Publicité
Publicité
Commentaire : Addition.txt
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-11-2017
Ran by I063859 (03-12-2017 10:07:18)
Running from C:\Users\i063859\Desktop
Windows 10 Enterprise Version 1511 10586.1176 (X64) (2016-08-30 10:29:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
DefaultAccount (S-1-5-21-4062798422-3929470720-3195758788-503 - Limited - Disabled)
Guest (S-1-5-21-4062798422-3929470720-3195758788-501 - Limited - Disabled)
Raccount (S-1-5-21-4062798422-3929470720-3195758788-500 - Administrator - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Endpoint Security (Enabled - Up to date) {1006DC03-1FB1-9E52-7C81-F2FAB48962E3}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Endpoint Security (Enabled - Up to date) {AB673DE7-398B-91DC-4631-C988CF0E285E}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Endpoint Security (Enabled) {283D5D26-55DE-9F0A-57DE-5BCF4A5A2598}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
„Microsoft Office 2013“ tikrinimo įrankiai – lietuvių k. (HKLM-x32\...\{90150000-001F-0427-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Adobe Flash Player 27 NPAPI (HKLM-x32\...\{34D4D627-00A1-4C0D-BF68-576C146B9ED6}) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.44.0 - Alcor Micro Corp.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Atom (HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\atom) (Version: 1.19.5 - GitHub Inc.)
Belgium e-ID middleware 4.1.18 (build 1730) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71730}) (Version: 4.1.1730 - Belgian Government)
BIG-IP Edge Client (HKLM-x32\...\{6D4839CB-28B4-4070-8CA7-612CA92CA3D0}) (Version: 71.2017.0404.2206 - F5 Networks, Inc.)
BIG-IP Edge Client Components (All Users) (HKLM-x32\...\F5 Networks Client Components) (Version: 71.2017.0404.2206 - F5 Networks, Inc.)
Cisco WebEx Meetings (HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citrix Receiver 4.9 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.9.0.2539 - Citrix Systems, Inc.)
CitrixReceiver_SAP (HKLM-x32\...\{C6BCE15B-495B-4FA6-A395-FBFF115AACD4}) (Version: 4.9 - SAP IT)
Cloud Foundry CLI version 6.32.0 (HKLM\...\Cloud Foundry CLI_is1) (Version: 6.32.0 - Cloud Foundry Foundation)
Comptes&Mots édition 2017 (HKLM-x32\...\{4437E29A-996C-440A-9227-1126EE75C0AD}_is1) (Version: 2017 - Comptes&Mots)
Configuration Manager Client (HKLM\...\{3926E6CB-FD37-4E8D-8B08-7F485E118C2D}) (Version: 5.00.8498.1000 - Microsoft Corporation) Hidden
Công cụ Soát lỗi Microsoft Office 2013 - Tiếng Việt (HKLM-x32\...\{90150000-001F-042A-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Connected Backup/PC Agent (HKLM-x32\...\{393E4C89-67E9-43BF-AD29-94D19F7624F7}) (Version: 8.8.5.0 - Autonomy Corporation plc)
DIGIPASS Native Bridge 2.2.2 (HKLM-x32\...\{28A6E867-4D45-4023-8DD0-09FC196C2892}) (Version: 2.2.2 - VASCO Data Security) Hidden
DIGIPASS Native Bridge 2.2.2 (HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\{9ba9a46c-c5ee-4711-9d40-15adb327bdd0}) (Version: 2.2.2 - VASCO Data Security)
Eines de correcció del Microsoft Office 2013: català (HKLM-x32\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ferramentas de Verificação do Microsoft Office 2013 - Português (HKLM-x32\...\{90150000-001F-0816-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ferramentas de Verificação do Microsoft Office 2016 - Português (HKLM-x32\...\{90160000-001F-0816-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM-x32\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Git version 2.9.3-rebase-i (HKLM\...\Git_is1) (Version: 2.9.3-rebase-i - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\GitHubDesktop) (Version: 0.9.1 - GitHub, Inc.)
Global Corporate Access (HKLM-x32\...\{38ACB2B6-0957-4C6A-BB53-351F55B5C4B4}) (Version: - ipass)
Google Chrome (HKLM-x32\...\{E59DE535-1B5C-35B2-BA45-E99E29548A1C}) (Version: 62.0.3202.94 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
HP Universal Discovery Agent (x86) (HKLM-x32\...\{B7643B11-A60E-4A33-A465-263FEB32113A}) (Version: 10.31.000.155 - Hewlett-Packard Development Company, L.P.)
Instrumente de verificare Microsoft Office 2016 - Română (HKLM-x32\...\{90160000-001F-0418-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.5.7.22 - SunplusIT)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.5 - Intel)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6F73FF93-0B55-4194-AE45-C19DA1F33E97}) (Version: 6.0.3 - Intel Corporation)
IntelliJ IDEA 2017.2.6 (HKLM-x32\...\IntelliJ IDEA 2017.2.6) (Version: 172.4574.11 - JetBrains s.r.o.)
Internet Explorer 11 Settings (HKLM-x32\...\{68525C36-EE3B-479E-BE2D-9FEC7C8DB134}) (Version: 11.0 - Microsoft Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 8 Update 121 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180121}) (Version: 8.0.1210.13 - Oracle Corporation)
Korrekturredskaber til Microsoft Office 2013 – Dansk (HKLM-x32\...\{90150000-001F-0406-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Korrekturredskaber til Microsoft Office 2016 - Dansk (HKLM-x32\...\{90160000-001F-0406-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Korrekturverktøy for Microsoft Office 2013 – Norsk (nynorsk) (HKLM-x32\...\{90150000-001F-0814-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Lenovo On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.80.02 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.11.08 - Lenovo)
McAfee Agent (HKLM\...\{80684F9A-6B01-4F3F-A8C7-C4B7BDF072F1}) (Version: 5.0.6.220 - McAfee, Inc.)
McAfee Data Exchange Layer (HKLM\...\{48F152B8-17F4-467F-A65B-49A2A271FA27}) (Version: 3.1.601.0 - McAfee, Inc.) Hidden
McAfee Data Exchange Layer (HKLM-x32\...\{d14da861-f859-4506-8497-ebcb682bbca8}) (Version: 3.1.0.601 - McAfee, Inc.)
McAfee Endpoint Security Adaptive Threat Protection (HKLM\...\{80B1F696-3C8F-4BBC-BD07-86CF0E37FDD2}) (Version: 10.5.2 - McAfee, Inc.)
McAfee Endpoint Security Firewall (HKLM\...\{23E52C73-A84B-47C2-8D8D-24C5C04181B3}) (Version: 10.5.2 - McAfee, Inc.)
McAfee Endpoint Security Platform (HKLM\...\{6D20F37F-05CB-401E-83A3-DEB93B29196E}) (Version: 10.5.2 - McAfee, Inc.)
McAfee Endpoint Security Threat Prevention (HKLM\...\{4F574B83-3AE0-419F-8A3B-985C389334B4}) (Version: 10.5.2 - McAfee, Inc.)
MDOP MBAM (HKLM\...\{1B0FF767-2365-4E2B-91D1-93D442944055}) (Version: 2.5.0244.0 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4945.1001 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM-x32\...\{90160000-001F-0407-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office Nyelvi ellenőrző eszközök 2016 – magyar (HKLM-x32\...\{90160000-001F-040E-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools 2016 - Afrikaans (HKLM-x32\...\{90160000-001F-0436-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools 2016 - Bahasa Melayu (HKLM-x32\...\{90160000-001F-043E-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools 2016 – български (HKLM-x32\...\{90160000-001F-0402-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools 2016 - اللغة العربية (HKLM-x32\...\{90160000-001F-0401-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools 2016 - हिंदी (HKLM-x32\...\{90160000-001F-0439-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2013 (HKLM-x32\...\Office15.PROOFKIT) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 언어 교정 도구 2016 - 한국어 (HKLM-x32\...\{90160000-001F-0412-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office 校对工具 2016 - 简体中文 (HKLM-x32\...\{90160000-001F-0804-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office 校正ツール 2016 - 日本語 (HKLM-x32\...\{90160000-001F-0411-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office 校訂工具 2016 - 繁體中文 (HKLM-x32\...\{90160000-001F-0404-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft redistributable runtime DLLs VS2005 SP1(x86) (HKLM-x32\...\{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}) (Version: 8.0.50727.4053 - SAP)
Microsoft redistributable runtime DLLs VS2008 SP1(x86) (HKLM-x32\...\{A47A9101-6EB5-4314-BDA1-297880FBB908}) (Version: 9.0 - SAP AG)
Microsoft redistributable runtime DLLs VS2010 SP1 (x86) (HKLM-x32\...\{2385C070-EC26-4AB9-8718-E605C977C0ED}) (Version: 10.0.40219.1 - SAP)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.17.1 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 fr) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 fr)) (Version: 54.0.1 - Mozilla)
Mozilla Firefox 55.0.3 (x64 fr) (HKLM\...\Mozilla Firefox 55.0.3 (x64 fr)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (HKLM-x32\...\{90150000-001F-0415-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM-x32\...\{90160000-001F-0415-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM-x32\...\{90160000-001F-0405-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Node.js (HKLM\...\{9CB432A8-2DC4-4AA3-BF63-9A2AE489B167}) (Version: 6.11.4 - Node.js Foundation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4945.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4945.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4945.1001 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{5C38E4A7-9778-4C51-8021-61759600D96A}) (Version: 14.9.0.2539 - Citrix Systems, Inc.) Hidden
Orodja za preverjanje za Microsoft Office 2013 – slovenščina (HKLM-x32\...\{90150000-001F-0424-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM-x32\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
PDF-XChange PRO x64 6.0.317.1 (HKLM\...\{FDEE9B63-F8FF-459D-96D0-115138EB6C72}) (Version: 6.0.317.1 - Tracker Software Products (Canada) Ltd.)
