~ ZHPDiag v2017.8.8.136 By Nicolas Coolman (2017/08/08) ~ Run by VULCAN (Administrator) (2017/08/09 21:04:24) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ Certificate ZHPDiag: Legal ~ State version: Version KO ~ Mode: Scan ~ Report: C:\Users\VULCAN\Desktop\ZHPDiag.txt ~ Report: C:\Users\VULCAN\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 10 Pro, 64-bit (Build 15063) =>.Microsoft Corporation ---\\ Internet Browsers (4) - 0s ~ GCIE: Google Chrome v59.0.3071.115 ~ MFIE: Mozilla Firefox 54.0.1 (x86 zh-CN) ~ MSIE: Microsoft Edge v40 ~ MSIE: Internet Explorer v11.483.15063.0 ---\\ Windows Product Information (3) - 0s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK ---\\ System protection software (1) - 2s Windows Defender (Activate) (Protection) ---\\ Surveillance software (1) - 3s ~ Adobe Flash Player 26 NPAPI (Surveillance) ---\\ Information on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 94 Stepping 3, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 8305.264 MB (54% free) : OK =>.RAM Value System Restore: Activé (Enable) System drive C: has 28 GB (23%) free of 118 GB : OK =>.Disk Space ---\\ Connection to the system mode (3) - 0s ~ Computer Name: VULCANTSERIES ~ User Name: VULCAN ~ Logged in as Administrator ---\\ Enumeration of the disk units (5) - 0s ~ Drive C: has 28 GB free of 118 GB (System) ~ Drive D: has 121 GB free of 124 GB ~ Drive E: has 97 GB free of 317 GB ~ Drive F: has 198 GB free of 318 GB ~ Drive G: has 203 GB free of 317 GB ---\\ State of the Windows Security Center (7) - 0s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Search Generic System Files (24) - 2s [MD5.CA3BF0F15BA4F24D511BFEE725CC89BD] - 20/06/2017 - (.Microsoft Corporation - Windows 资源管理器.) -- C:\WINDOWS\Explorer.exe [4847424] =>.Microsoft Windows? [MD5.ECB702B8C5650381C0784F1EEABB97BC] - 19/03/2017 - (.Microsoft Corporation - Windows 主进程 (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [68608] =>.Microsoft Corporation [MD5.B2DB5876B6F68D32E470F691C7088F3F] - 07/07/2017 - (.Microsoft Corporation - Windows 启动应用程序.) -- C:\WINDOWS\System32\Wininit.exe [318232] =>.Microsoft Windows Publisher? [MD5.BC776B6B434641AF71ED0CC00BC859AA] - 07/07/2017 - (.Microsoft Corporation - Win32 的 Internet 扩展.) -- C:\WINDOWS\System32\wininet.dll [3307008] =>.Microsoft Corporation [MD5.31E3287EF6D97C5864A301CEA75BBBA1] - 07/07/2017 - (.Microsoft Corporation - Windows 登录应用程序.) -- C:\WINDOWS\System32\Winlogon.exe [706560] =>.Microsoft Corporation [MD5.50CDF68A8EA8A2A9165CD573FA6C42D8] - 19/03/2017 - (.Microsoft Corporation - 软件授权库.) -- C:\WINDOWS\System32\sppcomapi.dll [414208] =>.Microsoft Corporation [MD5.0F9FA6A2D4EAE50393DCE473759A9845] - 19/03/2017 - (.Microsoft Corporation - DNS 客户端 API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [661224] =>.Microsoft Windows? [MD5.3F969D5ADEAB3284ABD500B37D74A8F8] - 19/03/2017 - (.Microsoft Corporation - DNS 客户端 API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [508344] =>.Microsoft Windows? [MD5.AC1928C2F7505BD556C552F153B062AB] - 19/03/2017 - (.Microsoft Corporation - WinSock 的辅助功能驱动程序.) -- C:\WINDOWS\System32\drivers\AFD.sys [610712] =>.Microsoft Windows? [MD5.01733BEEE02E51F712330D5909BD701C] - 19/03/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [29088] =>.Microsoft Windows? [MD5.B6E5AD7C83A5254DEE9D86023C0E5A81] - 19/03/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [93184] =>.Microsoft Corporation [MD5.ABE77AD954BC3D72F559CF0C381E50BC] - 19/03/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [160256] =>.Microsoft Corporation [MD5.185A4519B7764F4DEF714D890A7A9FD2] - 19/03/2017 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [150528] =>.Microsoft Corporation [MD5.02B9639D9997E95CDF2F4C4F3BDCC73D] - 20/06/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [86528] =>.Microsoft Corporation [MD5.C6C8315E3262FAE460529C6DA2951682] - 19/03/2017 - (.Microsoft Corporation - i8042 端口驱动程序.