~ ZHPDiag v2016.5.17.97 By Nicolas Coolman (2016/05/09) ~ Run by Mhanna90 (Administrator) (2016/05/17 19:47:12) ~ Web: http://www.nicolascoolman.com ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\Mhanna90\Desktop\ZHPDiag.txt ~ Report: C:\Users\Mhanna90\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 10 Home Single Language, 64-bit (Build 10586) ---\\ Internet Browsers (3) - 0s GCIE: Google Chrome v50.0.2661.102 OPIE: Opera 37.0.2178.43 MSIE: Internet Explorer v11.306.10586.0 ---\\ Windows Product Information (3) - 3s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK ---\\ System protection software (1) - 1s Windows Defender (Deactivate) ---\\ Sharing software PeerToPeer (1) - 1s µTorrent v3.4.7.42330 ---\\ Information on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 61 Stepping 4, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 8301.904 MB (48% free) System Restore: Activé (Enable) System drive C: has 36 GB () free of 226 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: MHANNA-PC ~ User Name: Mhanna90 ~ Logged in as Administrator ---\\ Enumeration of the disk units (1) - 0s ~ Drive C: has 36 GB free of 226 GB (System) ---\\ State of the Windows Security Center (7) - 0s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Search Generic System Files (24) - 1s [MD5.2617877C5761B8A696FD0368861EE6E4] - 23/04/2016 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [4515256] =>.Microsoft Windows® [MD5.0DCB89B1F3689BC6262FF30BBD603171] - 30/10/2015 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [59392] =>.Microsoft Corporation [MD5.C1C81AAF533552B3C4D9F11A5FF97700] - 23/04/2016 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [291360] =>.Microsoft Windows Publisher® [MD5.AE6A68A065D4C26AF4BEFAA53623B266] - 29/03/2016 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [2755584] =>.Microsoft Corporation [MD5.5C156EC4E44E30331BCC865A3B61D839] - 23/04/2016 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [585728] =>.Microsoft Corporation [MD5.9EEAA1B69DC3FD620AE576CC8F4147DC] - 30/10/2015 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [430592] =>.Microsoft Corporation [MD5.9A3E17CDB177913C2A111C80F3D0DBB4] - 29/03/2016 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [686976] =>.Microsoft Windows® [MD5.6A7ACABAE92C837F5C1330188EAE36AE] - 29/03/2016 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [535080] =>.Microsoft Windows® [MD5.70148EFA9A562E7185B75BBE7D376BF7] - 14/11/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [578912] =>.Microsoft Windows® [MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - 30/10/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows® [MD5.7F9C7226D743B232907ED2537B8A574F] - 30/10/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] =>.Microsoft Corporation [MD5.82D97776BF982AA143BDC7DFB5054EA8] - 30/10/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173568] =>.Microsoft Corporation [MD5.935823F79CBEDB91637B63D37E3A5A36] - 29/03/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [148480] =>.Microsoft Corporation [MD5.84BC034B6BB763733C1949B7B9BAF976] - 30/10/2015 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [79872] =>.Microsoft Corporation [MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - 30/10/2015 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] =>.Microsoft Corporation [MD5.9E5E8F2A1996F23B7E9687846AA81B01] - 30/10/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] =>.Microsoft Corporation [MD5.0B3B0C1D86050355676640488FA897D3] - 23/02/2016 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [430944] =>.Microsoft Windows® [MD5.F51C02D992A8D6BC5EC4D990F227D4C7] - 30/10/2015 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [279552] =>.Microsoft Corporation [MD5.19BD8A88AAC580592668B070AC0727D9] - 29/03/2016 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2152280] =>.Microsoft Windows® [MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - 30/10/2015 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation [MD5.E3C82823B22463BC38AA4F8ADA852624] - 23/02/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation [MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - 30/10/2015 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [173056] =>.Microsoft Corporation [MD5.91D3F2A6253EF83EFBD7903028F58C4D] - 14/11/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118624] =>.Microsoft Windows® [MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - 30/10/2015 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [414560] =>.Microsoft Windows® ---\\ Non Microsoft non disabled Windows Services (10) - 2s O23 - Service: CCDMonitorService (CCDMonitorService) . (.Acer Incorporated - CCD Monitor Service.) - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe =>.Acer Incorporated® O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.® O23 - Service: GamesAppIntegrationService (GamesAppIntegrationService) . (.WildTangent - WildTangent Games App Integration Service.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe =>.WildTangent Inc® O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation - pGFX® O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O23 - Service: Launch Manager Service (LMSvc) . (.Acer Incorporate - LMSvc.) - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe =>.Acer Incorporated® O23 - Service: TeamViewer 11 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 11.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe =>.TeamViewer® O23 - Service: Touch Tools Launch Service (TouchToolsLaunchService) . (.Acer Incorporated - Touch Tools.) - C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe =>.Acer Incorporated® ---\\ Services not Microsoft (SR=Run, SS=Stop) (22) - 20s SR - Auto [18/04/2016] [ 2860760] CCDMonitorService (CCDMonitorService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe =>.Acer Incorporated® SR - Demand [30/09/2015] [ 301976] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - pGFX® SR - Auto [13/04/2016] [ 2519904] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.® SR - Demand [23/07/2014] [ 2573032] ePower Service (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe =>.Acer Incorporated® SR - Auto [12/10/2015] [ 349728] GamesAppIntegrationService (GamesAppIntegrationService) . (.WildTangent.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe =>.WildTangent Inc® SS - Demand [12/10/2015] [ 209952] GamesAppService (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe =>.WildTangent Inc® SS - Auto [31/10/2015] [ 144200] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [31/10/2015] [ 144200] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [25/04/2012] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe =>.Intel Corporation® SR - Auto [30/09/2015] [ 370064] Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation SS - Demand [14/05/2014] [ 887256] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel® Trusted Connect Service® SR - Auto [10/10/2014] [ 158496] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® SS - Demand [22/07/2015] [ 625632] Lenovo EasyPlus Hotspot (Lenovo EasyPlus Hotspot) . (.Lenovo.) - C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe =>.LENOVO® SR - Auto [10/10/2014] [ 409376] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® SR - Auto [06/11/2014] [ 472808] Launch Manager Service (LMSvc) . (.Acer Incorporate.) - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe =>.Acer Incorporated® SR - Demand [17/10/2014] [ 458984] Quick Access Service (QASvc) . (.Acer Incorporate.) - C:\Program Files\Acer\Acer Quick Access\QASvc.exe =>.Acer Incorporated® SR - Demand [17/10/2014] [ 449768] Quick Access RadioMgr Service (RMSvc) . (.Acer Incorporate.) - C:\Program Files\Acer\Acer Quick Access\RMSvc.exe =>.Acer Incorporated® SS - Demand [04/02/2016] [ 31176] (ShareItSvc) . (.SHAREit Technologies Co.Ltd.) - C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe =>.LENOVO® SR - Auto [14/12/2015] [ 6889232] TeamViewer 11 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe =>.TeamViewer® SR - Auto [09/01/2014] [ 250624] Touch Tools Launch Service (TouchToolsLaunchService) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe =>.Acer Incorporated® SR - Demand [15/07/2014] [ 234240] User Experience Improvement Program (UEIPSvc) . (.acer.) - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe =>.Acer Incorporated® ---\\ Task Planned Automatically (53) - 8s [MD5.00000000000000000000000000000000] [APT] [TaskName] (...) -- Task To Run (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.D246B77DF1B4302BDC1332986F26815C] [APT] [abDocsDllLoader] (...) -- C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312] (.Activate.) =>.Acer Incorporated® [MD5.BD65571DB1C13947E47A9759E0E6F94A] [APT] [ACC] (.(C) All rights reserved.) -- C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [100608] (.Activate.) =>.Acer Incorporated® [MD5.192551432A694B27E9EEBDA5794CCB12] [APT] [ACCAgent] (.(C) All rights reserved.) -- C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41728] (.Activate.) =>.Acer Incorporated® [MD5.00000000000000000000000000000000] [APT] [Acer Hover Access Trigger] (...) -- HoverAccessLauncher.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.0DAE22CD426F3B569124E1DD0046B379] [APT] [AcerCloud] (.Acer.) -- C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2740440] (.Activate.) =>.Acer Incorporated® [MD5.8FE66FC2C5BE0F3DCA142FFCE8CE2CD4] [APT] [Audio Invert Utility] (.Acer Incorporated.) -- C:\Program Files (x86)\Acer\Acer Audio Invert Utility\Launcher.exe [73960] (.Activate.) =>.Acer Incorporated® [MD5.962C647021EF055DEDDAD5539701F4E5] [APT] [BacKGroundAgent] (.Acer Incorporated.) -- C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752] (.Activate.) =>.Acer Incorporated® [MD5.00000000000000000000000000000000] [APT] [DolbySelectorTask] (...) -- Inc. (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc® [MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineCore1d11401e6fc5dc6] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc® [MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc® [MD5.5716A347EDEA3FFA0FAD6652942A86A9] [APT] [Launch Manager] (.Acer Incorporate.) -- C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [439016] (.Activate.) =>.Acer Incorporated® [MD5.5E1A4E1AC8BDBA684DBC4086274F6A25] [APT] [Launch Screen Grasp_First] (.Acer Incorporated.) -- C:\Program Files (x86)\Acer\Screen Grasp\Launch Screen Grasp.exe [40192] (.Activate.) =>.Acer Incorporated® [MD5.29F4B4BE2D33C2A01C4F232C54544B40] [APT] [Opera scheduled Autoupdate 1447347657] (.Opera Software.) -- C:\Program Files (x86)\Opera\launcher.exe [705064] (.Activate.) =>.Opera Software ASA® [MD5.EAB3CD3E7FBB4BE203BDC44007FE4162] [APT] [Power Management] (.Acer Incorporated.) -- C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [384232] (.Activate.) =>.Acer Incorporated® [MD5.701A63EF01C42AF90F3C5634941E68CC] [APT] [Prelauncher] (.Acer Incorporated.) -- C:\Program Files (x86)\Acer\Screen Grasp\InputTask.exe [25344] (.Activate.) =>.Acer Incorporated® [MD5.701A63EF01C42AF90F3C5634941E68CC] [APT] [prelauncher_First] (.Acer Incorporated.) -- C:\Program Files (x86)\Acer\Screen Grasp\InputTask.exe [25344] (.Activate.) =>.Acer Incorporated® [MD5.0AF60557A104CD19C746EEFA4778AE08] [APT] [Quick Access] (.Acer Incorporate.) -- C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328] (.Activate.) =>.Acer Incorporated® [MD5.0AF60557A104CD19C746EEFA4778AE08] [APT] [Quick Access Quick Launcher] (.Acer Incorporate.) -- C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328] (.Activate.) =>.Acer Incorporated® [MD5.CB794B5BB7C655F3062C4DB7F29528D9] [APT] [Screen Grasp GestureDetection] (.Acer Incorporated.) -- C:\Program Files (x86)\Acer\Screen Grasp\GestureDetection.exe [323840] (.Activate.) =>.Acer Incorporated® [MD5.DC7B3CDD569D1D12DA1D79804F1FAAD2] [APT] [Software Update Application] (.Acer Incorporated.) -- C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474368] (.Activate.) =>.Acer Incorporated® [MD5.319A949B15483673C014D9EEAB3E6A77] [APT] [SweetLabs App Platform] (.Pokki.) -- C:\Users\Mhanna90\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [10864104] (.Activate.) =>.Pokki® [MD5.6C531EBEFA4718C279D1C1729C77D230] [APT] [UbtFrameworkService] (.TODO: .) -- C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296] (.Activate.) =>.Acer Incorporated® [MD5.64D423B3882C42F351B9D767BCE5FB74] [APT] [UMonitor Task] (.Copyright (C) 2008.) -- C:\Windows\SysWOW64\UMonit64.exe [53248] (.Activate.) [MD5.00000000000000000000000000000000] [APT] [Lenovo\] (...) -- C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [862] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineCore1d11401e6fc5dc6 - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d11401e6fc5dc6.job [922] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [926] =>.Google Inc® O39 - APT: abDocsDllLoader - (...) -- C:\WINDOWS\System32\Tasks\abDocsDllLoader [3404] =>.Acer Incorporated® O39 - APT: ACC - (.(C) All rights reserved.) -- C:\WINDOWS\System32\Tasks\ACC [2788] =>.Acer Incorporated® O39 - APT: ACCAgent - (.(C) All rights reserved.) -- C:\WINDOWS\System32\Tasks\ACCAgent [3744] =>.Acer Incorporated® O39 - APT: Acer Hover Access Trigger - (...) -- C:\WINDOWS\System32\Tasks\Acer Hover Access Trigger [2730] (.Orphean.) =>.Superfluous.Orphean O39 - APT: AcerCloud - (.Acer.) -- C:\WINDOWS\System32\Tasks\AcerCloud [3388] =>.Acer Incorporated® O39 - APT: Audio Invert Utility - (.Acer Incorporated.) -- C:\WINDOWS\System32\Tasks\Audio Invert Utility [2104] =>.Acer Incorporated® O39 - APT: BacKGroundAgent - (.Acer Incorporated.) -- C:\WINDOWS\System32\Tasks\BacKGroundAgent [3508] =>.Acer Incorporated® O39 - APT: DolbySelectorTask - (...) -- C:\WINDOWS\System32\Tasks\DolbySelectorTask [2118] (.Orphean.) =>.Superfluous.Orphean O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3006] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineCore1d11401e6fc5dc6 - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d11401e6fc5dc6 [3782] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3984] =>.Google Inc® O39 - APT: Launch Manager - (.Acer Incorporate.) -- C:\WINDOWS\System32\Tasks\Launch Manager [2070] =>.Acer Incorporated® O39 - APT: Launch Screen Grasp_First - (.Acer Incorporated.) -- C:\WINDOWS\System32\Tasks\Launch Screen Grasp_First [3514] =>.Acer Incorporated® O39 - APT: Opera scheduled Autoupdate 1447347657 - (.Opera Software.) -- C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1447347657 [3958] =>.Opera Software ASA® O39 - APT: Power Management - (.Acer Incorporated.) -- C:\WINDOWS\System32\Tasks\Power Management [2096] =>.Acer Incorporated® O39 - APT: Prelauncher - (.Acer Incorporated.) -- C:\WINDOWS\System32\Tasks\Prelauncher [2450] =>.Acer Incorporated® O39 - APT: prelauncher_First - (.Acer Incorporated.) -- C:\WINDOWS\System32\Tasks\prelauncher_First [2476] =>.Acer Incorporated® O39 - APT: Quick Access - (.Acer Incorporate.) -- C:\WINDOWS\System32\Tasks\Quick Access [2062] =>.Acer Incorporated® O39 - APT: Quick Access Quick Launcher - (.Acer Incorporate.) -- C:\WINDOWS\System32\Tasks\Quick Access Quick Launcher [2182] =>.Acer Incorporated® O39 - APT: Screen Grasp GestureDetection - (.Acer Incorporated.) -- C:\WINDOWS\System32\Tasks\Screen Grasp GestureDetection [3500] =>.Acer Incorporated® O39 - APT: Software Update Application - (.Acer Incorporated.) -- C:\WINDOWS\System32\Tasks\Software Update Application [4154] =>.Acer Incorporated® O39 - APT: SweetLabs App Platform - (.Pokki.) -- C:\WINDOWS\System32\Tasks\SweetLabs App Platform [3400] =>.Pokki® O39 - APT: UbtFrameworkService - (.TODO: .) -- C:\WINDOWS\System32\Tasks\UbtFrameworkService [2574] =>.Acer Incorporated® O39 - APT: UMonitor Task - (.Copyright (C) 2008.) -- C:\WINDOWS\System32\Tasks\UMonitor Task [2192] ---\\ Process running (85) - 4s [MD5.BA1BA1C9E40BCEB88678747C1E7C256F] - (.Intel Corporation - igfxCUIService Module.) -- C:\Windows\System32\igfxCUIService.exe [370064] [PID.1380] =>.Intel Corporation - pGFX® [MD5.287D7C125CCCBA0D2111181F44BE2C2A] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2519904] [PID.1396] =>.ESET, spol. s r.o.® [MD5.700A193A1555B083E3A08F5D3A844925] - (.Intel Corporation - IntelCpHeciSvc Executable.) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe [301976] [PID.1612] =>.Intel Corporation - pGFX® [MD5.41D709EB4211F6F6411F6105FA39518F] - (.Acer Incorporated - CCD Monitor Service.) -- C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760] [PID.2268] =>.Acer Incorporated® [MD5.C34F08F22920F5D869BFCC96D1D5682D] - (.Acer Incorporate - LMSvc.) -- C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [472808] [PID.2280] =>.Acer Incorporated® [MD5.F97DF9B53A44222EE2E33732E4E4A138] - (.Acer Incorporated - Touch Tools.) -- C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe [250624] [PID.2448] =>.Acer Incorporated® [MD5.E72B44F86082DFE649CD991E3CD2F8B6] - (.TeamViewer GmbH - TeamViewer 11.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232] [PID.2488] =>.TeamViewer® [MD5.1E019BCBFAED4BE128CAEFDE11B79B3E] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5565088] [PID.3976] =>.ESET, spol. s r.o.® [MD5.319A949B15483673C014D9EEAB3E6A77] - (.Pokki - Service Host App Updater.) -- C:\Users\Mhanna90\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [10864104] [PID.4156] =>.Pokki® [MD5.DA33CC01380EA479BE010959E5A85B55] - (.Intel Corporation - igfxEM Module.) -- C:\Windows\System32\igfxEM.exe [346520] [PID.4736] =>.Intel Corporation - pGFX® [MD5.600794BFBB06B7B3F52CF58BF12C7B9E] - (.Intel Corporation - igfxHK Module.) -- C:\Windows\System32\igfxHK.exe [268176] [PID.4744] =>.Intel Corporation - pGFX® [MD5.584E00D183A69A5C96E62F575C6B1495] - (.Acer Incorporate - LMEvent.) -- C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe [492776] [PID.6040] =>.Acer Incorporated® [MD5.95DDE8DAC78018C8CE78C303B980752F] - (.Acer Incorporate - LockHandler.) -- C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe [457960] [PID.6080] =>.Acer Incorporated® [MD5.0FEBBFE3105C6ACD4C2FD87819B643AC] - (.Acer Incorporate - LMTray.) -- C:\Program Files\Acer\Acer Launch Manager\LMTray.exe [468712] [PID.6196] =>.Acer Incorporated® [MD5.992DBEEC25BC2535B03B564367A3B652] - (.Acer Incorporate - QASvc.) -- C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984] [PID.6292] =>.Acer Incorporated® [MD5.9194F38586D431B88B1CBB5E8D812D4D] - (.Dolby Laboratories Inc. - Dolby Digital Plus Profile Selector.) -- C:\Program Files\Dolby Digital Plus\ddp.exe [585600] [PID.6328] =>.Dolby Laboratories, Inc.® [MD5.4549618C96FD6EC3056BA16634EB9D54] - (.Acer Incorporate - QAEvent.) -- C:\Program Files\Acer\Acer Quick Access\QAEvent.exe [528616] [PID.6420] =>.Acer Incorporated® [MD5.9358846ADC2EEAC8FB5B203BD5107A5F] - (.Acer Incorporated - Hover Access.) -- C:\Program Files (x86)\Acer\Acer Hover Access\HoverAccess.exe [650472] [PID.6456] =>.Acer Incorporated® [MD5.0D515EA69D377C2763CB3AE1B7C77331] - (.Acer Incorporate - QAMsg.) -- C:\Program Files\Acer\Acer Quick Access\QAMsg.exe [447720] [PID.6692] =>.Acer Incorporated® [MD5.DA2D7BED47EF71BDFEEDDEEE76C965FD] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664] [PID.7104] =>.Realtek Semiconductor Corp® [MD5.50B2337C91531C04D6AF1F42F84FAD76] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387736] [PID.6100] =>.Realtek Semiconductor Corp® [MD5.64D423B3882C42F351B9D767BCE5FB74] - (.Copyright (C) 2008 - ChangeIcon MFC Application.) -- C:\Windows\SysWOW64\UMonit64.exe [53248] [PID.6684] [MD5.45C24D3BF28C360F59B43ED69A70A723] - (.Nico Mak Computing - File Association Helper.) -- C:\Program Files\WinZip\FAHWindow64.exe [186592] [PID.4104] =>.WinZip Computing LLC® [MD5.BFF01283DA99C51C55647ED6609CDC6B] - (.Nico Mak Computing - WinZip Update Notifier.) -- C:\Program Files\WinZip\WZUpdateNotifier.exe [1143008] [PID.6256] =>.WinZip Computing LLC® [MD5.9FE6D9D024B302BB75AD48F00C93A886] - (.WinZip Computing, S.L. - WinZip Preloader.) -- C:\Program Files\WinZip\WzPreloader.exe [124128] [PID.2976] =>.WinZip Computing LLC® [MD5.6066FDFF6E02A0F1F2584EBC9D4A1E63] - (.Acer Incorporated - ePowerSvc.) -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032] [PID.7488] =>.Acer Incorporated® [MD5.2ACFEA2E5E88CEBCD3800FB1AEB77F9E] - (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [5474536] [PID.7628] =>.Acer Incorporated® [MD5.99306C0231039E80E297F444AF04DD1B] - (.Intel Corporation - igfxext Module.) -- C:\Windows\System32\igfxext.exe [236456] [PID.7660] =>.Intel Corporation - pGFX® [MD5.11A0FF3516138A7299412FF11408D81F] - (.Acer Incorporated - ePowerEvent.) -- C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe [395496] [PID.7736] =>.Acer Incorporated® [MD5.96420506C025EF2A7B0B4EEC3226418F] - (.Acer Incorporated - ePowerWinMonitor.) -- C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe [259304] [PID.7816] =>.Acer Incorporated® [MD5.2E49BB1C0DA5DA619B22EA5B0FAE2B84] - (.Acer Incorporate - AudioInvertAgent.) -- C:\Program Files (x86)\Acer\Acer Audio Invert Utility\AudioInvertAgent.exe [228072] [PID.7912] =>.Acer Incorporated® [MD5.5E1A4E1AC8BDBA684DBC4086274F6A25] - (.Acer Incorporated - Launch Screen Grasp.) -- C:\Program Files (x86)\Acer\Screen Grasp\Launch Screen Grasp.exe [40192] [PID.6432] =>.Acer Incorporated® [MD5.F15FB6917435F714F31604FAE64BF254] - (.Acer Incorporate - RMSvc.) -- C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768] [PID.8052] =>.Acer Incorporated® [MD5.0D58B7202985107EA6882A7E80E0E119] - (.WildTangent - WildTangent Games App Integration Service.) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728] [PID.4468] =>.WildTangent Inc® [MD5.CA295D3E5032DDF8A3CBD1A256E646FA] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496] [PID.5224] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® [MD5.ED5C8B920F2ACF11A26586B2FA66BF3D] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [409376] [PID.7552] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® [MD5.D246B77DF1B4302BDC1332986F26815C] - (...) -- C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312] [PID.5768] =>.Acer Incorporated® [MD5.0DAE22CD426F3B569124E1DD0046B379] - (.Acer - Acer Portal.) -- C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2740440] [PID.7832] =>.Acer Incorporated® [MD5.962C647021EF055DEDDAD5539701F4E5] - (.Acer Incorporated - Background Agent.) -- C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752] [PID.5584] =>.Acer Incorporated® [MD5.33AB22661E4DE1701F41CAFFB9DA1FEF] - (.Acer Cloud Technology - AcerCloud Client.) -- C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe [9685208] [PID.6500] =>.Acer Incorporated® [MD5.C4F88AA33526390EB3B087C425457EC8] - (.Pokki - Service Host App.) -- C:\Users\Mhanna90\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [7874024] [PID.9676] =>.Pokki® [MD5.C4F88AA33526390EB3B087C425457EC8] - (.Pokki - Service Host App.) -- C:\Users\Mhanna90\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [7874024] [PID.10220] =>.Pokki® [MD5.708B845EF0061A5DEA50A3ED96615136] - (.Pokki - Start Menu Service.) -- C:\Users\Mhanna90\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe [3069928] [PID.7220] =>.Pokki® [MD5.EB7E8BF35D31BC9F111E282C2F263854] - (.acer - UEIPSvc.) -- C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240] [PID.6260] =>.Acer Incorporated® [MD5.3DB9682912F54D6E38BD2545914E6657] - (.TODO: - AppMonitorPlugIn.) -- C:\Program Files\Acer\User Experience Improvement Program\Plugin\AppMonitor\AppMonitorPlugIn.exe [434944] [PID.7604] =>.Acer Incorporated® [MD5.DA33CC01380EA479BE010959E5A85B55] - (.Intel Corporation - igfxEM Module.) -- C:\Windows\System32\igfxEM.exe [346520] [PID.3132] =>.Intel Corporation - pGFX® [MD5.600794BFBB06B7B3F52CF58BF12C7B9E] - (.Intel Corporation - igfxHK Module.) -- C:\Windows\System32\igfxHK.exe [268176] [PID.2148] =>.Intel Corporation - pGFX® [MD5.9194F38586D431B88B1CBB5E8D812D4D] - (.Dolby Laboratories Inc. - Dolby Digital Plus Profile Selector.) -- C:\Program Files\Dolby Digital Plus\ddp.exe [585600] [PID.11164] =>.Dolby Laboratories, Inc.® [MD5.4549618C96FD6EC3056BA16634EB9D54] - (.Acer Incorporate - QAEvent.) -- C:\Program Files\Acer\Acer Quick Access\QAEvent.exe [528616] [PID.10624] =>.Acer Incorporated® [MD5.0D515EA69D377C2763CB3AE1B7C77331] - (.Acer Incorporate - QAMsg.) -- C:\Program Files\Acer\Acer Quick Access\QAMsg.exe [447720] [PID.2872] =>.Acer Incorporated® [MD5.3C1A9EF86925950AF79CA62F1A287E84] - (.Acer Incorporate - QAThemes.) -- C:\Program Files\Acer\Acer Quick Access\QAThemes.exe [260840] [PID.10396] =>.Acer Incorporated® [MD5.584E00D183A69A5C96E62F575C6B1495] - (.Acer Incorporate - LMEvent.) -- C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe [492776] [PID.10780] =>.Acer Incorporated® [MD5.95DDE8DAC78018C8CE78C303B980752F] - (.Acer Incorporate - LockHandler.) -- C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe [457960] [PID.10792] =>.Acer Incorporated® [MD5.0FEBBFE3105C6ACD4C2FD87819B643AC] - (.Acer Incorporate - LMTray.) -- C:\Program Files\Acer\Acer Launch Manager\LMTray.exe [468712] [PID.1952] =>.Acer Incorporated® [MD5.9358846ADC2EEAC8FB5B203BD5107A5F] - (.Acer Incorporated - Hover Access.) -- C:\Program Files (x86)\Acer\Acer Hover Access\HoverAccess.exe [650472] [PID.10968] =>.Acer Incorporated® [MD5.2E49BB1C0DA5DA619B22EA5B0FAE2B84] - (.Acer Incorporate - AudioInvertAgent.) -- C:\Program Files (x86)\Acer\Acer Audio Invert Utility\AudioInvertAgent.exe [228072] [PID.12888] =>.Acer Incorporated® [MD5.2ACFEA2E5E88CEBCD3800FB1AEB77F9E] - (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [5474536] [PID.12924] =>.Acer Incorporated® [MD5.99306C0231039E80E297F444AF04DD1B] - (.Intel Corporation - igfxext Module.) -- C:\Windows\System32\igfxext.exe [236456] [PID.9392] =>.Intel Corporation - pGFX® [MD5.11A0FF3516138A7299412FF11408D81F] - (.Acer Incorporated - ePowerEvent.) -- C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe [395496] [PID.5176] =>.Acer Incorporated® [MD5.96420506C025EF2A7B0B4EEC3226418F] - (.Acer Incorporated - ePowerWinMonitor.) -- C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe [259304] [PID.13176] =>.Acer Incorporated® [MD5.DA2D7BED47EF71BDFEEDDEEE76C965FD] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664] [PID.10952] =>.Realtek Semiconductor Corp® [MD5.50B2337C91531C04D6AF1F42F84FAD76] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387736] [PID.9712] =>.Realtek Semiconductor Corp® [MD5.45C24D3BF28C360F59B43ED69A70A723] - (.Nico Mak Computing - File Association Helper.) -- C:\Program Files\WinZip\FAHWindow64.exe [186592] [PID.13064] =>.WinZip Computing LLC® [MD5.BFF01283DA99C51C55647ED6609CDC6B] - (.Nico Mak Computing - WinZip Update Notifier.) -- C:\Program Files\WinZip\WZUpdateNotifier.exe [1143008] [PID.13292] =>.WinZip Computing LLC® [MD5.9FE6D9D024B302BB75AD48F00C93A886] - (.WinZip Computing, S.L. - WinZip Preloader.) -- C:\Program Files\WinZip\WzPreloader.exe [124128] [PID.12572] =>.WinZip Computing LLC® [MD5.83A7349CB85635074D283C3256C33F5D] - (...) -- C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe [2100064] [PID.5008] =>.Microsoft Windows® [MD5.B99D68C404A4E69FBB95E3A282091CFA] - (...) -- C:\Windows\System32\igfxTray.exe [415128] [PID.13528] =>.Intel Corporation - pGFX® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.9540] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.10988] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.7940] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.5896] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.14184] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.10812] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.29288] =>.Google Inc® [MD5.EA84FEE22142828A498803F3B21158C3] - (...) -- C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.65.800.0_x86__kgqvnymyfvs32\stritz.exe [7443456] [PID.39312] [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.69960] =>.Google Inc® [MD5.81896B186E0E66F762E1CB1C2E5B25FC] - (.VideoLAN - VLC media player.) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [137152] [PID.68856] =>.VideoLAN® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.87548] =>.Google Inc® [MD5.83A7349CB85635074D283C3256C33F5D] - (...) -- C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe [2100064] [PID.66920] =>.Microsoft Windows® [MD5.FE0F50965B1C2418CB217835F6405816] - (.Copyright (C) 2010 - FMAPP Application.) -- C:\Program Files\Realtek\Audio\HDA\FMAPP.exe [78880] [PID.95240] [MD5.FE0F50965B1C2418CB217835F6405816] - (.Copyright (C) 2010 - FMAPP Application.) -- C:\Program Files\Realtek\Audio\HDA\FMAPP.exe [78880] [PID.95464] [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.97320] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.98260] =>.Google Inc® [MD5.41A6377FF2E6AAD7A4882A4FD2574987] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Mhanna90\Downloads\ZHPDiag3.exe [2207232] [PID.95416] =>.Nicolas Coolman [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.95580] =>.Google Inc® ---\\ Google Chrome, Start,Search,Extensions (9) - 0s G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (3) - 1s P2 - FPN: [HKLM] [@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf] - (...) -- C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll P2 - FPN: [HKLM] [@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf] - (...) -- C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll P2 - FPN: [HKLM] [@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll =>.WildTangent ---\\ Internet Explorer Extensions, Start, Search (18) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/ R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 ---\\ Internet Explorer, Proxy Management (4) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit= F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet= ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Browser Helper Object (BHO) (2) - 0s O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} (Orphean) O2 - BHO: Microsoft OneDrive for Business Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} (Orphean) ---\\ Auto loading programs from Registry and folders (16) - 1s O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp® O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe =>.Realtek Semiconductor Corp® O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4D2CB15C8D68700D48C9543DBA8BC04D] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation® O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64 (.not file.) O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64 (.not file.) O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64 (.not file.) O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64 (.not file.) O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-21-94239195-442348988-1187761284-1001\..\Run: [GoogleChromeAutoLaunch_4D2CB15C8D68700D48C9543DBA8BC04D] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - HKUS\S-1-5-21-94239195-442348988-1187761284-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-21-94239195-442348988-1187761284-1001\..\RunOnce: [Uninstall C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64 (.not file.) O4 - HKUS\S-1-5-21-94239195-442348988-1187761284-1001\..\RunOnce: [Uninstall C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64 (.not file.) O4 - HKUS\S-1-5-21-94239195-442348988-1187761284-1001\..\RunOnce: [Uninstall C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64 (.not file.) O4 - HKUS\S-1-5-21-94239195-442348988-1187761284-1001\..\RunOnce: [Uninstall C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64 (.not file.) ---\\ Global shortcuts Startup (60) - 10s O4 - GS\Desktop [Administrator]: Popcorn Time Community.lnk . (...) C:\Users\Mhanna90\AppData\Local\Popcorn Time Community\nw.exe O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Mhanna90\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Desktop [Administrator]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Mhanna90\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\sendTo [Administrator]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer® O4 - GS\TaskBar [Administrator]: Acer Quick Access.lnk . (.Acer Incorporate - .) C:\Program Files (x86)\Acer\Acer Quick Access\QuickAccess.exe =>.Acer Incorporate O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Administrator]: Pokki Start Menu.lnk . (.Pokki - Service Host App.) C:\Users\Mhanna90\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe =>.Pokki® O4 - GS\TaskBar [Administrator]: Spotify.lnk . (.Spotify Ltd - SpotifyLauncher.) C:\Program Files (x86)\Spotify\SpotifyLauncher.exe =>.Spotify AB® O4 - GS\Desktop [Guest]: Popcorn Time Community.lnk . (...) C:\Users\Mhanna90\AppData\Local\Popcorn Time Community\nw.exe O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Mhanna90\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Desktop [Guest]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Mhanna90\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\sendTo [Guest]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer® O4 - GS\TaskBar [Guest]: Acer Quick Access.lnk . (.Acer Incorporate - .) C:\Program Files (x86)\Acer\Acer Quick Access\QuickAccess.exe =>.Acer Incorporate O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Guest]: Pokki Start Menu.lnk . (.Pokki - Service Host App.) C:\Users\Mhanna90\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe =>.Pokki® O4 - GS\TaskBar [Guest]: Spotify.lnk . (.Spotify Ltd - SpotifyLauncher.) C:\Program Files (x86)\Spotify\SpotifyLauncher.exe =>.Spotify AB® O4 - GS\Desktop [Mhanna]: Popcorn Time Community.lnk . (...) C:\Users\Mhanna90\AppData\Local\Popcorn Time Community\nw.exe O4 - GS\Desktop [Mhanna]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Mhanna90\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Desktop [Mhanna]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Mhanna90\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\Quicklaunch [Mhanna]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\sendTo [Mhanna]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer® O4 - GS\TaskBar [Mhanna]: Acer Quick Access.lnk . (.Acer Incorporate - .) C:\Program Files (x86)\Acer\Acer Quick Access\QuickAccess.exe =>.Acer Incorporate O4 - GS\TaskBar [Mhanna]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Mhanna]: Pokki Start Menu.lnk . (.Pokki - Service Host App.) C:\Users\Mhanna90\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe =>.Pokki® O4 - GS\TaskBar [Mhanna]: Spotify.lnk . (.Spotify Ltd - SpotifyLauncher.) C:\Program Files (x86)\Spotify\SpotifyLauncher.exe =>.Spotify AB® O4 - GS\Desktop [Mhanna90]: Popcorn Time Community.lnk . (...) C:\Users\Mhanna90\AppData\Local\Popcorn Time Community\nw.exe O4 - GS\Desktop [Mhanna90]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Mhanna90\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Desktop [Mhanna90]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Mhanna90\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\Quicklaunch [Mhanna90]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\sendTo [Mhanna90]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer® O4 - GS\TaskBar [Mhanna90]: Acer Quick Access.lnk . (.Acer Incorporate - .) C:\Program Files (x86)\Acer\Acer Quick Access\QuickAccess.exe =>.Acer Incorporate O4 - GS\TaskBar [Mhanna90]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Mhanna90]: Pokki Start Menu.lnk . (.Pokki - Service Host App.) C:\Users\Mhanna90\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe =>.Pokki® O4 - GS\TaskBar [Mhanna90]: Spotify.lnk . (.Spotify Ltd - SpotifyLauncher.) C:\Program Files (x86)\Spotify\SpotifyLauncher.exe =>.Spotify AB® O4 - GS\CommonDesktop [Public]: abDocs.lnk . (.acer - abDocs.) C:\Program Files (x86)\Acer\abDocs\abDocs.exe =>.Acer Incorporated® O4 - GS\CommonDesktop [Public]: abFiles.lnk . (...) C:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exe =>.Acer Incorporated® O4 - GS\CommonDesktop [Public]: abMusic.lnk . (.Acer Incorporated - abMusic.) C:\Program Files (x86)\Acer\abMusic\abMusic.exe =>.Acer Incorporated® O4 - GS\CommonDesktop [Public]: abPhoto.lnk . (.Acer Incorporated - abPhoto.) C:\Program Files (x86)\Acer\abPhoto\abPhoto.exe =>.Acer Incorporated® O4 - GS\CommonDesktop [Public]: Acer Care Center.lnk . (.(C)All rights reserved - CareCenter.) C:\Program Files (x86)\Acer\Care Center\CareCenter.exe =>.Acer Incorporated® O4 - GS\CommonDesktop [Public]: Acer Portal.lnk . (.Acer - Acer Portal.) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe =>.Acer Incorporated® O4 - GS\CommonDesktop [Public]: Acer Video Player.lnk . (.Acer Incorporated - Acer Video Player.) C:\Program Files (x86)\Acer\Acer Video Player\AcerVideoPlayer.exe =>.Acer Incorporated® O4 - GS\CommonDesktop [Public]: Booking.com.lnk . (...) C:\Program Files (x86)\Booking.COM\StartURL.exe O4 - GS\CommonDesktop [Public]: Dropbox.lnk . (...) C:\Program Files (x86)\Dropbox\StartURL.exe O4 - GS\CommonDesktop [Public]: eBay.lnk . (...) c:\Windows\Installer\{91589413-6675-4C27-8AFC-EFB9103B90A5}\_1ADE67C705AECB54139530.exe O4 - GS\CommonDesktop [Public]: ESET Banking & Payment protection.lnk . (.ESET - .) C:\Program Files (x86)\ESET\ESET Smart Security\ecmd.exe =>.ESET O4 - GS\CommonDesktop [Public]: Foxit PhantomPDF.lnk . (.Foxit Corporation - Foxit PhantomPDF 6.0.) C:\Program Files (x86)\Foxit PhantomPDF\FoxitPhantomPDF.exe =>.Foxit Corporation® O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\CommonDesktop [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA® O4 - GS\CommonDesktop [Public]: SHAREit.lnk . (.SHAREit Technologies Co.Ltd - SHAREit.) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe =>.LENOVO® O4 - GS\CommonDesktop [Public]: TeamViewer 11.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer® O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN® O4 - GS\CommonDesktop [Public]: WinZip.lnk . (.WinZip Computing, S.L. - .) C:\Program Files (x86)\WinZip\WINZIP64.EXE =>.WinZip Computing, S.L. O4 - GS\Startup [Public]: FAH.lnk . (.Nico Mak Computing - .) C:\Program Files (x86)\WinZip\FAHConsole.exe =>.Nico Mak Computing O4 - GS\Startup [Public]: Update Notifier.lnk . (.Nico Mak Computing - .) C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe =>.Nico Mak Computing O4 - GS\Startup [Public]: WinZip Preloader.lnk . (.WinZip Computing, S.L. - .) C:\Program Files (x86)\WinZip\WzPreloader.exe =>.WinZip Computing, S.L. O4 - GS\Programs [Public]: HD Audio Manager.lnk . (.Realtek Semiconductor - .) C:\Program Files (x86)\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor O4 - GS\Programs [Public]: PC App Store.lnk . (.Pokki - Service Host App.) C:\Users\Mhanna90\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe =>.Pokki® O4 - GS\Programs [Public]: Pokki Start Menu.lnk . (.Pokki - Service Host App.) C:\Users\Mhanna90\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe =>.Pokki® ---\\ Lop.com/Domain Hijackers (4) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 93.115.85.212 8.8.8.8 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\..\{2dbe3e45-75e7-45b6-adf2-3eb32aab096f}: DhcpNameServer = 93.115.85.212 8.8.8.8 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\..\{3aa07413-f340-4809-a006-dabe4686bc2e}: DhcpNameServer = 40.30.1.55 O17 - HKLM\System\CCS\Services\Tcpip\..\{f4f6a77d-fdea-4813-9671-c9a7e845ba78}: DhcpNameServer = 40.30.1.66 ---\\ Extra protocols (26) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: mso-minsb-roaming.16 [64Bits] - {83C25742-A9F7-49FB-9138-434302C88D07} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation® O18 - Handler: mso-minsb.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation® O18 - Handler: osf-roaming.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation® O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation® O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation ---\\ Software installed (79) - 9s O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>.BitTorrent Inc® O42 - Logiciel: abDocs - (.Acer Incorporated.) [HKLM][64Bits] -- {CA4FE8B0-298C-4E5D-A486-F33B126D6A0A} =>.Acer Incorporated® O42 - Logiciel: abDocs Office AddIn - (.Acer Incorporated.) [HKLM][64Bits] -- {DCBF3379-246B-47E1-8173-639B63940838} =>.Acer Incorporated O42 - Logiciel: abFiles - (.Acer Incorporated.) [HKLM][64Bits] -- {13885028-098C-4799-9B71-27DAC96502D5} =>.Acer Incorporated® O42 - Logiciel: abMusic - (.Acer Incorporated.) [HKLM][64Bits] -- {E9AF1707-3F3A-49E2-8345-4F2D629D0876} =>.Acer Incorporated® O42 - Logiciel: abPhoto - (.Acer Incorporated.) [HKLM][64Bits] -- {B5AD89F2-03D3-4206-8487-018298007DD0} =>.Acer Incorporated® O42 - Logiciel: Acer Audio Invert Utility - (.Acer Incorporated.) [HKLM][64Bits] -- {11086334-4198-44C7-8C67-7B49E4AC925A} =>.Acer Incorporated O42 - Logiciel: Acer Care Center - (.Acer Incorporated.) [HKLM][64Bits] -- {A424844F-CDB3-45E2-BB77-1DDE4A091E76} =>.Acer Incorporated O42 - Logiciel: Acer Explorer Agent - (.Acer Incorporated.) [HKLM][64Bits] -- {4D0F42CF-1693-43D9-BDC8-19141D023EE0} =>.Acer Incorporated O42 - Logiciel: Acer Hover Access - (.Acer Incorporated.) [HKLM][64Bits] -- {02488282-6E9D-42B0-877E-2AA34580E578} =>.Acer Incorporated O42 - Logiciel: Acer Launch Manager - (.Acer Incorporated.) [HKLM][64Bits] -- {C18D55BD-1EC6-466D-B763-8EEDDDA9100E} =>.Acer Incorporated O42 - Logiciel: Acer Portal - (.Acer Incorporated.) [HKLM][64Bits] -- {A5AD0B17-F34D-49BE-A157-C8B3D52ACD13} =>.Acer Incorporated® O42 - Logiciel: Acer Power Management - (.Acer Incorporated.) [HKLM][64Bits] -- {91F52DE4-B789-42B0-9311-A349F10E5479} =>.Acer Incorporated O42 - Logiciel: Acer Quick Access - (.Acer Incorporated.) [HKLM][64Bits] -- {C1FA525F-D701-4B31-9D32-504FC0CF0B98} =>.Acer Incorporated O42 - Logiciel: Acer Recovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {07F2005A-8CAC-4A4B-83A2-DA98A722CA61} =>.Acer Incorporated O42 - Logiciel: Acer Screen Grasp - (.Acer Incorporated.) [HKLM][64Bits] -- {84443E5D-0767-438B-B1C8-6A52FAB2101B} =>.Acer Incorporated O42 - Logiciel: Acer Touch Tools - (.Acer Incorporated.) [HKLM][64Bits] -- {BB1F8130-3CB3-4896-9D28-770DFFFDE59C} =>.Acer Incorporated O42 - Logiciel: Acer User Experience Improvement Program App Monitor Plugin - (.Acer Incorporated.) [HKLM][64Bits] -- {978724F6-1863-4DD5-9E66-FB77F5AB5613} =>.Acer Incorporated O42 - Logiciel: Acer User Experience Improvement Program Framework - (.Acer Incorporated.) [HKLM][64Bits] -- {12A718F2-2357-4D41-9E1F-18583A4745F7} =>.Acer Incorporated O42 - Logiciel: Acer Video Player - (.Acer Incorporated.) [HKLM][64Bits] -- {B6846F20-4821-11E3-8F96-0800200C9A66} =>.Acer Incorporated® O42 - Logiciel: Aloha TriPeaks - (.WildTangent.) [HKLM][64Bits] -- WTA-9b9002d0-c902-4f14-b0ba-6092f745efbf =>.WildTangent Inc® O42 - Logiciel: AOP Framework - (.Acer Incorporated.) [HKLM][64Bits] -- {4A37A114-702F-4055-A4B6-16571D4A5353} =>.Acer Incorporated® O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-71074707-3a78-432f-b812-8a6a30df434a =>.WildTangent Inc® O42 - Logiciel: Dolby Digital Plus Home Theater - (.Dolby Laboratories Inc.) [HKLM][64Bits] -- {7E3D8FA1-6092-469A-955B-68FC4A2C67CA} =>.Dolby Laboratories Inc O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM][64Bits] -- {91589413-6675-4C27-8AFC-EFB9103B90A5} =>.OEM O42 - Logiciel: ESET Smart Security - (.ESET, spol. s r.o..) [HKLM][64Bits] -- {34EC548D-2385-4949-957E-69DAD61F108D} =>.ESET, spol. s r.o. O42 - Logiciel: Farm to Fork Collector's Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-bc12960d-d611-4775-94d9-c65da3caec6b =>.WildTangent Inc® O42 - Logiciel: Foxit PhantomPDF - (.Foxit Corporation.) [HKLM][64Bits] -- {D4DF5498-C95C-4A02-9951-725FB2D7BC0D} =>.Foxit Corporation O42 - Logiciel: Game Explorer Categories - genres - (.WildTangent, Inc..) [HKLM][64Bits] -- WildTangentGameProvider-acer-genres =>.WildTangent, Inc. O42 - Logiciel: Game Explorer Categories - main - (.WildTangent, Inc..) [HKLM][64Bits] -- WildTangentGameProvider-acer-main =>.WildTangent, Inc. O42 - Logiciel: Genesys USB Mass Storage Device - (.Genesys Logic.) [HKLM][64Bits] -- {959B7F35-2819-40C5-A0CD-3C53B5FCC935} =>.Genesys Logic O42 - Logiciel: Google Chrome - (.Google Inc‎.‎.) [HKLM][64Bits] -- Google Chrome =>.Google Inc® O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: Governor of Poker 2 Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-5bb61b07-7c02-4fdb-ad81-256eaad0dc8d =>.WildTangent Inc® O42 - Logiciel: Host App Service - (.Pokki.) [HKCU][64Bits] -- SweetLabs_AP =>.Pokki® O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {BD667C75-0EDD-4073-A406-A6DD9C3016EB} =>.Intel Corporation O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel(R) Corporation.) [HKLM][64Bits] -- {f5d71765-7cd1-4e68-998f-5b379e725da3} =>.Intel Corporation - Software and Firmware Products® O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {085F8D6D-D06F-443B-A872-5B88C6391203} =>.Intel Corporation O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {1CEAC85D-2590-4760-800F-8DE5E91F3700} =>.Intel Corporation O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {D5EA481B-D855-4A0E-9E9A-21AB4F5A3C49} =>.Intel Corporation O42 - Logiciel: Intel(R) ME UninstallLegacy - (.Intel Corporation.) [HKLM][64Bits] -- {D6C8B829-18A3-4E80-8B4B-1CFA9588A2E2} =>.Intel Corporation O42 - Logiciel: Intel(R) PRO/Wireless Driver - (.Intel Corporation.) [HKLM][64Bits] -- {d3f2f385-12f2-479c-92e2-e6f6b5e95b76} =>.Intel Corporation O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - pGFX® O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} =>.Intel Corporation O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {B96314A4-5138-460F-B769-1913B0A07D78} =>.Intel Corporation O42 - Logiciel: Intel(R) Serial IO - (.Intel Corporation.) [HKLM][64Bits] -- {9FD91C5C-44AE-4D9D-85BE-AE52816B0294} =>.Intel Corporation O42 - Logiciel: Intel(R) Serial IO - (.Intel Corporation.) [HKLM][64Bits] -- {B7368FC9-A295-4A95-A9EB-AFD659BA7B71} =>.Intel Corporation O42 - Logiciel: Intel(R) Virtual Buttons - (.Intel Corporation.) [HKLM][64Bits] -- 1992736F-C90A-481C-B21B-EE34CAD07387 =>.Intel Corporation O42 - Logiciel: Intel(R) Wireless Bluetooth(R) - (.Intel Corporation.) [HKLM][64Bits] -- {922CA1B2-9D74-49DF-A23F-90F710F51DD7} =>.Intel Corporation O42 - Logiciel: Intel® PROSet/Wireless Software - (.Intel Corporation.) [HKLM][64Bits] -- {7991b5ae-96d7-4df2-97fb-a605b7cb638b} =>.Intel Corporation-Mobile Wireless Group® O42 - Logiciel: Intel® PROSet/Wireless WiFi Software - (.Intel Corporation.) [HKLM][64Bits] -- {F7519C01-56A8-4844-A8CE-397065097F1E} =>.Intel Corporation O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {1B444AF9-1DBE-4884-8F35-969BEFCF69A8} =>.Intel Corporation O42 - Logiciel: Jewel Match 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-b9878dcf-8d08-4acf-8896-ede1d7c3e6bc =>.WildTangent Inc® O42 - Logiciel: King Oddball - (.WildTangent.) [HKLM][64Bits] -- WTA-eb0ecf32-f5be-400f-ac58-92b3fd88033b =>.WildTangent Inc® O42 - Logiciel: LUXOR Evolved - (.WildTangent.) [HKLM][64Bits] -- WTA-10efce4b-b54b-4dbe-a85a-80cf39c5f171 =>.WildTangent Inc® O42 - Logiciel: Magic Academy - (.WildTangent.) [HKLM][64Bits] -- WTA-09d8576e-1896-43db-8b76-63d7507caf6b =>.WildTangent Inc® O42 - Logiciel: Metric Collection SDK 35 - (.Lenovo Group Limited.) [HKLM][64Bits] -- {C2B5B5B0-2545-4E94-B4BA-548D4BF0B196} =>.Lenovo Group Limited O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0000-0000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008F-0000-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0409-0000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Opera Stable 37.0.2178.43 - (.Opera Software.) [HKLM][64Bits] -- Opera 37.0.2178.43 =>.Opera Software ASA® O42 - Logiciel: Peggle Nights - (.WildTangent.) [HKLM][64Bits] -- WTA-eb71254d-2a9d-45b0-82e2-c8b59245c918 =>.WildTangent Inc® O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WTA-c0dcab17-62d4-43ae-ad47-9109e25a9fe1 =>.WildTangent Inc® O42 - Logiciel: Pokki Start Menu - (.Pokki.) [HKCU][64Bits] -- SweetLabs_Start_Menu =>.Pokki® O42 - Logiciel: Polar Bowler 1st Frame - (.WildTangent.) [HKLM][64Bits] -- WTA-885112be-974d-438a-8172-2a076ca945c3 =>.WildTangent Inc® O42 - Logiciel: Popcorn Time Community 0.3.8-6 - (.Popcorn Time Community.) [HKLM][64Bits] -- Popcorn Time Community 0.3.8-6 =>.Popcorn Time Community O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp® O42 - Logiciel: SHAREit - (.Lenovo.) [HKLM][64Bits] -- SHAREit_is1 =>.Lenovo O42 - Logiciel: Spotify - (.Spotify AB.) [HKLM][64Bits] -- Spotify =>.Spotify AB® O42 - Logiciel: TeamViewer 11 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer =>.TeamViewer® O42 - Logiciel: The Chronicles of Emerland Solitaire - (.WildTangent.) [HKLM][64Bits] -- WTA-9aee5bcf-8ecd-414e-8b97-dd1d2e59fd48 =>.WildTangent Inc® O42 - Logiciel: Trinklit Supreme - (.WildTangent.) [HKLM][64Bits] -- WTA-720c19de-e503-4192-aed9-b4ef6ab82896 =>.WildTangent Inc® O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App =>.WildTangent Inc® O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: WildTangent Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall =>.WildTangent Inc® O42 - Logiciel: WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer =>.WildTangent Inc® O42 - Logiciel: WinRAR 5.30 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH® O42 - Logiciel: WinZip 20.0 - (.WinZip Computing, S.L. .) [HKLM][64Bits] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240EF} =>.WinZip Computing, S.L. O42 - Logiciel: Zuma's Revenge - (.WildTangent.) [HKLM][64Bits] -- WTA-59465227-29e5-4f91-988b-b5b0f06380b6 =>.WildTangent Inc® ---\\ HKCU & HKLM Software Keys (59) - 9s HKLM\SOFTWARE\Wow6432Node\Acer HKLM\SOFTWARE\Wow6432Node\Apple Inc. HKLM\SOFTWARE\Wow6432Node\Clearfi HKLM\SOFTWARE\Wow6432Node\DellShared HKLM\SOFTWARE\Wow6432Node\ESET HKLM\SOFTWARE\Wow6432Node\Foxit Software HKLM\SOFTWARE\Wow6432Node\Genesys Logic HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\Lenovo HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\McAfee HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\Nico Mak Computing HKLM\SOFTWARE\Wow6432Node\Nuance HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\OEM HKLM\SOFTWARE\Wow6432Node\Opera Software HKLM\SOFTWARE\Wow6432Node\Realtek HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. HKLM\SOFTWARE\Wow6432Node\SHAREit HKLM\SOFTWARE\Wow6432Node\TeamViewer HKLM\SOFTWARE\Wow6432Node\VideoLAN HKLM\SOFTWARE\Wow6432Node\WildTangent HKLM\SOFTWARE\Wow6432Node\WinRAR HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\Acer HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\ESET HKCU\SOFTWARE\Fair Play labs HKCU\SOFTWARE\Foxit Software HKCU\SOFTWARE\Google HKCU\SOFTWARE\Intel HKCU\SOFTWARE\Lenovo HKCU\SOFTWARE\Local AppWizard-Generated Applications HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\Mine HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Nico Mak Computing HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\OEM HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\SHAREit HKCU\SOFTWARE\SweetLabs App Platform HKCU\SOFTWARE\SyncEngines HKCU\SOFTWARE\TeamViewer HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\WinZip Computing HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software ---\\ Contents of the Common Files folders (177) - 15s O43 - CFD: 30/12/2014 - [] D -- C:\Program Files\Acer =>.Acer Incorporated® O43 - CFD: 30/12/2014 - [] D -- C:\Program Files\Booking.COM =>.Acer Incorporated® O43 - CFD: 15/05/2016 - [] D -- C:\Program Files\Common Files O43 - CFD: 30/12/2014 - [] AD -- C:\Program Files\Dolby Digital Plus =>.Dolby Laboratories, Inc.® O43 - CFD: 30/12/2014 - [] D -- C:\Program Files\Dropbox =>.Acer Incorporated® O43 - CFD: 15/05/2016 - [] D -- C:\Program Files\ESET =>.ESET, spol. s r.o.® O43 - CFD: 13/11/2015 - [] D -- C:\Program Files\Intel =>.Intel Corporation-Mobile Wireless Group® O43 - CFD: 14/05/2016 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 01/11/2015 - [] D -- C:\Program Files\Microsoft Office 15 =>.Microsoft Corporation® O43 - CFD: 14/11/2015 - [] D -- C:\Program Files\MSBuild O43 - CFD: 13/11/2015 - [] D -- C:\Program Files\Realtek =>.Andrea Electronics® O43 - CFD: 14/11/2015 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 22/08/2013 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 30/10/2015 - [] D -- C:\Program Files\Windows Defender O43 - CFD: 14/05/2016 - [] D -- C:\Program Files\Windows Journal O43 - CFD: 30/10/2015 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 17/03/2016 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 17/03/2016 - [] D -- C:\Program Files\Windows Multimedia Platform O43 - CFD: 30/10/2015 - [] D -- C:\Program Files\Windows NT O43 - CFD: 30/10/2015 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 17/03/2016 - [] D -- C:\Program Files\Windows Portable Devices O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files\Windows Sidebar O43 - CFD: 17/05/2016 - [] HD -- C:\Program Files\WindowsApps O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files\WindowsPowerShell O43 - CFD: 01/11/2015 - [] AD -- C:\Program Files\WinZip {1C82CA02186BFC89CB451DD9F5369E25} O43 - CFD: 10/05/2016 - [] D -- C:\Program Files (x86)\Acer =>.Acer Incorporated® O43 - CFD: 29/12/2014 - [0] D -- C:\Program Files (x86)\Cisco O43 - CFD: 08/05/2016 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 03/12/2014 - [] AD -- C:\Program Files (x86)\Foxit PhantomPDF =>.Foxit Corporation® O43 - CFD: 31/10/2015 - [] D -- C:\Program Files (x86)\Google =>.Google Inc® O43 - CFD: 30/12/2014 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.Macrovision Corporation® O43 - CFD: 13/11/2015 - [] D -- C:\Program Files (x86)\Intel O43 - CFD: 14/05/2016 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 17/02/2016 - [] D -- C:\Program Files (x86)\Lenovo =>.LENOVO® O43 - CFD: 15/05/2016 - [0] D -- C:\Program Files (x86)\Mazda O43 - CFD: 08/05/2016 - [] AD -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 13/11/2015 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 14/11/2015 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 01/11/2015 - [] D -- C:\Program Files (x86)\OEM O43 - CFD: 12/05/2016 - [] AD -- C:\Program Files (x86)\Opera =>.Opera Software ASA® O43 - CFD: 30/12/2014 - [] D -- C:\Program Files (x86)\Realtek =>.Realtek Semiconductor Corp® O43 - CFD: 14/11/2015 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 30/12/2014 - [] AD -- C:\Program Files (x86)\Spotify =>.Spotify AB® O43 - CFD: 16/05/2016 - [] AD -- C:\Program Files (x86)\TeamViewer =>.TeamViewer® O43 - CFD: 30/12/2014 - [0] HD -- C:\Program Files (x86)\Temp O43 - CFD: 13/11/2015 - [] D -- C:\Program Files (x86)\VideoLAN O43 - CFD: 03/12/2014 - [] AD -- C:\Program Files (x86)\WildGames =>.WildTangent Inc® O43 - CFD: 06/11/2015 - [] D -- C:\Program Files (x86)\WildTangent Games =>.WildTangent Inc® O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 17/03/2016 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 17/03/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files (x86)\WindowsPowerShell O43 - CFD: 30/12/2015 - [] AD -- C:\Program Files (x86)\WinRAR =>.win.rar GmbH® O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 10/05/2016 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby O43 - CFD: 15/05/2016 - [] SHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF O43 - CFD: 13/11/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 17/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LenovoSHAREit O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools O43 - CFD: 15/05/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 30/10/2015 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 30/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip O43 - CFD: 31/10/2015 - [] D -- C:\ProgramData\Acer O43 - CFD: 13/11/2015 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 06/11/2015 - [] D -- C:\ProgramData\BlueStacks O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\Comms O43 - CFD: 03/12/2014 - [] D -- C:\ProgramData\CyberLink O43 - CFD: 13/11/2015 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 13/11/2015 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 15/05/2016 - [] D -- C:\ProgramData\ESET O43 - CFD: 29/12/2014 - [] D -- C:\ProgramData\GenesysLogic O43 - CFD: 03/12/2014 - [] D -- C:\ProgramData\install_clap O43 - CFD: 29/12/2014 - [] D -- C:\ProgramData\Intel O43 - CFD: 29/12/2014 - [] D -- C:\ProgramData\Intel.sav O43 - CFD: 17/02/2016 - [] D -- C:\ProgramData\Lenovo O43 - CFD: 15/05/2016 - [] D -- C:\ProgramData\McAfee O43 - CFD: 13/11/2015 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 01/11/2015 - [] D -- C:\ProgramData\Microsoft OneDrive O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\OEM O43 - CFD: 01/11/2015 - [] D -- C:\ProgramData\OEM_YAHOO O43 - CFD: 29/12/2014 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 03/12/2014 - [] D -- C:\ProgramData\Pokki O43 - CFD: 08/05/2016 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 29/12/2014 - [] D -- C:\ProgramData\Roaming O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\SoftwareDistribution O43 - CFD: 13/11/2015 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 03/12/2014 - [] D -- C:\ProgramData\Temp O43 - CFD: 13/11/2015 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 01/11/2015 - [] D -- C:\ProgramData\UniqueId O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\USOPrivate O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\USOShared O43 - CFD: 06/11/2015 - [] D -- C:\ProgramData\WildTangent O43 - CFD: 01/11/2015 - [] D -- C:\ProgramData\WinZip O43 - CFD: 08/05/2016 - [] AD -- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 30/12/2014 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 13/11/2015 - [] D -- C:\Program Files (x86)\Common Files\Intel O43 - CFD: 17/02/2016 - [] D -- C:\Program Files (x86)\Common Files\LENOVO O43 - CFD: 15/05/2016 - [] D -- C:\Program Files (x86)\Common Files\mcafee O43 - CFD: 08/05/2016 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 03/12/2014 - [] D -- C:\Program Files (x86)\Common Files\Nikon O43 - CFD: 29/12/2014 - [] D -- C:\Program Files (x86)\Common Files\PostureAgent O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 01/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Roaming\Adobe O43 - CFD: 13/05/2016 - [] D -- C:\Users\Mhanna90\AppData\Roaming\Foxit Software O43 - CFD: 09/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Roaming\Identities O43 - CFD: 01/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Roaming\Intel O43 - CFD: 01/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Roaming\Macromedia O43 - CFD: 27/11/2015 - [] SD -- C:\Users\Mhanna90\AppData\Roaming\Microsoft O43 - CFD: 12/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Roaming\Opera Software O43 - CFD: 12/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Roaming\RPEng =>PUP.Optional.Generic O43 - CFD: 17/02/2016 - [] D -- C:\Users\Mhanna90\AppData\Roaming\TeamViewer O43 - CFD: 15/05/2016 - [] D -- C:\Users\Mhanna90\AppData\Roaming\uTorrent O43 - CFD: 16/05/2016 - [] D -- C:\Users\Mhanna90\AppData\Roaming\vlc O43 - CFD: 06/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Roaming\WildTangent O43 - CFD: 30/12/2015 - [] D -- C:\Users\Mhanna90\AppData\Roaming\WinRAR O43 - CFD: 17/05/2016 - [] D -- C:\Users\Mhanna90\AppData\Roaming\ZHP O43 - CFD: 01/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Local\Acer O43 - CFD: 01/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Local\Acer Aspire R7 Tutorial O43 - CFD: 13/11/2015 - [0] D -- C:\Users\Mhanna90\AppData\Local\ActiveSync O43 - CFD: 01/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Local\AOP SDK O43 - CFD: 13/11/2015 - [0] SHD -- C:\Users\Mhanna90\AppData\Local\Application Data O43 - CFD: 31/10/2015 - [] D -- C:\Users\Mhanna90\AppData\Local\Apps O43 - CFD: 15/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Local\assembly O43 - CFD: 10/05/2016 - [] D -- C:\Users\Mhanna90\AppData\Local\clear.fi O43 - CFD: 17/02/2016 - [] D -- C:\Users\Mhanna90\AppData\Local\Comms O43 - CFD: 17/05/2016 - [] D -- C:\Users\Mhanna90\AppData\Local\CrashDumps O43 - CFD: 07/05/2016 - [] D -- C:\Users\Mhanna90\AppData\Local\Diagnostics O43 - CFD: 01/11/2015 - [] SHD -- C:\Users\Mhanna90\AppData\Local\EmieBrowserModeList O43 - CFD: 29/12/2015 - [0] SHD -- C:\Users\Mhanna90\AppData\Local\EmieSiteList O43 - CFD: 29/12/2015 - [0] SHD -- C:\Users\Mhanna90\AppData\Local\EmieUserList O43 - CFD: 15/05/2016 - [] D -- C:\Users\Mhanna90\AppData\Local\ESET O43 - CFD: 16/12/2015 - [] D -- C:\Users\Mhanna90\AppData\Local\Google O43 - CFD: 11/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Local\GWX O43 - CFD: 13/11/2015 - [0] SHD -- C:\Users\Mhanna90\AppData\Local\History O43 - CFD: 01/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Local\iGware O43 - CFD: 17/02/2016 - [] D -- C:\Users\Mhanna90\AppData\Local\Lenovo O43 - CFD: 30/03/2016 - [] D -- C:\Users\Mhanna90\AppData\Local\Microsoft O43 - CFD: 13/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Local\MicrosoftEdge O43 - CFD: 13/11/2015 - [0] D -- C:\Users\Mhanna90\AppData\Local\NetworkTiles O43 - CFD: 01/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Local\Nico Mak Computing O43 - CFD: 30/12/2014 - [] D -- C:\Users\Mhanna90\AppData\Local\OEM O43 - CFD: 12/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Local\Opera Software O43 - CFD: 14/04/2016 - [] D -- C:\Users\Mhanna90\AppData\Local\Packages O43 - CFD: 02/03/2016 - [] AD -- C:\Users\Mhanna90\AppData\Local\Popcorn Time Community O43 - CFD: 25/03/2016 - [] D -- C:\Users\Mhanna90\AppData\Local\Popcorn-Time-Community O43 - CFD: 17/02/2016 - [] D -- C:\Users\Mhanna90\AppData\Local\Programs O43 - CFD: 13/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Local\Publishers O43 - CFD: 17/02/2016 - [] D -- C:\Users\Mhanna90\AppData\Local\SHAREit O43 - CFD: 17/05/2016 - [] D -- C:\Users\Mhanna90\AppData\Local\SweetLabs App Platform O43 - CFD: 17/05/2016 - [] D -- C:\Users\Mhanna90\AppData\Local\Temp O43 - CFD: 13/11/2015 - [0] SHD -- C:\Users\Mhanna90\AppData\Local\Temporary Internet Files O43 - CFD: 13/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Local\TileDataLayer O43 - CFD: 01/11/2015 - [0] D -- C:\Users\Mhanna90\AppData\Local\VirtualStore O43 - CFD: 27/11/2015 - [] D -- C:\Users\Mhanna90\AppData\Local\WinZip O43 - CFD: 17/02/2016 - [0] D -- C:\Users\Mhanna90\AppData\Local\Programs\Common O43 - CFD: 30/10/2015 - [] RD -- C:\Users\Mhanna90\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 13/11/2015 - [] RD -- C:\Users\Mhanna90\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 14/05/2016 - [] RD -- C:\Users\Mhanna90\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 30/10/2015 - [] D -- C:\Users\Mhanna90\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 14/05/2016 - [] RD -- C:\Users\Mhanna90\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 30/10/2015 - [] RD -- C:\Users\Mhanna90\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 30/10/2015 - [] RSD -- C:\Users\Mhanna90\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell O43 - CFD: 30/12/2015 - [] D -- C:\Users\Mhanna90\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ Latest files created in Prefetcher (2) - 9s O45 - LFCP:[MD5.B254AEB4E7870E14AD141D9BF4154173] 17/02/2016 A -- C:\WINDOWS\Prefetch\LENOVOSHAREITSOFTONIC.TMP-B48FEEC7.pf =>.Superfluous.Softonic O45 - LFCP:[MD5.0797F85CF062F131D5F5E98B12556FDD] 17/02/2016 A -- C:\WINDOWS\Prefetch\LENOVOSHAREITSOFTONIC.TMP-EFDF0EC8.pf =>.Superfluous.Softonic ---\\ ShellIconOverlayIdentifiers (SIOI) (5) - 0s O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Mhanna90\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileSyncShell.dll =>.Microsoft Corporation® ---\\ System Drivers List (62) - 7s O58 - SDL:2015/10/30 11:17:22 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:22 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:22 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:22 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:22 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:22 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn.sys [9728] =>.Windows (R) Win 7 DDK provider O58 - SDL:2015/10/30 11:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider O58 - SDL:2015/10/30 11:17:22 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] =>.Microsoft Windows® O58 - SDL:2016/04/13 13:31:40 A . (.ESET - Amon monitor.) -- C:\WINDOWS\System32\drivers\eamonm.sys [264552] =>.ESET, spol. s r.o.® O58 - SDL:2016/04/13 13:31:40 A . (.ESET - ESET ELAM driver.) -- C:\WINDOWS\System32\drivers\eelam.sys [14976] =>.Microsoft Windows Early Launch Anti-malware Publisher® O58 - SDL:2016/04/13 13:31:40 A . (.ESET - ESET Helper driver.) -- C:\WINDOWS\System32\drivers\ehdrv.sys [186784] =>.ESET, spol. s r.o.® O58 - SDL:2016/04/13 13:31:40 A . (.ESET - ESET OPP Keyboard Filter.) -- C:\WINDOWS\System32\drivers\ekbdflt.sys [142976] =>.ESET, spol. s r.o.® O58 - SDL:2016/04/13 13:31:40 A . (.ESET - ESET Personal Firewall driver.) -- C:\WINDOWS\System32\drivers\epfw.sys [198096] =>.ESET, spol. s r.o.® O58 - SDL:2016/04/13 13:31:40 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\WINDOWS\System32\drivers\EpfwLWF.sys [53384] =>.ESET, spol. s r.o.® O58 - SDL:2016/04/13 13:31:40 A . (.ESET - ESET Personal Firewall driver.) -- C:\WINDOWS\System32\drivers\epfwwfp.sys [84800] =>.ESET, spol. s r.o.® O58 - SDL:2015/10/30 11:17:22 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] =>.Microsoft Windows® O58 - SDL:2014/06/11 06:44:36 A . (.GenesysLogic - GeneStor.) -- C:\WINDOWS\System32\drivers\GeneStor.sys [110824] =>.GENESYS LOGIC, INC.® O58 - SDL:2015/10/30 11:17:22 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:18 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation O58 - SDL:2015/10/30 11:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [165888] =>.Intel Corporation O58 - SDL:2015/10/30 11:17:18 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group® O58 - SDL:2015/10/30 11:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation O58 - SDL:2014/06/11 02:40:23 A . (.Intel Corporation - Intel(R) Serial IO SPI Driver.) -- C:\WINDOWS\System32\drivers\iaLPSS_SPI.sys [100856] =>.Intel Corporation - Software and Firmware Products® O58 - SDL:2014/06/11 02:40:23 A . (.Intel Corporation - Intel(R) Serial IO UART Driver.) -- C:\WINDOWS\System32\drivers\iaLPSS_UART2.sys [143864] =>.Intel Corporation - Software and Firmware Products® O58 - SDL:2014/06/25 21:30:54 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver -.) -- C:\WINDOWS\System32\drivers\iaStorA.sys [670056] =>.Intel Corporation - Intel® Rapid Storage Technology® O58 - SDL:2015/10/30 11:17:22 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:22 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] =>.Microsoft Windows® O58 - SDL:2015/07/15 23:35:00 A . (.Intel Corporation - Intel(R) Wireless Bluetooth(R) USB Driver.) -- C:\WINDOWS\System32\drivers\ibtusb.sys [266512] =>.Intel Corporation-Wireless Connectivity Solutions® O58 - SDL:2015/09/30 20:39:34 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [6278392] =>.Intel Corporation - pGFX® O58 - SDL:2014/11/06 13:16:16 N . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [453872] =>.Intel Corporation - Client Components Group® O58 - SDL:2013/07/18 05:59:00 A . (.Acer Incorporated - LMDriver.) -- C:\WINDOWS\System32\drivers\LMDriver.sys [21360] =>.Acer Incorporated® O58 - SDL:2015/10/30 11:17:23 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108888] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] =>.Microsoft Windows® O58 - SDL:2016/01/29 08:01:56 A . (.McAfee, Inc. - McAfee ELAM Driver.) -- C:\WINDOWS\System32\drivers\mfeelamk.sys [83608] =>.Microsoft Windows Early Launch Anti-malware Publisher® O58 - SDL:2015/10/30 11:17:23 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:19 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696] =>.Intel Corporation O58 - SDL:2015/10/30 11:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] =>.Microsoft Windows® O58 - SDL:2013/07/18 05:59:00 A . (.Acer Incorporated - RadioShim.) -- C:\WINDOWS\System32\drivers\RadioShim.sys [14680] =>.Acer Incorporated® O58 - SDL:2014/07/08 15:16:38 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4007512] =>.Realtek Semiconductor Corp® O58 - SDL:2015/10/30 11:17:23 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows® O58 - SDL:2015/12/08 06:00:54 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [122160] =>.DEVGURU CO LTD® O58 - SDL:2015/12/08 06:00:58 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [214832] =>.DEVGURU CO LTD® O58 - SDL:2015/10/30 11:17:23 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows® O58 - SDL:2014/02/19 15:20:30 A . (.Synaptics Incorporated - Synaptics I2C Driver.) -- C:\WINDOWS\System32\drivers\SynRMIHID.sys [42224] =>.Synaptics Incorporated® O58 - SDL:2014/10/10 21:37:14 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverx64.sys [129312] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O58 - SDL:2014/08/14 07:18:32 A . (.Intel Corporation - Intel(R) Virtual Buttons.) -- C:\WINDOWS\System32\drivers\VirtualButtons.sys [31512] =>.Intel(R) Software® O58 - SDL:2015/10/30 11:17:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] =>.Microsoft Windows® ---\\ Last modified or created user files (8) - 8s O61 - LFC: 2016/05/15 16:09:34 A . (..) -- C:\Users\Mhanna90\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_200_0_Data.bin [24438744] O61 - LFC: 2016/05/16 15:16:43 A . (..) -- C:\Users\Mhanna90\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_200_0_TabletMode_Data.bin [9695280] O61 - LFC: 2016/05/16 15:16:43 A . (..) -- C:\Users\Mhanna90\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_200_0_TabletMode_Header.bin [9640] O61 - LFC: 2016/05/15 02:31:32 A . (..) -- C:\Users\Mhanna90\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\speech_onecorereg.bin [8192] O61 - LFC: 2016/05/15 01:44:47 A . (..) -- C:\Users\Mhanna90\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\UrlBlock\urlblock_635988550524094728.bin [93083] O61 - LFC: 2016/05/15 16:09:43 A . (..) -- C:\Users\Mhanna90\AppData\Local\Packages\king.com.CandyCrushSodaSaga_kgqvnymyfvs32\LocalState\Documents\ServiceLayer\FrequencyTable_6696308212.bin [76] O61 - LFC: 2016/05/15 16:09:43 A . (..) -- C:\Users\Mhanna90\AppData\Local\Packages\king.com.CandyCrushSodaSaga_kgqvnymyfvs32\LocalState\Documents\ServiceLayer\WIPL83790fa9094f15c2bf063ad46e910e5c_6696308212_54_AE_AE_en_1.65.8.bin [179] O61 - LFC: 2016/05/17 19:38:00 A . (..) -- C:\Users\Mhanna90\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin [16148] ---\\ File Associations Shell Spawning (10) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Start Menu Internet (12) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe =>.Opera Software ASA® O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ---\\ Search Browser Infection (4) - 1s O69 - SBI: SearchScopes [HKCU] {AA9A4890-4262-4441-8977-E2FFCBFB706C} - (Yahoo!) - http://us.yhs4.search.yahoo.com/ =>.Yahoo Search O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {83FBF02A-7F3C-4728-8DC6-DCD8E81C97BF} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {AA9A4890-4262-4441-8977-E2FFCBFB706C} - (Yahoo!) - http://us.yhs4.search.yahoo.com/ =>.Yahoo Search ---\\ Search Svchost Services (41) - 1s O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [192000] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [192000] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [283136] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\WINDOWS\System32\gpsvc.dll [1338368] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\WINDOWS\System32\ikeext.dll [957952] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\WINDOWS\System32\iphlpsvc.dll [958464] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\WINDOWS\System32\appinfo.dll [94720] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\WINDOWS\system32\iscsiexe.dll [151040] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\WINDOWS\System32\eapsvc.dll [112640] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\WINDOWS\system32\schedsvc.dll [997376] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [225280] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [134656] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [328192] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [372736] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\WINDOWS\System32\wercplsupport.dll [96256] =>.Microsoft Corporation O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [186880] =>.Microsoft Corporation O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\WINDOWS\system32\wlidsvc.dll [2057216] =>.Microsoft Corporation O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\WINDOWS\System32\ncasvc.dll [168960] =>.Microsoft Corporation O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\WINDOWS\System32\NetSetupSvc.dll [207360] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\WINDOWS\system32\themeservice.dll [59392] =>.Microsoft Corporation O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [1073152] =>.Microsoft Corporation O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll [27136] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [106496] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [696320] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [507904] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\System32\sens.dll [73216] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\System32\ipnathlp.dll [456704] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [311808] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2280960] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll [1144320] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [608768] =>.Microsoft Corporation O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [57856] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\WINDOWS\System32\bdesvc.dll [361472] =>.Microsoft Corporation O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1035776] =>.Microsoft Corporation O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [360960] =>.Microsoft Corporation O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1139712] =>.Microsoft Corporation O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [278016] =>.Microsoft Corporation O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [205824] =>.Microsoft Corporation O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [912384] =>.Microsoft Corporation O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [948736] =>.Microsoft Corporation ---\\ Firewall Active Exception List (26) - 3s O87 - FAEL: "{4369FB05-5C82-4B07-83A7-AB69B7FC7AE2}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (.not file.) O87 - FAEL: "{177ECF72-6107-4C7B-890C-DCA9269C28AC}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (.not file.) O87 - FAEL: "{A9B4AECA-6557-4A6C-BCB5-962691B29164}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (.not file.) O87 - FAEL: "{6C50E557-6CF2-43E1-B9ED-8AD569FA1918}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (.not file.) O87 - FAEL: "{0F9776BC-A35C-49C0-B8C3-18E6ABA54E9F}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (.not file.) O87 - FAEL: "{2014A3F5-7CA1-46E6-B5E5-A2725E4641F4}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (.not file.) O87 - FAEL: "{09DEC4FE-8E47-4C0D-B723-38122C182D20}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (.not file.) O87 - FAEL: "{20E6943A-8640-4502-8A8E-7D6907E2652B}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (.not file.) O87 - FAEL: "{56AF7196-BAE2-4B44-84CE-DA3AE32E7DB9}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (.not file.) O87 - FAEL: "{C7F00A58-29E9-4C97-836B-DF7B4818B520}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (.not file.) O87 - FAEL: "{71BBCE20-EF17-4529-9C19-958580485501}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (.not file.) O87 - FAEL: "{A39B33DB-1CB9-4763-AAF9-9DB6C8EB9B37}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (.not file.) O87 - FAEL: "{11A2DCB6-177D-4599-85FD-E1218B8911E1}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (.not file.) O87 - FAEL: "{A178A537-29AC-4A7F-BDC7-D43E744AE864}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (.not file.) O87 - FAEL: "{D44C4E50-BE95-471D-B066-5A77A25BA3F5}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (.not file.) O87 - FAEL: "{C0A25750-687B-4E02-B42C-F2E2BADE108E}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (.not file.) O87 - FAEL: "{7F4C7502-2A1D-4D84-BEA3-6897E33BC6F6}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (.not file.) O87 - FAEL: "{445BD37E-D153-41DD-8F6F-D58BA50FAF6B}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (.not file.) O87 - FAEL: "{A5A8244C-3C95-42F4-9A5A-E71320AB5EA8}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (.not file.) O87 - FAEL: "{C92C8358-A6E9-431C-9DB7-1CFD0817B3CA}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (.not file.) O87 - FAEL: "{AF82A020-F858-44F9-AB9F-6F3870E9BDF5}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (.not file.) O87 - FAEL: "{FA9C1D8F-1D2C-48F6-9367-F6DC6D0E9524}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (.not file.) O87 - FAEL: "TCP Query User{95522E85-D7D0-4B8E-9E3B-A6CF2FD92E39}C:\users\mhanna90\appdata\local\popcorn time community\nw.exe" [In-None-P6-TRUE] .(...) -- C:\users\mhanna90\appdata\local\popcorn time community\nw.exe O87 - FAEL: "UDP Query User{1F461791-C7EF-4C2B-AE14-3C12B7118F27}C:\users\mhanna90\appdata\local\popcorn time community\nw.exe" [In-None-P17-TRUE] .(...) -- C:\users\mhanna90\appdata\local\popcorn time community\nw.exe O87 - FAEL: "TCP Query User{DD254022-5DD6-48B9-BFEB-5237479DB799}C:\users\mhanna90\appdata\local\popcorn time community\nw.exe" [In-None-P6-TRUE] .(...) -- C:\users\mhanna90\appdata\local\popcorn time community\nw.exe O87 - FAEL: "UDP Query User{35540BE9-4557-4637-A42F-0FB674F3C34B}C:\users\mhanna90\appdata\local\popcorn time community\nw.exe" [In-None-P17-TRUE] .(...) -- C:\users\mhanna90\appdata\local\popcorn time community\nw.exe ---\\ Additional Scan (O88) (3) - 0s C:\Users\Mhanna90\AppData\Roaming\RPEng =>PUP.Optional.Generic C:\WINDOWS\Prefetch\LENOVOSHAREITSOFTONIC.TMP-B48FEEC7.pf =>.Superfluous.Softonic C:\WINDOWS\Prefetch\LENOVOSHAREITSOFTONIC.TMP-EFDF0EC8.pf =>.Superfluous.Softonic ---\\ Summary of the elements found (2) - 0s http://www.nicolascoolman.info/2016/05/01/definition-dun-logiciel-pup-lpi/ =>PUP.Optional.Generic http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Softonic ~ End of the scan, 24902 items in 00h02mn52s (893)(0)