Laptop cannot find any network connections

**Malnutrition** · 06-15-2019, 09:48 PM

Also save the fixlist to your desktop. To download click here.

Make sure the fixlist and FRST are on your desktop as in the picture below then click the fix button.
The machine will reboot and create a log post that here.
[ATTACH type=“full” alt=“4845”]4845[/ATTACH]

**akotski1338** · 06-15-2019, 10:26 PM

OK I’ve done it here are the logs

**Malnutrition** · 06-15-2019, 10:31 PM

No, this log does not represent that you have completed the step correctly. I need the log created after the machine reboots.

**Malnutrition** · 06-15-2019, 10:33 PM

It will be named fixlog.

**akotski1338** · 06-15-2019, 10:34 PM

im sorry all my logs are disorganized. here is the correct one i think

**Malnutrition** · 06-15-2019, 10:46 PM

Hijack This Fix.

Start HijackThis , Right Click Run as Admin.
Close all other open programs prior to running this tool!!
Click System Scan Only.
Then check mark the items listed below.

[COLOR=rgb(184, 49, 47)]O4 - HKCU..\StartupApproved\Run: [Chromium] = c:\users\pavel\appdata\local\chromium\application\ chrome.exe --auto-launch-at-startup --profile-directory=“Default” --restore-last-session --restore-last-session (2019/02/19)
[COLOR=rgb(184, 49, 47)]O4 - HKCU..\StartupApproved\Run: [Discord] = C:\Users\Pavel\AppData\Local\Discord\app-0.0.305\Discord.exe (2019/02/19)
O4 - HKCU..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLaun cher.exe -silent (file missing) (2019/03/20)
O4 - HKCU..\StartupApproved\Run: [McAfeeSafeConnect] = C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe (file missing) (2019/02/19)
O4 - HKCU..\StartupApproved\Run: [World of Tanks] = C:\Games\World_of_Tanks\WargamingGameUpdater.exe (file missing) (2019/02/19)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] = C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (file missing)
O4 - HKLM..\Run: [iTunesHelper] = C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM..\StartupApproved\Run32: [AirBackupHelper] = C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe (2019/03/20)
O4 - HKLM..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2019/02/19)
O4 - HKLM..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2019/02/19)
O4-32 - HKLM..\Run: [AmazonBasics gaming software] = C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe “Hide”
O4-32 - HKLM..\Run: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O22 - Task: \Microsoft\Windows\ApplicationData\CleanupTemporar yState - C:\Windows\system32 (file missing)
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; “ServiceDll” = C:\Windows\system32\diagtrack.dll
[COLOR=rgb(184, 49, 47)]O23 - Service S2: Update Mgr HooplaSearch - C:\Program Files (x86)\Common Files\fb4c7509-7895-4257-8cc3-e92949418b04\updater.exe (file missing)

Now click on fix checked.
After the fix is complete, then reboot your machine.

Temp File Cleaner.

[ul]
[li] Note: This program may very well reboot your machine. Save any work prior to running.[/li][li]Clean up your temp files with TFC.exe[/li][li]Save it to your desktop.[/li][li]Right click run as admin.[/li][/ul][/COLOR][/COLOR][/COLOR]

**Malnutrition** · 06-15-2019, 10:51 PM

Finally a log from ZHP Diag This tool looks in the areas that malware likes to hide from conventional tools.

The site is in French so the download button is the same as the picture below..

[ATTACH type=“full” alt=“4848”]4848[/ATTACH]

ZHP Diag Scan Click here to download.

Right Click Run as Admin.
Click the Options button.

Click on Check All
Then Click Validate
Then click close.

Forums - PC Help Forum

https://pchelpforum.net/attachments/upload_2017-4-26_17-16-39-png.2074/

PCHF Forums

2. Click the Scanner button.

Forums - PC Help Forum

https://pchelpforum.net/attachments/upload_2017-2-23_3-32-26-png.1647/

PCHF Forums

When complete please push the report button.
A notepad will open… copy and paste the report in your next reply.

**akotski1338** · 06-15-2019, 11:10 PM

the log was in a html format. here it is: file:///C:/Users/Pavel/AppData/Roaming/ZHP/ZHPDiag.html

**Malnutrition** · 06-15-2019, 11:16 PM

Open your browser and copy and paste [COLOR=rgb(0, 0, 0)] file:///C:/Users/Pavel/AppData/Roaming/ZHP/ZHPDiag.html into a new tab. Copy the log and paste it here.[/COLOR]

**Malnutrition** · 06-15-2019, 11:17 PM

Also, there should be a copy of the log on your desktop named ZHPDiag

**akotski1338** · 06-15-2019, 11:17 PM

ok here

~ ZHPDiag v2019.6.15.85 By Nicolas Coolman (2019/06/15)
~ Run by Pavel (Administrator) (2019/06/15 16:05:11)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: ZHP
~ Certificate ZHPDiag: Legal
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\Pavel\Desktop\ZHPDiag.txt
~ Report: C:\Users\Pavel\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 8.1 Pro, 64-bit (Build 9600) =>.Microsoft Corporation

—\ Internet Browsers (2) - 0s
~ GCIE: Google Chrome v75.0.3770.90
~ MSIE: Internet Explorer v11.0.9600.19204

—\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK

—\ System protection software (1) - 0s
Avast Free Antivirus v19.5.2378 (Protection)

—\ Surveillance software (1) - 0s
~ Adobe Flash Player 32 PPAPI (Surveillance)

—\ System optimization software (1) - 0s
~ CCleaner v5.58 (Optimisation)

—\ Informations on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 8271.412 MB (68% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 84 GB (17%) free of 476 GB : OK =>.Disk Space

—\ Connection to the system mode (3) - 0s
~ Computer Name: ASUSGAMING
~ User Name: Pavel
~ Logged in as Administrator

—\ Enumeration of the disk units (1) - 0s
~ Drive C: has 84 GB free of 476 GB (System)

—\ State of the Windows Security Center (11) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\policies\system] EnableLUA: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

—\ Search Generic System Files (24) - 1s
[MD5.ED6B4C95E2A6D67480B9DBB8A8E7D9B4] - 27/08/2016 - (.Microsoft Corporation - Windows Explorer.) – C:\Windows\Explorer.exe [2755504] =>.Microsoft Windows®
[MD5.6C308D32AFA41D26CE2A0EA8F7B79565] - 28/10/2014 - (.Microsoft Corporation - Windows host process (Rundll32).) – C:\Windows\System32\rundll32.exe [54784] =>.Microsoft Corporation
[MD5.D9516405E05F24EDCD90B1988FAF3948] - 14/01/2017 - (.Microsoft Corporation - Windows Start-Up Application.) – C:\Windows\System32\Wininit.exe [146944] =>.Microsoft Corporation
[MD5.BFC1A5FE582039169541576B6E8B2D42] - 12/11/2018 - (.Microsoft Corporation - Internet Extensions for Win32.) – C:\Windows\System32\wininet.dll [4859904] =>.Microsoft Corporation
[MD5.4294D7AD504EA206A4A03DB29311B6C2] - 01/01/2018 - (.Microsoft Corporation - Windows Logon Application.) – C:\Windows\System32\Winlogon.exe [571392] =>.Microsoft Corporation
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - 21/12/2013 - (.Microsoft Corporation - Software Licensing Library.) – C:\Windows\System32\sppcomapi.dll [447488] =>.Microsoft Corporation
[MD5.C9C6033116C4F7128AC11A7096765E92] - 08/06/2018 - (.Microsoft Corporation - DNS Client API DLL.) – C:\Windows\System32\dnsapi.dll [656384] =>.Microsoft Corporation
[MD5.E38864C62641DF22A4AFD2B6C59BD61B] - 08/06/2018 - (.Microsoft Corporation - DNS Client API DLL.) – C:\Windows\Syswow64\dnsapi.dll [499200] =>.Microsoft Corporation
[MD5.B246BEE99740A2A357E21D863A18774D] - 10/01/2018 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\Windows\System32\drivers\AFD.sys [559616] =>.Microsoft Corporation
[MD5.74B14192CF79A72F7536B27CB8814FBD] - 22/08/2013 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\Windows\System32\drivers\atapi.sys [26464] =>.Microsoft Corporation
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - 22/08/2013 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\Windows\System32\drivers\Cdfs.sys [88576] =>.Microsoft Corporation
[MD5.D61EDE3D49B04E703AEC3B111C763F42] - 05/12/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\Windows\System32\drivers\Cdrom.sys [165376] =>.Microsoft Corporation
[MD5.D1049D4D1311D43F6FCF180CAA5BF78B] - 01/01/2018 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\Windows\System32\drivers\DfsC.sys [138752] =>.Microsoft Corporation
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - 24/07/2014 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\Windows\System32\drivers\HDAudBus.sys [76800] =>.Microsoft Corporation
[MD5.49EE0AE9E5B64FFBBD06D55C4984B598] - 03/11/2014 - (.Microsoft Corporation - i8042 Port Driver.) – C:\Windows\System32\drivers\i8042prt.sys [108544] =>.Microsoft Corporation
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - 27/11/2013 - (.Microsoft Corporation - IP Network Address Translator.) – C:\Windows\System32\drivers\IpNat.sys [142848] =>.Microsoft Corporation
[MD5.58F495747F93F5ED547A08E414168905] - 01/09/2018 - (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\Windows\System32\drivers\MRxSmb.sys [401920] =>.Microsoft Corporation
[MD5.0FE750800DEEE91D22399D081371BA79] - 10/08/2017 - (.Microsoft Corporation - MBT Transport driver.) – C:\Windows\System32\drivers\netBT.sys [281600] =>.Microsoft Corporation
[MD5.1AA900CB97BE3106D1E01461088B76CC] - 08/09/2018 - (.Microsoft Corporation - NT File System Driver.) – C:\Windows\System32\drivers\ntfs.sys [2014136] =>.Microsoft Corporation
[MD5.57DCE4FB0467986AE78E1C6FC5240D32] - 11/08/2016 - (.Microsoft Corporation - Parallel Port Driver.) – C:\Windows\System32\drivers\Parport.sys [96256] =>.Microsoft Corporation
[MD5.235624C147E3CB4C288D5D3D8E8D64A2] - 02/02/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\Windows\System32\drivers\Rasl2tp.sys [112640] =>.Microsoft Corporation
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - 22/08/2013 - (.Microsoft Corporation - Microsoft RDP Device redirector.) – C:\Windows\System32\drivers\rdpdr.sys [195584] =>.Microsoft Corporation
[MD5.576FA545FAB846B06E79B324160DE25C] - 01/08/2017 - (.Microsoft Corporation - TDI Translation Driver.) – C:\Windows\System32\drivers\tdx.sys [107520] =>.Microsoft Corporation
[MD5.17F7B0F2298D97F4B6C7A69511033D3D] - 14/03/2016 - (.Microsoft Corporation - Volume Shadow Copy Driver.) – C:\Windows\System32\drivers\volsnap.sys [316760] =>.Microsoft Corporation

—\ No disabled Windows Services (53) - 1s
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
O23 - Service: ASLDR Service (ASLDRService) . (.ASUSTek Computer Inc. - ASLDR Service.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe =>.ASUSTeK Computer Inc.®
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS - GFNEXSrv.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe =>.ASUSTeK Computer Inc.®
O23 - Service: C:\Windows\System32\AudioEndpointBuilder.dll (AudioEndpointBuilder) . (.Microsoft Corporation - Windows Audio Endpoint Builder.) - C:\Windows\System32\AudioEndpointBuilder.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\audiosrv.dll (Audiosrv) . (.Microsoft Corporation - Windows Audio Service.) - C:\Windows\System32\Audiosrv.dll =>.Microsoft Corporation
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - Avast Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
O23 - Service: C:\Windows\System32\bfe.dll (BFE) . (.Microsoft Corporation - Base Filtering Engine.) - C:\Windows\System32\bfe.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\qmgr.dll (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) - C:\Windows\System32\qmgr.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\system32\bisrv.dll (BrokerInfrastructure) . (.Microsoft Corporation - Background Tasks Infrastructure Service.) - C:\Windows\System32\bisrv.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\cryptsvc.dll (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) - C:\Windows\System32\cryptsvc.dll =>.Microsoft Corporation
O23 - Service: DbxSvc (DbxSvc) . (.Dropbox, Inc. - Dropbox Service.) - C:\Windows\System32\DbxSvc.exe =>.Dropbox, Inc.
O23 - Service: C:\Windows\System32\das.dll (DeviceAssociationService) . (.Microsoft Corporation - Device Association Service.) - C:\Windows\System32\das.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\umpnpmgr.dll (DeviceInstall) . (.Microsoft Corporation - User-mode Plug-and-Play Service.) - C:\Windows\System32\umpnpmgr.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dhcpcore.dll (Dhcp) . (.Microsoft Corporation - DHCP Client Service.) - C:\Windows\System32\dhcpcore.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dnsapi.dll (Dnscache) . (.Microsoft Corporation - DNS Caching Resolver Service.) - C:\Windows\System32\dnsrslvr.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wevtsvc.dll (EventLog) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe =>.Microsoft Windows Publisher®
O23 - Service: @comres.dll,-2450 (EventSystem) . (.Microsoft Corporation - COM+.) - C:\Windows\System32\es.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\FntCache.dll (FontCache) . (.Microsoft Corporation - Windows Font Cache Service.) - C:\Windows\System32\FntCache.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\PresentationHost.exe,-3309 (FontCache3.0.0.0) . (.Microsoft Corporation - PresentationFontCache.exe.) - C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\Pres entationFontCache.exe =>.Microsoft Corporation®
O23 - Service: @gpapi.dll,-112 (gpsvc) . (.Microsoft Corporation - Group Policy Client.) - C:\Windows\System32\gpsvc.dll =>.Microsoft Corporation
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation
O23 - Service: C:\Windows\System32\iphlpsvc.dll (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) - C:\Windows\System32\iphlpsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\srvsvc.dll (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) - C:\Windows\System32\srvsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wkssvc.dll (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) - C:\Windows\System32\wkssvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\lmhsvc.dll (lmhosts) . (.Microsoft Corporation - TCPIP NetBios Transport Services DLL.) - C:\Windows\System32\lmhsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\system32\lsm.dll (LSM) . (.Microsoft Corporation - Local Session Manager Service.) - C:\Windows\System32\lsm.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\mmcss.dll (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) - C:\Windows\System32\mmcss.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\FirewallAPI.dll (MpsSvc) . (.Microsoft Corporation - Microsoft Protection Service.) - C:\Windows\System32\mpssvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\nlasvc.dll (NlaSvc) . (.Microsoft Corporation - Network Location Awareness 2.) - C:\Windows\System32\nlasvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\nsisvc.dll (nsi) . (.Microsoft Corporation - Network Store Interface RPC server.) - C:\Windows\System32\nsisvc.dll =>.Microsoft Corporation
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe =>.NVIDIA Corporation®
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe =>.NVIDIA Corporation®
O23 - Service: C:\Windows\System32\pcasvc.dll (PcaSvc) . (.Microsoft Corporation - Program Compatibility Assistant Service.) - C:\Windows\System32\pcasvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\umpo.dll (Power) . (.Microsoft Corporation - User-mode Power Service.) - C:\Windows\System32\umpo.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\profsvc.dll (ProfSvc) . (.Microsoft Corporation - ProfSvc.) - C:\Windows\System32\profsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\system32\RpcEpMap.dll (RpcEptMapper) . (.Microsoft Corporation - RPC Endpoint Mapper.) - C:\Windows\System32\RpcEpMap.dll =>.Microsoft Corporation
O23 - Service: @combase.dll,-5010 (RpcSs) . (.Microsoft Corporation - Distributed COM Services.) - C:\Windows\System32\rpcss.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\schedsvc.dll (Schedule) . (.Microsoft Corporation - Task Scheduler Service.) - C:\Windows\System32\schedsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\Sens.dll (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) - C:\Windows\System32\sens.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\shsvcs.dll (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) - C:\Windows\System32\shsvcs.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\spoolsv.exe,-1 (Spooler) . (.Microsoft Corporation - Spooler SubSystem App.) - C:\Windows\System32\spoolsv.exe =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\sppsvc.exe,-101 (sppsvc) . (.Microsoft Corporation - Microsoft Software Protection Platform Serv.) - C:\Windows\System32\sppsvc.exe =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wiaservc.dll (stisvc) . (.Microsoft Corporation - Still Image Devices Service.) - C:\Windows\System32\wiaservc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\sysmain.dll (SysMain) . (.Microsoft Corporation - Superfetch Service Host.) - C:\Windows\System32\sysmain.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\system32\SystemEventsBrokerServer.dll (SystemEventsBroker) . (.Microsoft Corporation - System Events Broker.) - C:\Windows\System32\SystemEventsBrokerServer.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\themeservice.dll (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) - C:\Windows\System32\themeservice.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wcmsvc.dll (Wcmsvc) . (.Microsoft Corporation - Windows Connection Manager Service DLL.) - C:\Windows\System32\wcmsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wbem\wmisvc.dll (Winmgmt) . (.Microsoft Corporation - WMI.) - C:\Windows\System32\wbem\WMIsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wlansvc.dll (WlanSvc) . (.Microsoft Corporation - Windows WLAN AutoConfig Service DLL.) - C:\Windows\System32\wlansvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wscsvc.dll (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) - C:\Windows\System32\wscsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\SearchIndexer.exe,-103 (WSearch) . (.Microsoft Corporation - Microsoft Windows Search Indexer.) - C:\Windows\System32\SearchIndexer.exe =>.Microsoft Corporation

—\ Services not Microsoft (SR=Run, SS=Stop) (89) - 10s
SR - Boot [22/08/2013] [ 108896] (3ware) . (.LSI.) - C:\Windows\System32\drivers\3ware.sys =>.Microsoft Windows®
SS - Demand [11/06/2019] [ 335416] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe =>.Adobe Inc.®
SR - Boot [22/08/2013] [ 782176] (ADP80XX) . (.PMC-Sierra.) - C:\Windows\System32\drivers\ADP80XX.SYS =>.Microsoft Windows®
SR - Demand [06/03/2018] [ 48624] AnchorFree TAP-Windows Adapt (aftap0901) . (.The OpenVPN Project.) - C:\Windows\System32\DRIVERS\aftap0901.sys =>.AnchorFree Inc®
SR - Boot [22/08/2013] [ 79200] (amdsata) . (.Advanced Micro Devices.) - C:\Windows\System32\drivers\amdsata.sys =>.Microsoft Windows®
SR - Boot [22/08/2013] [ 259424] (amdsbs) . (.AMD Technologies Inc..) - C:\Windows\System32\drivers\amdsbs.sys =>.Microsoft Windows®
SR - Boot [22/08/2013] [ 25952] (amdxata) . (.Advanced Micro Devices.) - C:\Windows\System32\drivers\amdxata.sys =>.Microsoft Windows®
SR - Auto [29/04/2019] [ 96056] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
SR - Boot [22/08/2013] [ 114016] Adaptec SAS/SATA-II RAID S (arcsas) . (.PMC-Sierra, Inc..) - C:\Windows\System32\drivers\arcsas.sys =>.Microsoft Windows®
SR - Auto [26/03/2014] [ 115512] ASLDR Service (ASLDRService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe =>.ASUSTeK Computer Inc.®
SR - Auto [02/07/2009] [ 15416] ASMMAP64 (ASMMAP64) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys =>.ASUSTeK Computer Inc.®
SR - Boot [30/05/2019] [ 37104] aswArDisk (aswArDisk) . (.AVAST Software.) - C:\Windows\System32\drivers\aswArDisk.sys =>.AVAST Software s.r.o.®
SR - System [30/05/2019] [ 207448] aswArPot (aswArPot) . (.AVAST Software.) - C:\Windows\System32\drivers\aswArPot.sys =>.AVAST Software s.r.o.®
SR - System [30/05/2019] [ 262496] aswbidsdriver (aswbidsdriver) . (.AVAST Software.) - C:\Windows\System32\drivers\aswbidsdriver.sys =>.AVAST Software s.r.o.®
SR - Boot [30/05/2019] [ 205848] aswbidsh (aswbidsh) . (.AVAST Software.) - C:\Windows\System32\drivers\aswbidsh.sys =>.AVAST Software s.r.o.®
SR - Boot [30/05/2019] [ 61472] aswbuniv (aswbuniv) . (.AVAST Software.) - C:\Windows\System32\drivers\aswbuniv.sys =>.AVAST Software s.r.o.®
SR - System [30/05/2019] [ 279120] aswHdsKe (aswHdsKe) . (.AVAST Software.) - C:\Windows\System32\drivers\aswHdsKe.sys =>.AVAST Software s.r.o.®
SR - System [30/05/2019] [ 42288] aswKbd (aswKbd) . (.AVAST Software.) - C:\Windows\System32\drivers\aswKbd.sys =>.AVAST Software s.r.o.®
SR - Auto [06/06/2019] [ 167872] aswMonFlt (aswMonFlt) . (.AVAST Software.) - C:\Windows\System32\drivers\aswMonFlt.sys =>.AVAST Software s.r.o.®
SR - System [30/05/2019] [ 112312] aswRdr (aswRdr) . (.AVAST Software.) - C:\Windows\System32\drivers\aswRdr2.sys =>.AVAST Software s.r.o.®
SR - Boot [30/05/2019] [ 87944] aswRvrt (aswRvrt) . (.AVAST Software.) - C:\Windows\System32\drivers\aswRvrt.sys =>.AVAST Software s.r.o.®
SR - System [30/05/2019] [ 1030784] aswSnx (aswSnx) . (.AVAST Software.) - C:\Windows\System32\drivers\aswSnx.sys =>.AVAST Software s.r.o.®
SR - System [30/05/2019] [ 477584] aswSP (aswSP) . (.AVAST Software.) - C:\Windows\System32\drivers\aswSP.sys =>.AVAST Software s.r.o.®
SR - Auto [03/06/2019] [ 225608] aswStm (aswStm) . (.AVAST Software.) - C:\Windows\System32\drivers\aswStm.sys =>.AVAST Software s.r.o.®
SR - Boot [30/05/2019] [ 385880] aswVmm (aswVmm) . (.AVAST Software.) - C:\Windows\System32\drivers\aswVmm.sys =>.AVAST Software s.r.o.®
SR - Auto [21/11/2011] [ 96896] ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe =>.ASUSTeK Computer Inc.®
SR - System [02/07/2013] [ 19768] ATKWMIACPI Driver (ATKWMIACPIIO) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys =>.ASUSTeK Computer Inc.®
SR - Auto [30/05/2019] [ 409224] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
SR - Boot [22/08/2013] [ 531296] Broadcom NetXtreme II VBD (b06bdrv) . (.Broadcom Corporation.) - C:\Windows\System32\drivers\bxvbda.sys =>.Microsoft Windows®
SR - Demand [12/08/2013] [ 17624] bcmfn2 Service (bcmfn2) . (…) - C:\Windows\System32\drivers\bcmfn2.sys =>.Broadcom Corporation®
SS - Demand [27/03/2019] [ 8473200] BattlEye Service (BEService) . (…) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe =>.BattlEye Innovations e.K.®
SS - Demand [11/09/2018] [ 376296] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation®
SS - Demand [28/02/2018] [ 143144] Dropbox Update Service (dbupdatem) (dbupdatem) . (.Dropbox, Inc..) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe =>.Dropbox, Inc®
SR - Auto [04/06/2019] [ 51024] DbxSvc (DbxSvc) . (.Dropbox, Inc..) - C:\Windows\System32\DbxSvc.exe =>.Dropbox, Inc®
SS - Demand [09/12/2018] [ 781440] EasyAntiCheat (EasyAntiCheat) . (.EasyAntiCheat Ltd.) - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe =>.EasyAntiCheat Oy®
SR - Boot [22/08/2013] [ 3357024] Broadcom NetXtreme II 10 GigE (ebdrv) . (.Broadcom Corporation.) - C:\Windows\System32\drivers\evbda.sys =>.Microsoft Windows®
SS - Demand [11/06/2019] [ 1098224] Google Chrome Elevation Service (GoogleChromeElevationService) . (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.90\eleva tion_service.exe =>.Google LLC®
SR - Auto [22/02/2016] [ 154440] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [22/02/2016] [ 154440] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SR - Demand [04/11/2013] [ 20280] ASUS Wireless Radio Control (HIDSwitch) . (.ASUS.) - C:\Windows\System32\drivers\AsHIDSwitch64.sys =>.ASUSTeK Computer Inc.®
SR - Boot [22/08/2013] [ 64352] (HpSAMD) . (.Hewlett-Packard Company.) - C:\Windows\System32\drivers\HpSAMD.sys =>.Microsoft Windows®
SR - Demand [30/07/2013] [ 24568] Intel(R) Serial IO (iaLPSSi_GPIO) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys =>.Intel Corporation - Software and Firmware Products®
SR - Demand [25/07/2013] [ 99320] Intel(R) Serial IO I (iaLPSSi_I2C) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaLPSSi_I2C.sys =>.Intel Corporation - Software and Firmware Products®
SR - Boot [28/10/2013] [ 632168] (iaStorA) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaStorA.sys =>.Intel Corporation - Intel® Rapid Storage Technology®
SR - Boot [09/08/2013] [ 651248] Intel(R) SATA RAID Cont (iaStorAV) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaStorAV.sys =>.Intel Corporation - Intel® Rapid Storage Technology®
SR - Boot [22/08/2013] [ 412000] Intel RAID Controller Wi (iaStorV) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaStorV.sys =>.Microsoft Windows®
SR - Demand [11/09/2018] [ 3799872] (igfx) . (.Intel Corporation.) - C:\Windows\System32\DRIVERS\igdkmd64.sys =>.Intel Corporation®
SR - Auto [11/09/2018] [ 317416] Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation®
SR - Demand [01/12/2015] [ 50160] Intel WiDi Audio Device (intaud_WaveExtensible) . (.Intel Corporation.) - C:\Windows\System32\drivers\intelaud.sys =>.Intel(R) Wireless Display®
SR - Demand [13/04/2017] [ 5721088] Service for Realtek HD Audio (WDM) (IntcAzAudAddService) . (.Realtek Semiconductor Corp..) - C:\Windows\System32\drivers\RTKVHD64.sys =>.Realtek Semiconductor Corp.®
SS - Demand [07/05/2019] [ 658232] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe =>.Apple Inc.®
SR - Demand [01/12/2015] [ 38896] IWD Bus Enumerator (iwdbus) . (.Intel Corporation.) - C:\Windows\System32\drivers\iwdbus.sys =>.Intel(R) Wireless Display®
SR - Demand [18/06/2013] [ 129224] NDIS Miniport Drive (L1C) . (.Qualcomm Atheros Co., Ltd..) - C:\Windows\System32\DRIVERS\L1C63x64.sys =>.Qualcomm Atheros®
SR - Boot [22/08/2013] [ 109408] (LSI_SAS) . (.LSI Corporation.) - C:\Windows\System32\drivers\lsi_sas.sys =>.Microsoft Windows®
SR - Boot [22/08/2013] [ 93536] (LSI_SAS2) . (.LSI Corporation.) - C:\Windows\System32\drivers\lsi_sas2.sys =>.Microsoft Windows®
SR - Boot [22/08/2013] [ 81760] (LSI_SAS3) . (.LSI Corporation.) - C:\Windows\System32\drivers\lsi_sas3.sys =>.Microsoft Windows®
SR - Boot [22/08/2013] [ 82784] (LSI_SSS) . (.LSI Corporation.) - C:\Windows\System32\drivers\lsi_sss.sys =>.Microsoft Windows®
SR - Boot [22/08/2013] [ 56672] (megasas) . (.LSI Corporation.) - C:\Windows\System32\drivers\megasas.sys =>.Microsoft Windows®
SR - Boot [22/08/2013] [ 575840] (megasr) . (.LSI Corporation, Inc..) - C:\Windows\System32\drivers\megasr.sys =>.Microsoft Windows®
SR - Demand [28/03/2016] [ 186424] Intel(R) Management Engine Interfa (MEIx64) . (.Intel Corporation.) - C:\Windows\System32\drivers\TeeDriverW8x64.sys =>.Intel(R) Embedded Subsystems and IP Blocks Group®
SR - Boot [22/08/2013] [ 63840] (mvumis) . (.Marvell Semiconductor, Inc..) - C:\Windows\System32\drivers\mvumis.sys =>.Microsoft Windows®
SR - Demand [04/09/2013] [ 3345376] ___ Intel(R) (NETwNe64) . (.Intel Corporation.) - C:\Windows\System32\DRIVERS\NETwew00.sys =>.Intel Corporation-Mobile Wireless Group®
SR - Auto [19/07/2018] [ 764456] NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
SS - Demand [19/07/2018] [ 764456] NVIDIA NetworkService Container (NvContainerNetworkService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
SR - Auto [09/04/2019] [ 767472] NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe =>.NVIDIA Corporation®
SR - Demand [10/12/2013] [ 196384] Service for NVIDIA High Definitio (NVHDA) . (.NVIDIA Corporation.) - C:\Windows\System32\drivers\nvhda64v.sys =>.NVIDIA Corporation®
SR - System [10/04/2019] [ 316288] (nvkflt) . (.NVIDIA Corporation.) - C:\Windows\System32\DRIVERS\nvkflt.sys =>.NVIDIA Corporation®
SR - Demand [10/04/2019] [20449672] (nvlddmkm) . (.NVIDIA Corporation.) - C:\Windows\System32\DRIVERS\nvlddmkm.sys =>.NVIDIA Corporation®
SR - Boot [10/04/2019] [ 57432] (nvpciflt) . (.NVIDIA Corporation.) - C:\Windows\System32\DRIVERS\nvpciflt.sys =>.NVIDIA Corporation®
SR - Boot [22/08/2013] [ 150368] (nvraid) . (.NVIDIA Corporation.) - C:\Windows\System32\drivers\nvraid.sys =>.Microsoft Windows®
SR - Boot [22/08/2013] [ 168288] (nvstor) . (.NVIDIA Corporation.) - C:\Windows\System32\drivers\nvstor.sys =>.Microsoft Windows®
SR - Demand [11/07/2018] [ 30656] NvStreamKms (NvStreamKms) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys =>.NVIDIA Corporation®
SR - Auto [10/04/2019] [ 791136] NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe =>.NVIDIA Corporation®
SR - Demand [07/06/2018] [ 69544] NVIDIA Virtual Aud (nvvad_WaveExtensible) . (.NVIDIA Corporation.) - C:\Windows\System32\drivers\nvvad64v.sys =>.NVIDIA Corporation®
SR - Demand [03/10/2018] [ 66792] NVVHCI Enumerator Service (nvvhci) . (.NVIDIA Corporation.) - C:\Windows\System32\drivers\nvvhci.sys =>.NVIDIA Corporation®
SR - Demand [17/12/2016] [ 28928] rspWhySoSlow (rspWhySoSlow) . (.Resplendence Software Projects Sp..) - C:\Windows\System32\DRIVERS\rspWhy64.sys =>.Daniel Terhell®
SR - Boot [22/08/2013] [ 44896] (SiSRaid2) . (.Silicon Integrated Systems Corp..) - C:\Windows\System32\drivers\SiSRaid2.sys =>.Microsoft Windows®
SR - Boot [22/08/2013] [ 81760] (SiSRaid4) . (.Silicon Integrated Systems.) - C:\Windows\System32\drivers\sisraid4.sys =>.Microsoft Windows®
SS - Demand [14/06/2019] [ 1695008] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve®
SR - Boot [22/08/2013] [ 31072] (stexstor) . (.Promise Technology, Inc..) - C:\Windows\System32\drivers\stexstor.sys =>.Microsoft Windows®
SR - Demand [17/06/2015] [ 54784] Apple Mobile USB Driver (USBAAPL64) . (.Apple, Inc..) - C:\Windows\System32\Drivers\usbaapl64.sys =>.Apple, Inc.
SR - System [13/05/2019] [ 1023312] VirtualBox Service (VBoxDrv) . (.Oracle Corporation.) - C:\Windows\System32\DRIVERS\VBoxDrv.sys =>.Oracle Corporation®
SR - Demand [13/05/2019] [ 236352] VirtualBox NDIS 6.0 Miniport Service (VBoxNetAdp) . (.Oracle Corporation.) - C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys =>.Oracle Corporation®
SR - System [13/05/2019] [ 247736] VirtualBox NDIS6 Bridge (VBoxNetLwf) . (.Oracle Corporation.) - C:\Windows\System32\DRIVERS\VBoxNetLwf.sys =>.Oracle Corporation®
SS - Demand [13/05/2019] [ 692992] VirtualBox system service (VBoxSDS) . (.Oracle Corporation.) - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe =>.Oracle Corporation®
SR - System [13/05/2019] [ 186480] VirtualBox USB Monitor Service (VBoxUSBMon) . (.Oracle Corporation.) - C:\Windows\System32\DRIVERS\VBoxUSBMon.sys =>.Oracle Corporation®
SR - Boot [22/08/2013] [ 19808] (viaide) . (.VIA Technologies, Inc..) - C:\Windows\System32\drivers\viaide.sys =>.Microsoft Windows®
SR - Boot [22/08/2013] [ 168800] (vsmraid) . (.VIA Technologies Inc.,Ltd.) - C:\Windows\System32\drivers\vsmraid.sys =>.Microsoft Windows®
SR - Boot [22/08/2013] [ 305504] VIA StorX Storage RAID Co (VSTXRAID) . (.VIA Corporation.) - C:\Windows\System32\drivers\vstxraid.sys =>.Microsoft Windows®

