Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2018.5.11.106 By Nicolas Coolman (2018/05/11)
~ Run by AYMEN (Administrator) (2018/05/13 12:31:01)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Certificate ZHPDiag: Legal
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\AYMEN\Desktop\ZHPDiag.txt
~ Report: C:\Users\AYMEN\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Windows 10 Pro, 64-bit (Build 16299) =>.Microsoft Corporation
---\\ Internet Browsers (5) - 0s
~ GCIE: Google Chrome v64.0.3282.186
~ MFIE: Mozilla Firefox 60.0 (x64 en-US)
~ MFIE: Opera 52.0.2871.99
~ MSIE: Microsoft Edge v40
~ MSIE: Internet Explorer v11.371.16299.0
---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : KO
---\\ System protection software (2) - 5s
Windows Defender W10 (Activate) (Protection)
Malwarebytes version 3.4.5.2467 v3.4.5.2467 (Protection)
---\\ Surveillance software (3) - 5s
~ Adobe Flash Player 29 NPAPI (Surveillance)
~ Adobe Flash Player 29 PPAPI (Surveillance)
~ Adobe Acrobat Reader DC (Surveillance)
---\\ System optimization software (2) - 5s
~ Baidu PC Faster v5.1.3.131061 (Optimisation)
~ Driver Booster 5 v5.3.0 (Optimisation)
---\\ Informations on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 4078.952 MB (27% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 60 GB (45%) free of 132 GB : OK =>.Disk Space
---\\ Connection to the system mode (3) - 0s
~ Computer Name: PC-AYMEN
~ User Name: AYMEN
~ Logged in as Administrator
---\\ Enumeration of the disk units (4) - 0s
~ Drive C: has 60 GB free of 132 GB (System)
~ Drive D: has 48 GB free of 111 GB
~ Drive E: has 40 GB free of 122 GB
~ Drive F: has 60 GB free of 110 GB
---\\ State of the Windows Security Center (7) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Search Generic System Files (24) - 2s
[MD5.A77D56422C38C1F8A00D95D2D5B1675E] - 10/02/2018 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [3904296] =>.Microsoft Windows®
[MD5.731A783A36A8E69A6434D19D98B12A09] - 29/09/2017 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [71168] =>.Microsoft Corporation
[MD5.BF3E1D9B2360C6BE4CC3094CD2DDC617] - 29/09/2017 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [359584] =>.Microsoft Corporation
[MD5.4B7CC97FD920122FD6A2224A1DC83BAF] - 30/03/2018 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [3334144] =>.Microsoft Corporation
[MD5.C67E7F605A830AA96A204ECCDC678FBC] - 30/03/2018 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [716288] =>.Microsoft Corporation
[MD5.4D487E7D2B047FB929BE00117C09F9EC] - 29/09/2017 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [414720] =>.Microsoft Corporation
[MD5.51A5224C9B00B1F31C016B4B29F3DFB7] - 13/03/2018 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [739696] =>.Microsoft Windows®
[MD5.CCF0DECFEB3D31F4CB733B39EFDFBAB3] - 13/03/2018 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [597160] =>.Microsoft Windows®
[MD5.9619C0D7DB55CC3A636A24A7D82B0C8E] - 30/03/2018 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [614304] =>.Microsoft Corporation
[MD5.6191B9B2EE0E8CB957C683B9B341CC86] - 29/09/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28568] =>.Microsoft Corporation
[MD5.9E82A95D77AC78C84BA75FF896B060BF] - 29/09/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [93184] =>.Microsoft Corporation
[MD5.6D83565C1652E80447EDEA6947FA89D7] - 29/09/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [159744] =>.Microsoft Corporation
[MD5.FAEC08F583CAD06D4F057DBB733A03A1] - 30/03/2018 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [151040] =>.Microsoft Corporation
[MD5.99A34FD1F6431A10D8C3BB50E170D0F2] - 29/09/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [86016] =>.Microsoft Corporation
[MD5.56FF074E50F9042FD2856AB3418F4B18] - 29/09/2017 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [105984] =>.Microsoft Corporation
[MD5.7BEC2AF23F586EFF0DB4DBF4331B0C70] - 29/09/2017 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [214016] =>.Microsoft Corporation
[MD5.71729B1EE949E1B092CB5CB75CC63715] - 10/02/2018 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [494488] =>.Microsoft Corporation
[MD5.E5C5E6ED3949546E2ACA79B6A3817202] - 30/03/2018 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [316928] =>.Microsoft Corporation
[MD5.ADF52C1A5831EA1009382B3BE3A204B3] - 30/03/2018 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2395040] =>.Microsoft Corporation
[MD5.2E07EC2C1622F5E7B535D62DCD61F3AB] - 29/09/2017 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [98816] =>.Microsoft Corporation
[MD5.E0220BB6580D34001D4D1D133052DAA4] - 29/09/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [106496] =>.Microsoft Corporation
[MD5.39886C19FB466BBF8AEC31E3E77C034C] - 30/03/2018 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [182784] =>.Microsoft Corporation
[MD5.09125A12CAB5F8D5EAE9C83C25792FDD] - 30/03/2018 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [121248] =>.Microsoft Corporation
[MD5.5B27846CF4B1C21AFB3A35A8336BA02F] - 04/02/2018 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [401304] =>.Microsoft Corporation
---\\ Non Microsoft non disabled Windows Services (15) - 5s
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated®
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\WINDOWS\System32\atiesrxx.exe =>.AMD
O23 - Service: AndServMgr (AndServMgr) . (.American Megatrends Inc. - AndServMgr.) - C:\Program Files\AMI\DuOS\AndServMgr.exe {5F2E8BED39F2DAF916B80B78BA5058E9} =>.American Megatrends Inc.
O23 - Service: Dell Data Vault Service API (DDVCollectorSvcApi) . (.Dell Inc. - Dell Data Vault Data Collector Service API.) - C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe =>.Dell Inc®
O23 - Service: Dell Data Vault Collector (DDVDataCollector) . (.Dell Inc. - Dell Data Vault Data Collector Service.) - C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe =>.Dell Inc®
O23 - Service: Dell Data Vault Processor (DDVRulesProcessor) . (.Dell Inc. - Dell Data Vault Rules Processor.) - C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe =>.Dell Inc®
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\WINDOWS\System32\igfxCUIService.exe =>.Intel Corporation
O23 - Service: Malwarebytes Service (MBAMService) . (.Malwarebytes - Malwarebytes Service.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
O23 - Service: OkayFreedom VPN Starter Service (OkayFreedom VPN Starter Service) . (.Steganos Software GmbH - OkayFreedom.) - C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe {6F5DBE5F762CABFA60EC08D7} =>.Steganos Software GmbH
O23 - Service: Baidu PC Faster Service 5.1.0.0 (PCFasterSvc_{PCFaster_5.1.0.0}) . (.Baidu, Inc. - Baidu PC Faster Service.) - F:\Program Files (x86)\baidu scerty\5.1.0.0\PCFasterSvc.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp®
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) . (.Dell Inc. - Service.) - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe =>.Dell Inc.®
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
O23 - Service: Wondershare Application Framework Service (WsAppService) . (.Wondershare - Wondershare Passport.) - C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe =>.Wondershare Technology Co.,Ltd®
O23 - Service: Wondershare Driver Install Service (WsDrvInst) . (...) - C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe (.not file.)
---\\ Services not Microsoft (SR=Run, SS=Stop) (32) - 24s
SS - Demand [09/02/2018] [ 83984] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SS - Demand [18/04/2018] [ 272384] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SS - Auto [05/01/2018] [ 2319848] Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated®
SS - Auto [01/09/2015] [ 265776] (AMD External Events Utility) . (.AMD.) - C:\WINDOWS\System32\atiesrxx.exe =>.Microsoft Windows Hardware Compatibility Publisher®
SS - Auto [30/10/2015] [ 82384] AndServMgr (AndServMgr) . (.American Megatrends Inc..) - C:\Program Files\AMI\DuOS\AndServMgr.exe {5F2E8BED39F2DAF916B80B78BA5058E9} =>.American Megatrends Inc.
SS - Demand [29/06/2015] [ 323152] AtherosSvc (AtherosSvc) . (...) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe =>.Atheros
SS - Disabl [02/11/2015] [ 77944] Autodesk Licensing Service (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe =>.Autodesk, Inc®
SS - Demand [08/03/2018] [ 7013384] BattlEye Service (BEService) . (...) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe =>.BattlEye Innovations e.K.®
SS - Demand [03/05/2016] [ 299488] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel(R) pGFX®
SS - Auto [14/12/2017] [ 208792] Dell Data Vault Service API (DDVCollectorSvcApi) . (.Dell Inc..) - C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe =>.Dell Inc®
SS - Auto [14/12/2017] [ 3294608] Dell Data Vault Collector (DDVDataCollector) . (.Dell Inc..) - C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe =>.Dell Inc®
SS - Auto [14/12/2017] [ 217488] Dell Data Vault Processor (DDVRulesProcessor) . (.Dell Inc..) - C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe =>.Dell Inc®
SS - Disabl [18/09/2015] [ 1357104] FlexNet Licensing Service 64 (FlexNet Licensing Service 64) . (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe =>.Flexera Software LLC®
SS - Demand [08/02/2017] [ 153752] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [08/02/2017] [ 153752] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [24/04/2012] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe =>.Intel Corporation®
SS - Auto [03/05/2016] [ 337888] Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\WINDOWS\System32\igfxCUIService.exe =>.Intel(R) pGFX®
SS - Disabl [22/04/2016] [ 2960160] LiveUpdate (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe =>.IObit Information Technology®
SS - Demand [04/09/2013] [ 390616] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products®
SR - Auto [27/03/2018] [ 6479136] Malwarebytes Service (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SS - Disabl [09/05/2018] [ 194512] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SS - Demand [29/03/2018] [ 9960560] MRAC Service (mracsvc) . (.LLC Mail.Ru.) - C:\WINDOWS\System32\mracsvc.exe {0D80906F98A4F294ECE988859BB8D5DB} =>.LLC Mail.Ru
SS - Auto [29/01/2018] [ 358408] OkayFreedom VPN Starter Service (OkayFreedom VPN Starter Service) . (.Steganos Software GmbH.) - C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe {6F5DBE5F762CABFA60EC08D7} =>.Steganos Software GmbH
SS - Auto [13/05/2015] [ 1713936] Baidu PC Faster Service 5.1.0.0 (PCFasterSvc_{PCFaster_5.1.0.0}) . (.Baidu, Inc..) - F:\Program Files (x86)\baidu scerty\5.1.0.0\PCFasterSvc.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
SS - Demand [01/03/2013] [ 118520] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe =>.Riverbed Technology, Inc.®
SS - Auto [22/05/2015] [ 294616] Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp®
SS - Disabl [08/01/2016] [ 754784] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe =>.Samsung Electronics CO., LTD.®
SS - Demand [03/04/2018] [ 1671968] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve®
SS - Auto [14/02/2018] [ 41432] Dell SupportAssist Agent (SupportAssistAgent) . (.Dell Inc..) - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe =>.Dell Inc.®
SS - Auto [08/04/2018] [ 252504] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
SS - Demand [30/06/2017] [ 873968] TunngleService (TunngleService) . (.Tunngle.net GmbH.) - C:\Program Files (x86)\Tunngle\TnglCtrl.exe =>.Tunngle.net GmbH
SS - Auto [26/01/2018] [ 495840] Wondershare Application Framework Service (WsAppService) . (.Wondershare.) - C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe =>.Wondershare Technology Co.,Ltd®
---\\ Task Planned Automatically (Register) (38) - 8s
O38 - TASK: {0C04E6C9-F40C-4E81-B6DD-E4EE686DE068} [64Bits][\Driver Booster SkipUAC (AYMEN)] - (.IObit - Driver Booster.) -- C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DriverBooster.exe [6095120] =>.IObit
O38 - TASK: {0F49DBD9-A7E5-45EB-926C-2E8F87FD085F} [64Bits][\AdobeGCInvoker-1.0-MicrosoftAccount-s-aymen07@outlook.fr] - (.Adobe Systems, Incorporated - Adobe GC Invoker Utility.) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880] =>.Adobe Systems, Incorporated
O38 - TASK: {2531A11C-C536-411A-9B51-A42225ACE436} [64Bits][\Dell SupportAssistAgent AutoUpdate] - (.Dell Inc. - SupportAssist.) -- C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [38872] =>.Dell Inc.
O38 - TASK: {2B1F7BF5-0B17-4DDD-AE12-8DACC9150B48} [64Bits][\JetBoost_AutoUpdate] - (.BlueSprig - JetBoost Updater.) -- C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe [724336] =>.BlueSprig
O38 - TASK: {3829BF64-9601-47E9-BFF6-6AEBB03A604E} [64Bits][\AMD Updater] - (.Advanced Micro Devices, Inc. - AMD Install Manager.) -- C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [10385288] =>.Advanced Micro Devices, Inc.
O38 - TASK: {3CA2553E-0FC0-44B0-823D-E407BD606E50} [64Bits][\{091933B7-6B50-4EA5-AB10-1C4EF1645C6D}] - (...) -- D:\اوتوديسك\AutoCAD 2004 FR\License.exe [48747]
O38 - TASK: {557632C9-3369-4C20-9CBE-E5D3F7C79978} [64Bits][\GoogleUpdateTaskMachineCore] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] =>.Google Inc.
O38 - TASK: {589D6D24-C025-489F-BFA9-D374A22498F4} [64Bits][\Adobe Flash Player NPAPI Notifier] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [1366528] =>.Adobe Systems Incorporated
O38 - TASK: {82DD3F42-805C-4C86-BC24-244F2ACC58B1} [64Bits][\Driver Booster Scheduler] - (.IObit - Driver Booster Scheduler.) -- C:\Program Files (x86)\IObit\Driver Booster\5.3.0\Scheduler.exe [147232] =>.IObit
O38 - TASK: {8FB4E056-BD67-40C8-ACA1-378050020DB1} [64Bits][\ParkControl] - (.Bitsum LLC - Automate, Display, and Tweak CPU Core Parki.) -- F:\Program Files\ParkControl\ParkControl.exe [421624] =>.Bitsum LLC
O38 - TASK: {95B5B579-7ACE-457C-8438-B14A8083A8AD} [64Bits][\Opera scheduled Autoupdate 1453206696] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe [1078872] =>.Opera Software
O38 - TASK: {9D996589-6AF6-49A3-9F03-ABDDDB34EA1D} [64Bits][\Adobe Flash Player PPAPI Notifier] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [1366528] =>.Adobe Systems Incorporated
O38 - TASK: {B51C00F8-5D5E-42EE-96C7-A625388FE91F} [64Bits][\Baidu PC Faster Update] - (.Baidu, Inc. - Baidu PC Faster Updater.) -- F:\Program Files (x86)\baidu scerty\5.1.0.0\Updater.exe [1359120] =>.Baidu, Inc.
O38 - TASK: {B5274BB1-3773-45E9-9F9F-10F9EB8F972E} [64Bits][\{B91A68A4-DF1E-4E3E-9658-FEA8BD5A657B}] - (.Creative Labs Inc. - OpenAL Installer.) -- C:\Program Files (x86)\OpenAL\OpenAL2_0_7.exe [809496] =>.Creative Labs Inc.
O38 - TASK: {BB20C678-81BE-4ACE-A6B9-19E519B6820C} [64Bits][\RtHDVBg_PushButton] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880] =>.Realtek Semiconductor
O38 - TASK: {C569E2D1-A0BA-4600-B8FA-578E69FFDEB5} [64Bits][\Adobe Flash Player Updater] - (.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 29.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384] =>.Adobe Systems Incorporated
O38 - TASK: {F15803DF-210F-49B2-82C5-9901391A44EE} [64Bits][\Synaptics TouchPad Enhancements] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4148312] =>.Synaptics Incorporated
O38 - TASK: {FF0447FC-B513-48B6-9792-BC91E7A77165} [64Bits][\GoogleUpdateTaskMachineUA] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] =>.Google Inc.
O38 - TASK: {FF6A4B1E-6858-4219-A7EC-C16FF37E0024} [64Bits][\Adobe Acrobat Update Task] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1183256] =>.Adobe Systems Incorporated
C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (AYMEN) - (.IObit.) -- C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DriverBooster.exe [/skipuac] =>.IObit
C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-s-aymen07@outlook.fr - (.Adobe Systems, Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [] =>.Adobe Systems, Incorporated
C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate - (.Dell Inc..) -- C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [AutoUpdate] =>.Dell Inc.
C:\WINDOWS\System32\Tasks\JetBoost_AutoUpdate - (.BlueSprig.) -- C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe [/AUTORUN] =>.BlueSprig
C:\WINDOWS\System32\Tasks\AMD Updater - (.Advanced Micro Devices, Inc..) -- C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [/AUTOUPDATEIN] =>.Advanced Micro Devices, Inc.
C:\WINDOWS\System32\Tasks\{091933B7-6B50-4EA5-AB10-1C4EF1645C6D} - (...) -- D:\اوتوديسك\AutoCAD 2004 FR\License.exe [D:\اوتوديسك\AutoCAD 2004 FR\License.exe]
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [/c] =>.Google Inc.
C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [-check plugin] =>.Adobe Systems Incorporated
C:\WINDOWS\System32\Tasks\Driver Booster Scheduler - (.IObit.) -- C:\Program Files (x86)\IObit\Driver Booster\5.3.0\Scheduler.exe [/scheduler] =>.IObit
C:\WINDOWS\System32\Tasks\ParkControl - (.Bitsum LLC.) -- F:\Program Files\ParkControl\ParkControl.exe [/systray] =>.Bitsum LLC
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1453206696 - (.Opera Software.) -- C:\Program Files (x86)\Opera\launcher.exe [--scheduledautoupdate] =>.Opera Software
C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [-check pepperplugin] =>.Adobe Systems Incorporated
C:\WINDOWS\System32\Tasks\Baidu PC Faster Update - (.Baidu, Inc..) -- F:\Program Files (x86)\baidu scerty\5.1.0.0\Updater.exe [-no_ui] =>.Baidu, Inc.
C:\WINDOWS\System32\Tasks\{B91A68A4-DF1E-4E3E-9658-FEA8BD5A657B} - (.Creative Labs Inc..) -- C:\Program Files (x86)\OpenAL\OpenAL2_0_7.exe [C:\Program Files (x86)\OpenAL\OpenAL2_0_7.exe] =>.Creative Labs Inc.
C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton - (.Realtek Semiconductor.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [/IM] =>.Realtek Semiconductor
C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [] =>.Adobe Systems Incorporated
C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [] =>.Synaptics Incorporated
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [/ua] =>.Google Inc.
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [] =>.Adobe Systems Incorporated
---\\ Auto loading programs from Registry and folders (9) - 2s
O4 - HKLM\..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Defender notification icon.) -- C:\Program Files\Windows Defender\MSASCuiL.exe =>.Microsoft Windows®
O4 - HKLM\..\Run: [AdobeGCInvoker-1.0] . (.Adobe Systems, Incorporated - Adobe GC Invoker Utility.) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe =>.Adobe Systems Incorporated®
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Wow6432Node\Run: [Baidu PC Faster 5.1.0.0] . (.Baidu, Inc. - PC Faster Tray.) -- F:\Program Files (x86)\baidu scerty\5.1.0.0\PCFTray.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O4 - HKLM\..\Wow6432Node\Run: [AdobeCEPServiceManager] . (.Adobe Systems Incorporated - Adobe CEP Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe =>.Adobe Systems Incorporated®
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.®
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows®
---\\ Process running (9) - 2s
[MD5.96FA5B38DD94C8D49289CE75150D97C3] - (.Malwarebytes - Malwarebytes Service.) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136] [PID.1720] =>.Malwarebytes Corporation®
[MD5.D6ACB2AC4CB5699FB7181DAB41085230] - (.Malwarebytes - Malwarebytes Tray Application.) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [3751712] [PID.2524] =>.Malwarebytes Corporation®
[MD5.7A55AA36D1F4FF558F21B5119DF48590] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [442832] [PID.3856] =>.Mozilla Corporation®
[MD5.7A55AA36D1F4FF558F21B5119DF48590] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [442832] [PID.2960] =>.Mozilla Corporation®
[MD5.7A55AA36D1F4FF558F21B5119DF48590] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [442832] [PID.2452] =>.Mozilla Corporation®
[MD5.7A55AA36D1F4FF558F21B5119DF48590] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [442832] [PID.3272] =>.Mozilla Corporation®
[MD5.7A55AA36D1F4FF558F21B5119DF48590] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [442832] [PID.4668] =>.Mozilla Corporation®
[MD5.7A55AA36D1F4FF558F21B5119DF48590] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [442832] [PID.4604] =>.Mozilla Corporation®
[MD5.548FEBB6B27D337D96F2587A98D36CD2] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\AYMEN\Downloads\ZHPDiag3.exe [3094400] [PID.4776] =>.Nicolas Coolman
---\\ Google Chrome, Start,Search,Extensions (22) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google-analytics.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://log.getadblock.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ping.getadblock.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.google-analytics.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://sstats.adobe.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.facebook.com =>.Facebook
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.dz =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com =>.Google Inc.
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.google.com =>.Google Inc.
G2 - GCE: Preference [AYMEN][User Data\Default] [dcanahkfmlgbgmnjlcmpmjcmbldniele] Message Cleaner =>.Senthilkumar
G2 - GCE: Preference [AYMEN][User Data\Default] [efaidnbmnnnibpcajpcglclefindmkaj] =>.Adobe Inc. {Acrobat}
G2 - GCE: Preference [AYMEN][User Data\Default] [fcachklhcihfinmagjnlomehfdhndhep] Toolkit For Facebook =>.getmyscript.com
G2 - GCE: Preference [AYMEN][User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] Michael Gundlach =>.Wladimir Palant {AdBlock}
G2 - GCE: Preference [AYMEN][User Data\Default] [hgiidlnejdlfoacoeleopkljhbckmlko] Facebook - Delete All Messages
G2 - GCE: Preference [AYMEN][User Data\Default] [icppfcnhkcmnfdhfhphakoifcfokfdhg] http://play.google.com/
G2 - GCE: Preference [AYMEN][User Data\Default] [komhbcfkdcgmcdoenjcjheifdiabikfi] Google Play =>.Google Inc.
G2 - GCE: Preference [AYMEN][User Data\Default] [ljfidlkcmdmmibngdfikhffffdmphjae] Social Book Post Manager
G2 - GCE: Preference [AYMEN][User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module =>.IDM Computer Solutions, Inc.
G2 - GCE: Preference [AYMEN][User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
G2 - GCE: Preference [AYMEN][User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (17) - 12s
M0 - MFSP: prefs.js [AYMEN - z6m4so44.default-1459101750759] http://www.malwarebytes.org/
P2 - EXT FILE: (.Youtube Mp3 Downloader - Youtube Mp3 Downloader is one of the f.) -- C:\Users\AYMEN\AppData\Roaming\Mozilla\Firefox\Profiles\z6m4so44.default-1459101750759\extensions\6asa42dfa4784fsf368g@youtubeconverter.me.xpi =>.Youtube Mp3 Downloader
P2 - EXT FILE: (.Adblock Plus - Ads were yesterday!.) -- C:\Users\AYMEN\AppData\Roaming\Mozilla\Firefox\Profiles\z6m4so44.default-1459101750759\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus
P2 - EXT FILE: (.Youtube Mp3 Downloader - Youtube Mp3 Downloader is one of the f.) -- C:\Users\AYMEN\AppData\Roaming\Mozilla\Firefox\Profiles\j3bmec51.Firefox Default-1526052356706\extensions\6asa42dfa4784fsf368g@youtubeconverter.me.xpi =>.Youtube Mp3 Downloader
P2 - EXT FILE: (.Password Exporter - Export and import your saved passwords.) -- C:\Users\AYMEN\AppData\Roaming\Mozilla\Firefox\Profiles\j3bmec51.Firefox Default-1526052356706\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi =>.Password Exporter
P2 - EXT FILE: (.Simple YouTube MP3 Button - Adds a small and simple button to YouT.) -- C:\Users\AYMEN\AppData\Roaming\Mozilla\Firefox\Profiles\j3bmec51.Firefox Default-1526052356706\extensions\{e33788ea-0bb9-4502-9c77-bdc551afc8ab}.xpi =>.Simple YouTube MP3 Button
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\followonsearch@mozilla.com.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\onboarding@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi =>.Mozilla Corporation
P2 - FPN: [HKCU] [@hola.org/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Users\AYMEN\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll =>.Adobe Systems Incorporated
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_140.dll =>.Adobe Systems Incorporated
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect] - (...) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
---\\ Internet Explorer Extensions, Start, Search (19) - 2s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com =>.Google Inc.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com =>.Google Inc.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com =>.Google Inc.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com =>.Google Inc.
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKEY_USERS\S-1-5-21-4115540981-87220204-3282228054-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com =>.Google Inc.
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (11.00.16299.371 (WinBuild.160101.0800)) -- C:\Windows\System32\ieframe.dll =>.Microsoft Corporation
---\\ INTERNET EXPLORER, trusted site and sensitive site (101) - 2s
~ IE Restricted Site Potentially Unwanted: 008i.com
~ IE Restricted Site Potentially Unwanted: 008k.com
~ IE Restricted Site Potentially Unwanted: 00hq.com
~ IE Restricted Site Potentially Unwanted: 0190-dialers.com
~ IE Restricted Site Potentially Unwanted: 01i.info
~ IE Restricted Site Potentially Unwanted: 02pmnzy5eo29bfk4.com
~ IE Restricted Site Potentially Unwanted: 05p.com
~ IE Restricted Site Potentially Unwanted: 07ic5do2myz3vzpk.com
~ IE Restricted Site Potentially Unwanted: 08nigbmwk43i01y6.com
~ IE Restricted Site Potentially Unwanted: 093qpeuqpmz6ebfa.com
~ IE Restricted Site Potentially Unwanted: 0calories.net
~ IE Restricted Site Potentially Unwanted: 0cj.net
~ IE Restricted Site Potentially Unwanted: 0scan.com
~ IE Restricted Site Potentially Unwanted: 1-britney-spears-nude.com
~ IE Restricted Site Potentially Unwanted: 1-domains-registrations.com
~ IE Restricted Site Potentially Unwanted: 1-se.com
~ IE Restricted Site Potentially Unwanted: 1001movie.com
~ IE Restricted Site Potentially Unwanted: 1001night.biz
~ IE Restricted Site Potentially Unwanted: 100gal.net
~ IE Restricted Site Potentially Unwanted: 100sexlinks.com
~ IE Restricted Site Potentially Unwanted: 101hotteens.com
~ IE Restricted Site Potentially Unwanted: 101lottery.com
~ IE Restricted Site Potentially Unwanted: 123expressview.com
~ IE Restricted Site Potentially Unwanted: 123found.com
~ IE Restricted Site Potentially Unwanted: 123keno.com
~ IE Restricted Site Potentially Unwanted: 12don.info
~ IE Restricted Site Potentially Unwanted: 143fuck.com
~ IE Restricted Site Potentially Unwanted: 17gamo.com
~ IE Restricted Site Potentially Unwanted: 17webplace.com
~ IE Restricted Site Potentially Unwanted: 180solutions.com
~ IE Restricted Site Potentially Unwanted: 1autocity.com
~ IE Restricted Site Potentially Unwanted: 1ive.net
~ IE Restricted Site Potentially Unwanted: 1se.ru
~ IE Restricted Site Potentially Unwanted: 1sexparty.com
~ IE Restricted Site Potentially Unwanted: 1stfind.com
~ IE Restricted Site Potentially Unwanted: 1stpagehere.com
~ IE Restricted Site Potentially Unwanted: 1traff.us
~ IE Restricted Site Potentially Unwanted: 1ze.net
~ IE Restricted Site Potentially Unwanted: 2-antispyware.com
~ IE Restricted Site Potentially Unwanted: 2004search.cc
~ IE Restricted Site Potentially Unwanted: 2004synchronationals.org
~ IE Restricted Site Potentially Unwanted: 2009download-best-soft.com
~ IE Restricted Site Potentially Unwanted: 2019wyt.com
~ IE Restricted Site Potentially Unwanted: 2020search.com
~ IE Restricted Site Potentially Unwanted: 20health.com
~ IE Restricted Site Potentially Unwanted: 20x2p.com
~ IE Restricted Site Potentially Unwanted: 23drf.com
~ IE Restricted Site Potentially Unwanted: 24-7find.com
~ IE Restricted Site Potentially Unwanted: 24qas.info
~ IE Restricted Site Potentially Unwanted: 24teen.com
~ IE Restricted Site Potentially Unwanted: 2828hfdy.com
~ IE Restricted Site Potentially Unwanted: 2pursuit.com
~ IE Restricted Site Potentially Unwanted: 30search.com
~ IE Restricted Site Potentially Unwanted: 31234.com
~ IE Restricted Site Potentially Unwanted: 3344g.com
~ IE Restricted Site Potentially Unwanted: 33search.cc
~ IE Restricted Site Potentially Unwanted: 34f.com
~ IE Restricted Site Potentially Unwanted: 34yo.com
~ IE Restricted Site Potentially Unwanted: 356563.net
~ IE Restricted Site Potentially Unwanted: 366ent.com
~ IE Restricted Site Potentially Unwanted: 36site.com
~ IE Restricted Site Potentially Unwanted: 3bomb.com
~ IE Restricted Site Potentially Unwanted: 3d-downloadportal.net
~ IE Restricted Site Potentially Unwanted: 3dxxx3d.com
~ IE Restricted Site Potentially Unwanted: 3xpowered.com
~ IE Restricted Site Potentially Unwanted: 4-counter.com
~ IE Restricted Site Potentially Unwanted: 404dnserror.com
~ IE Restricted Site Potentially Unwanted: 404dnspage.com
~ IE Restricted Site Potentially Unwanted: 404dnswebsite.com
~ IE Restricted Site Potentially Unwanted: 404mispage.com
~ IE Restricted Site Potentially Unwanted: 4buy.net
~ IE Restricted Site Potentially Unwanted: 4corn.net
~ IE Restricted Site Potentially Unwanted: 4ourtraff.com
~ IE Restricted Site Potentially Unwanted: 4pokertips.com
~ IE Restricted Site Potentially Unwanted: 53ia49772x7r16ks.com
~ IE Restricted Site Potentially Unwanted: 5foot.org
~ IE Restricted Site Potentially Unwanted: 5hvx2m8sixttkn8a.com
~ IE Restricted Site Potentially Unwanted: 5wheel.org
~ IE Restricted Site Potentially Unwanted: 600pics.com
~ IE Restricted Site Potentially Unwanted: 680130.net
~ IE Restricted Site Potentially Unwanted: 69teenage.com
~ IE Restricted Site Potentially Unwanted: 700xxx.com
~ IE Restricted Site Potentially Unwanted: 75tz.com
~ IE Restricted Site Potentially Unwanted: 76text-crypt.net
~ IE Restricted Site Potentially Unwanted: 777search.com
~ IE Restricted Site Potentially Unwanted: 777top.com
~ IE Restricted Site Potentially Unwanted: 7adpower.com
~ IE Restricted Site Potentially Unwanted: 7traffic.com
~ IE Restricted Site Potentially Unwanted: 888net.net
~ IE Restricted Site Potentially Unwanted: 8ad.com
~ IE Restricted Site Potentially Unwanted: 8senderos.com
~ IE Restricted Site Potentially Unwanted: 929oldies.com
~ IE Restricted Site Potentially Unwanted: 99livecam.com
~ IE Restricted Site Potentially Unwanted: a2zlinks.com
~ IE Restricted Site Potentially Unwanted: a311.com
~ IE Restricted Site Potentially Unwanted: aa02.com
~ IE Restricted Site Potentially Unwanted: aa03.com
~ IE Restricted Site Potentially Unwanted: aa04.com
~ IE Restricted Site Potentially Unwanted: aa05.com
~ IE Restricted Site Potentially Unwanted: aamhi.com
~ Microsoft Internet Explorer Restricted Site(s) Domains: 1(Good) / 4807(Bad)
---\\ Internet Explorer, Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 =>.Default.Value
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=
---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (63)
---\\ Browser Helper Object (BHO) (2) - 0s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll =>.Tonec Inc.®
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll =>.Microsoft Corporation®
---\\ Global shortcuts Startup (121) - 13s
O4 - GS\Desktop [Administrator]: Discord.lnk . (.GitHub - Update.) C:\Users\AYMEN\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\Desktop [Administrator]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Desktop [Administrator]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\AYMEN\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: OkayFreedom.lnk . (.Steganos Software GmbH - OkayFreedom.) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe {6F5DBE5F762CABFA60EC08D7} =>.Steganos Software GmbH
O4 - GS\Quicklaunch [Administrator]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Administrator]: Tunngle.lnk . (.Tunngle.net GmbH - Tunngle GUI.) C:\Program Files (x86)\Tunngle\Tunngle.exe =>.Tunngle.net GmbH
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Administrator]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) E:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\Programs [Administrator]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Programs [Administrator]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\AYMEN\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrator]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [Administrator]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Programs [Administrator]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) F:\Users\AYMEN\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [AYMEN]: Discord.lnk . (.GitHub - Update.) C:\Users\AYMEN\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\Desktop [AYMEN]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Desktop [AYMEN]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [AYMEN]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\AYMEN\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [AYMEN]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [AYMEN]: OkayFreedom.lnk . (.Steganos Software GmbH - OkayFreedom.) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe {6F5DBE5F762CABFA60EC08D7} =>.Steganos Software GmbH
O4 - GS\Quicklaunch [AYMEN]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [AYMEN]: Tunngle.lnk . (.Tunngle.net GmbH - Tunngle GUI.) C:\Program Files (x86)\Tunngle\Tunngle.exe =>.Tunngle.net GmbH
O4 - GS\sendTo [AYMEN]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [AYMEN]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [AYMEN]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [AYMEN]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) E:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\Programs [AYMEN]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Programs [AYMEN]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\AYMEN\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [AYMEN]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [AYMEN]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Programs [AYMEN]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) F:\Users\AYMEN\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [Guest]: Discord.lnk . (.GitHub - Update.) C:\Users\AYMEN\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\Desktop [Guest]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Desktop [Guest]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\AYMEN\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: OkayFreedom.lnk . (.Steganos Software GmbH - OkayFreedom.) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe {6F5DBE5F762CABFA60EC08D7} =>.Steganos Software GmbH
O4 - GS\Quicklaunch [Guest]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Guest]: Tunngle.lnk . (.Tunngle.net GmbH - Tunngle GUI.) C:\Program Files (x86)\Tunngle\Tunngle.exe =>.Tunngle.net GmbH
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Guest]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) E:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\Programs [Guest]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Programs [Guest]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\AYMEN\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Guest]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [Guest]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Programs [Guest]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) F:\Users\AYMEN\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [WDAGUtilityAccount]: Discord.lnk . (.GitHub - Update.) C:\Users\AYMEN\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\Desktop [WDAGUtilityAccount]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Desktop [WDAGUtilityAccount]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [WDAGUtilityAccount]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\AYMEN\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [WDAGUtilityAccount]: OkayFreedom.lnk . (.Steganos Software GmbH - OkayFreedom.) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe {6F5DBE5F762CABFA60EC08D7} =>.Steganos Software GmbH
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Tunngle.lnk . (.Tunngle.net GmbH - Tunngle GUI.) C:\Program Files (x86)\Tunngle\Tunngle.exe =>.Tunngle.net GmbH
O4 - GS\sendTo [WDAGUtilityAccount]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [WDAGUtilityAccount]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [WDAGUtilityAccount]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [WDAGUtilityAccount]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) E:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\Programs [WDAGUtilityAccount]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Programs [WDAGUtilityAccount]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\AYMEN\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [WDAGUtilityAccount]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [WDAGUtilityAccount]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Programs [WDAGUtilityAccount]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) F:\Users\AYMEN\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\CommonDesktop [Public]: AOMEI Partition Assistant Standard Edition 6.3.lnk . (.AOMEI Technology Co., Ltd. - AOMEI Partition Assistant.) C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.3\PartAssist.exe =>.CHENGDU AOMEI Tech Co., Ltd.®
O4 - GS\CommonDesktop [Public]: BlueStacks.lnk . (.BlueStack Systems, Inc. - BlueStacks 3.) C:\ProgramData\BlueStacks\Client\BlueStacks.exe =>.BlueStack Systems, Inc.®
O4 - GS\CommonDesktop [Public]: Blur.lnk . (...) F:\Games\Blur\Blur.exe
O4 - GS\CommonDesktop [Public]: Camtasia 9.lnk . (.TechSmith Corporation - Camtasia 9.) F:\Program Files\techsmith\Camtasia 9\CamtasiaStudio.exe =>.TechSmith Corporation®
O4 - GS\CommonDesktop [Public]: CWClient.lnk . (...) F:\Games\CWClient\CWClientLauncher.exe
O4 - GS\CommonDesktop [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Intel(R) HD Graphics Control Panel.lnk . (.Intel Corporation - GFXUIEX Module.) C:\WINDOWS\system32\GfxUIEx.exe =>.Intel Corporation
O4 - GS\CommonDesktop [Public]: Malwarebytes.lnk . (.Malwarebytes - Malwarebytes.) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: Minecraft.lnk . (.Mojang - Minecraft launcher.) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe =>.Mojang AB®
O4 - GS\CommonDesktop [Public]: OkayFreedom.lnk . (.Steganos Software GmbH - OkayFreedom.) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe {6F5DBE5F762CABFA60EC08D7} =>.Steganos Software GmbH
O4 - GS\CommonDesktop [Public]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) E:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\CommonDesktop [Public]: TruckersMP.lnk . (.Truckersmp.com - TruckersMP Launcher.) C:\Program Files\TruckersMP\Launcher.exe =>.Truckersmp.com
O4 - GS\CommonDesktop [Public]: Tunngle.lnk . (.Tunngle.net GmbH - Tunngle GUI.) C:\Program Files (x86)\Tunngle\Tunngle.exe =>.Tunngle.net GmbH
O4 - GS\CommonDesktop [Public]: WinThruster.lnk . (.Solvusoft - WinThruster.) C:\Program Files (x86)\WinThruster\WinThruster.exe {0087212C793673F38A9FDD9E7EE670CD33} =>.SUP.WinThruster
O4 - GS\Programs [Public]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\AYMEN\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [Public]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Programs [Public]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) F:\Users\AYMEN\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\internet explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Steps Recorder.) C:\WINDOWS\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\WINDOWS\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Access.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Acrobat Reader DC.lnk . (.Flexera Software LLC - InstallShield.) C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\SC_Reader.ico =>.Flexera Software LLC
O4 - GS\ProgramsCommon [Public]: Adobe After Effects CC 2017.lnk . (.Adobe Systems Incorporated - Adobe After Effects CC 2017.1.) C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe =>.Adobe Systems Incorporated®
O4 - GS\ProgramsCommon [Public]: Adobe Photoshop CC (64 Bit).lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CC.) F:\Program Files\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe =>.Adobe Systems Incorporated®
O4 - GS\ProgramsCommon [Public]: Adobe Photoshop CC.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CC.) F:\Program Files\Adobe\Adobe Photoshop CC\Photoshop.exe =>.Adobe Systems Incorporated®
O4 - GS\ProgramsCommon [Public]: Excel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Intel(R) HD Graphics Control Panel.lnk . (.Intel Corporation - GFXUIEX Module.) C:\WINDOWS\system32\GfxUIEx.exe =>.Intel Corporation
O4 - GS\ProgramsCommon [Public]: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: OneNote 2016.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Opera Browser.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software AS®
O4 - GS\ProgramsCommon [Public]: Outlook.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Photo Gallery.lnk . (.Microsoft Corporation - Photo Gallery.) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: PowerPoint.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Publisher.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Skype for Business.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Word.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE =>.Microsoft Corporation
---\\ Lop.com/Domain Hijackers (8) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = 2750U
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{4d8ddc2d-9c80-42c8-8658-6d1a6a825ce7}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{739f9f3f-d6b0-40b9-87bd-6896cb9d0a5e}: DhcpNameServer = 192.168.1.1 0.0.0.0 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{8660c315-4948-4ac8-88a3-1d7da5b53348}: DhcpNameServer = 8.8.8.8 =>.France Google Cloud
O17 - HKLM\System\CCS\Services\Tcpip\..\{9e27390b-571d-4692-8e5f-ad141e7cc2b4}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{a5c3993c-f7f8-418e-9019-36f1b27223fd}: DhcpNameServer = 8.8.8.8 =>.France Google Cloud
O17 - HKLM\System\CCS\Services\Tcpip\..\{9e27390b-571d-4692-8e5f-ad141e7cc2b4}: DhcpDomain = 2750U
---\\ Extra protocols (26) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: mso-minsb-roaming.16 [64Bits] - {83C25742-A9F7-49FB-9138-434302C88D07} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: mso-minsb.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: osf-roaming.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
---\\ AppInit_DLLs Registry value Autorun (1) - 0s
O20 - Winlogon : UserInit . (.Microsoft Corporation - Userinit Logon Application.) - C:\Windows\system32\userinit.exe =>.Microsoft Corporation
---\\ List of key exploring StartupApproved (3) - 3s
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:GoogleChromeAutoLaunch_B4857DE4E7E1508F4A6DD9011BA2ADAE =>PUP.Optional.MyBrowser
[HKEY_USERS\S-1-5-21-4115540981-87220204-3282228054-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:GoogleChromeAutoLaunch_B4857DE4E7E1508F4A6DD9011BA2ADAE =>PUP.Optional.MyBrowser
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]:Lightshot =>.SUP.Skillbrains
---\\ ASIC (ActiveSetup Installed Components) (5) - 1s
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utilit.) -- C:\Windows\System32\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll =>.Microsoft Corporation®
O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\Installer\chrmstp.exe =>.Google Inc®
---\\ Software installed (97) - 40s
O42 - Logiciel: Adobe Acrobat Reader DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AC0F074E4100} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Flash Player 29 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 29 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Photoshop CC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {2D99B50E-431D-4AA8-85C1-172A6F8BCF09} =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824265200} =>.Adobe Systems Incorporated
O42 - Logiciel: AE CC x64 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {672FEEBA-F29C-4363-A8D0-8EBA61265B88} =>.Adobe Systems Incorporated
O42 - Logiciel: AOMEI Partition Assistant Standard Edition 6.3 - (.AOMEI Technology Co., Ltd..) [HKLM][64Bits] -- {02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1 =>.AOMEI Technology Co., Ltd.
