) DYMO DYMO Label Software DymoQuickPrint.exe (Seagate Technology LLC -> Seagate Technology LLC) C: Program Files (x86) Seagate Seagate Dashboard 2.0 MobileService.exe (Seagate Technology LLC -> Seagate Technology LLC) C: Program Files (x86) Seagate Seagate Dashboard 2.0 Seagate.Dashboard.DASWindowsService.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C: Program Files (x86) Epson Software Event Manager EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C: Program Files (x86) Epson Software FAX Utility FUFAXRCV.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C: Program Files Fichiers communs EPSON EPW! 3 SSRP E_S60RPB.EXE (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C: Program Files EPSON EpsonCustomerParticipation EPCP.exe (SEIKO EPSON Corporation -> Seiko Epson Corporation) C: Windows System32 escsvc64.exe (Symantec Corporation -> Symantec Corporation) C: Program Files (x86) Norton Ghost Agent VProSvc.exe (Symantec Corporation -> Symantec Corporation) C: Program Files (x86) Norton Ghost Agent VProTray.exe (Symantec Corporation -> Symantec) C: Program Files (x86) Norton Ghost Shared Drivers SymSnapServicex64.exe (Synology Inc. ->) C: Program Files (x86) Synology ActiveBackupforBusinessAgent service Synology Active Backup for Business Service.exe (Synology Inc. -> Synology Inc.) C: Program Files (x86) Synology ActiveBackupforBusinessAgent ui ui Synology Active Backup for Business Agent.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer TeamViewer_Service.exe (UPEK Inc. -> UPEK Inc.) C: Program Files Fichiers communs SPBA upeksvr.exe (Wave Systems Corp. ->) C: Program Files Dell Dell Data Protection Access Advanced Wave EMBASSY Client Core EmbassyServer.exe (Wave Systems Corp. -> Wave Systems Corp.) C: Program Files Dell Dell Data Protection Access Advanced Wave Trusted Drive Manager TdmNotify.exe (Wave Systems Corp. -> Wave Systems Corp.) C: Program Files Dell Dell Data Protection Access Advanced Wave Trusted Drive Manager TdmService.exe (Wave Systems Corp.) [File not signed] C: Program Files Dell Dell Data Protection Access Advanced Wave Authentication Manager WaveAMService.exe

==================== Registre (liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM … Run: [RtHDVCpl] => C: Program Files Realtek Audio HDA RtDCpl64.exe [2907240 2011-07-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) HKLM … Run: [TdmNotify] => C: Program Files Dell Dell Data Protection Access Advanced Wave Trusted Drive Manager TdmNotify.exe [381296 2011-12-08] (Wave Systems Corp. -> Wave Systems Corp.) HKLM … Run: [MSC] => C: Program Files Microsoft Security Client msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32 … Exécuter: [IAStorIcon] => C: Program Files (x86) Intel Intel® Rapid Storage Technology IAStorIcon.exe [284440 2011-11-29] (Intel Corporation -> Intel Corporation) HKLM-x32 … Exécuter: [IMSS] => C: Program Files (x86) Intel Intel® Management Engine Components IMSS PIconStartup.exe [134616 2013-11-13] (Intel Corporation – Logiciels et micrologiciels -> Intel Corporation) HKLM-x32 … Exécuter: [USB3MON] => C: Program Files (x86) Intel Intel® USB 3.0 eXtensible Host Controller Driver Application iusb3mon.exe [291608 2012-02-27] (Intel Corporation -> Intel Corporation) HKLM-x32 … Exécuter: [PeachtreePrefetcher.exe] => C: Program Files (x86) Sage Peachtree PeachtreePrefetcher.exe [328736 2019-10-01] (Sage Software, Inc. -> Sage Software, Inc.) HKLM-x32 … Exécuter: [EEventManager] => C: Program Files (x86) Epson Software Event Manager EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKLM-x32 … Exécuter: [SSBkgdUpdate] => C: Program Files (x86) Fichiers communs Scansoft Shared SSBkgdUpdate SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32 … Exécuter: [PaperPort PTD] => C: Program Files (x86) ScanSoft PaperPort pptd40nt.exe [29984 2008-01-14] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32 … Exécuter: [IndexSearch] => C: Program Files (x86) ScanSoft PaperPort IndexSearch.exe [46368 2008-01-14] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32 … Exécuter: [PPort11reminder] => C: Program Files (x86) ScanSoft PaperPort Ereg Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32 … Exécuter: [Norton Ghost 15.0] => C: Program Files (x86) Norton Ghost Agent VProTray.exe [2598760 2010-03-03] (Symantec Corporation -> Symantec Corporation) HKLM-x32 … Exécuter: [FUFAXRCV] => C: Program Files (x86) Epson Software FAX Utility FUFAXRCV.exe [642664 2014-05-26] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32 … Exécuter: [FUFAXSTM] => C: Program Files (x86) Epson Software FAX Utility FUFAXSTM.exe [863848 2014-05-26] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32 … Exécuter: [] => [X] HKLM-x32 … Exécuter: [HPUsageTrackingLEDM] => "C: Program Files (x86) HP HP UT LEDM bin hppusg.exe" "C: Program Files (x86) HP HP UT LEDM " HKLM-x32 … Exécuter: [DBAgent] => C: Program Files (x86) Seagate Seagate Dashboard 2.0 DBAgent.exe [1540896 2015-07-15] (Seagate Technology LLC -> Seagate Technology LLC) HKLM-x32 … Exécuter: [DLSWebSvc] => C: Program Files (x86) DYMO DYMO Label Software DYMO.DLS.Printing.Host.exe [4871680 2017-05-09] (DYMO) [File not signed] HKLM-x32 … RunOnce: [ZZPT001] => C: Program Files (x86) Sage Peachtree Peachw.exe [354848 2019-10-01] (Sage Software, Inc. -> Sage Software, Inc.) HKLM-x32 … RunOnce: [ZZPT002] => C: Program Files (x86) Sage Peachtree Peachw.exe [354848 2019-10-01] (Sage Software, Inc. -> Sage Software, Inc.) HKLM … Policies Explorer: [NoStrCmpLogical] 1 HKU S-1-5-21-928097801-345109163-1125972616-1104 … Run: [DellSystemDetect] => C: Users GemmitiA AppData Local Apps 2.0 82RYGLLL.5KY TT48BPWH.BTP dell..tion_831211ca63b981c5_0008.0008_b150a6542eb950c1 DellSystemDetect.exe [314544 2017-09-13] (Dell Inc -> Dell) HKU S-1-5-21-928097801-345109163-1125972616-1107 … Exécuter: [DymoQuickPrint] => C: Program Files (x86) DYMO DYMO Label Software DymoQuickPrint.exe [2033664 2017-05-09] (Sanford, L.P.) [File not signed] HKU S-1-5-21-928097801-345109163-1125972616-1107 … Exécuter: [turnedneutral] => "C: Users KMiele AppData Local Turnneutral Turnneutral.exe" HKLM … Windows x64 Processeurs d'impression GoToMyPC Print Processor: C: Windows System32 spool prtprocs x64 GoToPrintProcessor_x64.dll [52080 2011-11-13] (Citrix Online -> Citrix Online, une division de Citrix Systems, Inc.) HKLM … Windows x64 Processeurs d'impression HP1100PrintProc: C: Windows System32 spool prtprocs x64 HP1100PP.DLL [74240 2012-08-31] (Éditeur de compatibilité matérielle Microsoft Windows ->) HKLM … Windows x64 Processeurs d'impression hpfppw73: C: Windows System32 spool prtprocs x64 hpfppw73.dll [258048 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM … Windows x64 Processeurs d'impression hpzpplhn: C: Windows System32 spool prtprocs x64 hpzpplhn.dll [99840 2008-05-07] (Hewlett-Packard Corporation) [File not signed] HKLM … Print Monitors C287SeriesPCL Language Monitor: C: Windows system32 KOAXTJ_L.DLL [16896 2017-07-04] (KONICA MINOLTA, INC.) [File not signed] HKLM … Print Monitors CutePDF Writer Monitor v3.2: C: Windows system32 cpwmon64_v32.dll [90096 2017-05-26] (Acro Software Inc ->) HKLM … Print Monitors DYMO LabelWriter Monitor: C: Windows system32 LW400MON.DLL [16384 2017-05-09] (Éditeur de compatibilité matérielle Microsoft Windows -> DYMO Corp.) HKLM … Print Monitors EPSON Stylus Photo 1400 Series 64MonitorBA: C: Windows system32 E_ILMBUA.DLL [126976 2006-08-10] (Éditeur de compatibilité matérielle Microsoft Windows -> SEIKO EPSON CORPORATION) HKLM … Print Monitors EPSON WF-7610 Series 64MonitorBE: C: Windows system32 E_YLMBKBE.DLL [179712 2013-10-22] (Éditeur de compatibilité matérielle Microsoft Windows -> SEIKO EPSON CORPORATION) HKLM … Print Monitors EpsonNet Print Port: C: Windows system32 enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [File not signed] HKLM … Print Monitors Port GoToMyPC: C: Windows system32 gotomon_x64.dll [120176 2011-11-13] (Citrix Online -> Citrix Online, une division de Citrix Systems, Inc.) HKLM … Print Monitors HP1100LM: C: Windows system32 HP1100LM.DLL [288768 2012-08-31] (Éditeur de compatibilité matérielle Microsoft Windows ->) HKLM … Print Monitors PCL hpf3lw73: C: Windows system32 hpf3lw73.dll [48640 2009-07-13] (Microsoft Windows -> Hewlett-Packard Company) HKLM … Print Monitors PJL Language Monitor: C: Windows system32 PJLMON.DLL [22016 2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKLM … Print Monitors WSD Port: C: Windows system32 WSDMon.dll [224768 2009-07-13] (Microsoft Windows -> Microsoft Corporation) HKLM Software Microsoft Active Setup Installed Components: [2D46B6DC-2207-486B-B523-A557E6D54B47] -> C: Windows system32 cmd.exe / D / C démarrer C: Windows system32 ie4uinit.exe -ClearIconCache HKLM Software Microsoft Active Setup Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C: Program Files (x86) Google Chrome Application 83.0.4103.61 Installer chrmstp.exe [2020-05-21] (Google LLC -> Google LLC) HKLM Software Wow6432Node Microsoft Active Setup Installed Components: [2D46B6DC-2207-486B-B523-A557E6D54B47] -> C: Windows system32 cmd.exe / D / C démarrer C: Windows system32 ie4uinit.exe -ClearIconCache HKLM Software Wow6432Node Microsoft Active Setup Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> "C: Program Files (x86) Google Chrome Application 58.0.3029.81 Installer chrmstp.exe" –configure-user-settings –verbose-logging –system-level HKLM Software Wow6432Node Microsoft Active Setup Installed Components: [A6EADE66-0000-0000-484E-7E8A45000000] -> C: Program Files (x86) Adobe Acrobat Reader DC Esl AiodLite.dll [2020-05-03] (Adobe Inc. -> Adobe Systems, Inc.) HKLM Software … Authentication Credential Providers: [18CBEEAA-6708-41A1-9379-D08915333CF2] -> C: Program Files Fichiers communs SPBA provider.dll [2010-09-15] (UPEK Inc. -> UPEK Inc.) HKLM Software … Authentication Credential Providers: [F8A0B131-5F68-486c-8040-7E8FC3C85BB6] -> C: Program Files Fichiers communs Microsoft Shared Windows Live WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.) HKLM Software … Authentication Credential Provider Filters: [AE583D93-8D1B-424F-9858-5623FB7824EE] -> C: Program Files Fichiers communs SPBA provider.dll [2010-09-15] (UPEK Inc. -> UPEK Inc.) Lsa: [Authentication Packages] msv1_0 wvauth Démarrage: C: Users KMiele AppData Roaming Microsoft Windows Start Menu Programs Startup Send to OneNote.lnk [2019-04-15] ShortcutTarget: Envoyer à OneNote.lnk -> C: Program Files (x86) Microsoft Office root Office16 ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Démarrage: C: Users KMiele AppData Roaming Microsoft Windows Start Menu Programs Startup Synology Active Backup for Business Agent.lnk [2020-05-30] ShortcutTarget: Synology Active Backup for Business Agent.lnk -> C: Program Files (x86) Synology ActiveBackupforBusinessAgent ui ui Synology Active Backup for Business Agent.exe (Synology Inc. -> Synology Inc.) GroupPolicy: Restriction? <==== ATTENTION

