zhp diag scan log:
[the link you gave didn't open, so I downloaded from majorgeeks]
~ ZHPDiag v2017.8.4.134 By Nicolas Coolman (2017/08/04)
~ Run by Max (Administrator) (2017/08/08 18:22:20)
~ Web:
https://www.nicolascoolman.com
~ Blog:
https://nicolascoolman.eu/
~ Facebook:
https://www.facebook.com/nicolascoolman1
~ Certificate ZHPDiag: Legal
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\USER\Desktop\ZHPDiag.txt
~ Report: C:\Users\USER\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 15063) =>.Microsoft Corporation
---\\ Internet Browsers (4) - 0s
~ GCIE: Google Chrome v60.0.3112.90
~ MFIE: Mozilla Firefox 39.0 (x86 en-US)
~ MSIE: Microsoft Edge v40
~ MSIE: Internet Explorer v11.483.15063.0
---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ System protection software (1) - 2s
Windows Defender (Activate) (Protection)
---\\ System optimization software (1) - 3s
~ Tweaking.com - Windows Repair v4.0.1 (Optimize)
---\\ Surveillance software (1) - 3s
~ Adobe Flash Player 26 PPAPI (Surveillance)
---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4088.172 MB (42% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 55 GB (46%) free of 119 GB : OK =>.Disk Space
---\\ Connection to the system mode (3) - 0s
~ Computer Name: ADMIN
~ User Name: Max
~ Logged in as Administrator
---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 55 GB free of 119 GB (System)
~ Drive D: has 3 GB free of 356 GB
---\\ State of the Windows Security Center (7) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Search Generic System Files (24) - 3s
[MD5.CA3BF0F15BA4F24D511BFEE725CC89BD] - 20/06/2017 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [4847424] =>.Microsoft Windows®
[MD5.ECB702B8C5650381C0784F1EEABB97BC] - 19/03/2017 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [68608] =>.Microsoft Corporation
[MD5.B2DB5876B6F68D32E470F691C7088F3F] - 07/07/2017 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [318232] =>.Microsoft Windows Publisher®
[MD5.BC776B6B434641AF71ED0CC00BC859AA] - 07/07/2017 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [3307008] =>.Microsoft Corporation
[MD5.31E3287EF6D97C5864A301CEA75BBBA1] - 07/07/2017 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [706560] =>.Microsoft Corporation
[MD5.50CDF68A8EA8A2A9165CD573FA6C42D8] - 19/03/2017 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [414208] =>.Microsoft Corporation
[MD5.0F9FA6A2D4EAE50393DCE473759A9845] - 19/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [661224] =>.Microsoft Windows®
[MD5.3F969D5ADEAB3284ABD500B37D74A8F8] - 19/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [508344] =>.Microsoft Windows®
[MD5.AC1928C2F7505BD556C552F153B062AB] - 19/03/2017 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [610712] =>.Microsoft Windows®
[MD5.01733BEEE02E51F712330D5909BD701C] - 19/03/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [29088] =>.Microsoft Windows®
[MD5.B6E5AD7C83A5254DEE9D86023C0E5A81] - 19/03/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [93184] =>.Microsoft Corporation
[MD5.ABE77AD954BC3D72F559CF0C381E50BC] - 19/03/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [160256] =>.Microsoft Corporation
[MD5.185A4519B7764F4DEF714D890A7A9FD2] - 19/03/2017 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [150528] =>.Microsoft Corporation
[MD5.02B9639D9997E95CDF2F4C4F3BDCC73D] - 20/06/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [86528] =>.Microsoft Corporation
[MD5.C6C8315E3262FAE460529C6DA2951682] - 19/03/2017 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [115200] =>.Microsoft Corporation
[MD5.DCC05E5EAA580C97F13B434FAFACED85] - 19/03/2017 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [214528] =>.Microsoft Corporation
[MD5.F2AD1B72C5A6475FB5FF332E1980DF88] - 19/03/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [467352] =>.Microsoft Windows®
[MD5.30C2F67EC84EB11B22011620107E0325] - 19/03/2017 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [305152] =>.Microsoft Corporation
[MD5.8D72D5038C5F91AFEF1B160FE524C2D9] - 20/06/2017 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2327456] =>.Microsoft Windows®
[MD5.2CC6C325B271C7CA60F374F8F868CB45] - 19/03/2017 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [97792] =>.Microsoft Corporation
[MD5.5279EC98F6218D29EADDFECCC0D80E9A] - 19/03/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [107008] =>.Microsoft Corporation
[MD5.53A01D3FDB701AC5D9DDE4140227E3D9] - 19/03/2017 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [183296] =>.Microsoft Corporation
[MD5.892AB2637603A5E9507C39E61101C3C3] - 03/06/2017 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [119712] =>.Microsoft Windows®
[MD5.E3429DBBEA3965BB96E24B16EF4A2551] - 19/03/2017 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [397216] =>.Microsoft Windows®
---\\ Non Microsoft non disabled Windows Services (12) - 3s
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\WINDOWS\system32\atiesrxx.exe =>.AMD
O23 - Service: C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) . (.Conexant Systems Inc. - Conexant Audio Message Service.) - C:\WINDOWS\system32\CxAudMsg64.exe =>.Conexant Systems Inc.
O23 - Service: Elan Service (ETDService) . (.ELAN Microelectronics Corp. - Elan Service.) - C:\Program Files\Elantech\ETDService.exe =>.ELAN Microelectronics Corporation®
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\WINDOWS\system32\igfxCUIService.exe =>.Intel Corporation
O23 - Service: System Interface Foundation Service (ImControllerService) . (.Lenovo Group Limited - Lenovo.Modern.ImController.) - C:\Program Files\lenovo\ImController\Service\Lenovo.Modern.ImController.exe =>.Lenovo®
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware®
O23 - Service: Conexant SmartAudio service (SAService) . (...) - C:\Windows\System32\SASrv.exe (.not file.)
O23 - Service: Sandboxie Service (SbieSvc) . (.Sandboxie Holdings, LLC - Sandboxie Service.) - d:\Program Files\Sandboxie\SbieSvc.exe =>.Invincea, Inc.®
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
O23 - Service: Power Control [2014/08/18 01:23:32] ({C5F942FD-1110-4664-86CE-0C6BDA305235}) . (.CyberLink Corp. - .) - C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl =>.CyberLink Corp.®
---\\ Services not Microsoft (SR=Run, SS=Stop) (20) - 35s
SS - Demand [11/07/2017] [ 272384] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [04/05/2017] [ 551832] (AMD External Events Utility) . (.AMD.) - C:\WINDOWS\system32\atiesrxx.exe =>.Advanced Micro Devices, Inc.®
SS - Demand [12/06/2017] [ 301496] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel(R) pGFX®
SR - Auto [25/07/2013] [ 206552] C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) . (.Conexant Systems Inc..) - C:\WINDOWS\system32\CxAudMsg64.exe =>.Conexant Systems, Inc.®
SR - Auto [24/08/2015] [ 135072] Elan Service (ETDService) . (.ELAN Microelectronics Corp..) - C:\Program Files\Elantech\ETDService.exe =>.ELAN Microelectronics Corporation®
SS - Demand [27/02/2016] [ 1045256] FLEXnet Licensing Service (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe =>.Acresso Software Inc.®
SS - Auto [03/10/2015] [ 144200] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [03/10/2015] [ 144200] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SR - Auto [12/06/2017] [ 373688] Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation.) - C:\WINDOWS\system32\igfxCUIService.exe =>.Intel(R) pGFX®
SR - Auto [05/06/2017] [ 57160] System Interface Foundation Service (ImControllerService) . (.Lenovo Group Limited.) - C:\Program Files\lenovo\ImController\Service\Lenovo.Modern.ImController.exe =>.Lenovo®
SR - Auto [27/08/2013] [ 747520] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation
SS - Demand [27/08/2013] [ 828376] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel® Trusted Connect Service®
SR - Auto [17/09/2013] [ 169432] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware®
SS - Demand [17/09/2013] [ 169432] Malwarebytes Service (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SS - Demand [17/09/2013] [ 169432] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SS - Disabl [17/09/2013] [ 169432] RosettaStoneDaemon (RosettaStoneDaemon) . (.Rosetta Stone Ltd..) - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe =>.Rosetta Stone Ltd®
SR - Auto [17/09/2013] [ 169432] Sandboxie Service (SbieSvc) . (.Sandboxie Holdings, LLC.) - d:\Program Files\Sandboxie\SbieSvc.exe =>.Invincea, Inc.®
SS - Auto [17/09/2013] [ 169432] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SS - Demand [17/09/2013] [ 169432] SwitchBoard (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe =>.Adobe Systems Incorporated
SS - Auto [17/09/2013] [ 169432] Power Control [2014/08/18 01:23:32] ({C5F942FD-1110-4664-86CE-0C6BDA305235}) . (.CyberLink Corp..) - C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl =>.CyberLink Corp.®
---\\ Task Planned Automatically (19) - 17s
[MD5.68DDCB629A7F2C5A3D2392F8177A3CD0] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [7658200] (.Activate.) =>.Piriform Ltd®
[MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc®
[MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc®
[MD5.8E65EBE8511CD0757BBB17C7670F6563] [APT] [Tweaking.com - Windows Repair Tray Icon] (.Tweaking.com.) -- C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [218336] (.Activate.) =>.Tweaking LLC®
[MD5.8FE11A6B735F7C904E1DC0EF7EA79B78] [APT] [{1E6113B1-6320-42D6-98F3-9B2BBA5E0C28}] (.Mozilla Corporation.) -- d:\program files (x86)\mozilla firefox\firefox.exe [392136] (.Activate.) =>.Mozilla Corporation®
[MD5.8A268094274301F2673D0D656BF763E5] [APT] [Lenovo\ImController\TimeBasedEvents\06484341-7f04-42cc-ab7a-e55cbeb6bc9f] (.Lenovo Group Limited.) -- C:\Program Files\lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160] (.Activate.) =>.Lenovo®
[MD5.8A268094274301F2673D0D656BF763E5] [APT] [Lenovo\ImController\TimeBasedEvents\08483c54-0d53-407b-96a4-579aa11dfc78] (.Lenovo Group Limited.) -- C:\Program Files\lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160] (.Activate.) =>.Lenovo®
[MD5.8A268094274301F2673D0D656BF763E5] [APT] [Lenovo\ImController\TimeBasedEvents\110323a4-c849-4dae-9628-a720238a215e] (.Lenovo Group Limited.) -- C:\Program Files\lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160] (.Activate.) =>.Lenovo®
[MD5.8A268094274301F2673D0D656BF763E5] [APT] [Lenovo\ImController\TimeBasedEvents\5115b37c-ad53-4808-937c-4d8f4eedbddb] (.Lenovo Group Limited.) -- C:\Program Files\lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160] (.Activate.) =>.Lenovo®
O39 - APT: Unknown - (.Legitimate.) -- C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job [214]
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\WINDOWS\System32\Tasks\CCleanerSkipUAC [2846] =>.Piriform Ltd®
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3120] =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3344] =>.Google Inc®
O39 - APT: Unknown - (...) -- C:\WINDOWS\System32\Tasks\shutdown [2478]
O39 - APT: Tweaking.com - Windows Repair Tray Icon - (.Tweaking.com.) -- C:\WINDOWS\System32\Tasks\Tweaking.com - Windows Repair Tray Icon [3758] =>.Tweaking LLC®
O39 - APT: {1E6113B1-6320-42D6-98F3-9B2BBA5E0C28} - (.Mozilla Corporation.) -- C:\WINDOWS\System32\Tasks\{1E6113B1-6320-42D6-98F3-9B2BBA5E0C28} [2240] =>.Mozilla Corporation®
HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Nero
HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\shutdown
HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Tweaking.com - Windows Repair Tray Icon
---\\ Auto loading programs from Registry and folders (9) - 1s
O4 - HKLM\..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Defender notification icon.) -- C:\Program Files\Windows Defender\MSASCuiL.exe =>.Microsoft Windows®
O4 - HKLM\..\Run: [cAudioFilterAgent] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe =>.Conexant Systems, Inc.®
O4 - HKLM\..\Run: [SmartAudio] . (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) -- C:\Program Files\CONEXANT\SAII\SACpl.exe =>.Conexant Systems, Inc.®
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated®
O4 - HKCU\..\Run: [SandboxieControl] . (.Sandboxie Holdings, LLC - Sandboxie Control.) -- d:\Program Files\Sandboxie\SbieCtrl.exe =>.Invincea, Inc.®
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - HKLM\..\Wow6432Node\Run: [KeyScrambler] . (.QFX Software Corporation - KeyScrambler.) -- d:\Program Files (x86)\KeyScrambler\keyscrambler.exe =>.QFX Software Corporation®
O4 - HKUS\S-1-5-21-900945925-988278395-3478122750-1001\..\Run: [SandboxieControl] . (.Sandboxie Holdings, LLC - Sandboxie Control.) -- d:\Program Files\Sandboxie\SbieCtrl.exe =>.Invincea, Inc.®
O4 - HKUS\S-1-5-21-900945925-988278395-3478122750-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.