O42 - Logiciel: AutoCAD 2007 - English - (.Autodesk.) [HKLM][64Bits] -- {5783F2D7-5001-0409-0002-0060B0CE6BBA} =>.Autodesk
O42 - Logiciel: AutoHotkey 1.1.26.00 - (.Lexikos.) [HKLM][64Bits] -- AutoHotkey =>.Lexikos
O42 - Logiciel: Avidemux 2.6 - 64 bits - (.Mean.) [HKLM][64Bits] -- Avidemux 2.6 - 64 bits (64-bit) =>.Mean
O42 - Logiciel: Baidu PC Faster - (.Baidu, Inc..) [HKLM][64Bits] -- Baidu PC Faster 5.1.0.0 =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O42 - Logiciel: Blender 2.78 - (.Blender Foundation.) [HKLM][64Bits] -- Steam App 365670 =>.Valve®
O42 - Logiciel: BlueStacks 3 - (.BlueStack Systems, Inc..) [HKLM][64Bits] -- BlueStacks =>.BlueStack Systems, Inc.®
O42 - Logiciel: Blur MULTi6 - ElAmigos version 1.0 - (.Activision Blizzard.) [HKLM][64Bits] -- {B951ADFB-4751-4BE4-96E3-F830C0128E5D}_is1
O42 - Logiciel: Brother MFL-Pro Suite DCP-195C - (.Brother Industries, Ltd..) [HKLM][64Bits] -- {6BF66AED-3EA4-4106-B240-5CE96C9B76B0} =>.Macrovision Corporation®
O42 - Logiciel: Camtasia 9 - (.TechSmith Corporation.) [HKLM][64Bits] -- {48cb006a-7b5b-4a48-98fd-fbd7af456b0d} =>.TechSmith Corporation®
O42 - Logiciel: Camtasia 9 - (.TechSmith Corporation.) [HKLM][64Bits] -- {D8A1F37A-B11B-4451-830D-6A243ADE2591} =>.TechSmith Corporation
O42 - Logiciel: Counter-Strike: Global Offensive - (.Valve.) [HKLM][64Bits] -- Steam App 730 =>.Valve®
O42 - Logiciel: Counter-Strike: Source - (.Valve.) [HKLM][64Bits] -- Steam App 240 =>.Valve®
O42 - Logiciel: CWClient version 1.0 - (.AbsolutSoft.) [HKLM][64Bits] -- {4D64BA0F-CF7B-4A53-AA81-6E5F33510B04}_is1 =>.AbsolutSoft
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft
O42 - Logiciel: Dell SupportAssistAgent - (.Dell.) [HKLM][64Bits] -- {9DD6B149-CEBC-4910-B11A-242393EDF6D3} =>.Dell
O42 - Logiciel: Dell Touchpad - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated®
O42 - Logiciel: Dell WLAN and Bluetooth Client Installation - (.Dell Inc..) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} =>.Dell Inc.
O42 - Logiciel: Discord - (.Discord Inc..) [HKCU][64Bits] -- Discord =>.Discord Inc.®
O42 - Logiciel: Driver Booster 5 - (.IObit.) [HKLM][64Bits] -- Driver Booster_is1 =>.IObit Information Technology®
O42 - Logiciel: Euro Truck Simulator 2 - (.SCS Software.) [HKLM][64Bits] -- Steam App 227300 =>.Valve®
O42 - Logiciel: FastStone Capture 8.6 - (.FastStone Soft.) [HKLM][64Bits] -- FastStone Capture =>.FastStone Soft
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Inpaint 6.2 - (.Teorex.) [HKLM][64Bits] -- {2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1 =>.Teorex
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} =>.Intel Corporation
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {96714280-14E6-4DF7-BACD-F797C0F17C3D} =>.Intel Corporation
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager =>.Tonec Inc.®
O42 - Logiciel: Java 8 Update 171 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F32180171F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: JetBoost - (.BlueSprig.) [HKLM][64Bits] -- JetBoost_is1 =>.BlueSprig, Inc.®
O42 - Logiciel: Malwarebytes version 3.4.5.2467 - (.Malwarebytes.) [HKLM][64Bits] -- {35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1 =>.Malwarebytes Corporation®
O42 - Logiciel: Maxx Audio Installer (x64) - (.Waves Audio Ltd..) [HKLM][64Bits] -- {307032B2-6AF2-46D7-B933-62438DEB2B9A} =>.Waves Audio Ltd.
O42 - Logiciel: Metric Collection SDK 35 - (.Lenovo Group Limited.) [HKLM][64Bits] -- {C2B5B5B0-2545-4E94-B4BA-548D4BF0B196} =>.Lenovo Group Limited
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Minecraft - (.Mojang.) [HKLM][64Bits] -- {1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872} =>.Mojang
O42 - Logiciel: Mozilla Firefox 60.0 (x64 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 60.0 (x64 en-US) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: MPC-HC 1.7.11 (64-bit) - (.MPC-HC Team.) [HKLM][64Bits] -- {2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1 =>.Fotis Zafiropoulos®
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft
O42 - Logiciel: MSVCRT Redists - (.MAGIX Computer Products Intl. Co..) [HKLM][64Bits] -- {F6698AB0-1A2A-11E7-B816-C2A106E0D44C} =>.MAGIX Computer Products Intl. Co.
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} =>.Microsoft
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} =>.Microsoft
O42 - Logiciel: My.com Game Center - (.My.com B.V..) [HKCU][64Bits] -- MyComGames =>.my.com .BV®
O42 - Logiciel: No More Room in Hell - (.No More Room in Hell Team.) [HKLM][64Bits] -- Steam App 224260 =>.Valve®
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++ =>.Notepad++ Team
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA PhysX System Software 9.17.0524 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component 64-bit Registration - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00DD-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-007E-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0401-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: OkayFreedom - (.Steganos Software GmbH.) [HKLM][64Bits] -- {3F3FB10C-7175-4D38-9335-3488B89C12AF} =>.Steganos Software GmbH
O42 - Logiciel: OpenAL - (.Open Audio Library.) [HKLM][64Bits] -- OpenAL =>.Creative Labs Inc®
O42 - Logiciel: Opera Stable 52.0.2871.99 - (.Opera Software.) [HKLM][64Bits] -- Opera 52.0.2871.99 =>.Opera Software AS®
O42 - Logiciel: Outlast - (.Red Barrels.) [HKLM][64Bits] -- Steam App 238320 =>.Valve®
O42 - Logiciel: ParkControl - (.Bitsum.) [HKLM][64Bits] -- ParkControl =>.Bitsum
O42 - Logiciel: PDF Settings CC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {1FBAE18D-4DE4-47AA-83EC-D1B046F262DC} =>.Adobe Systems Incorporated
O42 - Logiciel: PL-2303 USB-to-Serial - (.Prolific Technology INC.) [HKLM][64Bits] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E} =>.Prolific Technology INC
O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2E0C1D31-8FEC-411E-97FB-6E56BD429A98} =>.Microsoft Corporation
O42 - Logiciel: PX Profile Update - (.AMD.) [HKLM][64Bits] -- {873CCF4A-6FC2-69A5-9AD4-FD37D7FCE6B9} =>.AMD
O42 - Logiciel: Qualcomm Atheros Bluetooth Suite (64) - (.Qualcomm Atheros.) [HKLM][64Bits] -- {A84A4FB1-D703-48DB-89E0-68B6499D2801} =>.Qualcomm Atheros
O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconduct Corp..) [HKLM][64Bits] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} =>.Samsung Electronics CO., LTD.®
O42 - Logiciel: Sicyon Calculator 5.2.1 - (.Teodor Krastev.) [HKLM][64Bits] -- {0194757A-03EF-40F9-9174-32CE913C7160}_is1
O42 - Logiciel: Spotify - (.Spotify AB.) [HKCU][64Bits] -- Spotify =>.Spotify AB®
O42 - Logiciel: Steam Customizer - (.Blumont.) [HKCU][64Bits] -- Steam Customizer =>.Blumont
O42 - Logiciel: Terramining Launcher 9.2 - (.TerraminingMC.) [HKLM][64Bits] -- Terramining Launcher 9.2 =>.TerraminingMC
O42 - Logiciel: The Darkness II - (.Digital Extremes.) [HKLM][64Bits] -- Steam App 67370 =>.Valve®
O42 - Logiciel: The Forest - (.Endnight Games Ltd.) [HKLM][64Bits] -- Steam App 242760 =>.Valve®
O42 - Logiciel: TruckersMP Launcher 1.0.0.4 - (.TruckersMP Team.) [HKLM][64Bits] -- {A227B892-C548-4490-9C5D-DB341F8194A6}_is1 =>.TruckersMP Team
O42 - Logiciel: Tunngle - (.Tunngle.net GmbH.) [HKLM][64Bits] -- Tunngle_is1 =>.Tunngle.net GmbH
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer =>.Unity Technologies ApS
O42 - Logiciel: Update for Windows 10 for x64-based Systems (KB4023057) - (.Microsoft Corporation.) [HKLM][64Bits] -- {AC0D130B-8809-4125-811F-667893B90644} =>.Microsoft Corporation
O42 - Logiciel: VEGAS Pro 14.0 (64-bit) - (.VEGAS.) [HKLM][64Bits] -- {F1756240-1A2A-11E7-92A1-C2A106E0D44C} =>.VEGAS
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: VMProtect Demo v 3.1 - (.VMProtect Software.) [HKLM][64Bits] -- VMProtect Demo_is1
O42 - Logiciel: Vulkan Run Time Libraries 1.0.3.1 - (.LunarG, Inc..) [HKLM][64Bits] -- VulkanRT1.0.3.1 =>.LunarG, Inc.
O42 - Logiciel: Warface - (.Crytek.) [HKLM][64Bits] -- Steam App 291480 =>.Valve®
O42 - Logiciel: Warface My.Com - (.My.com B.V..) [HKCU][64Bits] -- Warface My.Com =>.my.com .BV®
O42 - Logiciel: WinPcap 4.1.3 - (.Riverbed Technology, Inc..) [HKLM][64Bits] -- WinPcapInst =>.Riverbed Technology, Inc.
O42 - Logiciel: WinRAR 5.31 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: WinThruster - (.Solvusoft.) [HKLM][64Bits] -- WinThruster_is1 {0087212C793673F38A9FDD9E7EE670CD33} =>.SUP.WinThruster
---\\ HKCU & HKLM Software Keys (409) - 40s
HKU\.DEFAULT\Software\Hola =>PUP.Optional.HolaSearch
HKU\S-1-5-18\Software\Hola =>PUP.Optional.HolaSearch
HKCU\Software\ProductSetup =>Adware.InstallCore
HKLM\SOFTWARE\IObit\RealTimeProtector =>.SUP.AdvancedSystemCare
HKLM\SOFTWARE\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
HKLM\SOFTWARE\Iobit\ASC =>.SUP.AdvancedSystemCare
HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence =>.SUP.ByteFence
HKLM\SOFTWARE\activision =>.Activision
HKLM\SOFTWARE\Adobe =>.Adobe
HKLM\SOFTWARE\AFPL Ghostscript
HKLM\SOFTWARE\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\ASIO =>.Steinberg Media Technologies
HKLM\SOFTWARE\ATHEROS =>.Qualcomm Atheros
HKLM\SOFTWARE\ATI =>.ATI
HKLM\SOFTWARE\ATI Technologies =>.ATI Technologies
HKLM\SOFTWARE\Autodesk =>.Autodesk
HKLM\SOFTWARE\Avidemux 2.6 - 64 bits (64-bit) =>.Mean
HKLM\SOFTWARE\Baidu =>.Baidu
HKLM\SOFTWARE\Baidu Security =>.Baidu Technology
HKLM\SOFTWARE\Baidu_Drp_pos =>.Baidu Technology
HKLM\SOFTWARE\BANDISOFT =>.Bandisoft
HKLM\SOFTWARE\Bigasoft =>.Bigasoft Corporation
HKLM\SOFTWARE\Bitsum =>.Bitsum
HKLM\SOFTWARE\BlueStacks =>.BlueStack Systems, Inc.
HKLM\SOFTWARE\BlueStacksGP =>.BlueStack Systems, Inc.
HKLM\SOFTWARE\Brother =>.Brother
HKLM\SOFTWARE\Brother Industries, Ltd. =>.Brother Industries, Ltd.
HKLM\SOFTWARE\CDDB =>.Cddb Software
HKLM\SOFTWARE\city interactive =>.City Interactive
HKLM\SOFTWARE\CyberGhost =>.CyberGhost S.R.L
HKLM\SOFTWARE\Cygwin =>.Cygwin
HKLM\SOFTWARE\Dell =>.Dell
HKLM\SOFTWARE\Dell_Wlan =>.Dell Inc.
HKLM\SOFTWARE\DropboxUpdate =>.Dropbox Inc.
HKLM\SOFTWARE\EASEUS =>.EaseUS Software
HKLM\SOFTWARE\ETS2MP
HKLM\SOFTWARE\EVP =>.EVP Software
HKLM\SOFTWARE\Fraps =>.Beepa
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\Image-Line =>.Image-Line
HKLM\SOFTWARE\Imagenomic =>.Imagenomic
HKLM\SOFTWARE\InstallShield =>.InstallShield
HKLM\SOFTWARE\Insyde =>.Insyde
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\Internet Download Manager =>.Tonec Inc
HKLM\SOFTWARE\IO3O =>.IO3O LLC
HKLM\SOFTWARE\IObit =>.IObit
HKLM\SOFTWARE\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\Khronos =>.Khronos
HKLM\SOFTWARE\Lenovo =>.Lenovo
HKLM\SOFTWARE\Locktime Software =>.Locktime Software
HKLM\SOFTWARE\Macromedia =>.Macromedia
HKLM\SOFTWARE\Macrovision =>.Macrovision
HKLM\SOFTWARE\Magix =>.Magix
HKLM\SOFTWARE\Malwarebytes' Anti-Malware =>.Malwarebytes' Anti-Malware
HKLM\SOFTWARE\MimarSinan =>.Mimar Sinan
HKLM\SOFTWARE\Mojang =>.Mojang
HKLM\SOFTWARE\MOVAVI =>.Movavi
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\NCH Software =>.NCH Software
HKLM\SOFTWARE\Nero =>.Ahead Corporation
HKLM\SOFTWARE\Notepad++ =>.Don Ho
HKLM\SOFTWARE\Nuance =>.Nuance
HKLM\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\OpenAL =>.Open Audio Library
HKLM\SOFTWARE\OpenVPN =>.OpenVPN Technologie
HKLM\SOFTWARE\Opera Software =>.Opera Software
HKLM\SOFTWARE\Oracle =>.Oracle
HKLM\SOFTWARE\Overwolf =>.Overwolf
HKLM\SOFTWARE\ParkControl
HKLM\SOFTWARE\Piriform =>.Piriform
HKLM\SOFTWARE\ProcessLasso =>.Bitsum Technologies
HKLM\SOFTWARE\Prolific Technology INC =>.Prolific Technology INC
HKLM\SOFTWARE\Prolific Technology Inc. =>.Prolific Technology Inc.
HKLM\SOFTWARE\Propellerhead Software =>.Propellerhead Software
HKLM\SOFTWARE\RapidSolution =>.RapidSolution
HKLM\SOFTWARE\Razer =>.Razer
HKLM\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\rockstar games =>.Rockstar Games
HKLM\SOFTWARE\Screaming Bee =>.Screaming Bee
HKLM\SOFTWARE\sega =>.SEGA
HKLM\SOFTWARE\simplitec =>.Simplitec
HKLM\SOFTWARE\Skillbrains =>.SUP.Skillbrains
HKLM\SOFTWARE\Skype =>.Skype
HKLM\SOFTWARE\SNC =>.SNC
HKLM\SOFTWARE\SoftVoice =>.SoftVoice
HKLM\SOFTWARE\Sony Creative Software =>.Sony Creative Software
HKLM\SOFTWARE\SourceTec =>.SourceTec
HKLM\SOFTWARE\Steganos =>.Steganos
HKLM\SOFTWARE\SuperBoost =>.QiWang
HKLM\SOFTWARE\SuppHelpDir =>.Toshiba Corporation
HKLM\SOFTWARE\synetic =>.Synetic
HKLM\SOFTWARE\TeamViewer =>.TeamViewer
HKLM\SOFTWARE\TechSmith =>.TechSmith
HKLM\SOFTWARE\ThinPrint =>.ThinPrint
HKLM\SOFTWARE\THQ =>.THQ
HKLM\SOFTWARE\Topaz Labs =>.Topaz Labs
HKLM\SOFTWARE\Tunngle.net =>.Tunngle.net
HKLM\SOFTWARE\Ubi Soft Entertainment =>.Ubisoft
HKLM\SOFTWARE\Ubisoft =>.Ubisoft
HKLM\SOFTWARE\Valve =>.Valve
HKLM\SOFTWARE\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\VMware, Inc. =>.VMware, Inc.
HKLM\SOFTWARE\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\W4
HKLM\SOFTWARE\WafCX =>.WafCX
HKLM\SOFTWARE\Waves Audio =>.Waves Audio
HKLM\SOFTWARE\WexTech Systems =>.WexTech Systems
HKLM\SOFTWARE\WIBU-SYSTEMS =>.Wibu-Systems
HKLM\SOFTWARE\WinPcap =>.Riverbed Technology
HKLM\SOFTWARE\Wondershare =>.Wondershare
HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\WUW
HKLM\SOFTWARE\Yahoo =>.Yahoo! Inc.
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\activision =>.Activision
HKLM\SOFTWARE\WOW6432Node\Adobe =>.Adobe
HKLM\SOFTWARE\WOW6432Node\AFPL Ghostscript
HKLM\SOFTWARE\WOW6432Node\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\WOW6432Node\ASIO =>.Steinberg Media Technologies
HKLM\SOFTWARE\WOW6432Node\ATHEROS =>.Qualcomm Atheros
HKLM\SOFTWARE\WOW6432Node\ATI =>.ATI
HKLM\SOFTWARE\WOW6432Node\ATI Technologies =>.ATI Technologies
HKLM\SOFTWARE\WOW6432Node\Autodesk =>.Autodesk
HKLM\SOFTWARE\WOW6432Node\Avidemux 2.6 - 64 bits (64-bit) =>.Mean
HKLM\SOFTWARE\WOW6432Node\Baidu =>.Baidu
HKLM\SOFTWARE\WOW6432Node\Baidu Security =>.Baidu Technology
HKLM\SOFTWARE\WOW6432Node\Baidu_Drp_pos =>.Baidu Technology
HKLM\SOFTWARE\WOW6432Node\BANDISOFT =>.Bandisoft
HKLM\SOFTWARE\WOW6432Node\Bigasoft =>.Bigasoft Corporation
HKLM\SOFTWARE\WOW6432Node\Bitsum =>.Bitsum
HKLM\SOFTWARE\WOW6432Node\BlueStacks =>.BlueStack Systems, Inc.
HKLM\SOFTWARE\WOW6432Node\BlueStacksGP =>.BlueStack Systems, Inc.
HKLM\SOFTWARE\WOW6432Node\Brother =>.Brother
HKLM\SOFTWARE\WOW6432Node\Brother Industries, Ltd. =>.Brother Industries, Ltd.
HKLM\SOFTWARE\WOW6432Node\CDDB =>.Cddb Software
HKLM\SOFTWARE\WOW6432Node\city interactive =>.City Interactive
HKLM\SOFTWARE\WOW6432Node\CyberGhost =>.CyberGhost S.R.L
HKLM\SOFTWARE\WOW6432Node\Cygwin =>.Cygwin
HKLM\SOFTWARE\WOW6432Node\Dell =>.Dell
HKLM\SOFTWARE\WOW6432Node\Dell_Wlan =>.Dell Inc.
HKLM\SOFTWARE\WOW6432Node\DropboxUpdate =>.Dropbox Inc.
HKLM\SOFTWARE\WOW6432Node\EASEUS =>.EaseUS Software
HKLM\SOFTWARE\WOW6432Node\ETS2MP
HKLM\SOFTWARE\WOW6432Node\EVP =>.EVP Software
HKLM\SOFTWARE\WOW6432Node\Fraps =>.Beepa
HKLM\SOFTWARE\WOW6432Node\Google =>.Google
HKLM\SOFTWARE\WOW6432Node\Image-Line =>.Image-Line
HKLM\SOFTWARE\WOW6432Node\Imagenomic =>.Imagenomic
HKLM\SOFTWARE\WOW6432Node\InstallShield =>.InstallShield
HKLM\SOFTWARE\WOW6432Node\Insyde =>.Insyde
HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel
HKLM\SOFTWARE\WOW6432Node\Internet Download Manager =>.Tonec Inc
HKLM\SOFTWARE\WOW6432Node\IO3O =>.IO3O LLC
HKLM\SOFTWARE\WOW6432Node\IObit =>.IObit
HKLM\SOFTWARE\WOW6432Node\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\WOW6432Node\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\WOW6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\WOW6432Node\Lenovo =>.Lenovo
HKLM\SOFTWARE\WOW6432Node\Locktime Software =>.Locktime Software
HKLM\SOFTWARE\WOW6432Node\Macromedia =>.Macromedia
HKLM\SOFTWARE\WOW6432Node\Macrovision =>.Macrovision
HKLM\SOFTWARE\WOW6432Node\Magix =>.Magix
HKLM\SOFTWARE\WOW6432Node\Malwarebytes' Anti-Malware =>.Malwarebytes' Anti-Malware
HKLM\SOFTWARE\WOW6432Node\MimarSinan =>.Mimar Sinan
HKLM\SOFTWARE\WOW6432Node\Mojang =>.Mojang
HKLM\SOFTWARE\WOW6432Node\MOVAVI =>.Movavi
HKLM\SOFTWARE\WOW6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\WOW6432Node\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\WOW6432Node\NCH Software =>.NCH Software
HKLM\SOFTWARE\WOW6432Node\Nero =>.Ahead Corporation
HKLM\SOFTWARE\WOW6432Node\Notepad++ =>.Don Ho
HKLM\SOFTWARE\WOW6432Node\Nuance =>.Nuance
HKLM\SOFTWARE\WOW6432Node\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\WOW6432Node\OpenAL =>.Open Audio Library
HKLM\SOFTWARE\WOW6432Node\OpenVPN =>.OpenVPN Technologie
HKLM\SOFTWARE\WOW6432Node\Opera Software =>.Opera Software
HKLM\SOFTWARE\WOW6432Node\Oracle =>.Oracle
HKLM\SOFTWARE\WOW6432Node\Overwolf =>.Overwolf
HKLM\SOFTWARE\WOW6432Node\ParkControl
HKLM\SOFTWARE\WOW6432Node\Piriform =>.Piriform
HKLM\SOFTWARE\WOW6432Node\ProcessLasso =>.Bitsum Technologies
HKLM\SOFTWARE\WOW6432Node\Prolific Technology INC =>.Prolific Technology INC
HKLM\SOFTWARE\WOW6432Node\Prolific Technology Inc. =>.Prolific Technology Inc.
HKLM\SOFTWARE\WOW6432Node\Propellerhead Software =>.Propellerhead Software
HKLM\SOFTWARE\WOW6432Node\RapidSolution =>.RapidSolution
HKLM\SOFTWARE\WOW6432Node\Razer =>.Razer
HKLM\SOFTWARE\WOW6432Node\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\WOW6432Node\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\WOW6432Node\rockstar games =>.Rockstar Games
HKLM\SOFTWARE\WOW6432Node\Screaming Bee =>.Screaming Bee
HKLM\SOFTWARE\WOW6432Node\sega =>.SEGA
HKLM\SOFTWARE\WOW6432Node\simplitec =>.Simplitec
HKLM\SOFTWARE\WOW6432Node\Skillbrains =>.SUP.Skillbrains
HKLM\SOFTWARE\WOW6432Node\Skype =>.Skype
HKLM\SOFTWARE\WOW6432Node\SNC =>.SNC
HKLM\SOFTWARE\WOW6432Node\SoftVoice =>.SoftVoice
HKLM\SOFTWARE\WOW6432Node\Sony Creative Software =>.Sony Creative Software
HKLM\SOFTWARE\WOW6432Node\SourceTec =>.SourceTec
HKLM\SOFTWARE\WOW6432Node\Steganos =>.Steganos
HKLM\SOFTWARE\WOW6432Node\SuperBoost =>.QiWang
HKLM\SOFTWARE\WOW6432Node\SuppHelpDir =>.Toshiba Corporation
HKLM\SOFTWARE\WOW6432Node\synetic =>.Synetic
HKLM\SOFTWARE\WOW6432Node\TeamViewer =>.TeamViewer
HKLM\SOFTWARE\WOW6432Node\TechSmith =>.TechSmith
HKLM\SOFTWARE\WOW6432Node\ThinPrint =>.ThinPrint
HKLM\SOFTWARE\WOW6432Node\THQ =>.THQ
HKLM\SOFTWARE\WOW6432Node\Topaz Labs =>.Topaz Labs
HKLM\SOFTWARE\WOW6432Node\Tunngle.net =>.Tunngle.net
HKLM\SOFTWARE\WOW6432Node\Ubi Soft Entertainment =>.Ubisoft
HKLM\SOFTWARE\WOW6432Node\Ubisoft =>.Ubisoft
HKLM\SOFTWARE\WOW6432Node\Valve =>.Valve
HKLM\SOFTWARE\WOW6432Node\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\WOW6432Node\VMware, Inc. =>.VMware, Inc.
HKLM\SOFTWARE\WOW6432Node\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\W4
HKLM\SOFTWARE\WOW6432Node\WafCX =>.WafCX
HKLM\SOFTWARE\WOW6432Node\Waves Audio =>.Waves Audio
HKLM\SOFTWARE\WOW6432Node\WexTech Systems =>.WexTech Systems
HKLM\SOFTWARE\WOW6432Node\WIBU-SYSTEMS =>.Wibu-Systems
HKLM\SOFTWARE\WOW6432Node\WinPcap =>.Riverbed Technology
HKLM\SOFTWARE\WOW6432Node\Wondershare =>.Wondershare
HKLM\SOFTWARE\WOW6432Node\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\WUW
HKLM\SOFTWARE\WOW6432Node\Yahoo =>.Yahoo! Inc.
HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\41BADB05E4889AE3B8A6226C5BC24846 =>Adware.CrossRider
HKCU\SOFTWARE\4A-Games =>.4A-Games
HKCU\SOFTWARE\7thShareReg
HKCU\SOFTWARE\8322898 =>.FastStone Soft
HKCU\SOFTWARE\Absolutsoft =>.AbsolutSoft
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\AlcoholSoftGen =>.Alcohol Software
HKCU\SOFTWARE\AMD =>.AMD
HKCU\SOFTWARE\AMI =>.AMI
HKCU\SOFTWARE\Andy =>.Android Studio
HKCU\SOFTWARE\AOMEI =>.AOMEI Tech Co
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\AquaSoft =>.AquaSoft
HKCU\SOFTWARE\ASProtect =>.ASPack Software
HKCU\SOFTWARE\Atheros =>.Qualcomm Atheros
HKCU\SOFTWARE\ATI =>.ATI
HKCU\SOFTWARE\Autodesk =>.Autodesk
HKCU\SOFTWARE\Baidu =>.Baidu
HKCU\SOFTWARE\Baidu Security =>.Baidu Technology
HKCU\SOFTWARE\BANDISOFT =>.Bandisoft
HKCU\SOFTWARE\Bigasoft =>.Bigasoft Corporation
HKCU\SOFTWARE\Bitsum =>.Bitsum
HKCU\SOFTWARE\BlueStacks =>.BlueStack Systems, Inc.
HKCU\SOFTWARE\Brother =>.Brother
HKCU\SOFTWARE\BugSplat =>.Bugsplat Game
HKCU\SOFTWARE\CalendarTool
HKCU\SOFTWARE\CardRecoveryPro
HKCU\SOFTWARE\CardRecoveryPro_Init
HKCU\SOFTWARE\Chromium =>.Chromium
HKCU\SOFTWARE\City Interactive =>.City Interactive
HKCU\SOFTWARE\CrystalIdea Software =>.CrystalIdea Software
HKCU\SOFTWARE\Deceptive Games
HKCU\SOFTWARE\DefaultCompany =>.Unity
HKCU\SOFTWARE\Dell =>.Dell
HKCU\SOFTWARE\DesktopPaints.com =>.DesktopPaints.com
HKCU\SOFTWARE\Digimarc =>.Digimarc
HKCU\SOFTWARE\Digital Extremes =>.Digital Extremes
HKCU\SOFTWARE\DirectShow =>.Microsoft Corporation
HKCU\SOFTWARE\DMGR1.25
HKCU\SOFTWARE\DownloadManager =>.DownloadManager
HKCU\SOFTWARE\Drivers =>.Legitimate
HKCU\SOFTWARE\DropboxUpdate =>.Dropbox Inc.
HKCU\SOFTWARE\EaseUS =>.EaseUS Software
HKCU\SOFTWARE\ElAmigos =>.ElAmigos
HKCU\SOFTWARE\Epic Games =>.Epic Games
HKCU\SOFTWARE\EpmNewsInfo =>.EaseUS Software
HKCU\SOFTWARE\ESEA
HKCU\SOFTWARE\eSellerate =>.eSellerate
HKCU\SOFTWARE\eSupport.com =>PUP.Optional.eSupport
HKCU\SOFTWARE\f23a1e2103ee4abdf95f11c9e7512493 =>Adware.CrossRider
HKCU\SOFTWARE\FastStone
HKCU\SOFTWARE\FonePaw =>.FonePaw
HKCU\SOFTWARE\FreeReign
HKCU\SOFTWARE\GAME
HKCU\SOFTWARE\GameCenter
HKCU\SOFTWARE\GetData =>.GetData
HKCU\SOFTWARE\GfaceGmbh =>.Gface GmbH
HKCU\SOFTWARE\GNU =>.GNU
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\GRAPHISOFT =>.Graphisoft
HKCU\SOFTWARE\HngSync =>.Reto-Moto Aps
HKCU\SOFTWARE\Hola =>.Hola
HKCU\SOFTWARE\Iceflake Studios
HKCU\SOFTWARE\IM =>.Legitimate
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\Image-Line =>.Image-Line
HKCU\SOFTWARE\Imagenomic =>.Imagenomic
HKCU\SOFTWARE\Imagination Technologies =>.Imagination Technologies
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\iWisoft
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\Joe Williams =>.Joe Williams
HKCU\SOFTWARE\KasperskyLab =>.Kaspersky Labs
HKCU\SOFTWARE\kde.org =>.kde.org
HKCU\SOFTWARE\Kyle Seeley =>.Kyle Seeley
HKCU\SOFTWARE\Lenovo =>.Lenovo
HKCU\SOFTWARE\Licenses =>.Microsoft Corporation
HKCU\SOFTWARE\Lubomir Dykast
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\MAGIX =>.Magix
HKCU\SOFTWARE\MainConcept =>.MainConcept AG
HKCU\SOFTWARE\MainConcept (Consumer) =>.MainConcept AG
HKCU\SOFTWARE\Malwarebytes =>.Malwarebytes
HKCU\SOFTWARE\MediaChance =>.Mediachance
HKCU\SOFTWARE\MedienTeam66
HKCU\SOFTWARE\Mine =>.Microsoft Corporation
HKCU\SOFTWARE\Mirillis =>.Mirillis
HKCU\SOFTWARE\Mixamo
HKCU\SOFTWARE\mixlr
HKCU\SOFTWARE\Mojang =>.Mojang
HKCU\SOFTWARE\MountAndBladeWarbandKeys =>.Mount And Blade
HKCU\SOFTWARE\MountAndBladeWarbandWFASKeys =>.Mount And Blade
HKCU\SOFTWARE\MOVAVI =>.Movavi
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKCU\SOFTWARE\MPC-HC =>.MPC-HC Team
HKCU\SOFTWARE\MT66
HKCU\SOFTWARE\MyComGames =>.MyComGames
HKCU\SOFTWARE\NCH Software =>.NCH Software
HKCU\SOFTWARE\Nero =>.Ahead Corporation
HKCU\SOFTWARE\Netease
HKCU\SOFTWARE\Netgate
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\Nilings =>.Nilings
HKCU\SOFTWARE\NLTech
HKCU\SOFTWARE\Obsidium
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\Opera Software =>.Opera Software
HKCU\SOFTWARE\ParkControl
HKCU\SOFTWARE\Partition Assistant
HKCU\SOFTWARE\PlutoTV =>.PlutoTV
HKCU\SOFTWARE\ProcessLasso =>.Bitsum Technologies
HKCU\SOFTWARE\Psiphon3
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\RapidSolution =>.RapidSolution
HKCU\SOFTWARE\Raptr =>.Raptr
HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKCU\SOFTWARE\ReaSoft =>.ReaSoft
HKCU\SOFTWARE\ReGen Software
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\Resplendence Sp =>.Resplendence Software
HKCU\SOFTWARE\Rocket Division Software =>.Rocket Division Software
HKCU\SOFTWARE\RocketDock =>.Punk Software
HKCU\SOFTWARE\Rockstar Games =>.Rockstar Games
HKCU\SOFTWARE\Rtp =>.RTP Software
HKCU\SOFTWARE\SAMP
HKCU\SOFTWARE\Samsung =>.Samsung Electronics
HKCU\SOFTWARE\SBDT AB
HKCU\SOFTWARE\Section Studios
HKCU\SOFTWARE\Security Without Borders
HKCU\SOFTWARE\SecuROM =>.SecuROM
HKCU\SOFTWARE\Shredder
HKCU\SOFTWARE\SkillBrains =>.SUP.Skillbrains
HKCU\SOFTWARE\SKS =>.SKS Software
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\SkypePlugin =>.Skype Technologies
HKCU\SOFTWARE\Smartly Dressed Games =>.Smartly Dressed Games
HKCU\SOFTWARE\Softplicity =>.Softplicity
HKCU\SOFTWARE\SoftVoice =>.SoftVoice
HKCU\SOFTWARE\Sony Creative Software =>.Sony Creative Software
HKCU\SOFTWARE\SourceTec =>.SourceTec
HKCU\SOFTWARE\Spotify =>.Spotify
HKCU\SOFTWARE\Steganos =>.Steganos
HKCU\SOFTWARE\SUPERHOT_Team
HKCU\SOFTWARE\Synaptics =>.Synaptics
HKCU\SOFTWARE\SyncEngines =>.Microsoft Corporation
HKCU\SOFTWARE\System32 =>.Mirillis
HKCU\SOFTWARE\TeamSpeak 3 Client =>.TeamSpeak
HKCU\SOFTWARE\techPowerUp =>.TechPowerUp
HKCU\SOFTWARE\TechSmith =>.TechSmith
HKCU\SOFTWARE\Teorex =>.Teorex
HKCU\SOFTWARE\The Silicon Realms Toolworks =>.The Silicon Realms Toolworks
HKCU\SOFTWARE\Topaz Labs =>.Topaz Labs
HKCU\SOFTWARE\TopazLabs =>.Topaz Labs
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\Tunngle.net =>.Tunngle.net
HKCU\SOFTWARE\UIG
HKCU\SOFTWARE\Unity =>.Unity
HKCU\SOFTWARE\Valve =>.Valve
HKCU\SOFTWARE\VB and VBA Program Settings =>.Microsoft Corporation
HKCU\SOFTWARE\VMware, Inc. =>.VMware, Inc.
HKCU\SOFTWARE\Waves Audio =>.Waves Audio
HKCU\SOFTWARE\WexTech Systems =>.WexTech Systems
HKCU\SOFTWARE\WIBU-SYSTEMS =>.Wibu-Systems
HKCU\SOFTWARE\Win =>.Unknown
HKCU\SOFTWARE\WinAuth3
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wondershare =>.Wondershare
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\ZebHelpProcess Helper =>.Nicolas Coolman
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\Adobe =>.Adobe
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Unity =>.Unity
---\\ Contents of the Common Files folders (380) - 38s
O43 - CFD: 10/06/2017 - [] AD -- C:\Program Files\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 05/02/2018 - [] D -- C:\Program Files\AMD =>.Advanced Micro Devices, Inc.®
O43 - CFD: 04/12/2015 - [] ADC -- C:\Program Files\AMI {372C81C75EB7FD87BDFFF3C2AC0A3D5D}
O43 - CFD: 11/05/2018 - [] D -- C:\Program Files\Dell =>.Dell
O43 - CFD: 18/03/2018 - [] D -- C:\Program Files\EaseUS =>.EaseUS Software
O43 - CFD: 11/05/2018 - [] DC -- C:\Program Files\IDMan Trial Reset
O43 - CFD: 04/02/2018 - [] D -- C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files\Intel Corporation =>.Intel Corporation
O43 - CFD: 09/09/2015 - [0] DC -- C:\Program Files\Locktime Software =>.Locktime Software
O43 - CFD: 13/05/2017 - [] D -- C:\Program Files\Malwarebytes =>.Malwarebytes
O43 - CFD: 16/02/2018 - [] D -- C:\Program Files\mmpicker
O43 - CFD: 01/05/2018 - [] D -- C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 06/07/2016 - [] AD -- C:\Program Files\Opera developer =>.Opera Software
O43 - CFD: 04/02/2018 - [] D -- C:\Program Files\Realtek =>.Realtek
O43 - CFD: 27/01/2018 - [] AD -- C:\Program Files\rempl =>.Microsoft Corporation®
O43 - CFD: 01/05/2016 - [] D -- C:\Program Files\Samsung =>.Samsung Electronics
O43 - CFD: 09/04/2017 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated®
O43 - CFD: 25/12/2016 - [] ADC -- C:\Program Files\TruckersMP
O43 - CFD: 08/04/2018 - [] D -- C:\Program Files\Waves =>.Waves Inc®
O43 - CFD: 04/03/2016 - [] ADC -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 11/06/2017 - [] ADC -- C:\Program Files (x86)\Adobe =>.Node.js Foundation®
O43 - CFD: 08/04/2018 - [] D -- C:\Program Files (x86)\AMD =>.Advanced Micro Devices, Inc.®
O43 - CFD: 03/08/2017 - [] AD -- C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.3 =>.AOMEI Tech Co
O43 - CFD: 02/11/2015 - [] ADC -- C:\Program Files (x86)\AutoCAD 2007 =>.Autodesk, Inc®
O43 - CFD: 04/01/2018 - [] D -- C:\Program Files (x86)\baidu =>.Baidu
O43 - CFD: 20/05/2016 - [] D -- C:\Program Files (x86)\BlueSprig =>.BlueSprig, Inc.®
O43 - CFD: 20/10/2017 - [] AD -- C:\Program Files (x86)\BlueStacks =>.BlueStack Systems, Inc.