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [115200] =>.Microsoft Corporation [MD5.DCC05E5EAA580C97F13B434FAFACED85] - 19/03/2017 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [214528] =>.Microsoft Corporation [MD5.F2AD1B72C5A6475FB5FF332E1980DF88] - 19/03/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [467352] =>.Microsoft Windows? [MD5.30C2F67EC84EB11B22011620107E0325] - 19/03/2017 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [305152] =>.Microsoft Corporation [MD5.8D72D5038C5F91AFEF1B160FE524C2D9] - 20/06/2017 - (.Microsoft Corporation - NT 文件系统驱动程序.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2327456] =>.Microsoft Windows? [MD5.2CC6C325B271C7CA60F374F8F868CB45] - 19/03/2017 - (.Microsoft Corporation - 并行端口驱动程序.) -- C:\WINDOWS\System32\drivers\Parport.sys [97792] =>.Microsoft Corporation [MD5.5279EC98F6218D29EADDFECCC0D80E9A] - 19/03/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [107008] =>.Microsoft Corporation [MD5.53A01D3FDB701AC5D9DDE4140227E3D9] - 20/03/2017 - (.Microsoft Corporation - Microsoft RDP 设备重定向程序.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [183296] =>.Microsoft Corporation [MD5.892AB2637603A5E9507C39E61101C3C3] - 03/06/2017 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [119712] =>.Microsoft Windows? [MD5.E3429DBBEA3965BB96E24B16EF4A2551] - 19/03/2017 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [397216] =>.Microsoft Windows? ---\\ Non Microsoft non disabled Windows Services (22) - 2s O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe =>.Intel Corporation-Wireless Connectivity Solutions? O23 - Service: ExpressVpn Service (ExpressVpnService) . (.Public Domain; Author Iain Patterson 2003-2014 - The non-sucking service manager.) - C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe O23 - Service: Google 更新服务 (gupdate) (gupdate) . (.Google Inc. - Google 安装程序.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc? O23 - Service: @oem17.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) . (...) - C:\WINDOWS\system32\ibtsiva (.not file.) =>.Intel Corporation O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe =>.Intel(R) pGFX? O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) . (...) - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe =>.Intel Corporation O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group? O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group? O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation? O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe =>.NVIDIA Corporation? O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe =>.NVIDIA Corporation? O23 - Service: Origin Web Helper Service (Origin Web Helper Service) . (.Electronic Arts - OriginWebHelperService.) - C:\Program Files (x86)\Origin\OriginWebHelperService.exe =>.Electronic Arts, Inc.? O23 - Service: On Screen Display Service (OSD) . (.Copyright (C) 2014,OEM - .) - C:\Program Files (x86)\OEM\OSD\OSDSrv.exe O23 - Service: QPCore Service (QPCore) . (.Tencent - QQ安全防护进程(Q盾).) - C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe =>.SUP.Tencent O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe =>.Intel Corporation-Wireless Connectivity Solutions? O23 - Service: 搜狗拼音输入法基础服务 (SogouSvc) . (.Sogou.com Inc. - 搜狗拼音输入法核心服务程序.) - C:\Program Files (x86)\SogouInput\8.6.0.1423\SogouSvc.exe =>.SUP.Elex O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated? O23 - Service: UC浏览器基础服务 (UCBrowserSvc) . (...) - C:\Program Files (x86)\UCBrowser\Application\UCService.exe =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? O23 - Service: UPSecurityInputService (UPSecurityInputService) . (.