Here is the ZHPDiag report
~ ZHPDiag v2017.11.16.200 By Nicolas Coolman (2017/11/16)
~ Run by Patrick (Administrator) (2017/11/24 13:06:20)
~ Web:
https://www.nicolascoolman.com
~ Blog:
https://nicolascoolman.eu/
~ Facebook:
https://www.facebook.com/nicolascoolman1
~ Certificate ZHPDiag: Legal
~ State version:
~ Mode: Scan
~ Report: C:\Users\Patrick\Desktop\ZHPDiag.txt
~ Report: C:\Users\Patrick\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) =>.Microsoft Corporation
---\\ Internet Browsers (3) - 0s
~ GCIE: Google Chrome v61.0.3163.100
~ MFIE: Mozilla Firefox 57.0 (x64 en-US)
~ MSIE: Internet Explorer v11.0.9600.18837
---\\ Windows Product Information (4) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
Windows Activation Technologies : KO
---\\ System protection software (1) - 1s
Avast Free Antivirus v17.9.2319 (Protection)
---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4153.716 MB (63% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive has 364 GB (76%) free of 476 GB : OK =>.Disk Space
---\\ Connection to the system mode (3) - 0s
~ Computer Name: PATRICK-PC
~ User Name: Patrick
~ Logged in as Administrator
---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 364 GB free of 476 GB
~ Drive E: has GB free of 0 GB
---\\ State of the Windows Security Center (14) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\Software\WOW6432Node\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\Software\WOW6432Node\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Search Generic System Files (24) - 1s
[MD5.38AE1B3C38FAEF56FE4907922F0385BA] - 18/07/2017 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [3229696] =>.Microsoft Corporation
[MD5.C36BB659F08F046B139C8D1B980BF1AC] - 18/07/2017 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [46080] =>.Microsoft Corporation
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - 18/07/2017 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation
[MD5.D13A0397ED940C071FD5ABB76BC974CF] - 18/07/2017 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [3241472] =>.Microsoft Corporation
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - 18/07/2017 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [455168] =>.Microsoft Corporation
[MD5.067FA52BFB59A56110A12312EF9AF243] - 18/07/2017 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation
[MD5.492D07D79E7024CA310867B526D9636D] - 18/07/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation
[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 18/07/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation
[MD5.0DC2A9882540DEA4A55B08785E09D8FC] - 18/07/2017 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [496128] =>.Microsoft Corporation
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 18/07/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows®
[MD5.B8BD2BB284668C84865658C77574381A] - 18/07/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
[MD5.F036CE71586E93D94DAB220D7BDF4416] - 18/07/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation
[MD5.9B38580063D281A99E68EF5813022A5F] - 18/07/2017 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [106496] =>.Microsoft Corporation
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 18/07/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 18/07/2017 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 18/07/2017 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation
[MD5.767C6DF04C5758B9F0790D400541B44F] - 18/07/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [159744] =>.Microsoft Corporation
[MD5.734837208CAFD6E0959A7A0333C95C9D] - 18/07/2017 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [262656] =>.Microsoft Corporation
[MD5.1065D9AFE491706EB00AD3CBB76C9E54] - 18/07/2017 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1680616] {330000004B76632D24A2399A8B00010000004B} =>.Microsoft Corporation
[MD5.0086431C29C35BE1DBC43F52CC273887] - 18/07/2017 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation
[MD5.471815800AE33E6F1C32FB1B97C490CA] - 18/07/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 18/07/2017 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation
[MD5.4DD986720F7CB7A8A5D1226793097B9A] - 18/07/2017 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [117248] =>.Microsoft Corporation
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 18/07/2017 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Windows®
---\\ Non Microsoft non disabled Windows Services (4) - 2s
O23 - Service: (AppMgmt) . (...) - C:\Windows\System32\appmgmts.dll (.not file.)
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - Avast Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
O23 - Service: F-Secure Freedome Service (Freedome Service) . (.F-Secure Corporation - F-Secure Freedome Service.) - C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe =>.F-Secure Corporation®
O23 - Service: unchecky (Unchecky) . (.Reason Software Company Inc. - Unchecky Service.) - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe =>.Reason Software Company Inc.®
---\\ Services not Microsoft (SR=Run, SS=Stop) (8) - 26s
SR - Demand [18/07/2017] [ 317408] aswbIDSAgent (aswbIDSAgent) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe =>.AVAST Software s.r.o.®
SR - Auto [18/07/2017] [ 317408] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
SR - Auto [18/07/2017] [ 317408] F-Secure Freedome Service (Freedome Service) . (.F-Secure Corporation.) - C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe =>.F-Secure Corporation®
SS - Disabl [18/07/2017] [ 317408] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Disabl [18/07/2017] [ 317408] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Disabl [18/07/2017] [ 317408] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SS - Disabl [18/07/2017] [ 317408] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SR - Auto [18/07/2017] [ 317408] unchecky (Unchecky) . (.Reason Software Company Inc..) - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe =>.Reason Software Company Inc.®
---\\ Task Planned Automatically (Register) (49) - 6s
O38 - TASK: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} [64Bits][\Microsoft\Windows\Time Synchronization\SynchronizeTime] - (.Microsoft Corporation - A tool to aid in developing services for Wi.) -- C:\Windows\system32\sc.exe [45056] =>.Microsoft Corporation
O38 - TASK: {09D8D505-2562-4BBE-92BB-F6A11A840706} [64Bits][\Microsoft\Windows\Media Center\ActivateWindowsSearch] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation
O38 - TASK: {118CF4C5-C01C-4E41-B373-8C99C1760BA8} [64Bits][\Microsoft\Windows\Media Center\RegisterSearch] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation
O38 - TASK: {1504036E-3D2B-49E9-9F45-BF71227214A6} [64Bits][\Microsoft\Windows\Media Center\SqlLiteRecoveryTask] - (.Microsoft Corporation - Windows Media Center Store Update Manager.) -- C:\Windows\ehome\mcupdate.exe [198656] =>.Microsoft Corporation
O38 - TASK: {1C153F09-0A71-462C-A322-4B574FC8A1F2} [64Bits][\Microsoft\Windows\Media Center\OCURActivate] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation
O38 - TASK: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} [64Bits][\Microsoft\Windows\WindowsBackup\ConfigNotification] - (.Microsoft Corporation - Microsoft® Windows Backup.) -- C:\Windows\System32\sdclt.exe [1264640] =>.Microsoft Corporation
O38 - TASK: {2F74E8B2-69A2-4A0F-A3E5-9EBDFD44AD0D} [64Bits][\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}] - (...) -- C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe (.not file.) [0] (.Orphan.) =>.SUP.Orphan
O38 - TASK: {37DE0797-D536-4228-8EA0-E74F3CA299D5} [64Bits][\Microsoft\Windows\Media Center\ehDRMInit] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation
O38 - TASK: {397159F3-DED0-4F4F-8242-D92BCF5C4440} [64Bits][\Microsoft\Windows\Application Experience\ProgramDataUpdater] - (.Microsoft Corporation - Microsoft Compatibility Telemetry.) -- C:\Windows\system32\compattelrunner.exe [134376] {330000004B76632D24A2399A8B00010000004B} =>.Microsoft Corporation
O38 - TASK: {39A98B3C-C528-4993-8E16-3399E7A62867} [64Bits][\Microsoft\Windows\Media Center\mcupdate] - (...) -- C:\Windows\ehome\mcupdate (.not file.) [0] (.Orphan.) =>.SUP.Orphan
O38 - TASK: {3B3DCCBA-789E-4662-A0AF-49E6D2F4BCF7} [64Bits][\Microsoft\Windows\Media Center\StartRecording] - (...) -- C:\Windows\ehome\ehrec (.not file.) [0] (.Orphan.) =>.SUP.Orphan
O38 - TASK: {584647D8-9F21-4C53-8260-D04600C56165} [64Bits][\Avast Emergency Update] - (.AVAST Software - Avast Emergency Update.) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2418624] =>.AVAST Software s.r.o.®
O38 - TASK: {5A40E926-9E86-4B89-9CFD-B12311724371} [64Bits][\Microsoft\Windows\UPnP\UPnPHostConfig] - (.Microsoft Corporation - A tool to aid in developing services for Wi.) -- \Windows\System32\sc.exe [45056] =>.Microsoft Corporation
O38 - TASK: {5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6} [64Bits][\Microsoft\Windows\Defrag\ScheduledDefrag] - (.Microsoft Corp. - Disk Defragmenter Module.) -- C:\Windows\system32\defrag.exe [183296] =>.Microsoft Corp.