Python 3.4.0 (64-bit) (HKLM\...\{863162a8-ecc2-35ea-bdf7-e09ac456e164}) (Version: 3.4.150 - Python Software Foundation)
Python 3.5.0 (64-bit) (HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\{e599f76f-2b95-44da-a280-77548b1b2a21}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.0 Add to Path (64-bit) (HKLM\...\{810503AC-4E50-4A21-BD5A-BFA973480B35}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Core Interpreter (64-bit) (HKLM\...\{9D059C5B-80A5-46AA-BC8A-FD41E89D0A49}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Development Libraries (64-bit) (HKLM\...\{6EA6724A-71C6-43EE-BE9F-80E3C0DC8A4F}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Documentation (64-bit) (HKLM\...\{3B016F3B-917E-477F-920A-BBBA12E09F8B}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Executables (64-bit) (HKLM\...\{9C67D7CC-26D3-4535-9D0A-F4591AD9B11F}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Launcher (32-bit) (HKLM-x32\...\{A095BD6B-4F39-46A4-9AA1-8F7296492974}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 pip Bootstrap (64-bit) (HKLM\...\{6ADAF31E-EEE6-4251-BE5A-EFD7868D3930}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Standard Library (64-bit) (HKLM\...\{5741118B-D61A-4F27-BB80-0CAED22FE20B}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Tcl/Tk Support (64-bit) (HKLM\...\{47483182-8783-45CB-9120-77FDB241E2FF}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Test Suite (64-bit) (HKLM\...\{B2AB1292-01D1-4972-BF56-43531A2AA3BA}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Utility Scripts (64-bit) (HKLM\...\{2B5129D0-C4C1-4322-8888-D0B6CDA6DCD2}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7746 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM-x32\...\{90160000-001F-0416-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SAP Business Explorer (HKLM-x32\...\SAPBI) (Version: 7.30 - SAP AG)
SAP Communication PPT Presentation Wizard 2017.3 (HKLM-x32\...\{DECD9416-9049-45E9-888E-31BDB76D7802}) (Version: 2017.3 - SAP Communication)
SAP Fonts 2013 (HKLM-x32\...\{2AE73D57-0FDB-47D5-B195-00C9BF3098B2}) (Version: 2013 - SAP)
SAP GUI for Windows 7.40 (Patch 12) (HKLM-x32\...\SAPGUI) (Version: 7.40 Compilation 3 - SAP SE)
SAP HANA Cloud Connector (HKLM\...\{018F5128-1795-4573-9528-F842531A46DE}) (Version: 2.9.0.2 - SAP)
SAP IT Client Migration Wizard 2016 2.0.2 (HKLM-x32\...\{3BA8A814-8207-468C-8067-43F7BF50693A}) (Version: 2.0.2 - SAP IT)
SAP IT MusicOnHoldFileForLync 1.0 (HKLM\...\{8AB1E204-BE7E-450F-B6D2-2E711A48CD71}) (Version: 1.0 - SAP IT)
SAP IT Raccount SE (HKLM\...\{C5CE7B4B-9F72-474D-A8EA-7C2F7592FCE4}) (Version: 1.4 - SAP IT)
SAP IT Windows 8 Logon Icon 1.0 (HKLM-x32\...\{268C2CDE-A133-420E-8958-7C2512C6F767}) (Version: 1.0 - SAP IT)
SAP Mobile Platform SDK 3.0 SP13 (HKLM\...\570a03218011079f3aee0f2964c764ba920482880) (Version: 3.0.13.0 - SAP SE)
SAP Secure Login Client (x64) (HKLM\...\Secure Login Client (x64)) (Version: 3.0.2.1.0 - SAP AG)
SAP Workforce Performance Builder SLC Player 9.4.0.111 (HKLM-x32\...\{DA46712E-B8B6-4466-8003-9B5CDCF78F31}) (Version: 9.4.0111 - SAP AG)
SAPscript Legacy Text Editor (HKLM-x32\...\SAPScriptEditorControls) (Version: - SAP SE)
Self-Service Plug-in (HKLM-x32\...\{C7E328BE-E4FF-4D07-B848-1179C42C8AD4}) (Version: 4.9.0.2528 - Citrix Systems, Inc.) Hidden
Skype Quality Adviser (HKLM-x32\...\{BD1C5F81-2AE5-477B-8BC5-8D52394DD0CF}) (Version: 4.0.4.3 - SAP)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM-x32\...\{90160000-001F-0410-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Sublime Text Build 3143 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.85 - Synaptics Incorporated)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM-x32\...\{90160000-001F-0413-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Telerik Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.6.2.32002 - Telerik)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (HKLM-x32\...\{90160000-001F-083C-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows Driver Package - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict)
WinRAR (64-bit) 5.31.0 (HKLM\...\{F8B0145A-8891-47EA-8160-E0CA22B851F7}) (Version: 5.31.0 - win.rar GmbH)
Yarn (HKLM-x32\...\{918E1EC4-5148-4150-B711-8A69AE9BAF37}) (Version: 1.3.2 - Yarn Contributors)
YTD Video Downloader 5.9.0 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.9.0 - GreenTree Applications SRL) <==== ATTENTION
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2013 - Ελληνικά (HKLM-x32\...\{90150000-001F-0408-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2013 – українська мова (HKLM-x32\...\{90150000-001F-0422-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2013 — русский (HKLM-x32\...\{90150000-001F-0419-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (HKLM-x32\...\{90160000-001F-0419-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
כלי ההגהה של Microsoft Office 2013 - עברית (HKLM-x32\...\{90150000-001F-040D-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (HKLM-x32\...\{90160000-001F-040D-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\RarExt.dll [2016-02-03] (Alexander Roshal)
ContextMenuHandlers1: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\RarExt32.dll [2016-02-03] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-07-30] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-11-05] (NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\RarExt.dll [2016-02-03] (Alexander Roshal)
ContextMenuHandlers6: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\RarExt32.dll [2016-02-03] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2003EF10-A7A7-4904-9521-44E8FA08AF84} - System32\Tasks\SAP IT\SAP-NAP => powershell.exe -NoProfile -WindowStyle Hidden -ExecutionPolicy AllSigned -File "%programfiles%\SAP-IT\SAP-NAP\SAP-NAP.ps1" <==== ATTENTION
Task: {2A4F95CC-8AB1-46B9-8E88-FD7CC0070BDD} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2017-09-12] (Microsoft Corporation)
Task: {35A73488-2B14-44B2-B0CE-9AF570121C7C} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-02-23] (Realtek Semiconductor)
Task: {362BA806-2178-46F0-824B-0E59F358CF8F} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Passport for Work Certificate Enrollment Task => C:\Windows\system32\wbem\wmic.exe [2015-10-30] (Microsoft Corporation)
Task: {3AA5C15D-97EA-4561-BBAE-343B472129D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-09-12] (Microsoft Corporation)
Task: {3B63BC48-B31B-46E3-997F-0CB645B0DB7A} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Idle Detection
Task: {45659455-D9F5-4022-8B2B-661248F206C8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-29] (Adobe Systems Incorporated)
Task: {49B0D527-742B-43D4-A536-2D9B1027E709} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}
Task: {66C12B49-8480-43C4-A862-5124B4AB6D36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-30] (Google Inc.)
Task: {67CFFCEB-A430-4BDB-BA32-406784FA57B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-30] (Google Inc.)