O43 - CFD: 19/04/2016 - [] D -- C:\Program Files (x86)\Brother =>.Brother
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files (x86)\ChrisPC DNS Switch
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files (x86)\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 08/04/2018 - [] AD -- C:\Program Files (x86)\Dell Wireless =>.Dell Inc.
O43 - CFD: 23/05/2017 - [] DC -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 30/10/2016 - [0] D -- C:\Program Files (x86)\GUM14CA.tmp
O43 - CFD: 08/04/2016 - [0] DC -- C:\Program Files (x86)\GUMCA1C.tmp
O43 - CFD: 18/01/2018 - [] HDC -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield
O43 - CFD: 06/09/2016 - [] DC -- C:\Program Files (x86)\Intel =>.Intel Corporation
O43 - CFD: 03/04/2018 - [] DC -- C:\Program Files (x86)\Internet Download Manager =>.Tonec Inc
O43 - CFD: 08/04/2018 - [] D -- C:\Program Files (x86)\IObit =>.IObit
O43 - CFD: 23/04/2018 - [] DC -- C:\Program Files (x86)\Java =>.Oracle
O43 - CFD: 27/07/2016 - [0] D -- C:\Program Files (x86)\Mirillis =>.SUP.Empty
O43 - CFD: 09/05/2018 - [] ADC -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla
O43 - CFD: 13/05/2018 - [] DC -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla
O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Music Recorder =>.Audial AG
O43 - CFD: 08/04/2016 - [] DC -- C:\Program Files (x86)\Notepad++ =>.Don Ho
O43 - CFD: 01/05/2018 - [] D -- C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 06/04/2018 - [] AD -- C:\Program Files (x86)\OkayFreedom {6F5DBE5F762CABFA60EC08D7}
O43 - CFD: 13/07/2016 - [] D -- C:\Program Files (x86)\OpenAL =>.Open Audio Library
O43 - CFD: 06/05/2018 - [] ADC -- C:\Program Files (x86)\Opera =>.Opera Software
O43 - CFD: 12/08/2016 - [] D -- C:\Program Files (x86)\Prolific Technology Inc =>.Prolific Technology INC
O43 - CFD: 05/04/2016 - [] DC -- C:\Program Files (x86)\Realtek =>.Realtek
O43 - CFD: 01/05/2016 - [] D -- C:\Program Files (x86)\Samsung =>.Samsung Electronics
O43 - CFD: 14/01/2016 - [] ADC -- C:\Program Files (x86)\Sicyon calculator
O43 - CFD: 01/04/2016 - [] DC -- C:\Program Files (x86)\Steam Customizer
O43 - CFD: 16/05/2016 - [] D -- C:\Program Files (x86)\SuperBoost =>.QiWang
O43 - CFD: 01/05/2018 - [] D -- C:\Program Files (x86)\Tunngle =>.Tunngle.net
O43 - CFD: 23/08/2016 - [] D -- C:\Program Files (x86)\VB =>.Vincent Burel®
O43 - CFD: 04/03/2016 - [] DC -- C:\Program Files (x86)\VideoLAN =>.VideoLan Team
O43 - CFD: 24/03/2016 - [] DC -- C:\Program Files (x86)\VulkanRT =>.LunarG, Inc
O43 - CFD: 31/03/2018 - [] D -- C:\Program Files (x86)\WinPcap =>.Riverbed Technology
O43 - CFD: 13/05/2018 - [] D -- C:\Program Files (x86)\WinThruster {0087212C793673F38A9FDD9E7EE670CD33} =>.SUP.WinThruster
O43 - CFD: 05/02/2018 - [] D -- C:\Program Files (x86)\Wondershare =>.Wondershare
O43 - CFD: 15/02/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 08/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center =>.Advanced Micro Devices Inc
O43 - CFD: 04/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy =>.Android.net
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 6.3 =>.AOMEI Tech Co
O43 - CFD: 04/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk =>.Autodesk
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey =>.Chicony Multimedia
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64 bits) =>.SourceForge
O43 - CFD: 13/05/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
O43 - CFD: 01/05/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blur =>.Blur
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother =>.Brother
O43 - CFD: 16/03/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CWClient
O43 - CFD: 11/05/2018 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell =>.Dell
O43 - CFD: 08/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio =>.Dell
O43 - CFD: 08/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5 =>.IObit
O43 - CFD: 04/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DuOS
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture =>.FastStone Soft
O43 - CFD: 20/07/2016 - [0] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line =>.Image-Line
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inpaint
O43 - CFD: 05/02/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel =>.Intel Corporation
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 23/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBoost
O43 - CFD: 07/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes =>.Malwarebytes
O43 - CFD: 27/07/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis =>.Mirillis
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64 =>.MPC-HC Team
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ =>.Don Ho
O43 - CFD: 24/05/2017 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio =>.OBS Studio
O43 - CFD: 06/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
O43 - CFD: 08/05/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParkControl
O43 - CFD: 13/05/2017 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paterva =>.Paterva
O43 - CFD: 04/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung =>.Samsung Electronics
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sicyon calculator
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam Customizer
O43 - CFD: 24/03/2017 - [0] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client =>.TeamSpeak
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith =>.TechSmith
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP
O43 - CFD: 01/05/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle =>.Tunngle.net
O43 - CFD: 23/11/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio
O43 - CFD: 04/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS =>.VEGAS
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team
O43 - CFD: 04/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1 =>.Kronos Group
O43 - CFD: 31/03/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap =>.Riverbed Technology
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 13/05/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster =>.SUP.WinThruster
O43 - CFD: 05/02/2018 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare =>.Wondershare
O43 - CFD: 11/06/2017 - [] DC -- C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 04/12/2015 - [] DC -- C:\ProgramData\AMI
O43 - CFD: 11/06/2017 - [] D -- C:\ProgramData\AomeiBR =>.AOMEI Technology
O43 - CFD: 11/04/2017 - [] D -- C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 08/04/2018 - [] D -- C:\ProgramData\ATI =>.ATI
O43 - CFD: 07/11/2015 - [] DC -- C:\ProgramData\Autodesk =>.Autodesk
O43 - CFD: 11/04/2017 - [] D -- C:\ProgramData\AVAST Software =>.AVAST Software
O43 - CFD: 07/05/2017 - [] D -- C:\ProgramData\AYMEN
O43 - CFD: 04/01/2018 - [] D -- C:\ProgramData\Baidu =>.Baidu
O43 - CFD: 22/04/2016 - [] D -- C:\ProgramData\Baidu Security =>.Baidu Technology
O43 - CFD: 20/05/2016 - [] D -- C:\ProgramData\BlueSprig =>.BlueSprig
O43 - CFD: 11/11/2017 - [] D -- C:\ProgramData\BlueStacks =>.BlueStack Systems, Inc.
O43 - CFD: 11/11/2017 - [] D -- C:\ProgramData\BlueStacksSetup =>.BlueStack Systems, Inc.
O43 - CFD: 19/04/2016 - [] D -- C:\ProgramData\Brother =>.Brother
O43 - CFD: 12/11/2016 - [] D -- C:\ProgramData\Codemasters =>.Codemasters
O43 - CFD: 30/12/2016 - [0] D -- C:\ProgramData\dbg =>.DBG
O43 - CFD: 20/04/2017 - [] DC -- C:\ProgramData\Dell =>.Dell
O43 - CFD: 08/04/2018 - [] D -- C:\ProgramData\Dell Inc =>.Dell Inc.
O43 - CFD: 01/08/2015 - [] DC -- C:\ProgramData\FastStone =>.FastStone Soft
O43 - CFD: 18/09/2015 - [] DC -- C:\ProgramData\FLEXnet =>.Flexera Software
O43 - CFD: 24/03/2016 - [] DC -- C:\ProgramData\GFACE =>.Crytek
O43 - CFD: 31/12/2016 - [] DC -- C:\ProgramData\Google =>.Google
O43 - CFD: 31/07/2015 - [0] DC -- C:\ProgramData\IDM =>.IDM
O43 - CFD: 11/06/2017 - [] D -- C:\ProgramData\InstallShield =>.InstallShield
O43 - CFD: 13/05/2016 - [] DC -- C:\ProgramData\Intel =>.Intel Corporation
O43 - CFD: 24/03/2016 - [] DC -- C:\ProgramData\IntelDLM =>.Intel Corporation
O43 - CFD: 09/04/2018 - [] D -- C:\ProgramData\IObit =>.IObit
O43 - CFD: 09/09/2015 - [] DC -- C:\ProgramData\Locktime =>.Locktime Software
O43 - CFD: 17/09/2015 - [] DC -- C:\ProgramData\Logs =>.ABBYY Software
O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\MAGIX =>.Magix
O43 - CFD: 07/04/2018 - [] D -- C:\ProgramData\Malwarebytes =>.Malwarebytes
O43 - CFD: 27/07/2016 - [] D -- C:\ProgramData\Mirillis =>.Mirillis
O43 - CFD: 08/10/2016 - [] D -- C:\ProgramData\Movavi =>.Movavi
O43 - CFD: 08/10/2016 - [] D -- C:\ProgramData\Movavi Video Converter 17 =>.Movavi
O43 - CFD: 31/07/2015 - [] DC -- C:\ProgramData\Mozilla =>.Mozilla Corporation
O43 - CFD: 05/11/2015 - [] DC -- C:\ProgramData\NCH Software =>.NCH Software
O43 - CFD: 06/05/2017 - [] D -- C:\ProgramData\Nero =>.Ahead Corporation
O43 - CFD: 27/01/2018 - [] DC -- C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 22/04/2016 - [] D -- C:\ProgramData\PC Faster
O43 - CFD: 02/05/2018 - [] D -- C:\ProgramData\PCDr =>.PC-Doctor Inc.
O43 - CFD: 06/05/2017 - [] D -- C:\ProgramData\RapidSolution =>.RapidSolution
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\regid.1986-12.com.adobe =>.Adobe Inc.
O43 - CFD: 04/12/2015 - [0] DC -- C:\ProgramData\Reprise =>.Unknown
O43 - CFD: 01/05/2016 - [] D -- C:\ProgramData\Samsung =>.Samsung Electronics
O43 - CFD: 25/02/2017 - [] SHD -- C:\ProgramData\SecuROM =>.SecuROM
O43 - CFD: 06/05/2017 - [0] D -- C:\ProgramData\simplitec =>.Simplitec
O43 - CFD: 06/07/2016 - [] DC -- C:\ProgramData\Skype =>.Skype
O43 - CFD: 08/04/2018 - [] D -- C:\ProgramData\SupportAssist
O43 - CFD: 14/10/2016 - [] D -- C:\ProgramData\Synaptics =>.Synaptics
O43 - CFD: 05/01/2016 - [] DC -- C:\ProgramData\Synetic =>.Synetic
O43 - CFD: 18/03/2018 - [] D -- C:\ProgramData\SystemAcCrux
O43 - CFD: 25/06/2017 - [] AD -- C:\ProgramData\TechSmith =>.TechSmith
O43 - CFD: 31/12/2017 - [] D -- C:\ProgramData\TruckersMP
O43 - CFD: 01/05/2018 - [] D -- C:\ProgramData\Tunngle =>.Tunngle.net
O43 - CFD: 06/01/2017 - [] D -- C:\ProgramData\Ubisoft =>.Ubisoft
O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\VEGAS =>.VEGAS
O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\VEGAS Pro
O43 - CFD: 15/03/2018 - [] D -- C:\ProgramData\VMProtect Software
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Wondershare =>.Wondershare
O43 - CFD: 13/03/2017 - [] D -- C:\ProgramData\wsr
O43 - CFD: 16/05/2016 - [0] D -- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
O43 - CFD: 26/03/2016 - [] D -- C:\ProgramData\~0
O43 - CFD: 11/06/2017 - [] ADC -- C:\Program Files (x86)\Common Files\Adobe =>.Adobe
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files (x86)\Common Files\Atheros =>.Qualcomm Atheros
O43 - CFD: 02/11/2015 - [] ADC -- C:\Program Files (x86)\Common Files\Autodesk Shared =>.Autodesk
O43 - CFD: 11/04/2017 - [0] D -- C:\Program Files (x86)\Common Files\AV =>.Avast
O43 - CFD: 10/03/2018 - [] D -- C:\Program Files (x86)\Common Files\BattlEye =>.BattlEye
O43 - CFD: 20/11/2017 - [] ADC -- C:\Program Files (x86)\Common Files\DESIGNER =>.Designer
O43 - CFD: 12/08/2016 - [] D -- C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield
O43 - CFD: 09/04/2017 - [] D -- C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation
O43 - CFD: 13/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation =>.Intel Corporation
O43 - CFD: 20/07/2016 - [] D -- C:\Program Files (x86)\Common Files\IObit =>.IObit
O43 - CFD: 23/04/2018 - [] D -- C:\Program Files (x86)\Common Files\Java =>.Oracle
O43 - CFD: 06/05/2017 - [0] D -- C:\Program Files (x86)\Common Files\Nero =>.Ahead Corporation
O43 - CFD: 23/04/2018 - [] D -- C:\Program Files (x86)\Common Files\Oracle =>.Oracle
O43 - CFD: 17/10/2015 - [] DC -- C:\Program Files (x86)\Common Files\Propellerhead Software =>.Propellerhead Software AB
O43 - CFD: 05/11/2015 - [] DC -- C:\Program Files (x86)\Common Files\Screaming Bee =>.Screaming Bee
O43 - CFD: 05/04/2018 - [] DC -- C:\Program Files (x86)\Common Files\Steam =>.Steam Games
O43 - CFD: 17/07/2016 - [] D -- C:\Program Files (x86)\Common Files\Steganos =>.Steganos
O43 - CFD: 13/05/2016 - [] DC -- C:\Program Files (x86)\Common Files\Topaz Labs =>.Topaz Labs
O43 - CFD: 20/10/2017 - [] DC -- C:\Program Files (x86)\Common Files\VMware =>.VMware
O43 - CFD: 10/12/2017 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard =>.Seagate
O43 - CFD: 13/05/2017 - [0] D -- C:\Users\AYMEN\AppData\Roaming\.maltego
O43 - CFD: 15/03/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\.mono =>.Legitimate
O43 - CFD: 07/05/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\7thSdCardDataRecovery
O43 - CFD: 25/06/2017 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 04/03/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Aexyte
O43 - CFD: 16/06/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\AkiVer
O43 - CFD: 09/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\AMD =>.AMD
O43 - CFD: 20/10/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Andy =>.Android.net
O43 - CFD: 23/03/2016 - [] DC -- C:\Users\AYMEN\AppData\Roaming\AquaSoft =>.AquaSoft
O43 - CFD: 31/07/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\ATI =>.ATI
O43 - CFD: 25/09/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Audacity =>.Audacity
O43 - CFD: 02/11/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Autodesk =>.Autodesk
O43 - CFD: 25/06/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\avidemux =>.Mean
O43 - CFD: 31/10/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\BadFlyInteractive
O43 - CFD: 04/01/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Baidu =>.Baidu
O43 - CFD: 27/07/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\BANDISOFT =>.Bandisoft
O43 - CFD: 22/04/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\BavMini
O43 - CFD: 01/05/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\bizarre creations =>.Bizarre Creations
O43 - CFD: 10/06/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Blender Foundation =>.Blender Foundation
O43 - CFD: 20/10/2017 - [0] D -- C:\Users\AYMEN\AppData\Roaming\BluestacksCN
O43 - CFD: 05/08/2015 - [] RDC -- C:\Users\AYMEN\AppData\Roaming\Brother =>.Brother
O43 - CFD: 11/05/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\CC
O43 - CFD: 09/01/2016 - [] DC -- C:\Users\AYMEN\AppData\Roaming\com.wonderidea.focusky.en
O43 - CFD: 31/03/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\DarknessII
O43 - CFD: 02/05/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\discord =>.GitHub
O43 - CFD: 11/05/2018 - [] DC -- C:\Users\AYMEN\AppData\Roaming\DMCache =>.DMCache
O43 - CFD: 17/07/2016 - [0] D -- C:\Users\AYMEN\AppData\Roaming\extensions
O43 - CFD: 01/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\FastStone =>.FastStone Soft
O43 - CFD: 23/05/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Google =>.Google
O43 - CFD: 13/05/2016 - [0] DC -- C:\Users\AYMEN\AppData\Roaming\Graphisoft =>.Graphisoft
O43 - CFD: 13/06/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\HeroesAndGeneralsDesktop =>.Reto-Moto
O43 - CFD: 31/12/2016 - [0] D -- C:\Users\AYMEN\AppData\Roaming\Hola =>PUP.Optional.HolaSearch
O43 - CFD: 13/05/2018 - [] DC -- C:\Users\AYMEN\AppData\Roaming\IDM =>.IDM
O43 - CFD: 13/05/2016 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Install.GS
O43 - CFD: 19/04/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\InstallShield =>.InstallShield
O43 - CFD: 13/05/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\Intel Corporation =>.Intel Corporation
O43 - CFD: 04/10/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\IObit =>.IObit
O43 - CFD: 04/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\java =>.Oracle
O43 - CFD: 13/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\library_dir =>.library_dir
O43 - CFD: 09/09/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Locktime =>.Locktime Software
O43 - CFD: 09/09/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Locktime Software =>.Locktime Software
O43 - CFD: 27/02/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Logs =>.ABBYY Software
O43 - CFD: 06/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 22/04/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\MAGIX =>.Magix
O43 - CFD: 13/05/2016 - [0] DC -- C:\Users\AYMEN\AppData\Roaming\MAXON =>.Maxon
O43 - CFD: 27/07/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\Mirillis =>.Mirillis
O43 - CFD: 13/03/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\MobiKin
O43 - CFD: 31/10/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\Mount&Blade With Fire and Sword =>.Mount And Blade
O43 - CFD: 15/11/2017 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 20/04/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\MPC-HC =>.MPC-HC Team
O43 - CFD: 06/05/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Nero =>.Ahead Corporation
O43 - CFD: 20/04/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Netease
O43 - CFD: 28/10/2017 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Notepad++ =>.Don Ho
O43 - CFD: 02/01/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\npm
O43 - CFD: 02/01/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\npm-cache
O43 - CFD: 19/06/2016 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Opera Software =>.Opera Software
O43 - CFD: 22/04/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\PC Faster
O43 - CFD: 11/04/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Pluto TV =>.Pluto TV
O43 - CFD: 14/04/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Psiphon3
O43 - CFD: 22/04/2017 - [0] D -- C:\Users\AYMEN\AppData\Roaming\Publish Providers =>.Legitimate
O43 - CFD: 25/03/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Raptr =>.Raptr
O43 - CFD: 01/05/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\Samsung =>.Samsung Electronics
O43 - CFD: 25/02/2017 - [] RHD -- C:\Users\AYMEN\AppData\Roaming\SecuROM =>.SecuROM
O43 - CFD: 14/01/2016 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Sicyon calculator
O43 - CFD: 19/06/2016 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Skype =>.Skype
O43 - CFD: 26/10/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\Softplicity =>.Softplicity
O43 - CFD: 13/05/2017 - [0] D -- C:\Users\AYMEN\AppData\Roaming\Sony =>.Sony
O43 - CFD: 19/11/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\SourceTec =>.SourceTec
O43 - CFD: 11/05/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Spotify =>.Spotify
O43 - CFD: 18/11/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 06/04/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Steganos =>.Steganos
O43 - CFD: 24/03/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Steganos Updates
O43 - CFD: 28/09/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Steganos VPN
O43 - CFD: 22/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Sun =>.Oracle
O43 - CFD: 16/05/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\SuperBoost =>.QiWang
O43 - CFD: 16/05/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\Synaptics =>.Synaptics
O43 - CFD: 24/12/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\TeamViewer =>.TeamViewer GmbH
O43 - CFD: 25/06/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\TechSmith =>.TechSmith
O43 - CFD: 01/05/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Tunngle =>.Tunngle.net
O43 - CFD: 06/08/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\Unity =>.Unity
O43 - CFD: 22/04/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\VEGAS =>.VEGAS
O43 - CFD: 22/04/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\VEGAS Pro
O43 - CFD: 26/03/2018 - [] DC -- C:\Users\AYMEN\AppData\Roaming\vlc =>.VideoLan Team
O43 - CFD: 20/10/2017 - [0] D -- C:\Users\AYMEN\AppData\Roaming\VMware =>.VMware
O43 - CFD: 10/05/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\WinAuth
O43 - CFD: 31/07/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 13/05/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\WinThruster =>.SUP.WinThruster
O43 - CFD: 05/02/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Wondershare =>.Wondershare
O43 - CFD: 13/05/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 20/04/2017 - [] D -- C:\Users\AYMEN\AppData\Local\4A Games =>.4A Games
O43 - CFD: 18/04/2018 - [] DC -- C:\Users\AYMEN\AppData\Local\Adobe =>.Adobe
O43 - CFD: 28/04/2017 - [] D -- C:\Users\AYMEN\AppData\Local\AIMWARE
O43 - CFD: 16/06/2017 - [] D -- C:\Users\AYMEN\AppData\Local\AkiVer
O43 - CFD: 13/05/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\AMD =>.AMD
O43 - CFD: 23/03/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\AquaSoft =>.AquaSoft
O43 - CFD: 31/07/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\ATI =>.ATI
O43 - CFD: 02/11/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\Autodesk =>.Autodesk
O43 - CFD: 20/02/2018 - [] D -- C:\Users\AYMEN\AppData\Local\Bluestacks =>.BlueStack Systems, Inc.
O43 - CFD: 31/07/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\CEF =>.CEF
O43 - CFD: 07/07/2016 - [] D -- C:\Users\AYMEN\AppData\Local\Chromium =>.Chromium
O43 - CFD: 08/10/2016 - [] D -- C:\Users\AYMEN\AppData\Local\converter =>.CocoonSoftware
O43 - CFD: 22/08/2016 - [] D -- C:\Users\AYMEN\AppData\Local\CrashRpt
O43 - CFD: 09/04/2017 - [0] D -- C:\Users\AYMEN\AppData\Local\DBG =>.DBG
O43 - CFD: 01/05/2018 - [] D -- C:\Users\AYMEN\AppData\Local\Discord =>.GitHub
O43 - CFD: 02/01/2017 - [] D -- C:\Users\AYMEN\AppData\Local\doctormckay
O43 - CFD: 01/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\FastStone =>.FastStone Soft
O43 - CFD: 13/03/2017 - [] D -- C:\Users\AYMEN\AppData\Local\FonePaw =>.FonePaw
O43 - CFD: 04/06/2016 - [] D -- C:\Users\AYMEN\AppData\Local\Geckofx =>.Geckofx
O43 - CFD: 23/05/2017 - [] DC -- C:\Users\AYMEN\AppData\Local\Google =>.Google
O43 - CFD: 11/11/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\Graphisoft =>.Graphisoft
O43 - CFD: 29/03/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\Hola =>PUP.Optional.HolaSearch
O43 - CFD: 13/03/2017 - [] DC -- C:\Users\AYMEN\AppData\Local\IdleMaster
O43 - CFD: 25/03/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\IIIQF =>.Scrabblo
O43 - CFD: 24/03/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\Intel =>.Intel Corporation
O43 - CFD: 27/09/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\Macromedia =>.Macromedia
O43 - CFD: 03/09/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\Mega Limited =>.MEGA Limited
O43 - CFD: 24/12/2017 - [] D -- C:\Users\AYMEN\AppData\Local\MiniService =>.Baidu Technology
O43 - CFD: 27/07/2016 - [] D -- C:\Users\AYMEN\AppData\Local\Mirillis =>.Mirillis
O43 - CFD: 08/10/2016 - [] D -- C:\Users\AYMEN\AppData\Local\Movavi =>.Movavi
O43 - CFD: 31/07/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 20/11/2017 - [] DC -- C:\Users\AYMEN\AppData\Local\MSfree Inc =>HackTool.WinActivator
O43 - CFD: 13/10/2017 - [] D -- C:\Users\AYMEN\AppData\Local\MyComGames =>.MyComGames
O43 - CFD: 31/07/2015 - [0] DC -- C:\Users\AYMEN\AppData\Local\NetworkTiles =>.NetworkTiles
O43 - CFD: 21/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\openvr =>.Legitimate
O43 - CFD: 19/06/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\Opera Software =>.Opera Software
O43 - CFD: 05/04/2016 - [0] DC -- C:\Users\AYMEN\AppData\Local\PackageAware =>.SUP.BearShare
O43 - CFD: 15/02/2018 - [] DC -- C:\Users\AYMEN\AppData\Local\PackageStaging =>.Apcera
O43 - CFD: 16/03/2018 - [0] D -- C:\Users\AYMEN\AppData\Local\PlaceholderTileLogoFolder
O43 - CFD: 06/05/2017 - [] D -- C:\Users\AYMEN\AppData\Local\RapidSolution =>.RapidSolution
O43 - CFD: 25/02/2017 - [] D -- C:\Users\AYMEN\AppData\Local\Rockstar Games =>.Rockstar Games
O43 - CFD: 03/08/2016 - [] D -- C:\Users\AYMEN\AppData\Local\roshambo_arena
O43 - CFD: 09/03/2018 - [] D -- C:\Users\AYMEN\AppData\Local\SCE =>.SCE
O43 - CFD: 19/01/2016 - [0] DC -- C:\Users\AYMEN\AppData\Local\Skype =>.Skype
O43 - CFD: 25/03/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\SkypePlugin =>.Skype Technologies
O43 - CFD: 04/11/2016 - [] D -- C:\Users\AYMEN\AppData\Local\SLAM =>.Games Software
O43 - CFD: 22/04/2017 - [] D -- C:\Users\AYMEN\AppData\Local\Sony =>.Sony
O43 - CFD: 01/10/2017 - [] D -- C:\Users\AYMEN\AppData\Local\Spotify =>.Spotify
O43 - CFD: 07/05/2017 - [] D -- C:\Users\AYMEN\AppData\Local\SquirrelTemp =>.Squirrels
O43 - CFD: 12/12/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\Steam =>.Steam Games
O43 - CFD: 31/03/2017 - [] D -- C:\Users\AYMEN\AppData\Local\SUPERHOT_Sp_z_o.o
O43 - CFD: 08/07/2016 - [] D -- C:\Users\AYMEN\AppData\Local\supraball-launcher
O43 - CFD: 01/12/2017 - [] D -- C:\Users\AYMEN\AppData\Local\Survarium-Steam
O43 - CFD: 09/08/2017 - [] D -- C:\Users\AYMEN\AppData\Local\TechSmith =>.TechSmith
O43 - CFD: 17/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\TeknoGods
O43 - CFD: 15/04/2017 - [0] D -- C:\Users\AYMEN\AppData\Local\TempOfficeC2R915108DA-D31A-4EBA-B085-A7EF464DC53A
O43 - CFD: 24/03/2017 - [0] D -- C:\Users\AYMEN\AppData\Local\Ubisoft Game Launcher =>.Ubisoft
O43 - CFD: 06/07/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\Unity =>.Unity
O43 - CFD: 22/04/2017 - [] D -- C:\Users\AYMEN\AppData\Local\VEGAS =>.VEGAS
O43 - CFD: 22/04/2017 - [] D -- C:\Users\AYMEN\AppData\Local\VEGAS Pro
O43 - CFD: 11/01/2017 - [] D -- C:\Users\AYMEN\AppData\Local\Warframe =>.Digital Extremes
O43 - CFD: 24/03/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\wf-launcher
O43 - CFD: 04/08/2016 - [] D -- C:\Users\AYMEN\AppData\Local\Wondershare =>.Wondershare
O43 - CFD: 28/04/2017 - [] D -- C:\Users\AYMEN\AppData\Local\Zaczero
O43 - CFD: 13/05/2018 - [] D -- C:\Users\AYMEN\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 08/05/2016 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Adobe =>.Adobe
O43 - CFD: 22/04/2016 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\BAVData
O43 - CFD: 15/08/2016 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Deceptive Games
O43 - CFD: 05/08/2015 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Google =>.Google
O43 - CFD: 13/06/2017 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Heroes and Generals =>.Games Software
O43 - CFD: 06/09/2016 - [0] DC -- C:\Users\AYMEN\AppData\LocalLow\Intel =>.Intel Corporation
O43 - CFD: 16/05/2016 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\IObit =>.IObit
O43 - CFD: 13/05/2018 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Mozilla =>.Mozilla Corporation
O43 - CFD: 04/07/2016 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\NLTech
O43 - CFD: 22/08/2015 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Oracle =>.Oracle
O43 - CFD: 17/08/2015 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Section Studios
O43 - CFD: 14/03/2017 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\SKS
O43 - CFD: 31/07/2015 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Sun =>.Oracle
O43 - CFD: 31/03/2017 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\SUPERHOT_Team
O43 - CFD: 31/10/2016 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\UIG
O43 - CFD: 19/01/2016 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Unity =>.Unity
O43 - CFD: 13/05/2018 - [] DC -- C:\Users\AYMEN\Desktop\nothing stop me
O43 - CFD: 13/05/2018 - [] DC -- C:\Users\AYMEN\Desktop\دراسة
O43 - CFD: 12/04/2018 - [] RDC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 05/04/2016 - [0] DC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AoaoPhoto Digital Studio =>.AoaoPhoto Digital Studio
O43 - CFD: 05/02/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
O43 - CFD: 08/04/2018 - [0] D -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell =>.Dell
O43 - CFD: 31/08/2017 - [0] D -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc =>.Discord Inc
O43 - CFD: 05/02/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc =>.Hammer & Chisel, Inc
O43 - CFD: 20/07/2016 - [0] DC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line =>.Image-Line
O43 - CFD: 05/02/2018 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 13/03/2017 - [0] D -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MobiKin
O43 - CFD: 05/02/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games =>.My.com
O43 - CFD: 05/02/2018 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pdfFactory Pro
O43 - CFD: 20/11/2015 - [0] DC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder =>.SNC
O43 - CFD: 06/07/2016 - [0] DC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
O43 - CFD: 05/02/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games
O43 - CFD: 05/02/2018 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs =>.Topaz Labs
O43 - CFD: 23/11/2016 - [0] D -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio
O43 - CFD: 05/02/2018 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 07/10/2016 - [] D -- C:\Users\Default\AppData\Local\ATI =>.ATI
O43 - CFD: 07/10/2016 - [] D -- C:\Users\Default User\AppData\Local\ATI =>.ATI
O43 - CFD: 09/02/2018 - [0] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\DBG =>.DBG
---\\ ShellIconOverlayIdentifiers (SIOI) (6) - 1s
O106 - SIOI: [ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll =>.Tonec Inc.®
O106 - SIOI: [ AccExtIco1] - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}. (. - Core Sync.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated®
O106 - SIOI: [ AccExtIco2] - {853B7E05-C47D-4985-909A-D0DC5C6D7303}. (. - Core Sync.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated®
O106 - SIOI: [ AccExtIco3] - {42D38F2E-98E9-4382-B546-E24E4D6D04BB}. (. - Core Sync.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated®
O106 - SIOI: [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\WINDOWS\System32\cscui.dll =>.Microsoft Corporation
---\\ Search Context Menu Handlers (SCMH) (35) - 3s
O108 - CMH1: ###MegaContextMenuExt [64Bits] - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (.Orphan.)
O108 - CMH1: AccExt [64Bits] - {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} . (. - Core Sync.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated®
O108 - CMH1: ANotepad++64 [64Bits] - {B298D29A-A6ED-11DE-BA8C-A68E55D89593} . (. - ShellHandler for Notepad++ (64 bit).) -- C:\Program Files (x86)\Notepad++\NppShell_06.dll =>.Notepad++®
O108 - CMH1: Baidu_Scan [64Bits] - {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} . (.Orphan.)
O108 - CMH1: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- C:\Program Files\Windows Defender\shellext.dll =>.Microsoft Windows®
O108 - CMH1: ModernSharing [64Bits] - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH1: SHAREit.FileContextMenuExt [64Bits] - {430BD134-576D-4E75-87CD-0F5C6221A82B} . (.Orphan.)
O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: TotalConverter [64Bits] - {280CFDE1-1354-4431-92F3-03073BA593FB} . (...) -- f:\Program Files (x86)\CoolUtils\TotalAudioConverter\axTotalConverter64.dll (.not file.)
O108 - CMH1: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH1: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH2: Baidu_Scan [64Bits] - {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} . (.Orphan.)
O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH4: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- C:\Program Files\Windows Defender\shellext.dll =>.Microsoft Windows®
O108 - CMH4: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - Client Side Caching UI.) -- C:\WINDOWS\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH4: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH5: ACE [64Bits] - {5E2121EE-0300-11D4-8D3B-444553540000} . (.Advanced Micro Devices, Inc. - AMD Desktop Control Panel.) -- C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll =>.Advanced Micro Devices, Inc.®
O108 - CMH5: igfxDTCM [64Bits] - {9B5F5829-A529-4B12-814A-E81BCB8D93FC} . (.Intel Corporation - igfxDTCM Module.) -- C:\WINDOWS\system32\igfxDTCM.dll =>.Intel Corporation
O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH5: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH6: AccExt [64Bits] - {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} . (. - Core Sync.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated®
O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH6: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - Client Side Caching UI.) -- C:\WINDOWS\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH6: PintoStartScreen [64Bits] - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - App Resolver.) -- C:\Windows\System32\appresolver.dll =>.Microsoft Windows®
O108 - CMH6: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O108 - CMH7: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- C:\Program Files\Windows Defender\shellext.dll =>.Microsoft Windows®
O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
---\\ Image File Execution Options (18) - 2s
O50 - IFEO:C:\Windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\\3] =>.Microsoft Windows®
O50 - IFEO:C:\WINDOWS\System32\drvinst.exe - (.Microsoft Corporation - Driver Installation Module.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialization Utility.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mmc.exe - (.Microsoft Corporation - Microsoft Management Console.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\MRT.exe - (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) [CFGOptions\\1] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\\1118481] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\rundll32.exe - (.Microsoft Corporation - Windows host process (Rundll32).) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\\4294967296] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Host Process for Windows Services.) [MinimumStackCommitInBytes\\32768] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Host Process for Windows Services.) [MitigationAuditOptions\\17660905521152] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
---\\ System Drivers List (121) - 24s
O58 - SDL:2017/06/18 11:33:24 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\01232848.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/15 15:47:14 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\0DE10029.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/18 11:38:08 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\15272BE7.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/11 06:35:05 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\184E2107.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/11 06:03:44 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\18B60908.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/11 06:02:40 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\199C0837.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/15 15:48:13 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\3B0D00E9.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/10 14:46:40 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\3D1D4B23.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/09/29 14:41:02 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107416] =>.Microsoft Windows®
O58 - SDL:2017/06/11 06:43:26 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\4346276B.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/05/28 16:54:21 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\4A8C3522.sys [251832] =>.Malwarebytes Corporation®
O58 - SDL:2017/05/29 13:21:33 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\56F36062.sys [251832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/18 11:34:21 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\5A562902.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/18 11:38:01 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\6F402BD0.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/15 15:47:56 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\714A00B2.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/07/01 23:48:26 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\7B145295.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/09/29 14:41:02 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135512] =>.Microsoft Windows®
O58 - SDL:2015/07/31 22:36:58 A . (.Advanced Micro Devices, Inc. - AMD PCI Root Bus Lower Filter.) -- C:\WINDOWS\System32\drivers\amdkmpfd.sys [82696] =>.Advanced Micro Devices, Inc.®
O58 - SDL:2017/09/29 14:41:02 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83352] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [258592] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [27032] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131992] =>.Microsoft Windows®
O58 - SDL:2015/07/30 23:04:51 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\aswTap.sys [44640] =>.AVAST Software a.s.®
O58 - SDL:2015/06/16 02:29:58 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\drivers\athw10x.sys [4316784] =>.Qualcomm Atheros Communications, Inc.
O58 - SDL:2017/09/29 14:40:59 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\drivers\athw8x.sys [4233728] =>.Qualcomm Atheros Communications, Inc.
O58 - SDL:2013/08/15 20:13:30 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\drivers\athwbx.sys [3859968] =>.Qualcomm Atheros Communications, Inc.
O58 - SDL:2015/09/01 10:01:10 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\atikmdag.sys [21655080] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2015/09/01 10:01:08 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\WINDOWS\System32\drivers\atikmpag.sys [686120] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2017/09/29 14:41:02 A . (. - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Broadcom Corporation
O58 - SDL:2015/06/29 19:59:52 A . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\WINDOWS\System32\drivers\btfilter.sys [609992] =>.Qualcomm Atheros®
O58 - SDL:2017/09/29 14:41:01 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [533912] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\cht4dx64.sys [141208] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) -- C:\WINDOWS\System32\drivers\cht4sx64.sys [357272] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T5/T6 Chip.) -- C:\WINDOWS\System32\drivers\cht4vx64.sys [1723288] =>.Microsoft Windows®
O58 - SDL:2013/06/29 17:10:58 A . (.Mobile Connector - USB Modem/Serial Device Driver.) -- C:\WINDOWS\System32\drivers\cmusbser.sys [118144] =>.Mobile Connector
O58 - SDL:2017/12/14 11:16:00 A . (.Dell Inc. - DDDriver.sys.) -- C:\WINDOWS\System32\drivers\DDDriver64Dcsa.sys [41608] =>.Techporch Incorporated®
O58 - SDL:2017/12/14 11:16:00 A . (.Dell Computer Corporation - DellProf.sys.) -- C:\WINDOWS\System32\drivers\DellProf.sys [41208] =>.Techporch Incorporated®
O58 - SDL:2015/10/29 18:23:56 AC . (.American Megatrends Inc. - DuOS DuoVM Driver.) -- C:\WINDOWS\System32\drivers\DuoVMDrv.sys [246720] {5F2E8BED39F2DAF916B80B78BA5058E9} =>.American Megatrends Inc.