—\ Task Planned Automatically (Register) (52) - 3s
O38 - TASK: {05492113-9CD9-42E5-B842-ADF4F829ADC3} [64Bits][\Adobe Flash Player PPAPI Notifier] - (.Adobe - Adobe® Flash® Player Installer/Uninstaller.) – C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_ 0_0_207_pepper.exe [1452600] =>.Adobe
O38 - TASK: {0AE410DC-E53F-4021-A729-DA7BD7ED61C3} [64Bits][\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA GeForce Experience.) – C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3297832] =>.NVIDIA Corporation
O38 - TASK: {0B929CB9-E98D-4618-982A-D403A8E9740A} [64Bits][\GoogleUpdateTaskMachineCore] - (.Google Inc. - Google Installer.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440] =>.Google Inc.
O38 - TASK: {0DA27504-D53A-4BF6-854F-CD2382D5B3DD} [64Bits][\Avast Software\Overseer] - (.AVAST Software - Avast Overseer.) – C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944] =>.AVAST Software
O38 - TASK: {0F02B0F5-951C-4CDF-A076-05CEAD35CA0B} [64Bits][\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA nodejs launcher.) – C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [982568] =>.NVIDIA Corporation
O38 - TASK: {213D5507-3AFC-44D2-9994-F4CBA2306C88} [64Bits][\Apple\AppleSoftwareUpdate] - (.Apple Inc. - Apple Software Update.) – C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320] =>.Apple Inc.
O38 - TASK: {28C266BC-6B33-4A0F-993F-6CD7CCEBDBB7} [64Bits][\ATK Package 36D18D69AFC3] - (.ASUSTek Computer Inc. - Simulate Store App Execution Application.) – C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [109880] =>.ASUSTek Computer Inc.
O38 - TASK: {29041F64-C091-4AB4-A8B4-3744A3E30F2F} [64Bits][\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [927272] =>.NVIDIA Corporation
O38 - TASK: {3091B878-C352-4774-86D4-9999149BF8A6} [64Bits][\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456] =>.NVIDIA Corporation
O38 - TASK: {332843F0-D716-4049-8E3B-80E63D95059C} [64Bits][\DropboxUpdateTaskMachineUA] - (.Dropbox, Inc. - Dropbox Update.) – C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144] =>.Dropbox, Inc.
O38 - TASK: {42B376EC-415A-4F16-ABF8-1075D474C42A} [64Bits][\CCleanerSkipUAC] - (.Piriform Software Ltd - CCleaner.) – C:\Program Files\CCleaner\CCleaner.exe [16664352] =>.Piriform Software Ltd
O38 - TASK: {4D967E64-3B8C-4912-95C1-2ADDB262F27E} [64Bits][\Adobe Flash Player Updater] - (.Adobe - Adobe® Flash® Player Update Service 32.0 r0.) – C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [335416] =>.Adobe
O38 - TASK: {5F3097B2-6E5A-4EC3-8641-6204F07A5059} [64Bits][\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456] =>.NVIDIA Corporation
O38 - TASK: {5F8E1232-0C07-482C-ADD1-66E1EF992C42} [64Bits][\RTKCPL] - (.Realtek Semiconductor - HD Audio Background Process.) – C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312] =>.Realtek Semiconductor
O38 - TASK: {63833CCA-C4EA-4C5F-84B7-93089A0F2954} [64Bits][\DropboxUpdateTaskMachineCore] - (.Dropbox, Inc. - Dropbox Update.) – C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144] =>.Dropbox, Inc.
O38 - TASK: {6DB75619-A35D-444C-9503-BAB2C3445FC9} [64Bits][\CCleaner Update] - (.Piriform Software Ltd - CCleaner emergency updater.) – C:\Program Files\CCleaner\CCUpdate.exe [619416] =>.Piriform Software Ltd
O38 - TASK: {76B3DD55-F2B8-475D-80B7-FDC0389E339E} [64Bits][\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [927272] =>.NVIDIA Corporation
O38 - TASK: {76E17305-C98F-4872-A47B-F7443D17175B} [64Bits][\GoogleUpdateTaskMachineUA] - (.Google Inc. - Google Installer.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440] =>.Google Inc.
O38 - TASK: {86EAEE4D-C585-445C-8A41-77AE5C37D18A} [64Bits][\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [856616] =>.NVIDIA Corporation
O38 - TASK: {90FB1436-AFA2-4CFE-A045-84DB46DB95F1} [64Bits][\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [856616] =>.NVIDIA Corporation
O38 - TASK: {9F6DA67D-0D1F-4B56-A4E2-F80E2A91A991} [64Bits][\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [927272] =>.NVIDIA Corporation
O38 - TASK: {B3A75DAB-9AA5-47C5-9574-783DF12FE5FD} [64Bits][\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [927272] =>.NVIDIA Corporation
O38 - TASK: {BB764CD4-B776-4DB9-8EC2-B2DE1EA84A54} [64Bits][\Avast Emergency Update] - (.AVAST Software - Avast Emergency Update.) – C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152] =>.AVAST Software
O38 - TASK: {C3CD2D61-D8A9-4F77-BA8E-EB43D2A5E842} [64Bits][\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA telemetry monitor.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [647720] =>.NVIDIA Corporation
O38 - TASK: {CF14B9B8-BC0B-4C2A-98D2-B9F8C4ABD676} [64Bits][\FRAPS] - (.Beepa P/L - Fraps.) – C:\Fraps\fraps.exe [2652432] =>.Beepa P/L
O38 - TASK: {FA7BAE0E-005E-467E-A48A-288A97301497} [64Bits][\RtHDVBg_ListenToDevice] - (.Realtek Semiconductor - HD Audio Background Process.) – C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312] =>.Realtek Semiconductor
C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier - (.Adobe.) – C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_ 0_0_207_pepper.exe [-check pepperplugin.-check] =>.Adobe
C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe =>.NVIDIA Corporation
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineC ore - (.Google Inc..) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [/c] =>.Google Inc.
C:\Windows\System32\Tasks\Avast Software\Overseer - (.AVAST Software.) – C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [/from_scheduler:1] =>.AVAST Software
C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [–launcher=TaskScheduler] =>.NVIDIA Corporation
C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdat e - (.Apple Inc..) – C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [-task] =>.Apple Inc.
C:\Windows\System32\Tasks\ATK Package 36D18D69AFC3 - (.ASUSTek Computer Inc..) – C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [-CancelShutdown] =>.ASUSTek Computer Inc.
C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [/noshim] =>.NVIDIA Corporation
C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily _{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [-d ‘C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck’ -l 3 -f C:\ProgramData\NVIDIA\NvContain] =>.NVIDIA Corporation
C:\Windows\System32\Tasks\DropboxUpdateTaskMachine UA - (.Dropbox, Inc..) – C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [/ua ./ua] =>.Dropbox, Inc.
C:\Windows\System32\Tasks\CCleanerSkipUAC - (.Piriform Software Ltd.) – C:\Program Files\CCleaner\CCleaner.exe [$(Arg0)] =>.Piriform Software Ltd
C:\Windows\System32\Tasks\Adobe Flash Player Updater - (.Adobe.) – C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe =>.Adobe
C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLog on_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [-d ‘C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck’ -l 3 -f C:\ProgramData\NVIDIA] =>.NVIDIA Corporation
C:\Windows\System32\Tasks\RTKCPL - (.Realtek Semiconductor.) – C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [/runcplsilence] =>.Realtek Semiconductor
C:\Windows\System32\Tasks\DropboxUpdateTaskMachine Core - (.Dropbox, Inc..) – C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [/c] =>.Dropbox, Inc.
C:\Windows\System32\Tasks\CCleaner Update - (.Piriform Software Ltd.) – C:\Program Files\CCleaner\CCUpdate.exe =>.Piriform Software Ltd
C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [/noshim] =>.NVIDIA Corporation
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineU A - (.Google Inc..) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [/ua ./ua] =>.Google Inc.
C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe =>.NVIDIA Corporation
C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B 2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe =>.NVIDIA Corporation
C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe =>.NVIDIA Corporation
C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [/noshim] =>.NVIDIA Corporation
C:\Windows\System32\Tasks\Avast Emergency Update - (.AVAST Software.) – C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe =>.AVAST Software
C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe =>.NVIDIA Corporation
C:\Windows\System32\Tasks\FRAPS - (.Beepa P/L.) – C:\Fraps\fraps.exe =>.Beepa P/L
C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice - (.Realtek Semiconductor.) – C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [/AECBYLISTENTOSTATUS] =>.Realtek Semiconductor

—\ Auto loading programs from Registry and folders (11) - 0s
O4 - HKLM..\Run: [AvastUI.exe] . (.AVAST Software - AvLaunch component.) – C:\Program Files\AVAST Software\Avast\AvLaunch.exe =>.AVAST Software s.r.o.®
O4 - HKCU..\Run: [Itibiti.exe] . (. - .) – C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe (.Not File.) =>.SUP.Orphan
O4 - HKCU..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) – C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - HKCU..\Run: [Spotify] . (. - .) – --minimized. =>.SUP.Orphan
O4 - HKCU..\Run: [CCleaner Smart Cleaning] . (.Piriform Software Ltd - CCleaner.) – C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Software Ltd®
O4 - HKCU..\Run: [iCloudServices] . (.Apple Inc. - iCloud Services.) – C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe =>.Apple Inc.®
O4 - HKUS\S-1-5-21-2413270503-2783578207-2879242489-1001..\Run: [Itibiti.exe] . (. - .) – C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe (.Not File.) =>.SUP.Orphan
O4 - HKUS\S-1-5-21-2413270503-2783578207-2879242489-1001..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) – C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - HKUS\S-1-5-21-2413270503-2783578207-2879242489-1001..\Run: [Spotify] . (. - .) – --minimized. =>.SUP.Orphan
O4 - HKUS\S-1-5-21-2413270503-2783578207-2879242489-1001..\Run: [CCleaner Smart Cleaning] . (.Piriform Software Ltd - CCleaner.) – C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Software Ltd®
O4 - HKUS\S-1-5-21-2413270503-2783578207-2879242489-1001..\Run: [iCloudServices] . (.Apple Inc. - iCloud Services.) – C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe =>.Apple Inc.®

—\ Process running (31) - 2s
[MD5.24466E455418CEBF3CB95EDED175C59C] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe [767472] [PID.1008] =>.NVIDIA Corporation®
[MD5.B7DC6004643672DDFBAC5659B162CE9E] - (.Intel Corporation - igfxCUIService Module.) – C:\Windows\System32\igfxCUIService.exe [317416] [PID.1036] =>.Intel Corporation
[MD5.24466E455418CEBF3CB95EDED175C59C] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe [767472] [PID.1224] =>.NVIDIA Corporation®
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) – C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1420] =>.ASUSTeK Computer Inc.®
[MD5.EEB443EC220283D531E9D5D1A74D4329] - (.Apple Inc. - MobileDeviceService.) – C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056] [PID.1776] =>.Apple Inc.®
[MD5.449685CA6E2124D6E7D51EA1188E1B66] - (.Dropbox, Inc. - Dropbox Service.) – C:\Windows\system32\DbxSvc.exe [51024] [PID.1768] =>.Dropbox, Inc.
[MD5.0D4439038561948F24410FBE3E18227A] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456] [PID.2152] =>.NVIDIA Corporation®
[MD5.FAB0B6E6930C23DC3E3BEC91E43411F3] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [791136] [PID.2196] =>.NVIDIA Corporation®
[MD5.0D4439038561948F24410FBE3E18227A] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456] [PID.248] =>.NVIDIA Corporation®
[MD5.47F12AD8FD0151607CE66D8A165C28F7] - (.ASUSTek Computer Inc. - HControl.) – C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [303928] [PID.3984] =>.ASUSTeK Computer Inc.®
[MD5.606D92E6AE0945652E1E1E560CFEB639] - (.Intel Corporation - igfxEM Module.) – C:\Windows\system32\igfxEM.exe [528872] [PID.3360] =>.Intel Corporation
[MD5.7BBB7CB37A43C3526D8F37F5566A3553] - (.Intel Corporation - igfxHK Module.) – C:\Windows\system32\igfxHK.exe [246248] [PID.1124] =>.Intel Corporation
[MD5.57055EF02D506BFC8518FED8C7FB5E9F] - (.Intel Corporation - igfxTray Module.) – C:\Windows\System32\igfxTray.exe [371688] [PID.4140] =>.Intel Corporation
[MD5.A1F58FFF448E4099297D6EE0641D4D0E] - (.Dropbox, Inc. - Dropbox Update.) – C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144] [PID.4356] =>.Dropbox, Inc®
[MD5.D5BE182623C91BEF8E7950DBC5091520] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952] [PID.2220] =>.Google LLC®
[MD5.D5BE182623C91BEF8E7950DBC5091520] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952] [PID.3144] =>.Google LLC®
[MD5.F9DF4947EF51324BAE4DBC5F65049DA3] - (.AVAST Software - Avast Antivirus.) – C:\Program Files\AVAST Software\Avast\AvastUI.exe [11838344] [PID.4608] =>.AVAST Software s.r.o.®
[MD5.D5BE182623C91BEF8E7950DBC5091520] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952] [PID.4580] =>.Google LLC®
[MD5.D5BE182623C91BEF8E7950DBC5091520] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952] [PID.5156] =>.Google LLC®
[MD5.D5BE182623C91BEF8E7950DBC5091520] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952] [PID.5204] =>.Google LLC®
[MD5.D5BE182623C91BEF8E7950DBC5091520] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952] [PID.5288] =>.Google LLC®
[MD5.D5BE182623C91BEF8E7950DBC5091520] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952] [PID.5304] =>.Google LLC®
[MD5.D5BE182623C91BEF8E7950DBC5091520] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952] [PID.5312] =>.Google LLC®
[MD5.CB8142F608ABD5E27139B76F3BF07177] - (.Realtek Semiconductor - HD Audio Background Process.) – C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312] [PID.2892] =>.Realtek Semiconductor Corp.®
[MD5.AB7B0BF99F23038276B2FB85731AF6B0] - (.Realtek Semiconductor - Realtek HD Audio Manager.) – C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18368512] [PID.5908] =>.Realtek Semiconductor Corp.®
[MD5.754904E430832FE1A840AA7306CC7983] - (.Beepa P/L - Fraps.) – C:\Fraps\fraps64.dat [102160] [PID.5576] =>.Beepa P/L
[MD5.D5BE182623C91BEF8E7950DBC5091520] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952] [PID.6224] =>.Google LLC®
[MD5.D5BE182623C91BEF8E7950DBC5091520] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952] [PID.6232] =>.Google LLC®
[MD5.D5BE182623C91BEF8E7950DBC5091520] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952] [PID.2712] =>.Google LLC®
[MD5.D5BE182623C91BEF8E7950DBC5091520] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952] [PID.2532] =>.Google LLC®
[MD5.4967F0990578B3F64854C6E98B987ACC] - (.Nicolas Coolman - ZHPDiag.) – C:\Users\Pavel\Desktop\ZHPDiag3.exe [3039616] [PID.4784] =>.Nicolas Coolman

—\ Google Chrome, Start,Search,Extensions (28) - 1s
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [aapocclcgogkmnckokdopfmhonfmgoek] =>.Google Inc. {Slides}
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [ahifcnpnjgbadkjdhagpfjfkmlapfoel] Material Incognito Dark Theme =>.Legitimate
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [aohghmighlieiainnegkcijnfilokake] =>.Google Inc. {Docs}
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [apdfllckaahabafndbhieahigkjlhalf] http://drive.google.com/ =>.Google Inc. {Drive}
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [bfbmjmiodbnnpllbbbfblcplfjjepjdn] Stefan vd =>.stefanvd.net
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [blpcfgokakmgnkcojhhkbfbldkacnbeo] http://www.youtube.com =>.Youtube {Youtube}
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [cfhdojbkjhnklbpkdaibdccddilifddb] eyeo GmbH =>.eyeo GmbH {AdBlock Plus}
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [eofcbnmajmjmplflapaojjnihcjkigck] Avast =>.Avast Software s.r.o
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [felcaaldnbdncclmgdcncolpebgiejap] =>.Google Inc. {Sheets}
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [gomekmidlodglbbmalcneegieacbdmki] Avast Online Security =>.Avast Software s.r.o
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [kbfnbcaeplbcioakkpcpgfkobkghlhen] Grammarly =>.grammarly.com
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [nahhmpbckpgdidfnmfkfgiflpjijilce] Search Manager =>.SUP.SearchManager
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [oenbfjmilhdednmfffjoicdnijikcdpo] AudioBassDev
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [pjkljhegncpnkpknbcohdijeoejaedia] http://mail.google.com/ =>.Google Inc. {Gmail}
G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
G2 - GCE: Preference [Pavel][User Data\Default\Local Extension Settings] [bfbmjmiodbnnpllbbbfblcplfjjepjdn]
G2 - GCE: Preference [Pavel][User Data\Default\Local Extension Settings] [cfhdojbkjhnklbpkdaibdccddilifddb] =>.eyeo GmbH {AdBlock Plus}
G2 - GCE: Preference [Pavel][User Data\Default\Local Extension Settings] [cnlenmmkifnhllnjfoangnjokeadhbbk]
G2 - GCE: Preference [Pavel][User Data\Default\Local Extension Settings] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [Pavel][User Data\Default\Local Extension Settings] [gomekmidlodglbbmalcneegieacbdmki] =>.Avast Software s.r.o
G2 - GCE: Preference [Pavel][User Data\Default\Local Extension Settings] [nkeimhogjdpnpccoofpliimaahmaaome]
G2 - GCE: Preference [Pavel][User Data\Default\Local Extension Settings] [oenbfjmilhdednmfffjoicdnijikcdpo]
G2 - GCE: Preference [Pavel][User Data\Default\Managed Extension Settings] [cfhdojbkjhnklbpkdaibdccddilifddb] =>.eyeo GmbH {AdBlock Plus}
G2 - GCE: Preference [Pavel][User Data\Default\Sync Extension Settings] [bfbmjmiodbnnpllbbbfblcplfjjepjdn]
G2 - GCE: Preference [Pavel][User Data\Default\Sync Extension Settings] [oenbfjmilhdednmfffjoicdnijikcdpo]
G2 - GCE: Preference [Pavel][User Data\Default\Sync Extension Settings] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] =>.Google Inc. {Chrome Media Router}

—\ Internet Explorer Extensions, Start, Search (12) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (11.00.9600.18817 (winblue_ltsb.170907-0600)) – C:\Windows\System32\ieframe.dll =>.Microsoft Corporation
R4 - HKLM\Software\WOW6432Node\Wow6432Node\Microsoft\In ternet Explorer\PhishingFilter,EnabledV9 = 1 =>Default.Value

—\ INTERNET EXPLORER, trusted site and sensitive site (3) - 0s
~ IE Restricted Site Potentially Unwanted: roblox
~ Microsoft Internet Explorer Restricted Site(s) Domains: 0(Good) / 1(Bad)
~ Microsoft Internet Explorer Restricted Site(s) EscDomains: 0(Good) / 0(Bad)

—\ Internet Explorer, Proxy Management (7) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyEnable = 0 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,MigrateProxy = 1 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,EnableHttp1_1 = 1 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigProxy = wininet.dll
R5 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Inter net Settings,ProxyEnable = 0 =>.Default.Value
R5 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Inter net Settings,ProxyEnable = 0 =>.Default.Value
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Para meters\Internet\ManualProxies =>.Microsoft

—\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerfo rmance.exe (.Microsoft Corporation.) =>.Microsoft Corporation

—\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (1)

—\ Browser Helper Object (BHO) (2) - 0s
O2 - BHO: Java™ Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java™ Platform SE binary.) – C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: Java™ Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java™ Platform SE binary.) – C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll =>.Oracle America, Inc.®

—\ Global shortcuts Startup (144) - 8s
O4 - GS\Desktop [Administrator]: ACID Pro 4.0.lnk . (.Sonic Foundry, Inc. - Sonic Foundry ACID 4.0 Pro.) C:\Program Files (x86)\Sonic Foundry\ACID 4.0\acid40.exe
O4 - GS\Desktop [Administrator]: AmazonBasics gaming software.lnk . (…) C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe
O4 - GS\Desktop [Administrator]: Discord.lnk . (.GitHub - Update.) C:\Users\Pavel\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\Desktop [Administrator]: Documents.lnk . (…) C:\Users\Pavel\Documents
O4 - GS\Desktop [Administrator]: Driver - San Francisco.lnk . (…) E:\Driver - San Francisco\Driver.exe
O4 - GS\Desktop [Administrator]: Minecraft.lnk . (.Titan Launcher - 1.13.1 Minecraft Launcher.) C:\Users\Pavel\AppData\Roaming.minecraft\minecraft launcher\Minecraft Launcher.exe =>.Titan Launcher
O4 - GS\Desktop [Administrator]: paint.net.lnk . (.dotPDN LLC - Create, edit, scan, and print .) C:\Program Files (x86)\paint.net\PaintDotNet.exe =>.dotPDN LLC
O4 - GS\Desktop [Administrator]: Pictures.lnk . (…) C:\Users\Pavel\Pictures =>.Microsoft Corporation
O4 - GS\Desktop [Administrator]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Pavel\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Administrator]: Uplay.lnk . (.Ubisoft - Uplay launcher.) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe =>.Ubisoft Entertainment Sweden AB®
O4 - GS\Desktop [Administrator]: Videos - Shortcut.lnk . (…) C:\Users\Pavel\Videos
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Pavel\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: AnyTrans.lnk . (.iMobie Inc. - AnyTrans.) C:\Program Files (x86)\iMobie\AnyTrans\AnyTrans for iOS.exe =>.iMobie Inc.®
O4 - GS\Quicklaunch [Administrator]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Pavel\AppData\Local\Chromium\Application\ chrome.exe =>.The Chromium Authors
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\Quicklaunch [Administrator]: Windows Movie Maker.lnk . (…) C:\Program Files\Windows Movie Maker\xmoviemaker.exe =>.TopWin Software Limited®
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Dropbox.lnk . (…) C:\Users\Pavel\Dropbox
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: Fraps.lnk . (.Beepa P/L - Fraps.) C:\Fraps\fraps.exe =>.Beepa P/L
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\TaskBar [Administrator]: Steam Client Bootstrapper.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\TaskBar [Administrator]: Task Manager.lnk . (.Microsoft Corporation - Task Manager.) C:\Windows\system32\taskmgr.exe /7 =>.Microsoft Windows®
O4 - GS\Programs [Administrator]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Pavel\AppData\Local\Chromium\Application\ chrome.exe =>.The Chromium Authors
O4 - GS\Programs [Administrator]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Pavel\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [ASPNET]: ACID Pro 4.0.lnk . (.Sonic Foundry, Inc. - Sonic Foundry ACID 4.0 Pro.) C:\Program Files (x86)\Sonic Foundry\ACID 4.0\acid40.exe
O4 - GS\Desktop [ASPNET]: AmazonBasics gaming software.lnk . (…) C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe
O4 - GS\Desktop [ASPNET]: Discord.lnk . (.GitHub - Update.) C:\Users\Pavel\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\Desktop [ASPNET]: Documents.lnk . (…) C:\Users\Pavel\Documents
O4 - GS\Desktop [ASPNET]: Driver - San Francisco.lnk . (…) E:\Driver - San Francisco\Driver.exe
O4 - GS\Desktop [ASPNET]: Minecraft.lnk . (.Titan Launcher - 1.13.1 Minecraft Launcher.) C:\Users\Pavel\AppData\Roaming.minecraft\minecraft launcher\Minecraft Launcher.exe =>.Titan Launcher
O4 - GS\Desktop [ASPNET]: paint.net.lnk . (.dotPDN LLC - Create, edit, scan, and print .) C:\Program Files (x86)\paint.net\PaintDotNet.exe =>.dotPDN LLC
O4 - GS\Desktop [ASPNET]: Pictures.lnk . (…) C:\Users\Pavel\Pictures =>.Microsoft Corporation
O4 - GS\Desktop [ASPNET]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Pavel\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [ASPNET]: Uplay.lnk . (.Ubisoft - Uplay launcher.) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe =>.Ubisoft Entertainment Sweden AB®
O4 - GS\Desktop [ASPNET]: Videos - Shortcut.lnk . (…) C:\Users\Pavel\Videos
O4 - GS\Desktop [ASPNET]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Pavel\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [ASPNET]: AnyTrans.lnk . (.iMobie Inc. - AnyTrans.) C:\Program Files (x86)\iMobie\AnyTrans\AnyTrans for iOS.exe =>.iMobie Inc.®
O4 - GS\Quicklaunch [ASPNET]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Pavel\AppData\Local\Chromium\Application\ chrome.exe =>.The Chromium Authors
O4 - GS\Quicklaunch [ASPNET]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\Quicklaunch [ASPNET]: Windows Movie Maker.lnk . (…) C:\Program Files\Windows Movie Maker\xmoviemaker.exe =>.TopWin Software Limited®
O4 - GS\sendTo [ASPNET]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [ASPNET]: Dropbox.lnk . (…) C:\Users\Pavel\Dropbox
O4 - GS\sendTo [ASPNET]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [ASPNET]: Fraps.lnk . (.Beepa P/L - Fraps.) C:\Fraps\fraps.exe =>.Beepa P/L
O4 - GS\TaskBar [ASPNET]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\TaskBar [ASPNET]: Steam Client Bootstrapper.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\TaskBar [ASPNET]: Task Manager.lnk . (.Microsoft Corporation - Task Manager.) C:\Windows\system32\taskmgr.exe /7 =>.Microsoft Windows®
O4 - GS\Programs [ASPNET]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Pavel\AppData\Local\Chromium\Application\ chrome.exe =>.The Chromium Authors
O4 - GS\Programs [ASPNET]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Pavel\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Guest]: ACID Pro 4.0.lnk . (.Sonic Foundry, Inc. - Sonic Foundry ACID 4.0 Pro.) C:\Program Files (x86)\Sonic Foundry\ACID 4.0\acid40.exe
O4 - GS\Desktop [Guest]: AmazonBasics gaming software.lnk . (…) C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe
O4 - GS\Desktop [Guest]: Discord.lnk . (.GitHub - Update.) C:\Users\Pavel\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\Desktop [Guest]: Documents.lnk . (…) C:\Users\Pavel\Documents
O4 - GS\Desktop [Guest]: Driver - San Francisco.lnk . (…) E:\Driver - San Francisco\Driver.exe
O4 - GS\Desktop [Guest]: Minecraft.lnk . (.Titan Launcher - 1.13.1 Minecraft Launcher.) C:\Users\Pavel\AppData\Roaming.minecraft\minecraft launcher\Minecraft Launcher.exe =>.Titan Launcher
O4 - GS\Desktop [Guest]: paint.net.lnk . (.dotPDN LLC - Create, edit, scan, and print .) C:\Program Files (x86)\paint.net\PaintDotNet.exe =>.dotPDN LLC
O4 - GS\Desktop [Guest]: Pictures.lnk . (…) C:\Users\Pavel\Pictures =>.Microsoft Corporation
O4 - GS\Desktop [Guest]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Pavel\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Guest]: Uplay.lnk . (.Ubisoft - Uplay launcher.) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe =>.Ubisoft Entertainment Sweden AB®
O4 - GS\Desktop [Guest]: Videos - Shortcut.lnk . (…) C:\Users\Pavel\Videos
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Pavel\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: AnyTrans.lnk . (.iMobie Inc. - AnyTrans.) C:\Program Files (x86)\iMobie\AnyTrans\AnyTrans for iOS.exe =>.iMobie Inc.®
O4 - GS\Quicklaunch [Guest]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Pavel\AppData\Local\Chromium\Application\ chrome.exe =>.The Chromium Authors
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\Quicklaunch [Guest]: Windows Movie Maker.lnk . (…) C:\Program Files\Windows Movie Maker\xmoviemaker.exe =>.TopWin Software Limited®
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Dropbox.lnk . (…) C:\Users\Pavel\Dropbox
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: Fraps.lnk . (.Beepa P/L - Fraps.) C:\Fraps\fraps.exe =>.Beepa P/L
O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\TaskBar [Guest]: Steam Client Bootstrapper.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\TaskBar [Guest]: Task Manager.lnk . (.Microsoft Corporation - Task Manager.) C:\Windows\system32\taskmgr.exe /7 =>.Microsoft Windows®
O4 - GS\Programs [Guest]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Pavel\AppData\Local\Chromium\Application\ chrome.exe =>.The Chromium Authors
O4 - GS\Programs [Guest]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Pavel\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Pavel]: ACID Pro 4.0.lnk . (.Sonic Foundry, Inc. - Sonic Foundry ACID 4.0 Pro.) C:\Program Files (x86)\Sonic Foundry\ACID 4.0\acid40.exe
O4 - GS\Desktop [Pavel]: AmazonBasics gaming software.lnk . (…) C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe
O4 - GS\Desktop [Pavel]: Discord.lnk . (.GitHub - Update.) C:\Users\Pavel\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\Desktop [Pavel]: Documents.lnk . (…) C:\Users\Pavel\Documents
O4 - GS\Desktop [Pavel]: Driver - San Francisco.lnk . (…) E:\Driver - San Francisco\Driver.exe
O4 - GS\Desktop [Pavel]: Minecraft.lnk . (.Titan Launcher - 1.13.1 Minecraft Launcher.) C:\Users\Pavel\AppData\Roaming.minecraft\minecraft launcher\Minecraft Launcher.exe =>.Titan Launcher
O4 - GS\Desktop [Pavel]: paint.net.lnk . (.dotPDN LLC - Create, edit, scan, and print .) C:\Program Files (x86)\paint.net\PaintDotNet.exe =>.dotPDN LLC
O4 - GS\Desktop [Pavel]: Pictures.lnk . (…) C:\Users\Pavel\Pictures =>.Microsoft Corporation
O4 - GS\Desktop [Pavel]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Pavel\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Pavel]: Uplay.lnk . (.Ubisoft - Uplay launcher.) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe =>.Ubisoft Entertainment Sweden AB®
O4 - GS\Desktop [Pavel]: Videos - Shortcut.lnk . (…) C:\Users\Pavel\Videos
O4 - GS\Desktop [Pavel]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Pavel\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Pavel]: AnyTrans.lnk . (.iMobie Inc. - AnyTrans.) C:\Program Files (x86)\iMobie\AnyTrans\AnyTrans for iOS.exe =>.iMobie Inc.®
O4 - GS\Quicklaunch [Pavel]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Pavel\AppData\Local\Chromium\Application\ chrome.exe =>.The Chromium Authors
O4 - GS\Quicklaunch [Pavel]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\Quicklaunch [Pavel]: Windows Movie Maker.lnk . (…) C:\Program Files\Windows Movie Maker\xmoviemaker.exe =>.TopWin Software Limited®
O4 - GS\sendTo [Pavel]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Pavel]: Dropbox.lnk . (…) C:\Users\Pavel\Dropbox
O4 - GS\sendTo [Pavel]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [Pavel]: Fraps.lnk . (.Beepa P/L - Fraps.) C:\Fraps\fraps.exe =>.Beepa P/L
O4 - GS\TaskBar [Pavel]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\TaskBar [Pavel]: Steam Client Bootstrapper.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\TaskBar [Pavel]: Task Manager.lnk . (.Microsoft Corporation - Task Manager.) C:\Windows\system32\taskmgr.exe /7 =>.Microsoft Windows®
O4 - GS\Programs [Pavel]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Pavel\AppData\Local\Chromium\Application\ chrome.exe =>.The Chromium Authors
O4 - GS\Programs [Pavel]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Pavel\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\CommonDesktop [Public]: Avast Free Antivirus.lnk . (.AVAST Software - .) C:\Program Files (x86)\AVAST Software\Avast\AvastUI.exe =>.AVAST Software
O4 - GS\CommonDesktop [Public]: BeamNG.lnk . (.beamng.com - BeamNG.drive.) C:\Program Files (x86)\BeamNG\BeamNG.drive.x86.exe =>.beamng.com
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Software Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Software Ltd®
O4 - GS\CommonDesktop [Public]: Fraps.lnk . (.Beepa P/L - Fraps.) C:\Fraps\fraps.exe =>.Beepa P/L
O4 - GS\CommonDesktop [Public]: GeForce Experience.lnk . (.NVIDIA Corporation - .) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe =>.NVIDIA Corporation
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\CommonDesktop [Public]: iTunes.lnk . (.Apple Inc. - .) C:\Program Files (x86)\iTunes\iTunes.exe =>.Apple Inc.
O4 - GS\CommonDesktop [Public]: Media Player Classic.lnk . (.MPC-HC Team - MPC-HC x64.) C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe =>.MPC-HC Team
O4 - GS\CommonDesktop [Public]: OBS Studio.lnk . (.OBS - OBS Studio.) C:\Program Files\obs-studio\bin\64bit\obs64.exe =>.Hugh Bailey®
O4 - GS\CommonDesktop [Public]: Oracle VM VirtualBox.lnk . (.Oracle Corporation - Oracle VM VirtualBox.) C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe =>.Oracle Corporation
O4 - GS\CommonDesktop [Public]: paint.net.lnk . (.dotPDN LLC - Create, edit, scan, and print .) C:\Program Files (x86)\paint.net\PaintDotNet.exe =>.dotPDN LLC
O4 - GS\CommonDesktop [Public]: RollerCoaster Tycoon 2.lnk . (…) C:\Program Files (x86)\Infogrames Interactive\RollerCoaster Tycoon 2\rct2.exe =>.Infogrames
O4 - GS\CommonDesktop [Public]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\CommonDesktop [Public]: Vegas 5.0.lnk . (.Sony Pictures Digital Inc. - Sony Vegas.) C:\Program Files (x86)\Sony\Vegas 5.0\vegas50.exe =>.Sony Pictures Digital Inc.
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\CommonDesktop [Public]: Windows Movie Maker.lnk . (…) C:\Program Files\Windows Movie Maker\xmoviemaker.exe =>.TopWin Software Limited®
O4 - GS\CommonDesktop [Public]: Wondershare Filmora9.lnk . (.Wondershare - Wondershare Filmora9.) C:\Program Files (x86)\Wondershare\Wondershare Filmora\Wondershare Filmora9.exe =>.Wondershare Technology Co.,Ltd®
O4 - GS\Programs [Public]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Pavel\AppData\Local\Chromium\Application\ chrome.exe =>.The Chromium Authors
O4 - GS\Programs [Public]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Pavel\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Steps Recorder.) C:\Windows\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Apple Software Update.lnk . (…) C:\Windows\Installer{A30EA700-5515-48F0-88B0-9E99DC356B88}\AppleSoftwareUpdateIco.exe =>.Apple Inc.
O4 - GS\ProgramsCommon [Public]: Audacity.lnk . (…) D:\Audacity\audacity.exe
O4 - GS\ProgramsCommon [Public]: Camera.lnk . (.Microsoft Corporation - Camera.) C:\Windows\Camera\Camera.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: FileManager.lnk . (.Microsoft Corporation - OneDrive.) C:\Windows\FileManager\FileManager.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\ProgramsCommon [Public]: HowToRemove.html.lnk . (…) C:\Users\Pavel\AppData\Local{FA6BCC37-DEC3-A08F-B35B-8567973379FF}\HowToRemove\HowToRemove.html =>PUP.Optional.WinYahoo
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\Windows\System32\Control.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: paint.net.lnk . (.dotPDN LLC - Create, edit, scan, and print .) C:\Program Files (x86)\paint.net\PaintDotNet.exe =>.dotPDN LLC
O4 - GS\ProgramsCommon [Public]: PhotosApp.lnk . (.Microsoft Corporation - Photos.) C:\Windows\FileManager\PhotosApp.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: Search.lnk . (.Microsoft Corporation - Windows host process (Rundll32).) C:\Windows\system32\rundll32.exe -sta {C90FB8CA-3295-4462-A721-2935E83694BA} =>..Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Store.lnk . (…) C:\Windows\WinStore\WinStore.htm =>.Microsoft Corporation