O38 - TASK: {72DB7465-BC54-491B-A92A-4637A28C9BBF} [64Bits][\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck] - (.Microsoft Corporation - AppID Certificate Store Verification Task.) -- C:\Windows\system32\appidcertstorecheck.exe [17920] =>.Microsoft Corporation
O38 - TASK: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} [64Bits][\Microsoft\Windows\Windows Media Sharing\UpdateLibrary] - (.Microsoft Corporation - Windows Media Player Network Sharing Servic.) -- \Program Files\Windows Media Player\wmpnscfg.exe [70656] =>.Microsoft Corporation
O38 - TASK: {7A7263EF-BBD4-4055-8F45-260E31FCBF53} [64Bits][\Microsoft\Windows\Media Center\ConfigureInternetTimeService] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation
O38 - TASK: {856D7DA4-B730-4CB4-AAE8-DB980F91E202} [64Bits][\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver] - (.Microsoft Corporation - Windows Disk Diagnostic User Resolver.) -- C:\Windows\system32\DFDWiz.exe [79360] =>.Microsoft Corporation
O38 - TASK: {9092047F-9B2A-4985-B7A0-FD3C51EA2844} [64Bits][\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector] - (.Microsoft Corporation - Windows Disk Failure Diagnostic Module.) -- \Windows\System32\dfdts.dll [45568] =>.Microsoft Corporation
O38 - TASK: {9281FDED-2D66-43D0-8E01-800B32E8F2C8} [64Bits][\Microsoft\Windows\Media Center\PBDADiscoveryW2] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation
O38 - TASK: {9447CEF0-83F4-4F9D-B4C1-D25DEC56F3D5} [64Bits][\Microsoft\Windows\Media Center\OCURDiscovery] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation
O38 - TASK: {9514F30D-C8DA-4CB1-AB27-D743DD03904E} [64Bits][\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] - (...) -- C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (.not file.) [0] (.Orphan.) =>.SUP.Orphan
O38 - TASK: {9576E959-7393-40F9-9915-4EE2A6FB11A0} [64Bits][\Microsoft\Windows\Media Center\DispatchRecoveryTasks] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation
O38 - TASK: {994C86AD-A929-4B2C-88A0-4E25A107A029} [64Bits][\Microsoft\Windows\SystemRestore\SR] - (.Microsoft Corporation - Microsoft® Windows System Protection Config.) -- \Windows\System32\srrstr.dll [270848] =>.Microsoft Corporation
O38 - TASK: {999DA5BD-5583-4F14-97FA-1602A926540D} [64Bits][\Microsoft\Windows\Media Center\RecordingRestart] - (...) -- C:\Windows\ehome\ehrec (.not file.) [0] (.Orphan.) =>.SUP.Orphan
O38 - TASK: {9B594547-85FC-4A19-AF71-991DEE432F38} [64Bits][\Microsoft\Windows\Media Center\PBDADiscovery] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation
O38 - TASK: {9E18C653-A923-471E-B560-2F2C82B06B31} [64Bits][\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser] - (.Microsoft Corporation - Microsoft Compatibility Telemetry.) -- C:\Windows\system32\CompatTelRunner.exe [134376] {330000004B76632D24A2399A8B00010000004B} =>.Microsoft Corporation
O38 - TASK: {9FC63041-B748-48C3-B466-F626F61B6F2D} [64Bits][\Microsoft\Windows\Media Center\InstallPlayReady] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation
O38 - TASK: {A48CABBF-24C8-4B87-B00F-9261807C3B43} [64Bits][\Microsoft\Windows\AppID\PolicyConverter] - (.Microsoft Corporation - AppID Policy Converter Task.) -- C:\Windows\system32\appidpolicyconverter.exe [148480] =>.Microsoft Corporation
O38 - TASK: {A55EC790-32AF-4199-BC4A-235074276EB1} [64Bits][\Microsoft\Windows\Media Center\PvrRecoveryTask] - (.Microsoft Corporation - Windows Media Center Store Update Manager.) -- C:\Windows\ehome\mcupdate.exe [198656] =>.Microsoft Corporation
O38 - TASK: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} [64Bits][\Microsoft\Windows\Location\Notifications] - (.Microsoft Corporation - Location Activity.) -- C:\Windows\System32\LocationNotifications.exe [90112] =>.Microsoft Corporation
O38 - TASK: {A7112BBA-E3E1-49DA-B48E-2E56FE0D0C86} [64Bits][\Microsoft\Windows\Media Center\UpdateRecordPath] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation
O38 - TASK: {AE5F3DE8-C9FB-47B7-AE5A-8B5B3259C90D} [64Bits][\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627}] - (...) -- C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe (.not file.) [0] (.Orphan.) =>.SUP.Orphan
O38 - TASK: {BB7F8127-EFAC-4831-8429-1C93F4A877A8} [64Bits][\Microsoft\Windows\Media Center\PvrScheduleTask] - (.Microsoft Corporation - Windows Media Center Store Update Manager.) -- C:\Windows\ehome\mcupdate.exe [198656] =>.Microsoft Corporation
O38 - TASK: {C016366B-7126-46CA-B36B-592A3D95A60B} [64Bits][\Microsoft\Windows\Customer Experience Improvement Program\Consolidator] - (.Microsoft Corporation - Windows SQM Consolidator.) -- C:\Windows\System32\wsqmcons.exe [293888] =>.Microsoft Corporation
O38 - TASK: {C06483B9-0D7D-4FD0-B4FE-05F99C80A7CC} [64Bits][\Microsoft\Windows\Media Center\PBDADiscoveryW1] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation
O38 - TASK: {CA6B5B9B-034A-47AB-ABE7-6AFF06218E50} [64Bits][\Microsoft\Windows\Media Center\PeriodicScanRetry] - (.Microsoft Corporation - Windows Media Center Store Update Manager.) -- C:\Windows\ehome\MCUpdate.exe [198656] =>.Microsoft Corporation
O38 - TASK: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} [64Bits][\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask] - (.Microsoft Corporation - Windows Remote Assistance COM Server.) -- C:\Windows\System32\raserver.exe [125952] =>.Microsoft Corporation
O38 - TASK: {CBE7A128-6154-4F7A-BD2D-A309959235BA} [64Bits][\Microsoft\Windows\Media Center\MediaCenterRecoveryTask] - (.Microsoft Corporation - Windows Media Center Store Update Manager.) -- C:\Windows\ehome\mcupdate.exe [198656] =>.Microsoft Corporation
O38 - TASK: {D0250F3F-6480-484F-B719-42F659AC64D5} [64Bits][\Microsoft\Windows\Windows Error Reporting\QueueReporting] - (.Microsoft Corporation - Windows Problem Reporting.) -- C:\Windows\system32\wermgr.exe [50688] =>.Microsoft Corporation
O38 - TASK: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} [64Bits][\Microsoft\Windows\Autochk\Proxy] - (.Microsoft Corporation - Autochk Proxy DLL.) -- \Windows\System32\acproxy.dll [11264] =>.Microsoft Corporation
O38 - TASK: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} [64Bits][\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask] - (.Microsoft Corporation - A tool to aid in developing services for Wi.) -- \Windows\System32\sc.exe [45056] =>.Microsoft Corporation
O38 - TASK: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} [64Bits][\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange] - (.Microsoft Corporation - Base Filtering Engine.) -- \Windows\System32\bfe.dll [705024] =>.Microsoft Corporation
O38 - TASK: {E3163C33-301D-4730-A266-5518C5ED3967} [64Bits][\Microsoft\Windows\Bluetooth\UninstallDeviceTask] - (.Microsoft Corporation - Bluetooth Uninstall Device Task.) -- \Windows\System32\BthUdTask.exe [36864] =>.Microsoft Corporation
O38 - TASK: {EA935066-368B-4288-92AE-C3C9403B8386} [64Bits][\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}] - (...) -- C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe (.not file.) [0] (.Orphan.) =>.SUP.Orphan
O38 - TASK: {EB02381F-D652-4B1C-894A-712498C62C51} [64Bits][\Microsoft\Windows\MUI\LPRemove] - (.Microsoft Corporation - MUI Language pack cleanup.) -- C:\Windows\system32\lpremove.exe [71168] =>.Microsoft Corporation
O38 - TASK: {F201E741-97DD-4F63-AAFB-93054BBF4B3A} [64Bits][\Microsoft\Windows\Media Center\ReindexSearchRoot] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation
O38 - TASK: {FB3C354D-297A-4EB2-9B58-090F6361906B} [64Bits][\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem] - (.Microsoft Corporation - Power Settings Command-Line Tool.) -- C:\Windows\System32\powercfg.exe [71168] =>.Microsoft Corporation
O38 - TASK: {FE66CC16-0C01-4464-A5D3-B6203D68FBE4} [64Bits][\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask] - (.Microsoft Corporation - Windows Media Center Store Update Manager.) -- C:\Windows\ehome\mcupdate.exe [198656] =>.Microsoft Corporation
---\\ Auto loading programs from Registry and folders (11) - 1s
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - AvLaunch component.) -- C:\Program Files\AVAST Software\Avast\AvLaunch.exe =>.AVAST Software s.r.o.®
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe =>.Intel Corporation
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe =>.Intel Corporation
O4 - HKLM\..\RunOnce: [000ClearPageFileAtShutdown] . (. - .) -- cmd
O4 - HKLM\..\RunOnce: [CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}] . (.COMODO - COMODO Internet Security.) -- C:\ProgramData\cis7D3A.exe =>.Comodo Security Solutions, Inc.®
O4 - HKLM\..\RunOnce: [*Restore] . (.Microsoft Corporation - Microsoft® Windows System Restore.) -- C:\Windows\System32\rstrui.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [WinPatrol] . (.Ruiware - WinPatrol Monitor.) -- C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe =>.Ruiware, LLC®
O4 - HKCU\..\Run: [Wipe Maintance] . (.