中国银联股份有限公司 - UPSecurityInputService.) - C:\Windows\SysWOW64\UPEditNew\UPService.exe {1F5E46E3B8C0B8C33918E7CB4BE3A31D} O23 - Service: XLNXService (XLNXService) . (.深圳市迅雷网络技术有限公司 - XLNXService 动态链接库.) - C:\Users\VULCAN\AppData\Roaming\XLGameBox\ServicePlatform\XLNX.dll =>.ShenZhen Thunder Networking Technologies Ltd.? O23 - Service: XLServicePlatform (XLServicePlatform) . (.深圳市迅雷网络技术有限公司 - XLServicePlatform.) - C:\Program Files (x86)\Common Files\Thunder Network\ServicePlatform\XLSP.dll {7506B5D2917A135C04E229EE21449A8D} O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe =>.Intel Corporation-Wireless Connectivity Solutions? ---\\ Services not Microsoft (SR=Run, SS=Stop) (35) - 30s SS - Demand [24/07/2017] [ 272384] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated? SR - Demand [01/11/2016] [ 301536] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHeciSvc.exe =>.Intel(R) pGFX? SS - Demand [01/11/2016] [ 480224] Intel(R) Content Protection HDCP Service (cplspcon) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHDCPSvc.exe =>.Intel(R) pGFX? SR - Auto [10/04/2017] [ 640928] Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe =>.Intel Corporation-Wireless Connectivity Solutions? SR - Auto [10/03/2017] [ 331264] ExpressVpn Service (ExpressVpnService) . (.Public Domain; Author Iain Patterson 2003-2014.) - C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe SS - Demand [20/03/2015] [ 344288] Futuremark SystemInfo Service (Futuremark SystemInfo Service) . (.Futuremark.) - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe =>.FUTUREMARK INC? SS - Demand [02/02/2017] [ 284736] GalaxyClientService (GalaxyClientService) . (.GOG.com.) - E:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe =>.GOG Limited? SS - Demand [13/11/2016] [ 6625856] GalaxyCommunication (GalaxyCommunication) . (.GOG.com.) - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe =>.GOG Limited? SS - Auto [29/01/2017] [ 153752] Google 更新服务 (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc? SS - Demand [29/01/2017] [ 153752] Google 更新服务 (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc? SR - Auto [01/11/2016] [ 341984] Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe =>.Intel(R) pGFX? SS - Demand [22/05/2015] [ 881152] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel® Trusted Connect Service? SR - Demand [19/05/2015] [ 335872] Intel(R) Security Assist (Intel(R) Security Assist) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe =>.Intel Corporation SS - Auto [19/05/2015] [ 7680] Intel(R) Security Assist Helper (isaHelperSvc) . (...) - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe =>.Intel Corporation SR - Auto [16/10/2015] [ 207648] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group? SR - Auto [16/10/2015] [ 415520] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group? SS - Demand [24/07/2017] [ 175560] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation? SS - Demand [10/04/2017] [ 268704] Wireless PAN DHCP Server (MyWiFiDHCPDNS) . (.Copyright (C) 2005-2010 by Achal Dhir.) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe =>.Intel Corporation-Wireless Connectivity Solutions? SR - Auto [27/07/2017] [ 512960] NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation? SS - Demand [27/07/2017] [ 512960] NVIDIA NetworkService Container (NvContainerNetworkService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation? SR - Auto [19/07/2017] [ 462968] NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe =>.NVIDIA Corporation? SR - Auto [27/07/2017] [ 449984] NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe =>.NVIDIA Corporation? SS - Demand [07/02/2017] [ 2122248] Origin Client Service (Origin Client Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginClientService.exe =>.Electronic Arts, Inc.? SR - Auto [07/02/2017] [ 2184208] Origin Web Helper Service (Origin Web Helper Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginWebHelperService.exe =>.Electronic Arts, Inc.? SR - Auto [22/05/2014] [ 9728] On Screen Display Service (OSD) . (.Copyright (C) 2014,OEM.) - C:\Program Files (x86)\OEM\OSD\OSDSrv.exe SR - Auto [25/07/2017] [ 115104] QPCore Service (QPCore) . (.Tencent.) - C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe =>.SUP.Tencent SR - Auto [10/04/2017] [ 157600] Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe =>.Intel Corporation-Wireless Connectivity Solutions? SS - Auto [26/07/2017] [ 380992] 搜狗拼音输入法基础服务 (SogouSvc) . (.Sogou.com Inc..) - C:\Program Files (x86)\SogouInput\8.6.0.1423\SogouSvc.exe =>.SUP.Elex SR - Demand [18/07/2017] [ 1608480] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve? SR - Auto [03/12/2015] [ 251496] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated? SR - Auto [17/07/2017] [ 600464] UC浏览器基础服务 (UCBrowserSvc) . (...) - C:\Program Files (x86)\UCBrowser\Application\UCService.exe =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? SR - Auto [07/05/2016] [ 361240] UPSecurityInputService (UPSecurityInputService) . (.中国银联股份有限公司.) - C:\Windows\SysWOW64\UPEditNew\UPService.exe {1F5E46E3B8C0B8C33918E7CB4BE3A31D} SR - Auto [27/07/2017] [ 151488] XLNXService (XLNXService) . (.深圳市迅雷网络技术有限公司.) - C:\Users\VULCAN\AppData\Roaming\XLGameBox\ServicePlatform\XLNX.dll =>.ShenZhen Thunder Networking Technologies Ltd.? SR - Auto [27/07/2017] [ 164184] XLServicePlatform (XLServicePlatform) . (.深圳市迅雷网络技术有限公司.) - C:\Program Files (x86)\Common Files\Thunder Network\ServicePlatform\XLSP.dll {7506B5D2917A135C04E229EE21449A8D} SR - Auto [10/04/2017] [ 3750304] Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe =>.Intel Corporation-Wireless Connectivity Solutions? ---\\ Task Planned Automatically (64) - 42s [MD5.00000000000000000000000000000000] [APT] [4b61d06ef0356dc7e0a79eadfc7c48a5] (...) -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE\onyaa2.dll (.not file.) [0] (.Activate.) =>.SUP.Empty [MD5.0DC99843E91A0313F0C6591656D650A5] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384] (.Activate.) =>.Adobe Systems Incorporated? [MD5.1ED4C92A497BC7D669028388F30EE2F9] [APT] [Fekutain Renew] (.Glarysoft Ltd.) -- C:\Program Files (x86)\Coickgrereward\jiule.exe [779416] (.Activate.) =>.Glarysoft LTD? [MD5.A8FD9222E4D72596BB37DA8BE95C0BA4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] (.Activate.) =>.Google Inc? [MD5.A8FD9222E4D72596BB37DA8BE95C0BA4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] (.Activate.) =>.Google Inc? [MD5.00000000000000000000000000000000] [APT] [KwRunAsStdUser Task16982] (...) -- C:\Program Files (x86)\kuwo\kuwomusic\8.5.0.0_W6\bin\kwmusic.exe (.not file.) [0] (.Activate.) =>.SUP.Empty [MD5.2266F8841ACB38C9A632B33C8E2187AF] [APT] [KwRunAsStdUser Task27983] (.