—\ Lop.com/Domain Hijackers (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip..{8A348FC1-FDA5-4C1E-9839-4EE02FB2A75D}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress

—\ Extra protocols (20) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation

—\ AppInit_DLLs Registry value Autorun (2) - 0s
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 425.) - C:\Windows\System32\nvinitx.dll =>.NVIDIA Corporation
O20 - Winlogon : UserInit . (.Microsoft Corporation - Userinit Logon Application.) - C:\Windows\system32\userinit.exe =>.Microsoft Corporation

—\ ASIC (ActiveSetup Installed Components) (9) - 0s
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utilit.) – C:\Windows\System32\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) – C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) – C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Enable TLS1.1 and 1.2 [64Bits] - {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} . (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utilit.) – C:\Windows\System32\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 [64Bits] - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) – C:\Windows\System32\mscories.dll =>.Microsoft Corporation®
O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google LLC - Google Chrome Installer.) – C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.90\Insta ller\chrmstp.exe =>.Google LLC®

—\ Software installed (133) - 18s
O42 - Logiciel: Adobe AIR - (.Adobe.) [HKLM][64Bits] – {10E33ABF-D7FB-4F47-900A-7973854AB45A} =>.Adobe (Hidden)
O42 - Logiciel: Adobe AIR - (.Adobe.) [HKLM][64Bits] – Adobe AIR =>.Adobe Inc.®
O42 - Logiciel: Adobe Flash Player 32 PPAPI - (.Adobe.) [HKLM][64Bits] – Adobe Flash Player PPAPI =>.Adobe Inc.®
O42 - Logiciel: Adobe Shockwave Player 12.3 - (.Adobe Systems, Inc..) [HKLM][64Bits] – Adobe Shockwave Player =>.Adobe Systems, Inc.
O42 - Logiciel: Adobe Shockwave Player 12.3 - (.Adobe, Inc.) [HKLM][64Bits] – {4487064C-F31E-4499-A1EF-9B8E809A0358}
O42 - Logiciel: AmazonBasics gaming software version 1.0.1.7 - (..) [HKLM][64Bits] – AmazonBasics gaming software_is1
O42 - Logiciel: Apple Application Support (32-bit) - (.Apple Inc..) [HKLM][64Bits] – {C1BCFECF-6EC2-4750-9072-5E2489423F8F} =>.Apple Inc.
O42 - Logiciel: Apple Application Support (64-bit) - (.Apple Inc..) [HKLM][64Bits] – {B202C7F5-7DE3-4FBF-B259-E70E625F56FC} =>.Apple Inc.
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] – {B5A46811-3612-4DA5-8A5A-E6DED5D7C523} =>.Apple Inc.
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] – {A30EA700-5515-48F0-88B0-9E99DC356B88} =>.Apple Inc.
O42 - Logiciel: ATK Package - (.ASUS.) [HKLM][64Bits] – {AB5C933E-5C7D-4D30-B314-9C83A49B94BE} =>.ASUS
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] – Avast Antivirus =>.AVAST Software s.r.o.®
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] – CCleaner =>.Piriform Software Ltd®
O42 - Logiciel: Chromium - (.Chromium.) [HKCU][64Bits] – Chromium =>.Chromium
O42 - Logiciel: Counter-Strike: Global Offensive - (.Valve.) [HKLM][64Bits] – Steam App 730 =>.Valve®
O42 - Logiciel: Discord - (.Discord Inc..) [HKCU][64Bits] – Discord =>.Discord Inc.®
O42 - Logiciel: DisplayDriverAnalyzer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: Driver - San Francisco - (.R.G. Mechanics, markfiter.) [HKLM][64Bits] – Driver - San Francisco_R.G. Mechanics_is1 =>.R.G. Mechanics, markfiter
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKLM][64Bits] – Dropbox =>.Dropbox, Inc®
O42 - Logiciel: Dropbox Update Helper - (.Dropbox, Inc..) [HKLM][64Bits] – {099218A5-A723-43DC-8DB5-6173656A1E94} =>.Dropbox, Inc. (Hidden)
O42 - Logiciel: Epic Games Launcher Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] – {66C5838F-B854-4A55-89E6-A6138747A4DF} =>.Epic Games, Inc. (Hidden)
O42 - Logiciel: Fallout 4 - (.Bethesda Game Studios.) [HKLM][64Bits] – Steam App 377160 =>.Valve®
O42 - Logiciel: Fallout: New Vegas - (.Obsidian Entertainment.) [HKLM][64Bits] – Steam App 22380 =>.Valve®
O42 - Logiciel: Far Cry 4 - (.Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev.) [HKLM][64Bits] – Steam App 298110 =>.Valve®
O42 - Logiciel: Fraps - (.Beepa.) [HKLM][64Bits] – Fraps =>.Beepa
O42 - Logiciel: Garry’s Mod - (.Facepunch Studios.) [HKLM][64Bits] – Steam App 4000 =>.Valve®
O42 - Logiciel: Google Chrome - (.Google LLC.) [HKLM][64Bits] – Google Chrome =>.Google LLC®
O42 - Logiciel: Google Update Helper - (.Google LLC.) [HKLM][64Bits] – {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google LLC (Hidden)
O42 - Logiciel: Grand Theft Auto V - (.Rockstar North.) [HKLM][64Bits] – Steam App 271590 =>.Valve®
O42 - Logiciel: Grand Theft Auto: San Andreas - (.Rockstar Games.) [HKLM][64Bits] – Steam App 12120 =>.Valve®
O42 - Logiciel: Grand Theft Auto: Vice City - (.Rockstar Games.) [HKLM][64Bits] – Steam App 12110 =>.Valve®
O42 - Logiciel: iCloud - (.Apple Inc..) [HKLM][64Bits] – {DA6D808E-3629-4933-8FB3-583F9BCB0DEF} =>.Apple Inc.
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] – {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation®
O42 - Logiciel: Itibiti RTC - (.Itibiti Inc.) [HKLM][64Bits] – {730E03E4-350E-48E5-9D3E-4329903D454D} =>PUP.Optional.Itibiti (Hidden)
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] – {A8AF3EF8-5010-4A92-BCCA-90F62A7D62B8} =>.Apple Inc.
O42 - Logiciel: Java 8 Update 201 - (.Oracle Corporation.) [HKLM][64Bits] – {26A24AE4-039D-4CA4-87B4-2F32180201F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 211 - (.Oracle Corporation.) [HKLM][64Bits] – {26A24AE4-039D-4CA4-87B4-2F32180211F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 211 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] – {26A24AE4-039D-4CA4-87B4-2F64180211F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] – {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation (Hidden)
O42 - Logiciel: Java SE Development Kit 8 Update 201 - (.Oracle Corporation.) [HKLM][64Bits] – {32A3A4F4-B792-11D6-A78A-00B0D0180201} =>.Oracle Corporation
O42 - Logiciel: Java SE Development Kit 8 Update 60 - (.Oracle Corporation.) [HKLM][64Bits] – {32A3A4F4-B792-11D6-A78A-00B0D0180600} =>.Oracle Corporation
O42 - Logiciel: K-Lite Codec Pack 11.4.0 Full - (.KLite Inc.) [HKLM][64Bits] – KLiteCodecPack_is1 =>.KLite Inc
O42 - Logiciel: Launcher Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] – {c6c5a357-c7ca-4a5f-9789-3bb1af579253} =>.Epic Games Inc.® (Hidden)
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM][64Bits] – {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} =>.Microsoft
O42 - Logiciel: Microsoft Flight Simulator SimConnect Client v10.0.61259.0 - (.Microsoft Corporation.) [HKLM][64Bits] – {D61CA184-3F6D-4A50-B2CC-7A18447D6A8D} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Flight Simulator SimConnect Client v10.0.62615.0 - (.Microsoft Corporation.) [HKLM][64Bits] – {33D89314-361A-4495-A1E1-0ACBCE08F78D} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Flight Simulator X: Steam Edition - (.Microsoft Game Studios.) [HKLM][64Bits] – Steam App 314160 =>.Valve®
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] – {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] – {837b34e3-7c30-493c-8f6a-2b0f04e2912c} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {ad8a2fa1-06e7-4b0d-927d-6e54b3d31028} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] – {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] – {9A25302D-30C0-39D9-BD6F-21E6EC160475} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] – {9BE518E6-ECC6-35A9-88E4-87755C07200F} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] – {1D8E6291-B0D5-35EC-8441-6616F567A0F7} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] – {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {37B8F9C7-03FB-3253-8781-2517C99D7C00} =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97} =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {B175520C-86A2-35A7-8619-86DC379688B9} =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {BD95A8CD-1D9F-35AD-981A-3E7925026EBB} =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {7f51bdb9-ee21-49ee-94d6-90afc321780e} =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {ce085a78-074e-4823-8dc1-8a721b94b76d} =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {929FBD26-9020-399B-9A7A-751D61F0B942} =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {A749D8E6-B613-3BE3-8F5F-045C84EBA29B} =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185} =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {13A4EE12-23EA-3371-91EE-EFB36DDFFF3E} =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 - (.Microsoft Corporation.) [HKLM][64Bits] – {7474cd6e-76cc-4257-837e-5b9261e526af} =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 - (.Microsoft Corporation.) [HKLM][64Bits] – {5c045b7f-e561-4794-91f8-c6cda0893107} =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual C++ 2017 x64 Additional Runtime - 14.13.26020 - (.Microsoft Corporation.) [HKLM][64Bits] – {C5ECDB9A-D9B0-3107-BA85-1269998A5B3E} =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.13.26020 - (.Microsoft Corporation.) [HKLM][64Bits] – {221D6DB4-46E2-333C-B09B-5F49351D0980} =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2017 x86 Additional Runtime - 14.13.26020 - (.Microsoft Corporation.) [HKLM][64Bits] – {895D5198-C5DB-375E-86AB-133F4DAA9FE2} =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.13.26020 - (.Microsoft Corporation.) [HKLM][64Bits] – {8F271F6C-6E7B-3D0A-951B-6E7B694D78BD} =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Minecraft1.8 - (.Microsoft Corporation.) [HKLM][64Bits] – Minecraft1.8 =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM][64Bits] – {716E0306-8318-4364-8B8F-0CC4E9376BAC} =>.Microsoft Corporation
O42 - Logiciel: MySafeSavings - (..) [HKLM][64Bits] – MySafeSavings
O42 - Logiciel: Need for Speed: Hot Pursuit - (.Criterion Games.) [HKLM][64Bits] – Steam App 47870 =>.Valve®
O42 - Logiciel: NVAPI Monitor plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA 3D Vision Driver 425.31 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Ansel - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Backend - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Control Panel 425.31 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Display Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Display Container LS - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Display Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Display Watchdog Plugin - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA GeForce Experience 3.14.1.48 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Graphics Driver 425.31 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA HD Audio Driver 1.3.26.4 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA LocalSystem Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Message Bus for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA NetworkService Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA NodeJS - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Optimus Update 31.2.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA PhysX System Software 9.19.0218 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA ShadowPlay 3.14.1.48 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: Nvidia Share - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] – NVIDIAStereo =>.NVIDIA Corporation® (Hidden)
O42 - Logiciel: NVIDIA Telemetry Client - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Telemetry Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA TelemetryApi helper for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHel per =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Update 31.2.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA User Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Virtual Audio 4.08.3 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Virtual Host Controller - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvVHCI =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Watchdog Plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: OBS Studio - (.OBS Project.) [HKLM][64Bits] – OBS Studio =>.OBS Project
O42 - Logiciel: Oracle VM VirtualBox 6.0.8 - (.Oracle Corporation.) [HKLM][64Bits] – {C549898A-9AA8-4CF6-8290-EF5DB8ECA766} =>.Oracle Corporation
O42 - Logiciel: paint.net - (.dotPDN LLC.) [HKLM][64Bits] – {B998B716-4001-4919-BA90-BA14B51DFEB5} =>.dotPDN LLC
O42 - Logiciel: Project CARS - (.Slightly Mad Studios.) [HKLM][64Bits] – Steam App 234630 =>.Valve®
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] – {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp.®
O42 - Logiciel: Redragon Kumara Gaming Mechanical keyboard driver - (.Eastern Times Technology Co., Ltd.) [HKLM][64Bits] – {12F382E1-63D4-4B94-BD32-5F845E74FC79}
O42 - Logiciel: Rockstar Games Social Club - (.Rockstar Games.) [HKLM][64Bits] – Rockstar Games Social Club =>.Rockstar Games, Inc.®
O42 - Logiciel: RollerCoaster Tycoon 2 - (..) [HKLM][64Bits] – {72DF62BD-FF36-424E-AA5F-D89BAFF2C249}
O42 - Logiciel: Search the Web (Yahoo) - (..) [HKLM][64Bits] – a92e2408 =>Adware.YahooPowered
O42 - Logiciel: Sonic Foundry ACID 4.0 - (.Sonic Foundry.) [HKLM][64Bits] – {2A38B5AA-EA84-4F87-9937-2FB23982243A} =>.Sonic Foundry
O42 - Logiciel: Sony Vegas 5.0b - (.Sony.) [HKLM][64Bits] – {A7401380-F015-475B-A5AA-7AE1F23B3DB3} =>.Sony
O42 - Logiciel: Spintires: The Original Game - (.Oovee® Game Studios.) [HKLM][64Bits] – Steam App 263280 =>.Valve®
O42 - Logiciel: Spotify - (.Spotify AB.) [HKCU][64Bits] – Spotify =>.Spotify AB®
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] – Steam =>.Valve®
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] – {612C34C7-5E90-47D8-9B5C-0F717DD82726} =>.Adobe Systems, Inc (Hidden)
O42 - Logiciel: Unturned - (.Smartly Dressed Games.) [HKLM][64Bits] – Steam App 304930 =>.Valve®
O42 - Logiciel: Uplay - (.Ubisoft.) [HKLM][64Bits] – Uplay =>.Ubisoft Entertainment Sweden AB®
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] – VLC media player =>.VideoLAN
O42 - Logiciel: Windows Movie Maker 2019 - (.VideoWin.) [HKLM][64Bits] – {9CC29C6A-B5FE-497B-8F23-52A2557A92C0}}_is1 =>.VideoWin
O42 - Logiciel: Wondershare Filmora9(Build 9.1.2) - (.Wondershare Software.) [HKLM][64Bits] – Wondershare Filmora9_is1 =>.Wondershare Software
O42 - Logiciel: Wondershare Helper Compact 2.6.0 - (.Wondershare.) [HKLM][64Bits] – {5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1 =>.Wondershare

—\ HKCU & HKLM Software Keys (285) - 18s
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\BSD =>.SUP.DriverUpdatePlus
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\csastats =>Adware.InstallCore
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\ZoneMap\Domains\drp.su =>.SUP.DriverPack
HKCU\Software\drpsu =>.SUP.DriverPack
HKCU\Software\csastats =>Adware.InstallCore
HKCU\Software\undefined =>.SUP.Downloader
HKCU\Software\ProductSetup =>Adware.InstallCore
HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\ZoneMap\Domains\drp.su =>.SUP.DriverPack
HKLM\SOFTWARE\Wow6432Node\drpsu =>.SUP.DriverPack
HKLM\SOFTWARE\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\AVAST Software =>.AVAST Software
HKLM\SOFTWARE\Dolby =>.Dolby
HKLM\SOFTWARE\DTS =>.Creative Technology
HKLM\SOFTWARE\Fortemedia =>.Lugert Europe
HKLM\SOFTWARE\GNU =>.GNU
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\HaaliMkx =>.Haali Media
HKLM\SOFTWARE\Icaros =>.Icaros
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\IPS =>.EgisTec
HKLM\SOFTWARE\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\Khronos =>.Khronos
HKLM\SOFTWARE\Knowles =>.Knowles Electronics
HKLM\SOFTWARE\Macromedia =>.Macromedia
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\Nahimic =>.Nahimic
HKLM\SOFTWARE\Nuance =>.Nuance
HKLM\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Oracle =>.Oracle
HKLM\SOFTWARE\paint.net =>.Rick Brewster
HKLM\SOFTWARE\Patch My PC =>.Justin Chalfant
HKLM\SOFTWARE\Piriform =>.Piriform
HKLM\SOFTWARE\PowerISO =>.PowerISO Computing
HKLM\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\SonicFocus =>.Sonic Focus
HKLM\SOFTWARE\SoundResearch =>.Sound Research
HKLM\SOFTWARE\SRS Labs =>.SRS Labs
HKLM\SOFTWARE\TrendMicro =>.TrendMicro
HKLM\SOFTWARE\VideoLAN =>.VideoLan Team
HKLM\SOFTWARE\Waves Audio =>.Waves Audio
HKLM\SOFTWARE\Wondershare =>.Wondershare
HKLM\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\Yamaha APO =>.Yamaha Corp.
HKLM\SOFTWARE\WOW6432Node\Adobe =>.Adobe
HKLM\SOFTWARE\WOW6432Node\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\WOW6432Node\AppDataLow =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\WOW6432Node\AsLdr =>.ASUSTeK
HKLM\SOFTWARE\WOW6432Node\ASUS =>.ASUS
HKLM\SOFTWARE\WOW6432Node\AVAST Software =>.AVAST Software
HKLM\SOFTWARE\WOW6432Node\bethesda softworks =>.Bethesda Softworks
HKLM\SOFTWARE\WOW6432Node\BSD =>.Berkeley
HKLM\SOFTWARE\WOW6432Node\CompeteInc =>.SUP.Compete
HKLM\SOFTWARE\WOW6432Node\DovetailGames =>.Dovetail Games
HKLM\SOFTWARE\WOW6432Node\Dropbox =>.Dropbox
HKLM\SOFTWARE\WOW6432Node\DropboxUpdate =>.Dropbox Inc.
HKLM\SOFTWARE\WOW6432Node\EaseUS =>.EaseUS Software
HKLM\SOFTWARE\WOW6432Node\Eastern Times Technology Co., Ltd
HKLM\SOFTWARE\WOW6432Node\EasyAntiCheat =>.EasyAntiCheat
HKLM\SOFTWARE\WOW6432Node\Electronic Arts =>.Electronic Arts
HKLM\SOFTWARE\WOW6432Node\Fraps =>.Beepa
HKLM\SOFTWARE\WOW6432Node\Gaijin =>.Gaijin Entertainment
HKLM\SOFTWARE\WOW6432Node\GNU =>.GNU
HKLM\SOFTWARE\WOW6432Node\Google =>.Google
HKLM\SOFTWARE\WOW6432Node\HaaliMkx =>.Haali Media
HKLM\SOFTWARE\WOW6432Node\HighCriteria =>.High Criteria Inc
HKLM\SOFTWARE\WOW6432Node\HiRez Studios =>.Hirez Studios
HKLM\SOFTWARE\WOW6432Node\Icaros =>.Icaros
HKLM\SOFTWARE\WOW6432Node\iMobie =>.iMobie Inc
HKLM\SOFTWARE\WOW6432Node\Infogrames =>.Infogrames
HKLM\SOFTWARE\WOW6432Node\Infogrames Interactive =>.Infogrames
HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel
HKLM\SOFTWARE\WOW6432Node\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\WOW6432Node\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\WOW6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\WOW6432Node\KLCodecPack =>.KLite Inc
HKLM\SOFTWARE\WOW6432Node\LAV =>.LAV Inc
HKLM\SOFTWARE\WOW6432Node\Macromedia =>.Macromedia
HKLM\SOFTWARE\WOW6432Node\McAfee =>.McAfee Inc.
HKLM\SOFTWARE\WOW6432Node\mcafeeupdater =>.McAfee Inc.
HKLM\SOFTWARE\WOW6432Node\MIDI Plugins
HKLM\SOFTWARE\WOW6432Node\MOSART =>.MosArt
HKLM\SOFTWARE\WOW6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\WOW6432Node\MySafeSavings
HKLM\SOFTWARE\WOW6432Node\Nuance =>.Nuance
HKLM\SOFTWARE\WOW6432Node\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\WOW6432Node\OBS Studio =>.OBS Studio
HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\WOW6432Node\OldTimer Tools =>.OldTimer Tools
HKLM\SOFTWARE\WOW6432Node\Oracle =>.Oracle
HKLM\SOFTWARE\WOW6432Node\Origin Games =>.Electronic Arts, Inc.
HKLM\SOFTWARE\WOW6432Node\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\WOW6432Node\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\WOW6432Node\Respawn =>.Respawn Entertainment
HKLM\SOFTWARE\WOW6432Node\ROBLOX Corporation =>.Roblox Corporation
HKLM\SOFTWARE\WOW6432Node\Rockstar Games =>.Rockstar Games
HKLM\SOFTWARE\WOW6432Node\Sonic Foundry =>.Sonic Foundry
HKLM\SOFTWARE\WOW6432Node\Sony Media Software =>.Sony Media Software
HKLM\SOFTWARE\WOW6432Node\Square Enix =>.Square Enix
HKLM\SOFTWARE\WOW6432Node\SRS Labs =>.SRS Labs
HKLM\SOFTWARE\WOW6432Node\TrendMicro =>.TrendMicro
HKLM\SOFTWARE\WOW6432Node\Ubisoft =>.Ubisoft
HKLM\SOFTWARE\WOW6432Node\Valve =>.Valve
HKLM\SOFTWARE\WOW6432Node\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\WafCX =>.WafCX
HKLM\SOFTWARE\WOW6432Node\Wondershare =>.Wondershare
HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\4A-Games =>.4A-Games
HKCU\SOFTWARE\ACPTab
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc. =>.Apple Inc.
HKCU\SOFTWARE\Avast Software =>.AVAST Software
HKCU\SOFTWARE\AvastAdSDK =>.Avast Software s.r.o
HKCU\SOFTWARE\Browser Cleanup =>.Avast Software s.r.o
HKCU\SOFTWARE\BSD =>.Berkeley
HKCU\SOFTWARE\BugSplat =>.Bugsplat Game
HKCU\SOFTWARE\Chromium =>.Chromium
HKCU\SOFTWARE\DirectShow =>.Microsoft Corporation
HKCU\SOFTWARE\Discord =>.Discord
HKCU\SOFTWARE\Dropbox =>.Dropbox
HKCU\SOFTWARE\DropboxUpdate =>.Dropbox Inc.
HKCU\SOFTWARE\DRP
HKCU\SOFTWARE\EaseUS =>.EaseUS Software
HKCU\SOFTWARE\Electronic Arts =>.Electronic Arts
HKCU\SOFTWARE\Epic Games =>.Epic Games
HKCU\SOFTWARE\Fraps3 =>.Beepa
HKCU\SOFTWARE\FwCustom_Evision
HKCU\SOFTWARE\Geek Uninstaller =>.Geek Uninstaller
HKCU\SOFTWARE\GNU =>.GNU
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\Haali =>.Haali Media
HKCU\SOFTWARE\Icaros =>.Icaros
HKCU\SOFTWARE\InSTab
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\IvoSoft =>.IvoSoft
HKCU\SOFTWARE\Jagex =>.Jagex
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\LeaderTech =>.Leadertech Systems
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\MediaInfo =>.Jérôme Martinez
HKCU\SOFTWARE\Mine =>.Microsoft Corporation
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKCU\SOFTWARE\MPC-HC =>.MPC-HC Team
HKCU\SOFTWARE\MySafeSavings
HKCU\SOFTWARE\N64 Emulation =>.Games Software
HKCU\SOFTWARE\Naver
HKCU\SOFTWARE\NewTechnologyStudio =>.New Technology Studio
HKCU\SOFTWARE\NHN Corporation =>.NHN Corporation
HKCU\SOFTWARE\Nintendulator
HKCU\SOFTWARE\Norassie =>.Norassie
HKCU\SOFTWARE\NTSCorp =>.NTSCorp Ltd
HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKCU\SOFTWARE\OpenDownladManager
HKCU\SOFTWARE\Oracle =>.Oracle
HKCU\SOFTWARE\paint.net =>.Rick Brewster
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\Resplendence Sp =>.Resplendence Software
HKCU\SOFTWARE\Roblox =>.ROBLOX
HKCU\SOFTWARE\ROBLOX Corporation =>.Roblox Corporation
HKCU\SOFTWARE\Rockstar Games =>.Rockstar Games
HKCU\SOFTWARE\ScriptHookV
HKCU\SOFTWARE\SecuROM =>.SecuROM
HKCU\SOFTWARE\Smartly Dressed Games =>.Smartly Dressed Games
HKCU\SOFTWARE\Sonic Foundry =>.Sonic Foundry
HKCU\SOFTWARE\Sony Media Software =>.Sony Media Software
HKCU\SOFTWARE\Spotify =>.Spotify
HKCU\SOFTWARE\System Healer =>.SUP.SystemHealer
HKCU\SOFTWARE\Tencent =>.SUP.Tencent
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\Ubisoft =>.Ubisoft
HKCU\SOFTWARE\Valve =>.Valve
HKCU\SOFTWARE\Wargaming.net =>.Wargaming.net
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wondershare =>.Wondershare
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\YourUpdater
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\Adobe =>.Adobe
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Macromedia =>.Macromedia
HKU.DEFAULT\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKU.DEFAULT\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKU.DEFAULT\SOFTWARE\Apple Inc. =>.Apple Inc.
HKU.DEFAULT\SOFTWARE\AVAST Software =>.AVAST Software
HKU.DEFAULT\SOFTWARE\Dropbox =>.Dropbox
HKU.DEFAULT\SOFTWARE\Epic Games =>.Epic Games
HKU.DEFAULT\SOFTWARE\Google =>.Google
HKU.DEFAULT\SOFTWARE\IvoSoft =>.IvoSoft
HKU.DEFAULT\SOFTWARE\Nahimic =>.Nahimic
HKU.DEFAULT\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKU.DEFAULT\SOFTWARE\Piriform =>.Piriform
HKU.DEFAULT\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\4A-Games =>.4A-Games
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\ACPTab
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Adobe =>.Adobe
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Apple Inc. =>.Apple Inc.
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Avast Software =>.AVAST Software
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\AvastAdSDK =>.Avast Software s.r.o
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Browser Cleanup =>.Avast Software s.r.o
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\BSD =>.Berkeley
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\BugSplat =>.Bugsplat Game
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Chromium =>.Chromium
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\DirectShow =>.Microsoft Corporation
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Discord =>.Discord
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Dropbox =>.Dropbox
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\DropboxUpdate =>.Dropbox Inc.
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\DRP
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\drpsu =>.SUP.DriverPack
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\EaseUS =>.EaseUS Software
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Electronic Arts =>.Electronic Arts
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Epic Games =>.Epic Games
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Fraps3 =>.Beepa
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\FwCustom_Evision
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Geek Uninstaller =>.Geek Uninstaller
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\GNU =>.GNU
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Google =>.Google
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Haali =>.Haali Media
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Icaros =>.Icaros
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\InSTab
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Intel =>.Intel
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\IvoSoft =>.IvoSoft
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Jagex =>.Jagex
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\JavaSoft =>.JavaSoft
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\LeaderTech =>.Leadertech Systems
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Macromedia =>.Macromedia
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\MediaInfo =>.Jérôme Martinez
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Mine =>.Microsoft Corporation
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Mozilla =>.Mozilla
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\MPC-HC =>.MPC-HC Team
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\MySafeSavings
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\N64 Emulation =>.Games Software
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Naver
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\NewTechnologyStudio =>.New Technology Studio
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\NHN Corporation =>.NHN Corporation
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Nintendulator
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Norassie =>.Norassie
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\NTSCorp =>.NTSCorp Ltd
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\OpenDownladManager
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Oracle =>.Oracle
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\paint.net =>.Rick Brewster
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Piriform =>.Piriform
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\ProductSetup =>Adware.InstallCore
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\QtProject =>.QtProject
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Resplendence Sp =>.Resplendence Software
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Roblox =>.ROBLOX
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\ROBLOX Corporation =>.Roblox Corporation
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Rockstar Games =>.Rockstar Games
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\ScriptHookV
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\SecuROM =>.SecuROM
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Smartly Dressed Games =>.Smartly Dressed Games
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Sonic Foundry =>.Sonic Foundry
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Sony Media Software =>.Sony Media Software
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Spotify =>.Spotify
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\System Healer =>.SUP.SystemHealer
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Tencent =>.SUP.Tencent
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Trolltech =>.Trolltech
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Ubisoft =>.Ubisoft
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\undefined =>.SUP.Downloader
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Valve =>.Valve
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Wargaming.net =>.Wargaming.net
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\WinRAR SFX =>.RarLab
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Wondershare =>.Wondershare
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\YourUpdater
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\ZHP =>.Nicolas Coolman