www.privacyroot.com - Application Installer.) -- C:\Program Files\Wipe\net1.exe =>.Yury Saprykin®
O4 - HKLM\..\Wow6432Node\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe =>.Elaborate Bytes AG®
O4 - HKUS\S-1-5-21-1492466166-1735938548-1690570200-1000\..\Run: [WinPatrol] . (.Ruiware - WinPatrol Monitor.) -- C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe =>.Ruiware, LLC®
O4 - HKUS\S-1-5-21-1492466166-1735938548-1690570200-1000\..\Run: [Wipe Maintance] . (.
www.privacyroot.com - Application Installer.) -- C:\Program Files\Wipe\net1.exe =>.Yury Saprykin®
---\\ Process running (12) - 1s
[MD5.34652C171663396C26E8C1E15A710B36] - (.AVAST Software - Avast Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416] [PID.1276] =>.AVAST Software s.r.o.®
[MD5.EF714E87AB975A3B820E3295C73AD6EF] - (.F-Secure Corporation - F-Secure Freedome Service.) -- C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe [592352] [PID.1688] =>.F-Secure Corporation®
[MD5.107AC0A12486F392A169763072A34C34] - (.Reason Software Company Inc. - Unchecky Service.) -- C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [294168] [PID.1940] =>.Reason Software Company Inc.®
[MD5.ED010E3C8B87B0910DD35D7883039621] - (.Reason Software Company Inc. - Unchecky Background Process.) -- C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe [612120] [PID.1996] =>.Reason Software Company Inc.®
[MD5.00000000000000000000000000000000] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [0] [PID.1480] =>.Intel Corporation
[MD5.264FF661A5DA4211E85E55BCB0BF6D53] - (.Ruiware - WinPatrol Monitor.) -- C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe [1223560] [PID.1472] =>.Ruiware, LLC®
[MD5.DDF2CBFA4CF36ADD6C910F94D49EA2D2] - (.AVAST Software - Avast Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [9238192] [PID.2164] =>.AVAST Software s.r.o.®
[MD5.3BD79A1F6D2EA0FDDEA3F8914B2A6A0C] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984] [PID.2268] =>.Elaborate Bytes AG®
[MD5.B6EA756B2FD8CCA5DD63F09A372C417F] - (.AVAST Software - Avast Behavior Shield.) -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928] [PID.2912] =>.AVAST Software s.r.o.®
[MD5.184937B23BE9ACD6AF88877ECC1A6DD9] - (.The OpenVPN Project - OpenVPN Daemon.) -- C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\openvpn.exe [662496] [PID.2440] =>.F-Secure Corporation®
[MD5.102F26366DC6B4A0F2868059CF5F05F2] - (.F-Secure Corporation - F-Secure Freedome UI.) -- C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\Freedome.exe [4338144] [PID.2516] =>.F-Secure Corporation®
[MD5.CFB11609FBBB1B1085F8BB2A25416C56] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Owner\Desktop\ZHPDiag3.exe [2928512] [PID.2864] =>.Nicolas Coolman
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (5) - 4s
M0 - MFSP: prefs.js [Patrick - xxwz7xvm.default]
http://www.google.com =>.Google Inc.
P2 - EXT FILE: (.LanguageTool - Grammar and Style Check - __MSG_appDesc__.) -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\xxwz7xvm.default\extensions\languagetool-webextension@languagetool.org.xpi
P2 - EXT FILE: (.uBlock Origin - __MSG_popupTipPicker__".) -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\xxwz7xvm.default\extensions\uBlock0@raymondhill.net.xpi =>.uBlock Origin
P2 - EXT FILE: (.Avast Online Security - Avast Browser Security and Web Reputat.) -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\xxwz7xvm.default\extensions\wrc@avast.com.xpi =>.Avast Online Security
P2 - EXT FILE: (.Video DownloadHelper - Download Videos from the Web.) -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\xxwz7xvm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi =>.Video DownloadHelper
---\\ Internet Explorer Extensions, Start, Search (15) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (11.00.9600.18838 (winblue_ltsb.171013-1838)) -- C:\Windows\System32\ieframe.dll =>.Microsoft Corporation
---\\ Internet Explorer, Proxy Management (7) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation
---\\ Hosts file redirection (1) - 4s
~ Le fichier hôte est sain (The hosts file is clean) (923064)
---\\ Browser Helper Object (BHO) (1) - 0s
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll =>.AVAST Software s.r.o.®
---\\ Global shortcuts Startup (124) - 14s
O4 - GS\Desktop [Administrator]: CDisplay.lnk . (.David Ayton - Sequential Image Display (JPEG PNG & GIF).) C:\Program Files (x86)\CDisplay\CDisplay.exe
O4 - GS\Desktop [Administrator]: Diablo II - Lord of Destruction.lnk . (.Blizzard North - Diablo II.) C:\Program Files (x86)\Diablo II\Diablo II.exe =>.Blizzard North
O4 - GS\Desktop [Administrator]: FurMark.lnk . (.Geeks3D (
www.geeks3d.com) - FurMark - GPU stress test and OpenGL benchm.) C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark.exe =>.Geeks3D (
www.geeks3d.com)
O4 - GS\Desktop [Administrator]: MSI Afterburner.lnk . (.Copyright © 2009-2017 Alexey Nicolaychuk aka Unwinder - MSIAfterburner.) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe {0E25850DA70F2EF8A7D9348F}
O4 - GS\Desktop [Administrator]: PeerBlock.lnk . (.PeerBlock, LLC - PeerBlock.) C:\Program Files\PeerBlock\peerblock.exe =>.PeerBlock, LLC®
O4 - GS\Desktop [Administrator]: PerformanceTest.lnk . (.PassMark Software - PerformanceTest Benchmark Software.) C:\Program Files\PerformanceTest\PerformanceTest64.exe =>.PassMark Software Pty Ltd®
O4 - GS\Desktop [Administrator]: SpeedFan.lnk . (...) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.®
O4 - GS\Desktop [Administrator]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\Patrick\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [Administrator]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\Patrick\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Patrick\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\TaskBar [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Administrator]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\TaskBar [Administrator]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Programs [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrator]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\Patrick\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [Guest]: CDisplay.lnk . (.David Ayton - Sequential Image Display (JPEG PNG & GIF).) C:\Program Files (x86)\CDisplay\CDisplay.exe
O4 - GS\Desktop [Guest]: Diablo II - Lord of Destruction.lnk . (.Blizzard North - Diablo II.) C:\Program Files (x86)\Diablo II\Diablo II.exe =>.Blizzard North
O4 - GS\Desktop [Guest]: FurMark.lnk . (.Geeks3D (
www.geeks3d.com) - FurMark - GPU stress test and OpenGL benchm.) C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark.exe =>.Geeks3D (
www.geeks3d.com)
O4 - GS\Desktop [Guest]: MSI Afterburner.lnk . (.Copyright © 2009-2017 Alexey Nicolaychuk aka Unwinder - MSIAfterburner.) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe {0E25850DA70F2EF8A7D9348F}
O4 - GS\Desktop [Guest]: PeerBlock.lnk . (.PeerBlock, LLC - PeerBlock.) C:\Program Files\PeerBlock\peerblock.exe =>.PeerBlock, LLC®
O4 - GS\Desktop [Guest]: PerformanceTest.lnk . (.PassMark Software - PerformanceTest Benchmark Software.) C:\Program Files\PerformanceTest\PerformanceTest64.exe =>.PassMark Software Pty Ltd®
O4 - GS\Desktop [Guest]: SpeedFan.lnk . (...) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.®
O4 - GS\Desktop [Guest]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\Patrick\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [Guest]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\Patrick\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Patrick\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\TaskBar [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Guest]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\TaskBar [Guest]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Programs [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Guest]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\Patrick\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [Owner]: CDisplay.lnk . (.David Ayton - Sequential Image Display (JPEG PNG & GIF).) C:\Program Files (x86)\CDisplay\CDisplay.exe
O4 - GS\Desktop [Owner]: Diablo II - Lord of Destruction.lnk . (.Blizzard North - Diablo II.) C:\Program Files (x86)\Diablo II\Diablo II.exe =>.Blizzard North
O4 - GS\Desktop [Owner]: FurMark.lnk . (.Geeks3D (
www.geeks3d.com) - FurMark - GPU stress test and OpenGL benchm.) C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark.exe =>.Geeks3D (