Task: {6F72DB16-773E-4C20-A04A-2BEE5577232B} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-02-23] (Realtek Semiconductor)
Task: {848F81D8-1B12-4CE4-BF9E-5665EEC4A3B9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {9671028C-34A1-4EB7-8504-5F5B384C778E} - System32\Tasks\HF_BOOT_TASK_JOB (INSTALL_STATE_UPDATE) => C:\ProgramData\Shavlik\Installation\InstallationSandbox#2016-09-06-T-19-11-53\SafeReboot.exe [2014-07-28] (LANDESK Software, Inc.)
Task: {96C62F12-57C6-45BA-BFD4-BC2F6600BAAA} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Health Evaluation => C:\Windows\CCM\ccmeval.exe [2017-04-11] (Microsoft Corporation)
Task: {B09D2202-5408-45A0-93FA-EF50FD1247F8} - System32\Tasks\Credmanager => powershell.exe -noprofile -command "&{cd C:\Users\Public\SAP-IT\CredentialManager; C:\Users\Public\SAP-IT\CredentialManager\AddCredential.ps1}"
Task: {B6C6D522-FEB9-4293-B003-6D56CE659C1E} - System32\Tasks\SAP IT\SAP_W10_IT_Firstrun => C:\program files (x86)\SAP IT\FirstRun\run.vbs [2016-03-14] ()
Task: {BB4C9AFA-0933-45F3-A52D-D49D52F138AB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-02-23] (Realtek Semiconductor)
Task: {BF43D33A-A5B4-4F4F-BD5A-134DE7EA097F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-09-12] (Microsoft Corporation)
Task: {C507A621-8659-4675-81E1-703EEC4CB565} - System32\Tasks\SAP IT\Set DynDNS => cscript.exe \\global.corp.sap\netlogon\Scripts\Dyndns\_DSSO_AD\setDynDnsAD.vbs
Task: {C631CA95-2C71-493D-B448-A851B02C5F33} - System32\Tasks\SAP IT\Reg_DNS_Upd_V4 => powershell -command "& {{Start-Process -F 'cmd' -A '/c ipconfig /registerdns' -N -Wait }; Exit 0}"
Task: {D3802E03-6F39-4DC1-924C-BDA92809C7EF} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}
Task: {ED0912DD-05FF-4756-8A49-6538AD641381} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {F785A48C-4E8A-4681-8E94-E151142FC923} - System32\Tasks\SCCM_Client_Check => powershell.exe -NonInteractive -noprofile -WindowStyle Hidden -ExecutionPolicy bypass -file \\ecs\remediation\SCCM_Tools\Fix-BrokenSCCM.ps1
Task: {FC698EF9-711E-43B0-863A-B09D69F18ADD} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\i063859\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Advanced REST client.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hgmloofddffdnphfgcellkdfbfbjeloo
ShortcutWithArgument: C:\Users\i063859\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\mydlink services plugin.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ldibdoepbjbkkcbgndfljnphngpglhbb
ShortcutWithArgument: C:\Users\i063859\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Postman.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fhbjgbiflinjbdggehcddcbncdddomop
==================== Loaded Modules (Whitelisted) ==============
2016-08-30 12:39 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-06-14 07:47 - 2017-06-14 07:47 - 000152656 _____ () C:\Program Files\McAfee\Agent\libuv.dll
2017-06-14 08:21 - 2017-06-14 08:21 - 000028224 _____ () C:\Program Files\McAfee\Agent\trex.dll
2017-06-14 07:46 - 2017-06-14 07:46 - 000033856 _____ () C:\Program Files\McAfee\Agent\libini.dll
2017-06-14 08:20 - 2017-06-14 08:20 - 000559128 _____ () C:\Program Files\McAfee\Agent\sqlite.dll
2017-06-14 08:23 - 2017-06-14 08:23 - 000121176 _____ () C:\Program Files\McAfee\Agent\zlib.dll
2017-06-14 08:18 - 2017-06-14 08:18 - 000058680 _____ () C:\Program Files\McAfee\Agent\MXML.dll
2016-12-05 06:07 - 2016-12-05 06:07 - 001007560 _____ () C:\Program Files (x86)\Hewlett-Packard\Discovery Agent\bin32\discagnt.exe
2017-03-28 13:11 - 2017-03-04 06:31 - 000185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-08-30 11:22 - 2015-11-05 12:49 - 000126072 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-09-27 16:32 - 2017-09-05 10:31 - 002656960 _____ () C:\Windows\System32\CoreUIComponents.dll
2017-03-17 08:48 - 2017-01-31 13:34 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-08-30 19:51 - 2016-08-30 20:02 - 000144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-13 13:53 - 2016-02-13 13:53 - 000093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-09-27 16:00 - 2016-07-01 04:48 - 000472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2017-03-28 13:10 - 2017-03-04 04:19 - 007992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-28 13:11 - 2017-03-04 04:14 - 000591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-27 16:32 - 2017-09-05 05:03 - 002483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-09-27 16:32 - 2017-09-05 05:06 - 004089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-11-16 09:46 - 2017-11-10 10:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-16 09:46 - 2017-11-10 10:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
2015-10-28 12:46 - 2015-10-28 12:46 - 000076528 _____ () C:\Program Files (x86)\Iron Mountain\Connected BackupPC\SDK8.dll
2017-02-06 04:27 - 2017-02-06 04:27 - 000889672 _____ () C:\Program Files (x86)\Deutsche Telekom\Global Corporate Access\bin\System.Data.SQLite.dll
2017-02-06 04:27 - 2017-02-06 04:27 - 000038728 _____ () C:\Program Files (x86)\Deutsche Telekom\Global Corporate Access\bin\ThemisLib.dll
2017-02-06 04:27 - 2017-02-06 04:27 - 000014152 _____ () C:\Program Files (x86)\Deutsche Telekom\Global Corporate Access\bin\NetworkAssessLib.dll
2017-02-06 04:27 - 2017-02-06 04:27 - 000024904 _____ () C:\Program Files (x86)\Deutsche Telekom\Global Corporate Access\bin\RTNLib.dll
2017-06-14 07:46 - 2017-06-14 07:46 - 000141800 _____ () C:\Program Files\McAfee\Agent\x86\libuv.dll
2017-06-14 08:20 - 2017-06-14 08:20 - 000027128 _____ () C:\Program Files\McAfee\Agent\x86\trex.dll
2017-06-14 07:46 - 2017-06-14 07:46 - 000029208 _____ () C:\Program Files\McAfee\Agent\x86\libini.dll
2017-06-14 08:20 - 2017-06-14 08:20 - 000434624 _____ () C:\Program Files\McAfee\Agent\x86\sqlite.dll
2017-06-14 08:18 - 2017-06-14 08:18 - 000048848 _____ () C:\Program Files\McAfee\Agent\x86\MXML.dll
2016-08-30 19:51 - 2016-08-30 20:02 - 000141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-08-30 19:51 - 2016-08-30 20:02 - 022284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\corp.sap -> hxxps://*.global.corp.sap
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\*.global -> hxxps://*.global
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\amadeus.com -> hxxps://amadeus.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\ariba.com -> hxxp://sapconcur.procurement-eu.ariba.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\bcdtravel.com -> hxxps://bcdtravel.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\bluebottlebiz.com -> hxxps://bluebottlebiz.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\box.net -> hxxps://sso.services.box.net
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\brainshark.com -> hxxps://www.brainshark.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\btslearning.com -> hxxps://www.btslearning.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\btspulse.com -> hxxps://sap.btspulse.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\checkmytrip.com -> hxxps://checkmytrip.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\concur.com -> hxxp://webmail.concur.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\concurmessaging.com -> hxxps://concurmessaging.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\concursolutions.com -> hxxps://concursolutions.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\concursolutions.com -> hxxp://concursolutions.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\concurtech.org -> hxxps://concur.concurtech.org
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\contgo.com -> hxxps://contgo.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\corp.sap -> hxxps://*.global.corp.sap
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\cubetree.com -> hxxps://cubetree.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\datanet.de -> hxxps://datanet.de
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\datasltn.com -> hxxps://datasltn.com
There are 64 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 08:24 - 2017-01-31 12:40 - 000001186 _____ C:\Windows\system32\Drivers\etc\hosts
54.87.174.2 vhcals4hci vhcals4hci.dummy.nodomain
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-74642-3284969411-2123768488-96017\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\sap_wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{13132F38-260E-4282-9799-51D8DA51DD81}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe
FirewallRules: [{7673CC42-CD9A-4DFB-B397-FE0F5DDD4788}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe
FirewallRules: [{9FB2FAD2-3D59-4864-B558-09DC2C920CDA}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe
FirewallRules: [{5343CF97-2A57-43B1-AD9D-03B3A25D1969}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe
FirewallRules: [{656F1135-8FCE-4C09-95D6-FA86779DAF73}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe
FirewallRules: [{45BAECBF-7431-4F4B-89E7-E733F2EBDCE1}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe
FirewallRules: [{95943FD2-C598-442B-BCD9-D589099DF814}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{53DA9224-53E4-453F-8152-B826A4BFFA3F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{98B6B2BB-37C1-427E-A4F5-AB29AD2CE54C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{6D01FEDF-BB53-4AA8-9C01-52513BDEFE60}] => (Allow) C:\Program Files (x86)\Iron Mountain\Connected BackupPC\ConnectedAgent.exe
FirewallRules: [{1A0F14AF-C763-4EDB-AB6B-0E95D184CE55}] => (Allow) C:\Program Files (x86)\Iron Mountain\Connected BackupPC\ConnectedAgent.exe
FirewallRules: [{A63F4AC4-86AA-476A-AA66-D71ECD92050D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ADCF5A3F-C987-4CC0-8B1B-9B46E77F465F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Discovery Agent\bin32\discagnt.exe
FirewallRules: [{9E0E762E-3163-4B12-8379-43287145CAAC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Discovery Agent\bin32\discagnt.exe
FirewallRules: [{E7022EB9-092D-4D1A-B4C5-C07EFA3C56E8}] => (Allow) C:\Program Files (x86)\Iron Mountain\Connected BackupPC\ConnectedAgent.exe
FirewallRules: [{6BE11B8C-E618-42D6-936A-CEA12ECFCFF5}] => (Allow) C:\Program Files (x86)\Iron Mountain\Connected BackupPC\ConnectedAgent.exe
FirewallRules: [{FD885E50-1A52-4B24-B7EF-A81F66102BEF}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{00A7508B-CA25-480C-9FA1-9BB7F3B58D11}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{5A8C89E6-F6C4-4025-88CF-FCE0A8A2654F}] => (Allow) C:\Program Files (x86)\Iron Mountain\Connected BackupPC\ConnectedAgent.exe
FirewallRules: [{D0E949FB-5178-4BB2-93F6-7CCA0E532415}] => (Allow) C:\Program Files (x86)\Iron Mountain\Connected BackupPC\ConnectedAgent.exe
FirewallRules: [{33A0BD2A-DB3D-4C55-BC80-545B4114B7D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DC926158-75BE-4444-AAB5-85B05603C2BC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{50CC7977-CEA0-46B8-8BC8-D111F9F5747A}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{E7DF354E-335A-46F5-9AB1-5A1C3E244778}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{9BBE30F1-560A-420F-BA34-2A0AA27C7142}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{68415656-8A03-40CD-AF8F-EE8DC4462098}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{3EE92078-EF11-4DFC-AA9B-92470CDFF3F0}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{DF9FF965-7F8C-44BC-802D-F2D18F5E6D39}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{C2424CDF-52CD-4A7A-977A-EDD88F488BFC}] => (Allow) C:\Users\i063859\Downloads\wizard\autorun.exe
FirewallRules: [{EB0CB0EA-91A6-4395-85DF-0B0365ED36DB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{169AFE98-0F3C-4F2D-BA03-98C2CF39CE34}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{002C029E-8C05-4A49-9364-1D0F54E0274E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name: TunnelBear Adapter V9
Description: TunnelBear Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TunnelBear Provider V9
Service: tap-tb-0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/03/2017 09:47:54 AM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18056
ExP:DEP Heap Bloqué une tentative d'exploit de C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE.
Error: (12/03/2017 02:13:48 AM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18056
ExP:DEP Heap Bloqué une tentative d'exploit de C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE.
Error: (12/03/2017 02:10:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: GLOBAL)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (12/03/2017 01:50:52 AM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=1095
GLOBAL\I063859 a exécuté CHROME.EXE, qui a accédé à C:\USERS\I063859\DOWNLOADS\KIESSETUP.EXE, d'une manière contraire à la règle « Navigateurs lançant des fichiers depuis le dossier Fichiers programmes téléchargés ». L'accès a été autorisé car la règle n'était pas configurée de sorte à bloquer l'accès.
Error: (12/02/2017 09:53:26 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18056
ExP:DEP Heap Bloqué une tentative d'exploit de C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE.
Error: (12/02/2017 01:48:20 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=1095
GLOBAL\I063859 a exécuté CHROME.EXE, qui a accédé à C:\USERS\I063859\DOWNLOADS\FRST64.EXE, d'une manière contraire à la règle « Navigateurs lançant des fichiers depuis le dossier Fichiers programmes téléchargés ». L'accès a été autorisé car la règle n'était pas configurée de sorte à bloquer l'accès.
Error: (12/02/2017 01:37:15 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=1095
GLOBAL\I063859 a exécuté CHROME.EXE, qui a accédé à C:\USERS\I063859\DOWNLOADS\HOUSECALLLAUNCHER64.EXE, d'une manière contraire à la règle « Navigateurs lançant des fichiers depuis le dossier Fichiers programmes téléchargés ». L'accès a été autorisé car la règle n'était pas configurée de sorte à bloquer l'accès.
Error: (12/02/2017 01:36:28 PM) (Source: Group Policy Shortcuts) (EventID: 8194) (User: NT AUTHORITY)
Description: The client-side extension could not apply user policy settings for 'GPO_UC_IE {62BE36DE-E9C7-490F-A445-ADE698683A0C}' because it failed with error code '0x80070035 The network path was not found.'%apply00790275
Error: (12/02/2017 01:36:28 PM) (Source: Group Policy Registry) (EventID: 8194) (User: NT AUTHORITY)
Description: The client-side extension could not apply user policy settings for 'GPO_UC_Edge {18F1FECA-5A1B-4588-96D3-B281695DC9FB}' because it failed with error code '0x80070035 The network path was not found.'%apply00790275
Error: (12/02/2017 01:36:28 PM) (Source: Group Policy Files) (EventID: 8194) (User: NT AUTHORITY)
Description: The client-side extension could not apply user policy settings for 'GPO_UC_IE {62BE36DE-E9C7-490F-A445-ADE698683A0C}' because it failed with error code '0x80070035 The network path was not found.'%apply00790275
System errors:
=============
Error: (12/03/2017 09:43:07 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: GLOBAL)
Description: 1 failed.
GPO Name : GPO_UC_LogonScripts
GPO File System Path : \\global.corp.sap\sysvol\global.corp.sap\Policies\{4D75ECED-B4A7-47DB-85F5-E59B1C8AA8FB}\User
Script Name: %LogonServer%\NETLOGON\Logon.bat
Error: (12/03/2017 09:43:07 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: GLOBAL)
Description: 1 failed.
GPO Name : GPO_UC_SSO_CR
GPO File System Path : \\global.corp.sap\sysvol\global.corp.sap\Policies\{988A2044-AC1A-443C-A37B-D506852E8751}\User
Script Name: Delete-SAP_ALL-SSO_CA-certs.ps1
Error: (12/03/2017 09:43:07 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: GLOBAL)
Description: 1 failed.
GPO Name : GPO_UC_Printer_Migration
GPO File System Path : \\global.corp.sap\sysvol\global.corp.sap\Policies\{1D8A4517-3340-4306-A42B-351FFC58152B}\User
Script Name: %logonserver%\netlogon\printerMigration\SAP_Printer.ps1
Error: (12/03/2017 09:43:01 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: GLOBAL)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
Error: (12/03/2017 09:43:00 AM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain GLOBAL due to the following:
There are currently no logon servers available to service the logon request.
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
Error: (12/03/2017 09:42:39 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
Error: (12/03/2017 02:14:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_18aaf6 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (12/03/2017 02:14:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_18aaf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (12/03/2017 02:11:53 AM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain GLOBAL due to the following:
There are currently no logon servers available to service the logon request.
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
Error: (12/03/2017 02:11:12 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Group Policy Client service did not shut down properly after receiving a preshutdown control.
CodeIntegrity:
===================================
Date: 2017-11-30 14:58:47.294
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-29 04:57:55.637
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-22 18:32:42.694
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-26 13:00:37.314
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-24 21:04:29.165
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-24 12:10:56.804
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-23 09:35:29.990
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-29 13:28:13.013
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-27 18:45:53.768
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-26 14:46:17.957
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4910MQ CPU @ 2.90GHz
Percentage of memory in use: 33%
Total physical RAM: 16263.54 MB
Available physical RAM: 10847.7 MB
Total Virtual: 17287.54 MB
Available Virtual: 11180.46 MB
==================== Drives ================================
Drive c: (OSDisk) (Fixed) (Total:475.87 GB) (Free:306.41 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 03A644DE)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by I063859 (03-12-2017 10:07:18)
Running from C:\Users\i063859\Desktop
Windows 10 Enterprise Version 1511 10586.1176 (X64) (2016-08-30 10:29:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
DefaultAccount (S-1-5-21-4062798422-3929470720-3195758788-503 - Limited - Disabled)
Guest (S-1-5-21-4062798422-3929470720-3195758788-501 - Limited - Disabled)
Raccount (S-1-5-21-4062798422-3929470720-3195758788-500 - Administrator - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Endpoint Security (Enabled - Up to date) {1006DC03-1FB1-9E52-7C81-F2FAB48962E3}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Endpoint Security (Enabled - Up to date) {AB673DE7-398B-91DC-4631-C988CF0E285E}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Endpoint Security (Enabled) {283D5D26-55DE-9F0A-57DE-5BCF4A5A2598}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
„Microsoft Office 2013“ tikrinimo įrankiai – lietuvių k. (HKLM-x32\...\{90150000-001F-0427-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Adobe Flash Player 27 NPAPI (HKLM-x32\...\{34D4D627-00A1-4C0D-BF68-576C146B9ED6}) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.44.0 - Alcor Micro Corp.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Atom (HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\atom) (Version: 1.19.5 - GitHub Inc.)
Belgium e-ID middleware 4.1.18 (build 1730) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71730}) (Version: 4.1.1730 - Belgian Government)
BIG-IP Edge Client (HKLM-x32\...\{6D4839CB-28B4-4070-8CA7-612CA92CA3D0}) (Version: 71.2017.0404.2206 - F5 Networks, Inc.)
BIG-IP Edge Client Components (All Users) (HKLM-x32\...\F5 Networks Client Components) (Version: 71.2017.0404.2206 - F5 Networks, Inc.)
Cisco WebEx Meetings (HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citrix Receiver 4.9 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.9.0.2539 - Citrix Systems, Inc.)
CitrixReceiver_SAP (HKLM-x32\...\{C6BCE15B-495B-4FA6-A395-FBFF115AACD4}) (Version: 4.9 - SAP IT)
Cloud Foundry CLI version 6.32.0 (HKLM\...\Cloud Foundry CLI_is1) (Version: 6.32.0 - Cloud Foundry Foundation)
Comptes&Mots édition 2017 (HKLM-x32\...\{4437E29A-996C-440A-9227-1126EE75C0AD}_is1) (Version: 2017 - Comptes&Mots)
Configuration Manager Client (HKLM\...\{3926E6CB-FD37-4E8D-8B08-7F485E118C2D}) (Version: 5.00.8498.1000 - Microsoft Corporation) Hidden
Công cụ Soát lỗi Microsoft Office 2013 - Tiếng Việt (HKLM-x32\...\{90150000-001F-042A-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Connected Backup/PC Agent (HKLM-x32\...\{393E4C89-67E9-43BF-AD29-94D19F7624F7}) (Version: 8.8.5.0 - Autonomy Corporation plc)
DIGIPASS Native Bridge 2.2.2 (HKLM-x32\...\{28A6E867-4D45-4023-8DD0-09FC196C2892}) (Version: 2.2.2 - VASCO Data Security) Hidden
DIGIPASS Native Bridge 2.2.2 (HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\{9ba9a46c-c5ee-4711-9d40-15adb327bdd0}) (Version: 2.2.2 - VASCO Data Security)
Eines de correcció del Microsoft Office 2013: català (HKLM-x32\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ferramentas de Verificação do Microsoft Office 2013 - Português (HKLM-x32\...\{90150000-001F-0816-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ferramentas de Verificação do Microsoft Office 2016 - Português (HKLM-x32\...\{90160000-001F-0816-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM-x32\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Git version 2.9.3-rebase-i (HKLM\...\Git_is1) (Version: 2.9.3-rebase-i - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\GitHubDesktop) (Version: 0.9.1 - GitHub, Inc.)
Global Corporate Access (HKLM-x32\...\{38ACB2B6-0957-4C6A-BB53-351F55B5C4B4}) (Version: - ipass)
Google Chrome (HKLM-x32\...\{E59DE535-1B5C-35B2-BA45-E99E29548A1C}) (Version: 62.0.3202.94 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
HP Universal Discovery Agent (x86) (HKLM-x32\...\{B7643B11-A60E-4A33-A465-263FEB32113A}) (Version: 10.31.000.155 - Hewlett-Packard Development Company, L.P.)
Instrumente de verificare Microsoft Office 2016 - Română (HKLM-x32\...\{90160000-001F-0418-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.5.7.22 - SunplusIT)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.5 - Intel)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6F73FF93-0B55-4194-AE45-C19DA1F33E97}) (Version: 6.0.3 - Intel Corporation)
IntelliJ IDEA 2017.2.6 (HKLM-x32\...\IntelliJ IDEA 2017.2.6) (Version: 172.4574.11 - JetBrains s.r.o.)
Internet Explorer 11 Settings (HKLM-x32\...\{68525C36-EE3B-479E-BE2D-9FEC7C8DB134}) (Version: 11.0 - Microsoft Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 8 Update 121 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180121}) (Version: 8.0.1210.13 - Oracle Corporation)
Korrekturredskaber til Microsoft Office 2013 – Dansk (HKLM-x32\...\{90150000-001F-0406-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Korrekturredskaber til Microsoft Office 2016 - Dansk (HKLM-x32\...\{90160000-001F-0406-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Korrekturverktøy for Microsoft Office 2013 – Norsk (nynorsk) (HKLM-x32\...\{90150000-001F-0814-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Lenovo On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.80.02 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.11.08 - Lenovo)
McAfee Agent (HKLM\...\{80684F9A-6B01-4F3F-A8C7-C4B7BDF072F1}) (Version: 5.0.6.220 - McAfee, Inc.)
McAfee Data Exchange Layer (HKLM\...\{48F152B8-17F4-467F-A65B-49A2A271FA27}) (Version: 3.1.601.0 - McAfee, Inc.) Hidden
McAfee Data Exchange Layer (HKLM-x32\...\{d14da861-f859-4506-8497-ebcb682bbca8}) (Version: 3.1.0.601 - McAfee, Inc.)
McAfee Endpoint Security Adaptive Threat Protection (HKLM\...\{80B1F696-3C8F-4BBC-BD07-86CF0E37FDD2}) (Version: 10.5.2 - McAfee, Inc.)
McAfee Endpoint Security Firewall (HKLM\...\{23E52C73-A84B-47C2-8D8D-24C5C04181B3}) (Version: 10.5.2 - McAfee, Inc.)
McAfee Endpoint Security Platform (HKLM\...\{6D20F37F-05CB-401E-83A3-DEB93B29196E}) (Version: 10.5.2 - McAfee, Inc.)
McAfee Endpoint Security Threat Prevention (HKLM\...\{4F574B83-3AE0-419F-8A3B-985C389334B4}) (Version: 10.5.2 - McAfee, Inc.)
MDOP MBAM (HKLM\...\{1B0FF767-2365-4E2B-91D1-93D442944055}) (Version: 2.5.0244.0 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4945.1001 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM-x32\...\{90160000-001F-0407-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office Nyelvi ellenőrző eszközök 2016 – magyar (HKLM-x32\...\{90160000-001F-040E-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools 2016 - Afrikaans (HKLM-x32\...\{90160000-001F-0436-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools 2016 - Bahasa Melayu (HKLM-x32\...\{90160000-001F-043E-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools 2016 – български (HKLM-x32\...\{90160000-001F-0402-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools 2016 - اللغة العربية (HKLM-x32\...\{90160000-001F-0401-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools 2016 - हिंदी (HKLM-x32\...\{90160000-001F-0439-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2013 (HKLM-x32\...\Office15.PROOFKIT) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 언어 교정 도구 2016 - 한국어 (HKLM-x32\...\{90160000-001F-0412-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office 校对工具 2016 - 简体中文 (HKLM-x32\...\{90160000-001F-0804-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office 校正ツール 2016 - 日本語 (HKLM-x32\...\{90160000-001F-0411-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft Office 校訂工具 2016 - 繁體中文 (HKLM-x32\...\{90160000-001F-0404-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft redistributable runtime DLLs VS2005 SP1(x86) (HKLM-x32\...\{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}) (Version: 8.0.50727.4053 - SAP)
Microsoft redistributable runtime DLLs VS2008 SP1(x86) (HKLM-x32\...\{A47A9101-6EB5-4314-BDA1-297880FBB908}) (Version: 9.0 - SAP AG)
Microsoft redistributable runtime DLLs VS2010 SP1 (x86) (HKLM-x32\...\{2385C070-EC26-4AB9-8718-E605C977C0ED}) (Version: 10.0.40219.1 - SAP)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.17.1 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 fr) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 fr)) (Version: 54.0.1 - Mozilla)
Mozilla Firefox 55.0.3 (x64 fr) (HKLM\...\Mozilla Firefox 55.0.3 (x64 fr)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (HKLM-x32\...\{90150000-001F-0415-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM-x32\...\{90160000-001F-0415-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM-x32\...\{90160000-001F-0405-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Node.js (HKLM\...\{9CB432A8-2DC4-4AA3-BF63-9A2AE489B167}) (Version: 6.11.4 - Node.js Foundation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4945.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4945.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4945.1001 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{5C38E4A7-9778-4C51-8021-61759600D96A}) (Version: 14.9.0.2539 - Citrix Systems, Inc.) Hidden
Orodja za preverjanje za Microsoft Office 2013 – slovenščina (HKLM-x32\...\{90150000-001F-0424-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM-x32\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
PDF-XChange PRO x64 6.0.317.1 (HKLM\...\{FDEE9B63-F8FF-459D-96D0-115138EB6C72}) (Version: 6.0.317.1 - Tracker Software Products (Canada) Ltd.)