O58 - SDL:2017/09/29 14:41:01 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3419032] =>.Microsoft Windows®
O58 - SDL:2018/05/13 10:59:24 A . (.Malwarebytes - Malwarebytes Anti-Ransomware Protection.) -- C:\WINDOWS\System32\drivers\farflt.sys [112864] =>.Malwarebytes Corporation®
O58 - SDL:2015/05/07 10:49:50 A . (.Intel Corporation - BIOS Update Driver.) -- C:\WINDOWS\System32\drivers\flashud.sys [51712] =>.Intel Corporation
O58 - SDL:2014/12/23 17:02:22 AC . (.NETGATE Technologies s.r.o. - FortKnox Personal Firewall.) -- C:\WINDOWS\System32\drivers\fortknoxfw.sys [71504] =>.NETGATE Technologies s.r.o.®
O58 - SDL:2012/07/17 18:12:08 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECIx64.sys [62784] =>.Intel Corporation®
O58 - SDL:2017/09/29 14:41:02 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [63520] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:40:59 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys [36864] =>.Intel(R) Corporation
O58 - SDL:2017/09/29 14:40:59 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [91648] =>.Intel(R) Corporation
O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360] =>.Intel Corporation
O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576] =>.Intel Corporation
O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520] =>.Intel Corporation
O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592] =>.Intel Corporation
O58 - SDL:2017/09/29 14:41:01 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2013/08/30 21:18:02 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorA.sys [644968] =>.Intel Corporation - Intel® Rapid Storage Technology®
O58 - SDL:2017/09/29 14:41:03 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [674200] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:03 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412056] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [526232] =>.Microsoft Windows®
O58 - SDL:2016/05/16 13:33:48 A . (.Intel Corporation - Intel(R) Watchdog Timer Driver (Intel(R) WD.) -- C:\WINDOWS\System32\drivers\ICCWDT.sys [38680] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
O58 - SDL:2018/03/01 15:36:14 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\WINDOWS\System32\drivers\idmwfp.sys [226032] =>.Tonec Inc.®
O58 - SDL:2016/05/03 23:30:46 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [3811288] =>.Intel(R) pGFX®
O58 - SDL:2015/08/21 11:50:48 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [463112] =>.Intel Corporation - Client Components Group®
O58 - SDL:2015/12/01 20:46:03 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\intelaud.sys [50160] =>.Intel(R) Wireless Display®
O58 - SDL:2017/09/12 04:14:02 A . (.Intel Corporation - Intel(R) Network Adapter Diagnostic Driver.) -- C:\WINDOWS\System32\drivers\iqvw64e.sys [37832] =>.Intel(R) Intel Network Drivers®
O58 - SDL:2015/12/01 20:46:03 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\iwdbus.sys [38896] =>.Intel(R) Wireless Display®
O58 - SDL:2017/09/29 14:41:02 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108064] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [123800] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [103320] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82840] =>.Microsoft Windows®
O58 - SDL:2018/03/19 12:57:14 A . (...) -- C:\WINDOWS\System32\drivers\mbae64.sys [76192] =>.Malwarebytes Corporation®
O58 - SDL:2018/05/13 11:51:09 A . (.Malwarebytes - Malwarebytes Real-Time Protection.) -- C:\WINDOWS\System32\drivers\mbam.sys [44768] =>.Malwarebytes Corporation®
O58 - SDL:2018/05/13 11:51:04 A . (.Malwarebytes - Malwarebytes Chameleon.) -- C:\WINDOWS\System32\drivers\MbamChameleon.sys [193768] =>.Malwarebytes Corporation®
O58 - SDL:2018/05/13 07:19:01 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [253664] =>.Malwarebytes Corporation®
O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59800] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys [63520] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575896] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [842648] =>.Microsoft Windows®
O58 - SDL:2018/03/29 21:54:08 A . (.LLC Mail.Ru - Mail.Ru AntiCheat Driver.) -- C:\WINDOWS\System32\drivers\mracdrv.sys [9188520] {0D80906F98A4F294ECE988859BB8D5DB} =>.LLC Mail.Ru
O58 - SDL:2017/09/29 14:41:02 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63896] =>.Microsoft Windows®
O58 - SDL:2018/05/13 10:59:24 A . (.Malwarebytes - Malwarebytes Web Protection.) -- C:\WINDOWS\System32\drivers\mwac.sys [102112] =>.Malwarebytes Corporation®
O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [108952] =>.Microsoft Windows®
O58 - SDL:2013/03/01 02:49:12 AC . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\WINDOWS\System32\drivers\npf.sys [36600] =>.Riverbed Technology, Inc.®
O58 - SDL:2017/09/29 14:41:02 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150424] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166296] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58776] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [61848] =>.Microsoft Windows®
O58 - SDL:2016/04/21 12:24:28 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\ptun0901.sys [27136] =>.The OpenVPN Project
O58 - SDL:2016/06/08 14:01:28 A . (.Resplendence Software Projects Sp. - Resplendence WhySoSlow Monitoring Driver.) -- C:\WINDOWS\System32\drivers\rspWhy64.sys [28928] =>.Daniel Terhell®
O58 - SDL:2018/04/08 17:45:31 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Dr.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [1026896] =>.Realtek Semiconductor Corp.®
O58 - SDL:2017/09/29 14:41:14 RA . (.Realtek - Realtek PCIe GBE Family Controller Flight.) -- C:\WINDOWS\System32\drivers\rteth.sys [59904] =>.Realtek
O58 - SDL:2015/05/26 18:55:32 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4468952] =>.Realtek Semiconductor Corp®
O58 - SDL:2015/08/13 06:31:18 A . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\WINDOWS\System32\drivers\RtsUer.sys [410848] =>.Realtek Semiconductor Corp®
O58 - SDL:2016/03/29 19:14:02 A . (.Screaming Bee Inc - Screaming Bee Virtual Microphone.) -- C:\WINDOWS\System32\drivers\ScreamingBAudio64.sys [54000] =>.Screaming Bee Inc®
O58 - SDL:2016/03/09 20:43:14 AC . (...) -- C:\WINDOWS\System32\drivers\semav6msr64.sys [21984] =>.Intel(R) Code Signing External®
O58 - SDL:2017/09/29 14:41:02 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44952] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81816] =>.Microsoft Windows®
O58 - SDL:2018/04/08 17:48:46 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys [59480] =>.Synaptics Incorporated®
O58 - SDL:2018/04/08 17:48:46 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [63576] =>.Synaptics Incorporated®
O58 - SDL:2018/04/08 17:48:46 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys [63576] =>.Synaptics Incorporated®
O58 - SDL:2016/04/05 23:24:31 AC . (.Duplex Secure Ltd - SCSI Pass Through Direct Driver.) -- C:\WINDOWS\System32\drivers\sptd2.sys [203832] =>.Disc Soft Ltd®
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [108800] =>.DEVGURU CO LTD®
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [206080] =>.DEVGURU CO LTD®
O58 - SDL:2014/01/22 08:52:12 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Mobile OBEX Device Driver (MSS.) -- C:\WINDOWS\System32\drivers\ssudobex.sys [206080] =>.DEVGURU CO LTD®
O58 - SDL:2017/09/29 14:41:02 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31128] =>.Microsoft Windows®
O58 - SDL:2018/04/08 17:48:46 A . (.Synaptics Incorporated - Synaptics I2C Driver.) -- C:\WINDOWS\System32\drivers\SynRMIHID_Aux.sys [57432] =>.Synaptics Incorporated®
O58 - SDL:2018/04/08 17:48:46 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [876632] =>.Synaptics Incorporated®
O58 - SDL:2014/11/05 14:16:32 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\tap0901.sys [27136] =>.The OpenVPN Project
O58 - SDL:2016/04/26 16:10:00 A . (.Tunngle.net GmbH - TAP-Win32 Virtual Network Driver (NDIS 6.0).) -- C:\WINDOWS\System32\drivers\tap0901t.sys [48824] =>.Tunngle.net GmbH®
O58 - SDL:2016/05/27 11:34:56 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\WINDOWS\System32\drivers\taphss6.sys [42064] =>.AnchorFree Inc®
O58 - SDL:2016/01/19 22:50:38 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [202032] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
O58 - SDL:2015/09/19 14:32:17 AC . (...) -- C:\WINDOWS\System32\drivers\TrueSight.sys [37624] =>.Adlice®
O58 - SDL:2016/09/30 01:12:02 A . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\WINDOWS\System32\drivers\vmci.sys [105024] =>.VMware, Inc.®
O58 - SDL:2016/11/11 23:16:40 A . (.VMware, Inc. - VMware VMware Input Filter and Injection Dr.) -- C:\WINDOWS\System32\drivers\vmkbd.sys [52288] =>.VMware, Inc.®
O58 - SDL:2015/11/05 18:53:25 AC . (...) -- C:\WINDOWS\System32\drivers\voxaldriverx64.sys [34512] =>.NCH Software®
O58 - SDL:2017/09/29 14:41:02 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166808] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305560] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [32152] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [64920] =>.Microsoft Windows®
O58 - SDL:2016/12/23 08:24:48 A . (...) -- C:\WINDOWS\System32\ambakdrv.sys [51120] =>.CHENGDU AOMEI Tech Co., Ltd.®
O58 - SDL:2016/12/23 08:24:48 A . (...) -- C:\WINDOWS\System32\ammntdrv.sys [171952] =>.CHENGDU AOMEI Tech Co., Ltd.®
O58 - SDL:2016/12/25 23:26:16 A . (...) -- C:\WINDOWS\System32\ampa.sys [38320] =>.CHENGDU AOMEI Tech Co., Ltd.®
O58 - SDL:2016/12/23 08:24:48 A . (...) -- C:\WINDOWS\System32\amwrtdrv.sys [38320] =>.CHENGDU AOMEI Tech Co., Ltd.®
O58 - SDL:2015/06/16 02:29:58 N . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\athw10x.sys [4316784] =>.Qualcomm Atheros Communications, Inc.
---\\ Last modified or created user files (4) - 98s
O61 - LFC: 2018/05/13 10:39:55 AC . (..) -- C:\Users\AYMEN\Downloads\ccsetup542pro.exe [0]
O61 - LFC: 2018/05/13 10:19:23 AC . (..) -- C:\Users\AYMEN\Downloads\Firefox Installer (1).exe [0]
O61 - LFC: 2018/05/13 10:19:07 AC . (..) -- C:\Users\AYMEN\Downloads\Firefox Installer.exe [0]
O61 - LFC: 2018/05/13 11:57:31 A . (.Solvusoft.) -- C:\Users\AYMEN\Downloads\Setup_WinThruster_2018.exe [2748472] {0087212C793673F38A9FDD9E7EE670CD33} =>.SUP.WinThruster
---\\ File Associations Shell Spawning (8) - 0s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
---\\ Start Menu Internet (16) - 1s
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe =>.Opera Software AS®
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software
---\\ Search Browser Infection (6) - 23s
O69 - SBI: prefs.js [AYMEN - z6m4so44.default-1459101750759] user_pref("browser.search.selectedEngine", "Search Provided by Yahoo"); =>.SUP.SearchProvided
O69 - SBI: prefs.js [AYMEN - z6m4so44.default-1459101750759] user_pref("browser.search.defaultenginename", "Search Provided by Yahoo"); =>.SUP.SearchProvided
O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
---\\ Search Svchost Services (48) - 1s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [188928] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [188928] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [270848] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1275904] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [984064] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [820224] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [30720] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [144896] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [150528] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [109056] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [880640] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [220160] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [407040] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [387584] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [108544] =>.Microsoft Corporation
O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) -- C:\Windows\System32\PushToInstall.dll [254976] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\Windows\System32\Windows.SharedPC.AccountManager.dll [194560] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\Windows\System32\XblGameSave.dll [1272320] =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Natural Authentication Service.) -- C:\Windows\System32\NaturalAuth.dll [795136] =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) -- C:\Windows\System32\TokenBroker.dll [1228800] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll [46080] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\Windows\System32\XblAuthManager.dll [1107968] =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infrared Monitor.) -- C:\Windows\System32\irmon.dll [24576] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [104960] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [930816] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [491520] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [73216] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [601088] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [307200] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2784256] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [1346560] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [613376] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [702464] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\Windows\System32\dmwappushsvc.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight Settings.) -- C:\Windows\System32\flightsettings.dll [779264] =>.Microsoft Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) -- C:\Windows\System32\WpnService.dll [284672] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\Windows\System32\XboxNetApiSvc.dll [1143808] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\Windows\System32\usocore.dll [1298944] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\Windows\System32\usermgr.dll [951808] =>.Microsoft Corporation
O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) -- C:\Windows\System32\InstallService.dll [1313792] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [69632] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [387072] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [238080] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\Windows\System32\NetSetupSvc.dll [308224] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\NcaSvc.dll [170496] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\System32\wlidsvc.dll [2222592] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) -- C:\Windows\System32\XboxGipSvc.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [196096] =>.Microsoft Corporation
---\\ Firewall Active Exception List (30) - 11s
O87 - FAEL: "{1EA7CED7-AE3C-408B-A804-2F5175A7C787}" [In-None-P17-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe =>.Valve®
O87 - FAEL: "{62ADE26A-FD74-4813-B8ED-F2A5C08758D1}" [In-None-P6-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe =>.Valve®
O87 - FAEL: "UDP Query User{8FD7D264-4A0A-4A39-BC5D-6728792B4117}E:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe" [In-None-P17-TRUE] .(...) -- E:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe =>.Mail.Ru, LLC®
O87 - FAEL: "TCP Query User{6B34301B-D570-4B59-9483-2F62199CCE5B}E:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe" [In-None-P6-TRUE] .(...) -- E:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe =>.Mail.Ru, LLC®
O87 - FAEL: "UDP Query User{584EBD1E-D5A8-4CD7-BC2E-0991F7954F88}C:\users\aymen\desktop\dune 2000\dune2000.dat" [In-None-P17-TRUE] .(...) -- C:\users\aymen\desktop\dune 2000\dune2000.dat (.not file.) =>.SUP.Orphan
O87 - FAEL: "TCP Query User{0C708224-C4D4-4E87-9561-77AF3464E6C0}C:\users\aymen\desktop\dune 2000\dune2000.dat" [In-None-P6-TRUE] .(...) -- C:\users\aymen\desktop\dune 2000\dune2000.dat (.not file.) =>.SUP.Orphan
O87 - FAEL: "{BA82E40F-10C4-46B1-84DC-58C98F798416}" [In-None-P17-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe =>.Mail.Ru, LLC®
O87 - FAEL: "{23EB1AF8-0E04-4A52-9253-00FF64B7C4E7}" [In-None-P6-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe =>.Mail.Ru, LLC®
O87 - FAEL: "{8CDC7C35-DE41-432A-9C3A-524BB666D4E7}" [In-None-P17-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\hl2.exe =>.Valve®
O87 - FAEL: "{0D50680D-40F5-421F-9617-92AC9235025C}" [In-None-P6-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\hl2.exe =>.Valve®
O87 - FAEL: "{4B1C6D57-CC8F-4052-A9E8-398297B968B2}" [In-None-P17-TRUE] .(...) -- C:\Program Files\AMI\DuOS\CamProvider.exe
O87 - FAEL: "{63BC4F92-8F12-4FAD-A249-CE379FD17881}" [Out-None-P17-TRUE] .(...) -- C:\Program Files\AMI\DuOS\CamProvider.exe
O87 - FAEL: "{9178DB02-F6A5-4D33-87D0-A9C409207568}" [In-None-P17-TRUE] .(...) -- C:\Program Files\AMI\DuOS\..\DuoVM\DuoVMHeadless.exe {372C81C75EB7FD87BDFFF3C2AC0A3D5D}
O87 - FAEL: "{D5A2163E-ECB5-49FF-9FBB-1B8C8218579C}" [Out-None-P17-TRUE] .(...) -- C:\Program Files\AMI\DuOS\..\DuoVM\DuoVMHeadless.exe {372C81C75EB7FD87BDFFF3C2AC0A3D5D}
O87 - FAEL: "TCP Query User{49B6C10E-1DBB-4A02-B80F-E2BF12F8A679}F:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe" [In-None-P6-TRUE] .(...) -- F:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe
O87 - FAEL: "UDP Query User{8F20574E-D145-4618-BDF5-FDDC41000FEA}F:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe" [In-None-P17-TRUE] .(...) -- F:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe
O87 - FAEL: "{E7797A2D-F465-40AA-89DA-3F2140AD43BE}" [In-None-P6-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Valve®
O87 - FAEL: "{31E5FF68-4AD4-4361-B938-86DB75B7150A}" [In-None-P17-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Valve®
O87 - FAEL: "{D635924A-A296-489C-B10E-630EA9CFAFC6}" [In-None-P6-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe =>.Steam Games
O87 - FAEL: "{00711660-7315-4EFF-97FB-FDFE3D17C819}" [In-None-P17-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe =>.Steam Games
O87 - FAEL: "TCP Query User{8FEB5131-2854-4298-B939-ABC526578C42}E:\program files (x86)\steam\steamapps\common\dawarfaceda\mycomgames\mycomgames.exe" [In-None-P6-TRUE] .(...) -- E:\program files (x86)\steam\steamapps\common\dawarfaceda\mycomgames\mycomgames.exe =>.Mail.Ru, LLC®
O87 - FAEL: "UDP Query User{942DBB4B-F31D-4FB4-92AD-3FBB38D59E78}E:\program files (x86)\steam\steamapps\common\dawarfaceda\mycomgames\mycomgames.exe" [In-None-P17-TRUE] .(...) -- E:\program files (x86)\steam\steamapps\common\dawarfaceda\mycomgames\mycomgames.exe =>.Mail.Ru, LLC®
O87 - FAEL: "TCP Query User{56AD99D6-D41A-45CA-8D88-61E6CAF26B1A}E:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe" [In-None-P6-TRUE] .(...) -- E:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe =>.Mail.Ru, LLC®
O87 - FAEL: "UDP Query User{632A0E12-96B8-4EF6-985E-69B86B546CF7}E:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe" [In-None-P17-TRUE] .(...) -- E:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe =>.Mail.Ru, LLC®
O87 - FAEL: "TCP Query User{81C90E2E-940E-4272-A0E4-655FA0576E9D}F:\program files (x86)\hyxd\engine\binaries\win32\hyxd.exe" [In-None-P6-TRUE] .(...) -- F:\program files (x86)\hyxd\engine\binaries\win32\hyxd.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O87 - FAEL: "UDP Query User{9F6321B8-D6A0-4B70-BBAC-D267AC667CD8}F:\program files (x86)\hyxd\engine\binaries\win32\hyxd.exe" [In-None-P17-TRUE] .(...) -- F:\program files (x86)\hyxd\engine\binaries\win32\hyxd.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O87 - FAEL: "TCP Query User{6AF8E030-C8DE-441B-9B43-AF71FDBB7BD2}F:\program files (x86)\hyxd\engine\binaries\win32\cc\ccmini.exe" [In-None-P6-FALSE] .(.网易公司 - CC直播软件.) -- F:\program files (x86)\hyxd\engine\binaries\win32\cc\ccmini.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O87 - FAEL: "UDP Query User{11EE2801-02EB-40F1-9CBC-96DCCE573A26}F:\program files (x86)\hyxd\engine\binaries\win32\cc\ccmini.exe" [In-None-P17-FALSE] .(.网易公司 - CC直播软件.) -- F:\program files (x86)\hyxd\engine\binaries\win32\cc\ccmini.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O87 - FAEL: "TCP Query User{B31F3D7E-93C5-4B32-A2AC-A7DD5B81E707}F:\games\blur\blur.exe" [In-None-P6-TRUE] .(...) -- F:\games\blur\blur.exe
O87 - FAEL: "UDP Query User{CF49FBE0-775C-4EAA-A67D-43B1F60B6020}F:\games\blur\blur.exe" [In-None-P17-TRUE] .(...) -- F:\games\blur\blur.exe
---\\ Product Upgrade Codes (7) - 0s
O90 - PUC: "2B2307032FA67D649B332634D8BEB2A9" [HKLM] . (.Maxx Audio Installer (x64).) -- C:\WINDOWS\Installer\{307032B2-6AF2-46D7-B933-62438DEB2B9A}\ARPPRODUCTICON.exe
O90 - PUC: "7D2F387510059040002000060BECB6AB" [HKLM] . (.AutoCAD 2007 - English.)
O90 - PUC: "A6B9578B1DE2EEBF9F459AE9BEC8D34F" [HKLM] . (.AMD Install Manager.) -- C:\WINDOWS\Installer\{B8759B6A-2ED1-FBEE-F954-A99EEB8C3DF4}\ARPPRODUCTICON.exe
O90 - PUC: "ABEEF276C92F36348A0DE8AB1662B588" [HKLM] . (.AE CC x64.) -- C:\WINDOWS\Installer\{672FEEBA-F29C-4363-A8D0-8EBA61265B88}\ARPPRODUCTICON.exe
O90 - PUC: "D81EABF14ED4AA7438CE1D0B642F26CD" [HKLM] . (.PDF Settings CC.)
O90 - PUC: "A4FCC3782CF65A96A94DDF737DCF6E9B" [HKCU] . (.PX Profile Update.) -- %APPDATA%\Microsoft\Installer\{873CCF4A-6FC2-69A5-9AD4-FD37D7FCE6B9}\ARPPRODUCTICON.exe
O90 - PUC: "A4FCC3782CF65A96A94DDF737DCF6E9B" [HKU] . (.PX Profile Update.) -- %APPDATA%\Microsoft\Installer\{873CCF4A-6FC2-69A5-9AD4-FD37D7FCE6B9}\ARPPRODUCTICON.exe
---\\ Windows Installer Scan (73) - 36s
[MD5.F0EE2E7F283866A2A0FEA9BE2D12A979] [WIS][2018/02/27 23:33:10] (.Google Inc. - Google Update Helper.) -- C:\WINDOWS\Installer\114b41f6.msi [40960] =>.Google Inc.
[MD5.23B97F4BEDD554D3F629B60637AFC936] [WIS][2015/03/17 09:42:22] (.Adobe Systems Incorporated.) -- C:\WINDOWS\Installer\130839f6.msi [2792960] =>.Adobe Systems Incorporated
[MD5.76CC303E2EF8E1C66CB29759ED0B2C07] [WIS][2006/03/10 20:07:26] (.Autodesk, Inc. - AutoCAD 2007.) -- C:\WINDOWS\Installer\15b4389.msi [4748800] =>.Autodesk, Inc.
[MD5.8545FEC35C50F0F8C535516A935915DB] [WIS][2017/01/22 21:43:17] (.Adobe Systems Incorporated.) -- C:\WINDOWS\Installer\2b230d.msi [93054976] =>.Adobe Systems Incorporated
[MD5.73FE7C6D4F30EEB6509E14C0A979271C] [WIS][2018/04/08 15:46:32] (.Dell Inc. - Dell SupportAssist Agent.) -- C:\WINDOWS\Installer\31b0923.msi [3534336] =>.Dell Inc.
[MD5.40F40A74CBA9C7CDC393E7E5674A85A3] [WIS][2018/04/08 16:53:56] (.InstallShield.) -- C:\WINDOWS\Installer\350c29a.msi [3850240] =>.InstallShield
[MD5.41F5AA8C3A635A3D28F7A404CB8C4D59] [WIS][2016/08/31 00:51:34] (.Advanced Micro Devices, Inc. - AMD Installer (64 bit).) -- C:\WINDOWS\Installer\3d5feea.msi [10629632] =>.Advanced Micro Devices, Inc.
[MD5.A84C71A679722A78B491681B196015EF] [WIS][2015/07/16 20:43:24] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\3f3cc.msi [786432] =>.Advanced Micro Devices, Inc.
[MD5.ACAC15FFBBCC106D26896E15B7A18D26] [WIS][2015/08/25 18:30:16] (.AMD - PX Profile Update.) -- C:\WINDOWS\Installer\41f9bcd.msi [662528] =>.AMD
[MD5.44C53A7841236C4F7BD686CA3CA4C913] [WIS][2013/08/01 23:26:26] (.Advanced Micro Devices, Inc. - Branding.) -- C:\WINDOWS\Installer\41f9bd4.msi [420864] =>.Advanced Micro Devices, Inc.
[MD5.A70B9C888FFB1ACEC45BE5782C0F54AD] [WIS][2015/08/25 18:26:20] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9bdb.msi [702464] =>.Advanced Micro Devices, Inc.
[MD5.788B56EFAC1B97AC08D289DF1A6BD413] [WIS][2015/08/25 18:26:28] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9be2.msi [724992] =>.Advanced Micro Devices, Inc.
[MD5.FF7452E48DC872B020D9C155E5647364] [WIS][2015/08/25 18:26:36] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9be9.msi [683520] =>.Advanced Micro Devices, Inc.
[MD5.B3A38E3756FCD246ED44225461ECBA22] [WIS][2015/08/25 18:26:44] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9bf0.msi [711680] =>.Advanced Micro Devices, Inc.
[MD5.43D8F37317595BBA4C76CDE2C9EA30B0] [WIS][2015/08/25 18:26:52] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9bf7.msi [705024] =>.Advanced Micro Devices, Inc.
[MD5.C1CCAB5C2B8A72AB3CD7A56295A54B4E] [WIS][2015/08/25 18:27:00] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9bfe.msi [720384] =>.Advanced Micro Devices, Inc.
[MD5.5787612689D5770516BDDA18E253126E] [WIS][2015/08/25 18:27:08] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c05.msi [709632] =>.Advanced Micro Devices, Inc.
[MD5.3A3BFA10F6F08247EA8BF22876390875] [WIS][2015/08/25 18:27:14] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c0c.msi [754688] =>.Advanced Micro Devices, Inc.
[MD5.C364485C150834CC71D04F86A52242DB] [WIS][2015/08/25 18:27:22] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c13.msi [734720] =>.Advanced Micro Devices, Inc.
[MD5.4EA20AF02EE6C96BF8E8374F06008550] [WIS][2015/08/25 18:27:30] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c1a.msi [702464] =>.Advanced Micro Devices, Inc.
[MD5.B7D0227A2679274D3DFFD5E39F26B299] [WIS][2015/08/25 18:27:38] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c21.msi [696832] =>.Advanced Micro Devices, Inc.
[MD5.499A6BF420DCAF85B4D52D06E29668AE] [WIS][2015/08/25 18:27:46] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c28.msi [711680] =>.Advanced Micro Devices, Inc.
[MD5.7D9DE0731F7FEAB7D85F6D0824AAAB56] [WIS][2015/08/25 18:27:54] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c2f.msi [811008] =>.Advanced Micro Devices, Inc.
[MD5.7DB483FDBC72045D17770B767B860729] [WIS][2015/08/25 18:28:02] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c36.msi [700928] =>.Advanced Micro Devices, Inc.
[MD5.613D00C93277A501F5E13F59ED6FB954] [WIS][2015/08/25 18:28:10] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c3d.msi [707072] =>.Advanced Micro Devices, Inc.
[MD5.B2D5842889117BC42024DC0F4CF8AC4B] [WIS][2015/08/25 18:28:18] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c44.msi [709632] =>.Advanced Micro Devices, Inc.
[MD5.BD06929E00277829F9A2137BD857ABE7] [WIS][2015/08/25 18:28:28] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c4b.msi [912896] =>.Advanced Micro Devices, Inc.
[MD5.8174D3FB270D04B406049E86BF5F01ED] [WIS][2015/08/25 18:26:08] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c53.msi [56478720] =>.Advanced Micro Devices, Inc.
[MD5.8BAD3B4225E4D8C0746ED2CF02A0B249] [WIS][2014/11/25 02:16:19] (.Adobe.) -- C:\WINDOWS\Installer\4661a8c.msi [725504] =>.Adobe
[MD5.E85D953AE603484B31869F1D44B53B18] [WIS][2014/11/25 02:16:23] (.Adobe.) -- C:\WINDOWS\Installer\4661a93.msi [3670016] =>.Adobe
[MD5.7228DBC82CA0A9E878CB09B69753C522] [WIS][2014/11/25 01:56:59] (.Adobe.) -- C:\WINDOWS\Installer\4661a9a.msi [606208] =>.Adobe
[MD5.5807A6A79EBF57203BA6FD68E93A676C] [WIS][2014/11/25 02:31:23] (.Adobe.) -- C:\WINDOWS\Installer\4661aa1.msi [12719104] =>.Adobe
[MD5.79591E19208DC5B86BD93D4616BA05DA] [WIS][2014/11/25 02:11:22] (.Adobe.) -- C:\WINDOWS\Installer\4661aa8.msi [1528320] =>.Adobe
[MD5.99B044D8CC2C9E7637AC585E6F7C33D7] [WIS][2014/11/25 02:01:22] (.Adobe.) -- C:\WINDOWS\Installer\4661abd.msi [607744] =>.Adobe
[MD5.5CD8C6903B0A9C343BD5E686A17E4FCE] [WIS][2014/11/25 01:53:22] (.Adobe.) -- C:\WINDOWS\Installer\4661ac4.msi [510976] =>.Adobe
[MD5.F156597BB08A28CEF382D400174143A1] [WIS][2014/11/25 02:16:19] (.Adobe.) -- C:\WINDOWS\Installer\4661acb.msi [1911808] =>.Adobe
[MD5.5FE7FABB34FC006A8E695768312BE6AF] [WIS][2014/11/25 02:16:19] (.Adobe.) -- C:\WINDOWS\Installer\4661ad2.msi [620032] =>.Adobe
[MD5.C373839181FE00CDF257141CC2E06F66] [WIS][2014/11/25 01:56:59] (.Adobe.) -- C:\WINDOWS\Installer\4661ad9.msi [3123200] =>.Adobe
[MD5.3841F694ABB9528590CE22BA4A0346D4] [WIS][2014/11/25 01:57:00] (.Adobe.) -- C:\WINDOWS\Installer\4661ae0.msi [532992] =>.Adobe
[MD5.8EEC79D881395D5DF73B9217ACE95E7A] [WIS][2014/11/25 02:21:23] (.Adobe.) -- C:\WINDOWS\Installer\4661ae7.msi [9998336] =>.Adobe
[MD5.88B9A2B7DCE6843EE5509C3D9957C66B] [WIS][2013/08/30 21:20:32] (.Intel Corporation - Intel(R) Rapid Storage Technology.) -- C:\WINDOWS\Installer\53fb4a.msi [9093120] =>.Intel Corporation
[MD5.E4AF16B0574B2598AADD353A35A3722B] [WIS][2012/04/26 12:47:29] (.Adobe.) -- C:\WINDOWS\Installer\669b754.msi [2211328] =>.Adobe
[MD5.78B41A323699DAF1C25265890733BE26] [WIS][2012/04/26 12:37:34] (.Adobe.) -- C:\WINDOWS\Installer\669b75d.msi [1997312] =>.Adobe
[MD5.8D747F92E4F256FB4A0AD4CB36651815] [WIS][2015/12/04 20:06:21] (.American Megatrends Inc. - DuOS.) -- C:\WINDOWS\Installer\696533e.msi [232812544] =>.American Megatrends Inc.
[MD5.3A6F581777F935A2223C6FB5DB7452D0] [WIS][2015/09/17 20:05:18] (.Lenovo Group Limited - Metric Collection SDK Redistributable.) -- C:\WINDOWS\Installer\6cc81b.msi [2161152] =>.Lenovo Group Limited
[MD5.D5B618BB341B0BF273D224AE766D394F] [WIS][2015/05/28 04:42:46] (.Waves Audio Ltd..) -- C:\WINDOWS\Installer\6fe7d.msi [53039616] =>.Waves Audio Ltd.
[MD5.19029E9B65CE2B1C2686473E0AC3E093] [WIS][2016/11/09 11:28:44] (.TechSmith Corporation - Camtasia 9.0.1.1422 64-bit.) -- C:\WINDOWS\Installer\7603397.msi [287002624] =>.TechSmith Corporation
[MD5.16D3F94BA8D38A212EF92277404754EC] [WIS][2017/04/10 19:23:12] (.Mojang - Minecraft.) -- C:\WINDOWS\Installer\820626.msi [2314240] =>.Mojang
[MD5.06B8E457FA28727AAD1A0A36E56557E8] [WIS][2018/04/23 07:31:25] (.Oracle Corporation - Java SE Runtime Environment 8 Update 171.) -- C:\WINDOWS\Installer\9567c80.msi [35319808] =>.Oracle Corporation
[MD5.EFAFE089C4933ED9F788AD68EEA4FE57] [WIS][2018/04/23 07:31:16] (.Oracle Corporation - Java Auto Updater.) -- C:\WINDOWS\Installer\9567c8f.msi [761856] =>.Oracle Corporation
[MD5.122FB021820D01E086DC7C7AED830220] [WIS][2016/05/01 17:11:40] (.Samsung Electronics Co., Ltd..) -- C:\WINDOWS\Installer\9eb5c5d.msi [38777344] =>.Samsung Electronics Co., Ltd.
[MD5.7F9BBDB60B98B6AB6A09446AFADA65CB] [WIS][2018/02/26 17:04:54] (.Adobe Systems Incorporated - Adobe ARM Installer.) -- C:\WINDOWS\Installer\abf9abd.msi [884736] =>.Adobe Systems Incorporated
[MD5.E4CED53FDF4CD47C9C3578F75C4CF37E] [WIS][2017/04/05 19:24:16] (.MAGIX Computer Products Intl. Co. - MSVCRT Redists.) -- C:\WINDOWS\Installer\b90a4e3.msi [6299648] =>.MAGIX Computer Products Intl. Co.
[MD5.4902238AC0198ADCF2147B51B8A68F97] [WIS][2017/04/22 18:50:05] (.VEGAS - VEGAS Pro 14.0 (64-bit).) -- C:\WINDOWS\Installer\b90a4ea.msi [1449984] =>.VEGAS
[MD5.2D79399C9FEA8C45A9601569E9CDA139] [WIS][2014/02/01 03:23:28] (.Adobe Systems Incorporated - PDF Settings CC.) -- C:\WINDOWS\Installer\d125b.msi [2259968] =>.Adobe Systems Incorporated
[MD5.53B0FC6601C0D177F230AC4FF04C5C32] [WIS][2016/02/27 00:05:22] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\130839f7.msp [64245760] =>.SUP.Obsolete.Adobe
[MD5.4B436CCB79A1D51BF61E44378C2F5DAB] [WIS][2017/08/28 17:41:00] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\13b1220a.msp [100036608] =>.Adobe Systems, Incorporated
[MD5.339631DF934AFC2BE35E2B27A6F7DB06] [WIS][2016/11/03 08:25:06] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\1501808a.msp [1642496] =>.SUP.Obsolete.Adobe
[MD5.82F476D2A7125BB7EBF5A2A657BAB293] [WIS][2017/11/13 05:26:16] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\1575a28e.msp [23506944] =>.Adobe Systems, Incorporated
[MD5.3617A09ABC822D955214EBE86A991CF3] [WIS][2017/11/29 11:42:28] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\18d8ed54.msp [1355776] =>.Adobe Systems, Incorporated
[MD5.72C91237F7C7A0527FA5F0752CF81A66] [WIS][2017/01/19 11:28:55] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\18e650c4.msp [1937408] =>.Adobe Systems, Incorporated
[MD5.557170C4FCC0754B372A5FC174735242] [WIS][2016/06/02 05:48:41] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\1f75c643.msp [2772992] =>.SUP.Obsolete.Adobe
[MD5.50A28B22FFDE4D837B145DB7A22E94C5] [WIS][2016/05/10 04:20:29] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\23b211b4.msp [58986496] =>.SUP.Obsolete.Adobe
[MD5.E3869EFD0836C950E46B02D3CBC67184] [WIS][2017/01/09 04:41:00] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\2cb99436.msp [25853952] =>.Adobe Systems, Incorporated
[MD5.C233BD1DB45AF8BACD0F3C0D8A646740] [WIS][2016/05/19 04:30:11] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\396f5dd.msp [1429504] =>.SUP.Obsolete.Adobe
[MD5.BD4423645209FA4CE380C43C1633F4E4] [WIS][2016/07/12 04:25:29] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\3c579aa.msp [39538688] =>.SUP.Obsolete.Adobe
[MD5.BE6A566FB4F01E8ACBFD41BD236D651D] [WIS][2018/04/08 19:55:16] (.Dell Inc..) -- C:\WINDOWS\Installer\3fed61c.msp [33320960] =>.Dell Inc.