www.geeks3d.com)
O4 - GS\Desktop [Owner]: MSI Afterburner.lnk . (.Copyright © 2009-2017 Alexey Nicolaychuk aka Unwinder - MSIAfterburner.) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe {0E25850DA70F2EF8A7D9348F}
O4 - GS\Desktop [Owner]: PeerBlock.lnk . (.PeerBlock, LLC - PeerBlock.) C:\Program Files\PeerBlock\peerblock.exe =>.PeerBlock, LLC®
O4 - GS\Desktop [Owner]: PerformanceTest.lnk . (.PassMark Software - PerformanceTest Benchmark Software.) C:\Program Files\PerformanceTest\PerformanceTest64.exe =>.PassMark Software Pty Ltd®
O4 - GS\Desktop [Owner]: SpeedFan.lnk . (...) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.®
O4 - GS\Desktop [Owner]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\Patrick\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [Owner]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\Patrick\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Owner]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Patrick\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Owner]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Owner]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Owner]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Owner]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\TaskBar [Owner]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Owner]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\TaskBar [Owner]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Programs [Owner]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Owner]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\Patrick\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [Patrick]: CDisplay.lnk . (.David Ayton - Sequential Image Display (JPEG PNG & GIF).) C:\Program Files (x86)\CDisplay\CDisplay.exe
O4 - GS\Desktop [Patrick]: Diablo II - Lord of Destruction.lnk . (.Blizzard North - Diablo II.) C:\Program Files (x86)\Diablo II\Diablo II.exe =>.Blizzard North
O4 - GS\Desktop [Patrick]: FurMark.lnk . (.Geeks3D (
www.geeks3d.com) - FurMark - GPU stress test and OpenGL benchm.) C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark.exe =>.Geeks3D (
www.geeks3d.com)
O4 - GS\Desktop [Patrick]: MSI Afterburner.lnk . (.Copyright © 2009-2017 Alexey Nicolaychuk aka Unwinder - MSIAfterburner.) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe {0E25850DA70F2EF8A7D9348F}
O4 - GS\Desktop [Patrick]: PeerBlock.lnk . (.PeerBlock, LLC - PeerBlock.) C:\Program Files\PeerBlock\peerblock.exe =>.PeerBlock, LLC®
O4 - GS\Desktop [Patrick]: PerformanceTest.lnk . (.PassMark Software - PerformanceTest Benchmark Software.) C:\Program Files\PerformanceTest\PerformanceTest64.exe =>.PassMark Software Pty Ltd®
O4 - GS\Desktop [Patrick]: SpeedFan.lnk . (...) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.®
O4 - GS\Desktop [Patrick]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\Patrick\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [Patrick]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\Patrick\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Patrick]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Patrick\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Patrick]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Patrick]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Patrick]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Patrick]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\TaskBar [Patrick]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Patrick]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\TaskBar [Patrick]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Programs [Patrick]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Patrick]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\Patrick\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\CommonDesktop [Public]: Avast Free Antivirus.lnk . (.AVAST Software - Avast Antivirus.) C:\Program Files\AVAST Software\Avast\AvastUI.exe =>.AVAST Software s.r.o.®
O4 - GS\CommonDesktop [Public]: calibre 64bit - E-book management.lnk . (...) C:\Program Files (x86)\Calibre2\calibre.exe
O4 - GS\CommonDesktop [Public]: Freedome.lnk . (.F-Secure Corporation - F-Secure Freedome UI.) C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\Freedome.exe =>.F-Secure Corporation®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Imperium Galactica II - Alliances.lnk . (...) C:\GOG Games\Imperium Galactica II\ig2.exe
O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: OpenOffice 4.1.4.lnk . (.Apache Software Foundation - OpenOffice 4.1.4.) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe =>.Apache Software Foundation
O4 - GS\CommonDesktop [Public]: Removal Tool.lnk . (...) C:\Program Files (x86)\9-lab\Removal Tool\rmtool.exe
O4 - GS\CommonDesktop [Public]: Star Wars - Knights of the Old Republic.lnk . (.BioWare Corp. - Star Wars: Knights of the Old Republic.) C:\GOG Games\Star Wars - KotOR\swkotor.exe =>.BioWare Corp.
O4 - GS\CommonDesktop [Public]: Unchecky.lnk . (.Reason Software Company Inc. - Unchecky.) C:\Program Files (x86)\Unchecky\unchecky.exe =>.Reason Software Company Inc.®
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\Patrick\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff =>.Microsoft Corporation®
O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Display Switch.) C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Math Input Panel Accessory.) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Windows Mobility Center.) C:\Windows\system32\mblctr.exe /open =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows host process (Rundll32).) C:\Windows\system32\rundll32.exe %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut =>..Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Microsoft® Disk Defragmenter.) C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Disk Space Cleanup Manager for Windows.) C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Resource and Performance Monitor.) C:\Windows\system32\perfmon.exe /res =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - System Information.) C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Microsoft® Windows System Restore.) C:\Windows\system32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc /s =>..Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Windows Easy Transfer Post Migration Applic.) C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Windows Easy Transfer Application.) C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\ProgramsCommon [Public]: Sidebar.lnk . (.Microsoft Corporation - Windows Desktop Gadgets.) C:\Program Files (x86)\Windows Sidebar\sidebar.exe /showgadgets =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Windows Anytime Upgrade User Interface.) C:\Windows\system32\WindowsAnytimeUpgradeUI.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\DVD Maker\DVDMaker.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
---\\ Winsock hijacker (Layered Service Provider) (4) - 1s
O10 - WLSP:\NameSpace_Catalog5\Catalog_Entries\000000000008\Winsock LSP File . (...) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Not File) =>Hijacker.Winsock
O10 - WLSP:\NameSpace_Catalog5\Catalog_Entries\000000000009\Winsock LSP File . (...) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Not File) =>Hijacker.Winsock
O10 - WLSP:\NameSpace_Catalog5\Catalog_Entries64\000000000008\Winsock LSP File . (...) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Not File) =>Hijacker.Winsock
O10 - WLSP:\NameSpace_Catalog5\Catalog_Entries64\000000000009\Winsock LSP File . (...) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Not File) =>Hijacker.Winsock
---\\ Lop.com/Domain Hijackers (7) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 198.18.4.197
O17 - HKLM\System\CCS\Services\Tcpip\..\{444988B6-9931-4F66-8E63-A199AE9754F2}: NameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\..\{539CB6FE-A5AF-4637-8F18-2DC6A160B884}: NameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\..\{05791D1D-051A-4ECE-A4F5-2DC4F9998DD0}: DhcpNameServer = 198.18.4.197
O17 - HKLM\System\CCS\Services\Tcpip\..\{539CB6FE-A5AF-4637-8F18-2DC6A160B884}: DhcpNameServer = 75.75.75.75 75.75.76.76 =>.UK Milton Keynes Dedicated Server Hosting
O17 - HKLM\System\CCS\Services\Tcpip\..\{539CB6FE-A5AF-4637-8F18-2DC6A160B884}: DhcpDomain = hsd1.ca.comcast.net.