Python 3.4.0 (64-bit) (HKLM\...\{863162a8-ecc2-35ea-bdf7-e09ac456e164}) (Version: 3.4.150 - Python Software Foundation)
Python 3.5.0 (64-bit) (HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\{e599f76f-2b95-44da-a280-77548b1b2a21}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.0 Add to Path (64-bit) (HKLM\...\{810503AC-4E50-4A21-BD5A-BFA973480B35}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Core Interpreter (64-bit) (HKLM\...\{9D059C5B-80A5-46AA-BC8A-FD41E89D0A49}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Development Libraries (64-bit) (HKLM\...\{6EA6724A-71C6-43EE-BE9F-80E3C0DC8A4F}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Documentation (64-bit) (HKLM\...\{3B016F3B-917E-477F-920A-BBBA12E09F8B}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Executables (64-bit) (HKLM\...\{9C67D7CC-26D3-4535-9D0A-F4591AD9B11F}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Launcher (32-bit) (HKLM-x32\...\{A095BD6B-4F39-46A4-9AA1-8F7296492974}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 pip Bootstrap (64-bit) (HKLM\...\{6ADAF31E-EEE6-4251-BE5A-EFD7868D3930}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Standard Library (64-bit) (HKLM\...\{5741118B-D61A-4F27-BB80-0CAED22FE20B}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Tcl/Tk Support (64-bit) (HKLM\...\{47483182-8783-45CB-9120-77FDB241E2FF}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Test Suite (64-bit) (HKLM\...\{B2AB1292-01D1-4972-BF56-43531A2AA3BA}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Utility Scripts (64-bit) (HKLM\...\{2B5129D0-C4C1-4322-8888-D0B6CDA6DCD2}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7746 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM-x32\...\{90160000-001F-0416-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SAP Business Explorer (HKLM-x32\...\SAPBI) (Version: 7.30 - SAP AG)
SAP Communication PPT Presentation Wizard 2017.3 (HKLM-x32\...\{DECD9416-9049-45E9-888E-31BDB76D7802}) (Version: 2017.3 - SAP Communication)
SAP Fonts 2013 (HKLM-x32\...\{2AE73D57-0FDB-47D5-B195-00C9BF3098B2}) (Version: 2013 - SAP)
SAP GUI for Windows 7.40 (Patch 12) (HKLM-x32\...\SAPGUI) (Version: 7.40 Compilation 3 - SAP SE)
SAP HANA Cloud Connector (HKLM\...\{018F5128-1795-4573-9528-F842531A46DE}) (Version: 2.9.0.2 - SAP)
SAP IT Client Migration Wizard 2016 2.0.2 (HKLM-x32\...\{3BA8A814-8207-468C-8067-43F7BF50693A}) (Version: 2.0.2 - SAP IT)
SAP IT MusicOnHoldFileForLync 1.0 (HKLM\...\{8AB1E204-BE7E-450F-B6D2-2E711A48CD71}) (Version: 1.0 - SAP IT)
SAP IT Raccount SE (HKLM\...\{C5CE7B4B-9F72-474D-A8EA-7C2F7592FCE4}) (Version: 1.4 - SAP IT)
SAP IT Windows 8 Logon Icon 1.0 (HKLM-x32\...\{268C2CDE-A133-420E-8958-7C2512C6F767}) (Version: 1.0 - SAP IT)
SAP Mobile Platform SDK 3.0 SP13 (HKLM\...\570a03218011079f3aee0f2964c764ba920482880) (Version: 3.0.13.0 - SAP SE)
SAP Secure Login Client (x64) (HKLM\...\Secure Login Client (x64)) (Version: 3.0.2.1.0 - SAP AG)
SAP Workforce Performance Builder SLC Player 9.4.0.111 (HKLM-x32\...\{DA46712E-B8B6-4466-8003-9B5CDCF78F31}) (Version: 9.4.0111 - SAP AG)
SAPscript Legacy Text Editor (HKLM-x32\...\SAPScriptEditorControls) (Version: - SAP SE)
Self-Service Plug-in (HKLM-x32\...\{C7E328BE-E4FF-4D07-B848-1179C42C8AD4}) (Version: 4.9.0.2528 - Citrix Systems, Inc.) Hidden
Skype Quality Adviser (HKLM-x32\...\{BD1C5F81-2AE5-477B-8BC5-8D52394DD0CF}) (Version: 4.0.4.3 - SAP)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM-x32\...\{90160000-001F-0410-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Sublime Text Build 3143 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.85 - Synaptics Incorporated)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM-x32\...\{90160000-001F-0413-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Telerik Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.6.2.32002 - Telerik)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (HKLM-x32\...\{90160000-001F-083C-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows Driver Package - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict)
WinRAR (64-bit) 5.31.0 (HKLM\...\{F8B0145A-8891-47EA-8160-E0CA22B851F7}) (Version: 5.31.0 - win.rar GmbH)
Yarn (HKLM-x32\...\{918E1EC4-5148-4150-B711-8A69AE9BAF37}) (Version: 1.3.2 - Yarn Contributors)
YTD Video Downloader 5.9.0 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.9.0 - GreenTree Applications SRL) <==== ATTENTION
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2013 - Ελληνικά (HKLM-x32\...\{90150000-001F-0408-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2013 – українська мова (HKLM-x32\...\{90150000-001F-0422-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2013 — русский (HKLM-x32\...\{90150000-001F-0419-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (HKLM-x32\...\{90160000-001F-0419-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
כלי ההגהה של Microsoft Office 2013 - עברית (HKLM-x32\...\{90150000-001F-040D-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (HKLM-x32\...\{90160000-001F-040D-0000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\RarExt.dll [2016-02-03] (Alexander Roshal)
ContextMenuHandlers1: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\RarExt32.dll [2016-02-03] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-07-30] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-11-05] (NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\RarExt.dll [2016-02-03] (Alexander Roshal)
ContextMenuHandlers6: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\RarExt32.dll [2016-02-03] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2003EF10-A7A7-4904-9521-44E8FA08AF84} - System32\Tasks\SAP IT\SAP-NAP => powershell.exe -NoProfile -WindowStyle Hidden -ExecutionPolicy AllSigned -File "%programfiles%\SAP-IT\SAP-NAP\SAP-NAP.ps1" <==== ATTENTION
Task: {2A4F95CC-8AB1-46B9-8E88-FD7CC0070BDD} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2017-09-12] (Microsoft Corporation)
Task: {35A73488-2B14-44B2-B0CE-9AF570121C7C} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-02-23] (Realtek Semiconductor)
Task: {362BA806-2178-46F0-824B-0E59F358CF8F} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Passport for Work Certificate Enrollment Task => C:\Windows\system32\wbem\wmic.exe [2015-10-30] (Microsoft Corporation)
Task: {3AA5C15D-97EA-4561-BBAE-343B472129D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-09-12] (Microsoft Corporation)
Task: {3B63BC48-B31B-46E3-997F-0CB645B0DB7A} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Idle Detection
Task: {45659455-D9F5-4022-8B2B-661248F206C8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-29] (Adobe Systems Incorporated)
Task: {49B0D527-742B-43D4-A536-2D9B1027E709} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}
Task: {66C12B49-8480-43C4-A862-5124B4AB6D36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-30] (Google Inc.)
Task: {67CFFCEB-A430-4BDB-BA32-406784FA57B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-30] (Google Inc.)