—\ Contents of the Common Files folders (322) - 12s
O43 - CFD: 05/03/2019 - D – C:\Program Files\AVAST Software =>.AVAST Software s.r.o.®
O43 - CFD: 11/02/2019 - D – C:\Program Files\CCleaner =>.Piriform Ltd
O43 - CFD: 02/02/2018 - [0] D – C:\Program Files\Classic Shell =>.Ivo Beltchev
O43 - CFD: 30/04/2019 - D – C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 01/06/2019 - [0] D – C:\Program Files\Epic Games =>.Epic Games
O43 - CFD: 23/03/2019 - D – C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 21/12/2018 - D – C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 04/06/2019 - D – C:\Program Files\iPod =>.Apple Inc.®
O43 - CFD: 15/06/2019 - D – C:\Program Files\iTunes =>.Apple Inc.
O43 - CFD: 12/06/2019 - D – C:\Program Files\Java =>.Oracle
O43 - CFD: 15/06/2019 - D – C:\Program Files\KMSpico =>HackTool.KMSpico
O43 - CFD: 12/02/2018 - D – C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 11/02/2019 - D – C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 25/02/2019 - D – C:\Program Files\obs-studio =>.OBS-Studio
O43 - CFD: 08/06/2019 - D – C:\Program Files\Oracle =>.Oracle
O43 - CFD: 15/06/2019 - D – C:\Program Files\paint.net =>.Rick Brewster
O43 - CFD: 13/12/2018 - D – C:\Program Files\Realtek =>.Realtek
O43 - CFD: 12/02/2018 - D – C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 29/04/2019 - D – C:\Program Files\Rockstar Games =>.Rockstar Games, Inc.®
O43 - CFD: 22/08/2013 - [0] HD – C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 18/02/2019 - D – C:\Program Files\VideoLAN =>.VideoLan Team
O43 - CFD: 30/04/2019 - D – C:\Program Files\WhySoSlow
O43 - CFD: 13/05/2017 - D – C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 07/10/2015 - D – C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 13/10/2018 - D – C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 07/06/2019 - D – C:\Program Files\Windows Movie Maker =>.Microsoft Corporation
O43 - CFD: 07/10/2015 - D – C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 22/08/2013 - D – C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 07/10/2015 - D – C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 07/10/2015 - D – C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 22/08/2013 - SHD – C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 15/06/2019 - HD – C:\Program Files\WindowsApps =>.Microsoft Corporation
O43 - CFD: 07/10/2015 - D – C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 13/04/2019 - [0] D – C:\Program Files\WinRAR =>.WinRAR
O43 - CFD: 13/04/2019 - [0] D – C:\Program Files (x86)\360 =>.Qihu 360 Software
O43 - CFD: 30/09/2015 - D – C:\Program Files (x86)\Adobe =>.Adobe Inc.®
O43 - CFD: 14/06/2019 - D – C:\Program Files (x86)\Adware Removal Tool by TSA =>.TSA Softwares
O43 - CFD: 15/06/2019 - D – C:\Program Files (x86)\AmazonBasics gaming software
O43 - CFD: 11/06/2019 - D – C:\Program Files (x86)\Apple Software Update =>.Apple Inc.
O43 - CFD: 03/10/2015 - D – C:\Program Files (x86)\ASUS =>.ASUSTeK Computer Inc.®
O43 - CFD: 25/06/2018 - D – C:\Program Files (x86)\BeamNG =>.BeamNG
O43 - CFD: 05/06/2019 - D – C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 05/06/2019 - D – C:\Program Files (x86)\Dropbox =>.Dropbox, Inc®
O43 - CFD: 29/03/2019 - D – C:\Program Files (x86)\EaseUS =>.EaseUS Software
O43 - CFD: 23/03/2018 - D – C:\Program Files (x86)\EasyAntiCheat =>.EasyAntiCheat
O43 - CFD: 22/02/2016 - D – C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 17/02/2018 - D – C:\Program Files (x86)\iMobie =>.iMobie Inc
O43 - CFD: 17/05/2019 - D – C:\Program Files (x86)\Infogrames Interactive =>.Infogrames
O43 - CFD: 17/05/2019 - HD – C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield
O43 - CFD: 30/09/2015 - D – C:\Program Files (x86)\Intel =>.Intel Corporation
O43 - CFD: 17/05/2019 - D – C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 15/06/2019 - D – C:\Program Files (x86)\Java =>.Oracle
O43 - CFD: 30/09/2015 - D – C:\Program Files (x86)\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 30/04/2019 - D – C:\Program Files (x86)\McAfee Safe Connect =>.McAfee Inc.
O43 - CFD: 22/08/2013 - D – C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 12/02/2018 - D – C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
O43 - CFD: 02/03/2019 - [0] D – C:\Program Files (x86)\MSXML 4.0 =>.Microsoft Corporation
O43 - CFD: 01/06/2019 - D – C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 18/10/2016 - D – C:\Program Files (x86)\OpenDownloaderManager
O43 - CFD: 05/03/2019 - D – C:\Program Files (x86)\OpenSupport =>.Itibiti Ventures Inc.®
O43 - CFD: 15/06/2019 - D – C:\Program Files (x86)\Qualcomm Atheros =>.Qualcomm Atheros
O43 - CFD: 01/05/2019 - D – C:\Program Files (x86)\Realtek =>.Realtek
O43 - CFD: 03/02/2019 - D – C:\Program Files (x86)\Redragon Kumara Gaming Mechanical keyboard driver
O43 - CFD: 12/02/2018 - D – C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 06/06/2017 - D – C:\Program Files (x86)\Roblox =>.ROBLOX
O43 - CFD: 29/04/2019 - D – C:\Program Files (x86)\Rockstar Games =>.Rockstar Games, Inc.®
O43 - CFD: 17/05/2019 - D – C:\Program Files (x86)\Sonic Foundry =>.Sonic Foundry
O43 - CFD: 17/05/2019 - D – C:\Program Files (x86)\Sony =>.Sony
O43 - CFD: 15/06/2019 - D – C:\Program Files (x86)\Steam =>.Steam Games
O43 - CFD: 01/05/2019 - [0] HD – C:\Program Files (x86)\Temp =>.Microsoft Corporation
O43 - CFD: 25/03/2019 - D – C:\Program Files (x86)\Ubisoft =>.Ubisoft
O43 - CFD: 29/08/2018 - D – C:\Program Files (x86)\VulkanRT =>.LunarG, Inc
O43 - CFD: 13/05/2017 - D – C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 07/10/2015 - D – C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 13/10/2018 - D – C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 07/10/2015 - D – C:\Program Files (x86)\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 22/08/2013 - D – C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 07/10/2015 - D – C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 07/10/2015 - D – C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 22/08/2013 - SHD – C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 22/08/2013 - D – C:\Program Files (x86)\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 30/05/2019 - D – C:\Program Files (x86)\Wondershare =>.Wondershare
O43 - CFD: 07/10/2015 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 22/07/2018 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 17/05/2019 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 05/02/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonBasics gaming software
O43 - CFD: 03/10/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS =>.ASUS
O43 - CFD: 05/03/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software =>.AVAST Software
O43 - CFD: 25/06/2018 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeamNG =>.BeamNG
O43 - CFD: 25/07/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd
O43 - CFD: 05/06/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox =>.Dropbox
O43 - CFD: 26/03/2018 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps =>.Fraps Games
O43 - CFD: 05/11/2015 - [0] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 15/06/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud =>.Apple Inc.
O43 - CFD: 17/02/2018 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie =>.iMobie Inc
O43 - CFD: 17/05/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infogrames Interactive =>.Infogrames
O43 - CFD: 04/06/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes =>.Apple Inc.
O43 - CFD: 15/06/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
O43 - CFD: 15/06/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit =>.Oracle
O43 - CFD: 30/09/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 22/08/2013 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 28/08/2018 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 25/02/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio =>.OBS Studio
O43 - CFD: 08/06/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox =>.Oracle
O43 - CFD: 25/06/2018 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics =>.R.G. Mechanics
O43 - CFD: 03/02/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redragon Kumara
O43 - CFD: 17/05/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Foundry =>.Sonic Foundry
O43 - CFD: 17/05/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony =>.Sony
O43 - CFD: 15/02/2019 - [0] RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp =>.Microsoft Corporation
O43 - CFD: 12/12/2018 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games
O43 - CFD: 07/10/2015 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 15/06/2019 - [0] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software =>.SUP.Tencent
O43 - CFD: 18/02/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team
O43 - CFD: 07/06/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker =>.Microsoft Corporation
O43 - CFD: 30/05/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare =>.Wondershare
O43 - CFD: 30/09/2015 - D – C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 30/09/2015 - D – C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 30/09/2015 - D – C:\ProgramData\Apple Computer =>.Apple Inc.
O43 - CFD: 22/08/2013 - [0] SHD – C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 01/05/2019 - D – C:\ProgramData\Audyssey Labs =>.Audyssey Labs
O43 - CFD: 15/06/2019 - D – C:\ProgramData\AVAST Software =>.AVAST Software
O43 - CFD: 10/12/2018 - D – C:\ProgramData\boost_interprocess =>.boost.org
O43 - CFD: 14/06/2019 - [0] D – C:\ProgramData\BSD =>.Berkeley
O43 - CFD: 22/08/2013 - [0] SHD – C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 22/08/2013 - [0] SHD – C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 28/02/2018 - D – C:\ProgramData\Dropbox =>.Dropbox
O43 - CFD: 07/02/2019 - D – C:\ProgramData\Electronic Arts =>.Electronic Arts
O43 - CFD: 21/03/2019 - D – C:\ProgramData\Epic =>.Epic
O43 - CFD: 13/02/2018 - D – C:\ProgramData\Gaijin =>.Gaijin Entertainment
O43 - CFD: 30/04/2019 - [0] D – C:\ProgramData\Jagex =>.Jagex
O43 - CFD: 15/02/2019 - D – C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 02/03/2019 - SD – C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 15/06/2019 - D – C:\ProgramData\NVIDIA =>.nVidia Corporation
O43 - CFD: 01/06/2019 - D – C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 31/07/2017 - D – C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 27/06/2018 - D – C:\ProgramData\Orbit =>.Orbit
O43 - CFD: 30/04/2019 - D – C:\ProgramData\Origin =>.Electronic Arts, Inc.
O43 - CFD: 28/08/2018 - D – C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 15/06/2019 - D – C:\ProgramData\Qualcomm Atheros =>.Qualcomm Atheros
O43 - CFD: 07/10/2015 - D – C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 06/06/2017 - D – C:\ProgramData\Roblox =>.ROBLOX
O43 - CFD: 22/08/2013 - [0] SHD – C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 29/03/2019 - D – C:\ProgramData\SystemAcCrux
O43 - CFD: 22/08/2013 - [0] SHD – C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 15/06/2019 - D – C:\ProgramData\Tencent =>.SUP.Tencent
O43 - CFD: 07/06/2019 - D – C:\ProgramData\VideoWinSoft
O43 - CFD: 08/06/2019 - D – C:\ProgramData\VirtualBox =>.Oracle
O43 - CFD: 22/01/2018 - D – C:\ProgramData\Wargaming.net =>.Wargaming.net
O43 - CFD: 30/05/2019 - D – C:\ProgramData\Wondershare =>.Wondershare
O43 - CFD: 07/06/2019 - D – C:\ProgramData\Wondershare Filmora =>.Wondershare
O43 - CFD: 01/06/2019 - [0] D – C:\ProgramData\Wondershare Filmora Scrn =>.Wondershare
O43 - CFD: 15/06/2019 - D – C:\Program Files (x86)\Common Files\Adobe AIR =>.Adobe Inc.
O43 - CFD: 15/06/2019 - D – C:\Program Files (x86)\Common Files\Apple =>.Apple Inc.
O43 - CFD: 24/03/2019 - [0] D – C:\Program Files (x86)\Common Files\AV =>.Avast
O43 - CFD: 21/05/2019 - D – C:\Program Files (x86)\Common Files\BattlEye =>.BattlEye
O43 - CFD: 17/05/2019 - D – C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield
O43 - CFD: 30/09/2015 - D – C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation
O43 - CFD: 05/06/2019 - D – C:\Program Files (x86)\Common Files\Java =>.Oracle
O43 - CFD: 06/01/2019 - D – C:\Program Files (x86)\Common Files\Microsoft Shared =>.Microsoft Corporation
O43 - CFD: 05/06/2019 - D – C:\Program Files (x86)\Common Files\Oracle =>.Oracle
O43 - CFD: 22/08/2013 - D – C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 15/06/2019 - D – C:\Program Files (x86)\Common Files\Steam =>.Steam Games
O43 - CFD: 07/10/2015 - D – C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 30/05/2019 - D – C:\Program Files (x86)\Common Files\Wondershare =>.Wondershare
O43 - CFD: 01/05/2019 - D – C:\Users\Pavel\AppData\Roaming.minecraft =>.Microsoft Corporation
O43 - CFD: 24/03/2019 - [0] D – C:\Users\Pavel\AppData\Roaming\360DrvMgr
O43 - CFD: 30/09/2015 - D – C:\Users\Pavel\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 05/04/2019 - D – C:\Users\Pavel\AppData\Roaming\AndroidTbox
O43 - CFD: 11/06/2019 - D – C:\Users\Pavel\AppData\Roaming\Apple Computer =>.Apple Inc.
O43 - CFD: 11/02/2018 - D – C:\Users\Pavel\AppData\Roaming\Audacity =>.Audacity
O43 - CFD: 05/03/2019 - D – C:\Users\Pavel\AppData\Roaming\AVAST Software =>.AVAST Software
O43 - CFD: 06/04/2018 - D – C:\Users\Pavel\AppData\Roaming\CC
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\AppData\Roaming\discord =>.GitHub
O43 - CFD: 25/06/2018 - D – C:\Users\Pavel\AppData\Roaming\Driver - San Francisco =>.Cisco Systems, Inc.
O43 - CFD: 28/02/2018 - D – C:\Users\Pavel\AppData\Roaming\Dropbox =>.Dropbox
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\AppData\Roaming\DRPSu =>.SUP.DriverPack
O43 - CFD: 17/05/2019 - D – C:\Users\Pavel\AppData\Roaming\dvdcss =>.VideoLan Team
O43 - CFD: 08/02/2019 - D – C:\Users\Pavel\AppData\Roaming\EasyAntiCheat =>.EasyAntiCheat
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\AppData\Roaming\Geek Uninstaller =>.Geek Uninstaller
O43 - CFD: 07/09/2018 - D – C:\Users\Pavel\AppData\Roaming\Google =>.Google
O43 - CFD: 24/05/2019 - D – C:\Users\Pavel\AppData\Roaming\HandBrake =>.Handbrake
O43 - CFD: 07/10/2015 - D – C:\Users\Pavel\AppData\Roaming\Identities =>.Microsoft Corporation
O43 - CFD: 27/02/2018 - D – C:\Users\Pavel\AppData\Roaming\iMobie =>.iMobie Inc
O43 - CFD: 07/07/2017 - D – C:\Users\Pavel\AppData\Roaming\java =>.Oracle
O43 - CFD: 30/09/2015 - D – C:\Users\Pavel\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 15/02/2019 - D – C:\Users\Pavel\AppData\Roaming\McAfee Safe Connect =>.McAfee Inc.
O43 - CFD: 23/05/2019 - SD – C:\Users\Pavel\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 08/06/2019 - D – C:\Users\Pavel\AppData\Roaming\MPC-HC =>.MPC-HC Team
O43 - CFD: 24/03/2018 - D – C:\Users\Pavel\AppData\Roaming\Netease
O43 - CFD: 17/05/2019 - [0] D – C:\Users\Pavel\AppData\Roaming\NetMedia Providers =>.NetMedia
O43 - CFD: 05/11/2015 - [0] D – C:\Users\Pavel\AppData\Roaming\New Technology Studio =>.New Technology Studio
O43 - CFD: 02/02/2018 - D – C:\Users\Pavel\AppData\Roaming\Nintendulator
O43 - CFD: 29/08/2018 - D – C:\Users\Pavel\AppData\Roaming\NVIDIA =>.nVidia Corporation
O43 - CFD: 08/06/2019 - D – C:\Users\Pavel\AppData\Roaming\obs-studio =>.OBS-Studio
O43 - CFD: 17/05/2019 - [0] D – C:\Users\Pavel\AppData\Roaming\Publish Providers =>.Legitimate
O43 - CFD: 05/03/2019 - RHD – C:\Users\Pavel\AppData\Roaming\SecuROM =>.SecuROM
O43 - CFD: 17/05/2019 - D – C:\Users\Pavel\AppData\Roaming\Sonic Foundry =>.Sonic Foundry
O43 - CFD: 17/05/2019 - D – C:\Users\Pavel\AppData\Roaming\Sony =>.Sony
O43 - CFD: 09/03/2019 - D – C:\Users\Pavel\AppData\Roaming\SpinTires =>.SpinTires
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\AppData\Roaming\Spotify =>.Spotify
O43 - CFD: 30/09/2015 - D – C:\Users\Pavel\AppData\Roaming\Sun =>.Oracle
O43 - CFD: 10/09/2017 - D – C:\Users\Pavel\AppData\Roaming\TankiOnline
O43 - CFD: 21/02/2019 - D – C:\Users\Pavel\AppData\Roaming\Terrible Toybox
O43 - CFD: 08/04/2018 - D – C:\Users\Pavel\AppData\Roaming\TextNow
O43 - CFD: 02/06/2019 - D – C:\Users\Pavel\AppData\Roaming\Trine3
O43 - CFD: 03/08/2018 - D – C:\Users\Pavel\AppData\Roaming\Unreal Engine =>.Epic Games
O43 - CFD: 07/06/2019 - D – C:\Users\Pavel\AppData\Roaming\VideoWinSoft
O43 - CFD: 08/06/2019 - D – C:\Users\Pavel\AppData\Roaming\vlc =>.VideoLan Team
O43 - CFD: 30/04/2019 - D – C:\Users\Pavel\AppData\Roaming\Wargaming.net =>.Wargaming.net
O43 - CFD: 10/10/2015 - D – C:\Users\Pavel\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 20/05/2016 - [0] D – C:\Users\Pavel\AppData\Roaming\YourUpdater
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 15/02/2019 - D – C:\Users\Pavel\AppData\Local\Adobe =>.Adobe
O43 - CFD: 30/09/2015 - D – C:\Users\Pavel\AppData\Local\Apple =>.Apple Inc.
O43 - CFD: 11/06/2019 - D – C:\Users\Pavel\AppData\Local\Apple Computer =>.Apple Inc.
O43 - CFD: 29/09/2015 - [0] SHD – C:\Users\Pavel\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\AppData\Local\AVAST Software =>.AVAST Software
O43 - CFD: 17/05/2019 - D – C:\Users\Pavel\AppData\Local\BattlEye =>.BattlEye
O43 - CFD: 30/04/2019 - D – C:\Users\Pavel\AppData\Local\Bluestacks =>.BlueStack Systems, Inc.
O43 - CFD: 30/09/2015 - D – C:\Users\Pavel\AppData\Local\CEF =>.CEF
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\AppData\Local\Chromium =>.Chromium
O43 - CFD: 02/02/2018 - D – C:\Users\Pavel\AppData\Local\ClassicShell =>.SourceForge
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\AppData\Local\CrashDumps =>.Microsoft Corporation
O43 - CFD: 06/04/2018 - D – C:\Users\Pavel\AppData\Local\CrashReportClient
O43 - CFD: 26/06/2018 - D – C:\Users\Pavel\AppData\Local\CrashRpt
O43 - CFD: 12/06/2019 - D – C:\Users\Pavel\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 24/03/2019 - D – C:\Users\Pavel\AppData\Local\Discord =>.GitHub
O43 - CFD: 29/03/2018 - D – C:\Users\Pavel\AppData\Local\Dropbox =>.Dropbox
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 23/03/2018 - D – C:\Users\Pavel\AppData\Local\EpicGamesLauncher =>.Epic Games
O43 - CFD: 06/06/2019 - D – C:\Users\Pavel\AppData\Local\Fallout4 =>.Black Isle Studios
O43 - CFD: 08/06/2019 - D – C:\Users\Pavel\AppData\Local\FalloutNV =>.Games Software
O43 - CFD: 12/05/2018 - D – C:\Users\Pavel\AppData\Local\Febino
O43 - CFD: 06/11/2015 - D – C:\Users\Pavel\AppData\Local\fontconfig =>.Portable Apps
O43 - CFD: 23/03/2018 - D – C:\Users\Pavel\AppData\Local\FortniteGame
O43 - CFD: 02/06/2018 - D – C:\Users\Pavel\AppData\Local\Gaijin =>.Gaijin Entertainment
O43 - CFD: 12/05/2019 - D – C:\Users\Pavel\AppData\Local\GameAnalytics
O43 - CFD: 06/11/2015 - D – C:\Users\Pavel\AppData\Local\gegl-0.2 =>.Portable Apps
O43 - CFD: 27/10/2016 - D – C:\Users\Pavel\AppData\Local\Google =>.Google
O43 - CFD: 09/04/2019 - D – C:\Users\Pavel\AppData\Local\gtk-2.0 =>.GTK Project
O43 - CFD: 08/10/2015 - D – C:\Users\Pavel\AppData\Local\GWX =>.GWX
O43 - CFD: 29/09/2015 - [0] SHD – C:\Users\Pavel\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 24/02/2018 - D – C:\Users\Pavel\AppData\Local\iMobie_Inc =>.iMobie Inc
O43 - CFD: 09/07/2017 - D – C:\Users\Pavel\AppData\Local\Intel_Corporation =>.Intel Corporation
O43 - CFD: 30/04/2019 - [0] D – C:\Users\Pavel\AppData\Local\Jagex =>.Jagex
O43 - CFD: 15/02/2019 - D – C:\Users\Pavel\AppData\Local\McAfee_Inc =>.McAfee Inc.
O43 - CFD: 30/04/2019 - D – C:\Users\Pavel\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 08/06/2019 - DC – C:\Users\Pavel\AppData\Local\MigWiz =>.MigWiz
O43 - CFD: 17/10/2015 - D – C:\Users\Pavel\AppData\Local\New Technology Studio =>.New Technology Studio
O43 - CFD: 02/06/2019 - D – C:\Users\Pavel\AppData\Local\NVIDIA =>.nVidia Corporation
O43 - CFD: 22/05/2019 - D – C:\Users\Pavel\AppData\Local\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 07/11/2015 - D – C:\Users\Pavel\AppData\Local\paint.net =>.Rick Brewster
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\AppData\Local\Patch_My_PC,_LLC
O43 - CFD: 12/12/2018 - D – C:\Users\Pavel\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 05/03/2019 - D – C:\Users\Pavel\AppData\Local\Rockstar Games =>.Rockstar Games
O43 - CFD: 12/05/2018 - [0] D – C:\Users\Pavel\AppData\Local\Sefaci
O43 - CFD: 11/12/2018 - D – C:\Users\Pavel\AppData\Local\Speech Graphics
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\AppData\Local\Spotify =>.Spotify
O43 - CFD: 20/02/2018 - D – C:\Users\Pavel\AppData\Local\SquirrelTemp =>.Squirrels
O43 - CFD: 12/12/2018 - D – C:\Users\Pavel\AppData\Local\Steam =>.Steam Games
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 29/09/2015 - [0] SHD – C:\Users\Pavel\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 06/06/2019 - D – C:\Users\Pavel\AppData\Local\Ubisoft Game Launcher =>.Ubisoft
O43 - CFD: 10/04/2019 - D – C:\Users\Pavel\AppData\Local\UnrealEngine =>.Unreal Software
O43 - CFD: 23/03/2018 - D – C:\Users\Pavel\AppData\Local\UnrealEngineLauncher =>.Unreal Software
O43 - CFD: 26/03/2019 - D – C:\Users\Pavel\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 30/05/2019 - D – C:\Users\Pavel\AppData\Local\Wondershare =>.Wondershare
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 12/01/2019 - D – C:\Users\Pavel\AppData\Local{FA36CC8D-DF64-A1FB-B452-862968807B17}
O43 - CFD: 22/08/2016 - D – C:\Users\Pavel\AppData\Local{FA6BCC37-DEC3-A08F-B35B-8567973379FF}
O43 - CFD: 30/09/2015 - [0] D – C:\Users\Pavel\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 30/09/2015 - D – C:\Users\Pavel\AppData\LocalLow\Apple Computer =>.Apple Inc.
O43 - CFD: 07/11/2015 - D – C:\Users\Pavel\AppData\LocalLow\Microsoft =>.Microsoft Corporation
O43 - CFD: 30/09/2015 - D – C:\Users\Pavel\AppData\LocalLow\Oracle =>.Oracle
O43 - CFD: 17/05/2019 - D – C:\Users\Pavel\AppData\LocalLow\Smartly Dressed Games
O43 - CFD: 30/09/2015 - D – C:\Users\Pavel\AppData\LocalLow\Sun =>.Oracle
O43 - CFD: 15/06/2019 - [0] D – C:\Users\Pavel\AppData\LocalLow\Temp =>.Microsoft Corporation
O43 - CFD: 13/06/2018 - D – C:\Users\Pavel\Desktop\alla
O43 - CFD: 14/06/2019 - D – C:\Users\Pavel\Desktop\compute stuff
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\Desktop\driver
O43 - CFD: 15/06/2019 - [0] D – C:\Users\Pavel\Desktop\fgvj,
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\Desktop\FRST-OlderVersion
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\Desktop\HiJackThis =>.Trend Micro
O43 - CFD: 08/06/2019 - D – C:\Users\Pavel\Desktop\music
O43 - CFD: 25/07/2017 - D – C:\Users\Pavel\Desktop\New folder
O43 - CFD: 08/06/2019 - [0] D – C:\Users\Pavel\Desktop\photos
O43 - CFD: 05/04/2018 - D – C:\Users\Pavel\Desktop\ros
O43 - CFD: 01/12/2016 - D – C:\Users\Pavel\Desktop\school
O43 - CFD: 08/06/2019 - RD – C:\Users\Pavel\Desktop\steam games =>.Steam Games
O43 - CFD: 26/07/2014 - D – C:\Users\Pavel\Desktop\USB Loader GX
O43 - CFD: 26/12/2016 - D – C:\Users\Pavel\Desktop\wii stuff
O43 - CFD: 15/06/2019 - [0] D – C:\Users\Pavel\Desktop\WLAN_QualcommAtheros_Win81_ 64_VER1000263 =>.Qualcomm Atheros
O43 - CFD: 22/08/2013 - RD – C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 22/08/2013 - RD – C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 13/09/2018 - RD – C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 15/06/2019 - D – C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Chrome Apps
O43 - CFD: 24/03/2019 - D – C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Discord Inc =>.Discord Inc
O43 - CFD: 22/08/2013 - D – C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 07/07/2017 - D – C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Minecraft =>.Microsoft Corporation
O43 - CFD: 13/09/2018 - RD – C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 08/06/2019 - D – C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Steam =>.Steam Games
O43 - CFD: 22/08/2013 - RD – C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 25/03/2019 - D – C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Ubisoft =>.Ubisoft
O43 - CFD: 30/04/2019 - D – C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Wargaming.net =>.Wargaming.net
O43 - CFD: 22/08/2013 - [0] SHD – C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 22/08/2013 - [0] SHD – C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 22/08/2013 - D – C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 22/08/2013 - [0] D – C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 22/08/2013 - [0] SHD – C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 22/08/2013 - [0] SHD – C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 22/08/2013 - [0] SHD – C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 22/08/2013 - D – C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 22/08/2013 - [0] D – C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 22/08/2013 - [0] SHD – C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 19/05/2018 - – C:\Windows\System32\Config\systemprofile\AppData\L ocal\Dropbox =>.Dropbox
O43 - CFD: 30/09/2015 - D – C:\Windows\System32\Config\systemprofile\AppData\L ocal\Microsoft =>.Microsoft Corporation
O43 - CFD: 29/09/2015 - – C:\Windows\System32\Config\systemprofile\AppData\L ocal\Programs =>.Microsoft Corporation
O43 - CFD: 23/03/2019 - – C:\Windows\System32\Config\systemprofile\AppData\R oaming\360safe =>.Qihu 360 Software
O43 - CFD: 23/03/2018 - – C:\Windows\System32\Config\systemprofile\AppData\R oaming\Dropbox =>.Dropbox
O43 - CFD: 09/05/2018 - SD – C:\Windows\System32\Config\systemprofile\AppData\R oaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 15/06/2019 - – C:\Windows\System32\Config\systemprofile\AppData\R oaming\Tencent =>.SUP.Tencent