---\\ Process running (24) - 4s
[MD5.00000000000000000000000000000000] - (.Intel Corporation - igfxCUIService Module.) -- C:\WINDOWS\system32\igfxCUIService.exe [0] [PID.1744] =>.Intel Corporation
[MD5.00000000000000000000000000000000] - (.AMD - AMD External Events Service Module.) -- C:\WINDOWS\system32\atiesrxx.exe [0] [PID.1936] =>.AMD
[MD5.00000000000000000000000000000000] - (.AMD - AMD External Events Client Module.) -- C:\WINDOWS\system32\atieclxx.exe [0] [PID.2168] =>.AMD
[MD5.F17F3D35E94CFB0D7B85BAE2B1DD3A9E] - (.Sandboxie Holdings, LLC - Sandboxie Service.) -- d:\Program Files\Sandboxie\SbieSvc.exe [198792] [PID.2552] =>.Invincea, Inc.®
[MD5.00000000000000000000000000000000] - (.Conexant Systems Inc. - Conexant Audio Message Service.) -- C:\WINDOWS\system32\CxAudMsg64.exe [0] [PID.3576] =>.Conexant Systems Inc.
[MD5.2C101AA0A186C079C4044F1FD0D1E5E5] - (.ELAN Microelectronics Corp. - Elan Service.) -- C:\Program Files\Elantech\ETDService.exe [135072] [PID.3632] =>.ELAN Microelectronics Corporation®
[MD5.8A268094274301F2673D0D656BF763E5] - (.Lenovo Group Limited - Lenovo.Modern.ImController.) -- C:\Program Files\lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160] [PID.3640] =>.Lenovo®
[MD5.DAE6C3099D291EED8922A65C29ABCF52] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520] [PID.3696] =>.Intel(R) Corporation
[MD5.FA732C734521F9B74149272636D1D4EA] - (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe [3743648] [PID.532] =>.ELAN Microelectronics Corporation®
[MD5.AF5DB228216629E05A5EB3A20BEF2693] - (.ELAN Microelectronics Corp. - ETD Control Center Helper.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe [2654624] [PID.6528] =>.ELAN Microelectronics Corporation®
[MD5.3A9F29C46129C094B5FA09BBD42AFFB0] - (.ELAN Microelectronics Corp. - ETDIntelligent.) -- C:\Program Files\Elantech\ETDIntelligent.exe [2267552] [PID.6560] =>.ELAN Microelectronics Corporation®
[MD5.00000000000000000000000000000000] - (.Intel Corporation - igfxEM Module.) -- C:\WINDOWS\system32\igfxEM.exe [0] [PID.6864] =>.Intel Corporation
[MD5.00000000000000000000000000000000] - (.Intel Corporation - igfxHK Module.) -- C:\WINDOWS\system32\igfxHK.exe [0] [PID.6892] =>.Intel Corporation
[MD5.FFBFE1175531CD582D89796835CBB598] - (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe [935104] [PID.7192] =>.Conexant Systems, Inc.®
[MD5.3B292B4214F7CCB2076262CA0D235B70] - (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files (x86)\Internet Download Manager\IDMan.exe [4001848] [PID.7340] =>.Tonec Inc.
[MD5.21C640C0579CCE82AD8EB14FF28C0DD8] - (.QFX Software Corporation - KeyScrambler.) -- D:\Program Files (x86)\KeyScrambler\KeyScrambler.exe [509216] [PID.7572] =>.QFX Software Corporation®
[MD5.B289C20C10B241F6016FECD92B267098] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- D:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [275512] [PID.7660] =>.Tonec Inc.®
[MD5.26FBEC366638A0162F442D26CC51B026] - (.QFX Software Corporation - KeyScrambler.) -- D:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe [563488] [PID.7728] =>.QFX Software Corporation®
[MD5.52069AEB42D3D0F97CBCA1085EBF55E6] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.8012] =>.Intel Corporation - Intel® Management Engine Firmware®
[MD5.8E65EBE8511CD0757BBB17C7670F6563] - (.Tweaking.com - Tweaking.com - Windows Repair Tray Icon.) -- C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [218336] [PID.6344] =>.Tweaking LLC®
[MD5.C9E3BD3977709EF215AD82AE5A838EF1] - (.Lenovo Group Limited - Lenovo.Modern.ImController.PluginHost.) -- C:\Program Files\lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe [36680] [PID.7484] =>.Lenovo®
[MD5.C9E3BD3977709EF215AD82AE5A838EF1] - (.Lenovo Group Limited - Lenovo.Modern.ImController.PluginHost.) -- C:\Program Files\lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe [36680] [PID.8008] =>.Lenovo®
[MD5.797F95CDD6C99A10CAFDC959F3CF1212] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\USER\AppData\Roaming\ZHP\ZHPDiag3.exe [2806656] [PID.8480] =>.Nicolas Coolman
[MD5.C9E3BD3977709EF215AD82AE5A838EF1] - (.Lenovo Group Limited - Lenovo.Modern.ImController.PluginHost.) -- C:\Program Files\lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe [36680] [PID.1072] =>.Lenovo®
---\\ Google Chrome, Start,Search,Extensions (12) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage]
http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage]
http://www.google.com.np =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf]
http://drive.google.com/ =>.Google Inc. {Drive}
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo]
http://www.youtube.com =>.Youtube {Youtube}
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf]
http://www.google.com/ =>.Google Inc. {Hidden Chrome extensions}
G2 - GCE: Preference [User Data\Default] [kgejglhpjiefppelpmljglcjbhoiplfn]
G2 - GCE: Preference [User Data\Default] [kkmlkkjojmombglmlpbpapmhcaljjkde] Zhongwen Chinese Popup Dictionary
G2 - GCE: Preference [User Data\Default] [mdkfiefeoimmobmhdimachkfcpkgahlc]
G2 - GCE: Preference [User Data\Default] [melfcogdhodeocnkdiplgdpkllopbhan]
http://ttsreader.com/
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia]
http://mail.google.com/ =>.Google Inc. {Gmail}
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (13) - 7s
P2 - EXT FILE: (.Activate Reader View - The Reader View is a feature that stri.) -- C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\z94n8t79.default\extensions\@activatereaderview.xpi
P2 - EXT FILE: (.
http://coolrom.com/contact.php - Coolrom Search Engine.) -- C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\z94n8t79.default\extensions\{0fc22c4c-93ed-48ea-ad12-dc8039cf3795}.xpi
P2 - EXT FILE: (.Adblock Plus - Ads were yesterday!.) -- C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\z94n8t79.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT: (.Mozilla & Android Open Source Project - ADB Helper.) -- C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\z94n8t79.default\extensions\adbhelper@mozilla.org =>.Mozilla & Android Open Source Project
P2 - EXT: (.Justin Kovalchuk - Perapera Chinese.) -- C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\z94n8t79.default\extensions\chineseperakun@gmail.com =>.Justin Kovalchuk
P2 - EXT: (.Internet Download Manager, Tonec Inc. - IDM integration.) -- C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\z94n8t79.default\extensions\mozilla_cc2@internetdownloadmanager.com =>.Internet Download Manager, Tonec Inc.
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll =>.Adobe Systems Incorporated
P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc..) -- C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll =>.Google, Inc.
---\\ Internet Explorer Extensions, Start, Search (19) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com =>.Google Inc.
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://search.msn.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKEY_USERS\S-1-5-21-900945925-988278395-3478122750-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://search.msn.com/ =>.Microsoft Corporation
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (6) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=
---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (24)
---\\ Browser Helper Object (BHO) (2) - 1s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- d:\Program Files (x86)\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.®
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL =>.Microsoft Corporation®
---\\ Global shortcuts Startup (131) - 12s
O4 - GS\Desktop [Administrator]: Anki.lnk . (...) D:\Program Files (x86)\Anki\anki.exe
O4 - GS\Desktop [Administrator]: Basic Patterns of Chinese Grammar_ A Student's Guide - Qin Xue Herzberg - Shortcut.lnk . (...) D:\Downloads\Basic Patterns of Chinese Grammar by Qin Xue Herzberg\Basic Patterns of Chinese Grammar_ A Student's Guide - Qin Xue Herzberg.pdf
O4 - GS\Desktop [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\Desktop [Administrator]: HTTrack Website Copier.lnk . (.HTTrack - WinHTTrack Website Copier, Copy Websites to.) D:\Program Files\WinHTTrack\WinHTTrack.exe =>.Open Source Developer, Xavier Roche®
O4 - GS\Desktop [Administrator]: JDownloader 2.lnk . (.AppWork GmbH - JDownloader 2 Launcher.) D:\Program Files (x86)\jdownloader 2\JDownloader v2.0\JDownloader2.exe =>.Appwork GmbH®
O4 - GS\Desktop [Administrator]: Journal - Shortcut.lnk . (...) D:\documents\Journal
O4 - GS\Desktop [Administrator]: Modern Mandarin Chinese Grammar A Practical Guide - Shortcut.lnk . (...) D:\Downloads\Chinese Language Learning Pack\05.Grammar, Workbooks, Usage\Modern Mandarin Chinese Grammar A Practical Guide.pdf
O4 - GS\Desktop [Administrator]: mp3DirectCut.lnk . (.Martin Pesch - mp3DirectCut - Direct MP3 editor and record.) D:\Program Files (x86)\mp3DirectCut\mp3DirectCut.exe =>.Martin Pesch
O4 - GS\Desktop [Administrator]: PeerBlock.lnk . (.PeerBlock, LLC - PeerBlock.) D:\Program Files\PeerBlock\peerblock.exe =>.PeerBlock, LLC®
O4 - GS\Desktop [Administrator]: procexp64 - Shortcut.lnk . (.Sysinternals -
www.sysinternals.com - Sysinternals Process Explorer.) D:\softwares\procexp64.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Administrator]: Sandboxed Web Browser.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) D:\Program Files\Sandboxie\Start.exe default_browser =>.Invincea, Inc.®
O4 - GS\Desktop [Administrator]: Subtitle Edit.lnk . (.Nikse - Subtitle Edit.) C:\Program Files\Subtitle Edit\SubtitleEdit.exe =>.Nikse
O4 - GS\Desktop [Administrator]: The Secrets Kyusho - Pressure Point Fighting (2012) - Shortcut.lnk . (...) D:\Downloads\The Secrets Kyusho - Pressure Point Fighting (2012).pdf
O4 - GS\Desktop [Administrator]: Tweaking.com - Windows Repair.lnk . (.Tweaking.com - Tweaking.com - Windows Repair.) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Repair_Windows.exe =>.Tweaking LLC®
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\USER\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: JDownloader 2.lnk . (.AppWork GmbH - JDownloader 2 Launcher.) D:\Program Files (x86)\jdownloader 2\JDownloader v2.0\JDownloader2.exe =>.Appwork GmbH®
O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Administrator]: Sandboxed Web Browser.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) D:\Program Files\Sandboxie\Start.exe default_browser =>.Invincea, Inc.®
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Administrator]: Sandboxie - DefaultBox.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) D:\Program Files\Sandboxie\Start.exe /box
efaultBox =>.Invincea, Inc.®
O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\TaskBar [Administrator]: MetaTrader (2).lnk . (.MetaQuotes Software Corp. - MetaTrader.) D:\Program Files (x86)\MetaTrader - EXNESS\terminal.exe {00A74246F26ADF987743017FED54891570} =>.MetaQuotes Software Corp.
O4 - GS\TaskBar [Administrator]: MetaTrader.lnk . (.MetaQuotes Software Corp. - MetaTrader.) D:\Program Files (x86)\InstaTrader\terminal.exe {00A74246F26ADF987743017FED54891570} =>.MetaQuotes Software Corp.
O4 - GS\TaskBar [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) D:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Administrator]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Programs [Administrator]: AMD Radeon Settings.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\CNext\CNext\RadeonSettings.exe =>.Advanced Micro Devices, Inc.