酷我科技.) -- C:\Program Files (x86)\kuwo\kuwomusic\8.5.2.0_UG6\bin\KwMusic.exe [402784] (.Activate.) {50DA1504909F7273486D47AC0AB74675} [MD5.00000000000000000000000000000000] [APT] [MacsFanControl] (...) -- C:\Program Files (x86)\Macs Fan Control\MacsFanControl.exe (.not file.) [0] (.Activate.) =>.SUP.Empty [MD5.C1F85D44C56DAD7545A1918BF421B30F] [APT] [NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960] (.Activate.) =>.NVIDIA Corporation? [MD5.E8F3443BDFE7ED8DB458B52D54D0C9EA] [APT] [NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1714112] (.Activate.) =>.NVIDIA Corporation? [MD5.4FAB3230561427B7E16F3978B4B2E161] [APT] [NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946112] (.Activate.) =>.NVIDIA Corporation? [MD5.1536BADF3BC00B7A935CD3C7908E5CFD] [APT] [NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [647616] (.Activate.) =>.NVIDIA Corporation? [MD5.1536BADF3BC00B7A935CD3C7908E5CFD] [APT] [NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [647616] (.Activate.) =>.NVIDIA Corporation? [MD5.ECFD9D21CB2E9DE1F14A5A87D7FC9197] [APT] [NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436672] (.Activate.) =>.NVIDIA Corporation? [MD5.D3D05C471DF182E2827638B03142FC03] [APT] [NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248] (.Activate.) =>.NVIDIA Corporation? [MD5.D3D05C471DF182E2827638B03142FC03] [APT] [NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248] (.Activate.) =>.NVIDIA Corporation? [MD5.0B55818C3602569B983C9D23E2507AA6] [APT] [OEM8] (...) -- C:\Windows\OEM8\OEM8.exe [4339712] (.Activate.) [MD5.0B55818C3602569B983C9D23E2507AA6] [APT] [OEM8Server] (...) -- C:\Windows\OEM8\OEM8.exe [4339712] (.Activate.) [MD5.00000000000000000000000000000000] [APT] [RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}] (...) -- C:\PROGRAM FILES (X86)\RISING\RAV\rsdelaylauncher.exe (.not file.) [0] (.Activate.) =>.SUP.Empty [MD5.BFB817BC56F76294E21E329D2C4C4785] [APT] [SogouImeMgr] (.Sogou.com Inc..) -- C:\Program Files (x86)\SogouInput\SogouExe\SogouExe.exe [353344] (.Activate.) =>.SUP.Elex [MD5.00000000000000000000000000000000] [APT] [Traffic Exchange v2 - 1] (...) -- C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe (.not file.) [0] (.Activate.) =>.SUP.Microleaves [MD5.00000000000000000000000000000000] [APT] [Traffic Exchange v2 - 2] (...) -- C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe (.not file.) [0] (.Activate.) =>.SUP.Microleaves [MD5.00000000000000000000000000000000] [APT] [Traffic Exchange v2 - 3] (...) -- C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe (.not file.) [0] (.Activate.) =>.SUP.Microleaves [MD5.5141EA6B5F29546B2396C11BB003D392] [APT] [UCBrowserSecureUpdater] (.UC Web Inc..) -- C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe [749456] (.Activate.) =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? [MD5.52E9FFA8B24D19688A59468CC178C9BE] [APT] [UCBrowserUpdater] (.UCWeb Inc.) -- C:\Program Files (x86)\UCBrowser\Application\update_task.exe [498576] (.Activate.) =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? [MD5.52E9FFA8B24D19688A59468CC178C9BE] [APT] [UCBrowserUpdaterCore] (.UCWeb Inc.) -- C:\Program Files (x86)\UCBrowser\Application\update_task.exe [498576] (.Activate.) =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? [MD5.00000000000000000000000000000000] [APT] [{337A8B4E-183A-41DF-A49D-D6A2D30217B4}] (...) -- C:\Program Files\360\360sd\uninst.exe (.not file.) [0] (.Activate.) =>.SUP.Empty [MD5.00000000000000000000000000000000] [APT] [{F8C6265D-2B98-42E9-851C-CA7989B16D46}] (...) -- G:\SteamLibrary\steamapps\common\Grand Theft Auto San Andreas\rikintoshgfx.exe (.not file.) [0] (.Activate.) =>.SUP.Empty [MD5.C21DD0961E4DAD611055B4E6452FD059] [APT] [银联在线安全输入程序] (.