---\\ Extra protocols (20) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
---\\ Software installed (27) - 11s
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast Antivirus =>.AVAST Software s.r.o.®
O42 - Logiciel: calibre 64bit - (.Kovid Goyal.) [HKLM][64Bits] -- {3E7334AB-3B64-4CD0-8DAC-817FF56AED7E} =>.Kovid Goyal
O42 - Logiciel: CDisplay 1.8 - (.dvd8n.) [HKLM][64Bits] -- CDisplay_is1 =>.dvd8n
O42 - Logiciel: Diablo II - (..) [HKLM][64Bits] -- Diablo II
O42 - Logiciel: Freedome - (.F-Secure Corporation.) [HKLM][64Bits] -- F-Secure Freedome =>.F-Secure Corporation®
O42 - Logiciel: Geeks3D FurMark 1.19.1.0 - (.Geeks3D.) [HKLM][64Bits] -- {2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1 =>.Geeks3D
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: HostsMan 4.7.105 - (.abelhadigital.com.) [HKLM][64Bits] -- {1A3DD1A9-7B7B-4ECA-AD2F-98466F49F62C}_is1 =>.abelhadigital.com
O42 - Logiciel: Imperium Galactica II - Alliances - (.GOG.com.) [HKLM][64Bits] -- 1254614904_is1 =>.GOG Limited®
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - Software and Firmware Products®
O42 - Logiciel: Mozilla Firefox 57.0 (x64 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 57.0 (x64 en-US) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: MSI Afterburner 4.4.0 - (.MSI Co., LTD.) [HKLM][64Bits] -- Afterburner =>.MSI Co., LTD
O42 - Logiciel: OpenOffice 4.1.4 - (.Apache Software Foundation.) [HKLM][64Bits] -- {4138A847-021B-4C26-B6BF-220B2446F603} =>.Apache Software Foundation
O42 - Logiciel: PeerBlock 1.2 (r693) - (.PeerBlock, LLC.) [HKLM][64Bits] -- {015C5B35-B678-451C-9AEE-821E8D69621C}_is1 =>.PeerBlock, LLC
O42 - Logiciel: PerformanceTest v9.0 - (.Passmark Software.) [HKLM][64Bits] -- PerformanceTest 9_is1 =>.PassMark Software Pty Ltd®
O42 - Logiciel: RivaTuner Statistics Server 7.0.0 - (.Unwinder.) [HKLM][64Bits] -- RTSS =>.Unwinder
O42 - Logiciel: Skype™ 7.40 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {3B7E914A-93D5-4A29-92BB-AF8C3F66C431} =>.Skype Technologies S.A.
O42 - Logiciel: SpeedFan (remove only) - (.Almico Software.) [HKLM][64Bits] -- SpeedFan =>.Almico Software
O42 - Logiciel: STAR WARS® - Knights of the Old Republic™ - (.GOG.com.) [HKLM][64Bits] -- 1207666283_is1 =>.GOG Limited®
O42 - Logiciel: System Ninja version 3.1.5 - (.SingularLabs.) [HKLM][64Bits] -- {6E67710E-206D-43AB-BF21-E7CD63056C55}_is1 =>.SingularLabs
O42 - Logiciel: Unchecky v1.1 - (.Reason Software Company Inc..) [HKLM][64Bits] -- Unchecky =>.Reason Software Company Inc.®
O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM][64Bits] -- VirtualCloneDrive =>.Elaborate Bytes
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: WinRAR 5.50 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: Wipe - (.PrivacyRoot.com.) [HKLM][64Bits] -- wipe =>.Yury Saprykin®
---\\ HKCU & HKLM Software Keys (72) - 11s
HKLM\SOFTWARE\Wow6432Node\abelhadigital.com =>.abelhadigital.com
HKLM\SOFTWARE\Wow6432Node\Avast AVS
HKLM\SOFTWARE\Wow6432Node\AVAST Software =>.AVAST Software
HKLM\SOFTWARE\Wow6432Node\AVG =>.AVG Software
HKLM\SOFTWARE\Wow6432Node\Battle.net =>.Games Software
HKLM\SOFTWARE\Wow6432Node\BioWare =>.BioWare
HKLM\SOFTWARE\Wow6432Node\Blizzard Entertainment =>.Blizzard Entertainment
HKLM\SOFTWARE\Wow6432Node\Comodo =>.Comodo
HKLM\SOFTWARE\Wow6432Node\Elaborate Bytes =>.Elaborate Bytes
HKLM\SOFTWARE\Wow6432Node\Eset =>.ESET
HKLM\SOFTWARE\Wow6432Node\F-Secure =>.F-Secure
HKLM\SOFTWARE\Wow6432Node\Foolish IT =>.Foolish IT
HKLM\SOFTWARE\Wow6432Node\GOG.com =>.GOG.com
HKLM\SOFTWARE\Wow6432Node\Google =>.Google
HKLM\SOFTWARE\Wow6432Node\IM Providers =>.IM Providers
HKLM\SOFTWARE\Wow6432Node\Intel =>.Intel
HKLM\SOFTWARE\Wow6432Node\Licenses =>.Microsoft Corporation
HKLM\SOFTWARE\Wow6432Node\Malwarebytes Anti-Rootkit =>.Malwarebytes
HKLM\SOFTWARE\Wow6432Node\MCShield
HKLM\SOFTWARE\Wow6432Node\MicroWorld =>.MicroWorld Technologies Inc.
HKLM\SOFTWARE\Wow6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\Wow6432Node\MSI =>.MSI
HKLM\SOFTWARE\Wow6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Wow6432Node\OpenOffice =>.SourceForge
HKLM\SOFTWARE\Wow6432Node\Skype =>.Skype
HKLM\SOFTWARE\Wow6432Node\SpeedFan =>.Almico Software
HKLM\SOFTWARE\Wow6432Node\Unchecky =>.RaMMicHaeL
HKLM\SOFTWARE\Wow6432Node\Unwinder =>.Unwinder
HKLM\SOFTWARE\Wow6432Node\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\9-lab =>.9-lab
HKCU\SOFTWARE\Avast Software =>.AVAST Software
HKCU\SOFTWARE\AVG =>.AVG Software
HKCU\SOFTWARE\AVG Web TuneUp =>.AVG Web TuneUp
HKCU\SOFTWARE\Battle.net =>.Games Software
HKCU\SOFTWARE\BillP Studios =>.BillP Studios
HKCU\SOFTWARE\Blizzard Entertainment =>.Blizzard Entertainment
HKCU\SOFTWARE\CDisplay =>.David Ayton
HKCU\SOFTWARE\Comodo =>.Comodo
HKCU\SOFTWARE\ComodoGroup =>.ComodoGroup
HKCU\SOFTWARE\Elaborate Bytes =>.Elaborate Bytes
HKCU\SOFTWARE\ESET =>.ESET
HKCU\SOFTWARE\F-Secure =>.F-Secure
HKCU\SOFTWARE\GOG.com =>.GOG.com
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\HitmanPro.Alert
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\LogiShrd =>.LogiShrd
HKCU\SOFTWARE\MCShield
HKCU\SOFTWARE\MicroWorld =>.MicroWorld Technologies Inc.
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MSI =>.MSI
HKCU\SOFTWARE\OpenOffice =>.SourceForge
HKCU\SOFTWARE\ProtectedStorage =>.Microsoft Corporation
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\Reason =>.Propellerhead
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\skypeapp-b0d06433527c
HKCU\SOFTWARE\skypeapp-bcf62a7bf8c7
HKCU\SOFTWARE\SpeedFan =>.Almico Software
HKCU\SOFTWARE\Strahinja Markovic =>.Strahinja Markovic
HKCU\SOFTWARE\Sysinternals =>.Sysinternals
HKCU\SOFTWARE\techPowerUp =>.TechPowerUp
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\Unchecky =>.RaMMicHaeL
HKCU\SOFTWARE\Unwinder =>.Unwinder
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\wipe
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\Zemana =>.Zemana
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
---\\ Contents of the Common Files folders (170) - 7s
O43 - CFD: 21/11/2017 - [0] D -- \Program Files\9-lab =>.9-lab
O43 - CFD: 05/10/2017 - [] D -- \Program Files\AVAST Software =>.AVAST Software s.r.o.®
O43 - CFD: 10/11/2017 - [] D -- \Program Files\Calibre2 =>.Kovid Goyal
O43 - CFD: 13/07/2009 - [] D -- \Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 24/11/2017 - [] D -- \Program Files\COMODO =>.Comodo Group.
O43 - CFD: 05/10/2017 - [] D -- \Program Files\DVD Maker =>.Aone Software
O43 - CFD: 15/11/2017 - [] D -- \Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- \Program Files\Microsoft Games =>.Microsoft Corporation
O43 - CFD: 19/11/2017 - [] D -- \Program Files\Mozilla Firefox =>.Mozilla
O43 - CFD: 13/07/2009 - [] D -- \Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 19/11/2017 - [] D -- \Program Files\PeerBlock =>.PeerBlock, LLC®
O43 - CFD: 15/11/2017 - [] D -- \Program Files\PerformanceTest =>.PassMark Software Pty Ltd®
O43 - CFD: 06/10/2017 - [] D -- \Program Files\Reason
O43 - CFD: 13/07/2009 - [] D -- \Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 05/10/2017 - [] D -- \Program Files\VideoLAN =>.VideoLan Team
O43 - CFD: 05/10/2017 - [] D -- \Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- \Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 15/11/2017 - [] D -- \Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 13/07/2009 - [] D -- \Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- \Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 20/11/2010 - [] D -- \Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- \Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 06/10/2017 - [] D -- \Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 15/11/2017 - [] D -- \Program Files\Wipe =>.Yuri Saprykin
O43 - CFD: 06/10/2017 - [] D -- C:\Program Files (x86)\CDisplay
O43 - CFD: 20/11/2017 - [] D -- C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 04/11/2017 - [] D -- C:\Program Files (x86)\Diablo II =>.Blizzard Entertainment
O43 - CFD: 04/11/2017 - [] D -- C:\Program Files (x86)\Elaborate Bytes =>.Elaborate Bytes
O43 - CFD: 24/11/2017 - [] D -- C:\Program Files (x86)\F-Secure =>.F-Secure Corporation®
O43 - CFD: 15/11/2017 - [] D -- C:\Program Files (x86)\Geeks3D =>.Geeks3D
O43 - CFD: 05/10/2017 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 06/10/2017 - [] D -- C:\Program Files (x86)\HostsMan
O43 - CFD: 05/10/2017 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation
O43 - CFD: 15/11/2017 - [] D -- C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 04/10/2017 - [] D -- C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla
O43 - CFD: 13/07/2009 - [] D -- C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
O43 - CFD: 15/11/2017 - [] D -- C:\Program Files (x86)\MSI Afterburner =>.Micro-Star International Co
O43 - CFD: 05/11/2017 - [] D -- C:\Program Files (x86)\OpenOffice 4 =>.OpenOffice.org
O43 - CFD: 13/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 15/11/2017 - [] D -- C:\Program Files (x86)\RivaTuner Statistics Server =>.RivaTuner
O43 - CFD: 24/11/2017 - [] D -- C:\Program Files (x86)\Ruiware =>.Ruiware, LLC®
O43 - CFD: 07/10/2017 - [] D -- C:\Program Files (x86)\Sigil =>.John Schember Sigil
O43 - CFD: 10/10/2017 - [] RD -- C:\Program Files (x86)\Skype =>.Skype
O43 - CFD: 16/11/2017 - [] D -- C:\Program Files (x86)\SpeedFan =>.Almico Software
O43 - CFD: 21/11/2017 - [] D -- C:\Program Files (x86)\System Ninja
O43 - CFD: 05/10/2017 - [] D -- C:\Program Files (x86)\Unchecky =>.RaMMicHaeL
O43 - CFD: 05/10/2017 - [] D -- C:\Program Files (x86)\VideoLAN =>.VideoLan Team
O43 - CFD: 05/10/2017 - [] D -- C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 15/11/2017 - [] D -- C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 13/07/2009 - [] D -- C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 20/11/2010 - [] D -- C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 21/11/2017 - [0] D -- C:\Program Files (x86)\Zemana AntiMalware =>.Zemana
O43 - CFD: 24/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\9-lab Removal Tool
O43 - CFD: 06/10/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 13/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 05/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software =>.AVAST Software
O43 - CFD: 10/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management =>.Kovid Goyal
O43 - CFD: 06/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplay
O43 - CFD: 05/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II =>.Blizzard Entertainment
O43 - CFD: 04/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes =>.Elaborate Bytes
O43 - CFD: 05/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freedome
O43 - CFD: 17/11/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 15/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D =>.Geeks3D
O43 - CFD: 17/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com =>.GOG.com
O43 - CFD: 06/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HostsMan
O43 - CFD: 06/10/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 05/11/2017 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.4 =>.SourceForge
O43 - CFD: 05/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock =>.PeerBlock
O43 - CFD: 15/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
O43 - CFD: 10/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype =>.Skype
O43 - CFD: 13/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 06/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Ninja
O43 - CFD: 05/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky =>.RaMMicHaeL
O43 - CFD: 06/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team
O43 - CFD: 21/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol =>.Bill2 Software
O43 - CFD: 06/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 15/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wipe =>.Yuri Saprykin
O43 - CFD: 14/11/2017 - [] D -- C:\ProgramData\9-lab =>.9-lab
O43 - CFD: 06/10/2017 - [] D -- C:\ProgramData\abelhadigital.com =>.abelhadigital.com
O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 05/10/2017 - [] D -- C:\ProgramData\AVAST Software =>.AVAST Software
O43 - CFD: 08/11/2017 - [] D -- C:\ProgramData\Blizzard Entertainment =>.Blizzard Entertainment
O43 - CFD: 05/10/2017 - [] D -- C:\ProgramData\Common Files =>.Microsoft Corporation
O43 - CFD: 06/10/2017 - [] D -- C:\ProgramData\Comodo =>.Comodo Group.
O43 - CFD: 05/10/2017 - [] D -- C:\ProgramData\Comodo Downloader
O43 - CFD: 22/10/2017 - [] D -- C:\ProgramData\Dell =>.Dell
O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 15/11/2017 - [] D -- C:\ProgramData\Emsisoft =>.Emsisoft
O43 - CFD: 05/10/2017 - [] D -- C:\ProgramData\F-Secure =>.F-Secure
O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Favorites =>.Microsoft Corporation
O43 - CFD: 05/10/2017 - [] D -- C:\ProgramData\Foolish IT =>.Foolish IT
O43 - CFD: 24/11/2017 - [] D -- C:\ProgramData\HitmanPro =>.EIDOS hitman Game
O43 - CFD: 21/11/2017 - [] D -- C:\ProgramData\HitmanPro.Alert =>.Eidos
O43 - CFD: 05/10/2017 - [] D -- C:\ProgramData\Malwarebytes =>.Malwarebytes
O43 - CFD: 05/10/2017 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 12/10/2017 - [] D -- C:\ProgramData\MicroWorld =>.MicroWorld Technologies Inc.
O43 - CFD: 15/11/2017 - [] D -- C:\ProgramData\Passmark =>.PassMark Software
O43 - CFD: 14/10/2017 - [] D -- C:\ProgramData\RogueKiller =>.Adlice Software
O43 - CFD: 21/11/2017 - [0] D -- C:\ProgramData\Shared Space =>.Comodo Group.
O43 - CFD: 10/10/2017 - [] D -- C:\ProgramData\Skype =>.Skype
O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 24/11/2017 - [0] D -- C:\ProgramData\SWCUTemp
O43 - CFD: 20/11/2017 - [0] AD -- C:\ProgramData\TEMP =>.Microsoft Corporation
O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 05/11/2017 - [] D -- C:\ProgramData\Unchecky =>.RaMMicHaeL
O43 - CFD: 06/10/2017 - [] D -- C:\ProgramData\Western Digital =>.Western Digital
O43 - CFD: 05/10/2017 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared =>.Microsoft Corporation
O43 - CFD: 13/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 10/10/2017 - [] D -- C:\Program Files (x86)\Common Files\Skype =>.Skype
O43 - CFD: 13/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines =>.Microsoft Corporation
O43 - CFD: 05/10/2017 - [] D -- C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 24/11/2017 - [] D -- C:\Users\Patrick\AppData\Roaming\9-lab =>.9-lab
O43 - CFD: 06/10/2017 - [] D -- C:\Users\Patrick\AppData\Roaming\abelhadigital.com =>.abelhadigital.com
O43 - CFD: 05/10/2017 - [] D -- C:\Users\Patrick\AppData\Roaming\AVAST Software =>.AVAST Software
O43 - CFD: 21/11/2017 - [] SD -- C:\Users\Patrick\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 21/11/2017 - [] D -- C:\Users\Patrick\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 18/10/2017 - [] D -- C:\Users\Patrick\AppData\Roaming\Skype =>.Skype
O43 - CFD: 07/10/2017 - [] D -- C:\Users\Patrick\AppData\Roaming\uTorrent
O43 - CFD: 06/10/2017 - [] D -- C:\Users\Patrick\AppData\Roaming\vlc =>.VideoLan Team
O43 - CFD: 07/10/2017 - [] D -- C:\Users\Patrick\AppData\Roaming\WinPatrol =>.Bill2 Software
O43 - CFD: 20/11/2017 - [] D -- C:\Users\Patrick\AppData\Roaming\Wipe =>.Yuri Saprykin
O43 - CFD: 24/11/2017 - [] D -- C:\Users\Patrick\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 04/10/2017 - [0] SHD -- C:\Users\Patrick\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 05/10/2017 - [] D -- C:\Users\Patrick\AppData\Local\Comodo =>.Comodo Group.
O43 - CFD: 22/11/2017 - [] D -- C:\Users\Patrick\AppData\Local\CrashDumps =>.Microsoft Corporation
O43 - CFD: 24/11/2017 - [] D -- C:\Users\Patrick\AppData\Local\ESET =>.ESET
O43 - CFD: 05/10/2017 - [] D -- C:\Users\Patrick\AppData\Local\F-Secure =>.F-Secure
O43 - CFD: 07/10/2017 - [] D -- C:\Users\Patrick\AppData\Local\Google =>.Google
O43 - CFD: 17/10/2017 - [] D -- C:\Users\Patrick\AppData\Local\GyroscopeGames
O43 - CFD: 04/10/2017 - [0] SHD -- C:\Users\Patrick\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 21/11/2017 - [] D -- C:\Users\Patrick\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 21/11/2017 - [] D -- C:\Users\Patrick\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 15/11/2017 - [] D -- C:\Users\Patrick\AppData\Local\PassMark =>.PassMark Software
O43 - CFD: 21/11/2017 - [] D -- C:\Users\Patrick\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 24/11/2017 - [] D -- C:\Users\Patrick\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 04/10/2017 - [0] SHD -- C:\Users\Patrick\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 07/10/2017 - [] D -- C:\Users\Patrick\AppData\Local\Western Digital =>.Western Digital
O43 - CFD: 05/10/2017 - [] D -- C:\Users\Patrick\AppData\Local\Zemana =>.Zemana
O43 - CFD: 19/11/2017 - [] D -- C:\Users\Patrick\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 21/11/2017 - [0] D -- C:\Users\Patrick\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 07/10/2017 - [] D -- C:\Users\Patrick\Desktop\Tor Browser =>.Roger Dingledine
O43 - CFD: 06/10/2017 - [] RD -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 05/10/2017 - [] RD -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 04/11/2017 - [] D -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo II =>.Blizzard Entertainment
O43 - CFD: 14/11/2017 - [] D -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 06/10/2017 - [] RD -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 15/11/2017 - [] D -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner =>.Micro-Star International Co
O43 - CFD: 15/11/2017 - [] D -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server =>.RivaTuner
O43 - CFD: 25/10/2017 - [] D -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan =>.Almico Software
O43 - CFD: 07/10/2017 - [] RD -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 06/10/2017 - [] D -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 13/07/2009 - [0] SHD -- \Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 13/07/2009 - [0] SHD -- \Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 13/07/2009 - [] D -- \Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 18/11/2017 - [0] D -- \Users\Default\AppData\Local\temp =>.Microsoft Corporation
O43 - CFD: 13/07/2009 - [0] SHD -- \Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 13/07/2009 - [0] SHD -- \Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 13/07/2009 - [0] SHD -- \Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 13/07/2009 - [] D -- \Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 18/11/2017 - [0] D -- \Users\Default User\AppData\Local\temp =>.Microsoft Corporation
O43 - CFD: 13/07/2009 - [0] SHD -- \Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 21/11/2017 - [0] -- C:\Windows\System32\Config\systemprofile\AppData\Local\CrashDumps =>.Microsoft Corporation
O43 - CFD: 13/07/2009 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 05/10/2017 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Local\Zemana =>.Zemana
O43 - CFD: 13/07/2009 - [] SD -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation
---\\ ShellIconOverlayIdentifiers (SIOI) (4) - 0s
O106 - SIOI: avast [00asw] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - Avast Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll =>.AVAST Software s.r.o.®
O106 - SIOI: avast [00avg] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - Avast Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll =>.AVAST Software s.r.o.®
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
---\\ Search Context Menu Handlers (SCMH) (31) - 1s
O108 - CMH1: avast [64Bits] - {472083B0-C522-11CF-8763-00608CC02F24} . (.AVAST Software - Avast Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll =>.AVAST Software s.r.o.®
O108 - CMH1: BriefcaseMenu [64Bits] - {85BBD920-42A0-1069-A2E4-08002B30309D} . (.Microsoft Corporation - Windows Briefcase.) -- C:\Windows\System32\syncui.dll =>.Microsoft Corporation
O108 - CMH1: Glary Utilities [64Bits] - {B3C418F8-922B-4faf-915E-59BC14448CF7} . (.Orphan.)
O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH1: Open With EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: VirtualCloneDrive [64Bits] - {B7056B8E-4F99-44f8-8CBD-282390FE5428} . (.Elaborate Bytes AG - CloseTray.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll =>.Elaborate Bytes AG®
O108 - CMH1: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH2: Compatibility [64Bits] - {1d27f844-3a1f-4410-85ac-14651078412d} . (.Microsoft Corporation - Compatibility Tab Shell Extension Library.) -- C:\Windows\System32\acppage.dll =>.Microsoft Corporation
O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH3: 00asw [64Bits] - {472083B0-C522-11CF-8763-00608CC02F24} . (.AVAST Software - Avast Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll =>.AVAST Software s.r.o.®
O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH4: EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH4: MSSE [64Bits] - {0365FE2C-F183-4091-AC82-BFC39FB75C49} . (.Orphan.)
O108 - CMH4: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Orphan.)
O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH5: Gadgets [64Bits] - {6B9228DA-9C15-419e-856C-19E768A13BDC} . (.Microsoft Corporation - Sidebar droptarget.) -- \Program Files\Windows Sidebar\sbdrop.dll =>.Microsoft Corporation
O108 - CMH5: igfxcui [64Bits] - {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} . (.Intel Corporation - igfxpph Module.) -- C:\Windows\system32\igfxpph.dll =>.Intel Corporation
O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH6: avast [64Bits] - {472083B0-C522-11CF-8763-00608CC02F24} . (.AVAST Software - Avast Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll =>.AVAST Software s.r.o.®
O108 - CMH6: BriefcaseMenu [64Bits] - {85BBD920-42A0-1069-A2E4-08002B30309D} . (.Microsoft Corporation - Windows Briefcase.) -- C:\Windows\System32\syncui.dll =>.Microsoft Corporation
O108 - CMH6: Glary Utilities [64Bits] - {B3C418F8-922B-4faf-915E-59BC14448CF7} . (.Orphan.)
O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH6: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Orphan.)
O108 - CMH6: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O108 - CMH7: Glary Utilities [64Bits] - {B3C418F8-922B-4faf-915E-59BC14448CF7} . (.Orphan.)