O4 - GS\Programs [Administrator]: Anki.lnk . (...) D:\Program Files (x86)\Anki\anki.exe
O4 - GS\Programs [Administrator]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Desktop [Guest]: Anki.lnk . (...) D:\Program Files (x86)\Anki\anki.exe
O4 - GS\Desktop [Guest]: Basic Patterns of Chinese Grammar_ A Student's Guide - Qin Xue Herzberg - Shortcut.lnk . (...) D:\Downloads\Basic Patterns of Chinese Grammar by Qin Xue Herzberg\Basic Patterns of Chinese Grammar_ A Student's Guide - Qin Xue Herzberg.pdf
O4 - GS\Desktop [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\Desktop [Guest]: HTTrack Website Copier.lnk . (.HTTrack - WinHTTrack Website Copier, Copy Websites to.) D:\Program Files\WinHTTrack\WinHTTrack.exe =>.Open Source Developer, Xavier Roche®
O4 - GS\Desktop [Guest]: JDownloader 2.lnk . (.AppWork GmbH - JDownloader 2 Launcher.) D:\Program Files (x86)\jdownloader 2\JDownloader v2.0\JDownloader2.exe =>.Appwork GmbH®
O4 - GS\Desktop [Guest]: Journal - Shortcut.lnk . (...) D:\documents\Journal
O4 - GS\Desktop [Guest]: Modern Mandarin Chinese Grammar A Practical Guide - Shortcut.lnk . (...) D:\Downloads\Chinese Language Learning Pack\05.Grammar, Workbooks, Usage\Modern Mandarin Chinese Grammar A Practical Guide.pdf
O4 - GS\Desktop [Guest]: mp3DirectCut.lnk . (.Martin Pesch - mp3DirectCut - Direct MP3 editor and record.) D:\Program Files (x86)\mp3DirectCut\mp3DirectCut.exe =>.Martin Pesch
O4 - GS\Desktop [Guest]: PeerBlock.lnk . (.PeerBlock, LLC - PeerBlock.) D:\Program Files\PeerBlock\peerblock.exe =>.PeerBlock, LLC®
O4 - GS\Desktop [Guest]: procexp64 - Shortcut.lnk . (.Sysinternals -
www.sysinternals.com - Sysinternals Process Explorer.) D:\softwares\procexp64.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Guest]: Sandboxed Web Browser.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) D:\Program Files\Sandboxie\Start.exe default_browser =>.Invincea, Inc.®
O4 - GS\Desktop [Guest]: Subtitle Edit.lnk . (.Nikse - Subtitle Edit.) C:\Program Files\Subtitle Edit\SubtitleEdit.exe =>.Nikse
O4 - GS\Desktop [Guest]: The Secrets Kyusho - Pressure Point Fighting (2012) - Shortcut.lnk . (...) D:\Downloads\The Secrets Kyusho - Pressure Point Fighting (2012).pdf
O4 - GS\Desktop [Guest]: Tweaking.com - Windows Repair.lnk . (.Tweaking.com - Tweaking.com - Windows Repair.) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Repair_Windows.exe =>.Tweaking LLC®
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\USER\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: JDownloader 2.lnk . (.AppWork GmbH - JDownloader 2 Launcher.) D:\Program Files (x86)\jdownloader 2\JDownloader v2.0\JDownloader2.exe =>.Appwork GmbH®
O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Guest]: Sandboxed Web Browser.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) D:\Program Files\Sandboxie\Start.exe default_browser =>.Invincea, Inc.®
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Guest]: Sandboxie - DefaultBox.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) D:\Program Files\Sandboxie\Start.exe /box
efaultBox =>.Invincea, Inc.®
O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\TaskBar [Guest]: MetaTrader (2).lnk . (.MetaQuotes Software Corp. - MetaTrader.) D:\Program Files (x86)\MetaTrader - EXNESS\terminal.exe {00A74246F26ADF987743017FED54891570} =>.MetaQuotes Software Corp.
O4 - GS\TaskBar [Guest]: MetaTrader.lnk . (.MetaQuotes Software Corp. - MetaTrader.) D:\Program Files (x86)\InstaTrader\terminal.exe {00A74246F26ADF987743017FED54891570} =>.MetaQuotes Software Corp.
O4 - GS\TaskBar [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) D:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Guest]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Programs [Guest]: AMD Radeon Settings.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\CNext\CNext\RadeonSettings.exe =>.Advanced Micro Devices, Inc.
O4 - GS\Programs [Guest]: Anki.lnk . (...) D:\Program Files (x86)\Anki\anki.exe
O4 - GS\Programs [Guest]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Desktop [Max]: Anki.lnk . (...) D:\Program Files (x86)\Anki\anki.exe
O4 - GS\Desktop [Max]: Basic Patterns of Chinese Grammar_ A Student's Guide - Qin Xue Herzberg - Shortcut.lnk . (...) D:\Downloads\Basic Patterns of Chinese Grammar by Qin Xue Herzberg\Basic Patterns of Chinese Grammar_ A Student's Guide - Qin Xue Herzberg.pdf
O4 - GS\Desktop [Max]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\Desktop [Max]: HTTrack Website Copier.lnk . (.HTTrack - WinHTTrack Website Copier, Copy Websites to.) D:\Program Files\WinHTTrack\WinHTTrack.exe =>.Open Source Developer, Xavier Roche®
O4 - GS\Desktop [Max]: JDownloader 2.lnk . (.AppWork GmbH - JDownloader 2 Launcher.) D:\Program Files (x86)\jdownloader 2\JDownloader v2.0\JDownloader2.exe =>.Appwork GmbH®
O4 - GS\Desktop [Max]: Journal - Shortcut.lnk . (...) D:\documents\Journal
O4 - GS\Desktop [Max]: Modern Mandarin Chinese Grammar A Practical Guide - Shortcut.lnk . (...) D:\Downloads\Chinese Language Learning Pack\05.Grammar, Workbooks, Usage\Modern Mandarin Chinese Grammar A Practical Guide.pdf
O4 - GS\Desktop [Max]: mp3DirectCut.lnk . (.Martin Pesch - mp3DirectCut - Direct MP3 editor and record.) D:\Program Files (x86)\mp3DirectCut\mp3DirectCut.exe =>.Martin Pesch
O4 - GS\Desktop [Max]: PeerBlock.lnk . (.PeerBlock, LLC - PeerBlock.) D:\Program Files\PeerBlock\peerblock.exe =>.PeerBlock, LLC®
O4 - GS\Desktop [Max]: procexp64 - Shortcut.lnk . (.Sysinternals -
www.sysinternals.com - Sysinternals Process Explorer.) D:\softwares\procexp64.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Max]: Sandboxed Web Browser.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) D:\Program Files\Sandboxie\Start.exe default_browser =>.Invincea, Inc.®
O4 - GS\Desktop [Max]: Subtitle Edit.lnk . (.Nikse - Subtitle Edit.) C:\Program Files\Subtitle Edit\SubtitleEdit.exe =>.Nikse
O4 - GS\Desktop [Max]: The Secrets Kyusho - Pressure Point Fighting (2012) - Shortcut.lnk . (...) D:\Downloads\The Secrets Kyusho - Pressure Point Fighting (2012).pdf
O4 - GS\Desktop [Max]: Tweaking.com - Windows Repair.lnk . (.Tweaking.com - Tweaking.com - Windows Repair.) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Repair_Windows.exe =>.Tweaking LLC®
O4 - GS\Desktop [Max]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\USER\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Max]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Max]: JDownloader 2.lnk . (.AppWork GmbH - JDownloader 2 Launcher.) D:\Program Files (x86)\jdownloader 2\JDownloader v2.0\JDownloader2.exe =>.Appwork GmbH®
O4 - GS\Quicklaunch [Max]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Max]: Sandboxed Web Browser.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) D:\Program Files\Sandboxie\Start.exe default_browser =>.Invincea, Inc.®
O4 - GS\sendTo [Max]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Max]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Max]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Max]: Sandboxie - DefaultBox.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) D:\Program Files\Sandboxie\Start.exe /box
efaultBox =>.Invincea, Inc.®
O4 - GS\sendTo [Max]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\TaskBar [Max]: MetaTrader (2).lnk . (.MetaQuotes Software Corp. - MetaTrader.) D:\Program Files (x86)\MetaTrader - EXNESS\terminal.exe {00A74246F26ADF987743017FED54891570} =>.MetaQuotes Software Corp.
O4 - GS\TaskBar [Max]: MetaTrader.lnk . (.MetaQuotes Software Corp. - MetaTrader.) D:\Program Files (x86)\InstaTrader\terminal.exe {00A74246F26ADF987743017FED54891570} =>.MetaQuotes Software Corp.
O4 - GS\TaskBar [Max]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) D:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Max]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Max]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Programs [Max]: AMD Radeon Settings.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\CNext\CNext\RadeonSettings.exe =>.Advanced Micro Devices, Inc.
O4 - GS\Programs [Max]: Anki.lnk . (...) D:\Program Files (x86)\Anki\anki.exe
O4 - GS\Programs [Max]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\CommonDesktop [Public]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) D:\Program Files (x86)\Audacity\audacity.exe =>.James Crook®
O4 - GS\CommonDesktop [Public]: calibre - E-book management.lnk . (...) D:\Program Files (x86)\Calibre2\calibre.exe
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: CyberLink PowerDVD 14.lnk . (.CyberLink Corp. - CyberLink PowerDVD14.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVDLP.exe =>.CyberLink Corp.®
O4 - GS\CommonDesktop [Public]: DCXTrader.lnk . (...) D:\Program Files (x86)\Ese Software\DCX Trader\DCXTrader.exe
O4 - GS\CommonDesktop [Public]: Malwarebytes.lnk . (.Malwarebytes - Malwarebytes.) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: MetaTrader - EXNESS.lnk . (.MetaQuotes Software Corp. - MetaTrader.) D:\Program Files (x86)\MetaTrader - EXNESS\terminal.exe {00A74246F26ADF987743017FED54891570} =>.MetaQuotes Software Corp.
O4 - GS\CommonDesktop [Public]: Network Recording Player.lnk . (.Cisco WebEx LLC - NBR Player Execute Module.) D:\programdata\WebEx\WebEx\500\nbrplay.exe =>.Cisco WebEx LLC®
O4 - GS\CommonDesktop [Public]: PrimoPDF - Drop Files Here to Convert!.lnk . (.Nitro PDF - PrimoPDF.) C:\Program Files (x86)\Nitro PDF\PrimoPDF\PrimoPDF.exe =>.Nitro PDF Software®
O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe =>.Skype Technologies
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) D:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\CommonDesktop [Public]: Wise Data Recovery.lnk . (.WiseCleaner.com - Wise Data Recovery.) D:\Program Files (x86)\Wise\Wise Data Recovery\WiseDataRecovery.exe =>.Lespeed Technology Ltd.®
O4 - GS\Programs [Public]: AMD Radeon Settings.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\CNext\CNext\RadeonSettings.exe =>.Advanced Micro Devices, Inc.