[MD5.A58EAEAA86B7D4FA1891CA2EEDDCA3DD] [WIS][2018/02/12 15:26:08] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\4059235.msp [103362560] =>.Adobe Systems, Incorporated
[MD5.F9FD1AB516C661D9938213AA661350B7] [WIS][2016/08/02 12:49:06] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\6b4731.msp [1511424] =>.SUP.Obsolete.Adobe
[MD5.4D64DE5B41C39FA6192C22CBCD826FBA] [WIS][2016/10/10 08:29:03] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\9645ffb.msp [36499456] =>.SUP.Obsolete.Adobe
[MD5.A9095FC652E0273E10F1D9481C59067D] [WIS][2018/02/23 14:25:19] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\abf9ad1.msp [1343488] =>.Adobe Systems, Incorporated
[MD5.CECF2A7991F74C858965EA972A43CE3F] [WIS][2017/04/10 06:34:32] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\c0b520d.msp [57815040] =>.Adobe Systems, Incorporated
[MD5.F767152C881F505C5BBAC71A825C1263] [WIS][2017/02/21 13:33:51] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\eaa459d.msp [12845056] =>.Adobe Systems, Incorporated
---\\ FEATURE CONTROLE. (3) - 0s
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:Filmora.exe
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:CamtasiaStudio.exe
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:Euro Truck Simulator 2 Trainer.exe
---\\ Additional Scan (O88) (30) - 21s
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinThruster_is1 =>.SUP.WinThruster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinThruster_is1 =>.SUP.WinThruster
C:\Program Files (x86)\Mirillis =>.SUP.Empty
C:\Program Files (x86)\WinThruster =>.SUP.WinThruster
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster =>.SUP.WinThruster
C:\Users\AYMEN\AppData\Roaming\Hola =>PUP.Optional.HolaSearch
C:\Users\AYMEN\AppData\Roaming\WinThruster =>.SUP.WinThruster
C:\Users\AYMEN\AppData\Local\Hola =>PUP.Optional.HolaSearch
C:\Users\AYMEN\AppData\Local\MSfree Inc =>HackTool.WinActivator
C:\Users\AYMEN\AppData\Local\PackageAware =>.SUP.BearShare
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\###MegaContextMenuExt =>.SUP.Orphan
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Baidu_Scan =>.SUP.Orphan
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt =>.SUP.Orphan
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\TotalConverter =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{280CFDE1-1354-4431-92F3-03073BA593FB} =>.SUP.Orphan
HKLM\Software\Wow6432Node\Classes\CLSID\{280CFDE1-1354-4431-92F3-03073BA593FB} =>.SUP.Orphan
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>.SUP.Orphan
HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
C:\Users\AYMEN\Downloads\Setup_WinThruster_2018.exe =>.SUP.WinThruster
C:\WINDOWS\Installer\130839f7.msp =>.SUP.Obsolete.Adobe
C:\WINDOWS\Installer\1501808a.msp =>.SUP.Obsolete.Adobe
C:\WINDOWS\Installer\1f75c643.msp =>.SUP.Obsolete.Adobe
C:\WINDOWS\Installer\23b211b4.msp =>.SUP.Obsolete.Adobe
C:\WINDOWS\Installer\396f5dd.msp =>.SUP.Obsolete.Adobe
C:\WINDOWS\Installer\3c579aa.msp =>.SUP.Obsolete.Adobe
C:\WINDOWS\Installer\6b4731.msp =>.SUP.Obsolete.Adobe
C:\WINDOWS\Installer\9645ffb.msp =>.SUP.Obsolete.Adobe
C:\Users\AYMEN\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome
---\\ Summary of the elements found (16) - 0s
https://nicolascoolman.eu/2017/11/01/adware-mybrowser/ =>PUP.Optional.MyBrowser
https://www.anti-malware.top/2016/04/30/superfluous-skillbrains/ =>.SUP.Skillbrains
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.WinThruster
https://www.nicolascoolman.com/fr/hijacker-holasearch/ =>PUP.Optional.HolaSearch
https://nicolascoolman.eu/2017/09/19/adware-installcore-3/ =>Adware.InstallCore
https://nicolascoolman.eu/2017/12/26/sup-advancedsystemcare/ =>.SUP.AdvancedSystemCare
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/ =>.SUP.ByteFence
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.eSupport
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator
https://nicolascoolman.eu/2017/09/15/sup-bearshare/ =>.SUP.BearShare
https://nicolascoolman.eu/2017/09/12/origine-lignes-orphelines/ =>.SUP.Orphan
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.SearchProvided
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Obsolete.Adobe
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Chrome
~ Unselected Options: O82,
~ End of the scan, 11201 items in 07mn01s (1911)(0)
~ Run by AYMEN (Administrator) (2018/05/13 12:31:01)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Certificate ZHPDiag: Legal
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\AYMEN\Desktop\ZHPDiag.txt
~ Report: C:\Users\AYMEN\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Windows 10 Pro, 64-bit (Build 16299) =>.Microsoft Corporation
---\\ Internet Browsers (5) - 0s
~ GCIE: Google Chrome v64.0.3282.186
~ MFIE: Mozilla Firefox 60.0 (x64 en-US)
~ MFIE: Opera 52.0.2871.99
~ MSIE: Microsoft Edge v40
~ MSIE: Internet Explorer v11.371.16299.0
---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : KO
---\\ System protection software (2) - 5s
Windows Defender W10 (Activate) (Protection)
Malwarebytes version 3.4.5.2467 v3.4.5.2467 (Protection)
---\\ Surveillance software (3) - 5s
~ Adobe Flash Player 29 NPAPI (Surveillance)
~ Adobe Flash Player 29 PPAPI (Surveillance)
~ Adobe Acrobat Reader DC (Surveillance)
---\\ System optimization software (2) - 5s
~ Baidu PC Faster v5.1.3.131061 (Optimisation)
~ Driver Booster 5 v5.3.0 (Optimisation)
---\\ Informations on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 4078.952 MB (27% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 60 GB (45%) free of 132 GB : OK =>.Disk Space
---\\ Connection to the system mode (3) - 0s
~ Computer Name: PC-AYMEN
~ User Name: AYMEN
~ Logged in as Administrator
---\\ Enumeration of the disk units (4) - 0s
~ Drive C: has 60 GB free of 132 GB (System)
~ Drive D: has 48 GB free of 111 GB
~ Drive E: has 40 GB free of 122 GB
~ Drive F: has 60 GB free of 110 GB
---\\ State of the Windows Security Center (7) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Search Generic System Files (24) - 2s
[MD5.A77D56422C38C1F8A00D95D2D5B1675E] - 10/02/2018 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [3904296] =>.Microsoft Windows®
[MD5.731A783A36A8E69A6434D19D98B12A09] - 29/09/2017 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [71168] =>.Microsoft Corporation
[MD5.BF3E1D9B2360C6BE4CC3094CD2DDC617] - 29/09/2017 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [359584] =>.Microsoft Corporation
[MD5.4B7CC97FD920122FD6A2224A1DC83BAF] - 30/03/2018 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [3334144] =>.Microsoft Corporation
[MD5.C67E7F605A830AA96A204ECCDC678FBC] - 30/03/2018 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [716288] =>.Microsoft Corporation
[MD5.4D487E7D2B047FB929BE00117C09F9EC] - 29/09/2017 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [414720] =>.Microsoft Corporation
[MD5.51A5224C9B00B1F31C016B4B29F3DFB7] - 13/03/2018 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [739696] =>.Microsoft Windows®
[MD5.CCF0DECFEB3D31F4CB733B39EFDFBAB3] - 13/03/2018 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [597160] =>.Microsoft Windows®
[MD5.9619C0D7DB55CC3A636A24A7D82B0C8E] - 30/03/2018 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [614304] =>.Microsoft Corporation
[MD5.6191B9B2EE0E8CB957C683B9B341CC86] - 29/09/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28568] =>.Microsoft Corporation
[MD5.9E82A95D77AC78C84BA75FF896B060BF] - 29/09/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [93184] =>.Microsoft Corporation
[MD5.6D83565C1652E80447EDEA6947FA89D7] - 29/09/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [159744] =>.Microsoft Corporation
[MD5.FAEC08F583CAD06D4F057DBB733A03A1] - 30/03/2018 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [151040] =>.Microsoft Corporation
[MD5.99A34FD1F6431A10D8C3BB50E170D0F2] - 29/09/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [86016] =>.Microsoft Corporation
[MD5.56FF074E50F9042FD2856AB3418F4B18] - 29/09/2017 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [105984] =>.Microsoft Corporation
[MD5.7BEC2AF23F586EFF0DB4DBF4331B0C70] - 29/09/2017 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [214016] =>.Microsoft Corporation
[MD5.71729B1EE949E1B092CB5CB75CC63715] - 10/02/2018 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [494488] =>.Microsoft Corporation
[MD5.E5C5E6ED3949546E2ACA79B6A3817202] - 30/03/2018 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [316928] =>.Microsoft Corporation
[MD5.ADF52C1A5831EA1009382B3BE3A204B3] - 30/03/2018 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2395040] =>.Microsoft Corporation
[MD5.2E07EC2C1622F5E7B535D62DCD61F3AB] - 29/09/2017 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [98816] =>.Microsoft Corporation
[MD5.E0220BB6580D34001D4D1D133052DAA4] - 29/09/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [106496] =>.Microsoft Corporation
[MD5.39886C19FB466BBF8AEC31E3E77C034C] - 30/03/2018 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [182784] =>.Microsoft Corporation
[MD5.09125A12CAB5F8D5EAE9C83C25792FDD] - 30/03/2018 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [121248] =>.Microsoft Corporation
[MD5.5B27846CF4B1C21AFB3A35A8336BA02F] - 04/02/2018 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [401304] =>.Microsoft Corporation
---\\ Non Microsoft non disabled Windows Services (15) - 5s
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated®
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\WINDOWS\System32\atiesrxx.exe =>.AMD
O23 - Service: AndServMgr (AndServMgr) . (.American Megatrends Inc. - AndServMgr.) - C:\Program Files\AMI\DuOS\AndServMgr.exe {5F2E8BED39F2DAF916B80B78BA5058E9} =>.American Megatrends Inc.
O23 - Service: Dell Data Vault Service API (DDVCollectorSvcApi) . (.Dell Inc. - Dell Data Vault Data Collector Service API.) - C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe =>.Dell Inc®
O23 - Service: Dell Data Vault Collector (DDVDataCollector) . (.Dell Inc. - Dell Data Vault Data Collector Service.) - C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe =>.Dell Inc®
O23 - Service: Dell Data Vault Processor (DDVRulesProcessor) . (.Dell Inc. - Dell Data Vault Rules Processor.) - C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe =>.Dell Inc®
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\WINDOWS\System32\igfxCUIService.exe =>.Intel Corporation
O23 - Service: Malwarebytes Service (MBAMService) . (.Malwarebytes - Malwarebytes Service.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
O23 - Service: OkayFreedom VPN Starter Service (OkayFreedom VPN Starter Service) . (.Steganos Software GmbH - OkayFreedom.) - C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe {6F5DBE5F762CABFA60EC08D7} =>.Steganos Software GmbH
O23 - Service: Baidu PC Faster Service 5.1.0.0 (PCFasterSvc_{PCFaster_5.1.0.0}) . (.Baidu, Inc. - Baidu PC Faster Service.) - F:\Program Files (x86)\baidu scerty\5.1.0.0\PCFasterSvc.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp®
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) . (.Dell Inc. - Service.) - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe =>.Dell Inc.®
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
O23 - Service: Wondershare Application Framework Service (WsAppService) . (.Wondershare - Wondershare Passport.) - C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe =>.Wondershare Technology Co.,Ltd®
O23 - Service: Wondershare Driver Install Service (WsDrvInst) . (...) - C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe (.not file.)
---\\ Services not Microsoft (SR=Run, SS=Stop) (32) - 24s
SS - Demand [09/02/2018] [ 83984] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SS - Demand [18/04/2018] [ 272384] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SS - Auto [05/01/2018] [ 2319848] Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated®
SS - Auto [01/09/2015] [ 265776] (AMD External Events Utility) . (.AMD.) - C:\WINDOWS\System32\atiesrxx.exe =>.Microsoft Windows Hardware Compatibility Publisher®
SS - Auto [30/10/2015] [ 82384] AndServMgr (AndServMgr) . (.American Megatrends Inc..) - C:\Program Files\AMI\DuOS\AndServMgr.exe {5F2E8BED39F2DAF916B80B78BA5058E9} =>.American Megatrends Inc.
SS - Demand [29/06/2015] [ 323152] AtherosSvc (AtherosSvc) . (...) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe =>.Atheros
SS - Disabl [02/11/2015] [ 77944] Autodesk Licensing Service (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe =>.Autodesk, Inc®
SS - Demand [08/03/2018] [ 7013384] BattlEye Service (BEService) . (...) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe =>.BattlEye Innovations e.K.®
SS - Demand [03/05/2016] [ 299488] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel(R) pGFX®
SS - Auto [14/12/2017] [ 208792] Dell Data Vault Service API (DDVCollectorSvcApi) . (.Dell Inc..) - C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe =>.Dell Inc®
SS - Auto [14/12/2017] [ 3294608] Dell Data Vault Collector (DDVDataCollector) . (.Dell Inc..) - C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe =>.Dell Inc®
SS - Auto [14/12/2017] [ 217488] Dell Data Vault Processor (DDVRulesProcessor) . (.Dell Inc..) - C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe =>.Dell Inc®
SS - Disabl [18/09/2015] [ 1357104] FlexNet Licensing Service 64 (FlexNet Licensing Service 64) . (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe =>.Flexera Software LLC®
SS - Demand [08/02/2017] [ 153752] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [08/02/2017] [ 153752] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [24/04/2012] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe =>.Intel Corporation®
SS - Auto [03/05/2016] [ 337888] Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\WINDOWS\System32\igfxCUIService.exe =>.Intel(R) pGFX®
SS - Disabl [22/04/2016] [ 2960160] LiveUpdate (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe =>.IObit Information Technology®
SS - Demand [04/09/2013] [ 390616] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products®
SR - Auto [27/03/2018] [ 6479136] Malwarebytes Service (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SS - Disabl [09/05/2018] [ 194512] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SS - Demand [29/03/2018] [ 9960560] MRAC Service (mracsvc) . (.LLC Mail.Ru.) - C:\WINDOWS\System32\mracsvc.exe {0D80906F98A4F294ECE988859BB8D5DB} =>.LLC Mail.Ru
SS - Auto [29/01/2018] [ 358408] OkayFreedom VPN Starter Service (OkayFreedom VPN Starter Service) . (.Steganos Software GmbH.) - C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe {6F5DBE5F762CABFA60EC08D7} =>.Steganos Software GmbH
SS - Auto [13/05/2015] [ 1713936] Baidu PC Faster Service 5.1.0.0 (PCFasterSvc_{PCFaster_5.1.0.0}) . (.Baidu, Inc..) - F:\Program Files (x86)\baidu scerty\5.1.0.0\PCFasterSvc.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
SS - Demand [01/03/2013] [ 118520] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe =>.Riverbed Technology, Inc.®
SS - Auto [22/05/2015] [ 294616] Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp®
SS - Disabl [08/01/2016] [ 754784] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe =>.Samsung Electronics CO., LTD.®
SS - Demand [03/04/2018] [ 1671968] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve®
SS - Auto [14/02/2018] [ 41432] Dell SupportAssist Agent (SupportAssistAgent) . (.Dell Inc..) - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe =>.Dell Inc.®
SS - Auto [08/04/2018] [ 252504] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
SS - Demand [30/06/2017] [ 873968] TunngleService (TunngleService) . (.Tunngle.net GmbH.) - C:\Program Files (x86)\Tunngle\TnglCtrl.exe =>.Tunngle.net GmbH
SS - Auto [26/01/2018] [ 495840] Wondershare Application Framework Service (WsAppService) . (.Wondershare.) - C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe =>.Wondershare Technology Co.,Ltd®
---\\ Task Planned Automatically (Register) (38) - 8s
O38 - TASK: {0C04E6C9-F40C-4E81-B6DD-E4EE686DE068} [64Bits][\Driver Booster SkipUAC (AYMEN)] - (.IObit - Driver Booster.) -- C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DriverBooster.exe [6095120] =>.IObit
O38 - TASK: {0F49DBD9-A7E5-45EB-926C-2E8F87FD085F} [64Bits][\AdobeGCInvoker-1.0-MicrosoftAccount-s-aymen07@outlook.fr] - (.Adobe Systems, Incorporated - Adobe GC Invoker Utility.) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880] =>.Adobe Systems, Incorporated
O38 - TASK: {2531A11C-C536-411A-9B51-A42225ACE436} [64Bits][\Dell SupportAssistAgent AutoUpdate] - (.Dell Inc. - SupportAssist.) -- C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [38872] =>.Dell Inc.
O38 - TASK: {2B1F7BF5-0B17-4DDD-AE12-8DACC9150B48} [64Bits][\JetBoost_AutoUpdate] - (.BlueSprig - JetBoost Updater.) -- C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe [724336] =>.BlueSprig
O38 - TASK: {3829BF64-9601-47E9-BFF6-6AEBB03A604E} [64Bits][\AMD Updater] - (.Advanced Micro Devices, Inc. - AMD Install Manager.) -- C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [10385288] =>.Advanced Micro Devices, Inc.
O38 - TASK: {3CA2553E-0FC0-44B0-823D-E407BD606E50} [64Bits][\{091933B7-6B50-4EA5-AB10-1C4EF1645C6D}] - (...) -- D:\اوتوديسك\AutoCAD 2004 FR\License.exe [48747]
O38 - TASK: {557632C9-3369-4C20-9CBE-E5D3F7C79978} [64Bits][\GoogleUpdateTaskMachineCore] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] =>.Google Inc.
O38 - TASK: {589D6D24-C025-489F-BFA9-D374A22498F4} [64Bits][\Adobe Flash Player NPAPI Notifier] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [1366528] =>.Adobe Systems Incorporated
O38 - TASK: {82DD3F42-805C-4C86-BC24-244F2ACC58B1} [64Bits][\Driver Booster Scheduler] - (.IObit - Driver Booster Scheduler.) -- C:\Program Files (x86)\IObit\Driver Booster\5.3.0\Scheduler.exe [147232] =>.IObit
O38 - TASK: {8FB4E056-BD67-40C8-ACA1-378050020DB1} [64Bits][\ParkControl] - (.Bitsum LLC - Automate, Display, and Tweak CPU Core Parki.) -- F:\Program Files\ParkControl\ParkControl.exe [421624] =>.Bitsum LLC
O38 - TASK: {95B5B579-7ACE-457C-8438-B14A8083A8AD} [64Bits][\Opera scheduled Autoupdate 1453206696] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe [1078872] =>.Opera Software
O38 - TASK: {9D996589-6AF6-49A3-9F03-ABDDDB34EA1D} [64Bits][\Adobe Flash Player PPAPI Notifier] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [1366528] =>.Adobe Systems Incorporated
O38 - TASK: {B51C00F8-5D5E-42EE-96C7-A625388FE91F} [64Bits][\Baidu PC Faster Update] - (.Baidu, Inc. - Baidu PC Faster Updater.) -- F:\Program Files (x86)\baidu scerty\5.1.0.0\Updater.exe [1359120] =>.Baidu, Inc.
O38 - TASK: {B5274BB1-3773-45E9-9F9F-10F9EB8F972E} [64Bits][\{B91A68A4-DF1E-4E3E-9658-FEA8BD5A657B}] - (.Creative Labs Inc. - OpenAL Installer.) -- C:\Program Files (x86)\OpenAL\OpenAL2_0_7.exe [809496] =>.Creative Labs Inc.
O38 - TASK: {BB20C678-81BE-4ACE-A6B9-19E519B6820C} [64Bits][\RtHDVBg_PushButton] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880] =>.Realtek Semiconductor
O38 - TASK: {C569E2D1-A0BA-4600-B8FA-578E69FFDEB5} [64Bits][\Adobe Flash Player Updater] - (.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 29.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384] =>.Adobe Systems Incorporated
O38 - TASK: {F15803DF-210F-49B2-82C5-9901391A44EE} [64Bits][\Synaptics TouchPad Enhancements] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4148312] =>.Synaptics Incorporated
O38 - TASK: {FF0447FC-B513-48B6-9792-BC91E7A77165} [64Bits][\GoogleUpdateTaskMachineUA] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] =>.Google Inc.
O38 - TASK: {FF6A4B1E-6858-4219-A7EC-C16FF37E0024} [64Bits][\Adobe Acrobat Update Task] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1183256] =>.Adobe Systems Incorporated
C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (AYMEN) - (.IObit.) -- C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DriverBooster.exe [/skipuac] =>.IObit
C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-s-aymen07@outlook.fr - (.Adobe Systems, Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [] =>.Adobe Systems, Incorporated
C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate - (.Dell Inc..) -- C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [AutoUpdate] =>.Dell Inc.
C:\WINDOWS\System32\Tasks\JetBoost_AutoUpdate - (.BlueSprig.) -- C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe [/AUTORUN] =>.BlueSprig
C:\WINDOWS\System32\Tasks\AMD Updater - (.Advanced Micro Devices, Inc..) -- C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [/AUTOUPDATEIN] =>.Advanced Micro Devices, Inc.
C:\WINDOWS\System32\Tasks\{091933B7-6B50-4EA5-AB10-1C4EF1645C6D} - (...) -- D:\اوتوديسك\AutoCAD 2004 FR\License.exe [D:\اوتوديسك\AutoCAD 2004 FR\License.exe]
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [/c] =>.Google Inc.
C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [-check plugin] =>.Adobe Systems Incorporated
C:\WINDOWS\System32\Tasks\Driver Booster Scheduler - (.IObit.) -- C:\Program Files (x86)\IObit\Driver Booster\5.3.0\Scheduler.exe [/scheduler] =>.IObit
C:\WINDOWS\System32\Tasks\ParkControl - (.Bitsum LLC.) -- F:\Program Files\ParkControl\ParkControl.exe [/systray] =>.Bitsum LLC
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1453206696 - (.Opera Software.) -- C:\Program Files (x86)\Opera\launcher.exe [--scheduledautoupdate] =>.Opera Software
C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [-check pepperplugin] =>.Adobe Systems Incorporated
C:\WINDOWS\System32\Tasks\Baidu PC Faster Update - (.Baidu, Inc..) -- F:\Program Files (x86)\baidu scerty\5.1.0.0\Updater.exe [-no_ui] =>.Baidu, Inc.
C:\WINDOWS\System32\Tasks\{B91A68A4-DF1E-4E3E-9658-FEA8BD5A657B} - (.Creative Labs Inc..) -- C:\Program Files (x86)\OpenAL\OpenAL2_0_7.exe [C:\Program Files (x86)\OpenAL\OpenAL2_0_7.exe] =>.Creative Labs Inc.
C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton - (.Realtek Semiconductor.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [/IM] =>.Realtek Semiconductor
C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [] =>.Adobe Systems Incorporated
C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [] =>.Synaptics Incorporated
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [/ua] =>.Google Inc.
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [] =>.Adobe Systems Incorporated
---\\ Auto loading programs from Registry and folders (9) - 2s
O4 - HKLM\..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Defender notification icon.) -- C:\Program Files\Windows Defender\MSASCuiL.exe =>.Microsoft Windows®
O4 - HKLM\..\Run: [AdobeGCInvoker-1.0] . (.Adobe Systems, Incorporated - Adobe GC Invoker Utility.) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe =>.Adobe Systems Incorporated®
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Wow6432Node\Run: [Baidu PC Faster 5.1.0.0] . (.Baidu, Inc. - PC Faster Tray.) -- F:\Program Files (x86)\baidu scerty\5.1.0.0\PCFTray.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O4 - HKLM\..\Wow6432Node\Run: [AdobeCEPServiceManager] . (.Adobe Systems Incorporated - Adobe CEP Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe =>.Adobe Systems Incorporated®
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.®
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows®
---\\ Process running (9) - 2s
[MD5.96FA5B38DD94C8D49289CE75150D97C3] - (.Malwarebytes - Malwarebytes Service.) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136] [PID.1720] =>.Malwarebytes Corporation®
[MD5.D6ACB2AC4CB5699FB7181DAB41085230] - (.Malwarebytes - Malwarebytes Tray Application.) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [3751712] [PID.2524] =>.Malwarebytes Corporation®
[MD5.7A55AA36D1F4FF558F21B5119DF48590] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [442832] [PID.3856] =>.Mozilla Corporation®
[MD5.7A55AA36D1F4FF558F21B5119DF48590] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [442832] [PID.2960] =>.Mozilla Corporation®
[MD5.7A55AA36D1F4FF558F21B5119DF48590] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [442832] [PID.2452] =>.Mozilla Corporation®
[MD5.7A55AA36D1F4FF558F21B5119DF48590] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [442832] [PID.3272] =>.Mozilla Corporation®
[MD5.7A55AA36D1F4FF558F21B5119DF48590] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [442832] [PID.4668] =>.Mozilla Corporation®
[MD5.7A55AA36D1F4FF558F21B5119DF48590] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [442832] [PID.4604] =>.Mozilla Corporation®
[MD5.548FEBB6B27D337D96F2587A98D36CD2] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\AYMEN\Downloads\ZHPDiag3.exe [3094400] [PID.4776] =>.Nicolas Coolman
---\\ Google Chrome, Start,Search,Extensions (22) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google-analytics.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://log.getadblock.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ping.getadblock.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.google-analytics.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://sstats.adobe.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.facebook.com =>.Facebook
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.dz =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com =>.Google Inc.
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.google.com =>.Google Inc.
G2 - GCE: Preference [AYMEN][User Data\Default] [dcanahkfmlgbgmnjlcmpmjcmbldniele] Message Cleaner =>.Senthilkumar
G2 - GCE: Preference [AYMEN][User Data\Default] [efaidnbmnnnibpcajpcglclefindmkaj] =>.Adobe Inc. {Acrobat}
G2 - GCE: Preference [AYMEN][User Data\Default] [fcachklhcihfinmagjnlomehfdhndhep] Toolkit For Facebook =>.getmyscript.com
G2 - GCE: Preference [AYMEN][User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] Michael Gundlach =>.Wladimir Palant {AdBlock}
G2 - GCE: Preference [AYMEN][User Data\Default] [hgiidlnejdlfoacoeleopkljhbckmlko] Facebook - Delete All Messages
G2 - GCE: Preference [AYMEN][User Data\Default] [icppfcnhkcmnfdhfhphakoifcfokfdhg] http://play.google.com/
G2 - GCE: Preference [AYMEN][User Data\Default] [komhbcfkdcgmcdoenjcjheifdiabikfi] Google Play =>.Google Inc.
G2 - GCE: Preference [AYMEN][User Data\Default] [ljfidlkcmdmmibngdfikhffffdmphjae] Social Book Post Manager
G2 - GCE: Preference [AYMEN][User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module =>.IDM Computer Solutions, Inc.
G2 - GCE: Preference [AYMEN][User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
G2 - GCE: Preference [AYMEN][User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (17) - 12s
M0 - MFSP: prefs.js [AYMEN - z6m4so44.default-1459101750759] http://www.malwarebytes.org/
P2 - EXT FILE: (.Youtube Mp3 Downloader - Youtube Mp3 Downloader is one of the f.) -- C:\Users\AYMEN\AppData\Roaming\Mozilla\Firefox\Profiles\z6m4so44.default-1459101750759\extensions\6asa42dfa4784fsf368g@youtubeconverter.me.xpi =>.Youtube Mp3 Downloader
P2 - EXT FILE: (.Adblock Plus - Ads were yesterday!.) -- C:\Users\AYMEN\AppData\Roaming\Mozilla\Firefox\Profiles\z6m4so44.default-1459101750759\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus
P2 - EXT FILE: (.Youtube Mp3 Downloader - Youtube Mp3 Downloader is one of the f.) -- C:\Users\AYMEN\AppData\Roaming\Mozilla\Firefox\Profiles\j3bmec51.Firefox Default-1526052356706\extensions\6asa42dfa4784fsf368g@youtubeconverter.me.xpi =>.Youtube Mp3 Downloader
P2 - EXT FILE: (.Password Exporter - Export and import your saved passwords.) -- C:\Users\AYMEN\AppData\Roaming\Mozilla\Firefox\Profiles\j3bmec51.Firefox Default-1526052356706\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi =>.Password Exporter
P2 - EXT FILE: (.Simple YouTube MP3 Button - Adds a small and simple button to YouT.) -- C:\Users\AYMEN\AppData\Roaming\Mozilla\Firefox\Profiles\j3bmec51.Firefox Default-1526052356706\extensions\{e33788ea-0bb9-4502-9c77-bdc551afc8ab}.xpi =>.Simple YouTube MP3 Button
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\followonsearch@mozilla.com.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\onboarding@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi =>.Mozilla Corporation
P2 - FPN: [HKCU] [@hola.org/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Users\AYMEN\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll =>.Adobe Systems Incorporated
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_140.dll =>.Adobe Systems Incorporated
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect] - (...) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
---\\ Internet Explorer Extensions, Start, Search (19) - 2s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com =>.Google Inc.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com =>.Google Inc.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com =>.Google Inc.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com =>.Google Inc.
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKEY_USERS\S-1-5-21-4115540981-87220204-3282228054-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com =>.Google Inc.
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (11.00.16299.371 (WinBuild.160101.0800)) -- C:\Windows\System32\ieframe.dll =>.Microsoft Corporation
---\\ INTERNET EXPLORER, trusted site and sensitive site (101) - 2s
~ IE Restricted Site Potentially Unwanted: 008i.com
~ IE Restricted Site Potentially Unwanted: 008k.com
~ IE Restricted Site Potentially Unwanted: 00hq.com
~ IE Restricted Site Potentially Unwanted: 0190-dialers.com
~ IE Restricted Site Potentially Unwanted: 01i.info
~ IE Restricted Site Potentially Unwanted: 02pmnzy5eo29bfk4.com
~ IE Restricted Site Potentially Unwanted: 05p.com
~ IE Restricted Site Potentially Unwanted: 07ic5do2myz3vzpk.com
~ IE Restricted Site Potentially Unwanted: 08nigbmwk43i01y6.com
~ IE Restricted Site Potentially Unwanted: 093qpeuqpmz6ebfa.com
~ IE Restricted Site Potentially Unwanted: 0calories.net
~ IE Restricted Site Potentially Unwanted: 0cj.net
~ IE Restricted Site Potentially Unwanted: 0scan.com
~ IE Restricted Site Potentially Unwanted: 1-britney-spears-nude.com
~ IE Restricted Site Potentially Unwanted: 1-domains-registrations.com
~ IE Restricted Site Potentially Unwanted: 1-se.com
~ IE Restricted Site Potentially Unwanted: 1001movie.com
~ IE Restricted Site Potentially Unwanted: 1001night.biz
~ IE Restricted Site Potentially Unwanted: 100gal.net
~ IE Restricted Site Potentially Unwanted: 100sexlinks.com
~ IE Restricted Site Potentially Unwanted: 101hotteens.com
~ IE Restricted Site Potentially Unwanted: 101lottery.com
~ IE Restricted Site Potentially Unwanted: 123expressview.com
~ IE Restricted Site Potentially Unwanted: 123found.com
~ IE Restricted Site Potentially Unwanted: 123keno.com
~ IE Restricted Site Potentially Unwanted: 12don.info
~ IE Restricted Site Potentially Unwanted: 143fuck.com
~ IE Restricted Site Potentially Unwanted: 17gamo.com
~ IE Restricted Site Potentially Unwanted: 17webplace.com
~ IE Restricted Site Potentially Unwanted: 180solutions.com
~ IE Restricted Site Potentially Unwanted: 1autocity.com
~ IE Restricted Site Potentially Unwanted: 1ive.net
~ IE Restricted Site Potentially Unwanted: 1se.ru
~ IE Restricted Site Potentially Unwanted: 1sexparty.com
~ IE Restricted Site Potentially Unwanted: 1stfind.com
~ IE Restricted Site Potentially Unwanted: 1stpagehere.com
~ IE Restricted Site Potentially Unwanted: 1traff.us
~ IE Restricted Site Potentially Unwanted: 1ze.net
~ IE Restricted Site Potentially Unwanted: 2-antispyware.com
~ IE Restricted Site Potentially Unwanted: 2004search.cc
~ IE Restricted Site Potentially Unwanted: 2004synchronationals.org
~ IE Restricted Site Potentially Unwanted: 2009download-best-soft.com
~ IE Restricted Site Potentially Unwanted: 2019wyt.com
~ IE Restricted Site Potentially Unwanted: 2020search.com
~ IE Restricted Site Potentially Unwanted: 20health.com
~ IE Restricted Site Potentially Unwanted: 20x2p.com
~ IE Restricted Site Potentially Unwanted: 23drf.com
~ IE Restricted Site Potentially Unwanted: 24-7find.com
~ IE Restricted Site Potentially Unwanted: 24qas.info
~ IE Restricted Site Potentially Unwanted: 24teen.com
~ IE Restricted Site Potentially Unwanted: 2828hfdy.com
~ IE Restricted Site Potentially Unwanted: 2pursuit.com
~ IE Restricted Site Potentially Unwanted: 30search.com
~ IE Restricted Site Potentially Unwanted: 31234.com
~ IE Restricted Site Potentially Unwanted: 3344g.com
~ IE Restricted Site Potentially Unwanted: 33search.cc
~ IE Restricted Site Potentially Unwanted: 34f.com
~ IE Restricted Site Potentially Unwanted: 34yo.com
~ IE Restricted Site Potentially Unwanted: 356563.net
~ IE Restricted Site Potentially Unwanted: 366ent.com
~ IE Restricted Site Potentially Unwanted: 36site.com
~ IE Restricted Site Potentially Unwanted: 3bomb.com
~ IE Restricted Site Potentially Unwanted: 3d-downloadportal.net
~ IE Restricted Site Potentially Unwanted: 3dxxx3d.com
~ IE Restricted Site Potentially Unwanted: 3xpowered.com
~ IE Restricted Site Potentially Unwanted: 4-counter.com
~ IE Restricted Site Potentially Unwanted: 404dnserror.com
~ IE Restricted Site Potentially Unwanted: 404dnspage.com
~ IE Restricted Site Potentially Unwanted: 404dnswebsite.com
~ IE Restricted Site Potentially Unwanted: 404mispage.com
~ IE Restricted Site Potentially Unwanted: 4buy.net
~ IE Restricted Site Potentially Unwanted: 4corn.net
~ IE Restricted Site Potentially Unwanted: 4ourtraff.com
~ IE Restricted Site Potentially Unwanted: 4pokertips.com
~ IE Restricted Site Potentially Unwanted: 53ia49772x7r16ks.com
~ IE Restricted Site Potentially Unwanted: 5foot.org
~ IE Restricted Site Potentially Unwanted: 5hvx2m8sixttkn8a.com
~ IE Restricted Site Potentially Unwanted: 5wheel.org
~ IE Restricted Site Potentially Unwanted: 600pics.com
~ IE Restricted Site Potentially Unwanted: 680130.net
~ IE Restricted Site Potentially Unwanted: 69teenage.com
~ IE Restricted Site Potentially Unwanted: 700xxx.com
~ IE Restricted Site Potentially Unwanted: 75tz.com
~ IE Restricted Site Potentially Unwanted: 76text-crypt.net
~ IE Restricted Site Potentially Unwanted: 777search.com
~ IE Restricted Site Potentially Unwanted: 777top.com
~ IE Restricted Site Potentially Unwanted: 7adpower.com
~ IE Restricted Site Potentially Unwanted: 7traffic.com
~ IE Restricted Site Potentially Unwanted: 888net.net
~ IE Restricted Site Potentially Unwanted: 8ad.com
~ IE Restricted Site Potentially Unwanted: 8senderos.com
~ IE Restricted Site Potentially Unwanted: 929oldies.com
~ IE Restricted Site Potentially Unwanted: 99livecam.com
~ IE Restricted Site Potentially Unwanted: a2zlinks.com
~ IE Restricted Site Potentially Unwanted: a311.com
~ IE Restricted Site Potentially Unwanted: aa02.com
~ IE Restricted Site Potentially Unwanted: aa03.com
~ IE Restricted Site Potentially Unwanted: aa04.com
~ IE Restricted Site Potentially Unwanted: aa05.com
~ IE Restricted Site Potentially Unwanted: aamhi.com
~ Microsoft Internet Explorer Restricted Site(s) Domains: 1(Good) / 4807(Bad)
---\\ Internet Explorer, Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 =>.Default.Value
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=
---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (63)
---\\ Browser Helper Object (BHO) (2) - 0s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll =>.Tonec Inc.®
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll =>.Microsoft Corporation®
---\\ Global shortcuts Startup (121) - 13s
O4 - GS\Desktop [Administrator]: Discord.lnk . (.GitHub - Update.) C:\Users\AYMEN\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\Desktop [Administrator]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Desktop [Administrator]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\AYMEN\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: OkayFreedom.lnk . (.Steganos Software GmbH - OkayFreedom.) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe {6F5DBE5F762CABFA60EC08D7} =>.Steganos Software GmbH
O4 - GS\Quicklaunch [Administrator]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Administrator]: Tunngle.lnk . (.Tunngle.net GmbH - Tunngle GUI.) C:\Program Files (x86)\Tunngle\Tunngle.exe =>.Tunngle.net GmbH
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Administrator]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) E:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\Programs [Administrator]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Programs [Administrator]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\AYMEN\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrator]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [Administrator]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Programs [Administrator]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) F:\Users\AYMEN\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [AYMEN]: Discord.lnk . (.GitHub - Update.) C:\Users\AYMEN\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\Desktop [AYMEN]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Desktop [AYMEN]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [AYMEN]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\AYMEN\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [AYMEN]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [AYMEN]: OkayFreedom.lnk . (.Steganos Software GmbH - OkayFreedom.) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe {6F5DBE5F762CABFA60EC08D7} =>.Steganos Software GmbH
O4 - GS\Quicklaunch [AYMEN]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [AYMEN]: Tunngle.lnk . (.Tunngle.net GmbH - Tunngle GUI.) C:\Program Files (x86)\Tunngle\Tunngle.exe =>.Tunngle.net GmbH
O4 - GS\sendTo [AYMEN]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [AYMEN]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [AYMEN]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [AYMEN]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) E:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\Programs [AYMEN]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Programs [AYMEN]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\AYMEN\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [AYMEN]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [AYMEN]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Programs [AYMEN]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) F:\Users\AYMEN\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [Guest]: Discord.lnk . (.GitHub - Update.) C:\Users\AYMEN\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\Desktop [Guest]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Desktop [Guest]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\AYMEN\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: OkayFreedom.lnk . (.Steganos Software GmbH - OkayFreedom.) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe {6F5DBE5F762CABFA60EC08D7} =>.Steganos Software GmbH
O4 - GS\Quicklaunch [Guest]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Guest]: Tunngle.lnk . (.Tunngle.net GmbH - Tunngle GUI.) C:\Program Files (x86)\Tunngle\Tunngle.exe =>.Tunngle.net GmbH
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Guest]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) E:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\Programs [Guest]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Programs [Guest]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\AYMEN\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Guest]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [Guest]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Programs [Guest]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) F:\Users\AYMEN\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [WDAGUtilityAccount]: Discord.lnk . (.GitHub - Update.) C:\Users\AYMEN\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\Desktop [WDAGUtilityAccount]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Desktop [WDAGUtilityAccount]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [WDAGUtilityAccount]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\AYMEN\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [WDAGUtilityAccount]: OkayFreedom.lnk . (.Steganos Software GmbH - OkayFreedom.) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe {6F5DBE5F762CABFA60EC08D7} =>.Steganos Software GmbH
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Tunngle.lnk . (.Tunngle.net GmbH - Tunngle GUI.) C:\Program Files (x86)\Tunngle\Tunngle.exe =>.Tunngle.net GmbH
O4 - GS\sendTo [WDAGUtilityAccount]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [WDAGUtilityAccount]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [WDAGUtilityAccount]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [WDAGUtilityAccount]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) E:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\Programs [WDAGUtilityAccount]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Programs [WDAGUtilityAccount]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\AYMEN\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [WDAGUtilityAccount]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [WDAGUtilityAccount]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Programs [WDAGUtilityAccount]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) F:\Users\AYMEN\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\CommonDesktop [Public]: AOMEI Partition Assistant Standard Edition 6.3.lnk . (.AOMEI Technology Co., Ltd. - AOMEI Partition Assistant.) C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.3\PartAssist.exe =>.CHENGDU AOMEI Tech Co., Ltd.®
O4 - GS\CommonDesktop [Public]: BlueStacks.lnk . (.BlueStack Systems, Inc. - BlueStacks 3.) C:\ProgramData\BlueStacks\Client\BlueStacks.exe =>.BlueStack Systems, Inc.®
O4 - GS\CommonDesktop [Public]: Blur.lnk . (...) F:\Games\Blur\Blur.exe
O4 - GS\CommonDesktop [Public]: Camtasia 9.lnk . (.TechSmith Corporation - Camtasia 9.) F:\Program Files\techsmith\Camtasia 9\CamtasiaStudio.exe =>.TechSmith Corporation®
O4 - GS\CommonDesktop [Public]: CWClient.lnk . (...) F:\Games\CWClient\CWClientLauncher.exe
O4 - GS\CommonDesktop [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Intel(R) HD Graphics Control Panel.lnk . (.Intel Corporation - GFXUIEX Module.) C:\WINDOWS\system32\GfxUIEx.exe =>.Intel Corporation
O4 - GS\CommonDesktop [Public]: Malwarebytes.lnk . (.Malwarebytes - Malwarebytes.) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: Minecraft.lnk . (.Mojang - Minecraft launcher.) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe =>.Mojang AB®
O4 - GS\CommonDesktop [Public]: OkayFreedom.lnk . (.Steganos Software GmbH - OkayFreedom.) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe {6F5DBE5F762CABFA60EC08D7} =>.Steganos Software GmbH
O4 - GS\CommonDesktop [Public]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) E:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\CommonDesktop [Public]: TruckersMP.lnk . (.Truckersmp.com - TruckersMP Launcher.) C:\Program Files\TruckersMP\Launcher.exe =>.Truckersmp.com
O4 - GS\CommonDesktop [Public]: Tunngle.lnk . (.Tunngle.net GmbH - Tunngle GUI.) C:\Program Files (x86)\Tunngle\Tunngle.exe =>.Tunngle.net GmbH
O4 - GS\CommonDesktop [Public]: WinThruster.lnk . (.Solvusoft - WinThruster.) C:\Program Files (x86)\WinThruster\WinThruster.exe {0087212C793673F38A9FDD9E7EE670CD33} =>.SUP.WinThruster
O4 - GS\Programs [Public]: Knives Out.lnk . (.NetEase - 荒野行动.) F:\Program Files (x86)\hyxd\launcher.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\AYMEN\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [Public]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\AYMEN\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Programs [Public]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) F:\Users\AYMEN\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\internet explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Steps Recorder.) C:\WINDOWS\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\WINDOWS\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Access.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Acrobat Reader DC.lnk . (.Flexera Software LLC - InstallShield.) C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\SC_Reader.ico =>.Flexera Software LLC
O4 - GS\ProgramsCommon [Public]: Adobe After Effects CC 2017.lnk . (.Adobe Systems Incorporated - Adobe After Effects CC 2017.1.) C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe =>.Adobe Systems Incorporated®
O4 - GS\ProgramsCommon [Public]: Adobe Photoshop CC (64 Bit).lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CC.) F:\Program Files\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe =>.Adobe Systems Incorporated®
O4 - GS\ProgramsCommon [Public]: Adobe Photoshop CC.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CC.) F:\Program Files\Adobe\Adobe Photoshop CC\Photoshop.exe =>.Adobe Systems Incorporated®
O4 - GS\ProgramsCommon [Public]: Excel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Intel(R) HD Graphics Control Panel.lnk . (.Intel Corporation - GFXUIEX Module.) C:\WINDOWS\system32\GfxUIEx.exe =>.Intel Corporation
O4 - GS\ProgramsCommon [Public]: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: OneNote 2016.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Opera Browser.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software AS®
O4 - GS\ProgramsCommon [Public]: Outlook.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Photo Gallery.lnk . (.Microsoft Corporation - Photo Gallery.) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: PowerPoint.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Publisher.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Skype for Business.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Word.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE =>.Microsoft Corporation
---\\ Lop.com/Domain Hijackers (8) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = 2750U
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{4d8ddc2d-9c80-42c8-8658-6d1a6a825ce7}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{739f9f3f-d6b0-40b9-87bd-6896cb9d0a5e}: DhcpNameServer = 192.168.1.1 0.0.0.0 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{8660c315-4948-4ac8-88a3-1d7da5b53348}: DhcpNameServer = 8.8.8.8 =>.France Google Cloud
O17 - HKLM\System\CCS\Services\Tcpip\..\{9e27390b-571d-4692-8e5f-ad141e7cc2b4}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{a5c3993c-f7f8-418e-9019-36f1b27223fd}: DhcpNameServer = 8.8.8.8 =>.France Google Cloud
O17 - HKLM\System\CCS\Services\Tcpip\..\{9e27390b-571d-4692-8e5f-ad141e7cc2b4}: DhcpDomain = 2750U
---\\ Extra protocols (26) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: mso-minsb-roaming.16 [64Bits] - {83C25742-A9F7-49FB-9138-434302C88D07} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: mso-minsb.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: osf-roaming.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
---\\ AppInit_DLLs Registry value Autorun (1) - 0s
O20 - Winlogon : UserInit . (.Microsoft Corporation - Userinit Logon Application.) - C:\Windows\system32\userinit.exe =>.Microsoft Corporation
---\\ List of key exploring StartupApproved (3) - 3s
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:GoogleChromeAutoLaunch_B4857DE4E7E1508F4A6DD9011BA2ADAE =>PUP.Optional.MyBrowser
[HKEY_USERS\S-1-5-21-4115540981-87220204-3282228054-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:GoogleChromeAutoLaunch_B4857DE4E7E1508F4A6DD9011BA2ADAE =>PUP.Optional.MyBrowser
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]:Lightshot =>.SUP.Skillbrains
---\\ ASIC (ActiveSetup Installed Components) (5) - 1s
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utilit.) -- C:\Windows\System32\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll =>.Microsoft Corporation®
O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\Installer\chrmstp.exe =>.Google Inc®
---\\ Software installed (97) - 40s
O42 - Logiciel: Adobe Acrobat Reader DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AC0F074E4100} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Flash Player 29 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 29 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Photoshop CC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {2D99B50E-431D-4AA8-85C1-172A6F8BCF09} =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824265200} =>.Adobe Systems Incorporated
O42 - Logiciel: AE CC x64 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {672FEEBA-F29C-4363-A8D0-8EBA61265B88} =>.Adobe Systems Incorporated
O42 - Logiciel: AOMEI Partition Assistant Standard Edition 6.3 - (.AOMEI Technology Co., Ltd..) [HKLM][64Bits] -- {02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1 =>.AOMEI Technology Co., Ltd.
O42 - Logiciel: AutoCAD 2007 - English - (.Autodesk.) [HKLM][64Bits] -- {5783F2D7-5001-0409-0002-0060B0CE6BBA} =>.Autodesk
O42 - Logiciel: AutoHotkey 1.1.26.00 - (.Lexikos.) [HKLM][64Bits] -- AutoHotkey =>.Lexikos
O42 - Logiciel: Avidemux 2.6 - 64 bits - (.Mean.) [HKLM][64Bits] -- Avidemux 2.6 - 64 bits (64-bit) =>.Mean
O42 - Logiciel: Baidu PC Faster - (.Baidu, Inc..) [HKLM][64Bits] -- Baidu PC Faster 5.1.0.0 =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O42 - Logiciel: Blender 2.78 - (.Blender Foundation.) [HKLM][64Bits] -- Steam App 365670 =>.Valve®
O42 - Logiciel: BlueStacks 3 - (.BlueStack Systems, Inc..) [HKLM][64Bits] -- BlueStacks =>.BlueStack Systems, Inc.®
O42 - Logiciel: Blur MULTi6 - ElAmigos version 1.0 - (.Activision Blizzard.) [HKLM][64Bits] -- {B951ADFB-4751-4BE4-96E3-F830C0128E5D}_is1
O42 - Logiciel: Brother MFL-Pro Suite DCP-195C - (.Brother Industries, Ltd..) [HKLM][64Bits] -- {6BF66AED-3EA4-4106-B240-5CE96C9B76B0} =>.Macrovision Corporation®
O42 - Logiciel: Camtasia 9 - (.TechSmith Corporation.) [HKLM][64Bits] -- {48cb006a-7b5b-4a48-98fd-fbd7af456b0d} =>.TechSmith Corporation®
O42 - Logiciel: Camtasia 9 - (.TechSmith Corporation.) [HKLM][64Bits] -- {D8A1F37A-B11B-4451-830D-6A243ADE2591} =>.TechSmith Corporation
O42 - Logiciel: Counter-Strike: Global Offensive - (.Valve.) [HKLM][64Bits] -- Steam App 730 =>.Valve®
O42 - Logiciel: Counter-Strike: Source - (.Valve.) [HKLM][64Bits] -- Steam App 240 =>.Valve®
O42 - Logiciel: CWClient version 1.0 - (.AbsolutSoft.) [HKLM][64Bits] -- {4D64BA0F-CF7B-4A53-AA81-6E5F33510B04}_is1 =>.AbsolutSoft
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft
O42 - Logiciel: Dell SupportAssistAgent - (.Dell.) [HKLM][64Bits] -- {9DD6B149-CEBC-4910-B11A-242393EDF6D3} =>.Dell
O42 - Logiciel: Dell Touchpad - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated®
O42 - Logiciel: Dell WLAN and Bluetooth Client Installation - (.Dell Inc..) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} =>.Dell Inc.
O42 - Logiciel: Discord - (.Discord Inc..) [HKCU][64Bits] -- Discord =>.Discord Inc.®
O42 - Logiciel: Driver Booster 5 - (.IObit.) [HKLM][64Bits] -- Driver Booster_is1 =>.IObit Information Technology®
O42 - Logiciel: Euro Truck Simulator 2 - (.SCS Software.) [HKLM][64Bits] -- Steam App 227300 =>.Valve®
O42 - Logiciel: FastStone Capture 8.6 - (.FastStone Soft.) [HKLM][64Bits] -- FastStone Capture =>.FastStone Soft
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Inpaint 6.2 - (.Teorex.) [HKLM][64Bits] -- {2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1 =>.Teorex
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} =>.Intel Corporation
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {96714280-14E6-4DF7-BACD-F797C0F17C3D} =>.Intel Corporation
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager =>.Tonec Inc.®
O42 - Logiciel: Java 8 Update 171 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F32180171F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: JetBoost - (.BlueSprig.) [HKLM][64Bits] -- JetBoost_is1 =>.BlueSprig, Inc.®
O42 - Logiciel: Malwarebytes version 3.4.5.2467 - (.Malwarebytes.) [HKLM][64Bits] -- {35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1 =>.Malwarebytes Corporation®
O42 - Logiciel: Maxx Audio Installer (x64) - (.Waves Audio Ltd..) [HKLM][64Bits] -- {307032B2-6AF2-46D7-B933-62438DEB2B9A} =>.Waves Audio Ltd.
O42 - Logiciel: Metric Collection SDK 35 - (.Lenovo Group Limited.) [HKLM][64Bits] -- {C2B5B5B0-2545-4E94-B4BA-548D4BF0B196} =>.Lenovo Group Limited
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Minecraft - (.Mojang.) [HKLM][64Bits] -- {1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872} =>.Mojang
O42 - Logiciel: Mozilla Firefox 60.0 (x64 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 60.0 (x64 en-US) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: MPC-HC 1.7.11 (64-bit) - (.MPC-HC Team.) [HKLM][64Bits] -- {2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1 =>.Fotis Zafiropoulos®
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft
O42 - Logiciel: MSVCRT Redists - (.MAGIX Computer Products Intl. Co..) [HKLM][64Bits] -- {F6698AB0-1A2A-11E7-B816-C2A106E0D44C} =>.MAGIX Computer Products Intl. Co.
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} =>.Microsoft
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} =>.Microsoft
O42 - Logiciel: My.com Game Center - (.My.com B.V..) [HKCU][64Bits] -- MyComGames =>.my.com .BV®
O42 - Logiciel: No More Room in Hell - (.No More Room in Hell Team.) [HKLM][64Bits] -- Steam App 224260 =>.Valve®
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++ =>.Notepad++ Team
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA PhysX System Software 9.17.0524 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component 64-bit Registration - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00DD-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-007E-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0401-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: OkayFreedom - (.Steganos Software GmbH.) [HKLM][64Bits] -- {3F3FB10C-7175-4D38-9335-3488B89C12AF} =>.Steganos Software GmbH
O42 - Logiciel: OpenAL - (.Open Audio Library.) [HKLM][64Bits] -- OpenAL =>.Creative Labs Inc®
O42 - Logiciel: Opera Stable 52.0.2871.99 - (.Opera Software.) [HKLM][64Bits] -- Opera 52.0.2871.99 =>.Opera Software AS®
O42 - Logiciel: Outlast - (.Red Barrels.) [HKLM][64Bits] -- Steam App 238320 =>.Valve®
O42 - Logiciel: ParkControl - (.Bitsum.) [HKLM][64Bits] -- ParkControl =>.Bitsum
O42 - Logiciel: PDF Settings CC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {1FBAE18D-4DE4-47AA-83EC-D1B046F262DC} =>.Adobe Systems Incorporated
O42 - Logiciel: PL-2303 USB-to-Serial - (.Prolific Technology INC.) [HKLM][64Bits] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E} =>.Prolific Technology INC
O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2E0C1D31-8FEC-411E-97FB-6E56BD429A98} =>.Microsoft Corporation
O42 - Logiciel: PX Profile Update - (.AMD.) [HKLM][64Bits] -- {873CCF4A-6FC2-69A5-9AD4-FD37D7FCE6B9} =>.AMD
O42 - Logiciel: Qualcomm Atheros Bluetooth Suite (64) - (.Qualcomm Atheros.) [HKLM][64Bits] -- {A84A4FB1-D703-48DB-89E0-68B6499D2801} =>.Qualcomm Atheros
O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconduct Corp..) [HKLM][64Bits] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} =>.Samsung Electronics CO., LTD.®
O42 - Logiciel: Sicyon Calculator 5.2.1 - (.Teodor Krastev.) [HKLM][64Bits] -- {0194757A-03EF-40F9-9174-32CE913C7160}_is1
O42 - Logiciel: Spotify - (.Spotify AB.) [HKCU][64Bits] -- Spotify =>.Spotify AB®
O42 - Logiciel: Steam Customizer - (.Blumont.) [HKCU][64Bits] -- Steam Customizer =>.Blumont
O42 - Logiciel: Terramining Launcher 9.2 - (.TerraminingMC.) [HKLM][64Bits] -- Terramining Launcher 9.2 =>.TerraminingMC
O42 - Logiciel: The Darkness II - (.Digital Extremes.) [HKLM][64Bits] -- Steam App 67370 =>.Valve®
O42 - Logiciel: The Forest - (.Endnight Games Ltd.) [HKLM][64Bits] -- Steam App 242760 =>.Valve®
O42 - Logiciel: TruckersMP Launcher 1.0.0.4 - (.TruckersMP Team.) [HKLM][64Bits] -- {A227B892-C548-4490-9C5D-DB341F8194A6}_is1 =>.TruckersMP Team
O42 - Logiciel: Tunngle - (.Tunngle.net GmbH.) [HKLM][64Bits] -- Tunngle_is1 =>.Tunngle.net GmbH
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer =>.Unity Technologies ApS
O42 - Logiciel: Update for Windows 10 for x64-based Systems (KB4023057) - (.Microsoft Corporation.) [HKLM][64Bits] -- {AC0D130B-8809-4125-811F-667893B90644} =>.Microsoft Corporation
O42 - Logiciel: VEGAS Pro 14.0 (64-bit) - (.VEGAS.) [HKLM][64Bits] -- {F1756240-1A2A-11E7-92A1-C2A106E0D44C} =>.VEGAS
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: VMProtect Demo v 3.1 - (.VMProtect Software.) [HKLM][64Bits] -- VMProtect Demo_is1
O42 - Logiciel: Vulkan Run Time Libraries 1.0.3.1 - (.LunarG, Inc..) [HKLM][64Bits] -- VulkanRT1.0.3.1 =>.LunarG, Inc.
O42 - Logiciel: Warface - (.Crytek.) [HKLM][64Bits] -- Steam App 291480 =>.Valve®
O42 - Logiciel: Warface My.Com - (.My.com B.V..) [HKCU][64Bits] -- Warface My.Com =>.my.com .BV®
O42 - Logiciel: WinPcap 4.1.3 - (.Riverbed Technology, Inc..) [HKLM][64Bits] -- WinPcapInst =>.Riverbed Technology, Inc.
O42 - Logiciel: WinRAR 5.31 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: WinThruster - (.Solvusoft.) [HKLM][64Bits] -- WinThruster_is1 {0087212C793673F38A9FDD9E7EE670CD33} =>.SUP.WinThruster
---\\ HKCU & HKLM Software Keys (409) - 40s
HKU\.DEFAULT\Software\Hola =>PUP.Optional.HolaSearch
HKU\S-1-5-18\Software\Hola =>PUP.Optional.HolaSearch
HKCU\Software\ProductSetup =>Adware.InstallCore
HKLM\SOFTWARE\IObit\RealTimeProtector =>.SUP.AdvancedSystemCare
HKLM\SOFTWARE\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
HKLM\SOFTWARE\Iobit\ASC =>.SUP.AdvancedSystemCare
HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence =>.SUP.ByteFence
HKLM\SOFTWARE\activision =>.Activision
HKLM\SOFTWARE\Adobe =>.Adobe
HKLM\SOFTWARE\AFPL Ghostscript
HKLM\SOFTWARE\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\ASIO =>.Steinberg Media Technologies
HKLM\SOFTWARE\ATHEROS =>.Qualcomm Atheros
HKLM\SOFTWARE\ATI =>.ATI
HKLM\SOFTWARE\ATI Technologies =>.ATI Technologies
HKLM\SOFTWARE\Autodesk =>.Autodesk
HKLM\SOFTWARE\Avidemux 2.6 - 64 bits (64-bit) =>.Mean
HKLM\SOFTWARE\Baidu =>.Baidu
HKLM\SOFTWARE\Baidu Security =>.Baidu Technology
HKLM\SOFTWARE\Baidu_Drp_pos =>.Baidu Technology
HKLM\SOFTWARE\BANDISOFT =>.Bandisoft
HKLM\SOFTWARE\Bigasoft =>.Bigasoft Corporation
HKLM\SOFTWARE\Bitsum =>.Bitsum
HKLM\SOFTWARE\BlueStacks =>.BlueStack Systems, Inc.
HKLM\SOFTWARE\BlueStacksGP =>.BlueStack Systems, Inc.
HKLM\SOFTWARE\Brother =>.Brother
HKLM\SOFTWARE\Brother Industries, Ltd. =>.Brother Industries, Ltd.
HKLM\SOFTWARE\CDDB =>.Cddb Software
HKLM\SOFTWARE\city interactive =>.City Interactive
HKLM\SOFTWARE\CyberGhost =>.CyberGhost S.R.L
HKLM\SOFTWARE\Cygwin =>.Cygwin
HKLM\SOFTWARE\Dell =>.Dell
HKLM\SOFTWARE\Dell_Wlan =>.Dell Inc.
HKLM\SOFTWARE\DropboxUpdate =>.Dropbox Inc.
HKLM\SOFTWARE\EASEUS =>.EaseUS Software
HKLM\SOFTWARE\ETS2MP
HKLM\SOFTWARE\EVP =>.EVP Software
HKLM\SOFTWARE\Fraps =>.Beepa
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\Image-Line =>.Image-Line
HKLM\SOFTWARE\Imagenomic =>.Imagenomic
HKLM\SOFTWARE\InstallShield =>.InstallShield
HKLM\SOFTWARE\Insyde =>.Insyde
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\Internet Download Manager =>.Tonec Inc
HKLM\SOFTWARE\IO3O =>.IO3O LLC
HKLM\SOFTWARE\IObit =>.IObit
HKLM\SOFTWARE\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\Khronos =>.Khronos
HKLM\SOFTWARE\Lenovo =>.Lenovo
HKLM\SOFTWARE\Locktime Software =>.Locktime Software
HKLM\SOFTWARE\Macromedia =>.Macromedia
HKLM\SOFTWARE\Macrovision =>.Macrovision
HKLM\SOFTWARE\Magix =>.Magix
HKLM\SOFTWARE\Malwarebytes' Anti-Malware =>.Malwarebytes' Anti-Malware
HKLM\SOFTWARE\MimarSinan =>.Mimar Sinan
HKLM\SOFTWARE\Mojang =>.Mojang
HKLM\SOFTWARE\MOVAVI =>.Movavi
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\NCH Software =>.NCH Software
HKLM\SOFTWARE\Nero =>.Ahead Corporation
HKLM\SOFTWARE\Notepad++ =>.Don Ho
HKLM\SOFTWARE\Nuance =>.Nuance
HKLM\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\OpenAL =>.Open Audio Library
HKLM\SOFTWARE\OpenVPN =>.OpenVPN Technologie
HKLM\SOFTWARE\Opera Software =>.Opera Software
HKLM\SOFTWARE\Oracle =>.Oracle
HKLM\SOFTWARE\Overwolf =>.Overwolf
HKLM\SOFTWARE\ParkControl
HKLM\SOFTWARE\Piriform =>.Piriform
HKLM\SOFTWARE\ProcessLasso =>.Bitsum Technologies
HKLM\SOFTWARE\Prolific Technology INC =>.Prolific Technology INC
HKLM\SOFTWARE\Prolific Technology Inc. =>.Prolific Technology Inc.
HKLM\SOFTWARE\Propellerhead Software =>.Propellerhead Software
HKLM\SOFTWARE\RapidSolution =>.RapidSolution
HKLM\SOFTWARE\Razer =>.Razer
HKLM\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\rockstar games =>.Rockstar Games
HKLM\SOFTWARE\Screaming Bee =>.Screaming Bee
HKLM\SOFTWARE\sega =>.SEGA
HKLM\SOFTWARE\simplitec =>.Simplitec
HKLM\SOFTWARE\Skillbrains =>.SUP.Skillbrains
HKLM\SOFTWARE\Skype =>.Skype
HKLM\SOFTWARE\SNC =>.SNC
HKLM\SOFTWARE\SoftVoice =>.SoftVoice
HKLM\SOFTWARE\Sony Creative Software =>.Sony Creative Software
HKLM\SOFTWARE\SourceTec =>.SourceTec
HKLM\SOFTWARE\Steganos =>.Steganos
HKLM\SOFTWARE\SuperBoost =>.QiWang
HKLM\SOFTWARE\SuppHelpDir =>.Toshiba Corporation
HKLM\SOFTWARE\synetic =>.Synetic
HKLM\SOFTWARE\TeamViewer =>.TeamViewer
HKLM\SOFTWARE\TechSmith =>.TechSmith
HKLM\SOFTWARE\ThinPrint =>.ThinPrint
HKLM\SOFTWARE\THQ =>.THQ
HKLM\SOFTWARE\Topaz Labs =>.Topaz Labs
HKLM\SOFTWARE\Tunngle.net =>.Tunngle.net
HKLM\SOFTWARE\Ubi Soft Entertainment =>.Ubisoft
HKLM\SOFTWARE\Ubisoft =>.Ubisoft
HKLM\SOFTWARE\Valve =>.Valve
HKLM\SOFTWARE\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\VMware, Inc. =>.VMware, Inc.
HKLM\SOFTWARE\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\W4
HKLM\SOFTWARE\WafCX =>.WafCX
HKLM\SOFTWARE\Waves Audio =>.Waves Audio
HKLM\SOFTWARE\WexTech Systems =>.WexTech Systems
HKLM\SOFTWARE\WIBU-SYSTEMS =>.Wibu-Systems
HKLM\SOFTWARE\WinPcap =>.Riverbed Technology
HKLM\SOFTWARE\Wondershare =>.Wondershare
HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\WUW
HKLM\SOFTWARE\Yahoo =>.Yahoo! Inc.
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\activision =>.Activision
HKLM\SOFTWARE\WOW6432Node\Adobe =>.Adobe
HKLM\SOFTWARE\WOW6432Node\AFPL Ghostscript
HKLM\SOFTWARE\WOW6432Node\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\WOW6432Node\ASIO =>.Steinberg Media Technologies
HKLM\SOFTWARE\WOW6432Node\ATHEROS =>.Qualcomm Atheros
HKLM\SOFTWARE\WOW6432Node\ATI =>.ATI
HKLM\SOFTWARE\WOW6432Node\ATI Technologies =>.ATI Technologies
HKLM\SOFTWARE\WOW6432Node\Autodesk =>.Autodesk
HKLM\SOFTWARE\WOW6432Node\Avidemux 2.6 - 64 bits (64-bit) =>.Mean
HKLM\SOFTWARE\WOW6432Node\Baidu =>.Baidu
HKLM\SOFTWARE\WOW6432Node\Baidu Security =>.Baidu Technology
HKLM\SOFTWARE\WOW6432Node\Baidu_Drp_pos =>.Baidu Technology
HKLM\SOFTWARE\WOW6432Node\BANDISOFT =>.Bandisoft
HKLM\SOFTWARE\WOW6432Node\Bigasoft =>.Bigasoft Corporation
HKLM\SOFTWARE\WOW6432Node\Bitsum =>.Bitsum
HKLM\SOFTWARE\WOW6432Node\BlueStacks =>.BlueStack Systems, Inc.
HKLM\SOFTWARE\WOW6432Node\BlueStacksGP =>.BlueStack Systems, Inc.
HKLM\SOFTWARE\WOW6432Node\Brother =>.Brother
HKLM\SOFTWARE\WOW6432Node\Brother Industries, Ltd. =>.Brother Industries, Ltd.
HKLM\SOFTWARE\WOW6432Node\CDDB =>.Cddb Software
HKLM\SOFTWARE\WOW6432Node\city interactive =>.City Interactive
HKLM\SOFTWARE\WOW6432Node\CyberGhost =>.CyberGhost S.R.L
HKLM\SOFTWARE\WOW6432Node\Cygwin =>.Cygwin
HKLM\SOFTWARE\WOW6432Node\Dell =>.Dell
HKLM\SOFTWARE\WOW6432Node\Dell_Wlan =>.Dell Inc.
HKLM\SOFTWARE\WOW6432Node\DropboxUpdate =>.Dropbox Inc.
HKLM\SOFTWARE\WOW6432Node\EASEUS =>.EaseUS Software
HKLM\SOFTWARE\WOW6432Node\ETS2MP
HKLM\SOFTWARE\WOW6432Node\EVP =>.EVP Software
HKLM\SOFTWARE\WOW6432Node\Fraps =>.Beepa
HKLM\SOFTWARE\WOW6432Node\Google =>.Google
HKLM\SOFTWARE\WOW6432Node\Image-Line =>.Image-Line
HKLM\SOFTWARE\WOW6432Node\Imagenomic =>.Imagenomic
HKLM\SOFTWARE\WOW6432Node\InstallShield =>.InstallShield
HKLM\SOFTWARE\WOW6432Node\Insyde =>.Insyde
HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel
HKLM\SOFTWARE\WOW6432Node\Internet Download Manager =>.Tonec Inc
HKLM\SOFTWARE\WOW6432Node\IO3O =>.IO3O LLC
HKLM\SOFTWARE\WOW6432Node\IObit =>.IObit
HKLM\SOFTWARE\WOW6432Node\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\WOW6432Node\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\WOW6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\WOW6432Node\Lenovo =>.Lenovo
HKLM\SOFTWARE\WOW6432Node\Locktime Software =>.Locktime Software
HKLM\SOFTWARE\WOW6432Node\Macromedia =>.Macromedia
HKLM\SOFTWARE\WOW6432Node\Macrovision =>.Macrovision
HKLM\SOFTWARE\WOW6432Node\Magix =>.Magix
HKLM\SOFTWARE\WOW6432Node\Malwarebytes' Anti-Malware =>.Malwarebytes' Anti-Malware
HKLM\SOFTWARE\WOW6432Node\MimarSinan =>.Mimar Sinan
HKLM\SOFTWARE\WOW6432Node\Mojang =>.Mojang
HKLM\SOFTWARE\WOW6432Node\MOVAVI =>.Movavi
HKLM\SOFTWARE\WOW6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\WOW6432Node\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\WOW6432Node\NCH Software =>.NCH Software
HKLM\SOFTWARE\WOW6432Node\Nero =>.Ahead Corporation
HKLM\SOFTWARE\WOW6432Node\Notepad++ =>.Don Ho
HKLM\SOFTWARE\WOW6432Node\Nuance =>.Nuance
HKLM\SOFTWARE\WOW6432Node\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\WOW6432Node\OpenAL =>.Open Audio Library
HKLM\SOFTWARE\WOW6432Node\OpenVPN =>.OpenVPN Technologie
HKLM\SOFTWARE\WOW6432Node\Opera Software =>.Opera Software
HKLM\SOFTWARE\WOW6432Node\Oracle =>.Oracle
HKLM\SOFTWARE\WOW6432Node\Overwolf =>.Overwolf
HKLM\SOFTWARE\WOW6432Node\ParkControl
HKLM\SOFTWARE\WOW6432Node\Piriform =>.Piriform
HKLM\SOFTWARE\WOW6432Node\ProcessLasso =>.Bitsum Technologies
HKLM\SOFTWARE\WOW6432Node\Prolific Technology INC =>.Prolific Technology INC
HKLM\SOFTWARE\WOW6432Node\Prolific Technology Inc. =>.Prolific Technology Inc.
HKLM\SOFTWARE\WOW6432Node\Propellerhead Software =>.Propellerhead Software
HKLM\SOFTWARE\WOW6432Node\RapidSolution =>.RapidSolution
HKLM\SOFTWARE\WOW6432Node\Razer =>.Razer
HKLM\SOFTWARE\WOW6432Node\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\WOW6432Node\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\WOW6432Node\rockstar games =>.Rockstar Games
HKLM\SOFTWARE\WOW6432Node\Screaming Bee =>.Screaming Bee
HKLM\SOFTWARE\WOW6432Node\sega =>.SEGA
HKLM\SOFTWARE\WOW6432Node\simplitec =>.Simplitec
HKLM\SOFTWARE\WOW6432Node\Skillbrains =>.SUP.Skillbrains
HKLM\SOFTWARE\WOW6432Node\Skype =>.Skype
HKLM\SOFTWARE\WOW6432Node\SNC =>.SNC
HKLM\SOFTWARE\WOW6432Node\SoftVoice =>.SoftVoice
HKLM\SOFTWARE\WOW6432Node\Sony Creative Software =>.Sony Creative Software
HKLM\SOFTWARE\WOW6432Node\SourceTec =>.SourceTec
HKLM\SOFTWARE\WOW6432Node\Steganos =>.Steganos
HKLM\SOFTWARE\WOW6432Node\SuperBoost =>.QiWang
HKLM\SOFTWARE\WOW6432Node\SuppHelpDir =>.Toshiba Corporation
HKLM\SOFTWARE\WOW6432Node\synetic =>.Synetic
HKLM\SOFTWARE\WOW6432Node\TeamViewer =>.TeamViewer
HKLM\SOFTWARE\WOW6432Node\TechSmith =>.TechSmith
HKLM\SOFTWARE\WOW6432Node\ThinPrint =>.ThinPrint
HKLM\SOFTWARE\WOW6432Node\THQ =>.THQ
HKLM\SOFTWARE\WOW6432Node\Topaz Labs =>.Topaz Labs
HKLM\SOFTWARE\WOW6432Node\Tunngle.net =>.Tunngle.net
HKLM\SOFTWARE\WOW6432Node\Ubi Soft Entertainment =>.Ubisoft
HKLM\SOFTWARE\WOW6432Node\Ubisoft =>.Ubisoft
HKLM\SOFTWARE\WOW6432Node\Valve =>.Valve
HKLM\SOFTWARE\WOW6432Node\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\WOW6432Node\VMware, Inc. =>.VMware, Inc.
HKLM\SOFTWARE\WOW6432Node\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\W4
HKLM\SOFTWARE\WOW6432Node\WafCX =>.WafCX
HKLM\SOFTWARE\WOW6432Node\Waves Audio =>.Waves Audio
HKLM\SOFTWARE\WOW6432Node\WexTech Systems =>.WexTech Systems
HKLM\SOFTWARE\WOW6432Node\WIBU-SYSTEMS =>.Wibu-Systems
HKLM\SOFTWARE\WOW6432Node\WinPcap =>.Riverbed Technology
HKLM\SOFTWARE\WOW6432Node\Wondershare =>.Wondershare
HKLM\SOFTWARE\WOW6432Node\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\WUW
HKLM\SOFTWARE\WOW6432Node\Yahoo =>.Yahoo! Inc.
HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\41BADB05E4889AE3B8A6226C5BC24846 =>Adware.CrossRider
HKCU\SOFTWARE\4A-Games =>.4A-Games
HKCU\SOFTWARE\7thShareReg
HKCU\SOFTWARE\8322898 =>.FastStone Soft
HKCU\SOFTWARE\Absolutsoft =>.AbsolutSoft
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\AlcoholSoftGen =>.Alcohol Software
HKCU\SOFTWARE\AMD =>.AMD
HKCU\SOFTWARE\AMI =>.AMI
HKCU\SOFTWARE\Andy =>.Android Studio
HKCU\SOFTWARE\AOMEI =>.AOMEI Tech Co
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\AquaSoft =>.AquaSoft
HKCU\SOFTWARE\ASProtect =>.ASPack Software
HKCU\SOFTWARE\Atheros =>.Qualcomm Atheros
HKCU\SOFTWARE\ATI =>.ATI
HKCU\SOFTWARE\Autodesk =>.Autodesk
HKCU\SOFTWARE\Baidu =>.Baidu
HKCU\SOFTWARE\Baidu Security =>.Baidu Technology
HKCU\SOFTWARE\BANDISOFT =>.Bandisoft
HKCU\SOFTWARE\Bigasoft =>.Bigasoft Corporation
HKCU\SOFTWARE\Bitsum =>.Bitsum
HKCU\SOFTWARE\BlueStacks =>.BlueStack Systems, Inc.
HKCU\SOFTWARE\Brother =>.Brother
HKCU\SOFTWARE\BugSplat =>.Bugsplat Game
HKCU\SOFTWARE\CalendarTool
HKCU\SOFTWARE\CardRecoveryPro
HKCU\SOFTWARE\CardRecoveryPro_Init
HKCU\SOFTWARE\Chromium =>.Chromium
HKCU\SOFTWARE\City Interactive =>.City Interactive
HKCU\SOFTWARE\CrystalIdea Software =>.CrystalIdea Software
HKCU\SOFTWARE\Deceptive Games
HKCU\SOFTWARE\DefaultCompany =>.Unity
HKCU\SOFTWARE\Dell =>.Dell
HKCU\SOFTWARE\DesktopPaints.com =>.DesktopPaints.com
HKCU\SOFTWARE\Digimarc =>.Digimarc
HKCU\SOFTWARE\Digital Extremes =>.Digital Extremes
HKCU\SOFTWARE\DirectShow =>.Microsoft Corporation
HKCU\SOFTWARE\DMGR1.25
HKCU\SOFTWARE\DownloadManager =>.DownloadManager
HKCU\SOFTWARE\Drivers =>.Legitimate
HKCU\SOFTWARE\DropboxUpdate =>.Dropbox Inc.
HKCU\SOFTWARE\EaseUS =>.EaseUS Software
HKCU\SOFTWARE\ElAmigos =>.ElAmigos
HKCU\SOFTWARE\Epic Games =>.Epic Games
HKCU\SOFTWARE\EpmNewsInfo =>.EaseUS Software
HKCU\SOFTWARE\ESEA
HKCU\SOFTWARE\eSellerate =>.eSellerate
HKCU\SOFTWARE\eSupport.com =>PUP.Optional.eSupport
HKCU\SOFTWARE\f23a1e2103ee4abdf95f11c9e7512493 =>Adware.CrossRider
HKCU\SOFTWARE\FastStone
HKCU\SOFTWARE\FonePaw =>.FonePaw
HKCU\SOFTWARE\FreeReign
HKCU\SOFTWARE\GAME
HKCU\SOFTWARE\GameCenter
HKCU\SOFTWARE\GetData =>.GetData
HKCU\SOFTWARE\GfaceGmbh =>.Gface GmbH
HKCU\SOFTWARE\GNU =>.GNU
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\GRAPHISOFT =>.Graphisoft
HKCU\SOFTWARE\HngSync =>.Reto-Moto Aps
HKCU\SOFTWARE\Hola =>.Hola
HKCU\SOFTWARE\Iceflake Studios
HKCU\SOFTWARE\IM =>.Legitimate
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\Image-Line =>.Image-Line
HKCU\SOFTWARE\Imagenomic =>.Imagenomic
HKCU\SOFTWARE\Imagination Technologies =>.Imagination Technologies
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\iWisoft
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\Joe Williams =>.Joe Williams
HKCU\SOFTWARE\KasperskyLab =>.Kaspersky Labs
HKCU\SOFTWARE\kde.org =>.kde.org
HKCU\SOFTWARE\Kyle Seeley =>.Kyle Seeley
HKCU\SOFTWARE\Lenovo =>.Lenovo
HKCU\SOFTWARE\Licenses =>.Microsoft Corporation
HKCU\SOFTWARE\Lubomir Dykast
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\MAGIX =>.Magix
HKCU\SOFTWARE\MainConcept =>.MainConcept AG
HKCU\SOFTWARE\MainConcept (Consumer) =>.MainConcept AG
HKCU\SOFTWARE\Malwarebytes =>.Malwarebytes
HKCU\SOFTWARE\MediaChance =>.Mediachance
HKCU\SOFTWARE\MedienTeam66
HKCU\SOFTWARE\Mine =>.Microsoft Corporation
HKCU\SOFTWARE\Mirillis =>.Mirillis
HKCU\SOFTWARE\Mixamo
HKCU\SOFTWARE\mixlr
HKCU\SOFTWARE\Mojang =>.Mojang
HKCU\SOFTWARE\MountAndBladeWarbandKeys =>.Mount And Blade
HKCU\SOFTWARE\MountAndBladeWarbandWFASKeys =>.Mount And Blade
HKCU\SOFTWARE\MOVAVI =>.Movavi
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKCU\SOFTWARE\MPC-HC =>.MPC-HC Team
HKCU\SOFTWARE\MT66
HKCU\SOFTWARE\MyComGames =>.MyComGames
HKCU\SOFTWARE\NCH Software =>.NCH Software
HKCU\SOFTWARE\Nero =>.Ahead Corporation
HKCU\SOFTWARE\Netease
HKCU\SOFTWARE\Netgate
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\Nilings =>.Nilings
HKCU\SOFTWARE\NLTech
HKCU\SOFTWARE\Obsidium
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\Opera Software =>.Opera Software
HKCU\SOFTWARE\ParkControl
HKCU\SOFTWARE\Partition Assistant
HKCU\SOFTWARE\PlutoTV =>.PlutoTV
HKCU\SOFTWARE\ProcessLasso =>.Bitsum Technologies
HKCU\SOFTWARE\Psiphon3
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\RapidSolution =>.RapidSolution
HKCU\SOFTWARE\Raptr =>.Raptr
HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKCU\SOFTWARE\ReaSoft =>.ReaSoft
HKCU\SOFTWARE\ReGen Software
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\Resplendence Sp =>.Resplendence Software
HKCU\SOFTWARE\Rocket Division Software =>.Rocket Division Software
HKCU\SOFTWARE\RocketDock =>.Punk Software
HKCU\SOFTWARE\Rockstar Games =>.Rockstar Games
HKCU\SOFTWARE\Rtp =>.RTP Software
HKCU\SOFTWARE\SAMP
HKCU\SOFTWARE\Samsung =>.Samsung Electronics
HKCU\SOFTWARE\SBDT AB
HKCU\SOFTWARE\Section Studios
HKCU\SOFTWARE\Security Without Borders
HKCU\SOFTWARE\SecuROM =>.SecuROM
HKCU\SOFTWARE\Shredder
HKCU\SOFTWARE\SkillBrains =>.SUP.Skillbrains
HKCU\SOFTWARE\SKS =>.SKS Software
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\SkypePlugin =>.Skype Technologies
HKCU\SOFTWARE\Smartly Dressed Games =>.Smartly Dressed Games
HKCU\SOFTWARE\Softplicity =>.Softplicity
HKCU\SOFTWARE\SoftVoice =>.SoftVoice
HKCU\SOFTWARE\Sony Creative Software =>.Sony Creative Software
HKCU\SOFTWARE\SourceTec =>.SourceTec
HKCU\SOFTWARE\Spotify =>.Spotify
HKCU\SOFTWARE\Steganos =>.Steganos
HKCU\SOFTWARE\SUPERHOT_Team
HKCU\SOFTWARE\Synaptics =>.Synaptics
HKCU\SOFTWARE\SyncEngines =>.Microsoft Corporation
HKCU\SOFTWARE\System32 =>.Mirillis
HKCU\SOFTWARE\TeamSpeak 3 Client =>.TeamSpeak
HKCU\SOFTWARE\techPowerUp =>.TechPowerUp
HKCU\SOFTWARE\TechSmith =>.TechSmith
HKCU\SOFTWARE\Teorex =>.Teorex
HKCU\SOFTWARE\The Silicon Realms Toolworks =>.The Silicon Realms Toolworks
HKCU\SOFTWARE\Topaz Labs =>.Topaz Labs
HKCU\SOFTWARE\TopazLabs =>.Topaz Labs
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\Tunngle.net =>.Tunngle.net
HKCU\SOFTWARE\UIG
HKCU\SOFTWARE\Unity =>.Unity
HKCU\SOFTWARE\Valve =>.Valve
HKCU\SOFTWARE\VB and VBA Program Settings =>.Microsoft Corporation
HKCU\SOFTWARE\VMware, Inc. =>.VMware, Inc.
HKCU\SOFTWARE\Waves Audio =>.Waves Audio
HKCU\SOFTWARE\WexTech Systems =>.WexTech Systems
HKCU\SOFTWARE\WIBU-SYSTEMS =>.Wibu-Systems
HKCU\SOFTWARE\Win =>.Unknown
HKCU\SOFTWARE\WinAuth3
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wondershare =>.Wondershare
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\ZebHelpProcess Helper =>.Nicolas Coolman
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\Adobe =>.Adobe
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Unity =>.Unity
---\\ Contents of the Common Files folders (380) - 38s
O43 - CFD: 10/06/2017 - [] AD -- C:\Program Files\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 05/02/2018 - [] D -- C:\Program Files\AMD =>.Advanced Micro Devices, Inc.®
O43 - CFD: 04/12/2015 - [] ADC -- C:\Program Files\AMI {372C81C75EB7FD87BDFFF3C2AC0A3D5D}
O43 - CFD: 11/05/2018 - [] D -- C:\Program Files\Dell =>.Dell
O43 - CFD: 18/03/2018 - [] D -- C:\Program Files\EaseUS =>.EaseUS Software
O43 - CFD: 11/05/2018 - [] DC -- C:\Program Files\IDMan Trial Reset
O43 - CFD: 04/02/2018 - [] D -- C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files\Intel Corporation =>.Intel Corporation
O43 - CFD: 09/09/2015 - [0] DC -- C:\Program Files\Locktime Software =>.Locktime Software
O43 - CFD: 13/05/2017 - [] D -- C:\Program Files\Malwarebytes =>.Malwarebytes
O43 - CFD: 16/02/2018 - [] D -- C:\Program Files\mmpicker
O43 - CFD: 01/05/2018 - [] D -- C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 06/07/2016 - [] AD -- C:\Program Files\Opera developer =>.Opera Software
O43 - CFD: 04/02/2018 - [] D -- C:\Program Files\Realtek =>.Realtek
O43 - CFD: 27/01/2018 - [] AD -- C:\Program Files\rempl =>.Microsoft Corporation®
O43 - CFD: 01/05/2016 - [] D -- C:\Program Files\Samsung =>.Samsung Electronics
O43 - CFD: 09/04/2017 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated®
O43 - CFD: 25/12/2016 - [] ADC -- C:\Program Files\TruckersMP
O43 - CFD: 08/04/2018 - [] D -- C:\Program Files\Waves =>.Waves Inc®
O43 - CFD: 04/03/2016 - [] ADC -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 11/06/2017 - [] ADC -- C:\Program Files (x86)\Adobe =>.Node.js Foundation®
O43 - CFD: 08/04/2018 - [] D -- C:\Program Files (x86)\AMD =>.Advanced Micro Devices, Inc.®
O43 - CFD: 03/08/2017 - [] AD -- C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.3 =>.AOMEI Tech Co
O43 - CFD: 02/11/2015 - [] ADC -- C:\Program Files (x86)\AutoCAD 2007 =>.Autodesk, Inc®
O43 - CFD: 04/01/2018 - [] D -- C:\Program Files (x86)\baidu =>.Baidu
O43 - CFD: 20/05/2016 - [] D -- C:\Program Files (x86)\BlueSprig =>.BlueSprig, Inc.®
O43 - CFD: 20/10/2017 - [] AD -- C:\Program Files (x86)\BlueStacks =>.BlueStack Systems, Inc.