O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH7: VirtualCloneDrive [64Bits] - {B7056B8E-4F99-44f8-8CBD-282390FE5428} . (.Elaborate Bytes AG - CloseTray.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll =>.Elaborate Bytes AG®
---\\ ShareTools MSconfig StartupReg (2) - 1s
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] [64Bits] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Owner\AppData\Roaming\uTorrent\uTorrent.exe
O53 - SMSR:HKLM\...\startupreg\Wipe Maintance [Key] [64Bits] . (.
www.privacyroot.com - Application Installer.) -- C:\Program Files\Wipe\net1.exe =>.
www.PrivacyRoot.com
---\\ System Drivers List (65) - 9s
O58 - SDL:2017/11/18 20:59:22 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\Windows\System32\drivers\4B53E2E4.sys [255928] =>.Malwarebytes Corporation®
O58 - SDL:2009/07/13 17:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows®
O58 - SDL:2011/03/10 22:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows®
O58 - SDL:2011/03/10 22:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows®
O58 - SDL:2017/11/24 10:20:01 A . (.AVAST Software - Avast anti rootkit.) -- C:\Windows\System32\drivers\aswArPot.sys [185120] =>.AVAST Software s.r.o.®
O58 - SDL:2017/11/24 10:19:26 A . (.AVAST Software - IDS Application Activity Monitor Driver..) -- C:\Windows\System32\drivers\aswbidsdrivera.sys [321032] =>.AVAST Software s.r.o.®
O58 - SDL:2017/11/24 10:19:27 A . (.AVAST Software - Application Activity Monitor Helper Driver.) -- C:\Windows\System32\drivers\aswbidsha.sys [199480] =>.AVAST Software s.r.o.®
O58 - SDL:2017/11/24 10:19:27 A . (.AVAST Software - Logging Driver.) -- C:\Windows\System32\drivers\aswbloga.sys [343792] =>.AVAST Software s.r.o.®
O58 - SDL:2017/11/24 10:19:27 A . (.AVAST Software - Universal Driver.) -- C:\Windows\System32\drivers\aswbuniva.sys [57720] =>.AVAST Software s.r.o.®
O58 - SDL:2017/11/24 10:20:02 A . (.AVAST Software - Avast HWID.) -- C:\Windows\System32\drivers\aswHwid.sys [47008] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2017/11/24 10:20:02 A . (.AVAST Software - Avast File System Minifilter for Windows 20.) -- C:\Windows\System32\drivers\aswMonFlt.sys [148288] =>.AVAST Software s.r.o.®
O58 - SDL:2017/11/24 10:20:01 A . (.AVAST Software - Avast WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [110376] =>.AVAST Software s.r.o.®
O58 - SDL:2017/11/24 10:20:02 A . (.AVAST Software - Avast Revert.) -- C:\Windows\System32\drivers\aswRvrt.sys [84416] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2017/11/24 10:19:33 A . (.AVAST Software - Avast Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys [1026232] =>.AVAST Software s.r.o.®
O58 - SDL:2017/11/24 10:20:02 A . (.AVAST Software - Avast self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [456912] =>.AVAST Software s.r.o.®
O58 - SDL:2017/11/24 10:20:02 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [204488] =>.AVAST Software s.r.o.®
O58 - SDL:2017/11/24 10:20:02 A . (.AVAST Software - Avast VM Monitor.) -- C:\Windows\System32\drivers\aswVmm.sys [367016] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2009/06/10 12:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation
O58 - SDL:2009/07/07 23:45:50 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\Windows\System32\drivers\BCMWL664.SYS [2769400] =>.Broadcom Corporation®
O58 - SDL:2009/06/10 12:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd.
O58 - SDL:2009/06/10 12:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/13 17:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 12:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 12:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 12:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 12:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation
O58 - SDL:2009/07/13 17:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2014/12/20 14:31:04 A . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) -- C:\Windows\System32\drivers\ElbyCDIO.sys [40344] =>.Elaborate Bytes AG®
O58 - SDL:2009/07/13 17:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows®
O58 - SDL:2009/06/10 12:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation
O58 - SDL:2017/10/05 17:36:11 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\Windows\System32\drivers\fsfreedometap.sys [34344] =>.F-Secure Corporation®
O58 - SDL:2017/10/06 08:12:08 A . (.Glarysoft Ltd - The driver for the Startup Manager tool.) -- C:\Windows\System32\drivers\GUBootStartup.sys [20160] =>.Glarysoft Ltd®
O58 - SDL:2009/06/10 12:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2010/11/20 19:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows®
O58 - SDL:2011/03/10 22:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows®
O58 - SDL:2012/11/14 15:57:06 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [10629408] =>.Intel Corporation
O58 - SDL:2009/07/13 17:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows®
O58 - SDL:2011/03/10 22:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows®
O58 - SDL:2011/03/10 22:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows®
O58 - SDL:2009/06/10 12:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2009/07/13 17:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows®
O58 - SDL:2017/11/19 12:08:21 A . (...) -- C:\Windows\System32\drivers\TrueSight.sys [28272] =>.Adlice®
O58 - SDL:2017/10/12 22:37:18 A . (.BitDefender S.R.L. - Trufos Kernel Module.) -- C:\Windows\System32\drivers\trufos.sys [350160] =>.Bitdefender SRL®
O58 - SDL:2013/07/24 07:02:46 A . (.Elaborate Bytes AG - Virtual CloneDrive SCSI miniport.) -- C:\Windows\System32\drivers\VClone.sys [36864] =>.Elaborate Bytes AG
O58 - SDL:2009/07/13 17:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2009/07/13 17:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows®
O58 - SDL:2015/04/29 23:01:06 A . (.Western Digital Technologies - WD SCSI Architecture Model (SAM) driver.) -- C:\Windows\System32\drivers\wdcsam64.sys [23200] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2009/09/28 08:22:00 A . (.©Copyright 2002-2009 Marvell®. All rights reserved. - .) -- C:\Windows\System32\drivers\yk62x64.sys [395264] =>.©Copyright 2002-2009 Marvell®. All rights reserved.
---\\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (...) -- %1" %*
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
---\\ Start Menu Internet (12) - 1s
O68 - StartMenuInternet: <Firefox-308046B0AF4A39CB> <Mozilla Firefox> [64Bits][HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: <Google Chrome> <Google Chrome> [64Bits][HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: <Firefox-308046B0AF4A39CB> <Mozilla Firefox> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Firefox-308046B0AF4A39CB> <Mozilla Firefox> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Firefox-308046B0AF4A39CB> <Mozilla Firefox> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
---\\ Search Browser Infection (3) - 29s
O69 - SBI: SearchScopes [HKCU] [64Bits]{012E1000-F331-11DB-8314-0800200C9A66} - (Google) -
http://www.google.com/ =>.Google Inc.
O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) -
http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) -
http://www.bing.com/ =>.Bing.com
---\\ Search Svchost Services (32) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [236032] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [794624] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [859648] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [680448] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\sens.dll [64512] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [683520] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2651136] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70144] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [156672] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [67584] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\sessenv.dll [121856] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [1110016] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\kmsvc.dll [90624] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [210432] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [44544] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation
---\\ Windows Installer Scan (4) - 2s
[MD5.E81C668B81975567E8C5728B805704E2] [WIS][2017/10/05 10:48:59] (.Google Inc. - Google Update Helper.) -- C:\Windows\Installer\1774a7.msi [40960] =>.Google Inc.
[MD5.9B06565DD7D90989169163A51199BE36] [WIS][2017/10/10 11:48:21] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\1a9b3a.msi [45539328] =>.Skype Technologies S.A.
[MD5.2919393606551EF00AE29CF569D307DA] [WIS][2017/09/22 05:42:44] (.OpenOffice - OpenOffice 4.1.4.) -- C:\Windows\Installer\2036e73.msi [2310144] =>.OpenOffice
[MD5.86FA61739CA55AB2F8E05E97709D0E55] [WIS][2017/11/10 17:03:06] (.Kovid Goyal - calibre Installer.) -- C:\Windows\Installer\cac4e.msi [69115904] =>.Kovid Goyal
---\\ Additional Scan (O88) (8) - 1s
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} =>.SUP.Orphan
HKLM\Software\Wow6432Node\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} =>.SUP.Orphan
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MSSE =>.SUP.Orphan
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glary Utilities =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files =>.SUP.Orphan
HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\Glary Utilities =>.SUP.Orphan
---\\ Summary of the elements found (1) - 0s
https://nicolascoolman.eu/2017/09/12/origine-lignes-orphelines/ =>.SUP.Orphan
~ Unselected Options:
~ End of the scan, 9926 items in 02mn14s (859)(0)