O4 - GS\Programs [Public]: Anki.lnk . (...) D:\Program Files (x86)\Anki\anki.exe
O4 - GS\Programs [Public]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Steps Recorder.) C:\WINDOWS\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\WINDOWS\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) D:\Program Files (x86)\Audacity\audacity.exe =>.James Crook®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: MiracastView.lnk . (.Microsoft Corporation - MiracastView.) C:\WINDOWS\MiracastView\MiracastView.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\ProgramsCommon [Public]: PrintDialog.lnk . (.Microsoft Corporation - Print Dialog.) C:\WINDOWS\PrintDialog\PrintDialog.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
---\\ Lop.com/Domain Hijackers (5) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{01068155-a52c-4740-b306-07578124303c}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{29e036c1-4265-4952-8012-f43a55ab4933}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{3ee4e1e4-47d5-4352-aec3-6f70569b12df}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6C362E6-31CF-4394-9851-E5D33DF654FC}: DhcpNameServer = 192.168.30.1 =>.Local IP Adress
---\\ Extra protocols (24) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL =>.Microsoft Corporation®
---\\ CLSID Tasks (Register) (1) - 3s
O40 - TASK: {BF728E4A-B1B4-406C-A6B2-1A4888A56396} - (...) -- C:\WINDOWS\system32\osppc.dll (.not file.) [0] (.Orphan.) =>.Superfluous.Orphan
---\\ Software installed (68) - 28s
O42 - Logiciel: 7-Zip 9.20 - (.Igor Pavlov.) [HKLM][64Bits] -- 7-Zip =>.Igor Pavlov
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {8C9AA2C1-D07A-48E8-9DD8-471A072947F4} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 26 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 26 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Anki - (.Damien Elmes.) [HKLM][64Bits] -- Anki =>.Damien Elmes
O42 - Logiciel: Audacity 2.1.3 - (.Audacity Team.) [HKLM][64Bits] -- Audacity®_is1 =>.Audacity Team
O42 - Logiciel: AutoHotkey 1.1.26.01 - (.Lexikos.) [HKLM][64Bits] -- AutoHotkey =>.Lexikos
O42 - Logiciel: Bulk Rename Utility 2.7.1.3 - (.TGRMN Software.) [HKLM][64Bits] -- Bulk Rename Utility_is1 =>.TGRMN Software
O42 - Logiciel: calibre - (.Kovid Goyal.) [HKLM][64Bits] -- {A253C2A7-FD66-43AA-9EA7-D30E5041F391} =>.Kovid Goyal
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA =>.Conexant Systems, Inc.®
O42 - Logiciel: DCX Trader 1.8.15 - (..) [HKLM][64Bits] -- DCX_Deploy_0
O42 - Logiciel: Dolby Digital Plus Home Theater - (.Dolby Laboratories Inc.) [HKLM][64Bits] -- {7E3D8FA1-6092-469A-955B-68FC4A2C67CA} =>.Dolby Laboratories Inc
O42 - Logiciel: Foxit Reader - (.Foxit Software Inc..) [HKLM][64Bits] -- Foxit Reader_is1 =>.Foxit Software Incorporated®
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: InstaTrader - (.MetaQuotes Software Corp..) [HKLM][64Bits] -- InstaTrader =>.MetaQuotes Software Corp.®
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel(R) pGFX®
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {B5E06417-A4AC-4225-B36E-7E34C91616E7} =>.Intel Corporation
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager =>.Tonec Inc.®
O42 - Logiciel: IP Camera Adapter - (.Pavel Khlebovich.) [HKLM][64Bits] -- {6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14} =>.Pavel Khlebovich
O42 - Logiciel: Java 8 Update 144 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F32180144F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: JDownloader 2 - (.AppWork GmbH.) [HKLM][64Bits] -- jdownloader2 =>.Appwork GmbH®
O42 - Logiciel: KeyScrambler - (.QFX Software Corporation.) [HKLM][64Bits] -- KeyScrambler =>.QFX Software Corporation
O42 - Logiciel: K-Lite Codec Pack 11.4.0 Basic - (.KLite Inc.) [HKLM][64Bits] -- KLiteCodecPack_is1 =>.KLite Inc
O42 - Logiciel: Lenovo EasyCamera - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Lenovo pointing device - (.ELAN Microelectronic Corp..) [HKLM][64Bits] -- Elantech =>.ELAN Microelectronics Corporation®
O42 - Logiciel: Lenovo System Interface Foundation Driver - (.Lenovo.) [HKLM][64Bits] -- {C2E5CA37-C862-4A69-AC6D-24F450A20C16} =>.Lenovo
O42 - Logiciel: Malwarebytes version 3.1.2.1733 - (.Malwarebytes.) [HKLM][64Bits] -- {35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1 =>.Malwarebytes Corporation®
O42 - Logiciel: MetaTrader - EXNESS - (.MetaQuotes Software Corp..) [HKLM][64Bits] -- MetaTrader - EXNESS =>.MetaQuotes Software Corp.®
O42 - Logiciel: Microsoft Excel 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- Office14.EXCEL =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Word 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- Office14.WORD =>.Microsoft Corporation®
O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2BFC7AA0-544C-4E3A-8796-67F3BE655BE9} =>.Microsoft Corporation
O42 - Logiciel: Mozilla Firefox 39.0 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0 (x86 en-US) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Firefox 47.0.1 (x86 en-US) - (.Mozilla.) [HKCU][64Bits] -- Mozilla Firefox 47.0.1 (x86 en-US) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Firefox 54.0.1 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 54.0.1 (x86 en-US) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: MusicBee 3.0 - (.Steven Mayall.) [HKLM][64Bits] -- MusicBee =>.Steven Mayall
O42 - Logiciel: Network Recording Player - (.Cisco WebEx LLC.) [HKLM][64Bits] -- {79417ECE-DA9D-49B3-B1C9-83AA3EAE6AE0} =>.Cisco WebEx LLC
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: OpenAL - (.Open Audio Library.) [HKLM][64Bits] -- OpenAL =>.Creative Labs Inc®
O42 - Logiciel: PeerBlock 1.2 (r693) - (.PeerBlock, LLC.) [HKLM][64Bits] -- {015C5B35-B678-451C-9AEE-821E8D69621C}_is1 =>.PeerBlock, LLC
O42 - Logiciel: PrimoPDF -- brought to you by Nitro PDF Software - (.Nitro PDF Software.) [HKLM][64Bits] -- PrimoPDF =>.Nitro PDF Software
O42 - Logiciel: PX Profile Update - (.AMD.) [HKLM][64Bits] -- {954CFDDE-AF07-2AF9-9600-706E798D42BA} =>.AMD
O42 - Logiciel: Raptr - (.Raptr, Inc.) [HKLM][64Bits] -- Raptr =>.Raptr, Inc
O42 - Logiciel: Rosetta Stone Language Training - (.Rosetta Stone, Ltd.) [HKLM][64Bits] -- {00384623-4937-4D7D-BDD9-23513D1C50AB}
O42 - Logiciel: Rosetta Stone Ltd Services - (.Rosetta Stone Ltd..) [HKLM][64Bits] -- {3165E4A6-D5DE-46B0-8597-D55E2B826B84} =>.Rosetta Stone Ltd.
O42 - Logiciel: Sandboxie 5.20 (64-bit) - (.Sandboxie Holdings, LLC.) [HKLM][64Bits] -- Sandboxie =>.Invincea, Inc.®
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B} =>.Microsoft Corporation
O42 - Logiciel: Skype™ 7.1 - (..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Subtitle Edit 3.4.6 - (.Nikse.) [HKLM][64Bits] -- SubtitleEdit_is1 =>.Nikse
O42 - Logiciel: Subtitle Edit 3.5.3 - (.Nikse.) [HKLM][64Bits] -- SubtitleEdit_is1 =>.Nikse
O42 - Logiciel: Tweaking.com - Windows Repair - (.Tweaking.com.) [HKLM][64Bits] -- Tweaking.com - Windows Repair =>.Tweaking.com
O42 - Logiciel: USB Vibration Joystick - (..) [HKLM][64Bits] -- {4999B2F1-3E74-409A-B8B5-E94448AA9EA6}
O42 - Logiciel: Virtual DJ Home - Atomix Productions - (.Atomix Production.) [HKLM][64Bits] -- Virtual DJ Home - Atomix Productions =>.Atomix Production
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Vulkan Run Time Libraries 1.0.3.1 - (.LunarG, Inc..) [HKLM][64Bits] -- VulkanRT1.0.3.1 =>.LunarG, Inc.
O42 - Logiciel: Vulkan Run Time Libraries 1.0.39.1 - (.LunarG, Inc..) [HKLM][64Bits] -- VulkanRT1.0.39.1 =>.LunarG, Inc.®
O42 - Logiciel: Windows 10 Update and Privacy Settings - (.Microsoft Corporation.) [HKLM][64Bits] -- {293F2009-0145-450B-B4AA-063D43FB368C} =>.Microsoft Corporation
O42 - Logiciel: Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) - (.Lenovo.) [HKLM][64Bits] -- 35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E =>.Lenovo (Beijing) Limited®
O42 - Logiciel: Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.28 - (.Lenovo.) [HKLM][64Bits] -- 6BCA401E9CBEED970D75F55FA5320F60D11984E9 =>.Lenovo (Beijing) Limited®
O42 - Logiciel: WinHTTrack Website Copier 3.48-22 (x64) - (.HTTrack.) [HKLM][64Bits] -- WinHTTrack Website Copier_is1 =>.Open Source Developer, Xavier Roche®
O42 - Logiciel: WinRAR 4.01 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH
O42 - Logiciel: WinRAR 5.40 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: Wise Data Recovery 3.82 - (.WiseCleaner.com, Inc..) [HKLM][64Bits] -- Wise Data Recovery_is1 =>.WiseCleaner.com, Inc.
---\\ HKCU & HKLM Software Keys (197) - 28s
HKLM\SOFTWARE\Wow6432Node\7-Zip =>.Igor Pavlov
HKLM\SOFTWARE\Wow6432Node\ACD Systems =>.ACD Systems
HKLM\SOFTWARE\Wow6432Node\Adobe =>.Adobe
HKLM\SOFTWARE\Wow6432Node\Anki =>.Damien Elmes
HKLM\SOFTWARE\Wow6432Node\Anvisoft =>.Anvisoft
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc. =>.Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\Wow6432Node\ATI =>.ATI
HKLM\SOFTWARE\Wow6432Node\ATI Technologies =>.ATI Technologies
HKLM\SOFTWARE\Wow6432Node\Belarc =>.Belarc
HKLM\SOFTWARE\Wow6432Node\calibre =>.Kovid Goyal
HKLM\SOFTWARE\Wow6432Node\CDDB =>.Cddb Software
HKLM\SOFTWARE\Wow6432Node\Conexant =>.Conexant
HKLM\SOFTWARE\Wow6432Node\CyberLink =>.CyberLink Corporation
HKLM\SOFTWARE\Wow6432Node\DigitalWave =>.DigitalWave Corporation
HKLM\SOFTWARE\Wow6432Node\DivXNetworks =>.DivXNetworks
HKLM\SOFTWARE\Wow6432Node\EA GAMES =>.EA Games
HKLM\SOFTWARE\Wow6432Node\Ese Software
HKLM\SOFTWARE\Wow6432Node\Eset =>.ESET
HKLM\SOFTWARE\Wow6432Node\FarStone =>.FarStone
HKLM\SOFTWARE\Wow6432Node\Foxit Software =>.Foxit Software
HKLM\SOFTWARE\Wow6432Node\Free YouTube Downloader =>.DawnArk, Inc
HKLM\SOFTWARE\Wow6432Node\GNU =>.GNU
HKLM\SOFTWARE\Wow6432Node\GOG.com =>.GOG.com
HKLM\SOFTWARE\Wow6432Node\Google =>.Google
HKLM\SOFTWARE\Wow6432Node\HaaliMkx =>.Haali Media
HKLM\SOFTWARE\Wow6432Node\HideAllIP
HKLM\SOFTWARE\Wow6432Node\HitmanPro =>.EIDOS hitman Game
HKLM\SOFTWARE\Wow6432Node\IM Providers =>.IM Providers
HKLM\SOFTWARE\Wow6432Node\InstallShield =>.InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel =>.Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager =>.Tonec Inc
HKLM\SOFTWARE\Wow6432Node\InterVideo =>.InterVideo
HKLM\SOFTWARE\Wow6432Node\iSkysoft =>.iSkysoft Software
HKLM\SOFTWARE\Wow6432Node\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\Wow6432Node\KLCodecPack =>.KLite Inc
HKLM\SOFTWARE\Wow6432Node\Lake =>.Lake Sofware
HKLM\SOFTWARE\Wow6432Node\LAV =>.LAV Inc
HKLM\SOFTWARE\Wow6432Node\Lenovo =>.Lenovo
HKLM\SOFTWARE\Wow6432Node\Macromedia =>.Macromedia
HKLM\SOFTWARE\Wow6432Node\Macrovision =>.Macrovision
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware =>.Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\MusicBee
HKLM\SOFTWARE\Wow6432Node\Nalpeiron =>.Nalpeiron
HKLM\SOFTWARE\Wow6432Node\Naver
HKLM\SOFTWARE\Wow6432Node\Nero =>.Ahead Corporation
HKLM\SOFTWARE\Wow6432Node\Nuance =>.Nuance
HKLM\SOFTWARE\Wow6432Node\Nullsoft =>.Nullsoft
HKLM\SOFTWARE\Wow6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Wow6432Node\Opera Software =>.Opera Software
HKLM\SOFTWARE\Wow6432Node\QFX Software =>.QFX Software
HKLM\SOFTWARE\Wow6432Node\QuickTimeLite
HKLM\SOFTWARE\Wow6432Node\R-TT =>.Unknown
HKLM\SOFTWARE\Wow6432Node\Raptr =>.Raptr
HKLM\SOFTWARE\Wow6432Node\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Riot Games =>.Riot Games
HKLM\SOFTWARE\Wow6432Node\RtWLan =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Skype =>.Skype
HKLM\SOFTWARE\Wow6432Node\SuppHelpDir =>.Toshiba Corporation
HKLM\SOFTWARE\Wow6432Node\TeamViewer =>.TeamViewer
HKLM\SOFTWARE\Wow6432Node\TrendMicro =>.TrendMicro
HKLM\SOFTWARE\Wow6432Node\Valve =>.Valve
HKLM\SOFTWARE\Wow6432Node\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\Wow6432Node\Vimicro Corporation =>.Vimicro Corporation
HKLM\SOFTWARE\Wow6432Node\VirtualDJ =>.Atomix Production
HKLM\SOFTWARE\Wow6432Node\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\Wow6432Node\WafCX =>.WafCX
HKLM\SOFTWARE\Wow6432Node\WebEx =>.Cisco Systems, Inc.
HKLM\SOFTWARE\Wow6432Node\WinRAR =>.WinRAR
HKLM\SOFTWARE\Wow6432Node\Wondershare =>.Wondershare
HKLM\SOFTWARE\Wow6432Node\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\4kdownload.com =>.4kdownload.com
HKCU\SOFTWARE\7-Zip =>.Igor Pavlov
HKCU\SOFTWARE\ACD Systems =>.ACD Systems
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\AMD =>.AMD
HKCU\SOFTWARE\AMPLITUDE Studios =>.Amplitude Studios
HKCU\SOFTWARE\Ankama =>.Ankama
HKCU\SOFTWARE\Aplicaciones generadas con el Asistente para aplicaciones local
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKCU\SOFTWARE\AppWork =>.Appwork GmbH
HKCU\SOFTWARE\ATI =>.ATI
HKCU\SOFTWARE\BlueStacks =>.BlueStack Systems, Inc.
HKCU\SOFTWARE\Boneloaf
HKCU\SOFTWARE\BugSplat =>.Bugsplat Game
HKCU\SOFTWARE\calibre =>.Kovid Goyal
HKCU\SOFTWARE\Chromium =>.Chromium
HKCU\SOFTWARE\cks =>.Legitimate
HKCU\SOFTWARE\ComfortSoftware =>.Comfort Software
HKCU\SOFTWARE\Conexant =>.Conexant
HKCU\SOFTWARE\Cyberlink =>.CyberLink Corporation
HKCU\SOFTWARE\Daedalic Entertainment GmbH =>.Daedalic Entertainment GmbH
HKCU\SOFTWARE\DAUM =>.DAUM
HKCU\SOFTWARE\DivXNetworks =>.DivXNetworks
HKCU\SOFTWARE\DownloadManager =>.DownloadManager
HKCU\SOFTWARE\ej-technologies =>.ej-technologies
HKCU\SOFTWARE\Elantech =>.Elantech Inc.
HKCU\SOFTWARE\EMU =>.Games Software
HKCU\SOFTWARE\epsxe =>.ePSXe
HKCU\SOFTWARE\ESET =>.ESET
HKCU\SOFTWARE\EXP
HKCU\SOFTWARE\Forex Software =>.REX Game Studios, LLC
HKCU\SOFTWARE\Foxit Software =>.Foxit Software
HKCU\SOFTWARE\FreeTime =>.FreeTime Inc
HKCU\SOFTWARE\FSCR Master
HKCU\SOFTWARE\Fugazo
HKCU\SOFTWARE\Gabest =>.Gabest
HKCU\SOFTWARE\Geek Uninstaller =>.Geek Uninstaller
HKCU\SOFTWARE\Genymobile =>.Genymobile
HKCU\SOFTWARE\GNU =>.GNU
HKCU\SOFTWARE\GOG.com =>.GOG.com
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\GreenTree Applications =>.Superfluous.GreenTreeApp
HKCU\SOFTWARE\Haali =>.Haali Media
HKCU\SOFTWARE\HideAllIP
HKCU\SOFTWARE\Icaros =>.Icaros
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\IP Webcam
HKCU\SOFTWARE\iSkysoft =>.iSkysoft Software
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\Katauri Interactive
HKCU\SOFTWARE\Kingsoft =>.Kingosoft Technology Ltd
HKCU\SOFTWARE\KoeiTecmo
HKCU\SOFTWARE\Lake =>.Lake Sofware
HKCU\SOFTWARE\Leapdroid =>.Leapdroid
HKCU\SOFTWARE\Lenovo =>.Lenovo
HKCU\SOFTWARE\Logitech =>.Logitech
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\madshi =>.madshi.net
HKCU\SOFTWARE\Magix =>.Magix
HKCU\SOFTWARE\Malwarebytes =>.Malwarebytes
HKCU\SOFTWARE\MediaInfo =>.Jérôme Martinez
HKCU\SOFTWARE\Memsource
HKCU\SOFTWARE\MetaQuotes Software =>.MetaQuotes Software
HKCU\SOFTWARE\MGS
HKCU\SOFTWARE\Microgaming
HKCU\SOFTWARE\Mirage =>.Mirage Game
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKCU\SOFTWARE\MPC-HC =>.MPC-HC Team
HKCU\SOFTWARE\Naver
HKCU\SOFTWARE\Nero =>.Ahead Corporation
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\Nitro =>.Nitro
HKCU\SOFTWARE\Obsidian Entertainment =>.Obsidian Entertainment
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\Opera Software =>.Opera Software
HKCU\SOFTWARE\OTELNP
HKCU\SOFTWARE\PCSX2
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\QFX Software =>.QFX Software
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\R-TT =>.Unknown
HKCU\SOFTWARE\RAD Game Tools =>.RAD Game Tools
HKCU\SOFTWARE\Raptr =>.Raptr
HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\RLZer
HKCU\SOFTWARE\SDR Free Ebook Converter
HKCU\SOFTWARE\SKS =>.SKS Software
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\SYNCJM =>.SYNCJM
HKCU\SOFTWARE\Sysinternals =>.Sysinternals
HKCU\SOFTWARE\SysProgs =>.SysProgs
HKCU\SOFTWARE\TeamViewer =>.TeamViewer
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\TGRMN Software =>.TGRMN Software
HKCU\SOFTWARE\The Creative Assembly =>.The Creative Assembly
HKCU\SOFTWARE\ThsDict.ini
HKCU\SOFTWARE\ThsDict.ini2
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\Unity =>.Unity
HKCU\SOFTWARE\Valve =>.Valve
HKCU\SOFTWARE\VirtualDJ =>.Atomix Production
HKCU\SOFTWARE\Vision Thing
HKCU\SOFTWARE\Webex =>.Cisco Systems, Inc.
HKCU\SOFTWARE\Winamp =>.Nullsoft Inc.
HKCU\SOFTWARE\WinHTTrack Website Copier =>.Xavier Roche
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\WsAudioDevice_383
HKCU\SOFTWARE\Yahoo =>.Yahoo! Inc.
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\Ó¦ÓóÌÐòÏòµ¼Éú³ÉµÄ±¾µØÓ¦ÓóÌÐò
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Yahoo =>.Yahoo! Inc.
---\\ Contents of the Common Files folders (384) - 42s
O43 - CFD: 18/08/2014 - [] D -- C:\Program Files\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 25/03/2015 - [] D -- C:\Program Files\Adware-Removal-Tool =>.Pawan Kumar®
O43 - CFD: 05/06/2017 - [] AD -- C:\Program Files\AMD =>.Advanced Micro Devices, Inc.®
O43 - CFD: 11/05/2015 - [] D -- C:\Program Files\ATI =>.ATI
O43 - CFD: 05/06/2017 - [] AD -- C:\Program Files\ATI Technologies =>.ATI Technologies
O43 - CFD: 03/08/2017 - [] D -- C:\Program Files\AutoHotkey =>.Chicony Multimedia
O43 - CFD: 26/06/2017 - [] AD -- C:\Program Files\CCleaner =>.Piriform Ltd
O43 - CFD: 04/06/2017 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\Program Files\CONEXANT =>.Conexant Systems, Inc.®
O43 - CFD: 07/12/2014 - [] D -- C:\Program Files\DIFX =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] AD -- C:\Program Files\Dolby Digital Plus =>.Dolby Laboratories Inc
O43 - CFD: 04/06/2017 - [] D -- C:\Program Files\Elantech =>.ELAN Microelectronics Corporation®
O43 - CFD: 04/06/2017 - [] D -- C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 25/10/2016 - [0] D -- C:\Program Files\Leapdroid =>.Leapdroid
O43 - CFD: 03/08/2017 - [] D -- C:\Program Files\lenovo =>.Lenovo
O43 - CFD: 01/06/2017 - [] D -- C:\Program Files\Malwarebytes =>.Malwarebytes
O43 - CFD: 09/11/2016 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 18/08/2014 - [] D -- C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 03/08/2017 - [] D -- C:\Program Files\Subtitle Edit =>.Nikse
O43 - CFD: 04/06/2017 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 31/05/2017 - [] AD -- C:\Program Files\UNP =>.Microsoft Corporation
O43 - CFD: 12/07/2017 - [] RD -- C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files\Windows Defender Advanced Threat Protection =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 12/07/2017 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files\Windows Security =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] SHD -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 08/08/2017 - [] HD -- C:\Program Files\WindowsApps =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 03/08/2017 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 10/08/2015 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 04/06/2017 - [] AD -- C:\Program Files (x86)\AMD =>.Advanced Micro Devices, Inc.®
O43 - CFD: 09/08/2015 - [] D -- C:\Program Files (x86)\AMD AVT =>.Advanced Micro Devices Inc
O43 - CFD: 09/08/2015 - [] AD -- C:\Program Files (x86)\ATI Technologies =>.ATI Technologies
O43 - CFD: 30/03/2015 - [0] D -- C:\Program Files (x86)\Belarc =>.Belarc, Inc.
O43 - CFD: 03/08/2017 - [] D -- C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 18/08/2014 - [] D -- C:\Program Files (x86)\Cooler_PC
O43 - CFD: 18/08/2014 - [] D -- C:\Program Files (x86)\CyberLink =>.CyberLink Corporation
O43 - CFD: 12/10/2016 - [] D -- C:\Program Files (x86)\FreeCodecPack =>.Free Codec Pack
O43 - CFD: 17/08/2014 - [] D -- C:\Program Files (x86)\FreeTime =>.FreeTime
O43 - CFD: 03/10/2015 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 03/08/2017 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield
O43 - CFD: 07/12/2014 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation
O43 - CFD: 26/06/2017 - [] D -- C:\Program Files (x86)\Internet Download Manager =>.Tonec Inc
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 03/08/2017 - [] D -- C:\Program Files (x86)\Java =>.Oracle
O43 - CFD: 17/08/2014 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 03/08/2017 - [] D -- C:\Program Files (x86)\Lenovo =>.Lenovo
O43 - CFD: 02/06/2016 - [0] D -- C:\Program Files (x86)\Microsoft =>.Microsoft Corporation
O43 - CFD: 09/11/2016 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services =>.Microsoft Corporation
O43 - CFD: 09/11/2016 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition =>.Microsoft Corporation
O43 - CFD: 09/11/2016 - [] D -- C:\Program Files (x86)\Microsoft Synchronization Services =>.Microsoft Corporation
O43 - CFD: 06/05/2015 - [] D -- C:\Program Files (x86)\Microsoft XNA =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 03/08/2017 - [] AD -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla
O43 - CFD: 03/08/2017 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
O43 - CFD: 17/08/2014 - [] D -- C:\Program Files (x86)\MSXML 4.0 =>.Microsoft Corporation
O43 - CFD: 09/04/2015 - [] D -- C:\Program Files (x86)\Nitro PDF =>.Nitro PDF Software®
O43 - CFD: 18/08/2014 - [] D -- C:\Program Files (x86)\NSIS Uninstall Information =>.MSIS
O43 - CFD: 06/02/2017 - [] D -- C:\Program Files (x86)\OpenAL =>.Open Audio Library
O43 - CFD: 17/02/2015 - [] D -- C:\Program Files (x86)\OTELNP
O43 - CFD: 17/08/2014 - [] D -- C:\Program Files (x86)\QT Lite
O43 - CFD: 17/08/2014 - [] D -- C:\Program Files (x86)\R-Studio =>.R-Tools Technology Inc.®
O43 - CFD: 22/06/2016 - [0] D -- C:\Program Files (x86)\Raptr =>.Raptr
O43 - CFD: 25/07/2016 - [] D -- C:\Program Files (x86)\Raptr Inc =>.Raptr Inc.
O43 - CFD: 09/08/2015 - [] D -- C:\Program Files (x86)\Realtek =>.Realtek
O43 - CFD: 14/02/2015 - [] D -- C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver =>.Realtek Semiconductor Corp.
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 27/02/2016 - [] D -- C:\Program Files (x86)\Rosetta Stone =>.Rosetta Stone Ltd®
O43 - CFD: 27/02/2016 - [] AD -- C:\Program Files (x86)\RosettaStoneLtdServices =>.Rosetta Stone Ltd®
O43 - CFD: 25/10/2016 - [] RD -- C:\Program Files (x86)\Skype =>.Skype
O43 - CFD: 07/08/2017 - [] D -- C:\Program Files (x86)\Tweaking.com =>.Tweaking LLC®
O43 - CFD: 07/08/2017 - [0] HD -- C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 17/08/2014 - [] D -- C:\Program Files (x86)\USB Disk Security =>.FlashPeak Inc
O43 - CFD: 03/08/2017 - [] D -- C:\Program Files (x86)\USB Vibration =>.InstallShield Software Corporation®
O43 - CFD: 23/02/2015 - [] D -- C:\Program Files (x86)\Vimicro =>.Vimicro
O43 - CFD: 29/03/2015 - [] D -- C:\Program Files (x86)\Virtual Router =>.CodePlex
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files (x86)\VulkanRT =>.LunarG, Inc
O43 - CFD: 12/07/2017 - [] D -- C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 12/07/2017 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] SHD -- C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files (x86)\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip =>.Igor Pavlov
O43 - CFD: 19/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 12/07/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 12/07/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
O43 - CFD: 25/07/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved =>.AMD Gaming Evolved
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings =>.Advanced Micro Devices Inc
O43 - CFD: 03/08/2017 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft =>.Anvisoft
O43 - CFD: 03/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey =>.Chicony Multimedia
O43 - CFD: 04/09/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BufferZone
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulk Rename Utility
O43 - CFD: 03/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management =>.Kovid Goyal
O43 - CFD: 26/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant =>.Conexant
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 14 =>.CyberLink Corporation
O43 - CFD: 09/08/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin =>.Dolphin DevTeam
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ese Software
O43 - CFD: 14/06/2017 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstaTrader
O43 - CFD: 04/06/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel =>.Intel Corporation
O43 - CFD: 26/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IP Camera Adapter =>.DeskShare Inc
O43 - CFD: 03/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler =>.QFX Software
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo =>.Lenovo
O43 - CFD: 19/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes =>.Malwarebytes
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader - EXNESS
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Network Recording Player
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewFeature1
O43 - CFD: 17/08/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 =>.Google Inc.
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimoPDF
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QT Lite
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr =>.Raptr
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone =>.Rosetta Stone
O43 - CFD: 07/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie =>.Sandboxie
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype =>.Skype
O43 - CFD: 19/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 03/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit =>.Nikse
O43 - CFD: 19/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 07/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com =>.Tweaking.com
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security =>.FlashPeak Inc
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vimicro USB PC Camera (ZC0301PLH)
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ =>.Atomix Production
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1 =>.Kronos Group
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack =>.HTTrack
O43 - CFD: 03/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Data Recovery =>.WiseCleaner.com, Inc
O43 - CFD: 17/08/2014 - [] D -- C:\ProgramData\ACD Systems =>.ACD Systems Ltd
O43 - CFD: 23/03/2015 - [] D -- C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\AMD =>.AMD
O43 - CFD: 04/03/2016 - [] D -- C:\ProgramData\Anvisoft =>.Anvisoft
O43 - CFD: 17/08/2014 - [] D -- C:\ProgramData\Apple Computer =>.Apple Inc.
O43 - CFD: 04/06/2017 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 22/06/2016 - [] D -- C:\ProgramData\ATI =>.ATI
O43 - CFD: 07/08/2016 - [0] D -- C:\ProgramData\BlueStacksSetup =>.BlueStack Systems, Inc.
O43 - CFD: 16/07/2016 - [0] D -- C:\ProgramData\Comms =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Conexant =>.Conexant
O43 - CFD: 19/03/2015 - [] D -- C:\ProgramData\CyberLink =>.CyberLink Corporation
O43 - CFD: 04/06/2017 - [0] SHD -- C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 07/12/2014 - [] D -- C:\ProgramData\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 03/06/2015 - [] D -- C:\ProgramData\Energy Manager =>.Lenovo
O43 - CFD: 27/02/2016 - [] D -- C:\ProgramData\FLEXnet =>.Flexera Software
O43 - CFD: 05/06/2016 - [] D -- C:\ProgramData\Foxit ContentPlatform =>.Foxit Corporation
O43 - CFD: 12/07/2017 - [0] D -- C:\ProgramData\Foxit Software =>.Foxit Software
O43 - CFD: 01/11/2015 - [] D -- C:\ProgramData\Fugazo =>.Games Software
O43 - CFD: 26/03/2015 - [] D -- C:\ProgramData\HitmanPro =>.EIDOS hitman Game
O43 - CFD: 26/06/2017 - [0] D -- C:\ProgramData\IDM =>.IDM
O43 - CFD: 18/08/2014 - [] D -- C:\ProgramData\install_clap =>.Microsoft Corporation
O43 - CFD: 07/12/2014 - [] D -- C:\ProgramData\Intel =>.Intel Corporation
O43 - CFD: 12/12/2016 - [] D -- C:\ProgramData\iSkysoft =>.iSkySoft
O43 - CFD: 12/10/2016 - [] D -- C:\ProgramData\iSkysoft Application Common Data
O43 - CFD: 12/12/2016 - [] D -- C:\ProgramData\iSkysoft iTube Studio
O43 - CFD: 03/04/2015 - [] D -- C:\ProgramData\KONAMI =>.Konami
O43 - CFD: 11/03/2017 - [] D -- C:\ProgramData\Lenovo =>.Lenovo
O43 - CFD: 03/08/2017 - [] D -- C:\ProgramData\MAGIX =>.Magix
O43 - CFD: 01/06/2017 - [] D -- C:\ProgramData\Malwarebytes =>.Malwarebytes
O43 - CFD: 24/03/2015 - [] D -- C:\ProgramData\MetaQuotes
O43 - CFD: 07/10/2016 - [] D -- C:\ProgramData\mgs
O43 - CFD: 04/07/2017 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 13/03/2017 - [] D -- C:\ProgramData\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 17/08/2014 - [] D -- C:\ProgramData\Microsoft Toolkit =>.Microsoft Corporation
O43 - CFD: 17/08/2014 - [] D -- C:\ProgramData\Mozilla =>.Mozilla Corporation
O43 - CFD: 25/04/2016 - [] D -- C:\ProgramData\Nero =>.Ahead Corporation
O43 - CFD: 17/08/2014 - [] D -- C:\ProgramData\Nitro =>.Nitro
O43 - CFD: 28/03/2015 - [] D -- C:\ProgramData\Office Genuine Advantage =>.Microsoft Corporation
O43 - CFD: 03/07/2015 - [] D -- C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 03/08/2017 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 17/08/2014 - [] D -- C:\ProgramData\PDVD =>.PDVD
O43 - CFD: 25/03/2015 - [] D -- C:\ProgramData\QFX Software =>.QFX Software
O43 - CFD: 07/12/2014 - [] D -- C:\ProgramData\Qualcomm Atheros =>.Qualcomm Atheros
O43 - CFD: 31/07/2015 - [] D -- C:\ProgramData\Realtek =>.Realtek
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\regid.1986-12.com.adobe =>.Adobe Inc.
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 25/03/2015 - [] D -- C:\ProgramData\RELOADED
O43 - CFD: 31/08/2015 - [] D -- C:\ProgramData\Riot Games =>.Riot Games
O43 - CFD: 08/08/2017 - [] D -- C:\ProgramData\RogueKiller =>.Adlice Software
O43 - CFD: 27/02/2016 - [] D -- C:\ProgramData\Rosetta Stone =>.Rosetta Stone
O43 - CFD: 27/02/2016 - [] D -- C:\ProgramData\Rosetta Stone Backups
O43 - CFD: 27/02/2016 - [] D -- C:\ProgramData\RosettaStoneLtdServices
O43 - CFD: 24/02/2015 - [] D -- C:\ProgramData\Skype =>.Skype
O43 - CFD: 19/03/2017 - [0] D -- C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [0] SHD -- C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 03/06/2015 - [] D -- C:\ProgramData\Steam =>.Steam Games
O43 - CFD: 03/08/2017 - [] D -- C:\ProgramData\Sun =>.Oracle
O43 - CFD: 18/08/2014 - [] D -- C:\ProgramData\SUPPORTDIR =>.Microsoft Corporation
O43 - CFD: 02/02/2015 - [] D -- C:\ProgramData\Synaptics =>.Synaptics
O43 - CFD: 02/11/2015 - [] AD -- C:\ProgramData\Temp =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [0] SHD -- C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\USOPrivate =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\USOShared =>.Microsoft Corporation
O43 - CFD: 17/08/2014 - [] D -- C:\ProgramData\VS Revo Group =>.VS Revo Group
O43 - CFD: 19/03/2017 - [] D -- C:\ProgramData\WindowsHolographicDevices =>.Microsoft Corporation
O43 - CFD: 27/05/2015 - [] D -- C:\ProgramData\X360CE =>.Microsoft Corporation
O43 - CFD: 23/03/2015 - [] D -- C:\Program Files (x86)\Common Files\Adobe =>.Adobe
O43 - CFD: 03/08/2017 - [] AD -- C:\Program Files (x86)\Common Files\Adobe AIR =>.Adobe Inc.
O43 - CFD: 04/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Anvisoft =>.Anvisoft
O43 - CFD: 07/12/2014 - [] D -- C:\Program Files (x86)\Common Files\Atheros =>.Qualcomm Atheros
O43 - CFD: 11/05/2015 - [] D -- C:\Program Files (x86)\Common Files\ATI Technologies =>.ATI Technologies
O43 - CFD: 09/11/2016 - [] AD -- C:\Program Files (x86)\Common Files\DESIGNER =>.Designer
O43 - CFD: 09/03/2015 - [] HD -- C:\Program Files (x86)\Common Files\EAInstaller =>.Electronic Arts, Inc.
O43 - CFD: 22/02/2016 - [] D -- C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield
O43 - CFD: 04/06/2017 - [] D -- C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation
O43 - CFD: 03/08/2017 - [] D -- C:\Program Files (x86)\Common Files\Java =>.Oracle
O43 - CFD: 22/05/2015 - [] D -- C:\Program Files (x86)\Common Files\Macrovision Shared =>.Rovi Corporation
O43 - CFD: 04/06/2017 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared =>.Microsoft Corporation
O43 - CFD: 25/04/2016 - [] D -- C:\Program Files (x86)\Common Files\Nero =>.Ahead Corporation
O43 - CFD: 07/12/2014 - [] D -- C:\Program Files (x86)\Common Files\postureAgent =>.Microsoft Corporation
O43 - CFD: 17/08/2014 - [] D -- C:\Program Files (x86)\Common Files\PX Storage Engine =>.Sonic Solutions
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 14/02/2015 - [] AD -- C:\Program Files (x86)\Common Files\Skype =>.Skype
O43 - CFD: 04/06/2017 - [] D -- C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 17/08/2014 - [] D -- C:\Users\USER\AppData\Roaming\ACD Systems =>.ACD Systems Ltd
O43 - CFD: 08/04/2015 - [] D -- C:\Users\USER\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 11/02/2015 - [] D -- C:\Users\USER\AppData\Roaming\Adobe.ExMan
O43 - CFD: 25/08/2015 - [] D -- C:\Users\USER\AppData\Roaming\AMD =>.AMD
O43 - CFD: 07/12/2014 - [] D -- C:\Users\USER\AppData\Roaming\ATI =>.ATI
O43 - CFD: 27/07/2017 - [] D -- C:\Users\USER\AppData\Roaming\audacity =>.Audacity
O43 - CFD: 08/07/2017 - [] D -- C:\Users\USER\AppData\Roaming\calibre =>.Kovid Goyal
O43 - CFD: 27/02/2016 - [] D -- C:\Users\USER\AppData\Roaming\com.rosettastone.languagetraining
O43 - CFD: 19/03/2015 - [] D -- C:\Users\USER\AppData\Roaming\CyberLink =>.CyberLink Corporation
O43 - CFD: 17/02/2017 - [] D -- C:\Users\USER\AppData\Roaming\discordptb
O43 - CFD: 08/08/2017 - [] D -- C:\Users\USER\AppData\Roaming\DMCache =>.DMCache
O43 - CFD: 17/09/2016 - [] D -- C:\Users\USER\AppData\Roaming\dvdcss =>.VideoLan Team
O43 - CFD: 17/04/2015 - [] D -- C:\Users\USER\AppData\Roaming\Ebook Converter =>.ebook Converter
O43 - CFD: 22/02/2016 - [] D -- C:\Users\USER\AppData\Roaming\FarStone =>.FarStone
O43 - CFD: 13/06/2015 - [0] D -- C:\Users\USER\AppData\Roaming\fltk.org =>.fltk.org
O43 - CFD: 29/07/2017 - [] D -- C:\Users\USER\AppData\Roaming\Foxit AgentInformation =>.Foxit Corporation
O43 - CFD: 29/07/2017 - [] D -- C:\Users\USER\AppData\Roaming\Foxit Software =>.Foxit Software
O43 - CFD: 01/11/2015 - [] D -- C:\Users\USER\AppData\Roaming\Fugazo =>.Games Software
O43 - CFD: 03/08/2017 - [] D -- C:\Users\USER\AppData\Roaming\Geek Uninstaller =>.Geek Uninstaller
O43 - CFD: 02/04/2015 - [] D -- C:\Users\USER\AppData\Roaming\Identities =>.Microsoft Corporation
O43 - CFD: 03/08/2017 - [] D -- C:\Users\USER\AppData\Roaming\IDM =>.IDM
O43 - CFD: 24/03/2015 - [] D -- C:\Users\USER\AppData\Roaming\Kalypso Media =>.Kalypso Media
O43 - CFD: 25/10/2016 - [] AD -- C:\Users\USER\AppData\Roaming\Leapdroid =>.Leapdroid
O43 - CFD: 22/06/2016 - [] D -- C:\Users\USER\AppData\Roaming\library_dir =>.library_dir
O43 - CFD: 02/11/2016 - [] D -- C:\Users\USER\AppData\Roaming\LolClient =>.LolClient
O43 - CFD: 08/07/2017 - [] D -- C:\Users\USER\AppData\Roaming\LSC =>.LSC
O43 - CFD: 17/08/2014 - [] D -- C:\Users\USER\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 03/08/2017 - [] D -- C:\Users\USER\AppData\Roaming\MAGIX =>.Magix
O43 - CFD: 04/05/2015 - [] D -- C:\Users\USER\AppData\Roaming\MetaQuotes
O43 - CFD: 07/07/2017 - [] SD -- C:\Users\USER\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 05/06/2015 - [] D -- C:\Users\USER\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 26/06/2017 - [0] D -- C:\Users\USER\AppData\Roaming\MPC-HC =>.MPC-HC Team
O43 - CFD: 28/07/2017 - [] D -- C:\Users\USER\AppData\Roaming\MusicBee
O43 - CFD: 02/02/2015 - [] D -- C:\Users\USER\AppData\Roaming\My Bluetooth =>.Legitimate
O43 - CFD: 17/08/2014 - [] D -- C:\Users\USER\AppData\Roaming\Nero =>.Ahead Corporation
O43 - CFD: 17/08/2014 - [] D -- C:\Users\USER\AppData\Roaming\Nitro =>.Nitro
O43 - CFD: 09/10/2015 - [] D -- C:\Users\USER\AppData\Roaming\OfficeRecovery
O43 - CFD: 11/07/2016 - [0] D -- C:\Users\USER\AppData\Roaming\Opera Software =>.Opera Software
O43 - CFD: 21/02/2015 - [] D -- C:\Users\USER\AppData\Roaming\PhotoScape =>.Mooii Tech Software
O43 - CFD: 03/08/2017 - [] D -- C:\Users\USER\AppData\Roaming\PrimoPDF
O43 - CFD: 19/02/2017 - [] D -- C:\Users\USER\AppData\Roaming\ProgReporter
O43 - CFD: 25/03/2015 - [] D -- C:\Users\USER\AppData\Roaming\QFX Software =>.QFX Software
O43 - CFD: 17/08/2014 - [] D -- C:\Users\USER\AppData\Roaming\R-TT
O43 - CFD: 15/07/2016 - [] D -- C:\Users\USER\AppData\Roaming\Raptr =>.Raptr
O43 - CFD: 03/08/2017 - [] D -- C:\Users\USER\AppData\Roaming\Samsung =>.Samsung Electronics
O43 - CFD: 09/02/2017 - [] D -- C:\Users\USER\AppData\Roaming\Skype =>.Skype
O43 - CFD: 21/02/2015 - [] D -- C:\Users\USER\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 10/05/2015 - [] D -- C:\Users\USER\AppData\Roaming\Steam =>.Steam Games
O43 - CFD: 03/08/2017 - [] D -- C:\Users\USER\AppData\Roaming\Subtitle Edit =>.Nikse
O43 - CFD: 03/08/2017 - [] D -- C:\Users\USER\AppData\Roaming\Sun =>.Oracle
O43 - CFD: 17/08/2014 - [] D -- C:\Users\USER\AppData\Roaming\TeamViewer =>.TeamViewer GmbH
O43 - CFD: 02/06/2016 - [] D -- C:\Users\USER\AppData\Roaming\The Creative Assembly =>.The Creative Assembly
O43 - CFD: 30/10/2015 - [] D -- C:\Users\USER\AppData\Roaming\Vitzo =>.Vitzo Ltd
O43 - CFD: 08/08/2017 - [] D -- C:\Users\USER\AppData\Roaming\vlc =>.VideoLan Team
O43 - CFD: 25/03/2015 - [] D -- C:\Users\USER\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 28/06/2016 - [] D -- C:\Users\USER\AppData\Roaming\Wise Data Recovery =>.WiseCleaner.com, Inc
O43 - CFD: 08/08/2016 - [] D -- C:\Users\USER\AppData\Roaming\yiwanzhushou
O43 - CFD: 08/08/2017 - [] D -- C:\Users\USER\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 12/10/2016 - [] D -- C:\Users\USER\AppData\Local\4kdownload.com =>.4kdownload.com
O43 - CFD: 16/07/2016 - [0] D -- C:\Users\USER\AppData\Local\ActiveSync =>.Microsoft Corporation
O43 - CFD: 06/03/2017 - [] D -- C:\Users\USER\AppData\Local\Adobe =>.Adobe
O43 - CFD: 05/06/2017 - [] D -- C:\Users\USER\AppData\Local\AMD =>.AMD
O43 - CFD: 05/06/2015 - [] D -- C:\Users\USER\AppData\Local\Ankama =>.Ankama
O43 - CFD: 04/06/2017 - [0] SHD -- C:\Users\USER\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 07/12/2014 - [] D -- C:\Users\USER\AppData\Local\ATI =>.ATI
O43 - CFD: 28/04/2017 - [] D -- C:\Users\USER\AppData\Local\Audacity =>.Audacity
O43 - CFD: 07/08/2016 - [] D -- C:\Users\USER\AppData\Local\Bluestacks =>.BlueStack Systems, Inc.
O43 - CFD: 02/02/2015 - [] D -- C:\Users\USER\AppData\Local\BMExplorer =>.BMExplorer
O43 - CFD: 18/04/2015 - [0] D -- C:\Users\USER\AppData\Local\calibre-cache =>.Kovid Goyal
O43 - CFD: 17/08/2014 - [] D -- C:\Users\USER\AppData\Local\Chris_Pietschmann_(http__
O43 - CFD: 21/08/2015 - [] D -- C:\Users\USER\AppData\Local\Comms =>.Microsoft Corporation
O43 - CFD: 02/04/2015 - [] D -- C:\Users\USER\AppData\Local\Conexant =>.Conexant
O43 - CFD: 10/02/2017 - [] D -- C:\Users\USER\AppData\Local\ConnectedDevicesPlatform =>.Microsoft Corporation
O43 - CFD: 25/04/2016 - [0] D -- C:\Users\USER\AppData\Local\CrashDumps =>.Microsoft Corporation
O43 - CFD: 18/08/2014 - [] D -- C:\Users\USER\AppData\Local\CyberLink =>.CyberLink Corporation
O43 - CFD: 17/08/2014 - [] D -- C:\Users\USER\AppData\Local\Cyberlink SoftDMA =>.CyberLink Corporation
O43 - CFD: 29/03/2016 - [0] D -- C:\Users\USER\AppData\Local\Daedalic Entertainment GmbH =>.Daedalic Entertainment GmbH
O43 - CFD: 03/06/2015 - [] D -- C:\Users\USER\AppData\Local\Darksiders2
O43 - CFD: 04/06/2017 - [0] D -- C:\Users\USER\AppData\Local\DBG =>.DBG
O43 - CFD: 10/07/2017 - [0] D -- C:\Users\USER\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 18/08/2014 - [] D -- C:\Users\USER\AppData\Local\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 15/01/2017 - [0] D -- C:\Users\USER\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 17/02/2015 - [] SHD -- C:\Users\USER\AppData\Local\EmieBrowserModeList =>.Enterprise mode Site List Mgr
O43 - CFD: 06/09/2015 - [0] SHD -- C:\Users\USER\AppData\Local\EmieSiteList =>.Enterprise mode Site List Mgr
O43 - CFD: 06/09/2015 - [0] SHD -- C:\Users\USER\AppData\Local\EmieUserList =>.Enterprise mode Site List Mgr
O43 - CFD: 10/05/2015 - [] D -- C:\Users\USER\AppData\Local\EMU =>.Games Software
O43 - CFD: 17/04/2015 - [] D -- C:\Users\USER\AppData\Local\ERW
O43 - CFD: 29/04/2015 - [] D -- C:\Users\USER\AppData\Local\Foxit Reader =>.Foxit Corporation
O43 - CFD: 09/08/2016 - [] D -- C:\Users\USER\AppData\Local\Genymobile =>.Genymobile
O43 - CFD: 25/11/2016 - [] D -- C:\Users\USER\AppData\Local\Google =>.Google
O43 - CFD: 02/06/2015 - [] D -- C:\Users\USER\AppData\Local\GWX =>.GWX
O43 - CFD: 04/06/2017 - [0] SHD -- C:\Users\USER\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 02/02/2015 - [] D -- C:\Users\USER\AppData\Local\Intel_Corporation =>.Intel Corporation
O43 - CFD: 30/01/2016 - [] D -- C:\Users\USER\AppData\Local\joeglens.wordpress.com
O43 - CFD: 08/08/2016 - [] D -- C:\Users\USER\AppData\Local\Leapdroid =>.Leapdroid
O43 - CFD: 30/09/2016 - [] D -- C:\Users\USER\AppData\Local\Lenovo =>.Lenovo
O43 - CFD: 25/03/2015 - [] D -- C:\Users\USER\AppData\Local\Macromedia =>.Macromedia
O43 - CFD: 17/08/2014 - [] D -- C:\Users\USER\AppData\Local\MediaServer =>.MediaServer
O43 - CFD: 07/08/2017 - [] D -- C:\Users\USER\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 30/12/2016 - [] D -- C:\Users\USER\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\Users\USER\AppData\Local\MicrosoftEdge =>.Microsoft Corporation
O43 - CFD: 28/03/2015 - [] D -- C:\Users\USER\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 10/02/2017 - [] D -- C:\Users\USER\AppData\Local\My Games =>.My Games
O43 - CFD: 17/08/2014 - [] D -- C:\Users\USER\AppData\Local\Nero =>.Ahead Corporation
O43 - CFD: 20/08/2015 - [0] D -- C:\Users\USER\AppData\Local\NetworkTiles =>.NetworkTiles
O43 - CFD: 11/07/2016 - [0] D -- C:\Users\USER\AppData\Local\Opera Software =>.Opera Software
O43 - CFD: 04/06/2017 - [] D -- C:\Users\USER\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 10/08/2015 - [0] D -- C:\Users\USER\AppData\Local\PeerDistRepub =>.Microsoft Corporation
O43 - CFD: 17/08/2014 - [] D -- C:\Users\USER\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 09/08/2015 - [] D -- C:\Users\USER\AppData\Local\Publishers =>.Microsoft Corporation
O43 - CFD: 27/07/2017 - [] D -- C:\Users\USER\AppData\Local\Recovery =>.Recovery Labs
O43 - CFD: 02/06/2016 - [] D -- C:\Users\USER\AppData\Local\SKIDROW =>.SKIDROW
O43 - CFD: 17/08/2014 - [] D -- C:\Users\USER\AppData\Local\Skype =>.Skype
O43 - CFD: 19/10/2015 - [] D -- C:\Users\USER\AppData\Local\Skyrim =>.Skyrim Games
O43 - CFD: 17/02/2017 - [] D -- C:\Users\USER\AppData\Local\SquirrelTemp =>.Squirrels
O43 - CFD: 08/08/2017 - [] D -- C:\Users\USER\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [0] SHD -- C:\Users\USER\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 09/08/2015 - [] D -- C:\Users\USER\AppData\Local\TileDataLayer =>.Microsoft Corporation
O43 - CFD: 01/06/2017 - [] D -- C:\Users\USER\AppData\Local\UNP =>.Microsoft Corporation
O43 - CFD: 20/09/2016 - [] D -- C:\Users\USER\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 17/08/2014 - [] D -- C:\Users\USER\AppData\Local\VS Revo Group =>.VS Revo Group
O43 - CFD: 08/08/2017 - [] D -- C:\Users\USER\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 17/08/2014 - [0] D -- C:\Users\USER\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] RD -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] RD -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 12/07/2017 - [] RD -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 04/06/2017 - [] D -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory =>.FormatFactory
O43 - CFD: 17/02/2017 - [0] D -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc =>.Hammer & Chisel, Inc
O43 - CFD: 26/06/2017 - [] D -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 29/07/2017 - [] D -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader =>.JDownloader
O43 - CFD: 19/03/2017 - [] D -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee
O43 - CFD: 04/06/2017 - [] D -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OTELNP
O43 - CFD: 04/06/2017 - [] D -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\R-Studio
O43 - CFD: 12/07/2017 - [] RD -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] RD -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 16/04/2015 - [0] D -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ =>.Atomix Production
O43 - CFD: 19/03/2017 - [] RD -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 03/08/2017 - [] D -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 04/06/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [0] SHD -- C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 07/08/2017 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 22/07/2017 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Foxit Software =>.Foxit Software
---\\ Image File Execution Options (17) - 1s
O50 - IFEO:C:\Windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\\3] =>.Microsoft Windows®
O50 - IFEO:C:\WINDOWS\System32\drvinst.exe - (.Microsoft Corporation - Driver Installation Module.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialization Utility.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mmc.exe - (.Microsoft Corporation - Microsoft Management Console.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\\1118481] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\rundll32.exe - (.Microsoft Corporation - Windows host process (Rundll32).) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\\4294967296] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Host Process for Windows Services.) [MinimumStackCommitInBytes\\32768] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
---\\ System Drivers List (85) - 18s
O58 - SDL:2017/06/03 13:35:44 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\110C1792.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/03/19 02:41:25 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107424] =>.Microsoft Windows®
O58 - SDL:2017/06/03 13:36:48 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\59E9189A.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2014/12/07 14:36:36 A . (.Lenovo Corporation - ACPI Virtual Power Controller Driver.) -- C:\WINDOWS\System32\drivers\AcpiVpc.sys [35600] =>.Lenovo (Beijing) Limited®
O58 - SDL:2017/03/19 02:41:25 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135512] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83352] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259488] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [27040] =>.Microsoft Windows®
O58 - SDL:2015/02/09 14:24:24 A . (.AnviSoft.com - Anvi Folder Protect Filter Driver.) -- C:\WINDOWS\System32\drivers\AnviFPFltd.sys [28568] =>.Anvei Technology Co., LTD®
O58 - SDL:2017/03/19 02:41:25 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [132000] =>.Microsoft Windows®
O58 - SDL:2016/08/04 02:48:20 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\atikmdag.sys [26706464] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2016/08/04 02:48:16 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\WINDOWS\System32\drivers\atikmpag.sys [518176] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2015/09/28 23:53:15 A . (.Sysprogs OU - WinCDEmu virtual CDROM bus.) -- C:\WINDOWS\System32\drivers\BazisVirtualCDBus.sys [172376] =>.Sysprogs OU®
O58 - SDL:2017/03/19 02:41:25 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2017/03/19 02:41:23 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [533920] =>.Microsoft Windows®
O58 - SDL:2015/10/08 13:49:26 A . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Drive.) -- C:\WINDOWS\System32\drivers\CHDRT64.sys [1561728] =>.Conexant Systems, Inc.®
O58 - SDL:2017/03/19 02:41:25 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\cht4dx64.sys [102816] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) -- C:\WINDOWS\System32\drivers\cht4sx64.sys [347032] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T4 Chipset.) -- C:\WINDOWS\System32\drivers\cht4vx64.sys [2104224] =>.Microsoft Windows®
O58 - SDL:2015/08/24 21:55:05 A . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\WINDOWS\System32\drivers\ETD.sys [467032] =>.ELAN MICROELECTRONICS CORPORATION®
O58 - SDL:2017/03/19 02:41:23 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3419040] =>.Microsoft Windows®
O58 - SDL:2017/06/01 14:19:40 A . (.Malwarebytes - Malwarebytes Anti-Ransomware Protection.) -- C:\WINDOWS\System32\drivers\farflt.sys [113592] =>.Malwarebytes Corporation®
O58 - SDL:2008/10/29 08:47:02 A . (.FarStone Inc. - FarStone Bus Enumerator.) -- C:\WINDOWS\System32\drivers\FCDABUS.SYS [24592] =>.Farstone Technology Inc®
O58 - SDL:2009/12/23 17:33:50 A . (.FarStone Inc. - FarStone SCSI Miniport.) -- C:\WINDOWS\System32\drivers\FVXSCSI.SYS [118360] {02AFB82ABDED8F860823C142D94AB36B} =>.FarStone Inc.
O58 - SDL:2017/03/19 02:41:25 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64416] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:28 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys [33280] =>.Intel(R) Corporation
O58 - SDL:2017/03/19 02:41:28 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation
O58 - SDL:2017/03/19 02:41:28 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [70656] =>.Intel Corporation
O58 - SDL:2017/03/19 02:41:28 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [85504] =>.Intel Corporation
O58 - SDL:2017/03/19 02:41:28 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [165376] =>.Intel Corporation
O58 - SDL:2017/03/19 02:41:28 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448] =>.Intel Corporation
O58 - SDL:2017/03/19 02:41:23 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2017/03/19 02:41:19 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2017/03/19 02:41:26 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673184] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412064] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [526240] =>.Microsoft Windows®
O58 - SDL:2017/06/08 22:00:14 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\WINDOWS\System32\drivers\idmwfp.sys [223432] =>.Tonec Inc.®
O58 - SDL:2017/06/12 01:56:24 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [7970232] =>.Intel(R) pGFX®
O58 - SDL:2016/08/21 21:45:38 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [481768] =>.Intel(R) OWR®
O58 - SDL:2013/10/29 06:53:35 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\intelaud.sys [39320] =>.Intel Wireless Display®
O58 - SDL:2013/10/29 06:53:35 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\iwdbus.sys [27032] =>.Intel Wireless Display®
O58 - SDL:2015/06/03 19:28:30 A . (.QFX Software Corporation - KeyScrambler Keyboard Encryption Driver.) -- C:\WINDOWS\System32\drivers\keyscrambler.sys [224208] =>.QFX Software Corporation®
O58 - SDL:2017/03/19 02:41:25 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108960] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [123808] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [103328] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82848] =>.Microsoft Windows®
O58 - SDL:2017/05/31 11:09:14 A . (...) -- C:\WINDOWS\System32\drivers\mbae64.sys [77376] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/01 14:19:31 A . (.Malwarebytes - Malwarebytes Real-Time Protection.) -- C:\WINDOWS\System32\drivers\mbam.sys [44960] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/01 14:19:48 A . (.Malwarebytes - Malwarebytes Chameleon.) -- C:\WINDOWS\System32\drivers\MBAMChameleon.sys [188312] =>.Malwarebytes Corporation®
O58 - SDL:2017/07/03 18:59:10 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/03/19 02:41:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59808] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys [64416] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575904] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [842656] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63904] =>.Microsoft Windows®
O58 - SDL:2017/06/01 14:21:39 A . (.Malwarebytes - Malwarebytes Web Protection.) -- C:\WINDOWS\System32\drivers\mwac.sys [93600] =>.Malwarebytes Corporation®
O58 - SDL:2017/03/19 02:41:25 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [108960] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150432] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166304] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58784] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [61848] =>.Microsoft Windows®
O58 - SDL:2015/08/09 13:04:05 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Dr.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [886528] =>.Realtek Semiconductor Corp®
O58 - SDL:2015/06/04 11:41:30 A . (.Realtek Semiconductor Corporation - Realtek Bluetooth Filter Driver.) -- C:\WINDOWS\System32\drivers\RtkBtfilter.sys [615728] =>.Realtek Semiconductor Corp®
O58 - SDL:2015/08/10 18:22:26 A . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\WINDOWS\System32\drivers\RtsUer.sys [410880] =>.Realtek Semiconductor Corp®
O58 - SDL:2015/08/10 18:22:12 A . (.Realtek Semiconductor Corp. - Realtek UVC Driver for Vista/Win7/Win8/Win8.) -- C:\WINDOWS\System32\drivers\rtsuvc.sys [3068160] =>.Realtek Semiconductor Corp®
O58 - SDL:2013/08/08 14:12:54 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\WINDOWS\System32\drivers\RtsUVStor.sys [329944] =>.Realtek Semiconductor Corp®
O58 - SDL:2017/03/19 02:41:20 A . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driver 47528 20362.) -- C:\WINDOWS\System32\drivers\rtwlane.sys [6320640] =>.Realtek Semiconductor Corporation
O58 - SDL:2017/03/19 02:41:26 A . (...) -- C:\WINDOWS\System32\drivers\SDFRd.sys [31128] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44960] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81824] =>.Microsoft Windows®
O58 - SDL:2016/09/05 05:47:06 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [131712] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2016/09/05 05:47:12 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [165504] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2017/03/19 02:41:25 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31136] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:42:24 A . (. - WDM CODEC Class Device Driver 2.0.) -- C:\WINDOWS\System32\drivers\stream.sys [75776] =>.Microsoft Corporation
O58 - SDL:2016/04/21 14:55:04 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\tap0901.sys [27136] =>.The OpenVPN Project
O58 - SDL:2017/02/09 16:40:18 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\WINDOWS\System32\drivers\taphss6.sys [42064] =>.AnchorFree Inc®
O58 - SDL:2013/09/17 01:05:12 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverx64.sys [99288] =>.Intel Corporation - Intel® Management Engine Firmware®
O58 - SDL:2017/08/08 16:18:24 A . (...) -- C:\WINDOWS\System32\drivers\TrueSight.sys [28272] =>.Adlice®
O58 - SDL:2015/09/08 11:47:40 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Host-Only Network Adapt.) -- C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [117768] =>.Oracle Corporation®
O58 - SDL:2015/09/08 11:47:40 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Lightweight Filter Driv.) -- C:\WINDOWS\System32\drivers\VBoxNetLwf.sys [146072] =>.Oracle Corporation®
O58 - SDL:2017/03/19 02:41:25 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166816] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305568] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [32160] =>.Microsoft Windows®
O58 - SDL:2017/03/19 02:41:25 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [64920] =>.Microsoft Windows®
O58 - SDL:2013/11/12 22:50:22 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\athwbx.sys [3880448] =>.Qualcomm Atheros Communications, Inc.
---\\ Last modified or created user files (3) - 115s
O61 - LFC: 2017/08/03 22:33:28 A . (..) -- C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\z94n8t79.default\extensions\adbhelper@mozilla.org\win32\adb.exe [1489920]
O61 - LFC: 2017/08/03 22:33:28 A . (..) -- C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\z94n8t79.default\extensions\adbhelper@mozilla.org\win32\fastboot.exe [806912]
O61 - LFC: 2017/08/03 15:23:57 A . (..) -- C:\Users\USER\Desktop\rsthosts_2.0.exe [353632]
---\\ File Associations Shell Spawning (11) - 0s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
---\\ Start Menu Internet (16) - 0s
O68 - StartMenuInternet: <Firefox-E7CF176E110C211B> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- d:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: <Firefox-E7CF176E110C211B> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- d:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Firefox-E7CF176E110C211B> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- d:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Firefox-E7CF176E110C211B> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- d:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
---\\ Search Browser Infection (5) - 16s
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) -
http://www.google.com/ =>.Google Inc.
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) -
http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - (Google) -
http://www.google.com/ =>.Google Inc.
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) -
http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM] {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - (Google) -
http://www.google.com/ =>.Google Inc.
---\\ Search Svchost Services (47) - 1s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [189952] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [189952] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [303616] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\WINDOWS\System32\gpsvc.dll [1269248] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\WINDOWS\System32\ikeext.dll [934912] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\WINDOWS\System32\iphlpsvc.dll [996864] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\WINDOWS\System32\appinfo.dll [138752] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\WINDOWS\system32\iscsiexe.dll [150016] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\WINDOWS\System32\eapsvc.dll [108032] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\WINDOWS\system32\schedsvc.dll [877568] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [221696] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [413696] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [385536] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\WINDOWS\System32\wercplsupport.dll [91648] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll [192512] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1135104] =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Natural Authentication Service.) -- C:\WINDOWS\System32\NaturalAuth.dll [723968] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\WINDOWS\system32\wlidsvc.dll [2155008] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [877568] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [1013248] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [536064] =>.Microsoft Corporation
O83 - Search Svchost Services: xbgm (xbgm) . (.Microsoft Corporation - Xbox Game Monitoring Service.) -- C:\WINDOWS\System32\xbgmsvc.dll [301216] =>.Microsoft Windows Publisher®
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\WINDOWS\system32\themeservice.dll [69632] =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) -- C:\Windows\System32\TokenBroker.dll [1054208] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\WINDOWS\System32\lfsvc.dll [43520] =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infrared Monitor.) -- C:\WINDOWS\System32\irmon.dll [24576] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [104448] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [873472] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [490496] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\System32\sens.dll [69632] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\System32\ipnathlp.dll [537600] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [306688] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2444288] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll [1159680] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [612864] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [55296] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight Settings.) -- C:\WINDOWS\system32\flightsettings.dll [699904] =>.Microsoft Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) -- C:\WINDOWS\system32\WpnService.dll [276480] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\WINDOWS\System32\bdesvc.dll [385536] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1067008] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [681984] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\WINDOWS\System32\NetSetupSvc.dll [261632] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [233984] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\WINDOWS\System32\ncasvc.dll [167424] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) -- C:\WINDOWS\System32\XboxGipSvc.dll [18944] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [196096] =>.Microsoft Corporation
---\\ Additional Scan (O88) (1) - 1s
~ No malicious or unnecessary items found.
---\\ Summary of the elements found (2) - 0s
https://www.anti-malware.top/2016/09/10/superfluous-greentreeapp/ =>.Superfluous.GreenTreeApp
https://nicolascoolman.eu/2017/02/23/tencentadressbar/ =>.Superfluous.Tencent
~ Unselected Options:
~ End of the scan, 41194 items in 06mn13s (1281)(0)