Task: {6F72DB16-773E-4C20-A04A-2BEE5577232B} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-02-23] (Realtek Semiconductor)
Task: {848F81D8-1B12-4CE4-BF9E-5665EEC4A3B9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {9671028C-34A1-4EB7-8504-5F5B384C778E} - System32\Tasks\HF_BOOT_TASK_JOB (INSTALL_STATE_UPDATE) => C:\ProgramData\Shavlik\Installation\InstallationSandbox#2016-09-06-T-19-11-53\SafeReboot.exe [2014-07-28] (LANDESK Software, Inc.)
Task: {96C62F12-57C6-45BA-BFD4-BC2F6600BAAA} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Health Evaluation => C:\Windows\CCM\ccmeval.exe [2017-04-11] (Microsoft Corporation)
Task: {B09D2202-5408-45A0-93FA-EF50FD1247F8} - System32\Tasks\Credmanager => powershell.exe -noprofile -command "&{cd C:\Users\Public\SAP-IT\CredentialManager; C:\Users\Public\SAP-IT\CredentialManager\AddCredential.ps1}"
Task: {B6C6D522-FEB9-4293-B003-6D56CE659C1E} - System32\Tasks\SAP IT\SAP_W10_IT_Firstrun => C:\program files (x86)\SAP IT\FirstRun\run.vbs [2016-03-14] ()
Task: {BB4C9AFA-0933-45F3-A52D-D49D52F138AB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-02-23] (Realtek Semiconductor)
Task: {BF43D33A-A5B4-4F4F-BD5A-134DE7EA097F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-09-12] (Microsoft Corporation)
Task: {C507A621-8659-4675-81E1-703EEC4CB565} - System32\Tasks\SAP IT\Set DynDNS => cscript.exe \\global.corp.sap\netlogon\Scripts\Dyndns\_DSSO_AD\setDynDnsAD.vbs
Task: {C631CA95-2C71-493D-B448-A851B02C5F33} - System32\Tasks\SAP IT\Reg_DNS_Upd_V4 => powershell -command "& {{Start-Process -F 'cmd' -A '/c ipconfig /registerdns' -N -Wait }; Exit 0}"
Task: {D3802E03-6F39-4DC1-924C-BDA92809C7EF} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}
Task: {ED0912DD-05FF-4756-8A49-6538AD641381} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {F785A48C-4E8A-4681-8E94-E151142FC923} - System32\Tasks\SCCM_Client_Check => powershell.exe -NonInteractive -noprofile -WindowStyle Hidden -ExecutionPolicy bypass -file \\ecs\remediation\SCCM_Tools\Fix-BrokenSCCM.ps1
Task: {FC698EF9-711E-43B0-863A-B09D69F18ADD} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\i063859\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Advanced REST client.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hgmloofddffdnphfgcellkdfbfbjeloo
ShortcutWithArgument: C:\Users\i063859\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\mydlink services plugin.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ldibdoepbjbkkcbgndfljnphngpglhbb
ShortcutWithArgument: C:\Users\i063859\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Postman.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fhbjgbiflinjbdggehcddcbncdddomop
==================== Loaded Modules (Whitelisted) ==============
2016-08-30 12:39 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-06-14 07:47 - 2017-06-14 07:47 - 000152656 _____ () C:\Program Files\McAfee\Agent\libuv.dll
2017-06-14 08:21 - 2017-06-14 08:21 - 000028224 _____ () C:\Program Files\McAfee\Agent\trex.dll
2017-06-14 07:46 - 2017-06-14 07:46 - 000033856 _____ () C:\Program Files\McAfee\Agent\libini.dll
2017-06-14 08:20 - 2017-06-14 08:20 - 000559128 _____ () C:\Program Files\McAfee\Agent\sqlite.dll
2017-06-14 08:23 - 2017-06-14 08:23 - 000121176 _____ () C:\Program Files\McAfee\Agent\zlib.dll
2017-06-14 08:18 - 2017-06-14 08:18 - 000058680 _____ () C:\Program Files\McAfee\Agent\MXML.dll
2016-12-05 06:07 - 2016-12-05 06:07 - 001007560 _____ () C:\Program Files (x86)\Hewlett-Packard\Discovery Agent\bin32\discagnt.exe
2017-03-28 13:11 - 2017-03-04 06:31 - 000185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-08-30 11:22 - 2015-11-05 12:49 - 000126072 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-09-27 16:32 - 2017-09-05 10:31 - 002656960 _____ () C:\Windows\System32\CoreUIComponents.dll
2017-03-17 08:48 - 2017-01-31 13:34 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-08-30 19:51 - 2016-08-30 20:02 - 000144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-13 13:53 - 2016-02-13 13:53 - 000093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-09-27 16:00 - 2016-07-01 04:48 - 000472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2017-03-28 13:10 - 2017-03-04 04:19 - 007992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-28 13:11 - 2017-03-04 04:14 - 000591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-27 16:32 - 2017-09-05 05:03 - 002483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-09-27 16:32 - 2017-09-05 05:06 - 004089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-11-16 09:46 - 2017-11-10 10:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-16 09:46 - 2017-11-10 10:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
2015-10-28 12:46 - 2015-10-28 12:46 - 000076528 _____ () C:\Program Files (x86)\Iron Mountain\Connected BackupPC\SDK8.dll
2017-02-06 04:27 - 2017-02-06 04:27 - 000889672 _____ () C:\Program Files (x86)\Deutsche Telekom\Global Corporate Access\bin\System.Data.SQLite.dll
2017-02-06 04:27 - 2017-02-06 04:27 - 000038728 _____ () C:\Program Files (x86)\Deutsche Telekom\Global Corporate Access\bin\ThemisLib.dll
2017-02-06 04:27 - 2017-02-06 04:27 - 000014152 _____ () C:\Program Files (x86)\Deutsche Telekom\Global Corporate Access\bin\NetworkAssessLib.dll
2017-02-06 04:27 - 2017-02-06 04:27 - 000024904 _____ () C:\Program Files (x86)\Deutsche Telekom\Global Corporate Access\bin\RTNLib.dll
2017-06-14 07:46 - 2017-06-14 07:46 - 000141800 _____ () C:\Program Files\McAfee\Agent\x86\libuv.dll
2017-06-14 08:20 - 2017-06-14 08:20 - 000027128 _____ () C:\Program Files\McAfee\Agent\x86\trex.dll
2017-06-14 07:46 - 2017-06-14 07:46 - 000029208 _____ () C:\Program Files\McAfee\Agent\x86\libini.dll
2017-06-14 08:20 - 2017-06-14 08:20 - 000434624 _____ () C:\Program Files\McAfee\Agent\x86\sqlite.dll
2017-06-14 08:18 - 2017-06-14 08:18 - 000048848 _____ () C:\Program Files\McAfee\Agent\x86\MXML.dll
2016-08-30 19:51 - 2016-08-30 20:02 - 000141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-08-30 19:51 - 2016-08-30 20:02 - 022284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\corp.sap -> hxxps://*.global.corp.sap
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\*.global -> hxxps://*.global
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\amadeus.com -> hxxps://amadeus.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\ariba.com -> hxxp://sapconcur.procurement-eu.ariba.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\bcdtravel.com -> hxxps://bcdtravel.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\bluebottlebiz.com -> hxxps://bluebottlebiz.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\box.net -> hxxps://sso.services.box.net
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\brainshark.com -> hxxps://www.brainshark.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\btslearning.com -> hxxps://www.btslearning.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\btspulse.com -> hxxps://sap.btspulse.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\checkmytrip.com -> hxxps://checkmytrip.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\concur.com -> hxxp://webmail.concur.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\concurmessaging.com -> hxxps://concurmessaging.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\concursolutions.com -> hxxps://concursolutions.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\concursolutions.com -> hxxp://concursolutions.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\concurtech.org -> hxxps://concur.concurtech.org
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\contgo.com -> hxxps://contgo.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\corp.sap -> hxxps://*.global.corp.sap
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\cubetree.com -> hxxps://cubetree.com
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\datanet.de -> hxxps://datanet.de
IE trusted site: HKU\S-1-5-21-74642-3284969411-2123768488-96017\...\datasltn.com -> hxxps://datasltn.com
There are 64 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 08:24 - 2017-01-31 12:40 - 000001186 _____ C:\Windows\system32\Drivers\etc\hosts
54.87.174.2 vhcals4hci vhcals4hci.dummy.nodomain
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-74642-3284969411-2123768488-96017\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\sap_wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{13132F38-260E-4282-9799-51D8DA51DD81}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe
FirewallRules: [{7673CC42-CD9A-4DFB-B397-FE0F5DDD4788}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe
FirewallRules: [{9FB2FAD2-3D59-4864-B558-09DC2C920CDA}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe
FirewallRules: [{5343CF97-2A57-43B1-AD9D-03B3A25D1969}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe
FirewallRules: [{656F1135-8FCE-4C09-95D6-FA86779DAF73}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe
FirewallRules: [{45BAECBF-7431-4F4B-89E7-E733F2EBDCE1}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe
FirewallRules: [{95943FD2-C598-442B-BCD9-D589099DF814}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{53DA9224-53E4-453F-8152-B826A4BFFA3F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{98B6B2BB-37C1-427E-A4F5-AB29AD2CE54C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{6D01FEDF-BB53-4AA8-9C01-52513BDEFE60}] => (Allow) C:\Program Files (x86)\Iron Mountain\Connected BackupPC\ConnectedAgent.exe
FirewallRules: [{1A0F14AF-C763-4EDB-AB6B-0E95D184CE55}] => (Allow) C:\Program Files (x86)\Iron Mountain\Connected BackupPC\ConnectedAgent.exe
FirewallRules: [{A63F4AC4-86AA-476A-AA66-D71ECD92050D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ADCF5A3F-C987-4CC0-8B1B-9B46E77F465F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Discovery Agent\bin32\discagnt.exe
FirewallRules: [{9E0E762E-3163-4B12-8379-43287145CAAC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Discovery Agent\bin32\discagnt.exe
FirewallRules: [{E7022EB9-092D-4D1A-B4C5-C07EFA3C56E8}] => (Allow) C:\Program Files (x86)\Iron Mountain\Connected BackupPC\ConnectedAgent.exe
FirewallRules: [{6BE11B8C-E618-42D6-936A-CEA12ECFCFF5}] => (Allow) C:\Program Files (x86)\Iron Mountain\Connected BackupPC\ConnectedAgent.exe
FirewallRules: [{FD885E50-1A52-4B24-B7EF-A81F66102BEF}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{00A7508B-CA25-480C-9FA1-9BB7F3B58D11}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{5A8C89E6-F6C4-4025-88CF-FCE0A8A2654F}] => (Allow) C:\Program Files (x86)\Iron Mountain\Connected BackupPC\ConnectedAgent.exe
FirewallRules: [{D0E949FB-5178-4BB2-93F6-7CCA0E532415}] => (Allow) C:\Program Files (x86)\Iron Mountain\Connected BackupPC\ConnectedAgent.exe
FirewallRules: [{33A0BD2A-DB3D-4C55-BC80-545B4114B7D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DC926158-75BE-4444-AAB5-85B05603C2BC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{50CC7977-CEA0-46B8-8BC8-D111F9F5747A}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{E7DF354E-335A-46F5-9AB1-5A1C3E244778}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{9BBE30F1-560A-420F-BA34-2A0AA27C7142}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{68415656-8A03-40CD-AF8F-EE8DC4462098}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{3EE92078-EF11-4DFC-AA9B-92470CDFF3F0}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{DF9FF965-7F8C-44BC-802D-F2D18F5E6D39}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{C2424CDF-52CD-4A7A-977A-EDD88F488BFC}] => (Allow) C:\Users\i063859\Downloads\wizard\autorun.exe
FirewallRules: [{EB0CB0EA-91A6-4395-85DF-0B0365ED36DB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{169AFE98-0F3C-4F2D-BA03-98C2CF39CE34}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{002C029E-8C05-4A49-9364-1D0F54E0274E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name: TunnelBear Adapter V9
Description: TunnelBear Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TunnelBear Provider V9
Service: tap-tb-0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/03/2017 09:47:54 AM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18056
ExP:DEP Heap Bloqué une tentative d'exploit de C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE.
Error: (12/03/2017 02:13:48 AM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18056
ExP:DEP Heap Bloqué une tentative d'exploit de C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE.
Error: (12/03/2017 02:10:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: GLOBAL)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (12/03/2017 01:50:52 AM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=1095
GLOBAL\I063859 a exécuté CHROME.EXE, qui a accédé à C:\USERS\I063859\DOWNLOADS\KIESSETUP.EXE, d'une manière contraire à la règle « Navigateurs lançant des fichiers depuis le dossier Fichiers programmes téléchargés ». L'accès a été autorisé car la règle n'était pas configurée de sorte à bloquer l'accès.
Error: (12/02/2017 09:53:26 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18056
ExP:DEP Heap Bloqué une tentative d'exploit de C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE.
Error: (12/02/2017 01:48:20 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=1095
GLOBAL\I063859 a exécuté CHROME.EXE, qui a accédé à C:\USERS\I063859\DOWNLOADS\FRST64.EXE, d'une manière contraire à la règle « Navigateurs lançant des fichiers depuis le dossier Fichiers programmes téléchargés ». L'accès a été autorisé car la règle n'était pas configurée de sorte à bloquer l'accès.
Error: (12/02/2017 01:37:15 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=1095
GLOBAL\I063859 a exécuté CHROME.EXE, qui a accédé à C:\USERS\I063859\DOWNLOADS\HOUSECALLLAUNCHER64.EXE, d'une manière contraire à la règle « Navigateurs lançant des fichiers depuis le dossier Fichiers programmes téléchargés ». L'accès a été autorisé car la règle n'était pas configurée de sorte à bloquer l'accès.
Error: (12/02/2017 01:36:28 PM) (Source: Group Policy Shortcuts) (EventID: 8194) (User: NT AUTHORITY)
Description: The client-side extension could not apply user policy settings for 'GPO_UC_IE {62BE36DE-E9C7-490F-A445-ADE698683A0C}' because it failed with error code '0x80070035 The network path was not found.'%apply00790275
Error: (12/02/2017 01:36:28 PM) (Source: Group Policy Registry) (EventID: 8194) (User: NT AUTHORITY)
Description: The client-side extension could not apply user policy settings for 'GPO_UC_Edge {18F1FECA-5A1B-4588-96D3-B281695DC9FB}' because it failed with error code '0x80070035 The network path was not found.'%apply00790275
Error: (12/02/2017 01:36:28 PM) (Source: Group Policy Files) (EventID: 8194) (User: NT AUTHORITY)
Description: The client-side extension could not apply user policy settings for 'GPO_UC_IE {62BE36DE-E9C7-490F-A445-ADE698683A0C}' because it failed with error code '0x80070035 The network path was not found.'%apply00790275
System errors:
=============
Error: (12/03/2017 09:43:07 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: GLOBAL)
Description: 1 failed.
GPO Name : GPO_UC_LogonScripts
GPO File System Path : \\global.corp.sap\sysvol\global.corp.sap\Policies\{4D75ECED-B4A7-47DB-85F5-E59B1C8AA8FB}\User
Script Name: %LogonServer%\NETLOGON\Logon.bat
Error: (12/03/2017 09:43:07 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: GLOBAL)
Description: 1 failed.
GPO Name : GPO_UC_SSO_CR
GPO File System Path : \\global.corp.sap\sysvol\global.corp.sap\Policies\{988A2044-AC1A-443C-A37B-D506852E8751}\User
Script Name: Delete-SAP_ALL-SSO_CA-certs.ps1
Error: (12/03/2017 09:43:07 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: GLOBAL)
Description: 1 failed.
GPO Name : GPO_UC_Printer_Migration
GPO File System Path : \\global.corp.sap\sysvol\global.corp.sap\Policies\{1D8A4517-3340-4306-A42B-351FFC58152B}\User
Script Name: %logonserver%\netlogon\printerMigration\SAP_Printer.ps1
Error: (12/03/2017 09:43:01 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: GLOBAL)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
Error: (12/03/2017 09:43:00 AM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain GLOBAL due to the following:
There are currently no logon servers available to service the logon request.
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
Error: (12/03/2017 09:42:39 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
Error: (12/03/2017 02:14:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_18aaf6 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (12/03/2017 02:14:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_18aaf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (12/03/2017 02:11:53 AM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain GLOBAL due to the following:
There are currently no logon servers available to service the logon request.
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
Error: (12/03/2017 02:11:12 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Group Policy Client service did not shut down properly after receiving a preshutdown control.
CodeIntegrity:
===================================
Date: 2017-11-30 14:58:47.294
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-29 04:57:55.637
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-22 18:32:42.694
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-26 13:00:37.314
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-24 21:04:29.165
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-24 12:10:56.804
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-23 09:35:29.990
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-29 13:28:13.013
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-27 18:45:53.768
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-26 14:46:17.957
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4910MQ CPU @ 2.90GHz
Percentage of memory in use: 33%
Total physical RAM: 16263.54 MB
Available physical RAM: 10847.7 MB
Total Virtual: 17287.54 MB
Available Virtual: 11180.46 MB
==================== Drives ================================
Drive c: (OSDisk) (Fixed) (Total:475.87 GB) (Free:306.41 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 03A644DE)
Partition: GPT.
==================== End of Addition.txt ============================