—\ ShellIconOverlayIdentifiers (SIOI) (13) - 0s
O106 - SIOI: DropboxExt1 Class [ DropboxExt01] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt7 Class [ DropboxExt02] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt9 Class [ DropboxExt03] - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt3 Class [ DropboxExt04] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt2 Class [ DropboxExt05] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt4 Class [ DropboxExt06] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt5 Class [ DropboxExt07] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt8 Class [ DropboxExt08] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt10 Class [ DropboxExt09] - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll =>.Dropbox, Inc®
O106 - SIOI: DropboxExt6 Class [ DropboxExt10] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll =>.Dropbox, Inc®
O106 - SIOI: avast [00asw] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - Avast Shell Extension.) – C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software s.r.o.®
O106 - SIOI: [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) – C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - Client Side Caching UI.) – C:\Windows\System32\cscui.dll =>.Microsoft Corporation

—\ Search Context Menu Handlers (SCMH) (33) - 2s
O108 - CMH1: avast [64Bits] - {472083B0-C522-11CF-8763-00608CC02F24} . (.AVAST Software - Avast Shell Extension.) – C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software s.r.o.®
O108 - CMH1: BriefcaseMenu [64Bits] - {85BBD920-42A0-1069-A2E4-08002B30309D} . (.Microsoft Corporation - Windows Briefcase.) – C:\Windows\System32\syncui.dll =>.Microsoft Corporation
O108 - CMH1: DropboxExt [64Bits] - {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} . (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll =>.Dropbox, Inc®
O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH1: Open With EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH1: PhotoStreamsExt [64Bits] - {89D984B3-813B-406A-8298-118AFA3A22AE} . (.Apple Inc. - ShellStreams.) – C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll =>.Apple Inc.®
O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) – C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH2: DropboxExt [64Bits] - {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} . (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll =>.Dropbox, Inc®
O108 - CMH2: NvAppShExt [64Bits] - {A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) – C:\Windows\system32\nv3dappshext.dll =>.NVIDIA Corporation
O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH2: OpenGLShExt [64Bits] - {E97DEC16-A50D-49bb-AE24-CF682282E08D} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) – C:\Windows\system32\nv3dappshext.dll =>.NVIDIA Corporation
O108 - CMH3: 00asw [64Bits] - {472083B0-C522-11CF-8763-00608CC02F24} . (.AVAST Software - Avast Shell Extension.) – C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software s.r.o.®
O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH4: DropboxExt [64Bits] - {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} . (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll =>.Dropbox, Inc®
O108 - CMH4: EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH4: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - Client Side Caching UI.) – C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH4: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) – C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH5: DropboxExt [64Bits] - {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} . (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll =>.Dropbox, Inc®
O108 - CMH5: igfxDTCM [64Bits] - {9B5F5829-A529-4B12-814A-E81BCB8D93FC} . (.Intel Corporation - igfxDTCM Module.) – C:\Windows\system32\igfxDTCM.dll =>.Intel Corporation
O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH5: NvCplDesktopContext [64Bits] - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) – C:\Windows\System32\nvshext.dll =>.NVIDIA Corporation
O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH5: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) – C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH6: avast [64Bits] - {472083B0-C522-11CF-8763-00608CC02F24} . (.AVAST Software - Avast Shell Extension.) – C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software s.r.o.®
O108 - CMH6: BriefcaseMenu [64Bits] - {85BBD920-42A0-1069-A2E4-08002B30309D} . (.Microsoft Corporation - Windows Briefcase.) – C:\Windows\System32\syncui.dll =>.Microsoft Corporation
O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH6: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - Client Side Caching UI.) – C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH6: PintoStartScreen [64Bits] - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) – C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation

—\ Image File Execution Options (16) - 1s
O50 - IFEO:C:\Windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\3] =>.Microsoft Windows®
O50 - IFEO:C:\Windows\System32\drvinst.exe - (.Microsoft Corporation - Driver Installation Module.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialization Utility.) [MitigationOptions\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mmc.exe - (.Microsoft Corporation - Microsoft Management Console.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\1118481] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\rundll32.exe - (.Microsoft Corporation - Windows host process (Rundll32).) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\4294967296] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation

—\ System Drivers List (363) - 10s
O58 - SDL:2013/08/22 04:38:15 AC . (.Microsoft Corporation - 1394 OpenHCI Driver.) – C:\Windows\System32\drivers\1394ohci.sys [231424] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) – C:\Windows\System32\drivers\3ware.sys [108896] =>.Microsoft Windows®
O58 - SDL:2018/02/10 12:25:56 AC . (.Microsoft Corporation - ACPI Driver for NT.) – C:\Windows\System32\drivers\acpi.sys [533856] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:49:54 A . (.Microsoft Corporation - ACPIEx Driver.) – C:\Windows\System32\drivers\acpiex.sys [79712] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:38:48 AC . (.Microsoft Corporation - ACPI Processor Aggregator Device Driver.) – C:\Windows\System32\drivers\acpipagr.sys [10240] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:38:53 AC . (.Microsoft Corporation - ACPI Power Metering Driver.) – C:\Windows\System32\drivers\acpipmi.sys [12288] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:38:58 AC . (.Microsoft Corporation - ACPI Wake Alarm.) – C:\Windows\System32\drivers\acpitime.sys [10752] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:41 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) – C:\Windows\System32\drivers\adp80xx.sys [782176] =>.Microsoft Windows®
O58 - SDL:2018/01/10 07:48:07 A . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\Windows\System32\drivers\afd.sys [559616] =>.Microsoft Corporation
O58 - SDL:2018/03/06 19:26:26 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) – C:\Windows\System32\drivers\aftap0901.sys [48624] =>.AnchorFree Inc®
O58 - SDL:2016/07/07 15:32:00 A . (.Microsoft Corporation - RAS Agile Vpn Miniport Call Manager.) – C:\Windows\System32\drivers\agilevpn.sys [95744] =>.Microsoft Corporation
O58 - SDL:2018/02/10 12:29:55 AC . (.Microsoft Corporation - 440 NT AGP Filter.) – C:\Windows\System32\drivers\AGP440.sys [62304] =>.Microsoft Windows®
O58 - SDL:2015/03/19 18:56:10 A . (.Microsoft Corporation - Application Compatibility Cache.) – C:\Windows\System32\drivers\ahcache.sys [80384] =>.Microsoft Corporation
O58 - SDL:2018/06/20 11:48:02 AC . (.Microsoft Corporation - Processor Device Driver.) – C:\Windows\System32\drivers\amdk8.sys [95744] =>.Microsoft Corporation
O58 - SDL:2018/06/20 09:58:06 AC . (.Microsoft Corporation - Processor Device Driver.) – C:\Windows\System32\drivers\amdppm.sys [98816] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) – C:\Windows\System32\drivers\amdsata.sys [79200] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) – C:\Windows\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) – C:\Windows\System32\drivers\amdxata.sys [25952] =>.Microsoft Windows®
O58 - SDL:2018/06/08 11:47:48 A . (.Microsoft Corporation - AppID Driver.) – C:\Windows\System32\drivers\appid.sys [83456] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\Windows\System32\drivers\arcsas.sys [114016] =>.Microsoft Windows®
O58 - SDL:2013/11/04 03:32:06 A . (.ASUS - HID driver for ASUS Wireless Radio Control.) – C:\Windows\System32\drivers\AsHIDSwitch64.sys [20280] =>.ASUSTeK Computer Inc.®
O58 - SDL:2019/05/30 21:42:18 A . (.AVAST Software - Avast anti rootkit disk filter.) – C:\Windows\System32\drivers\aswArDisk.sys [37104] =>.AVAST Software s.r.o.®
O58 - SDL:2019/05/30 21:42:18 A . (.AVAST Software - Avast anti rootkit.) – C:\Windows\System32\drivers\aswArPot.sys [207448] =>.AVAST Software s.r.o.®
O58 - SDL:2019/05/30 21:41:59 A . (.AVAST Software - IDS Application Activity Monitor Driver..) – C:\Windows\System32\drivers\aswbidsdriver.sys [262496] =>.AVAST Software s.r.o.®
O58 - SDL:2019/05/30 21:41:59 A . (.AVAST Software - Application Activity Monitor Helper Driver.) – C:\Windows\System32\drivers\aswbidsh.sys [205848] =>.AVAST Software s.r.o.®
O58 - SDL:2019/05/30 21:41:59 A . (.AVAST Software - Universal Driver.) – C:\Windows\System32\drivers\aswbuniv.sys [61472] =>.AVAST Software s.r.o.®
O58 - SDL:2019/05/30 21:42:54 A . (.AVAST Software - Home Network Security.) – C:\Windows\System32\drivers\aswHdsKe.sys [279120] =>.AVAST Software s.r.o.®
O58 - SDL:2019/05/30 21:42:54 A . (.AVAST Software - Avast Keyboard Filter Driver.) – C:\Windows\System32\drivers\aswKbd.sys [42288] =>.AVAST Software s.r.o.®
O58 - SDL:2019/06/06 16:21:25 A . (.AVAST Software - Avast File System Minifilter for Windows 20.) – C:\Windows\System32\drivers\aswMonFlt.sys [167872] =>.AVAST Software s.r.o.®
O58 - SDL:2019/05/30 21:42:54 A . (.AVAST Software - Avast WFP Redirect Driver.) – C:\Windows\System32\drivers\aswRdr2.sys [112312] =>.AVAST Software s.r.o.®
O58 - SDL:2019/05/30 21:42:54 A . (.AVAST Software - Avast Revert.) – C:\Windows\System32\drivers\aswRvrt.sys [87944] =>.AVAST Software s.r.o.® (Avast Software s.r.o)
O58 - SDL:2019/05/30 21:42:17 A . (.AVAST Software - Avast Virtualization Driver.) – C:\Windows\System32\drivers\aswSnx.sys [1030784] =>.AVAST Software s.r.o.®
O58 - SDL:2019/05/30 21:42:54 A . (.AVAST Software - Avast self protection module.) – C:\Windows\System32\drivers\aswSP.sys [477584] =>.AVAST Software s.r.o.®
O58 - SDL:2019/06/03 16:47:36 A . (.AVAST Software - Stream Filter.) – C:\Windows\System32\drivers\aswStm.sys [225608] =>.AVAST Software s.r.o.®
O58 - SDL:2019/05/30 21:44:26 A . (.AVAST Software - Avast VM Monitor.) – C:\Windows\System32\drivers\aswVmm.sys [385880] =>.AVAST Software s.r.o.® (Avast Software s.r.o)
O58 - SDL:2013/08/22 04:38:53 A . (.Microsoft Corporation - MS Remote Access serial network driver.) – C:\Windows\System32\drivers\asyncmac.sys [26624] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:41 AC . (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\Windows\System32\drivers\atapi.sys [26464] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:41 AC . (.Microsoft Corporation - ATAPI Driver Extension.) – C:\Windows\System32\drivers\ataport.sys [199520] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:39:31 AC . (.Microsoft Corporation - Microsoft Basic Display Driver.) – C:\Windows\System32\drivers\BasicDisplay.sys [50688] =>.Microsoft Corporation
O58 - SDL:2017/11/08 08:55:00 AC . (.Microsoft Corporation - Microsoft Basic Render Driver.) – C:\Windows\System32\drivers\BasicRender.sys [32256] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:49:53 AC . (.Microsoft Corporation - Battery Class Driver.) – C:\Windows\System32\drivers\battc.sys [35168] =>.Microsoft Windows®
O58 - SDL:2013/08/12 16:25:46 A . (. - BCM Function 2 Device Driver.) – C:\Windows\System32\drivers\bcmfn2.sys [17624] =>.Broadcom Corporation®
O58 - SDL:2013/08/22 04:40:24 A . (.Microsoft Corporation - BEEP Driver.) – C:\Windows\System32\drivers\beep.sys [7680] =>.Microsoft Corporation
O58 - SDL:2018/07/18 06:34:36 A . (.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) – C:\Windows\System32\drivers\bowser.sys [101376] =>.Microsoft Corporation
O58 - SDL:2014/10/28 19:45:24 A . (.Microsoft Corporation - MAC Bridge Driver.) – C:\Windows\System32\drivers\bridge.sys [115712] =>.Microsoft Corporation
O58 - SDL:2013/11/23 00:13:50 AC . (.Microsoft Corporation - Microsoft Bluetooth Audio Multiprofile Mana.) – C:\Windows\System32\drivers\BtaMPM.sys [19456] =>.Microsoft Corporation
O58 - SDL:2015/01/29 20:01:46 AC . (.Microsoft Corporation - Bluetooth A2DP Driver.) – C:\Windows\System32\drivers\BthA2DP.sys [132608] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:38:39 AC . (.Microsoft Corporation - Bluetooth Audio/Video Remote Control HID.) – C:\Windows\System32\drivers\BthAvrcpTg.sys [36992] =>.Microsoft Corporation
O58 - SDL:2014/10/28 19:46:12 AC . (.Microsoft Corporation - Bluetooth Bus Extender.) – C:\Windows\System32\drivers\bthenum.sys [53248] =>.Microsoft Corporation
O58 - SDL:2014/10/08 00:33:31 AC . (.Microsoft Corporation - Bluetooth Hands-free Audio Device Driver.) – C:\Windows\System32\drivers\BthHfAud.sys [32768] =>.Microsoft Corporation
O58 - SDL:2015/03/08 19:02:51 AC . (.Microsoft Corporation - Bluetooth Hands-Free Audio and Call Control.) – C:\Windows\System32\drivers\bthhfenum.sys [57856] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:38:16 AC . (.Microsoft Corporation - Bluetooth Hands-free HID Minidriver.) – C:\Windows\System32\drivers\BthhfHid.sys [30720] =>.Microsoft Corporation
O58 - SDL:2014/07/24 04:43:06 AC . (.Microsoft Corporation - Bluetooth Communications Driver.) – C:\Windows\System32\drivers\bthmodem.sys [64000] =>.Microsoft Corporation
O58 - SDL:2017/07/06 01:52:22 AC . (.Microsoft Corporation - Bluetooth Personal Area Networking.) – C:\Windows\System32\drivers\bthpan.sys [119296] =>.Microsoft Corporation
O58 - SDL:2015/05/11 11:17:35 AC . (.Microsoft Corporation - Bluetooth Bus Driver.) – C:\Windows\System32\drivers\bthport.sys [1201664] =>.Microsoft Corporation
O58 - SDL:2014/10/28 19:46:16 A . (.Microsoft Corporation - Bluetooth Miniport Driver.) – C:\Windows\System32\drivers\BTHUSB.SYS [81920] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) – C:\Windows\System32\drivers\bxvbda.sys [531296] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:40:15 A . (.Microsoft Corporation - CD-ROM File System Driver.) – C:\Windows\System32\drivers\cdfs.sys [88576] =>.Microsoft Corporation
O58 - SDL:2017/12/05 08:24:08 AC . (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\Windows\System32\drivers\cdrom.sys [165376] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:38:25 AC . (.Microsoft Corporation - Consumer IR Class Driver for eHome.) – C:\Windows\System32\drivers\circlass.sys [44032] =>.Microsoft Corporation
O58 - SDL:2016/05/06 14:59:29 A . (.Microsoft Corporation - SCSI Class System Dll.) – C:\Windows\System32\drivers\Classpnp.sys [331608] =>.Microsoft Windows®
O58 - SDL:2018/04/06 14:27:09 A . (.Microsoft Corporation - Common Log File System Driver.) – C:\Windows\System32\drivers\clfs.sys [376656] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:39:43 AC . (.Microsoft Corporation - Control Method Battery Driver.) – C:\Windows\System32\drivers\CmBatt.sys [25472] =>.Microsoft Corporation
O58 - SDL:2016/10/10 11:18:14 A . (.Microsoft Corporation - Kernel Configuration Manager Initial Config.) – C:\Windows\System32\drivers\cmimcext.sys [22360] =>.Microsoft Windows®
O58 - SDL:2018/05/12 14:06:13 A . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) – C:\Windows\System32\drivers\cng.sys [567152] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:38:48 AC . (.Microsoft Corporation - Multi-Transport Composite Bus Enumerator.) – C:\Windows\System32\drivers\CompositeBus.sys [36352] =>.Microsoft Corporation
O58 - SDL:2013/08/22 06:25:40 A . (.Microsoft Corporation - Console Driver.) – C:\Windows\System32\drivers\condrv.sys [43008] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:41 A . (.Microsoft Corporation - Crash Dump Driver.) – C:\Windows\System32\drivers\crashdmp.sys [68960] =>.Microsoft Windows®
O58 - SDL:2018/06/27 11:10:03 A . (.Microsoft Corporation - Windows Client Side Caching Driver.) – C:\Windows\System32\drivers\csc.sys [559104] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:50:19 A . (.Microsoft Corporation - DAM Kernel Driver.) – C:\Windows\System32\drivers\dam.sys [57696] =>.Microsoft Windows®
O58 - SDL:2019/06/04 05:11:14 A . (.Dropbox, Inc. - Dropbox Filter Driver.) – C:\Windows\System32\drivers\dbx-canary.sys [47600] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2019/06/04 05:11:14 A . (.Dropbox, Inc. - Dropbox Filter Driver.) – C:\Windows\System32\drivers\dbx-dev.sys [47600] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2019/06/04 05:11:14 A . (.Dropbox, Inc. - Dropbox Filter Driver.) – C:\Windows\System32\drivers\dbx-stable.sys [47600] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2018/01/01 22:38:50 A . (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\Windows\System32\drivers\dfsc.sys [138752] =>.Microsoft Corporation
O58 - SDL:2017/07/07 20:14:22 AC . (.Microsoft Corporation - PnP Disk Driver.) – C:\Windows\System32\drivers\disk.sys [100184] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:40 A . (.Microsoft Corporation - Crash Dump Disk Driver.) – C:\Windows\System32\drivers\Diskdump.sys [36192] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:40:38 A . (.Microsoft Corporation - Boot Over USB Dump Driver.) – C:\Windows\System32\drivers\Dmpusbstor.sys [13312] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:37:14 A . (.Microsoft Corporation - Dynamic Memory.) – C:\Windows\System32\drivers\dmvsc.sys [29696] =>.Microsoft Corporation
O58 - SDL:2014/10/28 19:47:38 AC . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) – C:\Windows\System32\drivers\drmk.sys [89088] =>.Microsoft Corporation
O58 - SDL:2014/10/28 20:58:59 AC . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) – C:\Windows\System32\drivers\drmkaud.sys [14528] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:39:46 A . (.Microsoft Corporation - ATAPI Dump Driver.) – C:\Windows\System32\drivers\Dumpata.sys [33632] =>.Microsoft Windows®
O58 - SDL:2016/06/18 13:06:24 A . (.Microsoft Corporation - Bitlocker Drive Encryption Crashdump Filter.) – C:\Windows\System32\drivers\dumpfve.sys [72408] =>.Microsoft Windows®
O58 - SDL:2015/03/12 21:03:30 AC . (.Microsoft Corporation - SD Crashdump Port Driver.) – C:\Windows\System32\drivers\dumpsd.sys [154432] =>.Microsoft Windows®
O58 - SDL:2018/10/06 11:14:31 A . (.Microsoft Corporation - DirectX Graphics Kernel.) – C:\Windows\System32\drivers\dxgkrnl.sys [1547192] =>.Microsoft Windows®
O58 - SDL:2018/10/06 11:14:31 A . (.Microsoft Corporation - DirectX Graphics MMS.) – C:\Windows\System32\drivers\dxgmms1.sys [388536] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:40 A . (.Microsoft Corporation - Enhanced Storage Class driver for IEEE 1667.) – C:\Windows\System32\drivers\EhStorClass.sys [82784] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:40 AC . (.Microsoft Corporation - Microsoft driver for storage devices suppor.) – C:\Windows\System32\drivers\EhStorTcgDrv.sys [114016] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:38:45 AC . (.Microsoft Corporation - Error Device Driver.) – C:\Windows\System32\drivers\errdev.sys [10240] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) – C:\Windows\System32\drivers\evbda.sys [3357024] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:40:18 A . (.Microsoft Corporation - Microsoft Extended FAT File System.) – C:\Windows\System32\drivers\exfat.sys [200704] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:49:30 A . (.Microsoft Corporation - Fast FAT File System Driver.) – C:\Windows\System32\drivers\fastfat.sys [217952] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:40:18 AC . (.Microsoft Corporation - Floppy Disk Controller Driver.) – C:\Windows\System32\drivers\fdc.sys [30720] =>.Microsoft Corporation
O58 - SDL:2014/02/22 09:00:23 A . (.Microsoft Corporation - FileInfo Filter Driver.) – C:\Windows\System32\drivers\fileinfo.sys [79192] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:39:41 A . (.Microsoft Corporation - File Trace Filter Driver.) – C:\Windows\System32\drivers\filetrace.sys [34816] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:40:18 AC . (.Microsoft Corporation - Floppy Driver.) – C:\Windows\System32\drivers\flpydisk.sys [25088] =>.Microsoft Corporation
O58 - SDL:2018/01/01 23:39:25 A . (.Microsoft Corporation - Microsoft Filesystem Filter Manager.) – C:\Windows\System32\drivers\fltMgr.sys [354648] =>.Microsoft Windows®
O58 - SDL:2014/10/15 01:32:36 A . (.Microsoft Corporation - File System Dependency Manager Mini Filter.) – C:\Windows\System32\drivers\fsdepends.sys [61248] =>.Microsoft Windows®
O58 - SDL:2013/08/22 06:25:40 A . (.Microsoft Corporation - File System Recognizer Driver.) – C:\Windows\System32\drivers\fs_rec.sys [30048] =>.Microsoft Windows®
O58 - SDL:2018/05/15 01:42:10 A . (.Microsoft Corporation - BitLocker Drive Encryption Driver.) – C:\Windows\System32\drivers\fvevol.sys [590680] =>.Microsoft Windows®
O58 - SDL:2018/05/24 14:29:27 A . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) – C:\Windows\System32\drivers\FWPKCLNT.SYS [428888] =>.Microsoft Windows®
O58 - SDL:2018/06/20 11:48:27 AC . (.Microsoft Corporation - Processor Driver.) – C:\Windows\System32\drivers\fxppm.sys [27136] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:45 A . (.Microsoft Corporation - MS Generic AGPv3.0 Filter for K8/9 Processo.) – C:\Windows\System32\drivers\GAGP30KX.SYS [65888] =>.Microsoft Windows®
O58 - SDL:2014/07/24 04:45:39 AC . (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\Windows\System32\drivers\hdaudbus.sys [76800] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:38:21 AC . (.Microsoft Corporation - High Definition Audio Function Driver.) – C:\Windows\System32\drivers\HdAudio.sys [395776] =>.Microsoft Corporation
O58 - SDL:2012/07/17 18:12:08 A . (.Intel Corporation - Intel(R) Management Engine Interface.) – C:\Windows\System32\drivers\HECIx64.sys [62784] =>.Intel Corporation®
O58 - SDL:2013/08/22 04:39:01 AC . (.Microsoft Corporation - Hid Battery Driver.) – C:\Windows\System32\drivers\hidbatt.sys [26624] =>.Microsoft Corporation
O58 - SDL:2015/01/29 20:01:51 AC . (.Microsoft Corporation - Bluetooth Miniport Driver for HID Devices.) – C:\Windows\System32\drivers\hidbth.sys [97792] =>.Microsoft Corporation
O58 - SDL:2016/05/13 16:08:24 AC . (.Microsoft Corporation - Hid Class Library.) – C:\Windows\System32\drivers\hidclass.sys [111616] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:37:28 AC . (.Microsoft Corporation - I2C HID Miniport Driver.) – C:\Windows\System32\drivers\hidi2c.sys [41472] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:39:16 A . (.Microsoft Corporation - Infrared Miniport Driver for Input Devices.) – C:\Windows\System32\drivers\hidir.sys [45568] =>.Microsoft Corporation
O58 - SDL:2018/05/14 21:17:15 AC . (.Microsoft Corporation - Hid Parsing Library.) – C:\Windows\System32\drivers\hidparse.sys [32640] =>.Microsoft Corporation
O58 - SDL:2016/05/13 16:08:13 AC . (.Microsoft Corporation - USB Miniport Driver for Input Devices.) – C:\Windows\System32\drivers\hidusb.sys [32768] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) – C:\Windows\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows®
O58 - SDL:2018/01/01 23:35:14 A . (.Microsoft Corporation - HTTP Protocol Stack.) – C:\Windows\System32\drivers\http.sys [989528] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:39:47 A . (.Microsoft Corporation - Hardware Policy Driver.) – C:\Windows\System32\drivers\hwpolicy.sys [24416] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:37:49 A . (.Microsoft Corporation - Microsoft VMBus Synthetic Keyboard Driver.) – C:\Windows\System32\drivers\hyperkbd.sys [13824] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:39:20 A . (.Microsoft Corporation - Microsoft VMBus Video Device Miniport Drive.) – C:\Windows\System32\drivers\HyperVideo.sys [22016] =>.Microsoft Corporation
O58 - SDL:2014/11/03 23:54:54 AC . (.Microsoft Corporation - i8042 Port Driver.) – C:\Windows\System32\drivers\i8042prt.sys [108544] =>.Microsoft Corporation
O58 - SDL:2013/07/30 11:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568] =>.Intel Corporation - Software and Firmware Products®
O58 - SDL:2013/07/25 12:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) – C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320] =>.Intel Corporation - Software and Firmware Products®
O58 - SDL:2013/10/28 15:15:36 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) – C:\Windows\System32\drivers\iaStorA.sys [632168] =>.Intel Corporation - Intel® Rapid Storage Technology®
O58 - SDL:2013/08/09 17:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) – C:\Windows\System32\drivers\iaStorAV.sys [651248] =>.Intel Corporation - Intel® Rapid Storage Technology®
O58 - SDL:2013/08/22 05:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) – C:\Windows\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows®
O58 - SDL:2018/09/11 00:48:38 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) – C:\Windows\System32\drivers\igdkmd64.sys [3799872] =>.Intel Corporation®
O58 - SDL:2015/12/01 12:46:03 A . (.Intel Corporation - Intel® WiDi Solution.) – C:\Windows\System32\drivers\intelaud.sys [50160] =>.Intel(R) Wireless Display®
O58 - SDL:2013/08/22 05:43:44 A . (.Microsoft Corporation - Intel PCI IDE Driver.) – C:\Windows\System32\drivers\intelide.sys [18272] =>.Microsoft Windows®
O58 - SDL:2014/10/12 19:43:17 AC . (.Microsoft Corporation - Intel Power Engine Plugin.) – C:\Windows\System32\drivers\intelpep.sys [39744] =>.Microsoft Windows®
O58 - SDL:2018/06/20 09:58:06 AC . (.Microsoft Corporation - Processor Device Driver.) – C:\Windows\System32\drivers\intelppm.sys [98816] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:35:51 A . (.Microsoft Corporation - IP FILTER DRIVER.) – C:\Windows\System32\drivers\ipfltdrv.sys [84992] =>.Microsoft Corporation
O58 - SDL:2016/02/03 08:14:11 A . (.Microsoft Corporation - WMI IPMI DRIVER.) – C:\Windows\System32\drivers\IPMIDrv.sys [80896] =>.Microsoft Corporation
O58 - SDL:2013/11/27 05:02:29 A . (.Microsoft Corporation - IP Network Address Translator.) – C:\Windows\System32\drivers\ipnat.sys [142848] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:37:35 A . (.Microsoft Corporation - IRDA Protocol Driver.) – C:\Windows\System32\drivers\irda.sys [118784] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:38:30 A . (.Microsoft Corporation - Infra-Red Bus Enumerator.) – C:\Windows\System32\drivers\irenum.sys [17920] =>.Microsoft Corporation
O58 - SDL:2018/02/10 12:29:56 AC . (.Microsoft Corporation - PNP ISA Bus Driver.) – C:\Windows\System32\drivers\isapnp.sys [21856] =>.Microsoft Windows®
O58 - SDL:2015/12/01 12:46:03 A . (.Intel Corporation - Intel® WiDi Solution.) – C:\Windows\System32\drivers\iwdbus.sys [38896] =>.Intel(R) Wireless Display®
O58 - SDL:2014/11/04 12:25:09 AC . (.Microsoft Corporation - Keyboard Class Driver.) – C:\Windows\System32\drivers\kbdclass.sys [59712] =>.Microsoft Windows®
O58 - SDL:2014/11/03 23:54:47 AC . (.Microsoft Corporation - HID Keyboard Filter Driver.) – C:\Windows\System32\drivers\kbdhid.sys [32256] =>.Microsoft Corporation
O58 - SDL:2018/02/21 14:09:43 A . (.Microsoft Corporation - Keyboard Lockdown Subsystem.) – C:\Windows\System32\drivers\kbldfltr.sys [22816] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:38:26 AC . (.Microsoft Corporation - Microsoft Kernel Debugger Network Miniport.) – C:\Windows\System32\drivers\kdnic.sys [19456] =>.Microsoft Corporation
O58 - SDL:2018/08/23 15:54:52 A . (.Microsoft Corporation - Kernel CSA Library.) – C:\Windows\System32\drivers\ks.sys [289280] =>.Microsoft Corporation
O58 - SDL:2016/08/22 09:06:00 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) – C:\Windows\System32\drivers\ksecdd.sys [100184] =>.Microsoft Windows®
O58 - SDL:2018/02/10 13:24:47 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) – C:\Windows\System32\drivers\ksecpkg.sys [178008] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:39:31 A . (.Microsoft Corporation - Kernel Streaming WOW Thunk Service.) – C:\Windows\System32\drivers\ksthunk.sys [21248] =>.Microsoft Corporation
O58 - SDL:2013/06/18 07:44:59 A . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabi.) – C:\Windows\System32\drivers\L1C63x64.sys [129224] =>.Qualcomm Atheros®
O58 - SDL:2013/08/22 04:36:18 A . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) – C:\Windows\System32\drivers\lltdio.sys [59392] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sas.sys [109408] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sas2.sys [93536] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sas3.sys [81760] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sss.sys [82784] =>.Microsoft Windows®
O58 - SDL:2017/10/10 09:36:39 A . (.Microsoft Corporation - LUA File Virtualization Filter Driver.) – C:\Windows\System32\drivers\luafv.sys [124416] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:39:38 A . (.Microsoft Corporation - Medium changer class driver.) – C:\Windows\System32\drivers\mcd.sys [22016] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) – C:\Windows\System32\drivers\megasas.sys [56672] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\Windows\System32\drivers\megasr.sys [575840] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:40:15 A . (.Microsoft Corporation - Modem Device Driver.) – C:\Windows\System32\drivers\modem.sys [40960] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:36:37 AC . (.Microsoft Corporation - Monitor Driver.) – C:\Windows\System32\drivers\monitor.sys [30208] =>.Microsoft Corporation
O58 - SDL:2014/11/04 12:25:09 AC . (.Microsoft Corporation - Mouse Class Driver.) – C:\Windows\System32\drivers\mouclass.sys [51008] =>.Microsoft Windows®
O58 - SDL:2014/11/03 23:54:47 AC . (.Microsoft Corporation - HID Mouse Filter Driver.) – C:\Windows\System32\drivers\mouhid.sys [30208] =>.Microsoft Corporation
O58 - SDL:2017/05/10 11:19:27 A . (.Microsoft Corporation - Mount Point Manager.) – C:\Windows\System32\drivers\mountmgr.sys [101720] =>.Microsoft Windows®
O58 - SDL:2018/08/09 09:41:26 A . (.Microsoft Corporation - Microsoft Protection Service Driver.) – C:\Windows\System32\drivers\mpsdrv.sys [73728] =>.Microsoft Corporation
O58 - SDL:2016/09/08 07:00:19 A . (.Microsoft Corporation - Windows NT WebDav Minirdr.) – C:\Windows\System32\drivers\mrxdav.sys [140800] =>.Microsoft Corporation
O58 - SDL:2018/09/01 09:43:29 A . (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\Windows\System32\drivers\mrxsmb.sys [401920] =>.Microsoft Corporation
O58 - SDL:2017/09/07 14:32:10 A . (.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) – C:\Windows\System32\drivers\mrxsmb10.sys [285184] =>.Microsoft Corporation
O58 - SDL:2017/06/13 17:55:24 A . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) – C:\Windows\System32\drivers\mrxsmb20.sys [201728] =>.Microsoft Corporation
O58 - SDL:2013/08/22 06:25:41 A . (.Microsoft Corporation - Mailslot driver.) – C:\Windows\System32\drivers\msfs.sys [30208] =>.Microsoft Corporation
O58 - SDL:2014/08/14 17:36:55 A . (.Microsoft Corporation - GPIO Class Extension Driver.) – C:\Windows\System32\drivers\msgpioclx.sys [146752] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:48 AC . (.Microsoft Corporation - GPIO Button Driver.) – C:\Windows\System32\drivers\msgpiowin32.sys [41824] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:39:06 A . (.Microsoft Corporation - Pass-through HID to KMDF Filter Driver.) – C:\Windows\System32\drivers\mshidkmdf.sys [8192] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:39:06 A . (.Microsoft Corporation - Pass-through Driver for HID-UMDF Interface.) – C:\Windows\System32\drivers\mshidumdf.sys [9728] =>.Microsoft Corporation
O58 - SDL:2018/02/10 12:29:56 AC . (.Microsoft Corporation - ISA Driver.) – C:\Windows\System32\drivers\msisadrv.sys [17240] =>.Microsoft Windows®
O58 - SDL:2018/03/09 11:57:10 AC . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) – C:\Windows\System32\drivers\msiscsi.sys [276816] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:39:31 A . (.Microsoft Corporation - MS KS Server.) – C:\Windows\System32\drivers\mskssrv.sys [10624] =>.Microsoft Corporation
O58 - SDL:2014/10/28 19:45:39 A . (.Microsoft Corporation - Microsoft Link-Layer Discovery Protocol Dri.) – C:\Windows\System32\drivers\mslldp.sys [66560] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:39:30 A . (.Microsoft Corporation - MS Proxy Clock.) – C:\Windows\System32\drivers\mspclock.sys [7040] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:39:31 A . (.Microsoft Corporation - MS Proxy Quality Manager.) – C:\Windows\System32\drivers\mspqm.sys [6784] =>.Microsoft Corporation
O58 - SDL:2018/11/10 11:53:36 A . (.Microsoft Corporation - Kernel Remote Procedure Call Provider.) – C:\Windows\System32\drivers\msrpc.sys [356088] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:49:29 AC . (.Microsoft Corporation - System Management BIOS Driver.) – C:\Windows\System32\drivers\mssmbios.sys [37728] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:38:38 A . (.Microsoft Corporation - WDM Tee/Communication Transform Filter.) – C:\Windows\System32\drivers\mstee.sys [7936] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:37:36 AC . (.Microsoft Corporation - Microsoft Multi-Touch HID Driver.) – C:\Windows\System32\drivers\MTConfig.sys [13312] =>.Microsoft Corporation
O58 - SDL:2016/04/06 14:21:14 A . (.Microsoft Corporation - Multiple UNC Provider Driver.) – C:\Windows\System32\drivers\mup.sys [114528] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) – C:\Windows\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows®
O58 - SDL:2018/06/30 11:00:50 A . (.Microsoft Corporation - Network Driver Interface Specification (NDI.) – C:\Windows\System32\drivers\ndis.sys [1113952] =>.Microsoft Windows®
O58 - SDL:2014/10/28 19:46:52 A . (.Microsoft Corporation - Microsoft NDIS Packet Capture Filter Driver.) – C:\Windows\System32\drivers\ndiscap.sys [43008] =>.Microsoft Corporation
O58 - SDL:2014/10/28 19:45:54 A . (.Microsoft Corporation - Microsoft Network Adapter Multiplexor.) – C:\Windows\System32\drivers\NdisImPlatform.sys [126464] =>.Microsoft Corporation
O58 - SDL:2014/11/07 21:00:41 A . (.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) – C:\Windows\System32\drivers\ndistapi.sys [24576] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:37:34 A . (.Microsoft Corporation - NDIS User mode I/O driver.) – C:\Windows\System32\drivers\ndisuio.sys [60416] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:36:25 A . (.Microsoft Corporation - Microsoft Virtual Network Adapter Enumerato.) – C:\Windows\System32\drivers\NdisVirtualBus.sys [16384] =>.Microsoft Corporation
O58 - SDL:2016/04/05 15:37:24 A . (.Microsoft Corporation - MS PPP Framing Driver (Strong Encryption).) – C:\Windows\System32\drivers\ndiswan.sys [205824] =>.Microsoft Corporation
O58 - SDL:2018/01/01 22:39:05 A . (.Microsoft Corporation - NDIS Proxy.) – C:\Windows\System32\drivers\ndproxy.sys [72192] =>.Microsoft Corporation
O58 - SDL:2014/10/28 19:45:16 A . (.Microsoft Corporation - Windows Network Data Usage Monitoring Drive.) – C:\Windows\System32\drivers\Ndu.sys [103424] =>.Microsoft Corporation
O58 - SDL:2018/01/01 22:39:31 A . (.Microsoft Corporation - NetBIOS interface driver.) – C:\Windows\System32\drivers\netbios.sys [48128] =>.Microsoft Corporation
O58 - SDL:2017/08/10 20:27:55 A . (.Microsoft Corporation - MBT Transport driver.) – C:\Windows\System32\drivers\netbt.sys [281600] =>.Microsoft Corporation
O58 - SDL:2017/05/31 14:20:48 A . (.Microsoft Corporation - Network I/O Subsystem.) – C:\Windows\System32\drivers\netio.sys [470360] =>.Microsoft Windows®
O58 - SDL:2018/04/05 10:47:55 A . (.Microsoft Corporation - Virtual NDIS6.3 Miniport.) – C:\Windows\System32\drivers\netvsc63.sys [87552] =>.Microsoft Corporation
O58 - SDL:2013/09/04 18:03:50 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) – C:\Windows\System32\drivers\NETwew00.sys [3345376] =>.Intel Corporation-Mobile Wireless Group®
O58 - SDL:2013/08/22 06:25:41 A . (.Microsoft Corporation - NPFS Driver.) – C:\Windows\System32\drivers\npfs.sys [58880] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:38:22 AC . (.Microsoft Corporation - Named pipe service triggers.) – C:\Windows\System32\drivers\npsvctrig.sys [23040] =>.Microsoft Corporation
O58 - SDL:2017/08/13 10:19:15 A . (.Microsoft Corporation - NSI Proxy.) – C:\Windows\System32\drivers\nsiproxy.sys [40960] =>.Microsoft Corporation
O58 - SDL:2018/09/08 11:40:07 A . (.Microsoft Corporation - NT File System Driver.) – C:\Windows\System32\drivers\ntfs.sys [2014136] =>.Microsoft Windows®
O58 - SDL:2013/08/22 06:25:41 A . (.Microsoft Corporation - NULL Driver.) – C:\Windows\System32\drivers\null.sys [5632] =>.Microsoft Corporation
O58 - SDL:2013/12/10 08:13:08 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) – C:\Windows\System32\drivers\nvhda64v.sys [196384] =>.NVIDIA Corporation®
O58 - SDL:2019/04/10 07:55:04 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) – C:\Windows\System32\drivers\nvkflt.sys [316288] =>.NVIDIA Corporation®
O58 - SDL:2019/04/10 07:55:06 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) – C:\Windows\System32\drivers\nvlddmkm.sys [20449672] =>.NVIDIA Corporation®
O58 - SDL:2019/04/10 07:55:40 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) – C:\Windows\System32\drivers\nvpciflt.sys [57432] =>.NVIDIA Corporation®
O58 - SDL:2013/08/22 05:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\Windows\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\Windows\System32\drivers\nvstor.sys [168288] =>.Microsoft Windows®
O58 - SDL:2018/06/07 18:59:46 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) – C:\Windows\System32\drivers\nvvad64v.sys [69544] =>.NVIDIA Corporation®
O58 - SDL:2018/10/03 12:28:35 A . (.NVIDIA Corporation - Virtual USB Host Controller driver.) – C:\Windows\System32\drivers\nvvhci.sys [66792] =>.NVIDIA Corporation®
O58 - SDL:2018/02/10 12:29:56 A . (.Microsoft Corporation - NForce NT AGP Filter.) – C:\Windows\System32\drivers\NV_AGP.SYS [124760] =>.Microsoft Windows®
O58 - SDL:2018/01/01 22:38:07 A . (.Microsoft Corporation - NativeWiFi Miniport Driver.) – C:\Windows\System32\drivers\nwifi.sys [445952] =>.Microsoft Corporation
O58 - SDL:2018/01/01 22:38:00 A . (.Microsoft Corporation - QoS Packet Scheduler.) – C:\Windows\System32\drivers\pacer.sys [151040] =>.Microsoft Corporation
O58 - SDL:2016/08/11 11:33:00 AC . (.Microsoft Corporation - Parallel Port Driver.) – C:\Windows\System32\drivers\parport.sys [96256] =>.Microsoft Corporation
O58 - SDL:2014/10/15 01:32:36 A . (.Microsoft Corporation - Partition Management Driver.) – C:\Windows\System32\drivers\partmgr.sys [88896] =>.Microsoft Windows®
O58 - SDL:2018/02/10 12:29:57 AC . (.Microsoft Corporation - NT Plug and Play PCI Enumerator.) – C:\Windows\System32\drivers\pci.sys [274272] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:31 AC . (.Microsoft Corporation - Generic PCI IDE Bus Driver.) – C:\Windows\System32\drivers\pciide.sys [14688] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:32 AC . (.Microsoft Corporation - PCI IDE Bus Driver Extension.) – C:\Windows\System32\drivers\pciidex.sys [48992] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:49:30 AC . (.Microsoft Corporation - PCMCIA Bus Driver.) – C:\Windows\System32\drivers\pcmcia.sys [114528] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:39:15 A . (.Microsoft Corporation - Performance Counters for Windows Driver.) – C:\Windows\System32\drivers\pcw.sys [50016] =>.Microsoft Windows®
O58 - SDL:2017/07/07 20:16:36 A . (.Microsoft Corporation - Power Dependency Coordinator Driver.) – C:\Windows\System32\drivers\pdc.sys [86360] =>.Microsoft Windows®
O58 - SDL:2014/02/22 05:09:37 A . (.Microsoft Corporation - Protected Environment Authentication and Au.) – C:\Windows\System32\drivers\PEAuth.sys [663040] =>.Microsoft Corporation
O58 - SDL:2014/10/28 19:46:37 AC . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport.) – C:\Windows\System32\drivers\portcls.sys [272384] =>.Microsoft Corporation
O58 - SDL:2018/06/20 09:58:04 AC . (.Microsoft Corporation - Processor Device Driver.) – C:\Windows\System32\drivers\processr.sys [92672] =>.Microsoft Corporation
O58 - SDL:2014/10/28 19:47:40 A . (.Microsoft Corporation - Microsoft Quality Windows Audio Video Exper.) – C:\Windows\System32\drivers\qwavedrv.sys [47104] =>.Microsoft Corporation
O58 - SDL:2014/10/28 19:48:01 A . (.Microsoft Corporation - RAS Automatic Connection Driver.) – C:\Windows\System32\drivers\rasacd.sys [17408] =>.Microsoft Corporation
O58 - SDL:2016/02/02 11:16:20 A . (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\Windows\System32\drivers\rasl2tp.sys [112640] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:36:37 A . (.Microsoft Corporation - RAS PPPoE mini-port/call-manager driver.) – C:\Windows\System32\drivers\raspppoe.sys [84992] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:35:51 A . (.Microsoft Corporation - Peer-to-Peer Tunneling Protocol.) – C:\Windows\System32\drivers\raspptp.sys [107520] =>.Microsoft Corporation
O58 - SDL:2014/10/28 19:45:50 A . (.Microsoft Corporation - RAS SSTP Miniport Call Manager.) – C:\Windows\System32\drivers\rassstp.sys [93696] =>.Microsoft Corporation
O58 - SDL:2018/01/01 22:39:02 A . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) – C:\Windows\System32\drivers\rdbss.sys [402432] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:38:52 AC . (.Microsoft Corporation - Microsoft RDP Bus Device driver.) – C:\Windows\System32\drivers\rdpbus.sys [22528] =>.Microsoft Corporation
O58 - SDL:2013/08/22 12:11:17 A . (.Microsoft Corporation - Microsoft RDP Device redirector.) – C:\Windows\System32\drivers\rdpdr.sys [195584] =>.Microsoft Corporation
O58 - SDL:2014/10/28 20:56:04 A . (.Microsoft Corporation - Microsoft RDP Video Miniport driver.) – C:\Windows\System32\drivers\rdpvideominiport.sys [27456] =>.Microsoft Windows®
O58 - SDL:2018/01/02 01:00:28 A . (.Microsoft Corporation - ReadyBoost Driver.) – C:\Windows\System32\drivers\rdyboost.sys [242520] =>.Microsoft Windows®
O58 - SDL:2018/06/14 21:34:17 A . (.Microsoft Corporation - NT ReFS FS Driver.) – C:\Windows\System32\drivers\refs.sys [923512] =>.Microsoft Windows®
O58 - SDL:2015/01/29 20:00:56 AC . (.Microsoft Corporation - Bluetooth RFCOMM Driver.) – C:\Windows\System32\drivers\rfcomm.sys [167424] =>.Microsoft Corporation
O58 - SDL:2015/11/05 01:59:33 A . (.Microsoft Corporation - Reliable Multicast Transport.) – C:\Windows\System32\drivers\rmcast.sys [145408] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:38:44 A . (.Microsoft Corporation - Remote NDIS Miniport.) – C:\Windows\System32\drivers\RNDISMP.sys [32256] =>.Microsoft Corporation
O58 - SDL:2014/10/28 19:48:13 A . (.Microsoft Corporation - Legacy Non-Pnp Modem Device Driver.) – C:\Windows\System32\drivers\rootmdm.sys [11776] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:36:34 A . (.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) – C:\Windows\System32\drivers\rspndr.sys [80384] =>.Microsoft Corporation
O58 - SDL:2016/12/17 19:59:10 A . (.Resplendence Software Projects Sp. - Resplendence WhySoSlow Monitoring Driver.) – C:\Windows\System32\drivers\rspWhy64.sys [28928] =>.Daniel Terhell®
O58 - SDL:2017/04/13 05:48:28 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) – C:\Windows\System32\drivers\RTKVHD64.sys [5721088] =>.Realtek Semiconductor Corp.®
O58 - SDL:2013/08/22 05:39:15 AC . (.Microsoft Corporation - SBP-2 Protocol Driver.) – C:\Windows\System32\drivers\sbp2port.sys [107872] =>.Microsoft Windows®
O58 - SDL:2017/12/05 09:56:22 A . (.Microsoft Corporation - Microsoft Smart Card Reader Filter Driver.) – C:\Windows\System32\drivers\scfilter.sys [40960] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:32 A . (.Microsoft Corporation - SCSI Port Driver.) – C:\Windows\System32\drivers\scsiport.sys [170848] =>.Microsoft Windows®
O58 - SDL:2015/03/12 21:03:31 AC . (.Microsoft Corporation - SecureDigital Bus Driver.) – C:\Windows\System32\drivers\sdbus.sys [239424] =>.Microsoft Windows®
O58 - SDL:2014/02/22 08:49:49 AC . (.Microsoft Corporation - SD Storage Class Driver.) – C:\Windows\System32\drivers\sdstor.sys [79192] =>.Microsoft Windows®
O58 - SDL:2013/08/22 08:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) – C:\Windows\System32\drivers\secdrv.sys [23040] =>.Rovi Corporation
O58 - SDL:2013/08/22 05:43:31 A . (.Microsoft Corporation - Serial Class Extension.) – C:\Windows\System32\drivers\SerCx.sys [69472] =>.Microsoft Windows®
O58 - SDL:2013/10/25 18:54:32 A . (.Microsoft Corporation - Serial Class Extension V2.) – C:\Windows\System32\drivers\SerCx2.sys [146776] =>.Microsoft Windows®
O58 - SDL:2016/08/11 11:33:08 AC . (.Microsoft Corporation - Serial Port Enumerator.) – C:\Windows\System32\drivers\serenum.sys [23040] =>.Microsoft Corporation
O58 - SDL:2016/08/11 11:33:02 AC . (.Microsoft Corporation - Serial Device Driver.) – C:\Windows\System32\drivers\serial.sys [83456] =>.Microsoft Corporation
O58 - SDL:2014/11/03 23:55:15 AC . (.Microsoft Corporation - Serial Mouse Filter Driver.) – C:\Windows\System32\drivers\sermouse.sys [26112] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:40:00 AC . (.Microsoft Corporation - SCSI Floppy Driver.) – C:\Windows\System32\drivers\sfloppy.sys [17408] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\Windows\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\Windows\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:40:16 A . (.Microsoft Corporation - Smart Card Driver Library.) – C:\Windows\System32\drivers\smclib.sys [19968] =>.Microsoft Corporation
O58 - SDL:2017/01/11 10:28:42 AC . (.Microsoft Corporation - Storage Spaces Driver.) – C:\Windows\System32\drivers\spaceport.sys [422744] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:31 A . (.Microsoft Corporation - SPB Class Extension.) – C:\Windows\System32\drivers\SpbCx.sys [72032] =>.Microsoft Windows®
O58 - SDL:2018/01/01 22:38:46 A . (.Microsoft Corporation - Server driver.) – C:\Windows\System32\drivers\srv.sys [416256] =>.Microsoft Corporation
O58 - SDL:2018/07/24 06:45:49 A . (.Microsoft Corporation - Smb 2.0 Server driver.) – C:\Windows\System32\drivers\srv2.sys [685056] =>.Microsoft Corporation
O58 - SDL:2018/04/25 10:38:09 A . (.Microsoft Corporation - Server Network driver.) – C:\Windows\System32\drivers\srvnet.sys [243200] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) – C:\Windows\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:31 A . (.Microsoft Corporation - MS AHCI Storport Miniport Driver.) – C:\Windows\System32\drivers\storahci.sys [107872] =>.Microsoft Windows®
O58 - SDL:2017/05/15 15:09:32 AC . (.Microsoft Corporation - Microsoft NVM Express Storport Miniport Dri.) – C:\Windows\System32\drivers\stornvme.sys [57688] =>.Microsoft Windows®
O58 - SDL:2017/10/05 00:17:30 A . (.Microsoft Corporation - Microsoft Storage Port Driver.) – C:\Windows\System32\drivers\storport.sys [380248] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:36:48 A . (.Microsoft Corporation - Storage VSC Driver.) – C:\Windows\System32\drivers\storvsc.sys [45888] =>.Microsoft Windows®
O58 - SDL:2017/01/12 08:03:31 A . (.Microsoft Corporation - Storage vsp Driver.) – C:\Windows\System32\drivers\storvsp.sys [66560] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:39:26 A . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) – C:\Windows\System32\drivers\stream.sys [67584] =>.Microsoft Corporation
O58 - SDL:2019/04/13 15:14:50 A . (.SlimWare Utilities, Inc. - Driver Update Installer Monitor.) – C:\Windows\System32\drivers\SWDUMon.sys [25608] =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2014/10/28 20:59:47 AC . (.Microsoft Corporation - Plug and Play Software Device Enumerator.) – C:\Windows\System32\drivers\swenum.sys [14144] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:39:50 A . (.Microsoft Corporation - SCSI Tape Class Driver.) – C:\Windows\System32\drivers\tape.sys [29696] =>.Microsoft Corporation
O58 - SDL:2014/10/28 21:13:01 A . (.Microsoft Corporation - Export driver for kernel mode TPM API.) – C:\Windows\System32\drivers\tbs.sys [21824] =>.Microsoft Windows®
O58 - SDL:2018/08/29 06:51:01 A . (.Microsoft Corporation - TCP/IP Driver.) – C:\Windows\System32\drivers\tcpip.sys [2451800] =>.Microsoft Windows®
O58 - SDL:2014/03/06 02:19:59 A . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) – C:\Windows\System32\drivers\tcpipreg.sys [49152] =>.Microsoft Corporation
O58 - SDL:2013/08/22 06:25:35 A . (.Microsoft Corporation - TDI Wrapper.) – C:\Windows\System32\drivers\tdi.sys [30208] =>.Microsoft Corporation
O58 - SDL:2017/08/01 20:17:16 A . (.Microsoft Corporation - TDI Translation Driver.) – C:\Windows\System32\drivers\tdx.sys [107520] =>.Microsoft Corporation
O58 - SDL:2016/03/28 22:01:56 A . (.Intel Corporation - Intel(R) Management Engine Interface.) – C:\Windows\System32\drivers\TeeDriverW8x64.sys [186424] =>.Intel(R) Embedded Subsystems and IP Blocks Group®
O58 - SDL:2013/08/22 12:11:12 AC . (.Microsoft Corporation - Terminal Server Input Driver.) – C:\Windows\System32\drivers\terminpt.sys [37216] =>.Microsoft Windows®
O58 - SDL:2018/11/10 12:25:28 A . (.Microsoft Corporation - Kernel Transaction Manager Driver.) – C:\Windows\System32\drivers\tm.sys [121288] =>.Microsoft Windows®
O58 - SDL:2015/09/29 05:24:42 AC . (.Microsoft Corporation - TPM Device Driver.) – C:\Windows\System32\drivers\tpm.sys [155480] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:37:28 A . (.Microsoft Corporation - Remote Desktop USB Hub Filter Driver.) – C:\Windows\System32\drivers\TsUsbFlt.sys [56320] =>.Microsoft Corporation
O58 - SDL:2014/10/28 19:46:43 AC . (.Microsoft Corporation - Remote Desktop Generic USB Driver.) – C:\Windows\System32\drivers\TsUsbGD.sys [29696] =>.Microsoft Corporation
O58 - SDL:2015/09/04 12:24:04 A . (.Microsoft Corporation - Microsoft Tunnel Interface Driver.) – C:\Windows\System32\drivers\tunnel.sys [154112] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:33 A . (.Microsoft Corporation - MS AGPv3.5 Filter.) – C:\Windows\System32\drivers\UAGP35.SYS [64864] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:33 AC . (.Microsoft Corporation - Microsoft Uasp Driver.) – C:\Windows\System32\drivers\uaspstor.sys [74080] =>.Microsoft Windows®
O58 - SDL:2018/05/03 16:02:07 AC . (.Microsoft Corporation - USB Controller Extension.) – C:\Windows\System32\drivers\UCX01000.SYS [187728] =>.Microsoft Windows®
O58 - SDL:2015/03/12 19:02:11 A . (.Microsoft Corporation - UDF File System Driver.) – C:\Windows\System32\drivers\udfs.sys [316416] =>.Microsoft Corporation
O58 - SDL:2018/05/22 22:45:28 AC . (.Microsoft Corporation - UEFI Driver for NT.) – C:\Windows\System32\drivers\uefi.sys [27480] =>.Microsoft Windows®
O58 - SDL:2018/02/10 12:29:57 A . (.Microsoft Corporation - ULi AGPv3.0 Filter for K8/9 Processor Platf.) – C:\Windows\System32\drivers\ULIAGPKX.SYS [65888] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:38:59 AC . (.Microsoft Corporation - User-Mode Bus Enumerator.) – C:\Windows\System32\drivers\umbus.sys [46080] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:38:58 AC . (.Microsoft Corporation - Generic pass-through driver.) – C:\Windows\System32\drivers\umpass.sys [11776] =>.Microsoft Corporation
O58 - SDL:2015/04/24 19:25:32 A . (.Microsoft Corporation - Remote NDIS USB Driver.) – C:\Windows\System32\drivers\usb8023.sys [20992] =>.Microsoft Corporation
O58 - SDL:2015/06/17 17:04:24 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) – C:\Windows\System32\drivers\usbaapl64.sys [54784] =>.Apple, Inc.
O58 - SDL:2013/12/13 00:24:20 AC . (.Microsoft Corporation - USB Audio Class Driver.) – C:\Windows\System32\drivers\USBAUDIO.sys [121088] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:39:27 A . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) – C:\Windows\System32\drivers\USBCAMD2.sys [32512] =>.Microsoft Corporation
O58 - SDL:2017/09/06 16:07:47 AC . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) – C:\Windows\System32\drivers\usbccgp.sys [158552] =>.Microsoft Windows®
O58 - SDL:2014/10/28 19:47:05 AC . (.Microsoft Corporation - USB Consumer IR Driver for eHome.) – C:\Windows\System32\drivers\usbcir.sys [98304] =>.Microsoft Corporation
O58 - SDL:2015/10/10 23:34:30 AC . (.Microsoft Corporation - Universal Serial Bus Driver.) – C:\Windows\System32\drivers\usbd.sys [27992] =>.Microsoft Windows®
O58 - SDL:2016/01/08 18:38:04 AC . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) – C:\Windows\System32\drivers\usbehci.sys [91992] =>.Microsoft Windows®
O58 - SDL:2017/09/06 14:17:03 AC . (.Microsoft Corporation - Default Hub Driver for USB.) – C:\Windows\System32\drivers\usbhub.sys [461144] =>.Microsoft Windows®
O58 - SDL:2015/10/10 23:34:30 AC . (.Microsoft Corporation - USB3 HUB Driver.) – C:\Windows\System32\drivers\USBHUB3.SYS [468824] =>.Microsoft Windows®
O58 - SDL:2015/10/10 11:41:14 AC . (.Microsoft Corporation - OHCI USB Miniport Driver.) – C:\Windows\System32\drivers\usbohci.sys [30208] =>.Microsoft Corporation
O58 - SDL:2018/05/03 16:02:07 AC . (.Microsoft Corporation - USB 1.1 & 2.0 Port Driver.) – C:\Windows\System32\drivers\usbport.sys [439640] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:36:33 AC . (.Microsoft Corporation - USB Printer driver.) – C:\Windows\System32\drivers\usbprint.sys [26112] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:39:39 A . (.Microsoft Corporation - Windows USB Redirection Policy Manager.) – C:\Windows\System32\drivers\usbrpm.sys [30720] =>.Microsoft Corporation
O58 - SDL:2016/01/31 12:16:21 AC . (.Microsoft Corporation - USB Mass Storage Class Driver.) – C:\Windows\System32\drivers\USBSTOR.SYS [148832] =>.Microsoft Windows®
O58 - SDL:2015/10/10 11:41:17 AC . (.Microsoft Corporation - UHCI USB Miniport Driver.) – C:\Windows\System32\drivers\usbuhci.sys [37376] =>.Microsoft Corporation
O58 - SDL:2014/06/21 00:33:40 AC . (.Microsoft Corporation - USB Video Class Driver.) – C:\Windows\System32\drivers\usbvideo.sys [212736] =>.Microsoft Corporation
O58 - SDL:2018/05/03 16:02:07 AC . (.Microsoft Corporation - USB XHCI Driver.) – C:\Windows\System32\drivers\USBXHCI.SYS [325456] =>.Microsoft Windows®
O58 - SDL:2019/05/13 11:18:44 A . (.Oracle Corporation - VirtualBox Support Driver.) – C:\Windows\System32\drivers\VBoxDrv.sys [1023312] =>.Oracle Corporation®
O58 - SDL:2019/05/13 11:18:46 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Host-Only Network Adapt.) – C:\Windows\System32\drivers\VBoxNetAdp6.sys [236352] =>.Oracle Corporation®
O58 - SDL:2019/05/13 11:18:48 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Lightweight Filter Driv.) – C:\Windows\System32\drivers\VBoxNetLwf.sys [247736] =>.Oracle Corporation®
O58 - SDL:2019/05/13 11:18:50 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) – C:\Windows\System32\drivers\VBoxUSBMon.sys [186480] =>.Oracle Corporation®
O58 - SDL:2013/08/22 05:37:27 AC . (.Microsoft Corporation - Virtual Drive Root Enumerator.) – C:\Windows\System32\drivers\vdrvroot.sys [37728] =>.Microsoft Windows®
O58 - SDL:2013/09/14 07:06:57 A . (.Microsoft Corporation - Driver Verifier Extension.) – C:\Windows\System32\drivers\VerifierExt.sys [175960] =>.Microsoft Windows®
O58 - SDL:2016/10/09 15:59:32 AC . (.Microsoft Corporation - VHD Miniport Driver.) – C:\Windows\System32\drivers\vhdmp.sys [551256] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) – C:\Windows\System32\drivers\viaide.sys [19808] =>.Microsoft Windows®
O58 - SDL:2018/01/01 22:38:34 A . (.Microsoft Corporation - Microsoft Hyper-V Virtualization Infrastruc.) – C:\Windows\System32\drivers\Vid.sys [220160] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:39:31 A . (.Microsoft Corporation - Video Port Driver.) – C:\Windows\System32\drivers\videoprt.sys [49152] =>.Microsoft Corporation
O58 - SDL:2014/10/28 20:56:50 A . (.Microsoft Corporation - Hyper-V VMBus KMCL.) – C:\Windows\System32\drivers\vmbkmcl.sys [89368] =>.Microsoft Windows®
O58 - SDL:2018/01/01 22:39:34 A . (.Microsoft Corporation - Hyper-V VMBus Root KMCL.) – C:\Windows\System32\drivers\vmbkmclr.sys [76800] =>.Microsoft Corporation
O58 - SDL:2014/10/28 20:56:50 A . (.Microsoft Corporation - Microsoft Hyper-V Virtual Machine Bus Child.) – C:\Windows\System32\drivers\vmbus.sys [97048] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:37:50 A . (.Microsoft Corporation - Microsoft VMBus HID Miniport.) – C:\Windows\System32\drivers\VMBusHID.sys [21760] =>.Microsoft Corporation
O58 - SDL:2018/08/13 14:17:20 A . (.Microsoft Corporation - Microsoft Hyper-V Virtual Machine Bus Root.) – C:\Windows\System32\drivers\vmbusr.sys [130048] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:38:23 A . (.Microsoft Corporation - Virtual Machine Generation Counter.) – C:\Windows\System32\drivers\vmgencounter.sys [11264] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:38:37 A . (.Microsoft Corporation - Microsoft S3 Emulated Device Cap Driver.) – C:\Windows\System32\drivers\vms3cap.sys [7168] =>.Microsoft Corporation
O58 - SDL:2014/10/28 20:56:50 A . (.Microsoft Corporation - Virtual Storage Filter Driver.) – C:\Windows\System32\drivers\vmstorfl.sys [49944] =>.Microsoft Windows®
O58 - SDL:2016/04/10 23:21:51 AC . (.Microsoft Corporation - Volume Manager Driver.) – C:\Windows\System32\drivers\volmgr.sys [74584] =>.Microsoft Windows®
O58 - SDL:2017/07/07 20:46:18 A . (.Microsoft Corporation - Volume Manager Extension Driver.) – C:\Windows\System32\drivers\volmgrx.sys [377688] =>.Microsoft Windows®
O58 - SDL:2016/03/14 09:50:13 AC . (.Microsoft Corporation - Volume Shadow Copy Driver.) – C:\Windows\System32\drivers\volsnap.sys [316760] =>.Microsoft Windows®
O58 - SDL:2016/01/26 12:15:40 A . (.Microsoft Corporation - Virtual PCI Bus.) – C:\Windows\System32\drivers\vpci.sys [72024] =>.Microsoft Windows®
O58 - SDL:2018/03/08 12:53:08 A . (.Microsoft Corporation - Virtual PCI VSP Driver.) – C:\Windows\System32\drivers\vpcivsp.sys [65536] =>.Microsoft Corporation
O58 - SDL:2013/08/22 05:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\Windows\System32\drivers\vsmraid.sys [168800] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) – C:\Windows\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows®
O58 - SDL:2016/08/12 17:03:08 A . (.Microsoft Corporation - Virtual WiFi Bus Driver.) – C:\Windows\System32\drivers\vwifibus.sys [24576] =>.Microsoft Corporation
O58 - SDL:2016/08/12 17:02:30 A . (.Microsoft Corporation - Virtual WiFi Filter Driver.) – C:\Windows\System32\drivers\vwififlt.sys [71680] =>.Microsoft Corporation
O58 - SDL:2016/08/12 17:01:24 A . (.Microsoft Corporation - Virtual WiFi Miniport Driver.) – C:\Windows\System32\drivers\vwifimp.sys [38912] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:39:15 AC . (.Microsoft Corporation - Wacom Serial Pen Tablet HID Driver.) – C:\Windows\System32\drivers\wacompen.sys [26752] =>.Microsoft Corporation
O58 - SDL:2018/01/01 22:37:52 A . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) – C:\Windows\System32\drivers\wanarp.sys [80384] =>.Microsoft Corporation
O58 - SDL:2014/02/22 05:14:40 A . (.Microsoft Corporation - Watchdog Driver.) – C:\Windows\System32\drivers\watchdog.sys [54272] =>.Microsoft Corporation
O58 - SDL:2017/02/10 07:37:28 A . (.Microsoft Corporation - Microsoft antimalware boot driver.) – C:\Windows\System32\drivers\WdBoot.sys [46600] =>.Microsoft Windows Early Launch Anti-malware Publisher®
O58 - SDL:2013/08/22 06:25:41 A . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) – C:\Windows\System32\drivers\Wdf01000.sys [839488] =>.Microsoft Windows®
O58 - SDL:2017/01/12 09:51:18 A . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) – C:\Windows\System32\drivers\WdFilter.sys [274776] =>.Microsoft Windows®
O58 - SDL:2013/08/22 06:25:41 A . (.Microsoft Corporation - Kernel Mode Driver Framework Loader.) – C:\Windows\System32\drivers\WdfLdr.sys [60224] =>.Microsoft Windows®
O58 - SDL:2017/01/12 09:51:18 A . (.Microsoft Corporation - Microsoft Network Realtime Inspection Drive.) – C:\Windows\System32\drivers\WdNisDrv.sys [117592] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:39:04 A . (.Microsoft Corporation - Windows Error Reporting Kernel Driver.) – C:\Windows\System32\drivers\werkernel.sys [38240] =>.Microsoft Windows®
O58 - SDL:2018/01/02 00:56:11 A . (.Microsoft Corporation - WFP NDIS 6.30 Lightweight Filter Driver.) – C:\Windows\System32\drivers\wfplwfs.sys [136536] =>.Microsoft Windows®
O58 - SDL:2014/10/28 21:09:06 A . (.Microsoft Corporation - Wim file system Driver.) – C:\Windows\System32\drivers\wimmount.sys [33600] =>.Microsoft Windows®
O58 - SDL:2014/10/28 20:56:50 A . (.Microsoft Corporation - Windows Hypervisor Interface Driver.) – C:\Windows\System32\drivers\winhv.sys [61208] =>.Microsoft Windows®
O58 - SDL:2017/04/09 13:40:03 A . (.Microsoft Corporation - Windows Hypervisor Root Interface Driver.) – C:\Windows\System32\drivers\winhvr.sys [48128] =>.Microsoft Corporation
O58 - SDL:2015/10/10 11:40:25 AC . (.Microsoft Corporation - Windows WinUSB Class Driver.) – C:\Windows\System32\drivers\winusb.sys [78848] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:40:04 AC . (.Microsoft Corporation - Windows Management Interface for ACPI.) – C:\Windows\System32\drivers\wmiacpi.sys [16384] =>.Microsoft Corporation
O58 - SDL:2013/08/22 06:25:41 A . (.Microsoft Corporation - WMILIB WMI support library Dll.) – C:\Windows\System32\drivers\wmilib.sys [18272] =>.Microsoft Windows®
O58 - SDL:2014/03/13 05:35:24 A . (.Microsoft Corporation - Windows Overlay Filter.) – C:\Windows\System32\drivers\wof.sys [157016] =>.Microsoft Windows®
O58 - SDL:2014/10/28 20:57:42 A . (.Microsoft Corporation - Family Safety Filter Driver.) – C:\Windows\System32\drivers\wpcfltr.sys [54784] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:36:12 A . (.Microsoft Corporation - Windows Portable Device Upper Class Filter.) – C:\Windows\System32\drivers\WpdUpFltr.sys [26976] =>.Microsoft Windows®
O58 - SDL:2013/08/22 06:25:41 A . (.Microsoft Corporation - WPP Trace Recorder.) – C:\Windows\System32\drivers\WppRecorder.sys [23392] =>.Microsoft Windows®
O58 - SDL:2013/08/22 04:40:03 A . (.Microsoft Corporation - Winsock2 IFS Layer.) – C:\Windows\System32\drivers\ws2ifsl.sys [21504] =>.Microsoft Corporation
O58 - SDL:2013/08/22 04:39:58 AC . (.Microsoft Corporation - Web Services Print Device Driver.) – C:\Windows\System32\drivers\WSDPrint.sys [20992] =>.Microsoft Corporation
O58 - SDL:2014/10/28 19:47:48 A . (.Microsoft Corporation - Web Service Based Scan Device Driver.) – C:\Windows\System32\drivers\WSDScan.sys [23040] =>.Microsoft Corporation
O58 - SDL:2014/10/28 19:46:27 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) – C:\Windows\System32\drivers\WUDFPf.sys [113664] =>.Microsoft Corporation
O58 - SDL:2014/10/28 19:46:13 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) – C:\Windows\System32\drivers\WUDFRd.sys [226304] =>.Microsoft Corporation
O58 - SDL:2014/03/18 01:18:42 A . (.Microsoft Corporation - Xbox 360 Common Controller for Windows Driv.) – C:\Windows\System32\drivers\xusb22.sys [87040] =>.Microsoft Corporation
O58 - SDL:2018/11/28 02:39:48 A . (.Microsoft Corporation - Multi-User Win32 Driver.) – C:\Windows\System32\win32k.sys [4168704] =>.Microsoft Corporation