==================== Tâches planifiées (liste blanche) ============

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

Tâche: 081E9A99-734F-4FAE-8444-FF5BCE42CC94 – System32 Tasks GoogleUpdateTaskMachineCore => C: Program Files (x86) Google Update GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.) Tâche: 14E0E16B-CDD3-4715-A764-AB5077A8387C – System32 Tasks B923A7E4-5A7D-4E36-A826-F910D94CCC00 => C: Windows system32 pcalua.exe -a C: sage SAGE50_2015_2 setup.exe -dc: sage SAGE50_2015_2 Tâche: 15BC1BFC-E634-469A-A715-ECE4F1F62C74 – System32 Tasks Microsoft Microsoft Antimalware Microsoft Antimalware Scheduled Scan => C: Program Files Microsoft Security Client \ MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) Tâche: 1C64426A-6BD3-46D2-A7B2-4A8B602C7956 – System32 Tasks Microsoft Office Office Feature Updates => C: Program Files (x86) Microsoft Office root Office16 sdxhelper.exe [115024 2020-05-16] (Microsoft Corporation -> Microsoft Corporation) Tâche: 4684A218-CD5E-469F-B669-CF01DCA07962 – System32 Tasks 67ACF55C-EB72-425E-AB3F-35948FD488B3 => C: Program Files (x86) Camlink GBExplorer.exe Tâche: 4BDABF97-7E25-4293-841E-C93B30A11D39 – System32 Tasks EPSON WF-7610 Series Invitation FF28E7AF-4CCD-468C-A99D-00F55294ED94 => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Tâche: 59372F2D-71EE-468D-9F15-C6607CAC405D – Mise à jour de la série System32 Tasks EPSON WF-7610 39C1617B-E859-4EF3-B298-7E9FB6CA08E0 => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Tâche: 5A1C4ED0-83EC-4907-995D-8B5D13CAA627 – System32 Tasks EPSON WF-7610 Series Invitation 5C8C4560-2AA2-4E44-AEF1-4B9AEDB0323F => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Tâche: 5C5C9012-45CD-4B0C-8027-3E9F82A6AE46 – System32 Tasks Seagate_Install_Launch => C: Program Files (x86) Seagate Seagate Dashboard 2.0 Dashboard.exe [1964832 2015-07-15] (Seagate Technology LLC -> Seagate Technology LLC) Tâche: 5EE99B02-4140-4D82-A422-4CD8BAD5FF97 – Mise à jour de la série System32 Tasks EPSON WF-7610 5C8C4560-2AA2-4E44-AEF1-4B9AEDB0323F => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Tâche: 7C00AC32-2329-4E49-A396-84813BEC25CE – Maintenance des abonnements System32 Tasks Microsoft Office Office => C: Program Files (x86) Microsoft Office root vfs ProgramFilesCommonx86 Microsoft Shared Office16 OLicenseHeartbeat.exe [1443712 2020-05-16] (Microsoft Corporation -> Microsoft Corporation) Tâche: 8AF49B31-0E1E-41E9-BC82-9F5FC25A5251 – System32 Tasks Adobe Flash Player Updater => C: Windows SysWOW64 Macromed Flash FlashPlayerUpdateService.exe [335416 2020-05-12] (Adobe Inc. -> Adobe) Tâche: 8B3D8F3C-87B3-4138-94D0-086AD77F90FB – System32 Tasks 3BA22ECB-313A-484F-9D1F-BDCCEEFD4B0F => C: Windows system32 pcalua.exe -a "C: Users KM AppData Local Microsoft Windows Temporary Internet Files Content.IE5 9UYR0S67 gosetup.exe "-d C: Users KM Desktop Tâche: 8C9007F7-F400-414A-A9A1-5EA247100A36 – Mise à jour de la série System32 Tasks EPSON WF-7610 FF28E7AF-4CCD-468C-A99D-00F55294ED94 => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Tâche: 94C8FCE1-A0E0-4925-99A3-CBF4876FBC5A – Tâche de mise à jour System32 Tasks Microsoft Windows Live SOXE Extractor Definitions => 3519154C-227E-47F3-9CC9-12C3F05817F1 Tâche: 9DEF0C85-9A20-45A8-9F83-94B6E19AD0E2 – System32 Tasks 232A9230-3654-4161-A4A5-63B3A050B7B2 => C: Windows system32 pcalua.exe -a C: Users KM Téléchargements gosetup.exe -d C: Users KM Desktop Tâche: 9F766520-5A1E-43C2-A4E5-14024BFC427C – System32 Tasks EPSON WF-7610 Series Invitation F041DFFD-6EE2-46E8-AF61-EDAD1E811B30 => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Tâche: A512C446-CF09-4DC3-BF68-9350E109231D – System32 Tasks G2MUpdateTask-S-1-5-21-302665900-850237627-724062673-1000 => C: Program Files (x86) GoToMeeting 7495 g2mupdate.exe [31808 2017-08-24] (LogMeIn, Inc. -> LogMeIn, Inc.) Tâche: AC6732F2-23EC-47C4-B6B0-E35829E3A930 – System32 Tasks Microsoft Office Office Automatic Updates 2.0 => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [24608104 2020-05-07] (Microsoft Corporation -> Microsoft Corporation) Tâche: C62FAD65-BF38-4B2E-BE4A-F3C77CABA3E2 – Connexion aux mises à jour des fonctionnalités System32 Tasks Microsoft Office Office => C: Program Files (x86) Microsoft Office root Office16 sdxhelper.exe [115024 2020-05-16] (Microsoft Corporation -> Microsoft Corporation) Tâche: D0842C2F-834D-49C4-BF3B-CF3E9C6545DF – System32 Tasks G2MUploadTask-S-1-5-21-302665900-850237627-724062673-1000 => C: Program Files (x86) GoToMeeting 7495 g2mupload.exe [31808 2017-08-24] (LogMeIn, Inc. -> LogMeIn, Inc.) Tâche: D63E8E00-9071-40B5-B259-97A5D07697CC – System32 Tasks Microsoft Office Office ClickToRun Service Monitor => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [24608104 2020-05-07] (Microsoft Corporation -> Microsoft Corporation) Tâche: D8C389D4-15F0-4926-B965-FCE13ABB651F – System32 Tasks 5536D2D1-0187-4B91-BF5B-BDD9B8792EFA => C: Program Files (x86) Camlink GBExplorer.exe Tâche: E357B89D-9D72-4889-9C8B-B5067C6DA9EC – System32 Tasks GoogleUpdateTaskMachineUA => C: Program Files (x86) Google Update GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.) Tâche: E5F20D9E-C9B5-49CB-B6DE-934F1D537789 – System32 Tasks EPSON WF-7610 Series Invitation 39C1617B-E859-4EF3-B298-7E9FB6CA08E0 => C: Windows system32 spool DRI DRI 3 E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Tâche: EB87F4E5-1239-453E-8914-6D524EEA822A – Tâche de mise à jour System32 Tasks Adobe Acrobat => C: Program Files (x86) Common Files Adobe ARM 1.0 AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems) Tâche: F60ECC63-0AC2-46F1-A928-D7DE00352D1A – System32 Tasks KM DBAgent 2 0 => C: Program Files (x86) Seagate Seagate Dashboard 2.0 DBAgent.exe [1540896 2015-07-15] (Seagate Technology LLC -> Seagate Technology LLC) Tâche: FE14E6A5-EF5A-4338-BF4C-8B9EE7A4EC2C – System32 Tasks EPSON WF-7610 Series Update F041DFFD-6EE2-46E8-AF61-EDAD1E811B30 => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)

(Si une entrée est incluse dans la liste de correctifs, le fichier de tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Tâche: C: Windows Tasks EPSON WF-7610 Series Invitation 39C1617B-E859-4EF3-B298-7E9FB6CA08E0 .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE Tâche: C: Windows Tasks EPSON WF-7610 Series Invitation 5C8C4560-2AA2-4E44-AEF1-4B9AEDB0323F .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE Tâche: C: Windows Tasks EPSON WF-7610 Series Invitation F041DFFD-6EE2-46E8-AF61-EDAD1E811B30 .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE Tâche: C: Windows Tasks EPSON WF-7610 Series Invitation FF28E7AF-4CCD-468C-A99D-00F55294ED94 .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE Tâche: C: Windows Tasks EPSON WF-7610 Series Update 39C1617B-E859-4EF3-B298-7E9FB6CA08E0 .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE: / EXE: 39C1617B-E859-4EF3-B298-7E9FB6CA08E0 / F: UpdateSYSTEMĊRecherche les mises à jour du logiciel EPSON et vous avertit lorsque des mises à jour sont disponibles.Si cette tâche est désactivée ou arrêtée, votre logiciel EPSON ne sera pas automatiquement mis à jour automatiquement. Thi Tâche: C: Windows Tasks EPSON WF-7610 Series Update 5C8C4560-2AA2-4E44-AEF1-4B9AEDB0323F .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE: / EXE: 5C8C4560-2AA2-4E44-AEF1-4B9AEDB0323F / F: UpdateSYSTEMĊRecherche les mises à jour du logiciel EPSON et vous avertit lorsque des mises à jour sont disponibles.Si cette tâche est désactivée ou arrêtée, votre logiciel EPSON ne sera pas automatiquement mis à jour automatiquement. Thi Tâche: C: Windows Tasks EPSON WF-7610 Series Update F041DFFD-6EE2-46E8-AF61-EDAD1E811B30 .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE: / EXE: F041DFFD-6EE2-46E8-AF61-EDAD1E811B30 / F: UpdateSYSTEMĊRecherche les mises à jour du logiciel EPSON et vous avertit lorsque des mises à jour sont disponibles.Si cette tâche est désactivée ou arrêtée, votre logiciel EPSON ne sera pas automatiquement mis à jour automatiquement. Thi Tâche: C: Windows Tasks EPSON WF-7610 Series Update FF28E7AF-4CCD-468C-A99D-00F55294ED94 .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKBE.EXE: / EXE: FF28E7AF-4CCD-468C-A99D-00F55294ED94 / F: UpdateSYSTEMĊ Recherche les mises à jour du logiciel EPSON et vous avertit lorsque des mises à jour sont disponibles. Si cette tâche est désactivée ou arrêtée, votre logiciel EPSON ne sera pas automatiquement mis à jour automatiquement. Thi Tâche: C: Windows Tasks G2MUpdateTask-S-1-5-21-302665900-850237627-724062673-1000.job => C: Program Files (x86) GoToMeeting 7495 g2mupdate.exe Tâche: C: Windows Tasks G2MUploadTask-S-1-5-21-302665900-850237627-724062673-1000.job => C: Program Files (x86) GoToMeeting 7495 g2mupload.exe

==================== Internet (liste blanche) ====================

(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément du registre, il sera supprimé ou restauré par défaut.)

Winsock: Catalog5 07 C: Program Files (x86) Fichiers communs Microsoft Shared Windows Live WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5 08 C: Program Files (x86) Fichiers communs Microsoft Shared Windows Live WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5 09 C: Program Files (x86) Bonjour mdnsNSP.dll [152864 2010-05-18] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 07 C: Program Files Fichiers communs Microsoft Shared Windows Live WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 08 C: Program Files Fichiers communs Microsoft Shared Windows Live WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 09 C: Program Files Bonjour mdnsNSP.dll [193824 2010-05-18] (Apple Inc. -> Apple Inc.) Tcpip .. Interfaces D863FDF7-69D2-4F29-AC3C-50AD8EA40F8B: [NameServer] 192.168.1.10,8.8.8.8 HKLM System … Parameters PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.1.1,-1]

Internet Explorer: ================== HKU S-1-5-21-928097801-345109163-1125972616-1104 Software Microsoft Internet Explorer Main, Start Page Redirect Cache = hxxp: //www.msn.com/? Ocid = iehp HKU S-1-5-21-928097801-345109163-1125972616-1107 Software Microsoft Internet Explorer Main, Start Page Redirect Cache = hxxp: //www.msn.com/? Ocid = iehp SearchScopes: HKLM -> DefaultScope E6C80228-1FAB-4837-BB34-C5677F14829A URL = hxxp: //www.bing.com/search? Q = searchTerms & form = DLRDF8 & pc = MDDR & src = IE-SearchBox SearchScopes: HKLM -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = SearchScopes: HKLM -> E6C80228-1FAB-4837-BB34-C5677F14829A URL = hxxp: //www.bing.com/search? Q = searchTerms & form = DLRDF8 & pc = MDDR & src = IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope E6C80228-1FAB-4837-BB34-C5677F14829A URL = hxxp: //www.bing.com/search? Q = searchTerms & form = DLRDF8 & pc = MDDR & src = IE-SearchBox SearchScopes: HKLM-x32 -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = SearchScopes: HKLM-x32 -> E6C80228-1FAB-4837-BB34-C5677F14829A URL = hxxp: //www.bing.com/search? Q = searchTerms & form = DLRDF8 & pc = MDDR & src = IE-SearchBox SearchScopes: HKU S-1-5-21-928097801-345109163-1125972616-1104 -> DefaultScope E6C80228-1FAB-4837-BB34-C5677F14829A URL = SearchScopes: HKU S-1-5-21-928097801-345109163-1125972616-1104 -> E6C80228-1FAB-4837-BB34-C5677F14829A URL = SearchScopes: HKU S-1-5-21-928097801-345109163-1125972616-1107 -> DefaultScope E6C80228-1FAB-4837-BB34-C5677F14829A URL = SearchScopes: HKU S-1-5-21-928097801-345109163-1125972616-1107 -> E6C80228-1FAB-4837-BB34-C5677F14829A URL = BHO: Classe TmIEPlugInBHO -> 1CA1377B-DC1D-4A52-9585-6E06050FAC53 -> c: Program Files (x86) Trend Micro Client Server Security Agent bho 1009 TmIEPlg.dll => Aucun fichier BHO: Skype Entreprise Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C: Program Files (x86) Microsoft Office root VFS ProgramFilesX64 Microsoft Office Office16 OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation) BHO: Aide à la connexion Windows Live ID -> 9030D464-4C02-4ABF-8ECC-5164760863C6 -> C: Program Files Fichiers communs Microsoft Shared Windows Live WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.) BHO: Foxit PhantomPDF Create PDF ToolBar Helper -> A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A -> C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator IEAddin IEAddin_x64.dll [2020-04-22] (LOGICIEL FOXIT INC. ->) BHO: Gestionnaire de cache de documents Office -> B4F3A835-0E21-4959-BA22-42B3008E02FF -> C: Program Files (x86) Microsoft Office root VFS ProgramFilesX64 Microsoft Office Office16 URLREDIR.DLL [2020-05-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Classe TmIEPlugInBHO -> 1CA1377B-DC1D-4A52-9585-6E06050FAC53 -> c: Program Files (x86) Trend Micro Client Server Security Agent bho 1009 TmIEPlg32.dll => Aucun fichier BHO-x32: Norton Vulnerability Protection -> 6D53EC84-6AAE-4787-AEEE-F4628F01010C -> C: Program Files (x86) Norton Internet Security Engine 21.7.0.11 IPS IPSBHO.DLL => Aucun fichier BHO-x32: Aide à la connexion Windows Live ID -> 9030D464-4C02-4ABF-8ECC-5164760863C6 -> C: Program Files (x86) Common Files Microsoft Shared Windows Live WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.) BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A -> C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator IEAddin IEAddin.dll [2020-04-22] (LOGICIEL FOXIT INC. ->) BHO-x32: Gestionnaire de cache de documents Office -> B4F3A835-0E21-4959-BA22-42B3008E02FF -> C: Program Files (x86) Microsoft Office root Office16 URLREDIR.DLL [2020-05-16] (Microsoft Corporation -> Microsoft Corporation) Barre d'outils: HKLM – Foxit PhantomPDF Create PDF ToolBar – BFD9D8A8-57FF-488A-B919-065EC77CF82F – C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator IEAddin IEAddin_x64.dll [2020-04-22] (LOGICIEL FOXIT INC. ->) Barre d'outils: HKLM-x32 – Foxit PhantomPDF Créer une barre d'outils PDF – BFD9D8A8-57FF-488A-B919-065EC77CF82F – C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator IEAddin IEAddin.dll [2020-04-22] (LOGICIEL FOXIT INC. ->) DPF: HKLM-x32 22945A69-1191-4DCF-9E6F-409BDE94D101 hxxp: //dl-ak.solidworks.com/nonsecure/edrawings/e2013sp03/13.3.0.111/cab//eDrawingsEnglish.cab Handler-x32: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C: Program Files (x86) Microsoft Office root Office16 MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C: Program Files (x86) Microsoft Office root Office16 MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C: Program Files (x86) Microsoft Office root Office16 MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C: Program Files (x86) Microsoft Office root Office16 MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation) Gestionnaire: tmpx – 0E526CB5-7446-41D1-A403-19BFE95E8C23 – c: Program Files (x86) Trend Micro Client Server Security Agent bho 1009 TmIEPlg32.dll Aucun fichier