O43 - CFD: 19/04/2016 - [] D -- C:\Program Files (x86)\Brother =>.Brother
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files (x86)\ChrisPC DNS Switch
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files (x86)\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 08/04/2018 - [] AD -- C:\Program Files (x86)\Dell Wireless =>.Dell Inc.
O43 - CFD: 23/05/2017 - [] DC -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 30/10/2016 - [0] D -- C:\Program Files (x86)\GUM14CA.tmp
O43 - CFD: 08/04/2016 - [0] DC -- C:\Program Files (x86)\GUMCA1C.tmp
O43 - CFD: 18/01/2018 - [] HDC -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield
O43 - CFD: 06/09/2016 - [] DC -- C:\Program Files (x86)\Intel =>.Intel Corporation
O43 - CFD: 03/04/2018 - [] DC -- C:\Program Files (x86)\Internet Download Manager =>.Tonec Inc
O43 - CFD: 08/04/2018 - [] D -- C:\Program Files (x86)\IObit =>.IObit
O43 - CFD: 23/04/2018 - [] DC -- C:\Program Files (x86)\Java =>.Oracle
O43 - CFD: 27/07/2016 - [0] D -- C:\Program Files (x86)\Mirillis =>.SUP.Empty
O43 - CFD: 09/05/2018 - [] ADC -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla
O43 - CFD: 13/05/2018 - [] DC -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla
O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Music Recorder =>.Audial AG
O43 - CFD: 08/04/2016 - [] DC -- C:\Program Files (x86)\Notepad++ =>.Don Ho
O43 - CFD: 01/05/2018 - [] D -- C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 06/04/2018 - [] AD -- C:\Program Files (x86)\OkayFreedom {6F5DBE5F762CABFA60EC08D7}
O43 - CFD: 13/07/2016 - [] D -- C:\Program Files (x86)\OpenAL =>.Open Audio Library
O43 - CFD: 06/05/2018 - [] ADC -- C:\Program Files (x86)\Opera =>.Opera Software
O43 - CFD: 12/08/2016 - [] D -- C:\Program Files (x86)\Prolific Technology Inc =>.Prolific Technology INC
O43 - CFD: 05/04/2016 - [] DC -- C:\Program Files (x86)\Realtek =>.Realtek
O43 - CFD: 01/05/2016 - [] D -- C:\Program Files (x86)\Samsung =>.Samsung Electronics
O43 - CFD: 14/01/2016 - [] ADC -- C:\Program Files (x86)\Sicyon calculator
O43 - CFD: 01/04/2016 - [] DC -- C:\Program Files (x86)\Steam Customizer
O43 - CFD: 16/05/2016 - [] D -- C:\Program Files (x86)\SuperBoost =>.QiWang
O43 - CFD: 01/05/2018 - [] D -- C:\Program Files (x86)\Tunngle =>.Tunngle.net
O43 - CFD: 23/08/2016 - [] D -- C:\Program Files (x86)\VB =>.Vincent Burel®
O43 - CFD: 04/03/2016 - [] DC -- C:\Program Files (x86)\VideoLAN =>.VideoLan Team
O43 - CFD: 24/03/2016 - [] DC -- C:\Program Files (x86)\VulkanRT =>.LunarG, Inc
O43 - CFD: 31/03/2018 - [] D -- C:\Program Files (x86)\WinPcap =>.Riverbed Technology
O43 - CFD: 13/05/2018 - [] D -- C:\Program Files (x86)\WinThruster {0087212C793673F38A9FDD9E7EE670CD33} =>.SUP.WinThruster
O43 - CFD: 05/02/2018 - [] D -- C:\Program Files (x86)\Wondershare =>.Wondershare
O43 - CFD: 15/02/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 08/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center =>.Advanced Micro Devices Inc
O43 - CFD: 04/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy =>.Android.net
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 6.3 =>.AOMEI Tech Co
O43 - CFD: 04/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk =>.Autodesk
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey =>.Chicony Multimedia
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64 bits) =>.SourceForge
O43 - CFD: 13/05/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
O43 - CFD: 01/05/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blur =>.Blur
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother =>.Brother
O43 - CFD: 16/03/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CWClient
O43 - CFD: 11/05/2018 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell =>.Dell
O43 - CFD: 08/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio =>.Dell
O43 - CFD: 08/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5 =>.IObit
O43 - CFD: 04/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DuOS
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture =>.FastStone Soft
O43 - CFD: 20/07/2016 - [0] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line =>.Image-Line
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inpaint
O43 - CFD: 05/02/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel =>.Intel Corporation
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 23/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBoost
O43 - CFD: 07/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes =>.Malwarebytes
O43 - CFD: 27/07/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis =>.Mirillis
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64 =>.MPC-HC Team
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ =>.Don Ho
O43 - CFD: 24/05/2017 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio =>.OBS Studio
O43 - CFD: 06/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
O43 - CFD: 08/05/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParkControl
O43 - CFD: 13/05/2017 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paterva =>.Paterva
O43 - CFD: 04/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung =>.Samsung Electronics
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sicyon calculator
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam Customizer
O43 - CFD: 24/03/2017 - [0] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client =>.TeamSpeak
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith =>.TechSmith
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP
O43 - CFD: 01/05/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle =>.Tunngle.net
O43 - CFD: 23/11/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio
O43 - CFD: 04/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS =>.VEGAS
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team
O43 - CFD: 04/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1 =>.Kronos Group
O43 - CFD: 31/03/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap =>.Riverbed Technology
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 13/05/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster =>.SUP.WinThruster
O43 - CFD: 05/02/2018 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare =>.Wondershare
O43 - CFD: 11/06/2017 - [] DC -- C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 04/12/2015 - [] DC -- C:\ProgramData\AMI
O43 - CFD: 11/06/2017 - [] D -- C:\ProgramData\AomeiBR =>.AOMEI Technology
O43 - CFD: 11/04/2017 - [] D -- C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 08/04/2018 - [] D -- C:\ProgramData\ATI =>.ATI
O43 - CFD: 07/11/2015 - [] DC -- C:\ProgramData\Autodesk =>.Autodesk
O43 - CFD: 11/04/2017 - [] D -- C:\ProgramData\AVAST Software =>.AVAST Software
O43 - CFD: 07/05/2017 - [] D -- C:\ProgramData\AYMEN
O43 - CFD: 04/01/2018 - [] D -- C:\ProgramData\Baidu =>.Baidu
O43 - CFD: 22/04/2016 - [] D -- C:\ProgramData\Baidu Security =>.Baidu Technology
O43 - CFD: 20/05/2016 - [] D -- C:\ProgramData\BlueSprig =>.BlueSprig
O43 - CFD: 11/11/2017 - [] D -- C:\ProgramData\BlueStacks =>.BlueStack Systems, Inc.
O43 - CFD: 11/11/2017 - [] D -- C:\ProgramData\BlueStacksSetup =>.BlueStack Systems, Inc.
O43 - CFD: 19/04/2016 - [] D -- C:\ProgramData\Brother =>.Brother
O43 - CFD: 12/11/2016 - [] D -- C:\ProgramData\Codemasters =>.Codemasters
O43 - CFD: 30/12/2016 - [0] D -- C:\ProgramData\dbg =>.DBG
O43 - CFD: 20/04/2017 - [] DC -- C:\ProgramData\Dell =>.Dell
O43 - CFD: 08/04/2018 - [] D -- C:\ProgramData\Dell Inc =>.Dell Inc.
O43 - CFD: 01/08/2015 - [] DC -- C:\ProgramData\FastStone =>.FastStone Soft
O43 - CFD: 18/09/2015 - [] DC -- C:\ProgramData\FLEXnet =>.Flexera Software
O43 - CFD: 24/03/2016 - [] DC -- C:\ProgramData\GFACE =>.Crytek
O43 - CFD: 31/12/2016 - [] DC -- C:\ProgramData\Google =>.Google
O43 - CFD: 31/07/2015 - [0] DC -- C:\ProgramData\IDM =>.IDM
O43 - CFD: 11/06/2017 - [] D -- C:\ProgramData\InstallShield =>.InstallShield
O43 - CFD: 13/05/2016 - [] DC -- C:\ProgramData\Intel =>.Intel Corporation
O43 - CFD: 24/03/2016 - [] DC -- C:\ProgramData\IntelDLM =>.Intel Corporation
O43 - CFD: 09/04/2018 - [] D -- C:\ProgramData\IObit =>.IObit
O43 - CFD: 09/09/2015 - [] DC -- C:\ProgramData\Locktime =>.Locktime Software
O43 - CFD: 17/09/2015 - [] DC -- C:\ProgramData\Logs =>.ABBYY Software
O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\MAGIX =>.Magix
O43 - CFD: 07/04/2018 - [] D -- C:\ProgramData\Malwarebytes =>.Malwarebytes
O43 - CFD: 27/07/2016 - [] D -- C:\ProgramData\Mirillis =>.Mirillis
O43 - CFD: 08/10/2016 - [] D -- C:\ProgramData\Movavi =>.Movavi
O43 - CFD: 08/10/2016 - [] D -- C:\ProgramData\Movavi Video Converter 17 =>.Movavi
O43 - CFD: 31/07/2015 - [] DC -- C:\ProgramData\Mozilla =>.Mozilla Corporation
O43 - CFD: 05/11/2015 - [] DC -- C:\ProgramData\NCH Software =>.NCH Software
O43 - CFD: 06/05/2017 - [] D -- C:\ProgramData\Nero =>.Ahead Corporation
O43 - CFD: 27/01/2018 - [] DC -- C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 22/04/2016 - [] D -- C:\ProgramData\PC Faster
O43 - CFD: 02/05/2018 - [] D -- C:\ProgramData\PCDr =>.PC-Doctor Inc.
O43 - CFD: 06/05/2017 - [] D -- C:\ProgramData\RapidSolution =>.RapidSolution
O43 - CFD: 05/02/2018 - [] DC -- C:\ProgramData\regid.1986-12.com.adobe =>.Adobe Inc.
O43 - CFD: 04/12/2015 - [0] DC -- C:\ProgramData\Reprise =>.Unknown
O43 - CFD: 01/05/2016 - [] D -- C:\ProgramData\Samsung =>.Samsung Electronics
O43 - CFD: 25/02/2017 - [] SHD -- C:\ProgramData\SecuROM =>.SecuROM
O43 - CFD: 06/05/2017 - [0] D -- C:\ProgramData\simplitec =>.Simplitec
O43 - CFD: 06/07/2016 - [] DC -- C:\ProgramData\Skype =>.Skype
O43 - CFD: 08/04/2018 - [] D -- C:\ProgramData\SupportAssist
O43 - CFD: 14/10/2016 - [] D -- C:\ProgramData\Synaptics =>.Synaptics
O43 - CFD: 05/01/2016 - [] DC -- C:\ProgramData\Synetic =>.Synetic
O43 - CFD: 18/03/2018 - [] D -- C:\ProgramData\SystemAcCrux
O43 - CFD: 25/06/2017 - [] AD -- C:\ProgramData\TechSmith =>.TechSmith
O43 - CFD: 31/12/2017 - [] D -- C:\ProgramData\TruckersMP
O43 - CFD: 01/05/2018 - [] D -- C:\ProgramData\Tunngle =>.Tunngle.net
O43 - CFD: 06/01/2017 - [] D -- C:\ProgramData\Ubisoft =>.Ubisoft
O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\VEGAS =>.VEGAS
O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\VEGAS Pro
O43 - CFD: 15/03/2018 - [] D -- C:\ProgramData\VMProtect Software
O43 - CFD: 05/02/2018 - [] D -- C:\ProgramData\Wondershare =>.Wondershare
O43 - CFD: 13/03/2017 - [] D -- C:\ProgramData\wsr
O43 - CFD: 16/05/2016 - [0] D -- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
O43 - CFD: 26/03/2016 - [] D -- C:\ProgramData\~0
O43 - CFD: 11/06/2017 - [] ADC -- C:\Program Files (x86)\Common Files\Adobe =>.Adobe
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files (x86)\Common Files\Atheros =>.Qualcomm Atheros
O43 - CFD: 02/11/2015 - [] ADC -- C:\Program Files (x86)\Common Files\Autodesk Shared =>.Autodesk
O43 - CFD: 11/04/2017 - [0] D -- C:\Program Files (x86)\Common Files\AV =>.Avast
O43 - CFD: 10/03/2018 - [] D -- C:\Program Files (x86)\Common Files\BattlEye =>.BattlEye
O43 - CFD: 20/11/2017 - [] ADC -- C:\Program Files (x86)\Common Files\DESIGNER =>.Designer
O43 - CFD: 12/08/2016 - [] D -- C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield
O43 - CFD: 09/04/2017 - [] D -- C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation
O43 - CFD: 13/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation =>.Intel Corporation
O43 - CFD: 20/07/2016 - [] D -- C:\Program Files (x86)\Common Files\IObit =>.IObit
O43 - CFD: 23/04/2018 - [] D -- C:\Program Files (x86)\Common Files\Java =>.Oracle
O43 - CFD: 06/05/2017 - [0] D -- C:\Program Files (x86)\Common Files\Nero =>.Ahead Corporation
O43 - CFD: 23/04/2018 - [] D -- C:\Program Files (x86)\Common Files\Oracle =>.Oracle
O43 - CFD: 17/10/2015 - [] DC -- C:\Program Files (x86)\Common Files\Propellerhead Software =>.Propellerhead Software AB
O43 - CFD: 05/11/2015 - [] DC -- C:\Program Files (x86)\Common Files\Screaming Bee =>.Screaming Bee
O43 - CFD: 05/04/2018 - [] DC -- C:\Program Files (x86)\Common Files\Steam =>.Steam Games
O43 - CFD: 17/07/2016 - [] D -- C:\Program Files (x86)\Common Files\Steganos =>.Steganos
O43 - CFD: 13/05/2016 - [] DC -- C:\Program Files (x86)\Common Files\Topaz Labs =>.Topaz Labs
O43 - CFD: 20/10/2017 - [] DC -- C:\Program Files (x86)\Common Files\VMware =>.VMware
O43 - CFD: 10/12/2017 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard =>.Seagate
O43 - CFD: 13/05/2017 - [0] D -- C:\Users\AYMEN\AppData\Roaming\.maltego
O43 - CFD: 15/03/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\.mono =>.Legitimate
O43 - CFD: 07/05/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\7thSdCardDataRecovery
O43 - CFD: 25/06/2017 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 04/03/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Aexyte
O43 - CFD: 16/06/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\AkiVer
O43 - CFD: 09/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\AMD =>.AMD
O43 - CFD: 20/10/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Andy =>.Android.net
O43 - CFD: 23/03/2016 - [] DC -- C:\Users\AYMEN\AppData\Roaming\AquaSoft =>.AquaSoft
O43 - CFD: 31/07/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\ATI =>.ATI
O43 - CFD: 25/09/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Audacity =>.Audacity
O43 - CFD: 02/11/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Autodesk =>.Autodesk
O43 - CFD: 25/06/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\avidemux =>.Mean
O43 - CFD: 31/10/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\BadFlyInteractive
O43 - CFD: 04/01/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Baidu =>.Baidu
O43 - CFD: 27/07/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\BANDISOFT =>.Bandisoft
O43 - CFD: 22/04/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\BavMini
O43 - CFD: 01/05/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\bizarre creations =>.Bizarre Creations
O43 - CFD: 10/06/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Blender Foundation =>.Blender Foundation
O43 - CFD: 20/10/2017 - [0] D -- C:\Users\AYMEN\AppData\Roaming\BluestacksCN
O43 - CFD: 05/08/2015 - [] RDC -- C:\Users\AYMEN\AppData\Roaming\Brother =>.Brother
O43 - CFD: 11/05/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\CC
O43 - CFD: 09/01/2016 - [] DC -- C:\Users\AYMEN\AppData\Roaming\com.wonderidea.focusky.en
O43 - CFD: 31/03/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\DarknessII
O43 - CFD: 02/05/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\discord =>.GitHub
O43 - CFD: 11/05/2018 - [] DC -- C:\Users\AYMEN\AppData\Roaming\DMCache =>.DMCache
O43 - CFD: 17/07/2016 - [0] D -- C:\Users\AYMEN\AppData\Roaming\extensions
O43 - CFD: 01/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\FastStone =>.FastStone Soft
O43 - CFD: 23/05/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Google =>.Google
O43 - CFD: 13/05/2016 - [0] DC -- C:\Users\AYMEN\AppData\Roaming\Graphisoft =>.Graphisoft
O43 - CFD: 13/06/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\HeroesAndGeneralsDesktop =>.Reto-Moto
O43 - CFD: 31/12/2016 - [0] D -- C:\Users\AYMEN\AppData\Roaming\Hola =>PUP.Optional.HolaSearch
O43 - CFD: 13/05/2018 - [] DC -- C:\Users\AYMEN\AppData\Roaming\IDM =>.IDM
O43 - CFD: 13/05/2016 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Install.GS
O43 - CFD: 19/04/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\InstallShield =>.InstallShield
O43 - CFD: 13/05/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\Intel Corporation =>.Intel Corporation
O43 - CFD: 04/10/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\IObit =>.IObit
O43 - CFD: 04/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\java =>.Oracle
O43 - CFD: 13/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\library_dir =>.library_dir
O43 - CFD: 09/09/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Locktime =>.Locktime Software
O43 - CFD: 09/09/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Locktime Software =>.Locktime Software
O43 - CFD: 27/02/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Logs =>.ABBYY Software
O43 - CFD: 06/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 22/04/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\MAGIX =>.Magix
O43 - CFD: 13/05/2016 - [0] DC -- C:\Users\AYMEN\AppData\Roaming\MAXON =>.Maxon
O43 - CFD: 27/07/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\Mirillis =>.Mirillis
O43 - CFD: 13/03/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\MobiKin
O43 - CFD: 31/10/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\Mount&Blade With Fire and Sword =>.Mount And Blade
O43 - CFD: 15/11/2017 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 20/04/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\MPC-HC =>.MPC-HC Team
O43 - CFD: 06/05/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Nero =>.Ahead Corporation
O43 - CFD: 20/04/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Netease
O43 - CFD: 28/10/2017 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Notepad++ =>.Don Ho
O43 - CFD: 02/01/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\npm
O43 - CFD: 02/01/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\npm-cache
O43 - CFD: 19/06/2016 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Opera Software =>.Opera Software
O43 - CFD: 22/04/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\PC Faster
O43 - CFD: 11/04/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Pluto TV =>.Pluto TV
O43 - CFD: 14/04/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Psiphon3
O43 - CFD: 22/04/2017 - [0] D -- C:\Users\AYMEN\AppData\Roaming\Publish Providers =>.Legitimate
O43 - CFD: 25/03/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Raptr =>.Raptr
O43 - CFD: 01/05/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\Samsung =>.Samsung Electronics
O43 - CFD: 25/02/2017 - [] RHD -- C:\Users\AYMEN\AppData\Roaming\SecuROM =>.SecuROM
O43 - CFD: 14/01/2016 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Sicyon calculator
O43 - CFD: 19/06/2016 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Skype =>.Skype
O43 - CFD: 26/10/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\Softplicity =>.Softplicity
O43 - CFD: 13/05/2017 - [0] D -- C:\Users\AYMEN\AppData\Roaming\Sony =>.Sony
O43 - CFD: 19/11/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\SourceTec =>.SourceTec
O43 - CFD: 11/05/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Spotify =>.Spotify
O43 - CFD: 18/11/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 06/04/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Steganos =>.Steganos
O43 - CFD: 24/03/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Steganos Updates
O43 - CFD: 28/09/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\Steganos VPN
O43 - CFD: 22/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Sun =>.Oracle
O43 - CFD: 16/05/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\SuperBoost =>.QiWang
O43 - CFD: 16/05/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\Synaptics =>.Synaptics
O43 - CFD: 24/12/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\TeamViewer =>.TeamViewer GmbH
O43 - CFD: 25/06/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\TechSmith =>.TechSmith
O43 - CFD: 01/05/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Tunngle =>.Tunngle.net
O43 - CFD: 06/08/2016 - [] D -- C:\Users\AYMEN\AppData\Roaming\Unity =>.Unity
O43 - CFD: 22/04/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\VEGAS =>.VEGAS
O43 - CFD: 22/04/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\VEGAS Pro
O43 - CFD: 26/03/2018 - [] DC -- C:\Users\AYMEN\AppData\Roaming\vlc =>.VideoLan Team
O43 - CFD: 20/10/2017 - [0] D -- C:\Users\AYMEN\AppData\Roaming\VMware =>.VMware
O43 - CFD: 10/05/2017 - [] D -- C:\Users\AYMEN\AppData\Roaming\WinAuth
O43 - CFD: 31/07/2015 - [] DC -- C:\Users\AYMEN\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 13/05/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\WinThruster =>.SUP.WinThruster
O43 - CFD: 05/02/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Wondershare =>.Wondershare
O43 - CFD: 13/05/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 20/04/2017 - [] D -- C:\Users\AYMEN\AppData\Local\4A Games =>.4A Games
O43 - CFD: 18/04/2018 - [] DC -- C:\Users\AYMEN\AppData\Local\Adobe =>.Adobe
O43 - CFD: 28/04/2017 - [] D -- C:\Users\AYMEN\AppData\Local\AIMWARE
O43 - CFD: 16/06/2017 - [] D -- C:\Users\AYMEN\AppData\Local\AkiVer
O43 - CFD: 13/05/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\AMD =>.AMD
O43 - CFD: 23/03/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\AquaSoft =>.AquaSoft
O43 - CFD: 31/07/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\ATI =>.ATI
O43 - CFD: 02/11/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\Autodesk =>.Autodesk
O43 - CFD: 20/02/2018 - [] D -- C:\Users\AYMEN\AppData\Local\Bluestacks =>.BlueStack Systems, Inc.
O43 - CFD: 31/07/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\CEF =>.CEF
O43 - CFD: 07/07/2016 - [] D -- C:\Users\AYMEN\AppData\Local\Chromium =>.Chromium
O43 - CFD: 08/10/2016 - [] D -- C:\Users\AYMEN\AppData\Local\converter =>.CocoonSoftware
O43 - CFD: 22/08/2016 - [] D -- C:\Users\AYMEN\AppData\Local\CrashRpt
O43 - CFD: 09/04/2017 - [0] D -- C:\Users\AYMEN\AppData\Local\DBG =>.DBG
O43 - CFD: 01/05/2018 - [] D -- C:\Users\AYMEN\AppData\Local\Discord =>.GitHub
O43 - CFD: 02/01/2017 - [] D -- C:\Users\AYMEN\AppData\Local\doctormckay
O43 - CFD: 01/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\FastStone =>.FastStone Soft
O43 - CFD: 13/03/2017 - [] D -- C:\Users\AYMEN\AppData\Local\FonePaw =>.FonePaw
O43 - CFD: 04/06/2016 - [] D -- C:\Users\AYMEN\AppData\Local\Geckofx =>.Geckofx
O43 - CFD: 23/05/2017 - [] DC -- C:\Users\AYMEN\AppData\Local\Google =>.Google
O43 - CFD: 11/11/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\Graphisoft =>.Graphisoft
O43 - CFD: 29/03/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\Hola =>PUP.Optional.HolaSearch
O43 - CFD: 13/03/2017 - [] DC -- C:\Users\AYMEN\AppData\Local\IdleMaster
O43 - CFD: 25/03/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\IIIQF =>.Scrabblo
O43 - CFD: 24/03/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\Intel =>.Intel Corporation
O43 - CFD: 27/09/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\Macromedia =>.Macromedia
O43 - CFD: 03/09/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\Mega Limited =>.MEGA Limited
O43 - CFD: 24/12/2017 - [] D -- C:\Users\AYMEN\AppData\Local\MiniService =>.Baidu Technology
O43 - CFD: 27/07/2016 - [] D -- C:\Users\AYMEN\AppData\Local\Mirillis =>.Mirillis
O43 - CFD: 08/10/2016 - [] D -- C:\Users\AYMEN\AppData\Local\Movavi =>.Movavi
O43 - CFD: 31/07/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 20/11/2017 - [] DC -- C:\Users\AYMEN\AppData\Local\MSfree Inc =>HackTool.WinActivator
O43 - CFD: 13/10/2017 - [] D -- C:\Users\AYMEN\AppData\Local\MyComGames =>.MyComGames
O43 - CFD: 31/07/2015 - [0] DC -- C:\Users\AYMEN\AppData\Local\NetworkTiles =>.NetworkTiles
O43 - CFD: 21/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\openvr =>.Legitimate
O43 - CFD: 19/06/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\Opera Software =>.Opera Software
O43 - CFD: 05/04/2016 - [0] DC -- C:\Users\AYMEN\AppData\Local\PackageAware =>.SUP.BearShare
O43 - CFD: 15/02/2018 - [] DC -- C:\Users\AYMEN\AppData\Local\PackageStaging =>.Apcera
O43 - CFD: 16/03/2018 - [0] D -- C:\Users\AYMEN\AppData\Local\PlaceholderTileLogoFolder
O43 - CFD: 06/05/2017 - [] D -- C:\Users\AYMEN\AppData\Local\RapidSolution =>.RapidSolution
O43 - CFD: 25/02/2017 - [] D -- C:\Users\AYMEN\AppData\Local\Rockstar Games =>.Rockstar Games
O43 - CFD: 03/08/2016 - [] D -- C:\Users\AYMEN\AppData\Local\roshambo_arena
O43 - CFD: 09/03/2018 - [] D -- C:\Users\AYMEN\AppData\Local\SCE =>.SCE
O43 - CFD: 19/01/2016 - [0] DC -- C:\Users\AYMEN\AppData\Local\Skype =>.Skype
O43 - CFD: 25/03/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\SkypePlugin =>.Skype Technologies
O43 - CFD: 04/11/2016 - [] D -- C:\Users\AYMEN\AppData\Local\SLAM =>.Games Software
O43 - CFD: 22/04/2017 - [] D -- C:\Users\AYMEN\AppData\Local\Sony =>.Sony
O43 - CFD: 01/10/2017 - [] D -- C:\Users\AYMEN\AppData\Local\Spotify =>.Spotify
O43 - CFD: 07/05/2017 - [] D -- C:\Users\AYMEN\AppData\Local\SquirrelTemp =>.Squirrels
O43 - CFD: 12/12/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\Steam =>.Steam Games
O43 - CFD: 31/03/2017 - [] D -- C:\Users\AYMEN\AppData\Local\SUPERHOT_Sp_z_o.o
O43 - CFD: 08/07/2016 - [] D -- C:\Users\AYMEN\AppData\Local\supraball-launcher
O43 - CFD: 01/12/2017 - [] D -- C:\Users\AYMEN\AppData\Local\Survarium-Steam
O43 - CFD: 09/08/2017 - [] D -- C:\Users\AYMEN\AppData\Local\TechSmith =>.TechSmith
O43 - CFD: 17/08/2015 - [] DC -- C:\Users\AYMEN\AppData\Local\TeknoGods
O43 - CFD: 15/04/2017 - [0] D -- C:\Users\AYMEN\AppData\Local\TempOfficeC2R915108DA-D31A-4EBA-B085-A7EF464DC53A
O43 - CFD: 24/03/2017 - [0] D -- C:\Users\AYMEN\AppData\Local\Ubisoft Game Launcher =>.Ubisoft
O43 - CFD: 06/07/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\Unity =>.Unity
O43 - CFD: 22/04/2017 - [] D -- C:\Users\AYMEN\AppData\Local\VEGAS =>.VEGAS
O43 - CFD: 22/04/2017 - [] D -- C:\Users\AYMEN\AppData\Local\VEGAS Pro
O43 - CFD: 11/01/2017 - [] D -- C:\Users\AYMEN\AppData\Local\Warframe =>.Digital Extremes
O43 - CFD: 24/03/2016 - [] DC -- C:\Users\AYMEN\AppData\Local\wf-launcher
O43 - CFD: 04/08/2016 - [] D -- C:\Users\AYMEN\AppData\Local\Wondershare =>.Wondershare
O43 - CFD: 28/04/2017 - [] D -- C:\Users\AYMEN\AppData\Local\Zaczero
O43 - CFD: 13/05/2018 - [] D -- C:\Users\AYMEN\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 08/05/2016 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Adobe =>.Adobe
O43 - CFD: 22/04/2016 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\BAVData
O43 - CFD: 15/08/2016 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Deceptive Games
O43 - CFD: 05/08/2015 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Google =>.Google
O43 - CFD: 13/06/2017 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Heroes and Generals =>.Games Software
O43 - CFD: 06/09/2016 - [0] DC -- C:\Users\AYMEN\AppData\LocalLow\Intel =>.Intel Corporation
O43 - CFD: 16/05/2016 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\IObit =>.IObit
O43 - CFD: 13/05/2018 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Mozilla =>.Mozilla Corporation
O43 - CFD: 04/07/2016 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\NLTech
O43 - CFD: 22/08/2015 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Oracle =>.Oracle
O43 - CFD: 17/08/2015 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Section Studios
O43 - CFD: 14/03/2017 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\SKS
O43 - CFD: 31/07/2015 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Sun =>.Oracle
O43 - CFD: 31/03/2017 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\SUPERHOT_Team
O43 - CFD: 31/10/2016 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\UIG
O43 - CFD: 19/01/2016 - [] DC -- C:\Users\AYMEN\AppData\LocalLow\Unity =>.Unity
O43 - CFD: 13/05/2018 - [] DC -- C:\Users\AYMEN\Desktop\nothing stop me
O43 - CFD: 13/05/2018 - [] DC -- C:\Users\AYMEN\Desktop\دراسة
O43 - CFD: 12/04/2018 - [] RDC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 05/04/2016 - [0] DC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AoaoPhoto Digital Studio =>.AoaoPhoto Digital Studio
O43 - CFD: 05/02/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
O43 - CFD: 08/04/2018 - [0] D -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell =>.Dell
O43 - CFD: 31/08/2017 - [0] D -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc =>.Discord Inc
O43 - CFD: 05/02/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc =>.Hammer & Chisel, Inc
O43 - CFD: 20/07/2016 - [0] DC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line =>.Image-Line
O43 - CFD: 05/02/2018 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 13/03/2017 - [0] D -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MobiKin
O43 - CFD: 05/02/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games =>.My.com
O43 - CFD: 05/02/2018 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pdfFactory Pro
O43 - CFD: 20/11/2015 - [0] DC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder =>.SNC
O43 - CFD: 06/07/2016 - [0] DC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
O43 - CFD: 05/02/2018 - [] D -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games
O43 - CFD: 05/02/2018 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs =>.Topaz Labs
O43 - CFD: 23/11/2016 - [0] D -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio
O43 - CFD: 05/02/2018 - [] DC -- C:\Users\AYMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 07/10/2016 - [] D -- C:\Users\Default\AppData\Local\ATI =>.ATI
O43 - CFD: 07/10/2016 - [] D -- C:\Users\Default User\AppData\Local\ATI =>.ATI
O43 - CFD: 09/02/2018 - [0] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\DBG =>.DBG
---\\ ShellIconOverlayIdentifiers (SIOI) (6) - 1s
O106 - SIOI: [ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll =>.Tonec Inc.®
O106 - SIOI: [ AccExtIco1] - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}. (. - Core Sync.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated®
O106 - SIOI: [ AccExtIco2] - {853B7E05-C47D-4985-909A-D0DC5C6D7303}. (. - Core Sync.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated®
O106 - SIOI: [ AccExtIco3] - {42D38F2E-98E9-4382-B546-E24E4D6D04BB}. (. - Core Sync.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated®
O106 - SIOI: [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\WINDOWS\System32\cscui.dll =>.Microsoft Corporation
---\\ Search Context Menu Handlers (SCMH) (35) - 3s
O108 - CMH1: ###MegaContextMenuExt [64Bits] - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (.Orphan.)
O108 - CMH1: AccExt [64Bits] - {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} . (. - Core Sync.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated®
O108 - CMH1: ANotepad++64 [64Bits] - {B298D29A-A6ED-11DE-BA8C-A68E55D89593} . (. - ShellHandler for Notepad++ (64 bit).) -- C:\Program Files (x86)\Notepad++\NppShell_06.dll =>.Notepad++®
O108 - CMH1: Baidu_Scan [64Bits] - {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} . (.Orphan.)
O108 - CMH1: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- C:\Program Files\Windows Defender\shellext.dll =>.Microsoft Windows®
O108 - CMH1: ModernSharing [64Bits] - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH1: SHAREit.FileContextMenuExt [64Bits] - {430BD134-576D-4E75-87CD-0F5C6221A82B} . (.Orphan.)
O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: TotalConverter [64Bits] - {280CFDE1-1354-4431-92F3-03073BA593FB} . (...) -- f:\Program Files (x86)\CoolUtils\TotalAudioConverter\axTotalConverter64.dll (.not file.)
O108 - CMH1: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH1: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH2: Baidu_Scan [64Bits] - {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} . (.Orphan.)
O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH4: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- C:\Program Files\Windows Defender\shellext.dll =>.Microsoft Windows®
O108 - CMH4: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - Client Side Caching UI.) -- C:\WINDOWS\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH4: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH5: ACE [64Bits] - {5E2121EE-0300-11D4-8D3B-444553540000} . (.Advanced Micro Devices, Inc. - AMD Desktop Control Panel.) -- C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll =>.Advanced Micro Devices, Inc.®
O108 - CMH5: igfxDTCM [64Bits] - {9B5F5829-A529-4B12-814A-E81BCB8D93FC} . (.Intel Corporation - igfxDTCM Module.) -- C:\WINDOWS\system32\igfxDTCM.dll =>.Intel Corporation
O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH5: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH6: AccExt [64Bits] - {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} . (. - Core Sync.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated®
O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH6: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - Client Side Caching UI.) -- C:\WINDOWS\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH6: PintoStartScreen [64Bits] - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - App Resolver.) -- C:\Windows\System32\appresolver.dll =>.Microsoft Windows®
O108 - CMH6: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O108 - CMH7: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- C:\Program Files\Windows Defender\shellext.dll =>.Microsoft Windows®
O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
---\\ Image File Execution Options (18) - 2s
O50 - IFEO:C:\Windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\\3] =>.Microsoft Windows®
O50 - IFEO:C:\WINDOWS\System32\drvinst.exe - (.Microsoft Corporation - Driver Installation Module.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialization Utility.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mmc.exe - (.Microsoft Corporation - Microsoft Management Console.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\MRT.exe - (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) [CFGOptions\\1] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\\1118481] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\rundll32.exe - (.Microsoft Corporation - Windows host process (Rundll32).) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\\4294967296] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Host Process for Windows Services.) [MinimumStackCommitInBytes\\32768] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Host Process for Windows Services.) [MitigationAuditOptions\\17660905521152] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
---\\ System Drivers List (121) - 24s
O58 - SDL:2017/06/18 11:33:24 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\01232848.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/15 15:47:14 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\0DE10029.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/18 11:38:08 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\15272BE7.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/11 06:35:05 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\184E2107.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/11 06:03:44 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\18B60908.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/11 06:02:40 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\199C0837.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/15 15:48:13 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\3B0D00E9.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/10 14:46:40 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\3D1D4B23.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/09/29 14:41:02 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107416] =>.Microsoft Windows®
O58 - SDL:2017/06/11 06:43:26 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\4346276B.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/05/28 16:54:21 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\4A8C3522.sys [251832] =>.Malwarebytes Corporation®
O58 - SDL:2017/05/29 13:21:33 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\56F36062.sys [251832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/18 11:34:21 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\5A562902.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/18 11:38:01 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\6F402BD0.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/15 15:47:56 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\714A00B2.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/07/01 23:48:26 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\7B145295.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/09/29 14:41:02 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135512] =>.Microsoft Windows®
O58 - SDL:2015/07/31 22:36:58 A . (.Advanced Micro Devices, Inc. - AMD PCI Root Bus Lower Filter.) -- C:\WINDOWS\System32\drivers\amdkmpfd.sys [82696] =>.Advanced Micro Devices, Inc.®
O58 - SDL:2017/09/29 14:41:02 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83352] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [258592] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [27032] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131992] =>.Microsoft Windows®
O58 - SDL:2015/07/30 23:04:51 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\aswTap.sys [44640] =>.AVAST Software a.s.®
O58 - SDL:2015/06/16 02:29:58 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\drivers\athw10x.sys [4316784] =>.Qualcomm Atheros Communications, Inc.
O58 - SDL:2017/09/29 14:40:59 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\drivers\athw8x.sys [4233728] =>.Qualcomm Atheros Communications, Inc.
O58 - SDL:2013/08/15 20:13:30 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\drivers\athwbx.sys [3859968] =>.Qualcomm Atheros Communications, Inc.
O58 - SDL:2015/09/01 10:01:10 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\atikmdag.sys [21655080] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2015/09/01 10:01:08 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\WINDOWS\System32\drivers\atikmpag.sys [686120] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2017/09/29 14:41:02 A . (. - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Broadcom Corporation
O58 - SDL:2015/06/29 19:59:52 A . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\WINDOWS\System32\drivers\btfilter.sys [609992] =>.Qualcomm Atheros®
O58 - SDL:2017/09/29 14:41:01 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [533912] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\cht4dx64.sys [141208] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) -- C:\WINDOWS\System32\drivers\cht4sx64.sys [357272] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T5/T6 Chip.) -- C:\WINDOWS\System32\drivers\cht4vx64.sys [1723288] =>.Microsoft Windows®
O58 - SDL:2013/06/29 17:10:58 A . (.Mobile Connector - USB Modem/Serial Device Driver.) -- C:\WINDOWS\System32\drivers\cmusbser.sys [118144] =>.Mobile Connector
O58 - SDL:2017/12/14 11:16:00 A . (.Dell Inc. - DDDriver.sys.) -- C:\WINDOWS\System32\drivers\DDDriver64Dcsa.sys [41608] =>.Techporch Incorporated®
O58 - SDL:2017/12/14 11:16:00 A . (.Dell Computer Corporation - DellProf.sys.) -- C:\WINDOWS\System32\drivers\DellProf.sys [41208] =>.Techporch Incorporated®
O58 - SDL:2015/10/29 18:23:56 AC . (.American Megatrends Inc. - DuOS DuoVM Driver.) -- C:\WINDOWS\System32\drivers\DuoVMDrv.sys [246720] {5F2E8BED39F2DAF916B80B78BA5058E9} =>.American Megatrends Inc.