—\ Last modified or created user files (10) - 94s
O61 - LFC: 2019/06/06 17:47:06 A . (..) – C:\Users\Pavel\AppData\Local\NVIDIA\NvBackend\Stre amingAssetsData\fallout_4\23807707\automated_launc h.exe [49152] =>.NVIDIA Corporation
O61 - LFC: 2019/06/08 14:02:12 A . (..) – C:\Users\Pavel\AppData\Local\NVIDIA\NvBackend\Stre amingAssetsData\fallout_new_vegas\19413971\automat ed_launch.exe [31232] =>.NVIDIA Corporation
O61 - LFC: 2019/06/02 17:49:03 A . (..) – C:\Users\Pavel\AppData\Local\NVIDIA\NvBackend\Stre amingAssetsData\trine_3_ep1\24070174\automated_lau nch.exe [48128] =>.NVIDIA Corporation
O61 - LFC: 2019/06/05 17:07:29 N . (..) – C:\Users\Pavel\AppData\Roaming.minecraft\versions\ 1.8.1\1.8.1-natives-3006353727238492\avutil-ttv-51.dll [246332] =>.Microsoft Corporation
O61 - LFC: 2019/06/05 17:07:30 N . (..) – C:\Users\Pavel\AppData\Roaming.minecraft\versions\ 1.8.1\1.8.1-natives-3006353727238492\libmp3lame-ttv.dll [394810] =>.Microsoft Corporation
O61 - LFC: 2019/06/05 17:07:29 N . (..) – C:\Users\Pavel\AppData\Roaming.minecraft\versions\ 1.8.1\1.8.1-natives-3006353727238492\lwjgl.dll [298496] =>.Microsoft Corporation
O61 - LFC: 2019/06/05 17:07:29 N . (..) – C:\Users\Pavel\AppData\Roaming.minecraft\versions\ 1.8.1\1.8.1-natives-3006353727238492\OpenAL32.dll [390144] =>.Microsoft Corporation
O61 - LFC: 2019/06/05 17:07:30 N . (..) – C:\Users\Pavel\AppData\Roaming.minecraft\versions\ 1.8.1\1.8.1-natives-3006353727238492\swresample-ttv-0.dll [113171] =>.Microsoft Corporation
O61 - LFC: 2019/06/05 17:07:29 N . (..) – C:\Users\Pavel\AppData\Roaming.minecraft\versions\ 1.8.1\1.8.1-natives-3006353727238492\twitchsdk.dll [1145344] =>.Microsoft Corporation
O61 - LFC: 2019/06/15 15:48:42 RA . (.Stanislav Polshyn & Trend Micro Inc..) – C:\Users\Pavel\Desktop\HiJackThis\HiJackThis.exe [7246160]

—\ File Associations Shell Spawning (9) - 1s
O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – ‘%1’ %* =>.Default.Value
O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) – C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – ‘%1’ %* =>.Default.Value
O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – ‘%1’ %* =>.Default.Value
O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) – C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – ‘%1’ %* =>.Default.Value
O67 - Shell Spawning: <.js> [HKLM..\open\Command] (…) – C:\Windows\System32\WScript.exe ‘%1’ %* =>.Default.Value
O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Registry Editor.) – C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – ‘%1’ /S =>.Default.Value

—\ Start Menu Internet (4) - 0s
O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC

—\ Search Browser Infection (5) - 0s
O69 - SBI: SearchScopes [HKCU] [64Bits]{2f23ab71-4ac6-41f2-a955-ea576e553146} - (YHS) - http://us.search.yahoo.com/ =>.Yahoo! Inc.
O69 - SBI: SearchScopes [HKCU] [64Bits]{53e2f62a-3083-46e6-8527-cf89e4acb4ae} - (Yahoo! Powered) - http://us.search.yahoo.com/ =>.Yahoo! Inc.
O69 - SBI: SearchScopes [HKCU] [64Bits]{AE5E8B88-E8FC-45E6-8A5B-20D1DC910AE9} - (Default) - http://searchinterneat-a.akamaihd.net/ =>.SUP.AkamaiHD
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Yahoo! Powered) - http://us.search.yahoo.com/ =>.Yahoo! Inc.
O69 - SBI: SearchScopes [HKLM] [64Bits]{53e2f62a-3083-46e6-8527-cf89e4acb4ae} - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com

—\ Search Svchost Services (36) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) – C:\Windows\System32\aelupsvc.dll [214528] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\Windows\System32\certprop.dll [158720] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\Windows\System32\certprop.dll [158720] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) – C:\Windows\System32\srvsvc.dll [329216] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) – C:\Windows\System32\gpsvc.dll [1362432] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) – C:\Windows\System32\IKEEXT.DLL [1080320] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) – C:\Windows\System32\iphlpsvc.dll [927744] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) – C:\Windows\System32\seclogon.dll [31744] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) – C:\Windows\System32\appinfo.dll [110080] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) – C:\Windows\System32\iscsiexe.dll [151040] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) – C:\Windows\System32\eapsvc.dll [110592] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) – C:\Windows\System32\schedsvc.dll [1265664] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\Windows\System32\wbem\WMIsvc.dll [230400] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) – C:\Windows\System32\mmcss.dll [71168] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) – C:\Windows\System32\browser.dll [135168] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) – C:\Windows\System32\profsvc.dll [228864] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) – C:\Windows\System32\SessEnv.dll [346112] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) – C:\Windows\System32\wercplsupport.dll [84992] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) – C:\Windows\System32\KMSVC.DLL [101376] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) – C:\Windows\System32\bdesvc.dll [348672] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Windows Location Framework Service.) – C:\Windows\System32\GeofenceMonitorService.dll [522240] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) – C:\Windows\System32\wlidsvc.dll [1639424] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) – C:\Windows\System32\themeservice.dll [59392] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) – C:\Windows\System32\DeviceSetupManager.dll [206848] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) – C:\Windows\System32\NcaSvc.dll [166400] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) – C:\Windows\System32\rasauto.dll [102912] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) – C:\Windows\System32\rasmans.dll [542720] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) – C:\Windows\System32\mprdim.dll [233472] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) – C:\Windows\System32\Sens.dll [73728] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) – C:\Windows\System32\ipnathlp.dll [452608] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows™ Telephony Server.) – C:\Windows\System32\tapisrv.dll [313344] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) – C:\Windows\System32\wuaueng.dll [3718144] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) – C:\Windows\System32\qmgr.dll [933376] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) – C:\Windows\System32\shsvcs.dll [640000] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) – C:\Windows\System32\appmgmts.dll [187904] =>.Microsoft Corporation
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) – C:\Windows\System32\KeyboardFilterSvc.dll [93008] =>.Microsoft Windows®

—\ Firewall Active Exception List (2) - 0s
O87 - FAEL: ‘TCP Query User{7B5FF9F8-FAF5-4925-8FDB-5283A8299887}C:\users\pavel\appdata\roaming\spotif y\spotify.exe’ [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\users\pavel\appdata\roaming\spotify\spotify.exe =>.Spotify AB®
O87 - FAEL: ‘UDP Query User{8319D752-0B06-4221-A0F9-E8F71C651DB4}C:\users\pavel\appdata\roaming\spotif y\spotify.exe’ [In-None-P17-TRUE] .(.Spotify Ltd - Spotify.) – C:\users\pavel\appdata\roaming\spotify\spotify.exe =>.Spotify AB®

—\ Product Upgrade Codes (48) - 1s
O90 - PUC: ‘007AE03A51550F84880BE999CD53B688’ [HKLM] . (.Apple Software Update.) – C:\Windows\Installer{A30EA700-5515-48F0-88B0-9E99DC356B88}\Installer.ico =>.Apple Inc.
O90 - PUC: ‘0831047A510FB5745AAAA71E2FB3D33B’ [HKLM] . (.Sony Vegas 5.0b.) – C:\Windows\Installer{A7401380-F015-475B-A5AA-7AE1F23B3DB3}\vegas50.ico =>.Sony Corporation
O90 - PUC: ‘11864A5B21635AD4A8A56EED5D7D5C32’ [HKLM] . (.Apple Mobile Device Support.) – C:\Windows\Installer{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}\Installer.ico =>.Apple Inc.
O90 - PUC: ‘1926E8D15D0BCE53481466615F760A7F’ [HKLM] . (.Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219.) =>.bl.org
O90 - PUC: ‘1af2a8da7e60d0b429d7e6453b3d0182’ [HKLM] . (.Microsoft Visual C++ 2005 Redistributable (x64).) =>.bl.org
O90 - PUC: ‘1D5E3C0FEDA1E123187686FED06E995A’ [HKLM] . (.Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219.) =>.bl.org
O90 - PUC: ‘21EE4A31AE32173319EEFE3BD6FDFFE3’ [HKLM] . (.Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: ‘22BEFC8F7E2A1793E9ADB411DEFE1C58’ [HKLM] . (.Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: ‘3e43b73803c7c394f8a6b2f0402e19c2’ [HKLM] . (.Microsoft Visual C++ 2005 Redistributable.) =>.bl.org
O90 - PUC: ‘41398D33A16359441A1EA0BCEC807FD8’ [HKLM] . (.Microsoft Flight Simulator SimConnect Client v10.0.62615.0.) =>.Microsoft Corporation
O90 - PUC: ‘481AC16DD6F305A42BCCA78144D7A6D8’ [HKLM] . (.Microsoft Flight Simulator SimConnect Client v10.0.61259.0.) =>.Microsoft Corporation
O90 - PUC: ‘4BD6D1222E64C3330BB9F59453D19008’ [HKLM] . (.Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.13.26020.) =>.Microsoft Corporation
O90 - PUC: ‘4E30E037E0535E84D9E3349209D354D4’ [HKLM] . (.Itibiti RTC.) =>PUP.Optional.Itibiti
O90 - PUC: ‘4EA42A62D9304AC4784BF2238120100F’ [HKLM] . (.Java 8 Update 201.) – C:\Program Files (x86)\Java\jre1.8.0_201\bin\javaws.exe =>.Sun Microsystems
O90 - PUC: ‘4EA42A62D9304AC4784BF2238120110F’ [HKLM] . (.Java 8 Update 211.) – C:\Program Files (x86)\Java\jre1.8.0_211\bin\javaws.exe =>.Sun Microsystems
O90 - PUC: ‘4EA42A62D9304AC4784BF2468120110F’ [HKLM] . (.Java 8 Update 211 (64-bit).) – C:\Program Files\Java\jre1.8.0_211\bin\javaws.exe =>.Sun Microsystems
O90 - PUC: ‘4F4A3A23297B6D117AA8000B0D812010’ [HKLM] . (.Java SE Development Kit 8 Update 201.) – C:\Program Files (x86)\Java\jdk1.8.0_201\bin\javaws.exe =>.Sun Microsystems
O90 - PUC: ‘4F4A3A23297B6D117AA8000B0D816000’ [HKLM] . (.Java SE Development Kit 8 Update 60.) – C:\Program Files (x86)\Java\jdk1.8.0_60\bin\javaws.exe =>.Sun Microsystems
O90 - PUC: ‘5A812990327ACD34D85B163756A6E149’ [HKLM] . (.Dropbox Update Helper.) =>.WINSE
O90 - PUC: ‘5F7C202B3ED7FBF42B957EE026F565CF’ [HKLM] . (.Apple Application Support (64-bit).) – C:\Windows\Installer{B202C7F5-7DE3-4FBF-B259-E70E625F56FC}\WinInstall.ico =>.Apple Inc.
O90 - PUC: ‘6030E61781384634B8F8C04C9E73B6CA’ [HKLM] . (.MSXML 4.0 SP2 Parser and SDK.) =>.Microsoft Corporation
O90 - PUC: ‘617B899B10049194AB09AB415BD1EF5B’ [HKLM] . (.paint.net.) – C:\Windows\Installer{B998B716-4001-4919-BA90-BA14B51DFEB5}_853F67D554F05449430E7E.exe =>.Microsoft Corporation
O90 - PUC: ‘62DBF9290209B993A9A757D1160F9B24’ [HKLM] . (.Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: ‘67D6ECF5CD5FBA732B8B22BAC8DE1B4D’ [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161.) =>.bl.org
O90 - PUC: ‘6E815EB96CCE9A53884E7857C57002F0’ [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161.) =>.bl.org
O90 - PUC: ‘6E8D947A316B3EB3F8F540C548BE2AB9’ [HKLM] . (.Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: ‘7C43C21609E58D74B9C5F017D78D7262’ [HKLM] . (.swMSM.) – C:\Windows\Installer{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe =>.Adobe Inc.
O90 - PUC: ‘7C9F8B73BF303523781852719CD9C700’ [HKLM] . (.Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: ‘8915D598BD5CE57368BA31F3D4AAF92E’ [HKLM] . (.Microsoft Visual C++ 2017 x86 Additional Runtime - 14.13.26020.) =>.Microsoft Corporation
O90 - PUC: ‘8FE3FA8A010529A4CBAC096FA2D7268B’ [HKLM] . (.iTunes.) – C:\Windows\Installer{A8AF3EF8-5010-4A92-BCCA-90F62A7D62B8}\Installer.ico =>.Apple Inc.
O90 - PUC: ‘A089CE062ADB6BC44A720BA745894BAC’ [HKLM] . (.Google Update Helper.) =>.Google Inc.
O90 - PUC: ‘A898945C8AA96FC42809FED58BCE7A66’ [HKLM] . (.Oracle VM VirtualBox 6.0.8.) – C:\Windows\Installer{C549898A-9AA8-4CF6-8290-EF5DB8ECA766}\IconVirtualBox =>.Oracle
O90 - PUC: ‘A9BDCE5C0B9D7013AB58219699A8B5E3’ [HKLM] . (.Microsoft Visual C++ 2017 x64 Additional Runtime - 14.13.26020.) =>.Microsoft Corporation
O90 - PUC: ‘AA5B83A248AE78F49973F22B932842A3’ [HKLM] . (.Sonic Foundry ACID 4.0.)
O90 - PUC: ‘C025571B2A687A53689168CD7369889B’ [HKLM] . (.Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: ‘c1c4f01781cc94c4c8fb1542c0981a2a’ [HKLM] . (.Microsoft Visual C++ 2005 Redistributable.) =>.bl.org
O90 - PUC: ‘C3AEB2FCAE628F23AAB933F1E743AB79’ [HKLM] . (.Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: ‘C4607844E13F99441AFEB9E808A93085’ [HKLM] . (.Adobe Shockwave Player 12.3.) – C:\Windows\Installer{4487064C-F31E-4499-A1EF-9B8E809A0358}\ARPPRODUCTICON.exe =>.Adobe Inc.
O90 - PUC: ‘C6F172F8B7E6A0D359B1E6B796D487DB’ [HKLM] . (.Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.13.26020.) =>.Microsoft Corporation
O90 - PUC: ‘D20352A90C039D93DBF6126ECE614057’ [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17.) =>.bl.org
O90 - PUC: ‘DC8A59DBF9D1DA5389A1E3975220E6BB’ [HKLM] . (.Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: ‘DDE7F2BCF1D91C3409CFF425AE1E271A’ [HKLM] . (.Microsoft .NET Framework 1.1.) =>.Microsoft Corporation
O90 - PUC: ‘E339C5BAD7C503D43B41C9384AB949EB’ [HKLM] . (.ATK Package.) – C:\Windows\Installer{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}_6FEFF9B68218417F98F549.exe =>.ASUSTeK
O90 - PUC: ‘E808D6AD92633394F83B85F3B9BCD0FE’ [HKLM] . (.iCloud.) – C:\Windows\Installer{DA6D808E-3629-4933-8FB3-583F9BCB0DEF}\ARP.ico =>.Apple Inc.
O90 - PUC: ‘F60730A4A66673047777F5728467D401’ [HKLM] . (.Java Auto Updater.) =>.Sun Microsystems
O90 - PUC: ‘F8385C66458B55A4986E6A3178744AFD’ [HKLM] . (.Epic Games Launcher Prerequisites (x64).) – C:\Windows\Installer{66C5838F-B854-4A55-89E6-A6138747A4DF}\UnrealEngineLauncher.ico =>.Legitimate
O90 - PUC: ‘FBA33E01BF7D74F409A0973758A44BA5’ [HKLM] . (.Adobe AIR.) =>.Adobe Inc.
O90 - PUC: ‘FCEFCB1C2CE605740927E5429824F3F8’ [HKLM] . (.Apple Application Support (32-bit).) – C:\Windows\Installer{C1BCFECF-6EC2-4750-9072-5E2489423F8F}\WinInstall.ico =>.Apple Inc.

—\ Windows Installer Scan (24) - 10s
[MD5.3CCB0CF8B885B8AECD821D6C9DC4CEBC] [WIS][2014/03/31 09:40:10] (.ASUS.) – C:\Windows\Installer\1260bfd7.msi [545792] =>.ASUS
[MD5.A4CD8D299F04B14B1657BE9B09BD6D3B] [WIS][2019/02/14 20:04:26] (.Dropbox, Inc. - Dropbox Update Helper.) – C:\Windows\Installer\138deccd.msi [31232] =>.Dropbox, Inc.
[MD5.CC101464B26340FFADB405FE120E324B] [WIS][2012/07/30 23:22:50] (.Albert Chau.) – C:\Windows\Installer\1ccef3.msi [1796096]
[MD5.DC40B35B9873F25B044DA8F839C4AF05] [WIS][2019/06/15 14:05:47] (.Adobe - Adobe AIR Installer.) – C:\Windows\Installer\24be59.msi [49152] =>.Adobe
[MD5.0625497B85F063B61DE3E99A409A1619] [WIS][2019/06/15 14:06:11] (.Adobe, Inc - Adobe Shockwave Player 12.3.) – C:\Windows\Installer\24be9b.msi [24256512]
[MD5.9FD8CB7F2060A4A2F83F09577C022834] [WIS][2019/06/15 14:29:21] (.Oracle Corporation - Java SE Development Kit 8 Update 201.) – C:\Windows\Installer\3a4c15.msi [970752] =>.Oracle Corporation
[MD5.74082EB88C49A2A04F11488A02D90679] [WIS][2019/06/15 14:31:43] (.Oracle Corporation - Java SE Runtime Environment 8 Update 201.) – C:\Windows\Installer\3a4c19.msi [63856640] =>.Oracle Corporation
[MD5.DF1F244B129A8F1CE5108C87FDF6E1F1] [WIS][2019/03/18 14:10:52] (.dotPDN LLC.) – C:\Windows\Installer\3a4c72.msi [36268544] =>.dotPDN LLC
[MD5.202B7EC9D41CDA7ECC9A5DB38301AB9F] [WIS][2019/05/15 17:13:18] (.Google LLC - Google Update Helper.) – C:\Windows\Installer\47f181db.msi [40960] =>.Google LLC
[MD5.25B47EFBE9DCEF40BB9760B6B7846B99] [WIS][2015/08/31 00:42:08] (.Adobe Systems, Inc - swMSM.) – C:\Windows\Installer\4fbb39e.msi [2118144] =>.Adobe Systems, Inc
[MD5.93D6E00C39137ED1159430ED0F9A265C] [WIS][2015/09/30 13:39:20] (.Oracle Corporation - Java SE Development Kit 8 Update 60.) – C:\Windows\Installer\50a6996.msi [974848] =>.Oracle Corporation
[MD5.813D6A734E1FA0D7737B53C6CFADC980] [WIS][2004/06/21 07:18:34] (.Sony Pictures Digital Media Software - Vegas 5.0b.) – C:\Windows\Installer\5217e17f.msi [5663232]
[MD5.8C2EA424640FE3BA69A08DDA4949EC74] [WIS][2002/08/17 16:38:46] (.Sonic Foundry. Inc. - ACID 4.0.) – C:\Windows\Installer\527a3b1d.msi [1048576]
[MD5.7873ACD3BFA53B19469E6AB5606C80FE] [WIS][2015/11/19 11:56:58] (.Epic Games, Inc. - Epic Games Launcher Prerequisites (x64).) – C:\Windows\Installer\696cb585.msi [11919360] =>.Epic Games, Inc.
[MD5.DD0C70B696624F48D0FCA0D04A792F02] [WIS][2019/05/07 17:10:54] (.Apple Inc. - Apple Application Support Installer.) – C:\Windows\Installer\95557c09.msi [48852992] =>.Apple Inc.
[MD5.4CC414EEFEA45EDE82C667877157E318] [WIS][2019/04/30 14:54:22] (.Apple Inc. - Apple Mobile Device Support Installer.) – C:\Windows\Installer\95557d23.msi [15863808] =>.Apple Inc.
[MD5.9533027BEC08871FC5BC944FEDCE98B6] [WIS][2019/05/07 17:10:56] (.Apple Inc. - Apple Application Support Installer.) – C:\Windows\Installer\95557d6e.msi [54231040] =>.Apple Inc.
[MD5.695AAE6B7CB05E2B4F01CC33BA02F545] [WIS][2019/06/04 19:12:08] (.Apple Inc. - iTunes Installer.) – C:\Windows\Installer\ae7cf76d.msi [165150720] =>.Apple Inc.
[MD5.70C929C66F5AD5CBE4648F038E2C13E3] [WIS][2019/06/05 21:53:30] (.Oracle Corporation - Java SE Runtime Environment 8 Update 211.) – C:\Windows\Installer\b436f321.msi [66732032] =>.Oracle Corporation
[MD5.D79DE85EE9A0F6C3A62C1082CE41A6CD] [WIS][2019/06/05 21:53:25] (.Oracle Corporation - Java SE Runtime Environment 8 Update 211.) – C:\Windows\Installer\b436f325.msi [47230976] =>.Oracle Corporation
[MD5.D89CC1E11DCD5EFDD4D3C0EAF98C8280] [WIS][2019/06/05 21:53:25] (.Oracle Corporation - Java Auto Updater.) – C:\Windows\Installer\b436f32e.msi [782336] =>.Oracle Corporation
[MD5.8D260B4E18E5F85D29C14BA5473940E9] [WIS][2019/06/08 00:14:02] (.Oracle Corporation - Oracle VM VirtualBox 6.0.8 installation pac.) – C:\Windows\Installer\bf04ffc5.msi [52224000] =>.Oracle Corporation
[MD5.0D54B7E528B43CAFA7860F6752745234] [WIS][2019/04/30 14:27:30] (.Apple Inc. - Apple Software Update Installer.) – C:\Windows\Installer\d31cc615.msi [3612672] =>.Apple Inc.
[MD5.2B9A7ABA8ADE5553C90C60C299FA92D3] [WIS][2019/05/08 14:24:30] (.Apple Inc. - iCloud for Windows installer.) – C:\Windows\Installer\d31cc618.msi [42856448] =>.Apple Inc.