FireFox: ======== FF HKLM … Firefox Extensions: [FFExtnHTML2PDF@foxitsoftware.com] – C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator FirefoxAddin FFExtnHTML2PDF.xpi Extension FF: (Foxit PDF Creator) – C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator FirefoxAddin FFExtnHTML2PDF.xpi [2020-04-22] [Legacy] FF HKLM … Firefox Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] – C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator FirefoxAddin FireFoxNew-WebExtensions@foxitsoftware.com.xpi Extension FF: (Foxit PDF Creator) – C: Program Files (x86) Foxit Software Foxit PhantomPDF plugins Creator FirefoxAddin FireFoxNew-WebExtensions@foxitsoftware.com.xpi [2020-04-22] FF HKLM-x32 … Firefox Extensions: [22C7F6C6-8D67-4534-92B5-529A0EC09405] – c: Program Files (x86) Trend Micro Client Server Security Agent bho 1009 FirefoxExtension => introuvable FF HKLM-x32 … Firefox Extensions: [quickprint@hp.com] – C: Program Files (x86) Hewlett-Packard SmartPrint QPExtension Extension FF: (SmartPrintButton) – C: Program Files (x86) Hewlett-Packard SmartPrint QPExtension [2011-01-26] [Legacy] [not signed] FF HKLM-x32…FirefoxExtensions: [FFExtnHTML2PDF@foxitsoftware.com] – C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsCreatorFirefoxAddinFFExtnHTML2PDF.xpi FF HKLM-x32…FirefoxExtensions: [FireFoxNew-WebExtensions@foxitsoftware.com] – C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsCreatorFirefoxAddinFireFoxNew-WebExtensions@foxitsoftware.com.xpi FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:Program FilesMicrosoft Silverlight5.1.50918.0npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIIPT.dll [2013-11-13] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIUpdater.dll [2013-11-13] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:Program Files (x86)Microsoft Silverlight5.1.50918.0npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program Files (x86)Microsoft OfficerootOffice16NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeAcrobat Reader DCReaderAIRnppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: ======= CHR Profile: C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefault [2018-03-12] CHR Extension: (Google Slides) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2017-09-13] CHR Extension: (Google Docs) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2017-09-13] CHR Extension: (Google Drive) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2017-09-13] CHR Extension: (YouTube) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-13] CHR Extension: (Google Sheets) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2017-09-13] CHR Extension: (Google Docs Offline) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-13] CHR Extension: (Chrome Web Store Payments) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2017-09-13] CHR Extension: (Gmail) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2017-09-13] CHR Extension: (Chrome Media Router) – C:UsersGemmitiAAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-13] CHR HKLM…ChromeExtension: [cifnddnffldieaamihfkhkdgnbhfmaci] – C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsCreatorChromeAddinChromeAddin.crx [2020-04-22] CHR HKUS-1-5-21-928097801-345109163-1125972616-1107SOFTWAREGoogleChromeExtensions…ChromeExtension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32…ChromeExtension: [cifnddnffldieaamihfkhkdgnbhfmaci] – C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsCreatorChromeAddinChromeAddin.crx [2020-04-22]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [11111280 2020-05-07] (Microsoft Corporation -> Microsoft Corporation) R2 DymoPnpService; C:Program Files (x86)DYMODYMO Label SoftwareDymoPnpService.exe [27136 2017-05-09] (Sanford, L.P.) [File not signed] R2 EmbassyService; C:Program FilesDellDell Data ProtectionAccessAdvancedWaveEMBASSY Client CoreEmbassyServer.exe [218504 2012-01-17] (Wave Systems Corp. -> ) R2 EpsonScanSvc; C:Windowssystem32EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation) R2 EPSON_PM_RPCV4_01; C:ProgramDataEPSONEPW!3 SSRPE_S30RP1.EXE [102400 2006-04-18] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) R2 EPSON_PM_RPCV4_06; C:Program FilesCommon FilesEPSONEPW!3 SSRPE_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) R2 FoxitPhantomPDFUpdateService; C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFFoxitPhantomPDFUpdateService.exe [1995184 2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) S3 GenericMount Helper Service; C:Program Files (x86)Norton GhostSharedDriversGenericMountHelperx64.exe [2227216 2010-02-12] (Symantec Corporation -> Symantec) R2 HP LaserJet Service; C:Program Files (x86)HPHPLaserJetServiceHPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed] R2 HPSIService; C:Windowssystem32HPSIsvc.exe [126880 2012-08-31] (Hewlett-Packard Company -> HP) R2 igfxCUIService1.0.0.0; C:Windowssystem32igfxCUIService.exe [329192 2016-06-02] (Intel® pGFX -> Intel Corporation) R2 Intel® Capability Licensing Service Interface; C:Program FilesInteliCLS ClientHeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed] R2 jhi_service; C:Program Files (x86)IntelIntel® Management Engine ComponentsDALjhi_service.exe [169432 2013-11-13] (Intel Corporation – Intel® Management Engine Firmware -> Intel Corporation) S3 LiveUpdate; C:Program Files (x86)SymantecLiveUpdateLuComServer_3_2.EXE [2999664 2007-09-12] (Symantec Corporation -> Symantec Corporation) R2 MsMpSvc; C:Program FilesMicrosoft Security ClientMsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) R2 NasPmService; C:Program Files (x86)BUFFALONASNAVInassvc.exe [251760 2012-03-29] (BUFFALO INC. -> BUFFALO INC.) R3 NisSrv; C:Program FilesMicrosoft Security ClientNisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) R2 Norton Ghost; C:Program Files (x86)Norton GhostAgentVProSvc.exe [4590432 2010-03-03] (Symantec Corporation -> Symantec Corporation) R2 psqlWGE; C:Program Files (x86)ActianPSQLbinw3dbsmgr.exe [359464 2019-02-22] (Actian Corporation -> Actian Corporation) R2 Sage 50 SmartPosting 2020; C:Program Files (x86)SagePeachtreeSmartPostingService2020.exe [343072 2019-10-01] (Sage Software, Inc. -> Sage Software, Inc.) R2 Sage AutoUpdate Manager Service; C:Program Files (x86)Common FilesSageCentralAutoUpdateClientSage.Central.AutoUpdateManager.Service.exe [8192 2015-08-24] (Microsoft) [File not signed] R2 Seagate Dashboard Services; C:Program Files (x86)SeagateSeagate Dashboard 2.0Seagate.Dashboard.DASWindowsService.exe [16216 2015-07-15] (Seagate Technology LLC -> Seagate Technology LLC) R2 Seagate MobileBackup Service; C:Program Files (x86)SeagateSeagate Dashboard 2.0MobileService.exe [143656 2015-07-15] (Seagate Technology LLC -> Seagate Technology LLC) R3 Symantec SymSnap VSS Provider; C:Windowssystem32dllhost.exe /Processid:C8C82416-80A2-4D08-952F-2D26082F2978 [9728 2009-07-13] (Microsoft Windows -> Microsoft Corporation) R3 Symantec SymSnap VSS Provider; C:Windowssystem32dllhost.exe /Processid:C8C82416-80A2-4D08-952F-2D26082F2978 [9728 2009-07-13] (Microsoft Windows -> Microsoft Corporation) R3 SymSnapService; C:Program Files (x86)Norton GhostSharedDriversSymSnapServicex64.exe [2963960 2010-02-11] (Symantec Corporation -> Symantec) R2 Synology Active Backup for Business Service; C:Program Files (x86)SynologyActiveBackupforBusinessAgentserviceSynology Active Backup for Business Service.exe [3061720 2020-03-19] (Synology Inc. -> ) S2 tcsd_win32.exe; C:Program Files (x86)NTRU CryptosystemsNTRU TCG Software Stackbintcsd_win32.exe [1637888 2011-10-08] () [File not signed] R2 TeamViewer; C:Program Files (x86)TeamViewerTeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 Wave Authentication Manager Service; C:Program FilesDellDell Data ProtectionAccessAdvancedWaveAuthentication ManagerWaveAMService.exe [1679872 2012-01-05] (Wave Systems Corp.) [File not signed] S3 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 wlidsvc; C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.) S3 WvPCR; C:Program FilesDellDell Data ProtectionAccessAdvancedWaveCommonWvPCR.exe [198144 2012-01-16] (Wave Systems Corp.) [File not signed] S2 GoToMyPC; "C:Program Files (x86)CitrixGoToMyPCg2svc.exe" "Start=service" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 GenericMount; C:WindowsSystem32DRIVERSGenericMount.sys [66608 2010-02-12] (Symantec Corporation -> Symantec Corporation) R3 MEIx64; C:WindowsSystem32DRIVERSTeeDriverx64.sys [99288 2013-11-13] (Intel Corporation – Intel® Management Engine Firmware -> Intel Corporation) R0 MpFilter; C:WindowsSystem32DRIVERSMpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) S3 mvusbews; C:WindowsSystem32Driversmvusbews.sys [20480 2012-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.) R3 NisDrv; C:WindowsSystem32DRIVERSNisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) R0 symsnap; C:WindowsSystem32DRIVERSsymsnap.sys [170032 2010-02-11] (Symantec Corporation -> StorageCraft) S3 VProEventMonitor; C:WindowsSystem32DRIVERSvproeventmonitor.sys [20528 2009-09-21] (Symantec Corporation -> Symantec Corporation) S1 ESProtectionDriver; ??C:Windowssystem32driversmbae64.sys [X] S3 MBAMFarflt; ??C:Windowssystem32driversfarflt.sys [X] S3 MBAMProtection; ??C:Windowssystem32driversmbam.sys [X] S3 MBAMWebProtection; ??C:Windowssystem32driversmwac.sys [X] S3 NAVENG; ??C:Program Files (x86)Norton Internet SecurityNortonData22.5.0.124DefinitionsSDSDefs20160713.021ENG64.SYS [X] S3 NAVEX15; ??C:Program Files (x86)Norton Internet SecurityNortonData22.5.0.124DefinitionsSDSDefs20160713.021EX64.SYS [X] U2 V2iMount; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2039-03-01 16:27 – 1998-06-05 14:54 – 000026832 _____ (Microsoft Corporation) C:WindowsSysWOW64CTL3DV2.DLL 2039-03-01 16:24 – 2039-03-01 16:24 – 000000000 ____D C:Program FilesCADKEY 2020-05-31 11:04 – 2020-05-31 11:06 – 000000000 ____D C:UsersKMieleDownloadsGus 2020-05-30 15:53 – 2020-05-31 10:49 – 000000000 ____D C:ProgramDataActiveBackupforBusinessAgent 2020-05-30 15:53 – 2020-05-30 15:53 – 000001405 _____ C:UsersPublicDesktopSynology Active Backup for Business Agent.lnk 2020-05-30 15:53 – 2020-05-30 15:53 – 000001405 _____ C:ProgramDataDesktopSynology Active Backup for Business Agent.lnk 2020-05-30 15:53 – 2020-05-30 15:53 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSynology 2020-05-30 15:53 – 2020-05-30 15:53 – 000000000 ____D C:Program Files (x86)Synology 2020-05-30 15:29 – 2020-05-30 15:29 – 037969920 _____ C:UsersKMieleDownloadsSynology Active Backup for Business Agent-2.1.1-1125-x64.msi 2020-05-30 14:47 – 2020-05-30 14:47 – 000001105 _____ C:UsersGemmitiADesktopESET Online Scanner.lnk 2020-05-30 14:47 – 2020-05-30 14:47 – 000000000 ____D C:UsersGemmitiAAppDataLocalESET 2020-05-30 14:46 – 2020-05-30 14:46 – 014665312 _____ (ESET spol. s r.o.) C:UsersKMieleDownloadsesetonlinescanner.exe 2020-05-30 14:46 – 2020-05-30 14:46 – 000000000 ____D C:UsersKMieleAppDataLocalESET 2020-05-30 14:25 – 2020-05-31 11:07 – 000000000 ____D C:FRST 2020-05-29 08:12 – 2020-05-29 08:12 – 000000000 ____D C:UsersKMieleAppDataLocalF5631589-FFB7-4F02-AD42-20E544B909ED 2020-05-28 13:08 – 2020-05-28 13:08 – 000190571 _____ C:UsersKMieleDesktopABF BOL.pdf 2020-05-28 12:53 – 2020-05-28 12:58 – 000000000 ____D C:UsersKMieleAppDataRoamingFoxit Software 2020-05-28 12:53 – 2020-05-28 12:53 – 000000000 ____D C:UsersKMieleAppDataLocalLowFoxit 2020-05-28 12:51 – 2020-05-28 12:51 – 000001091 _____ C:UsersPublicDesktopFoxit PhantomPDF.lnk 2020-05-28 12:51 – 2020-05-28 12:51 – 000001091 _____ C:ProgramDataDesktopFoxit PhantomPDF.lnk 2020-05-28 12:51 – 2020-05-28 12:51 – 000000000 ____D C:UsersGemmitiAAppDataRoamingFoxit Software 2020-05-28 12:51 – 2020-05-28 12:51 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsFoxit PhantomPDF 2020-05-28 12:51 – 2020-05-28 12:51 – 000000000 ____D C:ProgramDataFoxit Software 2020-05-28 12:50 – 2020-05-28 12:50 – 000000000 ____D C:UsersPublicFoxit Software 2020-05-28 12:50 – 2020-05-28 12:50 – 000000000 ____D C:Program Files (x86)Foxit Software 2020-05-28 12:47 – 2020-05-28 12:48 – 632645472 _____ (Foxit Software Inc.) C:UsersKMieleDownloadsFoxitPhantomPDF100_enu_Setup_PPC.exe 2020-05-28 11:31 – 2020-05-28 11:31 – 000306209 _____ C:UsersKMieleDownloads8 collar instructions.pdf 2020-05-28 11:30 – 2020-05-28 11:30 – 000374045 _____ C:UsersKMieleDownloadsDS-CC quick sheet.pdf 2020-05-28 08:15 – 2020-05-28 08:15 – 000000000 ____D C:UsersKMieleAppDataLocalF0C7BAA7-3009-43DB-A497-8221090794EB 2020-05-27 08:07 – 2020-05-27 08:07 – 000000000 ____D C:UsersKMieleAppDataLocal9E81D49F-F46D-46E2-B109-1DE520F0D3E3 2020-05-26 14:10 – 2020-05-26 14:10 – 000000000 ____D C:UsersKMieleAppDataLocal3D3DB803-954F-4617-B089-1DC85BA0B8B5 2020-05-26 08:09 – 2020-05-26 08:09 – 000000000 ____D C:UsersKMieleAppDataLocal9BFC70BC-53F7-488D-B839-D418315F4A2F 2020-05-22 08:11 – 2020-05-22 08:11 – 000000000 ____D C:UsersKMieleAppDataLocal6FEC2B24-CB57-4A8A-88E3-95FA12DF797F 2020-05-21 08:09 – 2020-05-21 08:09 – 000000000 ____D C:UsersKMieleAppDataLocalD7C47DEA-A771-4BED-B39B-36A44343B4BB 2020-05-20 08:14 – 2020-05-20 08:14 – 000000000 ____D C:UsersKMieleAppDataLocal6D67C60A-5BD3-47FF-B1F3-0DE3CD8FA17B 2020-05-19 08:34 – 2020-05-19 08:34 – 000000000 ____D C:UsersKMieleAppDataLocalB6BE2DF0-9C3B-4738-BA81-41C7CA1785B4 2020-05-18 08:13 – 2020-05-18 08:13 – 000000000 ____D C:UsersKMieleAppDataLocalD76F431D-B886-4C63-B77D-7698F04D48D6 2020-05-15 08:12 – 2020-05-15 08:12 – 000000000 ____D C:UsersKMieleAppDataLocal1794CD21-455A-4269-A0EB-EEABE9CAFBDD 2020-05-14 08:11 – 2020-05-14 08:11 – 000000000 ____D C:UsersKMieleAppDataLocal3D91B3BE-87AC-4431-BEDC-FA5FE11A3BFF 2020-05-13 08:09 – 2020-05-13 08:09 – 000000000 ____D C:UsersKMieleAppDataLocalB41284BD-5D6F-438F-8519-E57588B4E09A 2020-05-12 08:15 – 2020-05-12 08:15 – 000000000 ____D C:UsersKMieleAppDataLocal6709064C-0B7B-4378-8A3B-F3321CDDED01 2020-05-11 08:09 – 2020-05-11 08:09 – 000000000 ____D C:UsersKMieleAppDataLocal87750C4F-951B-458A-8B3F-C452DEA10898 2020-05-08 08:18 – 2020-05-08 08:18 – 000000000 ____D C:UsersKMieleAppDataLocal6D5BB4FD-A712-4279-8BB3-5634D9F043CD 2020-05-07 08:16 – 2020-05-07 08:16 – 000000000 ____D C:UsersKMieleAppDataLocal3CA62EED-8774-415A-A0FF-ACB010E1860D 2020-05-06 08:14 – 2020-05-06 08:14 – 000000000 ____D C:UsersKMieleAppDataLocal4CBFBA70-F8C1-479C-BC33-3DFD6A74737E 2020-05-05 08:08 – 2020-05-05 08:08 – 000000000 ____D C:UsersKMieleAppDataLocalE418702D-7B58-4178-9C05-6363F4614083 2020-05-04 08:09 – 2020-05-04 08:09 – 000000000 ____D C:UsersKMieleAppDataLocalCC9DD8B1-3D94-4B78-9861-6B168285B939 2020-05-01 13:06 – 2020-05-01 13:06 – 000000000 ____D C:UsersKMieleAppDataLocal90D7F255-F149-4886-A401-192FE7510560 2020-05-01 08:25 – 2020-05-01 08:25 – 000000000 ____D C:UsersKMieleAppDataLocal6D35E746-E51D-4A0D-847B-C331EE6C35D0

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-31 11:05 – 2017-09-07 08:48 – 000000000 ____D C:UsersKMieleAppDataLocalDeployment 2020-05-31 10:57 – 2016-11-14 10:58 – 000000911 _____ C:WindowsTasksEPSON WF-7610 Series Update 5C8C4560-2AA2-4E44-AEF1-4B9AEDB0323F.job 2020-05-31 10:57 – 2016-11-14 10:58 – 000000725 _____ C:WindowsTasksEPSON WF-7610 Series Invitation 5C8C4560-2AA2-4E44-AEF1-4B9AEDB0323F.job 2020-05-31 10:53 – 2009-07-14 01:32 – 000000000 ____D C:Windowssystem32FxsTmp 2020-05-31 10:49 – 2017-09-06 10:29 – 000000112 _____ C:Windowssystem32confignetlogon.ftl 2020-05-31 10:49 – 2009-07-13 23:20 – 000000000 ____D C:WindowsRegistration 2020-05-31 04:37 – 2015-08-04 14:19 – 000000504 _____ C:WindowsTasksG2MUpdateTask-S-1-5-21-302665900-850237627-724062673-1000.job 2020-05-31 04:25 – 2016-08-22 14:25 – 000000911 _____ C:WindowsTasksEPSON WF-7610 Series Update 39C1617B-E859-4EF3-B298-7E9FB6CA08E0.job 2020-05-31 04:25 – 2016-08-22 14:25 – 000000725 _____ C:WindowsTasksEPSON WF-7610 Series Invitation 39C1617B-E859-4EF3-B298-7E9FB6CA08E0.job 2020-05-31 04:22 – 2016-11-14 10:22 – 000000911 _____ C:WindowsTasksEPSON WF-7610 Series Update FF28E7AF-4CCD-468C-A99D-00F55294ED94.job 2020-05-31 04:22 – 2016-11-14 10:22 – 000000725 _____ C:WindowsTasksEPSON WF-7610 Series Invitation FF28E7AF-4CCD-468C-A99D-00F55294ED94.job 2020-05-31 04:14 – 2009-07-14 00:45 – 000034832 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-05-31 04:14 – 2009-07-14 00:45 – 000034832 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-05-31 04:13 – 2016-11-14 10:14 – 000000911 _____ C:WindowsTasksEPSON WF-7610 Series Update F041DFFD-6EE2-46E8-AF61-EDAD1E811B30.job 2020-05-31 04:13 – 2016-11-14 10:14 – 000000725 _____ C:WindowsTasksEPSON WF-7610 Series Invitation F041DFFD-6EE2-46E8-AF61-EDAD1E811B30.job 2020-05-30 15:53 – 2017-09-06 10:35 – 000001415 _____ C:UsersKMieleAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Explorer.lnk 2020-05-30 15:47 – 2020-01-07 13:47 – 000000000 ____D C:UsersKMieleDesktopACCURATE I-backup2019.zip 2020-05-30 15:32 – 2015-08-04 14:19 – 000000600 _____ C:WindowsTasksG2MUploadTask-S-1-5-21-302665900-850237627-724062673-1000.job 2020-05-30 14:26 – 2009-07-14 01:13 – 000804870 _____ C:Windowssystem32PerfStringBackup.INI 2020-05-30 14:26 – 2009-07-13 23:20 – 000000000 ____D C:Windowsinf 2020-05-30 14:24 – 2017-09-06 10:35 – 000000000 __SHD C:UsersKMieleIntelGraphicsProfiles 2020-05-30 14:18 – 2018-03-29 14:38 – 000000000 ____D C:Program Files (x86)TeamViewer 2020-05-30 14:18 – 2009-07-14 01:08 – 000000006 ____H C:WindowsTasksSA.DAT 2020-05-29 15:32 – 2013-01-22 10:56 – 000004096 ___SH C:VSNAP.IDX 2020-05-29 14:29 – 2018-08-01 10:16 – 000000000 ____D C:UsersKMieleAppDataLocalCutePDF Writer 2020-05-29 12:38 – 2018-03-12 10:20 – 000000000 ____D C:scans 2020-05-28 12:51 – 2015-10-14 08:59 – 000000000 ____D C:ProgramDataPackage Cache 2020-05-26 12:19 – 2017-09-06 10:38 – 000000000 ____D C:UsersGemmitiA 2020-05-26 08:21 – 2016-12-05 21:15 – 000002061 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAcrobat Reader DC.lnk 2020-05-26 08:09 – 2018-06-20 10:35 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft 2020-05-26 08:08 – 2012-08-15 00:57 – 000000000 ____D C:Program Files (x86)Microsoft Office 2020-05-26 08:08 – 2009-07-14 00:45 – 000454456 _____ C:Windowssystem32FNTCACHE.DAT 2020-05-21 21:37 – 2014-12-08 14:04 – 000002226 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk 2020-05-21 21:37 – 2014-12-08 14:04 – 000002185 _____ C:UsersPublicDesktopGoogle Chrome.lnk 2020-05-21 21:37 – 2014-12-08 14:04 – 000002185 _____ C:ProgramDataDesktopGoogle Chrome.lnk 2020-05-13 03:02 – 2017-09-06 09:53 – 000000000 ____D C:Windowssystem32MRT 2020-05-13 03:00 – 2017-09-06 09:52 – 120636720 ____C (Microsoft Corporation) C:Windowssystem32MRT.exe 2020-05-12 15:28 – 2017-09-06 11:20 – 000000000 ____D C:UsersKMieleAppDataLocalCrashDumps 2020-05-12 14:10 – 2012-08-15 00:39 – 000842296 _____ (Adobe) C:WindowsSysWOW64FlashPlayerApp.exe 2020-05-12 14:10 – 2012-08-15 00:39 – 000175160 _____ (Adobe) C:WindowsSysWOW64FlashPlayerCPLApp.cpl 2020-05-12 14:10 – 2012-08-15 00:39 – 000004312 _____ C:Windowssystem32TasksAdobe Flash Player Updater 2020-05-12 14:10 – 2012-08-15 00:39 – 000000000 ____D C:WindowsSysWOW64Macromed 2020-05-12 14:10 – 2012-08-15 00:39 – 000000000 ____D C:Windowssystem32Macromed 2020-05-09 15:53 – 2017-11-09 15:54 – 000003166 _____ C:Windowssystem32TasksOneDrive Standalone Update Task-S-1-5-21-928097801-345109163-1125972616-1107 2020-05-09 15:53 – 2017-11-08 09:40 – 000002160 _____ C:UsersKMieleAppDataRoamingMicrosoftWindowsStart MenuProgramsMicrosoft OneDrive.lnk 2020-05-09 15:53 – 2017-11-08 09:40 – 000000000 ___RD C:UsersKMieleOneDrive 2020-05-05 13:29 – 2019-08-27 10:09 – 000000000 _____ C:UsersKMieleDocuments63aa4421-cdd9-4382-b7e9-8150eac235f3

==================== Files in the root of some directories ========

2013-04-14 11:36 – 2013-04-14 11:36 – 001393736 _____ (Citrix Online, a division of Citrix Systems, Inc.) C:UsersKMgotomypc_635.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-05-27 00:31 ==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2020 01 Ran by GemmitiA (31-05-2020 11:08:21) Running from C:UsersKMieleDownloadsGus Windows 7 Professional Service Pack 1 (X64) (2013-01-09 14:03:01) Boot Mode: Normal ==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-302665900-850237627-724062673-500 – Administrator – Disabled) Guest (S-1-5-21-302665900-850237627-724062673-501 – Limited – Enabled) KM (S-1-5-21-302665900-850237627-724062673-1000 – Administrator – Enabled) => C:UsersKM scans (S-1-5-21-302665900-850237627-724062673-1001 – Administrator – Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled – Up to date) 71A27EC9-3DA6-45FC-60A7-004F623C6189 AS: Microsoft Security Essentials (Enabled – Up to date) CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34 AS: Windows Defender (Disabled – Out of date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 6.0 Sprint (HKLM-x32…ACF60000-22B9-4CE9-98D6-2CCF359BAC07) (Version: 6.00.1395.4512 – ABBYY Software House) Actian PSQL v13 Workgroup (HKLM-x32…A3238D7-AB32-1330-B717-F3E3F18B4A8C) (Version: 13.31.005 – Actian Corporation) Hidden Actian PSQL v13 Workgroup R2 (HKLM-x32…Actian PSQL v13 Workgroup) (Version: 13.31.005 – Actian Corporation) Adobe Acrobat Reader DC (HKLM-x32…AC76BA86-7AD7-1033-7B44-AC0F074E4100) (Version: 20.009.20065 – Adobe Systems Incorporated) Adobe Flash Player 32 ActiveX (HKLM-x32…Adobe Flash Player ActiveX) (Version: 32.0.0.371 – Adobe) BioAPI Framework (HKLM…9DAED4FC-2B0E-4F3F-8141-F2ABF02CCFCB) (Version: 1.0.2 – Dell Inc.) Hidden Bonjour (HKLM…B91110FB-33B4-468B-90C2-4D5E8AE3FAE1) (Version: 2.0.2.0 – Apple Inc.) BUFFALO NAS Navigator2 (HKLM-x32…UN060501) (Version:  – ) Cisco WebEx Meetings (HKLM-x32…ActiveTouchMeetingClient) (Version:  – Cisco WebEx LLC) Citrix Online Launcher (HKLM-x32…DB014C85-A264-4BCA-A66F-6DD1FCF8EC36) (Version: 1.0.335 – Citrix) Compatibility Pack for the 2007 Office system (HKLM-x32…90120000-0020-0409-0000-0000000FF1CE) (Version: 12.0.6612.1000 – Microsoft Corporation) Crystal Reports 2008 Runtime SP1 (HKLM-x32…C484CC8D-03CF-4022-89C4-DB4F02E8A15B) (Version: 12.1.0.882 – Business Objects) Custom (HKLM…7206B668-FEE0-455B-BB1F-9B5A2E0EC94A) (Version: 01.00.00.000 – Wave Systems Corp.) Hidden CutePDF Writer 3.2 (HKLM…CutePDF Writer Installation) (Version:  3.2 – Acro Software Inc.) D3DX10 (HKLM-x32…E09C4DB7-630C-4F06-A631-8EA7239923AF) (Version: 15.4.2368.0902 – Microsoft) Hidden Dell Client System Update (HKLM-x32…2B2B45B1-3CA0-4F8D-BBB3-AC77ED46A0FE) (Version: 1.2.3 – Dell Inc.) Dell Data Protection | Access (HKLM…ABBA2EA4-740E-4052-902B-9CA70B081E3F) (Version: 2.2.00001.001 – Dell Inc.) Dell Edoc Viewer (HKLM…8EBA8727-ADC2-477B-9D9A-1A1836BE4E05) (Version: 1.0.0 – Dell Inc) Dell System Detect (HKUS-1-5-21-928097801-345109163-1125972616-1104…d24084d039586cae) (Version: 8.8.0.1 – Dell) DellAccess (HKLM…F839C6BD-E92E-48FA-9CE6-7BFAF94F7096) (Version: 01.01.00.104 – Wave Systems Corp.) Hidden DYMO Label (HKLM-x32…2C8F4C88-E015-4D55-AB5A-ABD1C53C1B71) (Version: 8.6.710.0 – Newell Rubbermaid) EMBASSY Client Core (HKLM…5F5CBF39-BD29-43C8-B63A-B9758F0FD090) (Version: 01.01.00.036 – Wave Systems Corp.) Hidden Epson Connect Printer Setup (HKLM-x32…D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C) (Version: 1.3.0 – SEIKO EPSON CORPORATION) Epson Copy Utility 3.4 (HKLM-x32…AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD) (Version: 3.4.0.0 – ) Epson Customer Participation (HKLM…814FA673-A085-403C-9545-747FC1495069) (Version: 1.7.0.0 – SEIKO EPSON CORPORATION) Epson Event Manager (HKLM-x32…116DBCAF-9544-4592-9156-AC99F6C2D426) (Version: 3.10.0016 – Seiko Epson Corporation) Epson FAX Utility (HKLM-x32…CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A) (Version: 1.51.00 – SEIKO EPSON CORPORATION) EPSON GT-1500 User's Guide (HKLM-x32…Silent Package Run-Time Sample) (Version:  – ) Epson PC-FAX Driver (HKLM-x32…EPSON PC-FAX Driver 2) (Version:  – ) EPSON Print CD (HKLM-x32…FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4) (Version: 1.50.000 – ) EPSON Printer Software (HKLM…EPSON Printer and Utilities) (Version:  – ) EPSON Scan (HKLM-x32…EPSON Scanner) (Version:  – Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32…563B99D8-8895-4E3E-AE8D-15BE8C05F1C1) (Version: 2.30.00 – SEIKO EPSON Corp.) EPSON Scan PDF EXtensions (HKLM-x32…F9956472-6E16-4F83-BF9A-F887EF4A45B7) (Version: 1.00.0000 – SEIKO EPSON Corp.) EPSON WF-7610 Series Printer Uninstall (HKLM…EPSON WF-7610 Series) (Version:  – SEIKO EPSON Corporation) Epson WF-7610 User’s Guide version 1.0 (HKLM-x32…UsersGuideEpson WF-7610 User’s Guide_is1) (Version: 1.0 – ) EpsonNet Print (HKLM-x32…3E31400D-274E-4647-916C-2CACC3741799) (Version: 2.6.0 – SEIKO EPSON CORPORATION) Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32…AC76BA86-7AD7-2530-0000-AC0F074E4100) (Version: 15.007.20033 – Adobe Systems Incorporated) Foxit PhantomPDF (HKLM-x32…60f0af00-8a56-11ea-ac63-54bf64a63c26) (Version: 10.0.0.35798 – Foxit Software Inc.) Hidden Foxit PhantomPDF (HKLM-x32…deb2552c-f9a9-498e-990d-b1f599ff15a1) (Version: 10.0.0.35798 – Foxit Software Inc.) Gemalto (HKLM…91CE5F03-3A2A-4268-935A-04944F058AE9) (Version: 01.64.01.0010 – Wave Systems Corp) Hidden Google Chrome (HKLM-x32…Google Chrome) (Version: 83.0.4103.61 – Google LLC) Google Update Helper (HKLM-x32…60EC980A-BDA2-4CB6-A427-B07A5498B4CA) (Version: 1.3.35.451 – Google LLC) Hidden Google Update Helper (HKLM-x32…A92DAB39-4E2C-4304-9AB6-BC44E68B55E2) (Version: 1.3.25.11 – Google Inc.) Hidden HP LaserJet Professional P1100-P1560-P1600 Series (HKLM…HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  – ) hppLaserJetService (HKLM-x32…D371F551-0DB9-4CEC-844B-4C90CE91EA0B) (Version: 001.001.0.0 – Hewlett-Packard) Hidden hppP1100P1560P1600SeriesLaserJetService (HKLM-x32…E448256-D515-4C3E-A5BE-0A7B76CED5D4) (Version: 001.001.0.0 – Hewlett-Packard) Hidden hppusgP1100P1560P1600Series (HKLM-x32…853F464A-B2B8-404E-BA3E-B98FF6862C41) (Version: 1.0.0.1 – Hewlett-Packard) Hidden HPSSupply (HKLM-x32…7902E313-FF0F-4493-ACB1-A8147B78DCD0) (Version: 2.1.1.0000 – Hewlett Packard Development Company L.P.) Intel® Control Center (HKLM-x32…F8A9085D-4C7A-41a9-8A77-C8998A96C421) (Version: 1.2.1.1007 – Intel Corporation) Intel® Management Engine Components (HKLM-x32…65153EA5-8B6E-43B6-857B-C6E4FC25798A) (Version: 9.5.15.1730 – Intel Corporation) Intel® Network Connections 16.8.45.00 (HKLM…PROSetDX) (Version: 16.8.45.00 – Dell) Intel® Processor Graphics (HKLM-x32…F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA) (Version: 10.18.10.4425 – Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32…3E29EE6C-963A-4aae-86C1-DC237C4A49FC) (Version: 11.0.0.1032 – Intel Corporation) Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32…240C3DDD-C5E9-4029-9DF7-95650D040CF2) (Version: 1.0.4.220 – Intel Corporation) Junk Mail filter update (HKLM-x32…1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden KONICA MINOLTA C759_C658_C368_C287_C3851Series (HKLM…KONICA MINOLTA C759_C658_C368_C287_C3851Series Installer) (Version:  – KONICA MINOLTA) LiveUpdate 3.2 (Symantec Corporation) (HKLM-x32…LiveUpdate) (Version: 3.2.0.68 – Symantec Corporation) MarketResearch (HKLM-x32…175F0111-2968-4935-8F70-33108C6A4DE3) (Version: 130.0.374.000 – Hewlett-Packard) Hidden Mesh Runtime (HKLM-x32…8C6D6116-B724-4810-8F2D-D047E6B7D68E) (Version: 15.4.5722.2 – Microsoft Corporation) Hidden Microsoft .NET Framework 4.8 (HKLM…92FB6C44-E685-45AD-9B20-CADF4CABA132 – 1033) (Version: 4.8.03761 – Microsoft Corporation) Microsoft ASP.NET MVC 2 (HKLM-x32…DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244) (Version: 2.0.60926.0 – Microsoft Corporation) Microsoft Office 365 – en-us (HKLM…O365HomePremRetail – en-us) (Version: 16.0.12527.20612 – Microsoft Corporation) Microsoft OneDrive (HKU.DEFAULT…OneDriveSetup.exe) (Version: 17.3.6743.1212 – Microsoft Corporation) Microsoft OneDrive (HKUS-1-5-21-928097801-345109163-1125972616-1104…OneDriveSetup.exe) (Version: 17.3.6743.1212 – Microsoft Corporation) Microsoft OneDrive (HKUS-1-5-21-928097801-345109163-1125972616-1107…OneDriveSetup.exe) (Version: 20.052.0311.0011 – Microsoft Corporation) Microsoft Security Essentials (HKLM…Microsoft Security Client) (Version: 4.10.209.0 – Microsoft Corporation) Microsoft Silverlight (HKLM…89F4137D-6C26-4A84-BDB8-2E5A4BB71E00) (Version: 5.1.50918.0 – Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32…F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8) (Version: 3.1.0000 – Microsoft Corporation) Microsoft SQL Server Compact 4.0 x64 ENU (HKLM…8424B163-D1E0-48B7-88A2-C7A61767B3D7) (Version: 4.0.8482.1 – Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32…710f4c1c-cc18-4c49-8cbf-51240c89a1a2) (Version: 8.0.61001 – Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32…837b34e3-7c30-493c-8f6a-2b0f04e2912c) (Version: 8.0.59193 – Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…71c9b48-7c32-4621-a0ac-3f809523288f) (Version: 8.0.56336 – Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…ad8a2fa1-06e7-4b0d-927d-6e54b3d31028) (Version: 8.0.61000 – Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…8220EEFE-38CD-377E-8595-13398D740ACE) (Version: 9.0.30729 – Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…9A25302D-30C0-39D9-BD6F-21E6EC160475) (Version: 9.0.30729 – Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…1F1C2DFC-2D24-3E06-BCB8-725134ADF989) (Version: 9.0.30729.4148 – Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation) Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation) Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…ca67548a-5ebe-413a-b50c-4b9ceb6d66c6) (Version: 11.0.61030.0 – Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.50727 (HKLM-x32…22154f09-719a-4619-bb71-5b3356999fbf) (Version: 11.0.50727.1 – Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…33d1fd90-4274-48a1-9bc1-97e33d9c2d6f) (Version: 11.0.61030.0 – Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.21005 (HKLM-x32…7f51bdb9-ee21-49ee-94d6-90afc321780e) (Version: 12.0.21005.1 – Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.40660 (HKLM-x32…ef6b00ec-13e1-4c25-9064-b2f383cb8412) (Version: 12.0.40660.0 – Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.21005 (HKLM-x32…ce085a78-074e-4823-8dc1-8a721b94b76d) (Version: 12.0.21005.1 – Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.40660 (HKLM-x32…61087a79-ac85-455c-934d-1fa22cc64f36) (Version: 12.0.40660.0 – Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) – 14.11.25325 (HKLM-x32…6c6356fe-cbfa-4944-9bed-a9e99f45cb7a) (Version: 14.11.25325.0 – Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) – 14.11.25325 (HKLM-x32…404c9c27-8377-4fd1-b607-7ca635db4e49) (Version: 14.11.25325.0 – Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM…Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 – Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32…86493ADD-824D-4B8E-BD72-8C5DCDC52A71) (Version: 4.20.9870.0 – Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32…F662A8E6-F4DC-41A2-901E-8C11F044BDEC) (Version: 4.20.9876.0 – Microsoft Corporation) Norton Ghost (HKLM-x32…B0255743-165B-4BD5-8DA8-37DFB9930015) (Version: 15.0.1.36526 – Symantec Corporation) NTRU TCG Software Stack (HKLM…E9A97832-83B6-42B6-BAC6-492E344C2561) (Version: 2.1.37 – Security Innovation, Inc.) Hidden Office 16 Click-to-Run Extensibility Component (HKLM-x32…90160000-008C-0000-0000-0000000FF1CE) (Version: 16.0.12527.20278 – Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM…90160000-00DD-0000-1000-0000000FF1CE) (Version: 16.0.12527.20278 – Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM…90160000-008F-0000-1000-0000000FF1CE) (Version: 16.0.12527.20612 – Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32…90160000-008C-0409-0000-0000000FF1CE) (Version: 16.0.12527.20278 – Microsoft Corporation) Hidden PaperPort Image Printer 64-bit (HKLM…ABA4FAF1-6389-45F9-92CE-3914A4E5C471) (Version: 1.00.0000 – Nuance Communications, Inc.) PC-CCID (HKLM…3DCDFCDB-4D96-4CF0-9BB3-C91DAE9073F3) (Version: 2.0.0 – Gemalto) Hidden Preboot Manager (HKLM…3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6) (Version: 03.03.00.090 – Wave Systems Corp.) Hidden Private Information Manager (HKLM…B0A2153-58A6-4244-B458-25EDF5FCD809) (Version: 07.01.00.030 – Wave Systems Corp.) Hidden RAIDar 4.3.8 (HKLM-x32…1381-5408-0515-7060) (Version: 4.3.8 – Netgear Inc.) Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.5907 – Realtek Semiconductor Corp.) Sage 50 Accounting 2013 (HKLM-x32…1768BEA4-3469-45FB-8EFB-6742E1C0E86F) (Version: 20.00.00 – Sage Software, Inc.) Hidden Sage 50 Accounting 2014 (HKLM-x32…D2ADA6F5-F155-4A37-87CA-599E81F6C6C0) (Version: 21.00.00 – Sage Software, Inc.) Hidden Sage 50 Accounting 2015 (HKLM-x32…F3A0C9F5-77DD-4DE2-A2DF-7DB0687BA092) (Version: 22.02.00 – Sage Software, Inc.) Hidden Sage 50 Accounting 2016 (HKLM-x32…A0D9DC3A-156B-4785-9C7B-43DAC2D662A6) (Version: 23.00.00 – Sage Software, Inc.) Hidden Sage 50 Accounting 2017 (HKLM-x32…6A4CCB61-447D-432E-B56A-7D5D7626E7B5) (Version: 24.01.01 – Sage Software, Inc.) Hidden Sage 50 Accounting 2018 (HKLM-x32…FC7C07F7-E985-41D9-8A4F-709CE035D446) (Version: 25.00.00 – Sage Software, Inc.) Hidden Sage 50 Accounting 2019 (HKLM-x32…555A9126-7983-44D6-9D76-F4731B19B925) (Version: 26.01.00 – Sage Software, Inc.) Hidden Sage 50 Accounting 2020 (HKLM-x32…068FE61-EBAA-4F22-9D76-479DCBA14513) (Version: 27.00.00 – Sage Software, Inc.) Hidden Sage 50 Accounting 2020 (HKLM-x32…InstallShield_0068FE61-EBAA-4F22-9D76-479DCBA14513) (Version: 27.00.00 – Sage Software, Inc.) Sage 50 Accounting Tax Forms (HKLM-x32…BA1EF4A7-AB67-492B-9C7D-4AEE43F5A3C6) (Version: 18.4.23 – Sage Software SB, Inc.) Hidden Sage 50 Accounting Update (HKLM-x32…016E8A4-03D0-4EBC-B927-6D51CD42C9D6) (Version: 19.01.001 – Sage Software, Inc.) Hidden Sage 50 Accounting Update (HKLM-x32…08A1E2E-2E39-42C7-8E5B-F2D8F4561EAA) (Version: 19.01.001 – Sage Software, Inc.) Hidden Sage 50 Accounting Update (HKLM-x32…3B37DB84-9E4E-4424-B83D-12C112520642) (Version: 19.01.001 – Sage Software, Inc.) Hidden Sage 50 Accounting Update (HKLM-x32…4E1146C8-A878-4197-A631-2F3C472DE5CC) (Version: 19.01.001 – Sage Software, Inc.) Hidden Sage 50 Accounting Update (HKLM-x32…5AB7FDBD-4A2E-4264-BB76-57A71200DD4A) (Version: 19.01.001 – Sage Software, Inc.) Hidden Sage 50 Accounting Update (HKLM-x32…6BCE889D-6AE2-4795-A90D-5BCCF04314A0) (Version: 19.01.001 – Sage Software, Inc.) Hidden Sage 50 Accounting Update (HKLM-x32…73AFBAE1-95F3-4598-8223-BAAE31675C90) (Version: 19.01.001 – Sage Software, Inc.) Hidden Sage 50 Accounting Update (HKLM-x32…FC9CD015-1E98-4A8B-94A7-99032706FB71) (Version: 19.01.001 – Sage Software, Inc.) Hidden Sage 50 Accounting Update (HKLM-x32…FD6B5B7C-EFD9-43B0-967B-828B89D7D273) (Version: 19.01.001 – Sage Software, Inc.) Hidden Sage 50 Payroll Sync Wizard (HKLM-x32…B3B149E0-51F9-4D82-9648-8A2D22281B21) (Version: 1.6.0.0002 – Sage Software, Inc.) Hidden Sage 50 Payroll Sync Wizard (HKLM-x32…InstallShield_B3B149E0-51F9-4D82-9648-8A2D22281B21) (Version: 1.6.0.0002 – Sage Software, Inc.) Sage 50 Payroll Sync Wizard 2.x (HKLM-x32…499B5712-AB99-4D5A-9E5F-967D92976E33) (Version: 2.6.0.0007 – Sage Software, Inc.) Hidden Sage 50 Payroll Sync Wizard 2.x (HKLM-x32…InstallShield_499B5712-AB99-4D5A-9E5F-967D92976E33) (Version: 2.6.0.0007 – Sage Software, Inc.) Sage Integration Services (HKLM-x32…Integration Services) (Version: 2.2.2240 – Sage Technology) SageDataExchangeAdapters (HKLM-x32…E6F432FF-49C9-4313-B00F-329B0E13F184) (Version: 1.01.0000 – Sage Software, Inc.) SAP Crystal Reports runtime engine for .NET Framework 4 (32-bit) (HKLM-x32…AAD476D7-FC64-40BC-85EA-0C1FD98D8375) (Version: 13.0.3.612 – SAP) ScanSoft PaperPort 11 (HKLM-x32…DEA18FF6-D84A-4242-9663-692E5BA56805) (Version: 11.1.0000 – Nuance Communications, Inc.) Seagate Dashboard (HKLM-x32…EA266F00-A8E7-43A0-8DED-FBFE3F076934) (Version: 4.2.002.0 – Seagate) Software Updater (HKLM-x32…E1BAD1BA-C0E8-4018-9281-E7D2C6B07474) (Version: 4.3.6 – SEIKO EPSON CORPORATION) SPBA 5.9 (HKLM…2EECD5EF-5095-467C-B80C-4AB3096EFD60) (Version: 5.9.4.6901 – UPEK Inc.) Hidden Synology Active Backup for Business Agent (HKLM-x32…81B35851-2C23-4881-BD2C-EB7BA20D0FDA) (Version: 2.1.1125 – Synology) TeamViewer (HKLM-x32…TeamViewer) (Version: 15.2.2756 – TeamViewer) toolkit32for64bit (HKLM-x32…703BB500-F54C-4F33-9D3C-D7A28CEAFBCF) (Version: 7.67.47.0000 – Wave Systems Corp) Hidden Trusted Drive Manager (HKLM…6AC87FB3-ACFC-4416-890C-8976D5A9B371) (Version: 4.5.0.136 – Wave Systems Corp.) Hidden Upek Touchchip Fingerprint Reader (HKLM…4E60E212-3177-4B16-BCB3-616CCC52357D) (Version: 1.2.004 – Dell Inc.) Hidden Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32…Visual Studio Tools for the Office system 3.0 Runtime) (Version:  – Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32…8FB53850-246A-3507-8ADE-0060093FFEA6.KB949258) (Version: 1 – Microsoft Corporation) Wave Crypto Runtime 2.0.7.0 x86 (HKLM-x32…8C0600A3-E772-4FC8-A67D-ED110E69665C) (Version: 02.00.07.0000 – Wave Systems Corp) Hidden Wave Infrastructure Installer (HKLM…30C2392C-C7D6-4FE2-9617-05D2C6E9D3EE) (Version: 07.67.60.0020 – Wave Systems Corp) Hidden Wave Support Software Installer (HKLM…7D618CD-B016-438A-ADC9-A75BD23F85CE) (Version: 05.13.00.051 – Wave Systems Corp) Hidden Windows Driver Package – Dell Inc. PBADRV System  (09/11/2009 1.0.1.6) (HKLM…9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 – Dell Inc.) Windows Live Essentials (HKLM-x32…WinLiveSuite) (Version: 15.4.3508.1109 – Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32…2902F983-B4C1-44BA-B85D-5C6D52E2C441) (Version: 15.4.5722.2 – Microsoft Corporation) WizTree v3.21 (HKLM…WizTree_is1) (Version:  – Antibody Software) WorkForce GT-1500 Scanner Driver Update (HKLM-x32…37D0F29D-AB95-4598-ACF0-D3CC38C161D9) (Version:  – )

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-928097801-345109163-1125972616-1107_ClassesCLSID162C6FB5-44D3-435B-903D-E613FA093FB5InprocServer32 -> C:UsersKMieleAppDataLocalMicrosoftOneDrive17.3.6743.1212amd64FileCoAuthLib64.dll => No File ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> 30D3C2AF-9709-4D05-9CF4-13335F3C1E4A => C:Program FilesDellDell Data ProtectionAccessAdvancedWaveTrusted Drive ManagerTdmIconOverlay.dll [2011-12-08] (Wave Systems Corp. -> Wave Systems Corp.) ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> CF08DA3E-C97D-4891-A66B-E39B28DD270F => C:Program FilesDellDell Data ProtectionAccessAdvancedWaveTrusted Drive ManagerTdmIconOverlay.dll [2011-12-08] (Wave Systems Corp. -> Wave Systems Corp.) ContextMenuHandlers1: [EPP] -> 09A47860-11B0-4DA5-AFA5-26D86198A780 => C:Program FilesMicrosoft Security Clientshellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [Foxit_ConvertToPDF] -> C5269811-4A29-4818-A4BB-111F9FC63A5F => C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsConvertToPDFShellExtension_x64.dll [2020-04-22] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers2: [EPP] -> 09A47860-11B0-4DA5-AFA5-26D86198A780 => C:Program FilesMicrosoft Security Clientshellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [EPP] -> 09A47860-11B0-4DA5-AFA5-26D86198A780 => C:Program FilesMicrosoft Security Clientshellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [igfxcui] -> 3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4 => C:Windowssystem32igfxpph.dll -> No File ContextMenuHandlers5: [igfxDTCM] -> 9B5F5829-A529-4B12-814A-E81BCB8D93FC => C:Windowssystem32igfxDTCM.dll [2016-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [Foxit_ConvertToPDF] -> C5269811-4A29-4818-A4BB-111F9FC63A5F => C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsConvertToPDFShellExtension_x64.dll [2020-04-22] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription__FilterToConsumerBinding->CommandLineEventConsumer.Name="BVTConsumer"",Filter="__EventFilter.Name="BVTFilter":: WMI:subscription__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA « Win32_Processor » AND TargetInstance.LoadPercentage > 99] WMI:subscriptionCommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\tools\kernrate]

==================== Loaded Modules (Whitelisted) =============

2012-08-15 00:49 – 2011-11-29 21:00 – 000059392 _____ ( () [File not signed]) [File is in use ] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIsdiInterop.dll 2017-05-09 19:47 – 2017-05-09 19:47 – 000484352 _____ ( (DYMO Corporation) [File not signed]) [File is in use ] C:Program Files (x86)DYMODYMO Label SoftwarePrintingSupportLibrary.dll 2009-06-24 10:57 – 2009-06-24 10:57 – 000029696 _____ ( (HP) [File not signed]) [File is in use ] C:Program Files (x86)HPHPLaserJetServiceDebugLogger.dll 2009-06-24 10:57 – 2009-06-24 10:57 – 000032768 _____ ( (HP) [File not signed]) [File is in use ] C:Program Files (x86)HPHPLaserJetServiceHPHTTPProxy.dll 2009-06-24 10:57 – 2009-06-24 10:57 – 000031744 _____ ( (HP) [File not signed]) [File is in use ] C:Program Files (x86)HPHPLaserJetServiceHPServiceCommunicator.dll 2012-08-15 00:49 – 2011-11-29 21:00 – 000175616 _____ ( (Intel Corporation) [File not signed]) [File is in use ] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorUIHelper.dll 2012-08-15 00:49 – 2011-11-29 21:00 – 001319424 _____ ( (Intel Corporation) [File not signed]) [File is in use ] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIntelVisualDesign.dll 2019-03-27 23:48 – 2019-03-27 23:48 – 000115200 _____ ( (Microsoft Corporation) [File not signed]) [File is in use ] C:WindowsMicrosoft.NetassemblyGAC_32System.EnterpriseServicesv4.0_4.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.Wrapper.dll 2013-01-12 04:09 – 2013-01-12 04:09 – 000225280 _____ ( (Microsoft Corporation) [File not signed]) [File is in use ] C:WindowsWinSxSx86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57msvcm90.dll 2016-12-13 09:54 – 2016-12-13 09:54 – 000687616 _____ ( (Microsoft) [File not signed]) [File is in use ] C:WindowsassemblyGAC_32Sage.Central.AutoUpdateManager1.0.0.0__021b26c6762d83c5Sage.Central.AutoUpdateManager.dll 2011-10-08 23:56 – 2011-10-08 23:56 – 000003072 _____ () [File not signed] C:Program Files (x86)NTRU CryptosystemsNTRU TCG Software StackbinTspPopup_ENU.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 022937305 _____ () [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentuiuiicudt53.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 002831013 _____ () [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentuiuiicuin53.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 001726380 _____ () [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentuiuiicuuc53.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 000075264 _____ () [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentuiuilibgcc_s_seh-1.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 001426432 _____ () [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentuiuilibstdc++-6.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 000622080 _____ () [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentuiuiplatformsqwindows.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 000354304 _____ () [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentuiuisynocat-qt.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 000117248 _____ () [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentuiuizlib1.dll 2019-05-16 03:30 – 2019-05-16 03:30 – 000172032 _____ () [File not signed] C:WindowsassemblyNativeImages_v2.0.50727_32IsdiInterop72942022d04b079ab54528d7acd76660IsdiInterop.ni.dll 2006-12-08 16:41 – 2012-08-15 00:53 – 000239104 _____ () [File not signed] C:Windowssystem32BIOAPI_MDS300.dll 2006-12-08 16:42 – 2012-08-15 00:53 – 000155136 _____ () [File not signed] C:Windowssystem32BioAPI100.dll 2011-11-07 08:55 – 2011-11-07 08:55 – 000094720 _____ () [File not signed] C:Windowssystem32Wavx_ESC_Logging.dll 2005-09-07 13:03 – 2005-09-07 13:03 – 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:Program Files (x86)ScanSoftPaperPortblicectr.dll 2013-01-09 11:55 – 2009-05-15 06:36 – 000196608 ____R (BUFFALO INC.) [File not signed] C:Program Files (x86)BUFFALONASNAVInasdmn.dll 2013-01-09 11:55 – 2012-02-21 11:57 – 000323584 ____R (BUFFALO INC.) [File not signed] C:Program Files (x86)BUFFALONASNAVInasexo.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 004530176 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentuiuiQt5Core.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 003574784 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentuiuiQt5Gui.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 001303552 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentuiuiQt5Network.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 005441536 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentuiuiQt5Widgets.dll 2020-04-29 09:31 – 2020-04-29 09:31 – 000693760 _____ (Foxit) [File not signed] C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFPluginsphc.dll 2013-01-09 12:55 – 2008-05-07 20:59 – 000099840 _____ (Hewlett-Packard Corporation) [File not signed] C:Windowssystem32spoolPRTPROCSx64hpzpplhn.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 000591360 _____ (Hystax) [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentservicevsstracker_x64.dll 2019-05-16 03:30 – 2019-05-16 03:30 – 000014336 _____ (Intel Corp.) [File not signed] C:WindowsassemblyNativeImages_v2.0.50727_32IAStorCommon2c124842f2740267d4146b4211b412a0IAStorCommon.ni.dll 2012-08-15 00:49 – 2011-11-29 20:41 – 000278016 _____ (Intel Corporation) [File not signed] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyISDI.dll 2012-08-15 00:52 – 2012-02-27 04:59 – 000073728 _____ (Intel Corporation) [File not signed] C:Program Files (x86)IntelIntel® USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.dll 2020-01-15 04:27 – 2020-01-15 04:27 – 000225280 _____ (Intel Corporation) [File not signed] C:WindowsassemblyNativeImages_v2.0.50727_32IAStorDataMgrc64c05bf09fe8c421829cca89b51f547IAStorDataMgr.ni.dll 2020-01-15 04:27 – 2020-01-15 04:27 – 000487424 _____ (Intel Corporation) [File not signed] C:WindowsassemblyNativeImages_v2.0.50727_32IAStorUtil432a39402d23f6e21a6887900c7b573eIAStorUtil.ni.dll 2018-03-12 10:00 – 2017-07-04 12:16 – 000016896 _____ (KONICA MINOLTA, INC.) [File not signed] C:WindowsSystem32KOAXTJ_L.DLL 2009-07-13 20:35 – 2015-10-30 03:17 – 000283648 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32spoolDRIVERSx643FXSAPI.DLL 2009-07-13 20:36 – 2015-10-30 03:17 – 000032256 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32spoolDRIVERSx643FXSDRV.DLL 2009-07-13 21:19 – 2015-10-30 03:17 – 007299072 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32spoolDRIVERSx643FXSRES.DLL 2009-07-13 20:35 – 2015-10-30 03:17 – 000412672 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32spoolDRIVERSx643FXSTIFF.dll 2009-07-13 20:36 – 2015-10-30 03:17 – 000143360 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32spoolDRIVERSx643FXSUI.DLL 2009-07-13 20:36 – 2015-10-30 03:17 – 000139264 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32spoolDRIVERSx643FXSWZRD.dll 2018-06-20 10:26 – 2018-06-20 10:26 – 000000000 ____L (Microsoft Corporation) C:Program Files (x86)Microsoft OfficerootOffice16AppVIsvSubsystems32.dll 2018-06-20 10:26 – 2018-06-20 10:26 – 000000000 ____L (Microsoft Corporation) C:Program Files (x86)Microsoft OfficerootOffice16c2r32.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 000052224 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentuiuilibwinpthread-1.dll 2011-10-08 23:53 – 2011-10-08 23:53 – 002504192 _____ (NTRU Cryptosystems, Inc.) [File not signed] C:Program FilesNTRU CryptosystemsNTRU TCG Software StackbinTsp1_x64.dll 2013-01-09 13:07 – 2005-01-13 06:47 – 000049152 ____N (SEIKO EPSON CORP.) [File not signed] C:Program Files (x86)Epson SoftwareEvent ManagerESPSUTL.dll 2012-04-02 11:15 – 2012-04-02 11:15 – 000110080 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareEvent Managerepnsm.dll 2009-10-21 17:39 – 2009-10-21 17:39 – 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareEvent ManagerLcMgr.dll 2015-07-24 18:27 – 2014-05-26 01:00 – 000095744 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityEbpD4Fax.dll 2015-07-24 18:27 – 2014-05-26 01:00 – 000274432 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityFULEPP.dll 2015-07-24 18:27 – 2014-05-26 01:00 – 000327680 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityFUSVCCLT.dll 2015-07-24 18:27 – 2014-05-26 01:00 – 000065536 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityFUUSBHLP.dll 2015-07-24 18:27 – 2014-05-26 01:00 – 000069632 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityLibraryFUDEVCOM.dll 2015-07-24 18:27 – 2014-05-26 01:00 – 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityLibraryFUDRVUTL.dll 2015-07-24 18:27 – 2014-05-26 01:00 – 000339968 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityLibraryFUPRBDEV.dll 2015-07-24 18:27 – 2014-05-26 01:00 – 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityLibraryFUSNMPUT.dll 2015-07-24 18:27 – 2014-05-25 12:00 – 000081920 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityResourceFUCMNMSG.dll 2015-07-24 18:27 – 2014-05-25 12:00 – 000241664 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityResourceFUFAXRCV.dll 2015-07-24 18:27 – 2014-05-25 12:00 – 000022016 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityResourceFULEPPRes.dll 2015-07-24 18:27 – 2014-05-25 12:00 – 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityResourceFUPRBDEVRes.dll 2015-07-24 18:26 – 2012-11-12 15:15 – 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:WindowsSystem32enppmon.dll 2015-07-24 18:26 – 2012-10-22 17:19 – 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:WindowsSystem32enpres.dll 2015-07-24 18:27 – 2014-05-26 01:00 – 000786432 _____ (SEIKO EPSON) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityLibraryENCM.dll 2015-07-24 18:27 – 2014-05-26 01:00 – 000278528 _____ (SEIKO EPSON) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityLibraryENNW.dll 2015-07-24 18:27 – 2014-05-26 01:00 – 000299008 _____ (SEIKO EPSON) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityLibraryENUTIL.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 001787904 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentserviceLIBEAY32.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 000434688 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentserviceSSLEAY32.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 001846272 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentuiuiLIBEAY32.dll 2020-03-19 10:21 – 2020-03-19 10:21 – 000386560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)SynologyActiveBackupforBusinessAgentuiuiSSLEAY32.dll 2011-11-07 08:58 – 2011-11-07 08:58 – 000119296 _____ (Wave Systems Corp.) [File not signed] C:Program FilesDellDell Data ProtectionAccessAdvancedWaveCommonSecureLoginSupport.dll 2011-11-07 08:55 – 2011-11-07 08:55 – 000017920 _____ (Wave Systems Corp.) [File not signed] C:Program FilesDellDell Data ProtectionAccessAdvancedWaveCommonTPMSupport.dll 2012-01-16 16:32 – 2012-01-16 16:32 – 000481280 _____ (Wave Systems Corp.) [File not signed] C:Program FilesDellDell Data ProtectionAccessAdvancedWaveCommonTrustedPlatformManager.dll 2012-01-16 16:31 – 2012-01-16 16:31 – 000050688 _____ (Wave Systems Corp.) [File not signed] C:Program FilesDellDell Data ProtectionAccessAdvancedWaveCommonTrustedPlatformUtil.dll 2012-01-16 16:24 – 2012-01-16 16:25 – 001058304 _____ (Wave Systems Corp.) [File not signed] C:Windowssystem32tcg15.dll 2012-01-16 16:28 – 2012-01-16 16:28 – 000407552 _____ (Wave Systems Corp.) [File not signed] C:Windowssystem32wclient14.dll 2012-01-05 16:00 – 2012-01-05 16:00 – 003564544 _____ (Wave Systems Corp.) [File not signed] C:Windowssystem32wvauth.DLL 2012-08-15 00:54 – 2012-08-15 00:54 – 000025600 _____ (Wave Systems Corp.) [File not signed] C:WindowsWinSxSamd64_wave.super.superprotocol_1aaab1af848ab112_2.0.0.7_none_d8efab872cd9eac7Super.dll 2012-08-15 00:54 – 2012-08-15 00:54 – 001175040 _____ (Wave Systems Corp.) [File not signed] C:WindowsWinSxSamd64_wave.wcr10.cryptoruntime_1aaab1af848ab112_1.0.2.11_none_68ec49ceb7426227WCR10.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => ""="Service" HKLMSYSTEMCurrentControlSetControlSafeBootNetworkatashost => ""="Service" HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKUS-1-5-21-928097801-345109163-1125972616-1104…dell.com -> dell.com IE trusted site: HKUS-1-5-21-928097801-345109163-1125972616-1104…iqassociates.biz -> hxxp://ww2.iqassociates.biz IE trusted site: HKUS-1-5-21-928097801-345109163-1125972616-1107…iqassociates.biz -> hxxp://ww2.iqassociates.biz IE trusted site: HKUS-1-5-21-928097801-345109163-1125972616-1107…iqassociates.com -> hxxp://ww2.iqassociates.com IE trusted site: HKUS-1-5-21-928097801-345109163-1125972616-1107…iqassociates.info -> hxxp://ww2.iqassociates.info IE trusted site: HKUS-1-5-21-928097801-345109163-1125972616-1107…iqassociates.net -> hxxp://ww2.iqassociates.net

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 – 2009-06-10 17:00 – 000000824 _____ C:Windowssystem32driversetchosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)ActianPSQLbin;C:Program FilesCommon FilesMicrosoft SharedWindows Live;C:Program Files (x86)Common FilesMicrosoft SharedWindows Live;C:Program Files (x86)InteliCLS Client;C:Program FilesInteliCLS Client;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;C:Program FilesDellDell Data ProtectionAccessAdvancedWaveGemaltoAccess Clientv5;C:Program Files (x86)NTRU CryptosystemsNTRU TCG Software Stackbin;C:Program FilesNTRU CryptosystemsNTRU TCG Software Stackbin;C:Program Files (x86)Windows LiveShared;C:Program FilesIntelIntel® Management Engine ComponentsDAL;C:Program FilesIntelIntel® Management Engine ComponentsIPT;C:Program Files (x86)IntelIntel® Management Engine ComponentsDAL;C:Program Files (x86)IntelIntel® Management Engine ComponentsIPT HKUS-1-5-21-928097801-345109163-1125972616-1104Control PanelDesktop\Wallpaper -> C:UsersGemmitiAAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper.jpg HKUS-1-5-21-928097801-345109163-1125972616-1107Control PanelDesktop\Wallpaper -> C:UsersKMieleAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper.jpg DNS Servers: 192.168.1.10 – 8.8.8.8 HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:Windowssystem32sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:Windowssystem32sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [VirtualPC-In-UDP-1] => (Allow) C:WindowsSystem32vpc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [VirtualPC-In-UDP-2] => (Allow) C:WindowsSystem32vpc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [VirtualPC-In-TCP-1] => (Allow) C:WindowsSystem32vpc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [4D464B0D-D441-4C1A-9690-6C220FDA57DD] => (Allow) C:Program Files (x86)Windows LiveContactswlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [E564CEC1-17F7-4172-9DC9-C78E54F37199] => (Allow) LPort=2869 FirewallRules: [72F6B6B7-D78F-48C5-B195-1EC6B45A5C40] => (Allow) LPort=1900 FirewallRules: [40714D49-74CC-4BB1-B04E-FD99E705C81E] => (Allow) C:Program Files (x86)Windows LiveMessengermsnmsgr.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [3890C2D2-2FF9-45F4-B52E-EB259F191DB5] => (Allow) C:Program Files (x86)Windows LiveMeshMOE.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [440564F4-AF39-40C1-AE28-FBB35EBDE959] => (Allow) LPort=61117 FirewallRules: [BA4C16D7-37AB-4022-881F-44169704B375] => (Allow) C:Program Files (x86)Pervasive SoftwarePSQLbinw3dbsmgr.exe => No File FirewallRules: [4590ABF8-4776-4998-826A-D6CC5710A518] => (Allow) C:Program Files (x86)Pervasive SoftwarePSQLbinw3dbsmgr.exe => No File FirewallRules: [916C88EE-3304-4C93-A0DD-93C173BA61A3] => (Allow) C:Program Files (x86)BUFFALONASNAVINasNavi.exe (BUFFALO INC. -> BUFFALO INC.) FirewallRules: [B89F0221-F9C1-41AA-A7DB-F5466E290BBB] => (Allow) C:Program Files (x86)BUFFALONASNAVINasNavi.exe (BUFFALO INC. -> BUFFALO INC.) FirewallRules: [79F605C0-A287-4CB6-9FEE-5CDFCA88CF29] => (Allow) C:Program Files (x86)Pervasive SoftwarePSQLbinw3dbsmgr.exe => No File FirewallRules: [05E18197-10F8-4D19-AF18-843782561776] => (Allow) C:Program Files (x86)Pervasive SoftwarePSQLbinw3dbsmgr.exe => No File FirewallRules: [DB8BEC7F-A363-4C40-B42C-6C98215B6535] => (Allow) C:Program Files (x86)CamlinkCodeMeter.exe => No File FirewallRules: [D8BC628E-F611-4B70-A973-CCB679002793] => (Allow) C:Program Files (x86)CamlinkCodeMeter.exe => No File FirewallRules: [F66F5A33-B161-41A6-9248-A6BC9E058C2F] => (Allow) LPort=8888 FirewallRules: [42C900BC-87EA-400B-B2F7-34045EDC21B9] => (Allow) LPort=8888 FirewallRules: [A7E2D356-6408-4F95-90DD-B88B80A6BFCB] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [D0D1233B-C780-46C3-B6D9-6F8B626B2B78] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User2E9CCECE-5ACF-4140-A63F-FFDBABCC4C34C:program files (x86)epson softwareevent managereeventmanager.exe] => (Allow) C:program files (x86)epson softwareevent managereeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) FirewallRules: [UDP Query User01CFC82B-D2D0-4293-95E4-B35AE05DB1A7C:program files (x86)epson softwareevent managereeventmanager.exe] => (Allow) C:program files (x86)epson softwareevent managereeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) FirewallRules: [TCP Query User52FBCC23-1977-48F6-92E0-5DE2B2368A43C:userskmieleappdatalocallogmein rescue appletlmir0001.tmplmi_rescue.exe] => (Allow) C:userskmieleappdatalocallogmein rescue appletlmir0001.tmplmi_rescue.exe => No File FirewallRules: [UDP Query User1BA34E42-A28B-4BE7-AA07-60C0DF8D2F67C:userskmieleappdatalocallogmein rescue appletlmir0001.tmplmi_rescue.exe] => (Allow) C:userskmieleappdatalocallogmein rescue appletlmir0001.tmplmi_rescue.exe => No File FirewallRules: [TCP Query UserCEA255B2-B158-4E7F-A9FA-F67C35193404C:userskmieleappdatalocallogmein rescue appletlmir08a51001.tmplmi_rescue.exe] => (Allow) C:userskmieleappdatalocallogmein rescue appletlmir08a51001.tmplmi_rescue.exe => No File FirewallRules: [UDP Query User8D52DE92-37D9-492B-8676-439A7D521498C:userskmieleappdatalocallogmein rescue appletlmir08a51001.tmplmi_rescue.exe] => (Allow) C:userskmieleappdatalocallogmein rescue appletlmir08a51001.tmplmi_rescue.exe => No File FirewallRules: [TCP Query User1CD30CA8-ED9A-45AE-9026-1C29A11A5A10C:userskmieleappdatalocallogmein rescue appletlmir0c02f001.tmplmi_rescue.exe] => (Allow) C:userskmieleappdatalocallogmein rescue appletlmir0c02f001.tmplmi_rescue.exe => No File FirewallRules: [UDP Query User118420AF-3275-48C1-ACC5-53603D5F45ACC:userskmieleappdatalocallogmein rescue appletlmir0c02f001.tmplmi_rescue.exe] => (Allow) C:userskmieleappdatalocallogmein rescue appletlmir0c02f001.tmplmi_rescue.exe => No File FirewallRules: [371A237F-EDC1-4902-859C-F0EE59581535] => (Allow) LPort=1583 FirewallRules: [BD53179F-4515-4C75-AD50-9759AEF4F571] => (Allow) LPort=3351 FirewallRules: [TCP Query User703607D8-C5C2-48D0-B3EB-826B5F03B747C:program files (x86)epson softwareevent managereeventmanager.exe] => (Block) C:program files (x86)epson softwareevent managereeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) FirewallRules: [UDP Query UserC3E503D7-9624-4B95-BD36-973CFFBFFA01C:program files (x86)epson softwareevent managereeventmanager.exe] => (Block) C:program files (x86)epson softwareevent managereeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) FirewallRules: [5B66001E-67E8-482B-9907-88D2C71ECEE0] => (Allow) C:Program Files (x86)ActianPSQLbinw3dbsmgr.exe (Actian Corporation -> Actian Corporation) FirewallRules: [57F0256F-F11D-4C05-99B0-2B148F2122C1] => (Allow) C:Program Files (x86)ActianPSQLbinw3dbsmgr.exe (Actian Corporation -> Actian Corporation) FirewallRules: [CD63BB04-48E6-4C08-9DC8-6FEEBE1EE352] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [CD4E3930-B5A9-41E2-BA5E-725CD4F19C9F] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [47A6D514-14A2-480B-840A-96B989540524] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [614115BB-54EC-4424-863B-8D6C020D5B0F] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [FA282503-93F7-4F43-9280-E657E4800ACB] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [A842E21A-C339-443D-BD1B-9DD4FFCAF49C] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

10-05-2020 10:30:55 Windows Update 13-05-2020 03:00:10 Windows Update 16-05-2020 10:31:15 Windows Update 19-05-2020 13:29:49 Windows Update 26-05-2020 13:13:34 Windows Update 30-05-2020 15:52:49 Installed Synology Active Backup for Business Agent 31-05-2020 04:15:51 Windows Update

==================== Faulty Device Manager Devices ============

Name: Malwarebytes Anti-Exploit Description: Malwarebytes Anti-Exploit Class Guid: 8ECC055D-047F-11D1-A537-0000F8753ED1 Manufacturer: Service: ESProtectionDriver Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: ========================

Application errors: ================== Error: (05/30/2020 02:18:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/28/2020 07:00:36 PM) (Source: Norton Ghost) (EventID: 100) (User: ) Description: Error EC8F17B7: Cannot create recovery points for job: Drive Backup of RECOVERY (*:), OS (C:). Error EC8F03ED: Cannot create the recovery point. Error E7D1000B: Unable to make directory 'Z:/'. Error E7D10026: Unable to get attributes for 'Z:/'. Error EBAB03F1: The system cannot find the path specified. (UMI:V-281-3215-6071)

Détails: Source: Norton Ghost

Error: (05/27/2020 07:00:37 PM) (Source: Norton Ghost) (EventID: 100) (User: ) Description: Error EC8F17B7: Cannot create recovery points for job: Drive Backup of RECOVERY (*:), OS (C:). Error EC8F03ED: Cannot create the recovery point. Error E7D1000B: Unable to make directory 'Z:/'. Error E7D10026: Unable to get attributes for 'Z:/'. Error EBAB03F1: The system cannot find the path specified. (UMI:V-281-3215-6071)

Détails: Source: Norton Ghost

Error: (05/26/2020 07:00:36 PM) (Source: Norton Ghost) (EventID: 100) (User: ) Description: Error EC8F17B7: Cannot create recovery points for job: Drive Backup of RECOVERY (*:), OS (C:). Error EC8F03ED: Cannot create the recovery point. Error E7D1000B: Unable to make directory 'Z:/'. Error E7D10026: Unable to get attributes for 'Z:/'. Error EBAB03F1: The system cannot find the path specified. (UMI:V-281-3215-6071)

Détails: Source: Norton Ghost

Error: (05/26/2020 08:09:30 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/26/2020 08:08:48 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: OfficeClickToRun.exe, version: 16.0.12527.20612, time stamp: 0x5e8656fc Faulting module name: OfficeClickToRun.exe, version: 16.0.12527.20612, time stamp: 0x5e8656fc Exception code: 0xc0000005 Fault offset: 0x00000000003b24d9 Faulting process id: 0x7a8 Faulting application start time: 0x01d63356598eb186 Faulting application path: C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe Faulting module path: C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe Report Id: a6e96793-9f49-11ea-b347-5cf9dd777e57

Error: (05/26/2020 08:08:25 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/22/2020 03:32:38 PM) (Source: ESENT) (EventID: 104) (User: ) Description: taskhost (4204) WebCacheLocal: The database engine stopped the instance (0) with error (-1011).

System errors: ============= Error: (05/31/2020 10:53:04 AM) (Source: UmrdpService) (EventID: 1111) (User: ) Description: Driver Brother HL-5050 required for printer !!IQA-10!Brother HL-5050Lan is unknown. Contact the administrator to install the driver before you log in again.

Error: (05/31/2020 10:53:02 AM) (Source: UmrdpService) (EventID: 1111) (User: ) Description: Driver Amyuni Document Converter 400 required for printer QuickBooks PDF Converter 2.0 is unknown. Contact the administrator to install the driver before you log in again.

Error: (05/31/2020 10:49:06 AM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on DeviceHarddisk1DR1.

Error: (05/31/2020 04:16:03 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Microsoft Antimalware has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.317.184.0

Update Source: Microsoft Malware Protection Center

Update Stage: Install

Signature Type: AntiSpyware

Update Type: Full

User: NT AUTHORITYNETWORK SERVICE

Current Engine Version:

Previous Engine Version: 1.1.17100.2

Error code: 0x80070652

Error description: Another installation is already in progress. Complete that installation before proceeding with this install.

Error: (05/31/2020 04:16:03 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Microsoft Antimalware has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.317.184.0

Update Source: Microsoft Malware Protection Center

Update Stage: Install

Signature Type: AntiVirus

Update Type: Full

User: NT AUTHORITYNETWORK SERVICE

Current Engine Version:

Previous Engine Version: 1.1.17100.2

Error code: 0x80070652

Error description: Another installation is already in progress. Complete that installation before proceeding with this install.

Error: (05/31/2020 04:16:03 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Microsoft Antimalware has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version:

Update Source: User

Update Stage: Install

Source Path:

Signature Type:

Update Type:

User: NT AUTHORITYNETWORK SERVICE

Current Engine Version:

Previous Engine Version:

Error code: 0x80070652

Error description: Another installation is already in progress. Complete that installation before proceeding with this install.

Error: (05/31/2020 04:16:03 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Microsoft Antimalware has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version:

Update Source: User

Update Stage: Install

Source Path:

Signature Type:

Update Type:

User: NT AUTHORITYNETWORK SERVICE

Current Engine Version:

Previous Engine Version:

Error code: 0x80070652

Error description: Another installation is already in progress. Complete that installation before proceeding with this install.

Error: (05/31/2020 04:16:01 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Microsoft Antimalware has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.317.184.0

Update Source: Microsoft Update Server

Update Stage: Download

Signature Type: AntiVirus

Update Type: Full

User: NT AUTHORITYSYSTEM

Current Engine Version:

Previous Engine Version: 1.1.17100.2

Error code: 0x80240016

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity: ===================================

Date: 2020-05-31 11:02:57.773 La description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume3WindowsSystem32l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2020-05-31 10:55:42.474 La description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume3WindowsSystem32l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2018-11-15 16:44:27.311 La description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume3WindowsSystem32l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2018-06-20 10:14:07.864 La description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume3WindowsSystem32l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2018-06-18 09:15:44.321 La description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume3WindowsSystem32l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2018-06-18 08:56:24.219 La description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume3WindowsSystem32l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2018-05-16 23:39:56.129 La description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume3WindowsSystem32l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2018-05-16 23:33:38.323 La description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume3WindowsSystem32l3codeca.acm because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Dell Inc. A25 05/10/2017 Motherboard: Dell Inc. 0KRC95 Processor: Intel® Core™ i5-3550 CPU @ 3.30GHz Percentage of memory in use: 96% Total physical RAM: 3982.54 MB Available physical RAM: 140.28 MB Total Virtual: 7963.21 MB Available Virtual: 2160.28 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:232.13 GB) (Free:110.08 GB) NTFS Drive z: (Seagate Backup Plus Drive) (Fixed) (Total:1863.01 GB) (Free:1280.23 GB) NTFS

\?Volume03c315c4-e6a3-11e1-be23-806e6f6e6963 (RECOVERY) (Fixed) (Total:0.74 GB) (Free:0.2 GB) NTFS

==================== MBR & Partition Table ====================

========================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 8AE4B35C) Partition 1: (Not Active) – (Size=24 MB) – (Type=DE) Partition 2: (Active) – (Size=753 MB) – (Type=07 NTFS) Partition 3: (Not Active) – (Size=232.1 GB) – (Type=07 NTFS) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 1.

==================== End of Addition.txt =======================

Click to rate this post! [Total: 0 Average: 0]