O58 - SDL:2017/09/29 14:41:01 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3419032] =>.Microsoft Windows®
O58 - SDL:2018/05/13 10:59:24 A . (.Malwarebytes - Malwarebytes Anti-Ransomware Protection.) -- C:\WINDOWS\System32\drivers\farflt.sys [112864] =>.Malwarebytes Corporation®
O58 - SDL:2015/05/07 10:49:50 A . (.Intel Corporation - BIOS Update Driver.) -- C:\WINDOWS\System32\drivers\flashud.sys [51712] =>.Intel Corporation
O58 - SDL:2014/12/23 17:02:22 AC . (.NETGATE Technologies s.r.o. - FortKnox Personal Firewall.) -- C:\WINDOWS\System32\drivers\fortknoxfw.sys [71504] =>.NETGATE Technologies s.r.o.®
O58 - SDL:2012/07/17 18:12:08 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECIx64.sys [62784] =>.Intel Corporation®
O58 - SDL:2017/09/29 14:41:02 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [63520] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:40:59 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys [36864] =>.Intel(R) Corporation
O58 - SDL:2017/09/29 14:40:59 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [91648] =>.Intel(R) Corporation
O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360] =>.Intel Corporation
O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576] =>.Intel Corporation
O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520] =>.Intel Corporation
O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592] =>.Intel Corporation
O58 - SDL:2017/09/29 14:41:01 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2013/08/30 21:18:02 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorA.sys [644968] =>.Intel Corporation - Intel® Rapid Storage Technology®
O58 - SDL:2017/09/29 14:41:03 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [674200] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:03 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412056] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [526232] =>.Microsoft Windows®
O58 - SDL:2016/05/16 13:33:48 A . (.Intel Corporation - Intel(R) Watchdog Timer Driver (Intel(R) WD.) -- C:\WINDOWS\System32\drivers\ICCWDT.sys [38680] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
O58 - SDL:2018/03/01 15:36:14 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\WINDOWS\System32\drivers\idmwfp.sys [226032] =>.Tonec Inc.®
O58 - SDL:2016/05/03 23:30:46 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [3811288] =>.Intel(R) pGFX®
O58 - SDL:2015/08/21 11:50:48 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [463112] =>.Intel Corporation - Client Components Group®
O58 - SDL:2015/12/01 20:46:03 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\intelaud.sys [50160] =>.Intel(R) Wireless Display®
O58 - SDL:2017/09/12 04:14:02 A . (.Intel Corporation - Intel(R) Network Adapter Diagnostic Driver.) -- C:\WINDOWS\System32\drivers\iqvw64e.sys [37832] =>.Intel(R) Intel Network Drivers®
O58 - SDL:2015/12/01 20:46:03 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\iwdbus.sys [38896] =>.Intel(R) Wireless Display®
O58 - SDL:2017/09/29 14:41:02 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108064] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [123800] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [103320] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82840] =>.Microsoft Windows®
O58 - SDL:2018/03/19 12:57:14 A . (...) -- C:\WINDOWS\System32\drivers\mbae64.sys [76192] =>.Malwarebytes Corporation®
O58 - SDL:2018/05/13 11:51:09 A . (.Malwarebytes - Malwarebytes Real-Time Protection.) -- C:\WINDOWS\System32\drivers\mbam.sys [44768] =>.Malwarebytes Corporation®
O58 - SDL:2018/05/13 11:51:04 A . (.Malwarebytes - Malwarebytes Chameleon.) -- C:\WINDOWS\System32\drivers\MbamChameleon.sys [193768] =>.Malwarebytes Corporation®
O58 - SDL:2018/05/13 07:19:01 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [253664] =>.Malwarebytes Corporation®
O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59800] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys [63520] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575896] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [842648] =>.Microsoft Windows®
O58 - SDL:2018/03/29 21:54:08 A . (.LLC Mail.Ru - Mail.Ru AntiCheat Driver.) -- C:\WINDOWS\System32\drivers\mracdrv.sys [9188520] {0D80906F98A4F294ECE988859BB8D5DB} =>.LLC Mail.Ru
O58 - SDL:2017/09/29 14:41:02 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63896] =>.Microsoft Windows®
O58 - SDL:2018/05/13 10:59:24 A . (.Malwarebytes - Malwarebytes Web Protection.) -- C:\WINDOWS\System32\drivers\mwac.sys [102112] =>.Malwarebytes Corporation®
O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [108952] =>.Microsoft Windows®
O58 - SDL:2013/03/01 02:49:12 AC . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\WINDOWS\System32\drivers\npf.sys [36600] =>.Riverbed Technology, Inc.®
O58 - SDL:2017/09/29 14:41:02 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150424] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166296] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58776] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [61848] =>.Microsoft Windows®
O58 - SDL:2016/04/21 12:24:28 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\ptun0901.sys [27136] =>.The OpenVPN Project
O58 - SDL:2016/06/08 14:01:28 A . (.Resplendence Software Projects Sp. - Resplendence WhySoSlow Monitoring Driver.) -- C:\WINDOWS\System32\drivers\rspWhy64.sys [28928] =>.Daniel Terhell®
O58 - SDL:2018/04/08 17:45:31 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Dr.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [1026896] =>.Realtek Semiconductor Corp.®
O58 - SDL:2017/09/29 14:41:14 RA . (.Realtek - Realtek PCIe GBE Family Controller Flight.) -- C:\WINDOWS\System32\drivers\rteth.sys [59904] =>.Realtek
O58 - SDL:2015/05/26 18:55:32 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4468952] =>.Realtek Semiconductor Corp®
O58 - SDL:2015/08/13 06:31:18 A . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\WINDOWS\System32\drivers\RtsUer.sys [410848] =>.Realtek Semiconductor Corp®
O58 - SDL:2016/03/29 19:14:02 A . (.Screaming Bee Inc - Screaming Bee Virtual Microphone.) -- C:\WINDOWS\System32\drivers\ScreamingBAudio64.sys [54000] =>.Screaming Bee Inc®
O58 - SDL:2016/03/09 20:43:14 AC . (...) -- C:\WINDOWS\System32\drivers\semav6msr64.sys [21984] =>.Intel(R) Code Signing External®
O58 - SDL:2017/09/29 14:41:02 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44952] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81816] =>.Microsoft Windows®
O58 - SDL:2018/04/08 17:48:46 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys [59480] =>.Synaptics Incorporated®
O58 - SDL:2018/04/08 17:48:46 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [63576] =>.Synaptics Incorporated®
O58 - SDL:2018/04/08 17:48:46 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys [63576] =>.Synaptics Incorporated®
O58 - SDL:2016/04/05 23:24:31 AC . (.Duplex Secure Ltd - SCSI Pass Through Direct Driver.) -- C:\WINDOWS\System32\drivers\sptd2.sys [203832] =>.Disc Soft Ltd®
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [108800] =>.DEVGURU CO LTD®
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [206080] =>.DEVGURU CO LTD®
O58 - SDL:2014/01/22 08:52:12 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Mobile OBEX Device Driver (MSS.) -- C:\WINDOWS\System32\drivers\ssudobex.sys [206080] =>.DEVGURU CO LTD®
O58 - SDL:2017/09/29 14:41:02 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31128] =>.Microsoft Windows®
O58 - SDL:2018/04/08 17:48:46 A . (.Synaptics Incorporated - Synaptics I2C Driver.) -- C:\WINDOWS\System32\drivers\SynRMIHID_Aux.sys [57432] =>.Synaptics Incorporated®
O58 - SDL:2018/04/08 17:48:46 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [876632] =>.Synaptics Incorporated®
O58 - SDL:2014/11/05 14:16:32 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\tap0901.sys [27136] =>.The OpenVPN Project
O58 - SDL:2016/04/26 16:10:00 A . (.Tunngle.net GmbH - TAP-Win32 Virtual Network Driver (NDIS 6.0).) -- C:\WINDOWS\System32\drivers\tap0901t.sys [48824] =>.Tunngle.net GmbH®
O58 - SDL:2016/05/27 11:34:56 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\WINDOWS\System32\drivers\taphss6.sys [42064] =>.AnchorFree Inc®
O58 - SDL:2016/01/19 22:50:38 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [202032] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
O58 - SDL:2015/09/19 14:32:17 AC . (...) -- C:\WINDOWS\System32\drivers\TrueSight.sys [37624] =>.Adlice®
O58 - SDL:2016/09/30 01:12:02 A . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\WINDOWS\System32\drivers\vmci.sys [105024] =>.VMware, Inc.®
O58 - SDL:2016/11/11 23:16:40 A . (.VMware, Inc. - VMware VMware Input Filter and Injection Dr.) -- C:\WINDOWS\System32\drivers\vmkbd.sys [52288] =>.VMware, Inc.®
O58 - SDL:2015/11/05 18:53:25 AC . (...) -- C:\WINDOWS\System32\drivers\voxaldriverx64.sys [34512] =>.NCH Software®
O58 - SDL:2017/09/29 14:41:02 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166808] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305560] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [32152] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [64920] =>.Microsoft Windows®
O58 - SDL:2016/12/23 08:24:48 A . (...) -- C:\WINDOWS\System32\ambakdrv.sys [51120] =>.CHENGDU AOMEI Tech Co., Ltd.®
O58 - SDL:2016/12/23 08:24:48 A . (...) -- C:\WINDOWS\System32\ammntdrv.sys [171952] =>.CHENGDU AOMEI Tech Co., Ltd.®
O58 - SDL:2016/12/25 23:26:16 A . (...) -- C:\WINDOWS\System32\ampa.sys [38320] =>.CHENGDU AOMEI Tech Co., Ltd.®
O58 - SDL:2016/12/23 08:24:48 A . (...) -- C:\WINDOWS\System32\amwrtdrv.sys [38320] =>.CHENGDU AOMEI Tech Co., Ltd.®
O58 - SDL:2015/06/16 02:29:58 N . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\athw10x.sys [4316784] =>.Qualcomm Atheros Communications, Inc.
---\\ Last modified or created user files (4) - 98s
O61 - LFC: 2018/05/13 10:39:55 AC . (..) -- C:\Users\AYMEN\Downloads\ccsetup542pro.exe [0]
O61 - LFC: 2018/05/13 10:19:23 AC . (..) -- C:\Users\AYMEN\Downloads\Firefox Installer (1).exe [0]
O61 - LFC: 2018/05/13 10:19:07 AC . (..) -- C:\Users\AYMEN\Downloads\Firefox Installer.exe [0]
O61 - LFC: 2018/05/13 11:57:31 A . (.Solvusoft.) -- C:\Users\AYMEN\Downloads\Setup_WinThruster_2018.exe [2748472] {0087212C793673F38A9FDD9E7EE670CD33} =>.SUP.WinThruster
---\\ File Associations Shell Spawning (8) - 0s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.html>
---\\ Start Menu Internet (16) - 1s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Search Browser Infection (6) - 23s
O69 - SBI: prefs.js [AYMEN - z6m4so44.default-1459101750759] user_pref("browser.search.selectedEngine", "Search Provided by Yahoo"); =>.SUP.SearchProvided
O69 - SBI: prefs.js [AYMEN - z6m4so44.default-1459101750759] user_pref("browser.search.defaultenginename", "Search Provided by Yahoo"); =>.SUP.SearchProvided
O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
---\\ Search Svchost Services (48) - 1s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [188928] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [188928] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [270848] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1275904] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [984064] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [820224] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [30720] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [144896] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [150528] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [109056] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [880640] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [220160] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [407040] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [387584] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [108544] =>.Microsoft Corporation
O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) -- C:\Windows\System32\PushToInstall.dll [254976] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\Windows\System32\Windows.SharedPC.AccountManager.dll [194560] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\Windows\System32\XblGameSave.dll [1272320] =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Natural Authentication Service.) -- C:\Windows\System32\NaturalAuth.dll [795136] =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) -- C:\Windows\System32\TokenBroker.dll [1228800] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll [46080] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\Windows\System32\XblAuthManager.dll [1107968] =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infrared Monitor.) -- C:\Windows\System32\irmon.dll [24576] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [104960] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [930816] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [491520] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [73216] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [601088] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [307200] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2784256] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [1346560] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [613376] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [702464] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\Windows\System32\dmwappushsvc.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight Settings.) -- C:\Windows\System32\flightsettings.dll [779264] =>.Microsoft Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) -- C:\Windows\System32\WpnService.dll [284672] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\Windows\System32\XboxNetApiSvc.dll [1143808] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\Windows\System32\usocore.dll [1298944] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\Windows\System32\usermgr.dll [951808] =>.Microsoft Corporation
O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) -- C:\Windows\System32\InstallService.dll [1313792] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [69632] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [387072] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [238080] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\Windows\System32\NetSetupSvc.dll [308224] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\NcaSvc.dll [170496] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\System32\wlidsvc.dll [2222592] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) -- C:\Windows\System32\XboxGipSvc.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [196096] =>.Microsoft Corporation
---\\ Firewall Active Exception List (30) - 11s
O87 - FAEL: "{1EA7CED7-AE3C-408B-A804-2F5175A7C787}" [In-None-P17-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe =>.Valve®
O87 - FAEL: "{62ADE26A-FD74-4813-B8ED-F2A5C08758D1}" [In-None-P6-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe =>.Valve®
O87 - FAEL: "UDP Query User{8FD7D264-4A0A-4A39-BC5D-6728792B4117}E:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe" [In-None-P17-TRUE] .(...) -- E:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe =>.Mail.Ru, LLC®
O87 - FAEL: "TCP Query User{6B34301B-D570-4B59-9483-2F62199CCE5B}E:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe" [In-None-P6-TRUE] .(...) -- E:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe =>.Mail.Ru, LLC®
O87 - FAEL: "UDP Query User{584EBD1E-D5A8-4CD7-BC2E-0991F7954F88}C:\users\aymen\desktop\dune 2000\dune2000.dat" [In-None-P17-TRUE] .(...) -- C:\users\aymen\desktop\dune 2000\dune2000.dat (.not file.) =>.SUP.Orphan
O87 - FAEL: "TCP Query User{0C708224-C4D4-4E87-9561-77AF3464E6C0}C:\users\aymen\desktop\dune 2000\dune2000.dat" [In-None-P6-TRUE] .(...) -- C:\users\aymen\desktop\dune 2000\dune2000.dat (.not file.) =>.SUP.Orphan
O87 - FAEL: "{BA82E40F-10C4-46B1-84DC-58C98F798416}" [In-None-P17-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe =>.Mail.Ru, LLC®
O87 - FAEL: "{23EB1AF8-0E04-4A52-9253-00FF64B7C4E7}" [In-None-P6-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe =>.Mail.Ru, LLC®
O87 - FAEL: "{8CDC7C35-DE41-432A-9C3A-524BB666D4E7}" [In-None-P17-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\hl2.exe =>.Valve®
O87 - FAEL: "{0D50680D-40F5-421F-9617-92AC9235025C}" [In-None-P6-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\hl2.exe =>.Valve®
O87 - FAEL: "{4B1C6D57-CC8F-4052-A9E8-398297B968B2}" [In-None-P17-TRUE] .(...) -- C:\Program Files\AMI\DuOS\CamProvider.exe
O87 - FAEL: "{63BC4F92-8F12-4FAD-A249-CE379FD17881}" [Out-None-P17-TRUE] .(...) -- C:\Program Files\AMI\DuOS\CamProvider.exe
O87 - FAEL: "{9178DB02-F6A5-4D33-87D0-A9C409207568}" [In-None-P17-TRUE] .(...) -- C:\Program Files\AMI\DuOS\..\DuoVM\DuoVMHeadless.exe {372C81C75EB7FD87BDFFF3C2AC0A3D5D}
O87 - FAEL: "{D5A2163E-ECB5-49FF-9FBB-1B8C8218579C}" [Out-None-P17-TRUE] .(...) -- C:\Program Files\AMI\DuOS\..\DuoVM\DuoVMHeadless.exe {372C81C75EB7FD87BDFFF3C2AC0A3D5D}
O87 - FAEL: "TCP Query User{49B6C10E-1DBB-4A02-B80F-E2BF12F8A679}F:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe" [In-None-P6-TRUE] .(...) -- F:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe
O87 - FAEL: "UDP Query User{8F20574E-D145-4618-BDF5-FDDC41000FEA}F:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe" [In-None-P17-TRUE] .(...) -- F:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe
O87 - FAEL: "{E7797A2D-F465-40AA-89DA-3F2140AD43BE}" [In-None-P6-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Valve®
O87 - FAEL: "{31E5FF68-4AD4-4361-B938-86DB75B7150A}" [In-None-P17-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Valve®
O87 - FAEL: "{D635924A-A296-489C-B10E-630EA9CFAFC6}" [In-None-P6-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe =>.Steam Games
O87 - FAEL: "{00711660-7315-4EFF-97FB-FDFE3D17C819}" [In-None-P17-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe =>.Steam Games
O87 - FAEL: "TCP Query User{8FEB5131-2854-4298-B939-ABC526578C42}E:\program files (x86)\steam\steamapps\common\dawarfaceda\mycomgames\mycomgames.exe" [In-None-P6-TRUE] .(...) -- E:\program files (x86)\steam\steamapps\common\dawarfaceda\mycomgames\mycomgames.exe =>.Mail.Ru, LLC®
O87 - FAEL: "UDP Query User{942DBB4B-F31D-4FB4-92AD-3FBB38D59E78}E:\program files (x86)\steam\steamapps\common\dawarfaceda\mycomgames\mycomgames.exe" [In-None-P17-TRUE] .(...) -- E:\program files (x86)\steam\steamapps\common\dawarfaceda\mycomgames\mycomgames.exe =>.Mail.Ru, LLC®
O87 - FAEL: "TCP Query User{56AD99D6-D41A-45CA-8D88-61E6CAF26B1A}E:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe" [In-None-P6-TRUE] .(...) -- E:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe =>.Mail.Ru, LLC®
O87 - FAEL: "UDP Query User{632A0E12-96B8-4EF6-985E-69B86B546CF7}E:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe" [In-None-P17-TRUE] .(...) -- E:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe =>.Mail.Ru, LLC®
O87 - FAEL: "TCP Query User{81C90E2E-940E-4272-A0E4-655FA0576E9D}F:\program files (x86)\hyxd\engine\binaries\win32\hyxd.exe" [In-None-P6-TRUE] .(...) -- F:\program files (x86)\hyxd\engine\binaries\win32\hyxd.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O87 - FAEL: "UDP Query User{9F6321B8-D6A0-4B70-BBAC-D267AC667CD8}F:\program files (x86)\hyxd\engine\binaries\win32\hyxd.exe" [In-None-P17-TRUE] .(...) -- F:\program files (x86)\hyxd\engine\binaries\win32\hyxd.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O87 - FAEL: "TCP Query User{6AF8E030-C8DE-441B-9B43-AF71FDBB7BD2}F:\program files (x86)\hyxd\engine\binaries\win32\cc\ccmini.exe" [In-None-P6-FALSE] .(.网易公司 - CC直播软件.) -- F:\program files (x86)\hyxd\engine\binaries\win32\cc\ccmini.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O87 - FAEL: "UDP Query User{11EE2801-02EB-40F1-9CBC-96DCCE573A26}F:\program files (x86)\hyxd\engine\binaries\win32\cc\ccmini.exe" [In-None-P17-FALSE] .(.网易公司 - CC直播软件.) -- F:\program files (x86)\hyxd\engine\binaries\win32\cc\ccmini.exe =>.NetEase(Hangzhou) Network Co. Ltd.®
O87 - FAEL: "TCP Query User{B31F3D7E-93C5-4B32-A2AC-A7DD5B81E707}F:\games\blur\blur.exe" [In-None-P6-TRUE] .(...) -- F:\games\blur\blur.exe
O87 - FAEL: "UDP Query User{CF49FBE0-775C-4EAA-A67D-43B1F60B6020}F:\games\blur\blur.exe" [In-None-P17-TRUE] .(...) -- F:\games\blur\blur.exe
---\\ Product Upgrade Codes (7) - 0s
O90 - PUC: "2B2307032FA67D649B332634D8BEB2A9" [HKLM] . (.Maxx Audio Installer (x64).) -- C:\WINDOWS\Installer\{307032B2-6AF2-46D7-B933-62438DEB2B9A}\ARPPRODUCTICON.exe
O90 - PUC: "7D2F387510059040002000060BECB6AB" [HKLM] . (.AutoCAD 2007 - English.)
O90 - PUC: "A6B9578B1DE2EEBF9F459AE9BEC8D34F" [HKLM] . (.AMD Install Manager.) -- C:\WINDOWS\Installer\{B8759B6A-2ED1-FBEE-F954-A99EEB8C3DF4}\ARPPRODUCTICON.exe
O90 - PUC: "ABEEF276C92F36348A0DE8AB1662B588" [HKLM] . (.AE CC x64.) -- C:\WINDOWS\Installer\{672FEEBA-F29C-4363-A8D0-8EBA61265B88}\ARPPRODUCTICON.exe
O90 - PUC: "D81EABF14ED4AA7438CE1D0B642F26CD" [HKLM] . (.PDF Settings CC.)
O90 - PUC: "A4FCC3782CF65A96A94DDF737DCF6E9B" [HKCU] . (.PX Profile Update.) -- %APPDATA%\Microsoft\Installer\{873CCF4A-6FC2-69A5-9AD4-FD37D7FCE6B9}\ARPPRODUCTICON.exe
O90 - PUC: "A4FCC3782CF65A96A94DDF737DCF6E9B" [HKU] . (.PX Profile Update.) -- %APPDATA%\Microsoft\Installer\{873CCF4A-6FC2-69A5-9AD4-FD37D7FCE6B9}\ARPPRODUCTICON.exe
---\\ Windows Installer Scan (73) - 36s
[MD5.F0EE2E7F283866A2A0FEA9BE2D12A979] [WIS][2018/02/27 23:33:10] (.Google Inc. - Google Update Helper.) -- C:\WINDOWS\Installer\114b41f6.msi [40960] =>.Google Inc.
[MD5.23B97F4BEDD554D3F629B60637AFC936] [WIS][2015/03/17 09:42:22] (.Adobe Systems Incorporated.) -- C:\WINDOWS\Installer\130839f6.msi [2792960] =>.Adobe Systems Incorporated
[MD5.76CC303E2EF8E1C66CB29759ED0B2C07] [WIS][2006/03/10 20:07:26] (.Autodesk, Inc. - AutoCAD 2007.) -- C:\WINDOWS\Installer\15b4389.msi [4748800] =>.Autodesk, Inc.
[MD5.8545FEC35C50F0F8C535516A935915DB] [WIS][2017/01/22 21:43:17] (.Adobe Systems Incorporated.) -- C:\WINDOWS\Installer\2b230d.msi [93054976] =>.Adobe Systems Incorporated
[MD5.73FE7C6D4F30EEB6509E14C0A979271C] [WIS][2018/04/08 15:46:32] (.Dell Inc. - Dell SupportAssist Agent.) -- C:\WINDOWS\Installer\31b0923.msi [3534336] =>.Dell Inc.
[MD5.40F40A74CBA9C7CDC393E7E5674A85A3] [WIS][2018/04/08 16:53:56] (.InstallShield.) -- C:\WINDOWS\Installer\350c29a.msi [3850240] =>.InstallShield
[MD5.41F5AA8C3A635A3D28F7A404CB8C4D59] [WIS][2016/08/31 00:51:34] (.Advanced Micro Devices, Inc. - AMD Installer (64 bit).) -- C:\WINDOWS\Installer\3d5feea.msi [10629632] =>.Advanced Micro Devices, Inc.
[MD5.A84C71A679722A78B491681B196015EF] [WIS][2015/07/16 20:43:24] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\3f3cc.msi [786432] =>.Advanced Micro Devices, Inc.
[MD5.ACAC15FFBBCC106D26896E15B7A18D26] [WIS][2015/08/25 18:30:16] (.AMD - PX Profile Update.) -- C:\WINDOWS\Installer\41f9bcd.msi [662528] =>.AMD
[MD5.44C53A7841236C4F7BD686CA3CA4C913] [WIS][2013/08/01 23:26:26] (.Advanced Micro Devices, Inc. - Branding.) -- C:\WINDOWS\Installer\41f9bd4.msi [420864] =>.Advanced Micro Devices, Inc.
[MD5.A70B9C888FFB1ACEC45BE5782C0F54AD] [WIS][2015/08/25 18:26:20] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9bdb.msi [702464] =>.Advanced Micro Devices, Inc.
[MD5.788B56EFAC1B97AC08D289DF1A6BD413] [WIS][2015/08/25 18:26:28] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9be2.msi [724992] =>.Advanced Micro Devices, Inc.
[MD5.FF7452E48DC872B020D9C155E5647364] [WIS][2015/08/25 18:26:36] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9be9.msi [683520] =>.Advanced Micro Devices, Inc.
[MD5.B3A38E3756FCD246ED44225461ECBA22] [WIS][2015/08/25 18:26:44] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9bf0.msi [711680] =>.Advanced Micro Devices, Inc.
[MD5.43D8F37317595BBA4C76CDE2C9EA30B0] [WIS][2015/08/25 18:26:52] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9bf7.msi [705024] =>.Advanced Micro Devices, Inc.
[MD5.C1CCAB5C2B8A72AB3CD7A56295A54B4E] [WIS][2015/08/25 18:27:00] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9bfe.msi [720384] =>.Advanced Micro Devices, Inc.
[MD5.5787612689D5770516BDDA18E253126E] [WIS][2015/08/25 18:27:08] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c05.msi [709632] =>.Advanced Micro Devices, Inc.
[MD5.3A3BFA10F6F08247EA8BF22876390875] [WIS][2015/08/25 18:27:14] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c0c.msi [754688] =>.Advanced Micro Devices, Inc.
[MD5.C364485C150834CC71D04F86A52242DB] [WIS][2015/08/25 18:27:22] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c13.msi [734720] =>.Advanced Micro Devices, Inc.
[MD5.4EA20AF02EE6C96BF8E8374F06008550] [WIS][2015/08/25 18:27:30] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c1a.msi [702464] =>.Advanced Micro Devices, Inc.
[MD5.B7D0227A2679274D3DFFD5E39F26B299] [WIS][2015/08/25 18:27:38] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c21.msi [696832] =>.Advanced Micro Devices, Inc.
[MD5.499A6BF420DCAF85B4D52D06E29668AE] [WIS][2015/08/25 18:27:46] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c28.msi [711680] =>.Advanced Micro Devices, Inc.
[MD5.7D9DE0731F7FEAB7D85F6D0824AAAB56] [WIS][2015/08/25 18:27:54] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c2f.msi [811008] =>.Advanced Micro Devices, Inc.
[MD5.7DB483FDBC72045D17770B767B860729] [WIS][2015/08/25 18:28:02] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c36.msi [700928] =>.Advanced Micro Devices, Inc.
[MD5.613D00C93277A501F5E13F59ED6FB954] [WIS][2015/08/25 18:28:10] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c3d.msi [707072] =>.Advanced Micro Devices, Inc.
[MD5.B2D5842889117BC42024DC0F4CF8AC4B] [WIS][2015/08/25 18:28:18] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c44.msi [709632] =>.Advanced Micro Devices, Inc.
[MD5.BD06929E00277829F9A2137BD857ABE7] [WIS][2015/08/25 18:28:28] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c4b.msi [912896] =>.Advanced Micro Devices, Inc.
[MD5.8174D3FB270D04B406049E86BF5F01ED] [WIS][2015/08/25 18:26:08] (.Advanced Micro Devices, Inc. - Catalyst Control Center.) -- C:\WINDOWS\Installer\41f9c53.msi [56478720] =>.Advanced Micro Devices, Inc.
[MD5.8BAD3B4225E4D8C0746ED2CF02A0B249] [WIS][2014/11/25 02:16:19] (.Adobe.) -- C:\WINDOWS\Installer\4661a8c.msi [725504] =>.Adobe
[MD5.E85D953AE603484B31869F1D44B53B18] [WIS][2014/11/25 02:16:23] (.Adobe.) -- C:\WINDOWS\Installer\4661a93.msi [3670016] =>.Adobe
[MD5.7228DBC82CA0A9E878CB09B69753C522] [WIS][2014/11/25 01:56:59] (.Adobe.) -- C:\WINDOWS\Installer\4661a9a.msi [606208] =>.Adobe
[MD5.5807A6A79EBF57203BA6FD68E93A676C] [WIS][2014/11/25 02:31:23] (.Adobe.) -- C:\WINDOWS\Installer\4661aa1.msi [12719104] =>.Adobe
[MD5.79591E19208DC5B86BD93D4616BA05DA] [WIS][2014/11/25 02:11:22] (.Adobe.) -- C:\WINDOWS\Installer\4661aa8.msi [1528320] =>.Adobe
[MD5.99B044D8CC2C9E7637AC585E6F7C33D7] [WIS][2014/11/25 02:01:22] (.Adobe.) -- C:\WINDOWS\Installer\4661abd.msi [607744] =>.Adobe
[MD5.5CD8C6903B0A9C343BD5E686A17E4FCE] [WIS][2014/11/25 01:53:22] (.Adobe.) -- C:\WINDOWS\Installer\4661ac4.msi [510976] =>.Adobe
[MD5.F156597BB08A28CEF382D400174143A1] [WIS][2014/11/25 02:16:19] (.Adobe.) -- C:\WINDOWS\Installer\4661acb.msi [1911808] =>.Adobe
[MD5.5FE7FABB34FC006A8E695768312BE6AF] [WIS][2014/11/25 02:16:19] (.Adobe.) -- C:\WINDOWS\Installer\4661ad2.msi [620032] =>.Adobe
[MD5.C373839181FE00CDF257141CC2E06F66] [WIS][2014/11/25 01:56:59] (.Adobe.) -- C:\WINDOWS\Installer\4661ad9.msi [3123200] =>.Adobe
[MD5.3841F694ABB9528590CE22BA4A0346D4] [WIS][2014/11/25 01:57:00] (.Adobe.) -- C:\WINDOWS\Installer\4661ae0.msi [532992] =>.Adobe
[MD5.8EEC79D881395D5DF73B9217ACE95E7A] [WIS][2014/11/25 02:21:23] (.Adobe.) -- C:\WINDOWS\Installer\4661ae7.msi [9998336] =>.Adobe
[MD5.88B9A2B7DCE6843EE5509C3D9957C66B] [WIS][2013/08/30 21:20:32] (.Intel Corporation - Intel(R) Rapid Storage Technology.) -- C:\WINDOWS\Installer\53fb4a.msi [9093120] =>.Intel Corporation
[MD5.E4AF16B0574B2598AADD353A35A3722B] [WIS][2012/04/26 12:47:29] (.Adobe.) -- C:\WINDOWS\Installer\669b754.msi [2211328] =>.Adobe
[MD5.78B41A323699DAF1C25265890733BE26] [WIS][2012/04/26 12:37:34] (.Adobe.) -- C:\WINDOWS\Installer\669b75d.msi [1997312] =>.Adobe
[MD5.8D747F92E4F256FB4A0AD4CB36651815] [WIS][2015/12/04 20:06:21] (.American Megatrends Inc. - DuOS.) -- C:\WINDOWS\Installer\696533e.msi [232812544] =>.American Megatrends Inc.
[MD5.3A6F581777F935A2223C6FB5DB7452D0] [WIS][2015/09/17 20:05:18] (.Lenovo Group Limited - Metric Collection SDK Redistributable.) -- C:\WINDOWS\Installer\6cc81b.msi [2161152] =>.Lenovo Group Limited
[MD5.D5B618BB341B0BF273D224AE766D394F] [WIS][2015/05/28 04:42:46] (.Waves Audio Ltd..) -- C:\WINDOWS\Installer\6fe7d.msi [53039616] =>.Waves Audio Ltd.
[MD5.19029E9B65CE2B1C2686473E0AC3E093] [WIS][2016/11/09 11:28:44] (.TechSmith Corporation - Camtasia 9.0.1.1422 64-bit.) -- C:\WINDOWS\Installer\7603397.msi [287002624] =>.TechSmith Corporation
[MD5.16D3F94BA8D38A212EF92277404754EC] [WIS][2017/04/10 19:23:12] (.Mojang - Minecraft.) -- C:\WINDOWS\Installer\820626.msi [2314240] =>.Mojang
[MD5.06B8E457FA28727AAD1A0A36E56557E8] [WIS][2018/04/23 07:31:25] (.Oracle Corporation - Java SE Runtime Environment 8 Update 171.) -- C:\WINDOWS\Installer\9567c80.msi [35319808] =>.Oracle Corporation
[MD5.EFAFE089C4933ED9F788AD68EEA4FE57] [WIS][2018/04/23 07:31:16] (.Oracle Corporation - Java Auto Updater.) -- C:\WINDOWS\Installer\9567c8f.msi [761856] =>.Oracle Corporation
[MD5.122FB021820D01E086DC7C7AED830220] [WIS][2016/05/01 17:11:40] (.Samsung Electronics Co., Ltd..) -- C:\WINDOWS\Installer\9eb5c5d.msi [38777344] =>.Samsung Electronics Co., Ltd.
[MD5.7F9BBDB60B98B6AB6A09446AFADA65CB] [WIS][2018/02/26 17:04:54] (.Adobe Systems Incorporated - Adobe ARM Installer.) -- C:\WINDOWS\Installer\abf9abd.msi [884736] =>.Adobe Systems Incorporated
[MD5.E4CED53FDF4CD47C9C3578F75C4CF37E] [WIS][2017/04/05 19:24:16] (.MAGIX Computer Products Intl. Co. - MSVCRT Redists.) -- C:\WINDOWS\Installer\b90a4e3.msi [6299648] =>.MAGIX Computer Products Intl. Co.
[MD5.4902238AC0198ADCF2147B51B8A68F97] [WIS][2017/04/22 18:50:05] (.VEGAS - VEGAS Pro 14.0 (64-bit).) -- C:\WINDOWS\Installer\b90a4ea.msi [1449984] =>.VEGAS
[MD5.2D79399C9FEA8C45A9601569E9CDA139] [WIS][2014/02/01 03:23:28] (.Adobe Systems Incorporated - PDF Settings CC.) -- C:\WINDOWS\Installer\d125b.msi [2259968] =>.Adobe Systems Incorporated
[MD5.53B0FC6601C0D177F230AC4FF04C5C32] [WIS][2016/02/27 00:05:22] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\130839f7.msp [64245760] =>.SUP.Obsolete.Adobe
[MD5.4B436CCB79A1D51BF61E44378C2F5DAB] [WIS][2017/08/28 17:41:00] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\13b1220a.msp [100036608] =>.Adobe Systems, Incorporated
[MD5.339631DF934AFC2BE35E2B27A6F7DB06] [WIS][2016/11/03 08:25:06] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\1501808a.msp [1642496] =>.SUP.Obsolete.Adobe
[MD5.82F476D2A7125BB7EBF5A2A657BAB293] [WIS][2017/11/13 05:26:16] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\1575a28e.msp [23506944] =>.Adobe Systems, Incorporated
[MD5.3617A09ABC822D955214EBE86A991CF3] [WIS][2017/11/29 11:42:28] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\18d8ed54.msp [1355776] =>.Adobe Systems, Incorporated
[MD5.72C91237F7C7A0527FA5F0752CF81A66] [WIS][2017/01/19 11:28:55] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\18e650c4.msp [1937408] =>.Adobe Systems, Incorporated
[MD5.557170C4FCC0754B372A5FC174735242] [WIS][2016/06/02 05:48:41] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\1f75c643.msp [2772992] =>.SUP.Obsolete.Adobe
[MD5.50A28B22FFDE4D837B145DB7A22E94C5] [WIS][2016/05/10 04:20:29] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\23b211b4.msp [58986496] =>.SUP.Obsolete.Adobe
[MD5.E3869EFD0836C950E46B02D3CBC67184] [WIS][2017/01/09 04:41:00] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\2cb99436.msp [25853952] =>.Adobe Systems, Incorporated
[MD5.C233BD1DB45AF8BACD0F3C0D8A646740] [WIS][2016/05/19 04:30:11] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\396f5dd.msp [1429504] =>.SUP.Obsolete.Adobe
[MD5.BD4423645209FA4CE380C43C1633F4E4] [WIS][2016/07/12 04:25:29] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\3c579aa.msp [39538688] =>.SUP.Obsolete.Adobe
[MD5.BE6A566FB4F01E8ACBFD41BD236D651D] [WIS][2018/04/08 19:55:16] (.Dell Inc..) -- C:\WINDOWS\Installer\3fed61c.msp [33320960] =>.Dell Inc.
[MD5.A58EAEAA86B7D4FA1891CA2EEDDCA3DD] [WIS][2018/02/12 15:26:08] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\4059235.msp [103362560] =>.Adobe Systems, Incorporated
[MD5.F9FD1AB516C661D9938213AA661350B7] [WIS][2016/08/02 12:49:06] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\6b4731.msp [1511424] =>.SUP.Obsolete.Adobe
[MD5.4D64DE5B41C39FA6192C22CBCD826FBA] [WIS][2016/10/10 08:29:03] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\9645ffb.msp [36499456] =>.SUP.Obsolete.Adobe
[MD5.A9095FC652E0273E10F1D9481C59067D] [WIS][2018/02/23 14:25:19] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\abf9ad1.msp [1343488] =>.Adobe Systems, Incorporated
[MD5.CECF2A7991F74C858965EA972A43CE3F] [WIS][2017/04/10 06:34:32] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\c0b520d.msp [57815040] =>.Adobe Systems, Incorporated
[MD5.F767152C881F505C5BBAC71A825C1263] [WIS][2017/02/21 13:33:51] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\eaa459d.msp [12845056] =>.Adobe Systems, Incorporated
---\\ FEATURE CONTROLE. (3) - 0s
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:Filmora.exe
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:CamtasiaStudio.exe
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:Euro Truck Simulator 2 Trainer.exe
---\\ Additional Scan (O88) (30) - 21s
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinThruster_is1 =>.SUP.WinThruster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinThruster_is1 =>.SUP.WinThruster
C:\Program Files (x86)\Mirillis =>.SUP.Empty
C:\Program Files (x86)\WinThruster =>.SUP.WinThruster
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster =>.SUP.WinThruster
C:\Users\AYMEN\AppData\Roaming\Hola =>PUP.Optional.HolaSearch
C:\Users\AYMEN\AppData\Roaming\WinThruster =>.SUP.WinThruster
C:\Users\AYMEN\AppData\Local\Hola =>PUP.Optional.HolaSearch
C:\Users\AYMEN\AppData\Local\MSfree Inc =>HackTool.WinActivator
C:\Users\AYMEN\AppData\Local\PackageAware =>.SUP.BearShare
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\###MegaContextMenuExt =>.SUP.Orphan
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Baidu_Scan =>.SUP.Orphan
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt =>.SUP.Orphan
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\TotalConverter =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{280CFDE1-1354-4431-92F3-03073BA593FB} =>.SUP.Orphan
HKLM\Software\Wow6432Node\Classes\CLSID\{280CFDE1-1354-4431-92F3-03073BA593FB} =>.SUP.Orphan
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>.SUP.Orphan
HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
C:\Users\AYMEN\Downloads\Setup_WinThruster_2018.exe =>.SUP.WinThruster
C:\WINDOWS\Installer\130839f7.msp =>.SUP.Obsolete.Adobe
C:\WINDOWS\Installer\1501808a.msp =>.SUP.Obsolete.Adobe
C:\WINDOWS\Installer\1f75c643.msp =>.SUP.Obsolete.Adobe
C:\WINDOWS\Installer\23b211b4.msp =>.SUP.Obsolete.Adobe
C:\WINDOWS\Installer\396f5dd.msp =>.SUP.Obsolete.Adobe
C:\WINDOWS\Installer\3c579aa.msp =>.SUP.Obsolete.Adobe
C:\WINDOWS\Installer\6b4731.msp =>.SUP.Obsolete.Adobe
C:\WINDOWS\Installer\9645ffb.msp =>.SUP.Obsolete.Adobe
C:\Users\AYMEN\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome
---\\ Summary of the elements found (16) - 0s
https://nicolascoolman.eu/2017/11/01/adware-mybrowser/ =>PUP.Optional.MyBrowser
https://www.anti-malware.top/2016/04/30/superfluous-skillbrains/ =>.SUP.Skillbrains
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.WinThruster
https://www.nicolascoolman.com/fr/hijacker-holasearch/ =>PUP.Optional.HolaSearch
https://nicolascoolman.eu/2017/09/19/adware-installcore-3/ =>Adware.InstallCore
https://nicolascoolman.eu/2017/12/26/sup-advancedsystemcare/ =>.SUP.AdvancedSystemCare
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/ =>.SUP.ByteFence
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.eSupport
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator
https://nicolascoolman.eu/2017/09/15/sup-bearshare/ =>.SUP.BearShare
https://nicolascoolman.eu/2017/09/12/origine-lignes-orphelines/ =>.SUP.Orphan
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.SearchProvided
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Obsolete.Adobe
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Chrome
~ Unselected Options: O82,
~ End of the scan, 11201 items in 07mn01s (1911)(0)