—\ FEATURE CONTROLE. (129) - 1s
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPUR POSEDETECTION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEM ENT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEM ENT]

revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEM ENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_P ROMPTS]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_P ROMPTS]

revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJ ECT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJ ECT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCR IPT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCR IPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULA TION]:xmoviemaker.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULA TION]:xeasy.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULA TION]:xfull.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULA TION]:xauthor.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGAC Y_COMPRESSION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:SAPLOGON.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:SAPLgPad.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:SAPGuiIT.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:SAPfewgsrv.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:Scale_for_R3.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:SAPGUI.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_U PLOAD_FOR_APP]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_U PLOAD_FOR_APP]:ieuser.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNE T_PROTOCOL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNE T_PROTOCOL]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICO DE_HANDLE_CLOSING_CALLBACK]:YahooMusicEngine.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMP ATIBLE_MODE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT _PASTE_URLACTION_IF_PROMPT]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT _PASTE_URLACTION_IF_PROMPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT _PASTE_URLACTION_IF_PROMPT]:devenv.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT _PASTE_URLACTION_IF_PROMPT]:dexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]:msfeedssync.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AN D_STATUS]

revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AN D_STATUS]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME _PASSWORD_DISABLE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME _PASSWORD_DISABLE]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PR OLOG]:msiexec.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_A RT]:wm.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_A RT]:cs.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_A RT]:waol.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHEL L_FOLDERS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPA RAMS]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONT ROL_BEHAVIORS]:wlmail.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]

revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTION SPER1_0SERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTION SPERSERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]

revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLO AD_IEFRAME]:sidebar.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLO AD_IEFRAME]

utlook.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLO AD_IEFRAME]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHIN G]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHIN G]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHIN G]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCK DOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCK DOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCK DOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLB ACK_ON_STOP_BINDING]:communicator.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOU T_PROTOCOL_IE7]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOU T_PROTOCOL_IE7]

revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOU T_PROTOCOL_IE7]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTI VEXINSTALL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTI VEXINSTALL]

revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTI VEXINSTALL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILE DOWNLOAD]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILE DOWNLOAD]

revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILE DOWNLOAD]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILE DOWNLOAD]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJE CT_DATA_ATTRIBUTE]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_ TO_LMZ]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_ TO_LMZ]

revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_ TO_LMZ]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOB JECT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOB JECT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOB JECT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOB JECT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]

revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_C OMBINE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_C OMBINE]

revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROT OCOL_WARN_DIALOG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_L OCKDOWN]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_L OCKDOWN]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_L OCKDOWN]

utlook.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILE CHECK]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILE CHECK]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDS ELECTCONTROL]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDS ELECTCONTROL]:winword.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDS ELECTCONTROL]:excel.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDS ELECTCONTROL]

owerpnt.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVI GATE_URL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVI GATE_URL]

revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVI GATE_URL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEB OC_IS_UNSAFE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZ ECHILD]:msn.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMA NAGEMENT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMA NAGEMENT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMA NAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRI CTIONS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRI CTIONS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRI CTIONS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]

revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATIO N]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATIO N]

revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATIO N]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATIO N]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATIO N]:wmplayer.exe =>.Legitimate

—\ Additional Scan (O88) (360) - 8s
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpj ijilce =>.SUP.SearchManager
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\a92e2408 =>Adware.YahooPowered
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{730E03E4-350E-48E5-9D3E-4329903D454D} =>PUP.Optional.Itibiti
C:\Program Files\KMSpico =>HackTool.KMSpico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software =>.SUP.Tencent
C:\ProgramData\Tencent =>.SUP.Tencent
C:\Users\Pavel\AppData\Roaming\DRPSu =>.SUP.DriverPack
HKCU\Software\Microsoft\Internet Explorer\SearchScopes{AE5E8B88-E8FC-45E6-8A5B-20D1DC910AE9} =>.SUP.AkamaiHD
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Produc ts\4E30E037E0535E84D9E3349209D354D4 =>PUP.Optional.Itibiti
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Featur es\4E30E037E0535E84D9E3349209D354D4 =>PUP.Optional.Itibiti
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\File System\003 =>.SUP.Temporary.Chrome
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\File System\004 =>.SUP.Temporary.Chrome
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\05c93cfa-67b0-11e5-824e-6036dd8fdc15\Ninite.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\AIRF713.tmp\Ado be AIR Installer.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Downloads\Ninite Classic Start Installer.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\Classic Shell\ClassicStartMenu.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\Temp1_ATKPackag e_Win8_64_VER100034.zip\Setup.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\998e304c-69c3-11e5-824f-6036dd8fdc15\Ninite.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Downloads\GeForce_Experience_v2.5. 14.5.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\LFS\LFS.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\qBittorrent\qbittorrent.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\NVIDIA Corporation\Display\nvtray.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\dele gate_execute.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\New Technology Studio\Apps\OpenIV\OpenIV.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\deleg ate_execute.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\qBittorrent\uninst.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\New Technology Studio\Apps\OpenIV\uninstall.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\LFS\UninstallLFS.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\Insta ller\setup.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\GIMP 2\bin\gimp-2.8.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\GUMCD5B.tmp\Goo gleUpdateSetup.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Downloads\SoftwareUpdater (1).exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\InstantSupport\InstantSupport.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Your_Updater\uninstall.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\PCAcceleratePro\uninstall.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\SystemHealer\Uninstaller.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Roaming\Setup74032.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\InstantSupport\uninstall.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Consumer Input\CIuninstall.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Itibiti Soft Phone\unins000.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Hoopla Search\Uninstaller.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local{3C4C0A10-18E4-66A8-757C-43405114BFD8}\uninstall.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Roaming\Setup48846.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Roaming\Setup32812.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-d31f23e3f760404e\RobloxPlayerLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-b31134db0a5f40bd\RobloxPlayerLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-fc39a4c10c8d4c27\RobloxPlayerLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\Jagex\RuneScape Launcher\RuneScape.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\Jagex\RuneScape Launcher\unins000.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\jre-8u144-windows-au.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Tanki Online\Tanki Online.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Desktop\NES\Nintendulator.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Epic Games\Launcher\Portal\SelfUpdateStaging\Install\Po rtal\Extras\Redist\LauncherPrereqSetup_x64.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Games\World_of_Warships\WoWSLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Games\World_of_Tanks\WoTLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\jre-8u161-windows-au.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\Java\jre1.8.0_144\bin\javaw.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\WinRAR\WinRAR.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Desktop\ultimate btools\launch.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\DLL-Files.com Client\unins000.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\iMobie\AnyTrans\uninstall.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\Rar$EXa7368.295 86\SA_Euro_1.01_COLD\SA_Euro_upd.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\Rar$EXa7368.339 26\SA_Euro_1.01_COLD\SA_Euro_upd.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\IXP886.TMP\Setu pAdmin.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\IXP464.TMP\Setu pAdmin.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\IXP610.TMP\Setu pAdmin.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Games\World_of_Warships\unins000.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\EasyAnt iCheat\EasyAntiCheat_Setup.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Games\World_of_Tanks\unins000.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Desktop\Rules of Survival.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\LINE\bin\LineUnInst. exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Roblox\Versions\version-73962241f96c4f1b\RobloxPlayerLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\LINE\bin\LineLaunche r.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Programs\TextNow\Tex tNow.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Sefaci\Huhugol.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\ProgramData\Wargaming.net\GameCenter\wgc.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Downloads\RobloxPlayerLauncher (15).exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-d0a4dc4fae3446fb\RobloxPlayerLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-a6e1765288a24d79\RobloxPlayerLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Roblox\Versions\Robl oxStudioLauncherBeta.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-3131b9dde23e4df9\RobloxPlayerLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Downloads\RobloxPlayerLauncher (16).exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Downloads\RobloxPlayerLauncher (17).exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Desktop\Launcher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-f83b9cfc8ec44bf6\RobloxPlayerLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\RuneScape Launcher\RuneScape.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\PowerISO\PowerISO.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLaun cher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-30a7b5a120244826\RobloxPlayerLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-d776a22f536d46f3\RobloxPlayerLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\bed702b5-0848-4647-a303-b752add61c7e\setup.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\92ff47c3-ab21-426a-ba55-404866edbdb9\setup.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-aa7aa6ffd6814f65\RobloxPlayerLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-8ef03b85fc3e4eab\RobloxPlayerLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\jre-8u191-windows-au.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-fe1202c4dac345c1\RobloxPlayerLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-97db3c41cc254bc4\RobloxPlayerLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Desktop\SteamSetup.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Programs\TextNow\Uni nstall TextNow.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Desktop\iTunes64Setup (2).exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\IXP864.TMP\Setu pAdmin.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Desktop\ccsetup551.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\IXP265.TMP\Setu pAdmin.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\IXP022.TMP\Setu pAdmin.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\IXP471.TMP\Setu pAdmin.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Desktop\BlueStacks-Installer_4.40.10.1013_amd64_native_cd27988ea2780b f2be35bcbcc9cc6c57.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\ProgramData\BlueStacks\Client\Bluestacks.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Desktop\Redragon Kumara RGB v1.0 (EN).exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Origin Games\Apex\r5apex.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\d4f802f8-7771-4a63-8e17-d750a151a3fa\setup.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\7zSDC30.tmp\Blu eStacksHelper.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\BlueStacks\HD-RunApp.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\Fortnit eClient-Win64-Shipping_BE.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Desktop\flashplayer32pp_ka_install .exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\McAfee Security Scan\uninstall.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\7zS4E25.tmp\Blu eStacksHelper.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-956696c38c0d4bb4\RobloxPlayerLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Algodoo\Algodoo.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-1d6778e03984449e\RobloxPlayerLauncher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\7zSA9BB.tmp\Blu eStacksHelper.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\WinRAR\Uninstall.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\WinRAR\Uninstall.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\WinRAR\WinRAR.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\Fortnit eClient-Win64-Shipping.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp_avast_\avastTem pInstaller_431118.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Tanki Online\unins000.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\7zS7490.tmp\Blu eStacksHelper.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\TweakBit\Driver Updater\DriverUpdater.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\TweakBit\Driver Updater\unins000.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\360\Total Security\Uninstall.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\WhySoSlow\WhySoSlow.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\778d4de5-7917-47d3-bcdb-2008cf3f3d48\setup.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\Blender Foundation\Blender\blender.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\ProgramData\Wargaming.net\GameCenter\setup.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Origin\legacyPM\OriginLegacyCLI.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Origin\Origin.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Origin\OriginClientService.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Origin\OriginWebHelperService.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\WhySoSlow\unins000.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\RuneScape Launcher\unins000.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Origin\OriginUninstall.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\PowerISO\uninstall.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\GIMP 2\uninst\unins000.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\BlueStacks\BlueStacksUninstaller.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Avast Driver Updater\UninstallStub.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\ByteFence\Uninstall.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Algodoo\unins000.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\AVAST Software\Browser\AvastBrowserUninstall.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\EaseUS\EaseUS Partition Master 13.0\unins000.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\Common Files\EAInstaller\Apex\Cleanup.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLaun cher.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\IXP102.TMP\Setu pAdmin.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\IXP145.TMP\Setu pAdmin.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\HandBrake\HandBrake.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\IXP368.TMP\Setu pAdmin.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\IXP930.TMP\Setu pAdmin.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\a91e6d39-c61e-4be6-b64d-14d6dda36a9f\setup.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_1978340843\java. exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\Java\jre1.8.0_201\bin\javacpl.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Program Files\HandBrake\uninst.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\IXP591.TMP\Setu pAdmin.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\Temp1_geek.zip\ geek.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\Temp2_FRST64(1) .zip\FRST64(1).exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\Desktop\fgvj,\FRST64(1).exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\Temp1_HiJackThi s_test.zip\HiJackThis.exe =>.SUP.Orphan.Compatibility
[HKCU\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]:C:\Users\Pavel\AppData\Local\Temp\Temp1_TFC(1).zi p\TFC(1).exe =>.SUP.Orphan.Compatibility
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\BSD =>.SUP.DriverUpdatePlus
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\csastats =>Adware.InstallCore
HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\ZoneMap\Domains\drp.su =>.SUP.DriverPack
HKCU\Software\drpsu =>.SUP.DriverPack
HKCU\Software\csastats =>Adware.InstallCore
HKCU\Software\undefined =>.SUP.Downloader
HKCU\Software\ProductSetup =>Adware.InstallCore
HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\ZoneMap\Domains\drp.su =>.SUP.DriverPack
HKLM\SOFTWARE\Wow6432Node\drpsu =>.SUP.DriverPack
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Google\Chrome\PreferenceMACs\Default \extensions.settings]

ilplloabdedfmialnfchjomjmpjcoej =>.SUP.SearchManager
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Google\Chrome\PreferenceMACs\Default \extensions.settings]:nahhmpbckpgdidfnmfkfgiflpjijilce =>.SUP.SearchManager
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLaun cher.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLaun cher.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe.FriendlyAppNam e =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe.ApplicationCom pany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\AppData\Local\Roblox\Versions\Robl oxStudioLauncherBeta.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\AppData\Local\Roblox\Versions\Robl oxStudioLauncherBeta.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLaun cher.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLaun cher.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\Launcher.exe.FriendlyAppNa me =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\Fortnit eClient-Win64-Shipping.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\Fortnit eClient-Win64-Shipping.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Wargaming.net\GameCenter\wgc.exe.F riendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Wargaming.net\GameCenter\wgc.exe.A pplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\RuneScape Launcher\RuneScape.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\RuneScape Launcher\RuneScape.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\PowerISO\PowerISO.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\PowerISO\PowerISO.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Dropbox\Client\Dropbox.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Dropbox\Client\Dropbox.exe.ApplicationCompan y =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\****** gamesABC\Project64k_0.41\Project64k\Project64k.exe .FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\BlueStacks-Installer_4.40.10.1013_amd64_native_cd27988ea2780b f2be35bcbcc9cc6c57.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\BlueStacks-Installer_4.40.10.1013_amd64_native_cd27988ea2780b f2be35bcbcc9cc6c57.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-c2f4870ea77341cc\RobloxPlayerLauncher.exe.Friendly AppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-c2f4870ea77341cc\RobloxPlayerLauncher.exe.Applicat ionCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files (x86)\origin games\apex\r5apex.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files (x86)\origin games\apex\r5apex.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\pavel\documents\bussimulator18\engine\bi naries\win64\ue4editor.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\pavel\documents\bussimulator18\engine\bi naries\win64\ue4editor.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\BlueStacks\HD-Agent.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\BlueStacks\HD-Agent.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-956696c38c0d4bb4\RobloxPlayerLauncher.exe.Friendly AppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-956696c38c0d4bb4\RobloxPlayerLauncher.exe.Applicat ionCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\GIMP 2\bin\gimp-2.8.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\GIMP 2\bin\gimp-2.8.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\SteamSetup.exe.FriendlyApp Name =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Algodoo\Algodoo.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-1d6778e03984449e\RobloxPlayerLauncher.exe.Friendly AppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-1d6778e03984449e\RobloxPlayerLauncher.exe.Applicat ionCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\Redragon Kumara RGB v1.0 (EN).exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\Redragon Kumara RGB v1.0 (EN).exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\BlueStacks\HD-MultiInstanceManager.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\BlueStacks\HD-MultiInstanceManager.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\BlueStacks\Client\Bluestacks.exe.F riendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\BlueStacks\Client\Bluestacks.exe.A pplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\iTunes64Setup (2).exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\iTunes64Setup (2).exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\ccsetup551.exe.FriendlyApp Name =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\ccsetup551.exe.Application Company =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Driver - San Francisco\Driver.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\BlueStacks\HD-RunApp.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\BlueStacks\HD-RunApp.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\WinRAR\WinRAR.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\WinRAR\WinRAR.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe.Frie ndlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe.Appl icationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\Fortnit eClient-Win64-Shipping_EAC.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\Fortnit eClient-Win64-Shipping_EAC.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Downloads\RobloxPlayerLauncher (15).exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Downloads\RobloxPlayerLauncher (15).exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Downloads\RobloxPlayerLauncher (14).exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Downloads\RobloxPlayerLauncher (14).exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Java\jre1.8.0_201\bin\javaw.exe.FriendlyAppN ame =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Java\jre1.8.0_201\bin\javaw.exe.ApplicationC ompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\WinRAR\WinRAR.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\WinRAR\WinRAR.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\WhySoSlow\WhySoSlow.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\WhySoSlow\WhySoSlow.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe.Frie ndlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe.Appl icationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\EaseUS\EaseUS Partition Master 13.0\bin\epm0.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\EaseUS\EaseUS Partition Master 13.0\bin\epm0.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Infogrames Interactive\RollerCoaster Tycoon 2\rct2.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\HandBrake\HandBrake.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\HandBrake\HandBrake.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Windows Movie Maker\xmoviemaker.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\fgvj,\FRST64(1).exe.Friend lyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\fgvj,\FRST64(1).exe.Applic ationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLaun cher.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLaun cher.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe.FriendlyAppNam e =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe.ApplicationCom pany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\AppData\Local\Roblox\Versions\Robl oxStudioLauncherBeta.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\AppData\Local\Roblox\Versions\Robl oxStudioLauncherBeta.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLaun cher.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLaun cher.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\Launcher.exe.FriendlyAppNa me =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\Fortnit eClient-Win64-Shipping.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\Fortnit eClient-Win64-Shipping.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Wargaming.net\GameCenter\wgc.exe.F riendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Wargaming.net\GameCenter\wgc.exe.A pplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\RuneScape Launcher\RuneScape.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\RuneScape Launcher\RuneScape.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\PowerISO\PowerISO.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\PowerISO\PowerISO.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Dropbox\Client\Dropbox.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Dropbox\Client\Dropbox.exe.ApplicationCompan y =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\****** gamesABC\Project64k_0.41\Project64k\Project64k.exe .FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\BlueStacks-Installer_4.40.10.1013_amd64_native_cd27988ea2780b f2be35bcbcc9cc6c57.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\BlueStacks-Installer_4.40.10.1013_amd64_native_cd27988ea2780b f2be35bcbcc9cc6c57.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-c2f4870ea77341cc\RobloxPlayerLauncher.exe.Friendly AppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-c2f4870ea77341cc\RobloxPlayerLauncher.exe.Applicat ionCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files (x86)\origin games\apex\r5apex.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files (x86)\origin games\apex\r5apex.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\pavel\documents\bussimulator18\engine\bi naries\win64\ue4editor.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\pavel\documents\bussimulator18\engine\bi naries\win64\ue4editor.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\BlueStacks\HD-Agent.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\BlueStacks\HD-Agent.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-956696c38c0d4bb4\RobloxPlayerLauncher.exe.Friendly AppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-956696c38c0d4bb4\RobloxPlayerLauncher.exe.Applicat ionCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\GIMP 2\bin\gimp-2.8.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\GIMP 2\bin\gimp-2.8.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\SteamSetup.exe.FriendlyApp Name =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Algodoo\Algodoo.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-1d6778e03984449e\RobloxPlayerLauncher.exe.Friendly AppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\AppData\Local\Roblox\Versions\vers ion-1d6778e03984449e\RobloxPlayerLauncher.exe.Applicat ionCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\Redragon Kumara RGB v1.0 (EN).exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\Redragon Kumara RGB v1.0 (EN).exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\BlueStacks\HD-MultiInstanceManager.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\BlueStacks\HD-MultiInstanceManager.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\BlueStacks\Client\Bluestacks.exe.F riendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\BlueStacks\Client\Bluestacks.exe.A pplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\iTunes64Setup (2).exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\iTunes64Setup (2).exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\ccsetup551.exe.FriendlyApp Name =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\ccsetup551.exe.Application Company =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Driver - San Francisco\Driver.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\BlueStacks\HD-RunApp.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\BlueStacks\HD-RunApp.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\WinRAR\WinRAR.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\WinRAR\WinRAR.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe.Frie ndlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe.Appl icationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\Fortnit eClient-Win64-Shipping_EAC.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\Fortnit eClient-Win64-Shipping_EAC.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Downloads\RobloxPlayerLauncher (15).exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Downloads\RobloxPlayerLauncher (15).exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Downloads\RobloxPlayerLauncher (14).exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Downloads\RobloxPlayerLauncher (14).exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Java\jre1.8.0_201\bin\javaw.exe.FriendlyAppN ame =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Java\jre1.8.0_201\bin\javaw.exe.ApplicationC ompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\WinRAR\WinRAR.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\WinRAR\WinRAR.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\WhySoSlow\WhySoSlow.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\WhySoSlow\WhySoSlow.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe.Frie ndlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe.Appl icationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\EaseUS\EaseUS Partition Master 13.0\bin\epm0.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\EaseUS\EaseUS Partition Master 13.0\bin\epm0.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Infogrames Interactive\RollerCoaster Tycoon 2\rct2.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\HandBrake\HandBrake.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\HandBrake\HandBrake.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Windows Movie Maker\xmoviemaker.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\fgvj,\FRST64(1).exe.Friend lyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Pavel\Desktop\fgvj,\FRST64(1).exe.Applic ationCompany =>.SUP.Orphan.MUICache

—\ Summary of the elements found (17) - 0s
Zone Anti-Malware - ZAM =>.SUP.Orphan
Zone Anti-Malware - ZAM =>.SUP.SearchManager
Zone Anti-Malware - ZAM =>PUP.Optional.WinYahoo
Zone Anti-Malware - ZAM =>Adware.YahooPowered
Zone Anti-Malware - ZAM =>PUP.Optional.Itibiti
Zone Anti-Malware - ZAM =>.SUP.Compete
Anti-Malware Zone - ZAM =>.SUP.DriverPack
Zone Anti-Malware - ZAM =>Adware.InstallCore
Zone Anti-Malware - ZAM =>.SUP.SystemHealer
Zone Anti-Malware - ZAM =>.SUP.Tencent
Zone Anti-Malware - ZAM =>.SUP.Downloader
Zone Anti-Malware - ZAM =>HackTool.KMSpico
Zone Anti-Malware - ZAM =>.SUP.AkamaiHD
Zone Anti-Malware - ZAM =>.SUP.Temporary.Chrome
Zone Anti-Malware - ZAM =>.SUP.Orphan.Compatibility
Zone Anti-Malware - ZAM =>.SUP.DriverUpdatePlus
Zone Anti-Malware - ZAM =>.SUP.Orphan.MUICache

~ Unselected Options:
~ End of the scan, 9200 items in 03mn47s (2437)(0)

**akotski1338** · 06-15-2019, 11:19 PM

ok

**Malnutrition** · 06-15-2019, 11:20 PM

OK, it will take me a little while like 30 minutes or so to go over this log.

**Malnutrition** · 06-16-2019, 12:07 AM

[COLOR=rgb(184, 49, 47)]ZHP Diag Fix.

ZHP Fix
[MEDIA=imgur]4bd9Ugb[/MEDIA]

[ul]
[li]Disable your antivirus prior to this fix![/li][li]Download ZHP-Fix from here.[/li][li]UnZip it to your desktop – Tool Here if needed… 7-Zip[/li][li]Install it.[/li][li]Click Suivant 5 Times.[/li][li]Then Installer.[/li][li]Then Terminer.[/li][li]Then right clcick the ZHP Fix icon Run as admin.[/li][li]Copy the entire content of the code box below, the next step will grab it from your clipboard.[/li][li]Then click on import.[/li][li]Then click GO.[/li][li]If you see any Prompts like the one below, select Oui. = Yes in French.[/li][li]https://pchelpforum.net/attachments/upload_2017-5-24_21-17-40-png.2248/[/li]

[li]Allow completion.[/li][li]A log file will appear on your desktop.[/li][li]Post it here in your next reply.[/li][/ul]

[ICODE] Script Zhpfix O4 - HKCU\..\Run: [Itibiti.exe] . (. - .) -- C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe (.Not File.) O4 - HKUS\S-1-5-21-2413270503-2783578207-2879242489-1001\..\Run: [Itibiti.exe] . (. - .) -- C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe (.Not File.) G2 - GCE: Preference [Pavel][User Data\Default\Extensions] [nahhmpbckpgdidfnmfkfgiflpjijilce] Search Manager O4 - GS\ProgramsCommon [Public]: HowToRemove.html.lnk . (...) C:\Users\Pavel\AppData\Local\{FA6BCC37-DEC3-A08F-B35B-8567973379FF}\HowToRemove\HowToRemove.html HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\BSD HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\csastats HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\ZoneMap\Domains\drp.su HKCU\Software\drpsu HKCU\Software\csastats HKCU\Software\undefined HKCU\Software\ProductSetup HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\ZoneMap\Domains\drp.su HKLM\SOFTWARE\Wow6432Node\drpsu HKLM\SOFTWARE\WOW6432Node\CompeteInc HKCU\SOFTWARE\System Healer HKCU\SOFTWARE\Tencent HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\drpsu HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\ProductSetup HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\System Healer HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Tencent HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\undefined O90 - PUC: "4E30E037E0535E84D9E3349209D354D4" [HKLM] . (.Itibiti RTC.) C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpj ijilce HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\a92e2408 HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\{730E03E4-350E-48E5-9D3E-4329903D454D} C:\Program Files\KMSpico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software C:\ProgramData\Tencent C:\Program Files (x86)\Itibiti Soft Phone C:\Users\Pavel\AppData\Roaming\DRPSu HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AE5E8B88-E8FC-45E6-8A5B-20D1DC910AE9} HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Produc ts\4E30E037E0535E84D9E3349209D354D4 HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Featur es\4E30E037E0535E84D9E3349209D354D4 C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\File System\000 C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\File System\001 C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\File System\003 C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\File System\004 HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\BSD HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\csastats HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\ZoneMap\Domains\drp.su HKCU\Software\drpsu HKCU\Software\csastats HKCU\Software\undefined HKCU\Software\ProductSetup HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\ZoneMap\Domains\drp.su HKLM\SOFTWARE\Wow6432Node\drpsu C:\Program Files\WhySoSlow C:\Program Files\TxGameAssistant C:\Windows\System32\DRIVERS\aftap0901.sys O4 - HKCU\..\Run: [Itibiti.exe] . (. - .) -- C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe (.Not File.) =>.SUP.Orphan O4 - HKUS\S-1-5-21-2413270503-2783578207-2879242489-1001\..\Run: [Itibiti.exe] . (. - .) -- C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe (.Not File.) =>.SUP.Orphan O42 - Logiciel: Chromium - (.Chromium.) [HKCU][64Bits] -- Chromium =>.Chromium O42 - Logiciel: Itibiti RTC - (.Itibiti Inc.) [HKLM][64Bits] -- {730E03E4-350E-48E5-9D3E-4329903D454D} =>PUP.Optional.Itibiti (Hidden) O42 - Logiciel: MySafeSavings - (..) [HKLM][64Bits] -- MySafeSavings HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\BSD HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\csastats HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\ZoneMap\Domains\drp.su HKCU\Software\drpsu HKCU\Software\csastats HKCU\Software\undefined HKCU\Software\ProductSetup HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\ZoneMap\Domains\drp.su HKLM\SOFTWARE\Wow6432Node\drpsu HKLM\SOFTWARE\WOW6432Node\McAfee HKLM\SOFTWARE\WOW6432Node\mcafeeupdater HKLM\SOFTWARE\WOW6432Node\MySafeSavings HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\MySafeSavings HKCU\SOFTWARE\Tencent HKCU\SOFTWARE\YourUpdater HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Chromium HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\drpsu HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\ProductSetup HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\System Healer HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\Tencent HKU\S-1-5-21-2413270503-2783578207-2879242489-1001\SOFTWARE\YourUpdater C:\Program Files\KMSpico C:\Program Files\WhySoSlow C:\Program Files (x86)\360 C:\Program Files (x86)\McAfee Safe Connect C:\Program Files (x86)\OpenSupport C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software C:\ProgramData\McAfee C:\ProgramData\Tencent C:\Users\Pavel\AppData\Roaming\360DrvMgr C:\Users\Pavel\AppData\Roaming\DRPSu C:\Users\Pavel\AppData\Roaming\McAfee Safe Connect C:\Users\Pavel\AppData\Roaming\YourUpdater C:\Users\Pavel\AppData\Local\Chromium C:\Users\Pavel\AppData\Local\GWX C:\Users\Pavel\AppData\Local\McAfee_Inc C:\Users\Pavel\AppData\Local\{FA36CC8D-DF64-A1FB-B452-862968807B17} C:\Users\Pavel\AppData\Local\{FA6BCC37-DEC3-A08F-B35B-8567973379FF} C:\Windows\System32\Config\systemprofile\AppData\R oaming\360safe C:\Windows\System32\Config\systemprofile\AppData\R oaming\Tencent C:\Windows\System32\drivers\aftap0901.sys O69 - SBI: SearchScopes [HKCU] [64Bits]{2f23ab71-4ac6-41f2-a955-ea576e553146} - (YHS) - http://us.search.yahoo.com/ =>.Yahoo! Inc. O69 - SBI: SearchScopes [HKCU] [64Bits]{53e2f62a-3083-46e6-8527-cf89e4acb4ae} - (Yahoo! Powered) - http://us.search.yahoo.com/ =>.Yahoo! Inc. O69 - SBI: SearchScopes [HKCU] [64Bits]{AE5E8B88-E8FC-45E6-8A5B-20D1DC910AE9} - (Default) - http://searchinterneat-a.akamaihd.net/ =>.SUP.AkamaiHD O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Yahoo! Powered) - http://us.search.yahoo.com/ =>.Yahoo! Inc. O90 - PUC: "4E30E037E0535E84D9E3349209D354D4" [HKLM] . (.Itibiti RTC.) =>PUP.Optional.Itibiti C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpj ijilce =>.SUP.SearchManager HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\a92e2408 =>Adware.YahooPowered HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\{730E03E4-350E-48E5-9D3E-4329903D454D} =>PUP.Optional.Itibiti C:\Program Files\KMSpico =>HackTool.KMSpico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software =>.SUP.Tencent C:\ProgramData\Tencent =>.SUP.Tencent C:\Users\Pavel\AppData\Roaming\DRPSu =>.SUP.DriverPack HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AE5E8B88-E8FC-45E6-8A5B-20D1DC910AE9} =>.SUP.AkamaiHD HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Produc ts\4E30E037E0535E84D9E3349209D354D4 =>PUP.Optional.Itibiti HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Featur es\4E30E037E0535E84D9E3349209D354D4 =>PUP.Optional.Itibiti C:\Program Files (x86)\qBittorrent C:\Users\Pavel\AppData\Local\Temp\778d4de5-7917-47d3-bcdb-2008cf3f3d48 EmptyPrefetch Emptytemp EmptyClsid[/ICODE][/COLOR]

**akotski1338** · 06-16-2019, 12:18 AM

ok here is the log

Laptop cannot find any network connections

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment