Solved Google won't work because of Virus Re-Direct?

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Status
Not open for further replies.
Kriller said:
No, I'll definitely run those cleaners!
Click to expand...

Ok, then I'd like you to go ahead and run the ZHP diag scanner, you ran the ZHP cleaner. This tool will show me a lot more than FRST does. It will take me a while to go over it, I just want to make sure that I get all the malware from your machine.


Kriller said:
This was the most help I've had for a situation like this!
Click to expand...

Yep, I grew up really poor -- like eat a can of corn for dinner poor.... I understand that people do not always have money to go out and buy a new computer. So I treat every thread like I was working on my own machine.

Kriller said:
Definitely be telling friends about this.
Thanks again!
Click to expand...

Sweet! You are most welcome. :)


ZHP Diag Scan to get a more in depth look into your machine.


Download ZHP Diag to your desktop.


1. Right Click Run as Admin.
2. Click the Scanner button.

upload_2016-11-17_20-37-4-png.779


When complete please push the report button.
A notepad will open... copy and paste the report in your next reply.
 
~ ZHPDiag v2017.1.7.4 By Nicolas Coolman (2017/01/07)
~ Run by Clint (Administrator) (2017/01/08 10:15:40)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\Clint\Desktop\ZHPDiag.txt
~ Report: C:\Users\Clint\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Home, 64-bit (Build 14393) =>.Microsoft Corporation

---\\ Internet Browsers (2) - 0s
~ GCIE: Google Chrome v55.0.2883.87
~ MSIE: Internet Explorer v11.576.14393.0

---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK

---\\ System protection software (1) - 5s
Windows Defender (Deactivate)

---\\ System optimization software (1) - 6s
~ OneKey Optimizer v1.1.20.16 (Optimize)

---\\ Surveillance software (1) - 6s
~ Adobe Flash Player 24 NPAPI (Surveillance)

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 61 Stepping 4, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 8292.268 MB (65% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 549 GB (60%) free of 912 GB : OK =>.Disk Space

---\\ Connection to the system mode (3) - 0s
~ Computer Name: FCLINT
~ User Name: Clint
~ Logged in as Administrator

---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 549 GB free of 912 GB (System)
~ Drive N: has 25 GB free of 25 GB

---\\ State of the Windows Security Center (7) - 1s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Search Generic System Files (24) - 1s
[MD5.4E10FB1A015B49AC68F76C1A3F4D9C0F] - 11/11/2016 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [4673304] =>.Microsoft Windows®
[MD5.C7645D43451C6D94D87F4D07BDE59C89] - 16/07/2016 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [69632] =>.Microsoft Corporation
[MD5.99A19C9A74E2F9820E501DCE77F84F70] - 16/07/2016 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [304240] =>.Microsoft Windows Publisher®
[MD5.E584CDC70F694F9A984A060A8291EB04] - 11/11/2016 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [2669056] =>.Microsoft Corporation
[MD5.DE6DF9BBBECAFDEF462A37D839167368] - 11/11/2016 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [673792] =>.Microsoft Corporation
[MD5.9600B7F2F89DE60A80D13DE42F672834] - 16/07/2016 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [402432] =>.Microsoft Corporation
[MD5.96B8A433F6407DE34850927C96C6CE9B] - 15/09/2016 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [646136] =>.Microsoft Windows®
[MD5.227CFE3EDA82029AAC1C088A16297CD7] - 15/09/2016 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [496872] =>.Microsoft Windows®
[MD5.323AA1953ED9C01E23F740FA891FE064] - 14/10/2016 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [584032] =>.Microsoft Windows®
[MD5.A10F989A812B57B9695F6C305907C9C6] - 16/07/2016 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows®
[MD5.F8FB51B9EF6372610E9B31A1D86B62FC] - 16/07/2016 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
[MD5.613D0137C269187FA298A157E3D14A18] - 16/07/2016 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173056] =>.Microsoft Corporation
[MD5.0D1D392ED2597F295956D058D33BD7C3] - 05/10/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [144896] =>.Microsoft Corporation
[MD5.10E3515FE5DBA6656FA62C29342EC4A1] - 16/07/2016 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [83456] =>.Microsoft Corporation
[MD5.B54B30992620C97230013A74461C8517] - 16/07/2016 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114176] =>.Microsoft Corporation
[MD5.F1DAECC3B3D6399875D4F10529D6A77C] - 16/07/2016 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [212480] =>.Microsoft Corporation
[MD5.E671EDAB0726E05ECEF4058B4CD73C4D] - 06/09/2016 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [450392] =>.Microsoft Windows®
[MD5.6FEBB0A847FFD5F057B9AC8889F1B9A7] - 16/07/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [279040] =>.Microsoft Corporation
[MD5.DB69C6DA8B3DDFDC547D455CA23A8250] - 02/11/2016 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2255712] =>.Microsoft Windows®
[MD5.6B81BF7853D161DB8AC62CD8B9C2DE6B] - 16/07/2016 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation
[MD5.17E565710172ED71B8531D8822E1C5D1] - 16/07/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation
[MD5.7135785C21CA79D270D11037C43D3F19] - 16/07/2016 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [177152] =>.Microsoft Corporation
[MD5.9D2DD64A0B51C56285512DC9454340F6] - 16/07/2016 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118112] =>.Microsoft Windows®
[MD5.BF2546583BB75F01DDA60A7921DFB230] - 16/07/2016 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [391520] =>.Microsoft Windows®

---\\ Non Microsoft non disabled Windows Services (35) - 3s
O23 - Service: (AdobeUpdateService) . (.Adobe Systems Incorporated - Adobe Update Service.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated®
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated®
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
O23 - Service: AVControlCenter (AVControlCenter) . (.Lenovo Corporation - Lenovo® Multimedia and Comm Subsystem Contr.) - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe =>.LENOVO®
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
O23 - Service: CCSDK (CCSDK) . (...) - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe =>.Lenovo (Beijing) Limited®
O23 - Service: FastbootService (FastbootService) . (.Lenovo - RapidBoot HDD Accelerator Service.) - C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe =>.Lenovo
O23 - Service: HarmonySettingService (HarmonySettingService) . (.Lenovo - HarmonySettingService.) - C:\Program Files (x86)\Lenovo\Harmony\Setting\HarmonySettingService.exe =>.LENOVO®
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe =>.Intel® Rapid Storage Technology®
O23 - Service: Intel Bluetooth Service (iBtSiva) . (.Intel Corporation - Intel(R) Wireless Bluetooth(R) iBtSiva Serv.) - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe =>.Intel Corporation - pGFX®
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\WINDOWS\system32\igfxCUIService.exe =>.Intel Corporation
O23 - Service: System Interface Foundation Service (ImControllerService) . (.Lenovo Group Limited - Lenovo.Modern.ImController.) - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe =>.Lenovo®
O23 - Service: Intel® ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
O23 - Service: Lenovo OKO Service (Lenovo OKO Service) . (.Lenovo(beijing) Limited - OneKey Optimizer Self Update Install Servic.) - C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe =>.Lenovo (Beijing) Limited®
O23 - Service: Lenovo Settings Service (Lenovo Settings Service) . (.Lenovo Group Limited - Lenovo Settings Service.) - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe =>.LENOVO®
O23 - Service: Lenovo PAWD Service (LenovoPAWDService) . (...) - C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe =>.Lenovo®
O23 - Service: LenovoSetSvr (LenovoSetSvr) . (.Lenovo(beijing) Limited - Lenovo Settings.) - C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe =>.Lenovo (Beijing) Limited®
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) . (.Lenovo(beijing) Limited - Lenovo Settings.) - C:\Windows\System32\LenovoWiFiHotspotSvr.exe =>.Lenovo(beijing) Limited
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
O23 - Service: lxebCATSCustConnectService (lxebCATSCustConnectService) . (.Lexmark International, Inc. - Lexmark Connect Service Executable.) - C:\WINDOWS\system32\spool\DRIVERS\x64\3\lxebserv.exe =>.Lexmark International, Inc.®
O23 - Service: lxeb_device (lxeb_device) . (. - Printer Communication System.) - C:\Windows\System32\lxebcoms.exe =>.Lexmark International, Inc.®
O23 - Service: Malwarebytes Service (MBAMService) . (.Malwarebytes - Malwarebytes Service.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
O23 - Service: NVIDIA Wireless Controller Service (NVIDIA Wireless Controller Service) . (.NVIDIA Corporation - NVIDIA Wireless Controller Service.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe =>.NVIDIA Corporation®
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 362.0.) - C:\WINDOWS\system32\nvvsvc.exe =>.NVIDIA Corporation
O23 - Service: OKOControlSvc (OKOControlSvc) . (.Lenovo(beijing) Limited - OneKey Optimizer Control Service.) - C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe =>.Lenovo (Beijing) Limited®
O23 - Service: PGService (PGService) . (.PointGrab LTD - Lenovo Motion Control.) - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe =>.PointGrab Ltd®
O23 - Service: PG_Service_Launcher (PG_Service_Launcher) . (.PointGrab LTD - Lenovo Motion Control.) - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe =>.PointGrab Ltd®
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) . (.Lenovo - PhoneCompanionPusher.) - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe =>.Lenovo (Beijing) Limited®
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe =>.NVIDIA Corporation®
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
O23 - Service: ymc (ymc) . (.Lenovo - Lenovo Yoga Mode Control.) - C:\ProgramData\LenovoTransition\Server\x64\ymc.exe =>.LENOVO®
O23 - Service: ZAM Controller Service (ZAMSvc) . (...) - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (.not file.)

---\\ Services not Microsoft (SR=Run, SS=Stop) (48) - 58s
SS - Demand [14/12/2016] [ 270936] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [24/08/2016] [ 744640] (AdobeUpdateService) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [13/12/2016] [ 2218712] Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated®
SR - Auto [22/09/2016] [ 83768] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
SR - Auto [23/03/2015] [ 560584] AVControlCenter (AVControlCenter) . (.Lenovo Corporation.) - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe =>.LENOVO®
SR - Auto [12/08/2015] [ 462096] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
SR - Auto [22/10/2014] [ 644080] CCSDK (CCSDK) . (...) - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe =>.Lenovo (Beijing) Limited®
SS - Demand [06/05/2016] [ 292840] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel(R) pGFX®
SR - Auto [20/11/2014] [ 191512] FastbootService (FastbootService) . (.Lenovo.) - C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe =>.Lenovo
SS - Demand [04/01/2017] [ 1235912] FlexNet Licensing Service (FlexNet Licensing Service) . (.Flexera Software LLC.) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe =>.Flexera Software LLC®
SR - Auto [11/02/2015] [ 19896] HarmonySettingService (HarmonySettingService) . (.Lenovo.) - C:\Program Files (x86)\Lenovo\Harmony\Setting\HarmonySettingService.exe =>.LENOVO®
SR - Auto [09/10/2014] [ 18584] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe =>.Intel® Rapid Storage Technology®
SR - Auto [13/12/2014] [ 124520] Intel Bluetooth Service (iBtSiva) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe =>.Intel Corporation - pGFX®
SS - Demand [24/04/2012] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe =>.Intel Corporation®
SR - Auto [06/05/2016] [ 365032] Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation.) - C:\WINDOWS\system32\igfxCUIService.exe =>.Intel(R) pGFX®
SR - Auto [01/12/2016] [ 62792] System Interface Foundation Service (ImControllerService) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe =>.Lenovo®
SS - Demand [13/05/2014] [ 887256] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel® Trusted Connect Service®
SR - Auto [10/10/2014] [ 132896] Intel® ME Service (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
SS - Demand [06/12/2016] [ 651576] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe =>.Apple Inc.®
SS - Demand [12/08/2016] [ 177376] Intel(R) Update Manager (iumsvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe =>.Intel(R) Update Manager®
SR - Auto [10/10/2014] [ 158496] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
SR - Auto [18/11/2014] [ 2544408] Lenovo OKO Service (Lenovo OKO Service) . (.Lenovo(beijing) Limited.) - C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe =>.Lenovo (Beijing) Limited®
SR - Auto [10/04/2015] [ 2016040] Lenovo Settings Service (Lenovo Settings Service) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe =>.LENOVO®
SS - Demand [23/03/2015] [ 456136] Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) . (.Lenovo Corporation.) - C:\Program Files\Lenovo\Communications Utility\cammute.exe =>.LENOVO®
SS - Demand [23/03/2015] [ 453576] Lenovo AVFramework Microphone Volume Controller and Dolby I (LENOVO.TPKNRSVC) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe =>.LENOVO®
SS - Demand [23/03/2015] [ 625608] Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) . (.Lenovo Corporation.) - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe =>.LENOVO®
SR - Auto [07/06/2015] [ 133440] Lenovo PAWD Service (LenovoPAWDService) . (...) - C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe =>.Lenovo®
SR - Auto [19/06/2014] [ 258544] LenovoSetSvr (LenovoSetSvr) . (.Lenovo(beijing) Limited.) - C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe =>.Lenovo (Beijing) Limited®
SR - Demand [08/01/2017] [ 26608] lupdate (LenovoUpdate) . (.Lenovo.) - C:\WINDOWS\System32\LenovoUpdate.exe =>.Lenovo (Beijing) Limited®
SR - Auto [25/08/2014] [ 218952] Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) . (.Lenovo(beijing) Limited.) - C:\Windows\System32\LenovoWiFiHotspotSvr.exe =>.Lenovo (Beijing) Limited®
SR - Auto [10/10/2014] [ 409376] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
SS - Auto [14/04/2010] [ 45736] lxebCATSCustConnectService (lxebCATSCustConnectService) . (.Lexmark International, Inc..) - C:\WINDOWS\system32\spool\DRIVERS\x64\3\lxebserv.exe =>.Lexmark International, Inc.®
SR - Auto [14/04/2010] [ 1052328] lxeb_device (lxeb_device) . (...) - C:\Windows\System32\lxebcoms.exe =>.Lexmark International, Inc.®
SR - Auto [14/12/2016] [ 4317648] Malwarebytes Service (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SR - Auto [17/11/2016] [ 462784] NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
SS - Demand [17/11/2016] [ 462784] NVIDIA NetworkService Container (NvContainerNetworkService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
SR - Auto [17/11/2016] [ 1163712] NVIDIA Wireless Controller Service (NVIDIA Wireless Controller Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe =>.NVIDIA Corporation®
SR - Auto [23/02/2016] [ 1263040] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvvsvc.exe =>.NVIDIA Corporation®
SR - Auto [17/11/2014] [ 113944] OKOControlSvc (OKOControlSvc) . (.Lenovo(beijing) Limited.) - C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe =>.Lenovo (Beijing) Limited®
SR - Auto [28/05/2014] [ 167176] PGService (PGService) . (.PointGrab LTD.) - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe =>.PointGrab Ltd®
SR - Auto [28/05/2014] [ 524552] PG_Service_Launcher (PG_Service_Launcher) . (.PointGrab LTD.) - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe =>.PointGrab Ltd®
SR - Auto [07/06/2015] [ 321520] Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) . (.Lenovo.) - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe =>.Lenovo (Beijing) Limited®
SS - Demand [07/06/2015] [ 338416] Lenovo PhoneCompanionVap Service (PhoneCompanionVap) . (.Lenovo.) - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe =>.Lenovo (Beijing) Limited®
SS - Demand [20/01/2016] [ 31176] ShareItSvc (ShareItSvc) . (.SHAREit Technologies Co.Ltd.) - C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe =>.LENOVO®
SS - Auto [20/09/2016] [ 324224] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SR - Auto [20/09/2016] [ 324224] NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe =>.NVIDIA Corporation®
SR - Auto [20/09/2016] [ 324224] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
SR - Auto [20/09/2016] [ 324224] ymc (ymc) . (.Lenovo.) - C:\ProgramData\LenovoTransition\Server\x64\ymc.exe =>.LENOVO®

---\\ Task Planned Automatically (6) - 10s
[MD5.63BB08F1FE94AE8804BCDC4916D4ABCD] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [324224] (.Activate.) =>.Piriform Ltd®
[MD5.23985274780D27117C470AA259B79B30] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [324224] (.Activate.) =>.Apple Inc.®
[MD5.A60028C6B63F466D7C91EA260D109CC7] [APT] [CyberLink\Photo Master Gadget startup] (.CyberLink Corp..) -- C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [324224] (.Activate.) =>.CyberLink Corp.®
O39 - APT: Unknown - (.Adobe Inc..) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [324224] =>.Adobe Inc.
O39 - APT: Unknown - (.Legitimate.) -- C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job [324224]
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\WINDOWS\System32\Tasks\CCleanerSkipUAC [324224] =>.Piriform Ltd®

---\\ Auto loading programs from Registry and folders (33) - 1s
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [RtHDVBg_LENOVO_MICPKEY] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [DDPF3] . (.Dolby Laboratories Inc. - DolbyDigitalPlus.) -- C:\Program Files\Dolby\DDP_F3\ddpf3.exe =>.Dolby Laboratories Inc.
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe =>.Intel Corporation
O4 - HKLM\..\Run: [LenovoUtility] . (.Copyright 2014 - Lenovo Utility.) -- C:\Program Files\Lenovo\LenovoUtility\utility.exe =>.Lenovo (Beijing) Limited®
O4 - HKLM\..\Run: [AutoStartTransition] . (...) -- C:\Program Files (x86)\Lenovo\LenovoTransition\TransitionServer.exe =>.LENOVO®
O4 - HKLM\..\Run: [PhoneCompanion] . (.Lenovo - Lenovo Phone Companion.) -- C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe =>.Lenovo (Beijing) Limited®
O4 - HKLM\..\Run: [OneKeyOptimizer] . (.Lenovo(beijing) Limited - OneKeyOptimizerTray.) -- C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe =>.Lenovo (Beijing) Limited®
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated®
O4 - HKLM\..\Run: [LMCSSTART1] . (.Lenovo Corporation - Lenovo® Multimedia Subsystem Generic Contro.) -- C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe =>.LENOVO®
O4 - HKLM\..\Run: [LMCSSTART2] . (.Lenovo Corporation - Lenovo® Multimedia Subsystem Generic Contro.) -- C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe =>.LENOVO®
O4 - HKLM\..\Run: [LMCSSTART3] . (.Lenovo Corporation - Lenovo® Multimedia Subsystem Generic Contro.) -- C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe =>.LENOVO®
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe =>.Synaptics Incorporated®
O4 - HKLM\..\Run: [lxebmon.exe] . (. - Printer Device Monitor.) -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe =>.Lexmark International, Inc.®
O4 - HKLM\..\Run: [EzPrint] . (.Copyright (c) 2008 - .) -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe =>.Lexmark International, Inc.®
O4 - HKLM\..\Run: [toys] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKLM\..\Run: [Malwarebytes TrayApp] . (.Malwarebytes - Malwarebytes Tray Application.) -- C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe =>.Malwarebytes Corporation®
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe =>.Apple Inc.®
O4 - HKCU\..\Run: [toys] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKCU\..\Run: [tracing] C:\Program Files (x86)\waistbands\sunland.exe (.not file.)
O4 - HKCU\..\Run: [hostetter] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKCU\..\Run: [electrolyte] C:\Program Files (x86)\Syllabic\genoese.exe (.not file.)
O4 - HKCU\..\Run: [midwives] C:\Program Files (x86)\Intramural\scheduled.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [toys] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-3646257312-145341772-451683423-1001\..\Run: [toys] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKUS\S-1-5-21-3646257312-145341772-451683423-1001\..\Run: [tracing] C:\Program Files (x86)\waistbands\sunland.exe (.not file.)
O4 - HKUS\S-1-5-21-3646257312-145341772-451683423-1001\..\Run: [hostetter] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKUS\S-1-5-21-3646257312-145341772-451683423-1001\..\Run: [electrolyte] C:\Program Files (x86)\Syllabic\genoese.exe (.not file.)
O4 - HKUS\S-1-5-21-3646257312-145341772-451683423-1001\..\Run: [midwives] C:\Program Files (x86)\Intramural\scheduled.exe (.not file.)

---\\ Process running (60) - 2s
[MD5.37E5733F8F720920F7C5A78D45899D3A] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [426040] [PID.1436] =>.NVIDIA Corporation®
[MD5.00000000000000000000000000000000] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 362.0.) -- C:\WINDOWS\system32\nvvsvc.exe [0] [PID.1444] =>.NVIDIA Corporation
[MD5.E04AA4CE5ED46A22D1E19E7D422F5282] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [1263160] [PID.1556] =>.NVIDIA Corporation®
[MD5.00000000000000000000000000000000] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 362.0.) -- C:\WINDOWS\system32\nvvsvc.exe [0] [PID.1600] =>.NVIDIA Corporation
[MD5.00000000000000000000000000000000] - (.Intel Corporation - igfxCUIService Module.) -- C:\WINDOWS\system32\igfxCUIService.exe [0] [PID.1916] =>.Intel Corporation
[MD5.00000000000000000000000000000000] - (.Lenovo(beijing) Limited - Lenovo Settings.) -- C:\Windows\System32\LenovoWiFiHotspotSvr.exe [0] [PID.2528] =>.Lenovo(beijing) Limited
[MD5.0A3FB35B6442675D8F76BF99A14F0CC1] - (.Lenovo(beijing) Limited - Lenovo Settings.) -- C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [258544] [PID.2536] =>.Lenovo (Beijing) Limited®
[MD5.CB609E1E85B2117031431AEEB4ACAC63] - (.Lenovo - HarmonySettingService.) -- C:\Program Files (x86)\Lenovo\Harmony\Setting\HarmonySettingService.exe [19896] [PID.2572] =>.LENOVO®
[MD5.205D1A6D106ACFDB71A1BDEC0C924173] - (.Lenovo Group Limited - Lenovo Settings Service.) -- C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2016040] [PID.2652] =>.LENOVO®
[MD5.12A0B27BCD5D06F1FF042C5C3BD973FC] - (.Lenovo Group Limited - Lenovo.Modern.ImController.) -- C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [62792] [PID.2684] =>.Lenovo®
[MD5.74B11ED06396C932FCC49519CA3D08EE] - (. - Printer Communication System.) -- C:\Windows\System32\lxebcoms.exe [598696] [PID.2692] =>.Lexmark International, Inc.®
[MD5.7D811EA7A2AAA49B0446D42CBC1CD338] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768] [PID.2708] =>.Apple Inc.®
[MD5.2E7A98ADE2CF733C46859E40A5348DB1] - (.Lenovo - RapidBoot HDD Accelerator Service.) -- C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [191512] [PID.2716] =>.Lenovo
[MD5.73933F0BBD77436D14959A0BA5DAE3C4] - (.Adobe Systems Incorporated - Adobe Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640] [PID.2724] =>.Adobe Systems Incorporated®
[MD5.5CE986C82313E6F9D0973E2A74A0BA20] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784] [PID.2732] =>.NVIDIA Corporation®
[MD5.868630DCAE43495922F66A737D9469B2] - (.Lenovo(beijing) Limited - OneKey Optimizer Control Service.) -- C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [113944] [PID.2740] =>.Lenovo (Beijing) Limited®
[MD5.E42BCCE03A0A4CECC0C5A86600DF5070] - (.Lenovo Corporation - Lenovo® Multimedia and Comm Subsystem Contr.) -- C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584] [PID.2748] =>.LENOVO®
[MD5.B5C2F92EE1106DFE7BB1CCE4D35B6037] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [462096] [PID.2756] =>.Apple Inc.®
[MD5.7D01451FA57540CAF8FCF48D26252BF7] - (.Lenovo(beijing) Limited - OneKey Optimizer Self Update Install Servic.) -- C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2544408] [PID.2768] =>.Lenovo (Beijing) Limited®
[MD5.0B7CFF94C247E661A9D5F7FDAB2F726B] - (.NVIDIA Corporation - NVIDIA Wireless Controller Service.) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712] [PID.2784] =>.NVIDIA Corporation®
[MD5.FB452131A790111332041B88039F98B4] - (...) -- C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [133440] [PID.2812] =>.Lenovo®
[MD5.B0F327821DDD9C35F9C283C25ECCE71D] - (.Lenovo - PhoneCompanionPusher.) -- C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [321520] [PID.2820] =>.Lenovo (Beijing) Limited®
[MD5.5417713A06537C28875E6406851CA30C] - (.Intel Corporation - Intel(R) Wireless Bluetooth(R) iBtSiva Serv.) -- C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [124520] [PID.2828] =>.Intel Corporation - pGFX®
[MD5.00D33CFD7F72083A69C91692D5C48E95] - (.PointGrab LTD - Lenovo Motion Control.) -- C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176] [PID.2848] =>.PointGrab Ltd®
[MD5.D635E700E43F4ECA021FD159CFF3F8B9] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472] [PID.2856] =>.Synaptics Incorporated®
[MD5.114F33B738540F264BE80D447A98A262] - (.PointGrab LTD - Lenovo Motion Control.) -- C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [524552] [PID.2864] =>.PointGrab Ltd®
[MD5.840E0468368EB5FD87371EF508D72ACF] - (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2218712] [PID.2872] =>.Adobe Systems Incorporated®
[MD5.28E521A6ABA9DE062A3719452816F495] - (.Malwarebytes - Malwarebytes Service.) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648] [PID.2892] =>.Malwarebytes Corporation®
[MD5.EECC6FB48D5137A331D02AAC1D99DF8C] - (.Lenovo - Lenovo Yoga Mode Control.) -- C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [30464] [PID.2900] =>.LENOVO®
[MD5.B00CA1F8B9B6946EA2C8751A36EFCE21] - (.Lenovo Corporation - Lenovo® Multimedia and Comm Subsystem Audio.) -- C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe [452552] [PID.3284] =>.LENOVO®
[MD5.BA904AF6E0D48B929B74A7EC9DF9D3AD] - (.PointGrab LTD - Lenovo Motion Control.) -- C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe [1236744] [PID.1152] =>.PointGrab Ltd®
[MD5.00000000000000000000000000000000] - (.Lenovo - Lenovo Update Service.) -- C:\WINDOWS\System32\LenovoUpdate.exe [0] [PID.4728] =>.Lenovo
[MD5.E96D596186F77552701BC84855F82B05] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [425408] [PID.3564] =>.NVIDIA Corporation®
[MD5.8705EE93E1BFC4308F0DEDA2FA02DE3E] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3948216] [PID.1968] =>.Synaptics Incorporated®
[MD5.02B07DA28089AAF8034749BCB5DD3657] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [211640] [PID.2928] =>.Synaptics Incorporated®
[MD5.128B163162453828E5D5106F915D129E] - (.Lenovo Group Limited - Lenovo.Modern.ImController.PluginHost.) -- C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.LenovoCorporation.LenovoSettings_4642shxvsv8s2.exe [38216] [PID.5588] =>.Lenovo®
[MD5.00000000000000000000000000000000] - (.Intel Corporation - igfxEM Module.) -- C:\WINDOWS\system32\igfxEM.exe [0] [PID.2412] =>.Intel Corporation
[MD5.00000000000000000000000000000000] - (.Intel Corporation - igfxHK Module.) -- C:\WINDOWS\system32\igfxHK.exe [0] [PID.5276] =>.Intel Corporation
[MD5.00000000000000000000000000000000] - (.Authors - .) -- C:\WINDOWS\system32\igfxTray.exe [0] [PID.5708] =>.Intel Corporation
[MD5.E9FCA04DBF31BB6BA00A033E06D90B2C] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [2456632] [PID.6408] =>.NVIDIA Corporation®
[MD5.01E4118E5850159F988EB4C54069B4CC] - (...) -- C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [644080] [PID.3436] =>.Lenovo (Beijing) Limited®
[MD5.079511E999ACAB4B8CC08432F0363368] - (.Dolby Laboratories Inc. - DolbyDigitalPlus.) -- C:\Program Files\Dolby\DDP_F3\ddpf3.exe [746496] [PID.2556] =>.Dolby Laboratories Inc.
[MD5.B0271E30A7E4E0385E4F2291EEA97B32] - (...) -- C:\Program Files (x86)\Lenovo\LenovoTransition\TransitionServer.exe [107776] [PID.6836] =>.LENOVO®
[MD5.63548D54F59C98EF584704A8AFB285D2] - (...) -- C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe [410096] [PID.7236] =>.Lenovo (Beijing) Limited®
[MD5.51FFA164418B97B6B4CAFE5A0B7097B0] - (. - Printer Device Monitor.) -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe [772712] [PID.7440] =>.Lexmark International, Inc.®
[MD5.C0053C87AEFDE64D6C0179BE7E1C393B] - (.Copyright (c) 2008 - .) -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe [150264] [PID.7636] =>.Lexmark International, Inc.®
[MD5.6C99DF5B6A6EB1D8D6F3FD60A0C614D6] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18584] [PID.6368] =>.Intel® Rapid Storage Technology®
[MD5.08C42E275557776BE1367B3DE616D0E3] - (.Intel Corporation - Intel(R) ME Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [132896] [PID.7904] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
[MD5.CA295D3E5032DDF8A3CBD1A256E646FA] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496] [PID.7768] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
[MD5.ED5C8B920F2ACF11A26586B2FA66BF3D] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [409376] [PID.7308] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
[MD5.FD3170DA1F8E5F1D4BDE9E3CF2593B17] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322712] [PID.9052] =>.Intel® Rapid Storage Technology®
[MD5.82BA979332BF2C82A419E5ED1E8E77D9] - (.Lenovo Corporation - Lenovo® Multimedia and Comm Subsystem Nativ.) -- C:\Program Files\Lenovo\Communications Utility\tpknrres.exe [521672] [PID.7916] =>.LENOVO®
[MD5.45007C9BAA12402CFF9A856343B82CF9] - (.Lenovo Group Limited - Lenovo.Modern.ImController.PluginHost.) -- C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe [37704] [PID.7880] =>.Lenovo®
[MD5.92B29E6BE97F5B2C5894904D1447BBFE] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [935768] [PID.616] =>.Google Inc®
[MD5.92B29E6BE97F5B2C5894904D1447BBFE] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [935768] [PID.4916] =>.Google Inc®
[MD5.92B29E6BE97F5B2C5894904D1447BBFE] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [935768] [PID.1584] =>.Google Inc®
[MD5.92B29E6BE97F5B2C5894904D1447BBFE] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [935768] [PID.1456] =>.Google Inc®
[MD5.92B29E6BE97F5B2C5894904D1447BBFE] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [935768] [PID.8728] =>.Google Inc®
[MD5.AFE645B8523B69E613F5706E2032D317] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Clint\Desktop\ZHPDiag3.exe [2633216] [PID.8972] =>.Nicolas Coolman
[MD5.92B29E6BE97F5B2C5894904D1447BBFE] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [935768] [PID.2252] =>.Google Inc®

---\\ Google Chrome, Start,Search,Extensions (12) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients5.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://lh3.googleusercontent.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://mail.live.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ogs.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://outlook.live.com =>.Microsoft Corporation
G0 - GCSP: Preferences [User Data\Default][HomePage] http://snt149.mail.live.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (1) - 1s
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll =>.Adobe Systems Incorporated

---\\ Internet Explorer Extensions, Start, Search (19) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ =>.Yahoo! Inc.
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ =>.Yahoo! Inc.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com =>.Google Inc.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/ =>.Yahoo! Inc.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKEY_USERS\S-1-5-21-3646257312-145341772-451683423-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/ =>.Yahoo! Inc.
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (7) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (4)

---\\ Browser Helper Object (BHO) (2) - 0s
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll =>.Microsoft Corporation®
O2 - BHO: Microsoft OneDrive for Business Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL =>.Microsoft Corporation®

---\\ Global shortcuts Startup (115) - 8s
O4 - GS\Desktop [Administrator]: Adobe After Effects CC 2015.3.lnk . (.Adobe Systems Incorporated - Adobe After Effects CC 2015.3.) C:\Program Files\Adobe\Adobe After Effects CC 2015.3\Support Files\AfterFX.exe =>.Adobe Systems Incorporated®
O4 - GS\Desktop [Administrator]: Adobe Audition CC 2015.2.lnk . (.Adobe Systems Incorporated - Adobe Audition CC 2015.2.) C:\Program Files\Adobe\Adobe Audition CC 2015.2\Adobe Audition CC.exe =>.Adobe Systems Incorporated®
O4 - GS\Desktop [Administrator]: Adobe Photoshop CC 2015.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CC 2015.) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe =>.Adobe Systems Incorporated®
O4 - GS\Desktop [Administrator]: Adobe Premiere Pro CC 2015.3.lnk . (.Adobe Systems Incorporated - Adobe Premiere Pro CC 2015.4.) C:\Program Files\Adobe\Adobe Premiere Pro CC 2015.3\Adobe Premiere Pro.exe =>.Adobe Systems Incorporated®
O4 - GS\Desktop [Administrator]: Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Desktop [Administrator]: Final Draft 10.lnk . (.Cast & Crew Production Software, LLC - Final Draft.) C:\Program Files (x86)\Final Draft 10\Final Draft.exe
O4 - GS\Desktop [Administrator]: Norton Installation Files.lnk . (...) C:\Users\Public\Downloads\Norton\{NS2281014-SHPD-FSD570026}
O4 - GS\Desktop [Administrator]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Clint\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Clint\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: Microsoft Outlook.lnk . (.Microsoft Corporation - Microsoft Outlook.) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE /recycle =>.Microsoft Corporation®
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\TaskBar [Administrator]: chrome - Shortcut.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Administrator]: Harmony.lnk . (.Lenovo - Lenovo.HarmonyPicks.) C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe =>.LENOVO®
O4 - GS\TaskBar [Administrator]: UserGuide.lnk . (.Lenovo - UserGuide.) C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe =>.Lenovo (Beijing) Limited®
O4 - GS\TaskBar [Administrator]: НАНАНАНАНАНАНА.lnk . (...) C:\Program Files (x86)\Mozilla Firefox\firefox.bat
O4 - GS\Startup [Administrator]: ok2089576.lnk . (...) C:\Program Files (x86)\cartridge\antivirals.exe
O4 - GS\Programs [Administrator]: Harmony Picks Introduction.lnk . (.Lenovo - Lenovo.HarmonyPicks.) C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe i =>.LENOVO®
O4 - GS\Programs [Administrator]: Harmony Settings Introduction.lnk . (.Lenovo - Lenovo.HarmonySetting.) C:\Program Files (x86)\Lenovo\Harmony\Setting\Lenovo.HarmonySetting.exe i =>.LENOVO®
O4 - GS\Programs [Administrator]: LenovoSettings.lnk . (.Lenovo Group Limited - Lenovo.Modern.DesktopToastsHelper.) C:\ProgramData\Lenovo\iMController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe =>.Lenovo®
O4 - GS\Programs [Administrator]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Clint\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrator]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Clint\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Clint]: Adobe After Effects CC 2015.3.lnk . (.Adobe Systems Incorporated - Adobe After Effects CC 2015.3.) C:\Program Files\Adobe\Adobe After Effects CC 2015.3\Support Files\AfterFX.exe =>.Adobe Systems Incorporated®
O4 - GS\Desktop [Clint]: Adobe Audition CC 2015.2.lnk . (.Adobe Systems Incorporated - Adobe Audition CC 2015.2.) C:\Program Files\Adobe\Adobe Audition CC 2015.2\Adobe Audition CC.exe =>.Adobe Systems Incorporated®
O4 - GS\Desktop [Clint]: Adobe Photoshop CC 2015.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CC 2015.) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe =>.Adobe Systems Incorporated®
O4 - GS\Desktop [Clint]: Adobe Premiere Pro CC 2015.3.lnk . (.Adobe Systems Incorporated - Adobe Premiere Pro CC 2015.4.) C:\Program Files\Adobe\Adobe Premiere Pro CC 2015.3\Adobe Premiere Pro.exe =>.Adobe Systems Incorporated®
O4 - GS\Desktop [Clint]: Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Desktop [Clint]: Final Draft 10.lnk . (.Cast & Crew Production Software, LLC - Final Draft.) C:\Program Files (x86)\Final Draft 10\Final Draft.exe
O4 - GS\Desktop [Clint]: Norton Installation Files.lnk . (...) C:\Users\Public\Downloads\Norton\{NS2281014-SHPD-FSD570026}
O4 - GS\Desktop [Clint]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Clint\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Clint]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Clint\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Clint]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Clint]: Microsoft Outlook.lnk . (.Microsoft Corporation - Microsoft Outlook.) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE /recycle =>.Microsoft Corporation®
O4 - GS\sendTo [Clint]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Clint]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Clint]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\TaskBar [Clint]: chrome - Shortcut.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Clint]: Harmony.lnk . (.Lenovo - Lenovo.HarmonyPicks.) C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe =>.LENOVO®
O4 - GS\TaskBar [Clint]: UserGuide.lnk . (.Lenovo - UserGuide.) C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe =>.Lenovo (Beijing) Limited®
O4 - GS\TaskBar [Clint]: НАНАНАНАНАНАНА.lnk . (...) C:\Program Files (x86)\Mozilla Firefox\firefox.bat
O4 - GS\Startup [Clint]: ok2089576.lnk . (...) C:\Program Files (x86)\cartridge\antivirals.exe
O4 - GS\Programs [Clint]: Harmony Picks Introduction.lnk . (.Lenovo - Lenovo.HarmonyPicks.) C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe i =>.LENOVO®
O4 - GS\Programs [Clint]: Harmony Settings Introduction.lnk . (.Lenovo - Lenovo.HarmonySetting.) C:\Program Files (x86)\Lenovo\Harmony\Setting\Lenovo.HarmonySetting.exe i =>.LENOVO®
O4 - GS\Programs [Clint]: LenovoSettings.lnk . (.Lenovo Group Limited - Lenovo.Modern.DesktopToastsHelper.) C:\ProgramData\Lenovo\iMController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe =>.Lenovo®
O4 - GS\Programs [Clint]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Clint\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Clint]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Clint\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Guest]: Adobe After Effects CC 2015.3.lnk . (.Adobe Systems Incorporated - Adobe After Effects CC 2015.3.) C:\Program Files\Adobe\Adobe After Effects CC 2015.3\Support Files\AfterFX.exe =>.Adobe Systems Incorporated®
O4 - GS\Desktop [Guest]: Adobe Audition CC 2015.2.lnk . (.Adobe Systems Incorporated - Adobe Audition CC 2015.2.) C:\Program Files\Adobe\Adobe Audition CC 2015.2\Adobe Audition CC.exe =>.Adobe Systems Incorporated®
O4 - GS\Desktop [Guest]: Adobe Photoshop CC 2015.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CC 2015.) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe =>.Adobe Systems Incorporated®
O4 - GS\Desktop [Guest]: Adobe Premiere Pro CC 2015.3.lnk . (.Adobe Systems Incorporated - Adobe Premiere Pro CC 2015.4.) C:\Program Files\Adobe\Adobe Premiere Pro CC 2015.3\Adobe Premiere Pro.exe =>.Adobe Systems Incorporated®
O4 - GS\Desktop [Guest]: Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Desktop [Guest]: Final Draft 10.lnk . (.Cast & Crew Production Software, LLC - Final Draft.) C:\Program Files (x86)\Final Draft 10\Final Draft.exe
O4 - GS\Desktop [Guest]: Norton Installation Files.lnk . (...) C:\Users\Public\Downloads\Norton\{NS2281014-SHPD-FSD570026}
O4 - GS\Desktop [Guest]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Clint\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Clint\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: Microsoft Outlook.lnk . (.Microsoft Corporation - Microsoft Outlook.) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE /recycle =>.Microsoft Corporation®
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\TaskBar [Guest]: chrome - Shortcut.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Guest]: Harmony.lnk . (.Lenovo - Lenovo.HarmonyPicks.) C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe =>.LENOVO®
O4 - GS\TaskBar [Guest]: UserGuide.lnk . (.Lenovo - UserGuide.) C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe =>.Lenovo (Beijing) Limited®
O4 - GS\TaskBar [Guest]: НАНАНАНАНАНАНА.lnk . (...) C:\Program Files (x86)\Mozilla Firefox\firefox.bat
O4 - GS\Startup [Guest]: ok2089576.lnk . (...) C:\Program Files (x86)\cartridge\antivirals.exe
O4 - GS\Programs [Guest]: Harmony Picks Introduction.lnk . (.Lenovo - Lenovo.HarmonyPicks.) C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe i =>.LENOVO®
O4 - GS\Programs [Guest]: Harmony Settings Introduction.lnk . (.Lenovo - Lenovo.HarmonySetting.) C:\Program Files (x86)\Lenovo\Harmony\Setting\Lenovo.HarmonySetting.exe i =>.LENOVO®
O4 - GS\Programs [Guest]: LenovoSettings.lnk . (.Lenovo Group Limited - Lenovo.Modern.DesktopToastsHelper.) C:\ProgramData\Lenovo\iMController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe =>.Lenovo®
O4 - GS\Programs [Guest]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Clint\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Guest]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Clint\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\CommonDesktop [Public]: Adobe Creative Cloud.lnk . (.Adobe Systems Incorporated - Adobe Creative Cloud.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated®
O4 - GS\CommonDesktop [Public]: Adobe Story CC.lnk . (...) C:\Program Files (x86)\Adobe Story CC\Adobe Story CC.exe
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: HipChat.lnk . (...) C:\Program Files (x86)\Atlassian\HipChat4\HipChat.exe =>.Atlassian, Inc.®
O4 - GS\CommonDesktop [Public]: iTunes.lnk . (.Apple Inc. - .) C:\Program Files (x86)\iTunes\iTunes.exe =>.Apple Inc.
O4 - GS\Programs [Public]: Harmony Picks Introduction.lnk . (.Lenovo - Lenovo.HarmonyPicks.) C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe i =>.LENOVO®
O4 - GS\Programs [Public]: Harmony Settings Introduction.lnk . (.Lenovo - Lenovo.HarmonySetting.) C:\Program Files (x86)\Lenovo\Harmony\Setting\Lenovo.HarmonySetting.exe i =>.LENOVO®
O4 - GS\Programs [Public]: LenovoSettings.lnk . (.Lenovo Group Limited - Lenovo.Modern.DesktopToastsHelper.) C:\ProgramData\Lenovo\iMController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe =>.Lenovo®
O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Clint\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Clint\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Steps Recorder.) C:\WINDOWS\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\WINDOWS\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Access 2016.lnk . (.Microsoft Corporation - Microsoft Access.) C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Adobe Bridge CC (64bit).lnk . (.Adobe Systems Incorporated - Adobe Bridge CC.) C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe =>.Adobe Systems Incorporated®
O4 - GS\ProgramsCommon [Public]: Adobe Character Animator (Preview 4).lnk . (.Adobe Systems Incorporated - Character Animator Preview 4.) C:\Program Files\Adobe\Adobe Character Animator (Preview 4)\Support Files\Character Animator.exe =>.Adobe Systems Incorporated®
O4 - GS\ProgramsCommon [Public]: Adobe Creative Cloud.lnk . (.Adobe Systems Incorporated - Adobe Creative Cloud.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated®
O4 - GS\ProgramsCommon [Public]: Adobe Media Encoder CC 2015.3.lnk . (.Adobe Systems Incorporated - Adobe Media Encoder CC 2015.3.) C:\Program Files\Adobe\Adobe Media Encoder CC 2015.3\Adobe Media Encoder.exe =>.Adobe Systems Incorporated®
O4 - GS\ProgramsCommon [Public]: Adobe Premiere Pro CC 2015.3.lnk . (.Adobe Systems Incorporated - Adobe Premiere Pro CC 2015.4.) C:\Program Files\Adobe\Adobe Premiere Pro CC 2015.3\Adobe Premiere Pro.exe =>.Adobe Systems Incorporated®
O4 - GS\ProgramsCommon [Public]: Apple Software Update.lnk . (...) C:\WINDOWS\Installer\{56EC47AA-5813-4FF6-8E75-544026FBEA83}\AppleSoftwareUpdateIco.exe =>.Apple Inc.
O4 - GS\ProgramsCommon [Public]: Excel 2016.lnk . (.Microsoft Corporation - Microsoft Excel.) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: MiracastView.lnk . (.Microsoft Corporation - MiracastView.) C:\WINDOWS\MiracastView\MiracastView.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: OneDrive for Business.lnk . (.Microsoft Corporation - Microsoft OneDrive for Business.) C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: OneNote 2016.lnk . (.Microsoft Corporation - Microsoft OneNote.) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Outlook 2016.lnk . (.Microsoft Corporation - Microsoft Outlook.) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: PowerPoint 2016.lnk . (.Microsoft Corporation - Microsoft PowerPoint.) C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: PrintDialog.lnk . (.Microsoft Corporation - Print Dialog.) C:\WINDOWS\PrintDialog\PrintDialog.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: Publisher 2016.lnk . (.Microsoft Corporation - Microsoft Publisher.) C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Skype for Business 2016.lnk . (.Microsoft Corporation - Skype for Business.) C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Word 2016.lnk . (.Microsoft Corporation - Microsoft Word.) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Моzillа Firеfох.lnk . (...) C:\Program Files (x86)\Mozilla Firefox\firefox.bat

---\\ Lop.com/Domain Hijackers (5) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = pepperdine.edu
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 137.159.8.1 137.159.198.3 137.159.246.73
O17 - HKLM\System\CCS\Services\Tcpip\..\{f7956392-016b-4f12-9f65-825edbf06453}: NameServer = 198.101.242.72,23.253.163.53,192.168.2.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{f7956392-016b-4f12-9f65-825edbf06453}: DhcpNameServer = 137.159.8.1 137.159.198.3 137.159.246.73
O17 - HKLM\System\CCS\Services\Tcpip\..\{f7956392-016b-4f12-9f65-825edbf06453}: DhcpDomain = pepperdine.edu

---\\ Extra protocols (26) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: mso-minsb-roaming.16 [64Bits] - {83C25742-A9F7-49FB-9138-434302C88D07} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: mso-minsb.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: osf-roaming.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation

---\\ Software installed (127) - 7s
O42 - Logiciel: Adobe After Effects CC 2015.3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- AEFT_13_8_0 =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {63B5DA5A-477B-438D-A6A0-118787A4C71B} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Audition CC 2015.2 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- AUDT_9_2_1 =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Bridge CC (64 Bit) - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {359F8007-6486-429C-A8C5-D67F6897C88C} =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Creative Cloud =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 24 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Media Encoder CC 2015.3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- AME_10_3_0 =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Photoshop CC 2015 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {793C2BF7-A4FE-4608-91C9-9282C5801C21} =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Premiere Pro CC 2015.3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- PPRO_10_4_0 =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Story CC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {19D9282F-2B61-3CFD-5E34-6953917C2346} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Story CC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 =>.Adobe Systems Incorporated
O42 - Logiciel: Apple Application Support (32-bit) - (.Apple Inc..) [HKLM][64Bits] -- {D079CAAD-0C31-47A2-9AF5-A82F9CD9B221} =>.Apple Inc.
O42 - Logiciel: Apple Application Support (64-bit) - (.Apple Inc..) [HKLM][64Bits] -- {64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D} =>.Apple Inc.
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {55BB2110-FB43-49B3-93F4-945A0CFB0A6C} =>.Apple Inc.
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {56EC47AA-5813-4FF6-8E75-544026FBEA83} =>.Apple Inc.
O42 - Logiciel: bl - (.Your Company Name.) [HKLM][64Bits] -- {2A075BB4-E976-4278-BF3F-E5C6945D84C0} =>.Your Company Name
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {56DDDFB8-7F79-4480-89D5-25E1F52AB28F} =>.Apple Inc.
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: Cisco VideoGuard Player - (.Cisco Systems, Inc.) [HKLM][64Bits] -- {28145961-299d-4f61-88d6-ff9ea46bd919}
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {3117B53D-A409-4D99-A0DE-11A1A40696FA} =>.Lenovo Group Limited
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {4430150F-61B3-4142-BE04-EAC68C8DDA18} =>.Lenovo Group Limited
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {4ABFEC28-1554-493D-A84D-BEA21D8E6D6F} =>.Lenovo Group Limited
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2} =>.Lenovo Group Limited
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {503B47A9-E34A-4841-ADD7-417191D5DB5E} =>.Lenovo Group Limited
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {546FF45D-2467-4950-AAFB-0A06ACBB6B2C} =>.Lenovo Group Limited
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {5B2190E9-199D-450A-94B3-4D6826C770C2} =>.Lenovo Group Limited
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {5BEFE1E1-F597-4B79-913B-15FFDB25B744} =>.Lenovo Group Limited
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {63DE35C9-B080-4D03-B110-99E14FD35BCE} =>.Lenovo Group Limited
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {65316098-0220-4D5C-B37A-6136083A0897} =>.Lenovo Group Limited
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {E966DBE4-5075-465E-BA81-BC9A3A3204B3} =>.Lenovo Group Limited
O42 - Logiciel: Dolby Digital Plus - (.Dolby Laboratories Inc.) [HKLM][64Bits] -- {D2CD7DCF-D129-4A54-8543-38BECC6CFDAE} =>.Dolby Laboratories Inc
O42 - Logiciel: Final Draft - (.Cast & Crew Production Software, LLC.) [HKLM][64Bits] -- {98CA9FD5-87B8-407B-B803-2DB8A05AACBE}
O42 - Logiciel: FlashBack Express 5 - (.Blueberry.) [HKLM][64Bits] -- FlashBack Express 5 =>.Blueberry Software Ltd®
O42 - Logiciel: Genesys USB Mass Storage Device - (.Genesys Logic.) [HKLM][64Bits] -- {959B7F35-2819-40C5-A0CD-3C53B5FCC935} =>.Genesys Logic
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM][64Bits] -- GOM Player =>.Gretech Corporation
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Harmony - (.Lenovo.) [HKLM][64Bits] -- {A06FD661-4B18-4054-B09C-E852D28E5AEB} =>.Lenovo
O42 - Logiciel: Harmony - (.Lenovo.) [HKLM][64Bits] -- {D02D9427-507D-4912-9285-97FCD5417E72} =>.Lenovo
O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {BD667C75-0EDD-4073-A406-A6DD9C3016EB} =>.Intel Corporation
O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel(R) Corporation.) [HKLM][64Bits] -- {f5d71765-7cd1-4e68-998f-5b379e725da3} =>.Intel Corporation - Software and Firmware Products®
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421} =>.Intel Corporation - pGFX®
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {085F8D6D-D06F-443B-A872-5B88C6391203} =>.Intel Corporation
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {1CEAC85D-2590-4760-800F-8DE5E91F3700} =>.Intel Corporation
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {D5EA481B-D855-4A0E-9E9A-21AB4F5A3C49} =>.Intel Corporation
O42 - Logiciel: Intel(R) ME UninstallLegacy - (.Intel Corporation.) [HKLM][64Bits] -- {D6C8B829-18A3-4E80-8B4B-1CFA9588A2E2} =>.Intel Corporation
O42 - Logiciel: Intel(R) PRO/Wireless Driver - (.Intel Corporation.) [HKLM][64Bits] -- {33d748b9-4100-4fef-bcdc-33e69f098c38} =>.Intel Corporation
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel(R) pGFX®
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {2CC64CFB-0B4F-45D1-94CB-3F68DC4A60AE} =>.Intel Corporation
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} =>.Intel Corporation
O42 - Logiciel: Intel(R) Serial IO - (.Intel Corporation.) [HKLM][64Bits] -- {9FD91C5C-44AE-4D9D-85BE-AE52816B0294} =>.Intel Corporation
O42 - Logiciel: Intel(R) Serial IO - (.Intel Corporation.) [HKLM][64Bits] -- {B7368FC9-A295-4A95-A9EB-AFD659BA7B71} =>.Intel Corporation
O42 - Logiciel: Intel(R) Update Manager - (.Intel Corporation.) [HKLM][64Bits] -- {7224B7CE-196C-4E2A-A1AE-1D7BF259FD36} =>.Intel Corporation
O42 - Logiciel: Intel(R) Wireless Bluetooth(R)(patch version 17.1.1449.356) - (.Intel Corporation.) [HKLM][64Bits] -- {302600C1-6BDF-4FD1-1411-148929CC1385} =>.Intel Corporation
O42 - Logiciel: Intel® PROSet/Wireless Software - (.Intel Corporation.) [HKLM][64Bits] -- {9bffdf20-c3a3-4e93-9cbf-61712c6a38be} =>.Intel Corporation-Wireless Connectivity Solutions®
O42 - Logiciel: Intel® PROSet/Wireless WiFi Software - (.Intel Corporation.) [HKLM][64Bits] -- {2ABB66D0-7921-46E4-AF7D-CF40323A10BB} =>.Intel Corporation
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {1B444AF9-1DBE-4884-8F35-969BEFCF69A8} =>.Intel Corporation
O42 - Logiciel: Internet Security Essentials - (.Comodo.) [HKLM][64Bits] -- ComodoIse =>.Comodo Security Solutions®
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {81C96689-EA5B-4B7D-A04F-16326EC51BC2} =>.Apple Inc.
O42 - Logiciel: Java 8 Update 111 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F32180111F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Lenovo App Services - (.Lenovo.) [HKLM][64Bits] -- Lenovo App Services =>.SweetLabs Inc.®
O42 - Logiciel: Lenovo EasyCamera - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Lenovo FusionEngine - (.Lenovo, Inc..) [HKLM][64Bits] -- Lenovo FusionEngine =>.Lenovo, Inc.
O42 - Logiciel: Lenovo Mobile Phone Wireless Import - (.Lenovo.) [HKLM][64Bits] -- {DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6} =>.Lenovo
O42 - Logiciel: Lenovo Mobile Phone Wireless Import - (.Lenovo.) [HKLM][64Bits] -- InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6} =>.Lenovo
O42 - Logiciel: Lenovo Motion Control - (.PointGrab.) [HKLM][64Bits] -- {D3F38500-4C99-4E4F-9786-B907224E13A1} =>.PointGrab
O42 - Logiciel: Lenovo Motion Control - (.PointGrab.) [HKLM][64Bits] -- InstallShield_{D3F38500-4C99-4E4F-9786-B907224E13A1} =>.PointGrab Ltd®
O42 - Logiciel: Lenovo OneKey Recovery - (.CyberLink Corp..) [HKLM][64Bits] -- {46F4D124-20E5-4D12-BE52-EC177A7A4B42} =>.CyberLink Corp.®
O42 - Logiciel: Lenovo OneKey Recovery - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42} =>.CyberLink Corp.®
O42 - Logiciel: Lenovo Patch Utility - (.Lenovo Group Limited.) [HKLM][64Bits] -- {E8F27ADF-B1ED-41AF-A7EF-D5E71778480C} =>.Lenovo Group Limited
O42 - Logiciel: Lenovo Patch Utility 64 bit - (.Lenovo Group Limited.) [HKLM][64Bits] -- {49A09C2C-FFF4-478E-B397-5E0979F67F5D} =>.Lenovo Group Limited
O42 - Logiciel: Lenovo PhoneCompanion - (.Lenovo.) [HKLM][64Bits] -- {0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B} =>.Lenovo
O42 - Logiciel: Lenovo PhoneCompanion - (.Lenovo.) [HKLM][64Bits] -- InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B} =>.Lenovo
O42 - Logiciel: Lenovo Photo Master - (.CyberLink Corp..) [HKLM][64Bits] -- {BC94C56A-3649-420C-8756-2ADEBE399D33} =>.CyberLink Corp.
O42 - Logiciel: Lenovo Reach - (.Stoneware, Inc..) [HKLM][64Bits] -- {3245D8C8-7FE0-4FD4-B04B-2720A333D592} =>.Stoneware, Inc.
O42 - Logiciel: Lenovo System Interface Foundation - (.Lenovo.) [HKLM][64Bits] -- {C2E5CA37-C862-4A69-AC6D-24F450A20C16} =>.Lenovo
O42 - Logiciel: LenovoUtility - (.Lenovo.) [HKLM][64Bits] -- {6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA} =>.Lenovo
O42 - Logiciel: LenovoUtility - (.Lenovo.) [HKLM][64Bits] -- InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA} =>.Lenovo
O42 - Logiciel: Lexmark Pro200-S500 Series - (.Lexmark International, Inc..) [HKLM][64Bits] -- Lexmark Pro200-S500 Series =>.Lexmark International, Inc.®
O42 - Logiciel: Metric Collection SDK 35 - (.Lenovo Group Limited.) [HKLM][64Bits] -- {C2B5B5B0-2545-4E94-B4BA-548D4BF0B196} =>.Lenovo Group Limited
O42 - Logiciel: NVIDIA 3D Vision Driver 362.00 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Backend - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Control Panel 362.00 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Elevated User Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.UserElevated =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA GeForce Experience 3.1.2.31 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Graphics Driver 362.00 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA LocalSystem Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Message Bus for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA NetworkService Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Optimus Update 2.13.0.21 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA PhysX System Software 9.16.0318 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA ShadowPlay 2.13.0.21 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay =>.NVIDIA Corporation
O42 - Logiciel: Nvidia Share - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo =>.NVIDIA Corporation®
O42 - Logiciel: NVIDIA Update 2.13.0.21 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA User Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Virtual Audio 3.40.1 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Watchdog Plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Wireless Controller Service - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService =>.NVIDIA Corporation
O42 - Logiciel: NvNodejs - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs =>.NVIDIA Corporation
O42 - Logiciel: NvTelemetry - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry =>.NVIDIA Corporation
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0000-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008F-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: OneKey Optimizer - (.Lenovo.) [HKLM][64Bits] -- {D5D573DC-D989-4769-9B56-D6A7EA503D7F} =>.Lenovo
O42 - Logiciel: OneKey Optimizer - (.Lenovo.) [HKLM][64Bits] -- InstallShield_{D5D573DC-D989-4769-9B56-D6A7EA503D7F} =>.Lenovo
O42 - Logiciel: ph - (.Your Company Name.) [HKLM][64Bits] -- {185F9795-9663-4F13-9EF9-307A282ADB5A} =>.Your Company Name
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM][64Bits] -- {FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} =>Riskware.QuickTime
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp®
O42 - Logiciel: SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv =>.NVIDIA Corporation
O42 - Logiciel: SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController =>.NVIDIA Corporation
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B} =>.Microsoft Corporation
O42 - Logiciel: Skype™ 7.30 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {FC965A47-4839-40CA-B618-18F486F042C6} =>.Skype Technologies S.A.
O42 - Logiciel: Spotify - (.Spotify AB.) [HKCU][64Bits] -- Spotify =>.Spotify AB®
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated
O42 - Logiciel: User Manuals - (.Lenovo.) [HKLM][64Bits] -- {F07C2CF8-4C53-4EC3-8162-A6221E36EB88} =>.Lenovo
O42 - Logiciel: User Manuals - (.Lenovo.) [HKLM][64Bits] -- InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88} =>.Lenovo
O42 - Logiciel: Web Companion - (.Lavasoft.) [HKLM][64Bits] -- {c640a44a-c241-4147-b69b-d01729ae375f} =>.Lavasoft
O42 - Logiciel: Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) - (.Lenovo.) [HKLM][64Bits] -- EE9B1F2037C580F36D92FA431CC02BFF04C31F15 =>.Lenovo (Beijing) Limited®
O42 - Logiciel: Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.28 - (.Lenovo.) [HKLM][64Bits] -- 6BCA401E9CBEED970D75F55FA5320F60D11984E9 =>.Lenovo (Beijing) Limited®
O42 - Logiciel: ZoomInfo Contact Contributor - (..) [HKCU][64Bits] -- ZoomInfo Contact Contributor

---\\ HKCU & HKLM Software Keys (105) - 7s
HKLM\SOFTWARE\Wow6432Node\Adobe =>.Adobe
HKLM\SOFTWARE\Wow6432Node\Adware Removal Tool by TSA
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc. =>.Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Blueberry Software
HKLM\SOFTWARE\Wow6432Node\ComodoGroup =>.ComodoGroup
HKLM\SOFTWARE\Wow6432Node\CyberLink =>.CyberLink Corporation
HKLM\SOFTWARE\Wow6432Node\DigitalWave =>.DigitalWave Corporation
HKLM\SOFTWARE\Wow6432Node\dingdongde
HKLM\SOFTWARE\Wow6432Node\dnding
HKLM\SOFTWARE\Wow6432Node\Eset =>.ESET
HKLM\SOFTWARE\Wow6432Node\Free YouTube Downloader =>.DawnArk, Inc
HKLM\SOFTWARE\Wow6432Node\FreeYouTubeDownloader =>.DawnArk, Inc
HKLM\SOFTWARE\Wow6432Node\FusionEngine =>.FusionEngine
HKLM\SOFTWARE\Wow6432Node\Genesys Logic =>.Genesys Logic
HKLM\SOFTWARE\Wow6432Node\Google =>.Google
HKLM\SOFTWARE\Wow6432Node\GRETECH =>.Gretech
HKLM\SOFTWARE\Wow6432Node\HaaliMkx =>.Haali Media
HKLM\SOFTWARE\Wow6432Node\IM Providers =>.IM Providers
HKLM\SOFTWARE\Wow6432Node\Intel =>.Intel
HKLM\SOFTWARE\Wow6432Node\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\Wow6432Node\Lenovo =>.Lenovo
HKLM\SOFTWARE\Wow6432Node\Lexmark =>.Lexmark
HKLM\SOFTWARE\Wow6432Node\LexmarkInkjet =>.Lexmark
HKLM\SOFTWARE\Wow6432Node\Macromedia =>.Macromedia
HKLM\SOFTWARE\Wow6432Node\Macrovision =>.Macrovision
HKLM\SOFTWARE\Wow6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nuance =>.Nuance
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Wow6432Node\PointGrab =>.PointGrab
HKLM\SOFTWARE\Wow6432Node\Realtek =>.Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\SHAREit =>.Lenovo Group Limited
HKLM\SOFTWARE\Wow6432Node\Skype =>.Skype
HKLM\SOFTWARE\Wow6432Node\Software =>.Unknow
HKLM\SOFTWARE\Wow6432Node\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\Wow6432Node\Norton =>.Norton
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\ABSoft =>.ABSoft
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\Apowersoft =>.Apowersoft
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc. =>.Apple Inc.
HKCU\SOFTWARE\Atlassian =>.Atlassian
HKCU\SOFTWARE\AVAST Software =>.AVAST Software
HKCU\SOFTWARE\Blueberry Software
HKCU\SOFTWARE\BugSplat =>.Bugsplat Game
HKCU\SOFTWARE\CanonBJ =>.Canon Inc.
HKCU\SOFTWARE\Chromium =>.Chromium
HKCU\SOFTWARE\Cisco =>.Cisco
HKCU\SOFTWARE\ComodoGroup =>.ComodoGroup
HKCU\SOFTWARE\Cyberlink =>.CyberLink Corporation
HKCU\SOFTWARE\DVDVideoSoft =>.DVDVideoSoft
HKCU\SOFTWARE\eBook Pro
HKCU\SOFTWARE\Evaer
HKCU\SOFTWARE\Final Draft
HKCU\SOFTWARE\FLEXlm License Manager =>.FlexNet
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\GRETECH =>.Gretech
HKCU\SOFTWARE\Haali =>.Haali Media
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\iZotope =>.iZotope
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\LAV =>.LAV Inc
HKCU\SOFTWARE\Lenovo =>.Lenovo
HKCU\SOFTWARE\LexmarkInkjet =>.Lexmark
HKCU\SOFTWARE\LexmarkPhoto =>.Lexmark
HKCU\SOFTWARE\LogSys
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\malavida =>.Maladiva.com
HKCU\SOFTWARE\Malwarebytes =>.Malwarebytes
HKCU\SOFTWARE\Manufacturer
HKCU\SOFTWARE\McAfee =>.McAfee Inc.
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MPC-HC =>.MPC-HC Team
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\Norton =>.Norton
HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKCU\SOFTWARE\O&O =>.O&O Software GmbH
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\PTP =>.PTP Software
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\Realtek =>.Realtek
HKCU\SOFTWARE\Redemption =>.Legitimate
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\Spotify =>.Spotify
HKCU\SOFTWARE\Synaptics =>.Synaptics
HKCU\SOFTWARE\Sysinternals =>.Sysinternals
HKCU\SOFTWARE\vodburner
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\Zemana =>.Zemana
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Norton =>.Norton

---\\ Contents of the Common Files folders (283) - 34s
O43 - CFD: 05/10/2016 - [] AD -- C:\Program Files\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 07/06/2015 - [] D -- C:\Program Files\Adobe Photo =>.Adobe Inc.
O43 - CFD: 28/01/2016 - [] AD -- C:\Program Files\Bonjour =>.Apple Inc.
O43 - CFD: 06/01/2017 - [] D -- C:\Program Files\CCleaner =>.Piriform
O43 - CFD: 08/01/2017 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 04/01/2017 - [0] D -- C:\Program Files\COMODO =>.Comodo
O43 - CFD: 07/06/2015 - [] D -- C:\Program Files\DIFX =>.Microsoft Corporation
O43 - CFD: 07/06/2015 - [] D -- C:\Program Files\Dolby =>.Dolby
O43 - CFD: 07/06/2015 - [] D -- C:\Program Files\Google Play Music =>.Google Inc.
O43 - CFD: 18/09/2016 - [] AD -- C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 11/12/2016 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 06/01/2017 - [] D -- C:\Program Files\iPod =>.Apple Inc.®
O43 - CFD: 06/01/2017 - [] D -- C:\Program Files\iTunes =>.Apple Inc.
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files\Lenovo =>.Lenovo
O43 - CFD: 07/06/2015 - [] D -- C:\Program Files\Lenovo PhoneCompanion =>.Lenovo
O43 - CFD: 07/06/2015 - [] D -- C:\Program Files\Lenovo PhotoMasterImport =>.Lenovo (Beijing) Limited®
O43 - CFD: 26/12/2016 - [] D -- C:\Program Files\Lexmark =>.Lexmark
O43 - CFD: 26/12/2016 - [] D -- C:\Program Files\Lexmark Pro200-S500 Series =>.Lexmark
O43 - CFD: 04/01/2017 - [] D -- C:\Program Files\Malwarebytes =>.Malwarebytes
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\Microsoft Office 15 =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 04/11/2016 - [] AD -- C:\Program Files\Neat Video for Premiere =>.ABsoft
O43 - CFD: 28/11/2016 - [] D -- C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 18/09/2016 - [] D -- C:\Program Files\Realtek =>.Realtek
O43 - CFD: 18/09/2016 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated®
O43 - CFD: 22/08/2013 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 20/09/2016 - [] RD -- C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 11/10/2016 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 27/10/2016 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 11/10/2016 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [] SHD -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 05/01/2017 - [] HD -- C:\Program Files\WindowsApps =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 03/10/2016 - [] AD -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 10/01/2016 - [] AD -- C:\Program Files (x86)\Adobe Story CC
O43 - CFD: 06/01/2017 - [] D -- C:\Program Files (x86)\Adware Removal Tool by TSA
O43 - CFD: 15/05/2016 - [] AD -- C:\Program Files (x86)\Apple Software Update =>.Apple Inc.
O43 - CFD: 12/08/2016 - [] D -- C:\Program Files (x86)\Atlassian =>.BugSplat LLC®
O43 - CFD: 23/09/2016 - [] D -- C:\Program Files (x86)\Blueberry Software =>.Blueberry Software
O43 - CFD: 28/01/2016 - [] AD -- C:\Program Files (x86)\Bonjour =>.Apple Inc.
O43 - CFD: 07/06/2015 - [0] D -- C:\Program Files (x86)\Cisco =>.Cisco
O43 - CFD: 06/01/2017 - [] D -- C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files (x86)\CyberLink =>.CyberLink Corporation
O43 - CFD: 23/09/2016 - [] D -- C:\Program Files (x86)\DVDVideoSoft =>.DVDVideoSoft
O43 - CFD: 04/01/2017 - [] D -- C:\Program Files (x86)\Final Draft 10
O43 - CFD: 23/09/2016 - [] D -- C:\Program Files (x86)\FreeCodecPack =>.Free Codec Pack
O43 - CFD: 04/01/2017 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 01/12/2016 - [] D -- C:\Program Files (x86)\GRETECH =>.GRETECH®
O43 - CFD: 17/11/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield Software
O43 - CFD: 08/01/2016 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation
O43 - CFD: 05/01/2017 - [] D -- C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 11/11/2016 - [] D -- C:\Program Files (x86)\Java =>.Oracle
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files (x86)\Lenovo =>.Lenovo
O43 - CFD: 07/06/2015 - [] AD -- C:\Program Files (x86)\Lenovo PhoneCompanion =>.Lenovo
O43 - CFD: 26/12/2016 - [] D -- C:\Program Files (x86)\Lexmark Pro200-S500 Series =>.Lexmark
O43 - CFD: 26/12/2016 - [] D -- C:\Program Files (x86)\Lexmark Toolbar =>.Lexmark
O43 - CFD: 04/01/2017 - [] AD -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [] D -- C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 06/01/2017 - [] AD -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla
O43 - CFD: 04/01/2017 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla
O43 - CFD: 18/09/2016 - [] D -- C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\My Company Name =>.My Company Name
O43 - CFD: 07/06/2015 - [0] D -- C:\Program Files (x86)\New Folder
O43 - CFD: 08/01/2017 - [] D -- C:\Program Files (x86)\Norton Security =>.Symantec
O43 - CFD: 08/01/2017 - [] D -- C:\Program Files (x86)\NortonInstaller =>.Symantec
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files (x86)\NSIS Uninstall Information =>.MSIS
O43 - CFD: 28/11/2016 - [] D -- C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 07/06/2015 - [] D -- C:\Program Files (x86)\Realtek =>.Realtek
O43 - CFD: 18/09/2016 - [] D -- C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 06/01/2017 - [] RD -- C:\Program Files (x86)\Skype =>.Skype
O43 - CFD: 07/06/2015 - [0] HD -- C:\Program Files (x86)\Temp =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [0] HD -- C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 01/12/2016 - [] D -- C:\Program Files (x86)\Vitzo =>.Vitzo Ltd
O43 - CFD: 20/09/2016 - [] D -- C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 20/09/2016 - [] D -- C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 27/10/2016 - [] D -- C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 11/10/2016 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [] SHD -- C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 07/01/2017 - [0] D -- C:\Program Files (x86)\Zemana AntiMalware =>.Zemana
O43 - CFD: 16/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 11/12/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 09/11/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 18/09/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe =>.Adobe
O43 - CFD: 23/09/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blueberry Software =>.Blueberry Software
O43 - CFD: 06/01/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform
O43 - CFD: 18/09/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby =>.Dolby
O43 - CFD: 01/12/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM
O43 - CFD: 18/09/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HipChat
O43 - CFD: 18/09/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel =>.Intel Corporation
O43 - CFD: 06/01/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes =>.Apple Inc.
O43 - CFD: 11/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
O43 - CFD: 01/12/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft =>.Lavasoft
O43 - CFD: 17/11/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo =>.Lenovo
O43 - CFD: 17/11/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photo Master =>.Lenovo
O43 - CFD: 18/09/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Reach
O43 - CFD: 26/12/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark =>.Lexmark
O43 - CFD: 16/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 04/01/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes =>.Malwarebytes
O43 - CFD: 18/09/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools =>.Microsoft Corporation
O43 - CFD: 04/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neat Video for Premiere =>.ABsoft
O43 - CFD: 28/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 01/12/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio =>.OBS Studio
O43 - CFD: 18/09/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek =>.Realtek
O43 - CFD: 18/09/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype =>.Skype
O43 - CFD: 04/01/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 28/01/2016 - [] D -- C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 28/01/2016 - [] D -- C:\ProgramData\Apple Computer =>.Apple Inc.
O43 - CFD: 18/09/2016 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 23/09/2016 - [] D -- C:\ProgramData\Blueberry =>.Blueberry
O43 - CFD: 01/12/2016 - [] D -- C:\ProgramData\boost_interprocess =>.boost.org
O43 - CFD: 13/01/2016 - [] HD -- C:\ProgramData\CanonBJ =>.Canon Inc.
O43 - CFD: 16/07/2016 - [0] D -- C:\ProgramData\Comms =>.Microsoft Corporation
O43 - CFD: 04/01/2017 - [] D -- C:\ProgramData\COMODO =>.Comodo
O43 - CFD: 04/01/2017 - [] D -- C:\ProgramData\CyberLink =>.CyberLink Corporation
O43 - CFD: 18/09/2016 - [0] SHD -- C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 07/06/2015 - [] D -- C:\ProgramData\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 26/12/2016 - [] D -- C:\ProgramData\Ezprint =>.Lexmark
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Final Draft
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\FLEXnet =>.Flexera Software
O43 - CFD: 17/11/2016 - [] D -- C:\ProgramData\install_clap =>.Microsoft Corporation
O43 - CFD: 08/01/2016 - [] D -- C:\ProgramData\Intel =>.Intel Corporation
O43 - CFD: 07/06/2015 - [] D -- C:\ProgramData\Intel(R) Update Manager
O43 - CFD: 07/06/2015 - [] D -- C:\ProgramData\Intel.sav =>.Intel Corporation
O43 - CFD: 05/01/2017 - [0] D -- C:\ProgramData\Lavasoft =>.Lavasoft
O43 - CFD: 05/08/2016 - [] D -- C:\ProgramData\Lenovo =>.Lenovo
O43 - CFD: 05/01/2017 - [] D -- C:\ProgramData\Lenovo App Services
O43 - CFD: 07/06/2015 - [] D -- C:\ProgramData\LenovoTransition =>.Lenovo Group Limited
O43 - CFD: 23/09/2016 - [] D -- C:\ProgramData\LogSys
O43 - CFD: 26/12/2016 - [] D -- C:\ProgramData\Lx_cats =>.Lewmark
O43 - CFD: 04/01/2017 - [] D -- C:\ProgramData\Malwarebytes =>.Malwarebytes
O43 - CFD: 08/01/2016 - [] D -- C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 05/01/2017 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [] D -- C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation
O43 - CFD: 05/01/2017 - [] D -- C:\ProgramData\Norton =>.Norton
O43 - CFD: 05/01/2017 - [] D -- C:\ProgramData\NortonInstaller =>.Symantec
O43 - CFD: 08/01/2017 - [] D -- C:\ProgramData\NVIDIA =>.nVidia Corporation
O43 - CFD: 28/11/2016 - [] D -- C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 10/01/2016 - [0] D -- C:\ProgramData\Office2013 =>.Microsoft Corporation
O43 - CFD: 30/08/2015 - [] D -- C:\ProgramData\OneKey Optimizer
O43 - CFD: 07/06/2015 - [] D -- C:\ProgramData\OneKey Recovery =>.Lenovo
O43 - CFD: 11/11/2016 - [] D -- C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 05/01/2017 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [] D -- C:\ProgramData\regid.1986-12.com.adobe =>.Adobe Inc.
O43 - CFD: 22/12/2016 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 07/06/2015 - [] D -- C:\ProgramData\Roaming =>.Microsoft Corporation
O43 - CFD: 06/01/2017 - [] D -- C:\ProgramData\RogueKiller =>.Adlice Software
O43 - CFD: 06/01/2017 - [] D -- C:\ProgramData\Skype =>.Skype
O43 - CFD: 16/07/2016 - [0] D -- C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [0] SHD -- C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 17/11/2016 - [0] D -- C:\ProgramData\SUPPORTDIR =>.Microsoft Corporation
O43 - CFD: 17/11/2016 - [] D -- C:\ProgramData\Temp =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [0] SHD -- C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [] D -- C:\ProgramData\USOPrivate =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [] D -- C:\ProgramData\USOShared =>.Microsoft Corporation
O43 - CFD: 03/10/2016 - [] AD -- C:\Program Files (x86)\Common Files\Adobe =>.Adobe
O43 - CFD: 06/01/2017 - [] AD -- C:\Program Files (x86)\Common Files\Adobe AIR =>.Adobe Inc.
O43 - CFD: 28/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Apple =>.Apple Inc.
O43 - CFD: 23/09/2016 - [] D -- C:\Program Files (x86)\Common Files\Blueberry Software =>.Blueberry Software
O43 - CFD: 04/01/2017 - [0] D -- C:\Program Files (x86)\Common Files\COMODO =>.Comodo
O43 - CFD: 22/12/2016 - [] AD -- C:\Program Files (x86)\Common Files\DESIGNER =>.Designer
O43 - CFD: 07/06/2015 - [] D -- C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield
O43 - CFD: 18/09/2016 - [] D -- C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation
O43 - CFD: 07/06/2015 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation =>.Intel Corporation
O43 - CFD: 11/11/2016 - [] D -- C:\Program Files (x86)\Common Files\Java =>.Oracle
O43 - CFD: 22/02/2016 - [] D -- C:\Program Files (x86)\Common Files\Lenovo =>.Lenovo
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Macrovision Shared =>.Macrovision
O43 - CFD: 22/12/2016 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared =>.Microsoft Corporation
O43 - CFD: 07/06/2015 - [] D -- C:\Program Files (x86)\Common Files\Nikon =>.Nikon
O43 - CFD: 07/06/2015 - [] D -- C:\Program Files (x86)\Common Files\PostureAgent =>.Microsoft Corporation
O43 - CFD: 10/01/2016 - [] AD -- C:\Program Files (x86)\Common Files\PX Storage Engine =>.Sonic
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 06/01/2017 - [] D -- C:\Program Files (x86)\Common Files\Skype =>.Skype
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Sonic Shared =>.Sonic
O43 - CFD: 05/01/2017 - [] D -- C:\Program Files (x86)\Common Files\Symantec Shared =>.Symantec
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 31/07/2016 - [] D -- C:\Users\Clint\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 05/10/2016 - [] D -- C:\Users\Clint\AppData\Roaming\Apowersoft =>.Apowersoft
O43 - CFD: 28/01/2016 - [] D -- C:\Users\Clint\AppData\Roaming\Apple Computer =>.Apple Inc.
O43 - CFD: 06/12/2016 - [] D -- C:\Users\Clint\AppData\Roaming\Atlassian =>.Atlassian
O43 - CFD: 04/01/2017 - [] D -- C:\Users\Clint\AppData\Roaming\Blueberry =>.Blueberry
O43 - CFD: 11/01/2016 - [] D -- C:\Users\Clint\AppData\Roaming\com.adobe.AdobeStory =>.Adobe Inc.
O43 - CFD: 11/01/2016 - [] D -- C:\Users\Clint\AppData\Roaming\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 =>.Adobe Inc.
O43 - CFD: 06/01/2017 - [] D -- C:\Users\Clint\AppData\Roaming\CrystalIdea Software =>.CrystalIdea Software
O43 - CFD: 23/09/2016 - [] D -- C:\Users\Clint\AppData\Roaming\DVDVideoSoft =>.DVDVideoSoft
O43 - CFD: 12/09/2016 - [0] D -- C:\Users\Clint\AppData\Roaming\eBookPro6
O43 - CFD: 23/09/2016 - [] D -- C:\Users\Clint\AppData\Roaming\Evaer
O43 - CFD: 04/01/2017 - [] D -- C:\Users\Clint\AppData\Roaming\Final Draft
O43 - CFD: 01/12/2016 - [] D -- C:\Users\Clint\AppData\Roaming\GRETECH =>.Gretech
O43 - CFD: 08/01/2016 - [] D -- C:\Users\Clint\AppData\Roaming\Intel =>.Intel Corporation
O43 - CFD: 08/01/2016 - [] D -- C:\Users\Clint\AppData\Roaming\Intel Corporation =>.Intel Corporation
O43 - CFD: 05/01/2017 - [0] D -- C:\Users\Clint\AppData\Roaming\Lavasoft =>.Lavasoft
O43 - CFD: 23/09/2016 - [] D -- C:\Users\Clint\AppData\Roaming\LogSys
O43 - CFD: 08/01/2016 - [] D -- C:\Users\Clint\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 05/01/2017 - [] SD -- C:\Users\Clint\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 09/01/2016 - [] D -- C:\Users\Clint\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 10/01/2016 - [] D -- C:\Users\Clint\AppData\Roaming\NVIDIA =>.nVidia Corporation
O43 - CFD: 01/12/2016 - [] D -- C:\Users\Clint\AppData\Roaming\obs-studio =>.OBS-Studio
O43 - CFD: 06/01/2017 - [] D -- C:\Users\Clint\AppData\Roaming\Skype =>.Skype
O43 - CFD: 01/12/2016 - [] D -- C:\Users\Clint\AppData\Roaming\SoftCDN =>.SoftCDN
O43 - CFD: 18/12/2016 - [] D -- C:\Users\Clint\AppData\Roaming\Spotify =>.Spotify
O43 - CFD: 21/01/2016 - [] D -- C:\Users\Clint\AppData\Roaming\Sun =>.Oracle
O43 - CFD: 06/11/2016 - [] D -- C:\Users\Clint\AppData\Roaming\Vitzo =>.Vitzo Ltd
O43 - CFD: 08/01/2017 - [] D -- C:\Users\Clint\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 09/01/2016 - [0] D -- C:\Users\Clint\AppData\Local\ActiveSync =>.Microsoft Corporation
O43 - CFD: 06/01/2017 - [] D -- C:\Users\Clint\AppData\Local\Adobe =>.Adobe
O43 - CFD: 05/10/2016 - [] D -- C:\Users\Clint\AppData\Local\Apowersoft =>.Apowersoft
O43 - CFD: 28/01/2016 - [] D -- C:\Users\Clint\AppData\Local\Apple =>.Apple Inc.
O43 - CFD: 01/12/2016 - [] D -- C:\Users\Clint\AppData\Local\Apple Computer =>.Apple Inc.
O43 - CFD: 18/09/2016 - [0] SHD -- C:\Users\Clint\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 12/08/2016 - [] D -- C:\Users\Clint\AppData\Local\Atlassian =>.Atlassian
O43 - CFD: 09/01/2016 - [] D -- C:\Users\Clint\AppData\Local\CEF =>.CEF
O43 - CFD: 08/11/2016 - [] D -- C:\Users\Clint\AppData\Local\Cisco =>.Cisco
O43 - CFD: 23/02/2016 - [] D -- C:\Users\Clint\AppData\Local\Comms =>.Microsoft Corporation
O43 - CFD: 20/09/2016 - [] D -- C:\Users\Clint\AppData\Local\ConnectedDevicesPlatform =>.Microsoft Corporation
O43 - CFD: 06/01/2017 - [0] D -- C:\Users\Clint\AppData\Local\CrashDumps =>.Microsoft Corporation
O43 - CFD: 06/08/2016 - [] D -- C:\Users\Clint\AppData\Local\CyberLink =>.CyberLink Corporation
O43 - CFD: 19/12/2016 - [] D -- C:\Users\Clint\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 10/01/2016 - [] D -- C:\Users\Clint\AppData\Local\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 27/10/2016 - [] D -- C:\Users\Clint\AppData\Local\Google =>.Google
O43 - CFD: 08/01/2016 - [] D -- C:\Users\Clint\AppData\Local\GWX =>.GWX
O43 - CFD: 18/09/2016 - [0] SHD -- C:\Users\Clint\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 01/12/2016 - [] D -- C:\Users\Clint\AppData\Local\Lavasoft =>.Lavasoft
O43 - CFD: 27/07/2016 - [] D -- C:\Users\Clint\AppData\Local\Lenovo =>.Lenovo
O43 - CFD: 10/01/2016 - [] D -- C:\Users\Clint\AppData\Local\Macromedia =>.Macromedia
O43 - CFD: 04/01/2017 - [] D -- C:\Users\Clint\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 04/01/2017 - [] D -- C:\Users\Clint\AppData\Local\MicrosoftEdge =>.Microsoft Corporation
O43 - CFD: 05/01/2017 - [] D -- C:\Users\Clint\AppData\Local\Microsoft_Corporation =>.Microsoft Corporation
O43 - CFD: 09/01/2016 - [] D -- C:\Users\Clint\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 09/01/2016 - [0] D -- C:\Users\Clint\AppData\Local\NetworkTiles =>.NetworkTiles
O43 - CFD: 04/01/2017 - [] D -- C:\Users\Clint\AppData\Local\node-webkit =>.Intel
O43 - CFD: 28/10/2016 - [] D -- C:\Users\Clint\AppData\Local\NVIDIA =>.nVidia Corporation
O43 - CFD: 28/10/2016 - [] D -- C:\Users\Clint\AppData\Local\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 21/02/2016 - [] D -- C:\Users\Clint\AppData\Local\OfficeBSCache-MyComputer
O43 - CFD: 15/12/2016 - [] D -- C:\Users\Clint\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 22/02/2016 - [] D -- C:\Users\Clint\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 09/01/2016 - [] D -- C:\Users\Clint\AppData\Local\Publishers =>.Microsoft Corporation
O43 - CFD: 05/08/2016 - [] D -- C:\Users\Clint\AppData\Local\SHAREit =>.Lenovo Group Limited
O43 - CFD: 18/12/2016 - [] D -- C:\Users\Clint\AppData\Local\Spotify =>.Spotify
O43 - CFD: 08/01/2017 - [] D -- C:\Users\Clint\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [0] SHD -- C:\Users\Clint\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 09/01/2016 - [] D -- C:\Users\Clint\AppData\Local\TileDataLayer =>.Microsoft Corporation
O43 - CFD: 08/01/2016 - [0] D -- C:\Users\Clint\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 06/01/2017 - [] D -- C:\Users\Clint\AppData\Local\Zemana =>.Zemana
O43 - CFD: 16/11/2016 - [] D -- C:\Users\Clint\AppData\Local\ZoomInfoCEUtility
O43 - CFD: 22/02/2016 - [0] D -- C:\Users\Clint\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [] RD -- C:\Users\Clint\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 06/01/2017 - [] RD -- C:\Users\Clint\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 11/12/2016 - [] RD -- C:\Users\Clint\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 16/07/2016 - [] D -- C:\Users\Clint\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 06/01/2017 - [] RD -- C:\Users\Clint\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [] RD -- C:\Users\Clint\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [] RD -- C:\Users\Clint\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 16/11/2016 - [] D -- C:\Users\Clint\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZoomInfo Contact Contributor
O43 - CFD: 18/09/2016 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [0] SHD -- C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [0] SHD -- C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 18/09/2016 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 03/10/2016 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Adobe =>.Adobe
O43 - CFD: 05/01/2017 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\CrashDumps =>.Microsoft Corporation
O43 - CFD: 17/11/2016 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\CyberLink =>.CyberLink Corporation
O43 - CFD: 04/01/2017 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 17/11/2016 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 06/01/2017 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Zemana =>.Zemana
O43 - CFD: 17/11/2016 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\CyberLink =>.CyberLink Corporation
O43 - CFD: 23/09/2016 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\DVDVideoSoft =>.DVDVideoSoft
O43 - CFD: 18/09/2016 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation

---\\ ShellIconOverlayIdentifiers (SIOI) (8) - 1s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Clint\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Clint\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Clint\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Clint\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Clint\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL =>.Microsoft Corporation®

---\\ System Drivers List (81) - 8s
O58 - SDL:2016/07/16 03:41:53 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [324224] =>.Microsoft Windows®
O58 - SDL:2015/06/07 07:46:15 A . (.Lenovo Corporation - ACPI Virtual Power Controller Driver.) -- C:\WINDOWS\System32\drivers\AcpiVpc.sys [324224] =>.Lenovo (Beijing) Limited®
O58 - SDL:2016/07/16 03:41:53 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn.sys [324224] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2016/07/16 03:41:53 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [324224] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2016/07/16 03:41:52 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [324224] =>.Microsoft Windows®
O58 - SDL:2012/04/24 03:01:00 A . (.Corel Corporation - CDR4 64-bit CD and DVD Place Holder Driver.) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [324224] =>.Corel Corporation®
O58 - SDL:2012/04/24 03:01:00 A . (.Corel Corporation - CDRAL 64-bit Place Holder Driver (see PxHel.) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [324224] =>.Corel Corporation®
O58 - SDL:2016/07/16 03:41:53 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\cht4dx64.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) -- C:\WINDOWS\System32\drivers\cht4sx64.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T4 Chipset.) -- C:\WINDOWS\System32\drivers\cht4vx64.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:52 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [324224] =>.Microsoft Windows®
O58 - SDL:2017/01/08 09:45:41 A . (.Malwarebytes - Malwarebytes Anti-Ransomware Protection.) -- C:\WINDOWS\System32\drivers\farflt.sys [324224] =>.Malwarebytes Corporation®
O58 - SDL:2014/11/20 09:43:58 A . (.Windows (R) Win 7 DDK provider - WINNT/2K/XP/2003 Driver.) -- C:\WINDOWS\System32\drivers\Fastboot.sys [324224] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2014/04/17 00:38:36 A . (.GenesysLogic - GeneStor.) -- C:\WINDOWS\System32\drivers\GeneStor.sys [324224] =>.GENESYS LOGIC, INC.®
O58 - SDL:2016/07/16 03:41:53 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:54 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys [324224] =>.Intel(R) Corporation
O58 - SDL:2016/07/16 03:41:54 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [324224] =>.Intel(R) Corporation
O58 - SDL:2016/07/16 03:41:54 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [324224] =>.Intel Corporation
O58 - SDL:2016/07/16 03:41:54 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [324224] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
O58 - SDL:2016/07/16 03:41:52 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [324224] =>.Intel Corporation - Client Components Group®
O58 - SDL:2016/07/16 03:41:50 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [324224] =>.Intel Corporation
O58 - SDL:2014/10/09 13:54:44 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver -.) -- C:\WINDOWS\System32\drivers\iaStorA.sys [324224] =>.Intel® Rapid Storage Technology®
O58 - SDL:2016/07/16 03:41:53 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [324224] =>.Microsoft Windows®
O58 - SDL:2015/07/14 20:27:40 A . (.Intel Corporation - Intel(R) Wireless Bluetooth(R) USB Driver.) -- C:\WINDOWS\System32\drivers\ibtusb.sys [324224] =>.Intel Corporation-Wireless Connectivity Solutions®
O58 - SDL:2016/05/06 23:26:10 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [324224] =>.Intel(R) pGFX®
O58 - SDL:2016/03/28 10:29:22 N . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [324224] =>.Intel(R) OWR®
O58 - SDL:2014/08/04 14:03:02 A . (.Authors - .) -- C:\WINDOWS\System32\drivers\KMDFVirtualKbd.sys [324224] =>.Lenovo (Beijing) Limited®
O58 - SDL:2014/08/04 14:04:10 A . (.Authors - .) -- C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys [324224] =>.Lenovo (Beijing) Limited®
O58 - SDL:2016/07/16 03:41:53 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [324224] =>.Microsoft Windows®
O58 - SDL:2017/01/05 12:38:49 A . (.Authors - .) -- C:\WINDOWS\System32\drivers\mbae64.sys [324224] =>.Malwarebytes Corporation®
O58 - SDL:2017/01/08 09:45:36 A . (.Malwarebytes - Malwarebytes Real-Time Protection.) -- C:\WINDOWS\System32\drivers\mbam.sys [324224] =>.Malwarebytes Corporation®
O58 - SDL:2017/01/04 15:53:31 A . (.Malwarebytes - Malwarebytes Chameleon.) -- C:\WINDOWS\System32\drivers\MBAMChameleon.sys [324224] =>.Malwarebytes Corporation®
O58 - SDL:2017/01/08 09:45:24 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [324224] =>.Malwarebytes Corporation®
O58 - SDL:2016/07/16 03:41:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/10/05 02:09:07 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [324224] =>.Microsoft Windows®
O58 - SDL:2017/01/08 09:45:40 A . (.Malwarebytes - Malwarebytes Web Protection.) -- C:\WINDOWS\System32\drivers\mwac.sys [324224] =>.Malwarebytes Corporation®
O58 - SDL:2016/07/16 03:41:53 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:42:03 A . (.Authors - .) -- C:\WINDOWS\System32\drivers\NetAdapterCx.sys [324224] =>.Microsoft Corporation
O58 - SDL:2016/07/16 03:41:50 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\WINDOWS\System32\drivers\Netwbw02.sys [324224] =>.Intel Corporation
O58 - SDL:2016/02/24 17:04:48 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys [324224] =>.NVIDIA Corporation®
O58 - SDL:2016/07/16 03:41:53 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/11/17 05:45:29 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\WINDOWS\System32\drivers\nvvad64v.sys [324224] =>.NVIDIA Corporation®
O58 - SDL:2016/07/16 03:41:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [324224] =>.Microsoft Windows®
O58 - SDL:2012/06/22 03:01:00 A . (.Corel Corporation - Px Engine Device Driver for 64-bit (x86-64).) -- C:\WINDOWS\System32\drivers\PxHlpa64.sys [324224] =>.Corel Corporation®
O58 - SDL:2015/07/22 18:56:22 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Dr.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [324224] =>.Realtek Semiconductor Corp®
O58 - SDL:2015/11/18 00:56:28 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [324224] =>.Realtek Semiconductor Corp®
O58 - SDL:2015/06/02 10:53:08 A . (.Realtek Semiconductor Corp. - Realtek UVC Driver for Vista/Win7/Win8/Win8.) -- C:\WINDOWS\System32\drivers\rtsuvc.sys [324224] =>.Realtek Semiconductor Corp®
O58 - SDL:2016/07/16 03:41:53 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [324224] =>.Microsoft Windows®
O58 - SDL:2015/08/11 04:48:50 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys [324224] =>.Synaptics Incorporated®
O58 - SDL:2015/08/11 04:48:50 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [324224] =>.Synaptics Incorporated®
O58 - SDL:2015/08/11 04:48:50 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys [324224] =>.Synaptics Incorporated®
O58 - SDL:2016/04/24 23:35:52 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [324224] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2016/04/24 23:35:58 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [324224] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2016/07/16 03:41:53 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [324224] =>.Microsoft Windows®
O58 - SDL:2017/01/05 11:41:14 A . (.Symantec Corporation - Symantec Event Library.) -- C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS [324224] =>.Symantec Corporation®
O58 - SDL:2015/08/11 04:48:50 A . (.Synaptics Incorporated - Synaptics I2C Driver.) -- C:\WINDOWS\System32\drivers\SynRMIHID_Aux.sys [324224] =>.Synaptics Incorporated®
O58 - SDL:2015/08/11 04:48:50 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [324224] =>.Synaptics Incorporated®
O58 - SDL:2014/10/10 08:37:14 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverx64.sys [324224] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
O58 - SDL:2017/01/06 17:20:05 A . (.Authors - .) -- C:\WINDOWS\System32\drivers\TrueSight.sys [324224] =>.Adlice®
O58 - SDL:2016/07/16 03:41:53 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/07/16 03:41:53 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [324224] =>.Microsoft Windows®
O58 - SDL:2012/06/13 17:10:32 A . (."CyberLink - Cyberlink Virtual Disk Driver.) -- C:\WINDOWS\System32\drivers\wsvd.sys [324224] =>.CyberLink®
O58 - SDL:2017/01/06 08:48:49 A . (.Zemana Ltd. - ZAM.) -- C:\WINDOWS\System32\drivers\zamguard64.sys [324224] =>.Zemana Ltd.®

---\\ File Associations Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (8) - 0s
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

---\\ Search Browser Infection (5) - 6s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {154734F9-8847-445E-9FA4-85593E3AEACB} - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - (Google) - http://www.google.com/ =>.Google Inc.
O69 - SBI: SearchScopes [HKLM] {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - (Google) - http://www.google.com/ =>.Google Inc.

---\\ Search Svchost Services (45) - 0s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\WINDOWS\System32\gpsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\WINDOWS\System32\ikeext.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\WINDOWS\System32\iphlpsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\WINDOWS\System32\appinfo.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\WINDOWS\system32\iscsiexe.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\WINDOWS\System32\eapsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\WINDOWS\system32\schedsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\WINDOWS\System32\wercplsupport.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\WINDOWS\system32\themeservice.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\WINDOWS\System32\lfsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infrared Monitor.) -- C:\WINDOWS\System32\irmon.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\System32\sens.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\System32\ipnathlp.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) -- C:\WINDOWS\system32\WpnService.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\WINDOWS\System32\bdesvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\WINDOWS\System32\ncasvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight Settings.) -- C:\WINDOWS\system32\flightsettings.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\WINDOWS\system32\wlidsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\WINDOWS\System32\NetSetupSvc.dll [324224] =>.Microsoft Corporation

---\\ Additional Scan (O88) (2) - 0s
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} =>Riskware.QuickTime
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} =>Riskware.QuickTime

---\\ Summary of the elements found (1) - 0s
https://www.anti-malware.top/2016/04/21/riskware-quicktime/ =>Riskware.QuickTime

~ Unselected Options:
~ End of the scan, 39700 items in 05mn15s (1184)(0)
Click to expand...
 
Last edited by a moderator:
ZHP Fix
4bd9Ugb.png

  • Download ZHP-Fix from here.
  • Install it.
  • Click Suivant 5 Times.
  • Then Installer.
  • Then Terminer.
  • Then right clcick the ZHP Fix icon Run as admin.
  • Copy the entire content of the code box below, the next step will grab it from your clipboard.
  • Then click on import.
  • Then click GO.
  • Allow completion.
  • A log file will appear on your desktop.
  • Post it here in your next reply.

Code: 
Script ZhpFix
SysRestore
EmptyFlash
EmptyTemp
FirewallRaz
EmptyCLSID
O23 - Service: (AdobeUpdateService) . (.Adobe Systems Incorporated - Adobe Update Service.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated®
SS - Demand [14/12/2016] [ 270936] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
[MD5.63BB08F1FE94AE8804BCDC4916D4ABCD] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [324224] (.Activate.) =>.Piriform Ltd®
O39 - APT: Unknown - (.Adobe Inc..) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [324224] =>.Adobe Inc.
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\WINDOWS\System32\Tasks\CCleanerSkipUAC [324224] =>.Piriform Ltd®
O4 - HKLM\..\Run: [toys] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKCU\..\Run: [toys] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKCU\..\Run: [tracing] C:\Program Files (x86)\waistbands\sunland.exe (.not file.)
O4 - HKCU\..\Run: [hostetter] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKCU\..\Run: [electrolyte] C:\Program Files (x86)\Syllabic\genoese.exe (.not file.)
O4 - HKCU\..\Run: [midwives] C:\Program Files (x86)\Intramural\scheduled.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [toys] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKUS\S-1-5-21-3646257312-145341772-451683423-1001\..\Run: [toys] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKUS\S-1-5-21-3646257312-145341772-451683423-1001\..\Run: [tracing] C:\Program Files (x86)\waistbands\sunland.exe (.not file.)
O4 - HKUS\S-1-5-21-3646257312-145341772-451683423-1001\..\Run: [hostetter] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKUS\S-1-5-21-3646257312-145341772-451683423-1001\..\Run: [electrolyte] C:\Program Files (x86)\Syllabic\genoese.exe (.not file.)
O4 - HKUS\S-1-5-21-3646257312-145341772-451683423-1001\..\Run: [midwives] C:\Program Files (x86)\Intramural\scheduled.exe (.not file.)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ =>.Yahoo! Inc.
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ =>.Yahoo! Inc.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com =>.Google Inc.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/ =>.Yahoo! Inc.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKEY_USERS\S-1-5-21-3646257312-145341772-451683423-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/ =>.Yahoo! Inc.
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []
O4 - GS\TaskBar [Administrator]: НАНАНАНАНАНАНА.lnk . (...) C:\Program Files (x86)\Mozilla Firefox\firefox.bat
O4 - GS\Startup [Administrator]: ok2089576.lnk . (...) C:\Program Files (x86)\cartridge\antivirals.exe
O4 - GS\TaskBar [Clint]: НАНАНАНАНАНАНА.lnk . (...) C:\Program Files (x86)\Mozilla Firefox\firefox.bat
O4 - GS\Startup [Clint]: ok2089576.lnk . (...) C:\Program Files (x86)\cartridge\antivirals.exe
O4 - GS\TaskBar [Guest]: НАНАНАНАНАНАНА.lnk . (...) C:\Program Files (x86)\Mozilla Firefox\firefox.bat
O4 - GS\Startup [Guest]: ok2089576.lnk . (...) C:\Program Files (x86)\cartridge\antivirals.exe
O42 - Logiciel: bl - (.Your Company Name.) [HKLM][64Bits] -- {2A075BB4-E976-4278-BF3F-E5C6945D84C0} =>.Your Company Name
HKLM\SOFTWARE\Wow6432Node\ComodoGroup =>.ComodoGroup
HKLM\SOFTWARE\Wow6432Node\Eset =>.ESET
HKLM\SOFTWARE\Wow6432Node\Free YouTube Downloader =>.DawnArk, Inc
HKLM\SOFTWARE\Wow6432Node\FreeYouTubeDownloader =>.DawnArk, Inc
HKLM\SOFTWARE\Wow6432Node\Software =>.Unknow
HKCU\SOFTWARE\AVAST Software =>.AVAST Software
HKCU\SOFTWARE\ComodoGroup =>.ComodoGroup
HKCU\SOFTWARE\McAfee =>.McAfee Inc.
O43 - CFD: 04/01/2017 - [0] D -- C:\Program Files\COMODO =>.Comodo
O43 - CFD: 26/12/2016 - [] D -- C:\Program Files (x86)\Lexmark Toolbar =>.Lexmark
O43 - CFD: 08/01/2016 - [] D -- C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 04/01/2017 - [0] D -- C:\Program Files (x86)\Common Files\COMODO =>.Comodo
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {154734F9-8847-445E-9FA4-85593E3AEACB} - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (Bing) - http://www.bing.com/ =>.Bing.com
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} =>Riskware.QuickTime
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} =>Riskware.QuickTime
 
Script ZhpFix
SysRestore
EmptyFlash
EmptyTemp
FirewallRaz
EmptyCLSID
O23 - Service: (AdobeUpdateService) . (.Adobe Systems Incorporated - Adobe Update Service.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated®
SS - Demand [14/12/2016] [ 270936] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
[MD5.63BB08F1FE94AE8804BCDC4916D4ABCD] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [324224] (.Activate.) =>.Piriform Ltd®
O39 - APT: Unknown - (.Adobe Inc..) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [324224] =>.Adobe Inc.
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\WINDOWS\System32\Tasks\CCleanerSkipUAC [324224] =>.Piriform Ltd®
O4 - HKLM\..\Run: [toys] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKCU\..\Run: [toys] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKCU\..\Run: [tracing] C:\Program Files (x86)\waistbands\sunland.exe (.not file.)
O4 - HKCU\..\Run: [hostetter] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKCU\..\Run: [electrolyte] C:\Program Files (x86)\Syllabic\genoese.exe (.not file.)
O4 - HKCU\..\Run: [midwives] C:\Program Files (x86)\Intramural\scheduled.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [toys] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKUS\S-1-5-21-3646257312-145341772-451683423-1001\..\Run: [toys] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKUS\S-1-5-21-3646257312-145341772-451683423-1001\..\Run: [tracing] C:\Program Files (x86)\waistbands\sunland.exe (.not file.)
O4 - HKUS\S-1-5-21-3646257312-145341772-451683423-1001\..\Run: [hostetter] C:\Program Files (x86)\cartridge\antivirals.exe (.not file.)
O4 - HKUS\S-1-5-21-3646257312-145341772-451683423-1001\..\Run: [electrolyte] C:\Program Files (x86)\Syllabic\genoese.exe (.not file.)
O4 - HKUS\S-1-5-21-3646257312-145341772-451683423-1001\..\Run: [midwives] C:\Program Files (x86)\Intramural\scheduled.exe (.not file.)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ =>.Yahoo! Inc.
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ =>.Yahoo! Inc.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com =>.Google Inc.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/ =>.Yahoo! Inc.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKEY_USERS\S-1-5-21-3646257312-145341772-451683423-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/ =>.Yahoo! Inc.
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []
O4 - GS\TaskBar [Administrator]: НАНАНАНАНАНАНА.lnk . (...) C:\Program Files (x86)\Mozilla Firefox\firefox.bat
O4 - GS\Startup [Administrator]: ok2089576.lnk . (...) C:\Program Files (x86)\cartridge\antivirals.exe
O4 - GS\TaskBar [Clint]: НАНАНАНАНАНАНА.lnk . (...) C:\Program Files (x86)\Mozilla Firefox\firefox.bat
O4 - GS\Startup [Clint]: ok2089576.lnk . (...) C:\Program Files (x86)\cartridge\antivirals.exe
O4 - GS\TaskBar [Guest]: НАНАНАНАНАНАНА.lnk . (...) C:\Program Files (x86)\Mozilla Firefox\firefox.bat
O4 - GS\Startup [Guest]: ok2089576.lnk . (...) C:\Program Files (x86)\cartridge\antivirals.exe
O42 - Logiciel: bl - (.Your Company Name.) [HKLM][64Bits] -- {2A075BB4-E976-4278-BF3F-E5C6945D84C0} =>.Your Company Name
HKLM\SOFTWARE\Wow6432Node\ComodoGroup =>.ComodoGroup
HKLM\SOFTWARE\Wow6432Node\Eset =>.ESET
HKLM\SOFTWARE\Wow6432Node\Free YouTube Downloader =>.DawnArk, Inc
HKLM\SOFTWARE\Wow6432Node\FreeYouTubeDownloader =>.DawnArk, Inc
HKLM\SOFTWARE\Wow6432Node\Software =>.Unknow
HKCU\SOFTWARE\AVAST Software =>.AVAST Software
HKCU\SOFTWARE\ComodoGroup =>.ComodoGroup
HKCU\SOFTWARE\McAfee =>.McAfee Inc.
O43 - CFD: 04/01/2017 - [0] D -- C:\Program Files\COMODO =>.Comodo
O43 - CFD: 26/12/2016 - [] D -- C:\Program Files (x86)\Lexmark Toolbar =>.Lexmark
O43 - CFD: 08/01/2016 - [] D -- C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 04/01/2017 - [0] D -- C:\Program Files (x86)\Common Files\COMODO =>.Comodo
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {154734F9-8847-445E-9FA4-85593E3AEACB} - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (Bing) - http://www.bing.com/ =>.Bing.com
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} =>Riskware.QuickTime
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} =>Riskware.QuickTime
 
You need to copy and paste that into the ZHP cleaner app.

upload_2017-1-7_20-3-7.png
 
Alright, I will mark this one as solved for you, unless you have any other questions?
 
Status
Not open for further replies.
Top Bottom