中国银联股份有限公司.) -- C:\Windows\SysWOW64\UPEditNew\UPSecurityInput.exe [3833112] (.Activate.) {1F5E46E3B8C0B8C33918E7CB4BE3A31D} O39 - APT: Traffic Exchange v2 - 1 - (...) -- C:\WINDOWS\Tasks\Traffic Exchange v2 - 1.job [350] (.Orphan.) =>.SUP.Microleaves O39 - APT: Traffic Exchange v2 - 2 - (...) -- C:\WINDOWS\Tasks\Traffic Exchange v2 - 2.job [350] (.Orphan.) =>.SUP.Microleaves O39 - APT: Traffic Exchange v2 - 3 - (...) -- C:\WINDOWS\Tasks\Traffic Exchange v2 - 3.job [350] (.Orphan.) =>.SUP.Microleaves O39 - APT: UCBrowserUpdater - (.UCWeb Inc.) -- C:\WINDOWS\Tasks\UCBrowserUpdater.job [486] =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? O39 - APT: UCBrowserUpdaterCore - (.UCWeb Inc.) -- C:\WINDOWS\Tasks\UCBrowserUpdaterCore.job [322] =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? O39 - APT: 4b61d06ef0356dc7e0a79eadfc7c48a5 - (...) -- C:\WINDOWS\System32\Tasks\4b61d06ef0356dc7e0a79eadfc7c48a5 [2666] (.Orphan.) =>.SUP.Orphan O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [4092] =>.Adobe Systems Incorporated? O39 - APT: Fekutain Renew - (.Glarysoft Ltd.) -- C:\WINDOWS\System32\Tasks\Fekutain Renew [4874] =>.Glarysoft LTD? O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [2946] =>.Google Inc? O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3070] =>.Google Inc? O39 - APT: KwRunAsStdUser Task16982 - (...) -- C:\WINDOWS\System32\Tasks\KwRunAsStdUser Task16982 [2666] (.Orphan.) =>.SUP.Orphan O39 - APT: KwRunAsStdUser Task27983 - (.酷我科技.) -- C:\WINDOWS\System32\Tasks\KwRunAsStdUser Task27983 [2598] {50DA1504909F7273486D47AC0AB74675} O39 - APT: MacsFanControl - (...) -- C:\WINDOWS\System32\Tasks\MacsFanControl [2332] (.Orphan.) =>.SUP.Orphan O39 - APT: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [4308] =>.NVIDIA Corporation? O39 - APT: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [4000] =>.NVIDIA Corporation? O39 - APT: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3994] =>.NVIDIA Corporation? O39 - APT: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3894] =>.NVIDIA Corporation? O39 - APT: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3654] =>.NVIDIA Corporation? O39 - APT: NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3858] =>.NVIDIA Corporation? O39 - APT: NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3696] =>.NVIDIA Corporation? O39 - APT: NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3866] =>.NVIDIA Corporation? O39 - APT: OEM8 - (...) -- C:\WINDOWS\System32\Tasks\OEM8 [2258] O39 - APT: OEM8Server - (...) -- C:\WINDOWS\System32\Tasks\OEM8Server [2606] O39 - APT: Unknown - (.Microsoft Corporation.) -- C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3795826015-3801581077-2544062959-1001 [3376] =>.Microsoft Corporation O39 - APT: RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} - (...) -- C:\WINDOWS\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} [2654] (.Orphan.) =>.SUP.Orphan O39 - APT: SogouImeMgr - (.Sogou.com Inc..) -- C:\WINDOWS\System32\Tasks\SogouImeMgr [3570] =>.SUP.Elex O39 - APT: Traffic Exchange v2 - 1 - (...) -- C:\WINDOWS\System32\Tasks\Traffic Exchange v2 - 1 [2692] (.Orphan.) =>.SUP.Microleaves O39 - APT: Traffic Exchange v2 - 2 - (...) -- C:\WINDOWS\System32\Tasks\Traffic Exchange v2 - 2 [2692] (.Orphan.) =>.SUP.Microleaves O39 - APT: Traffic Exchange v2 - 3 - (...) -- C:\WINDOWS\System32\Tasks\Traffic Exchange v2 - 3 [2692] (.Orphan.) =>.SUP.Microleaves O39 - APT: UCBrowserSecureUpdater - (.UC Web Inc..) -- C:\WINDOWS\System32\Tasks\UCBrowserSecureUpdater [3476] =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? O39 - APT: UCBrowserUpdater - (.UCWeb Inc.) -- C:\WINDOWS\System32\Tasks\UCBrowserUpdater [3526] =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? O39 - APT: UCBrowserUpdaterCore - (.UCWeb Inc.) -- C:\WINDOWS\System32\Tasks\UCBrowserUpdaterCore [2676] =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? O39 - APT: {337A8B4E-183A-41DF-A49D-D6A2D30217B4} - (...) -- C:\WINDOWS\System32\Tasks\{337A8B4E-183A-41DF-A49D-D6A2D30217B4} [2222] (.Orphan.) =>.SUP.Orphan O39 - APT: {F8C6265D-2B98-42E9-851C-CA7989B16D46} - (...) -- C:\WINDOWS\System32\Tasks\{F8C6265D-2B98-42E9-851C-CA7989B16D46} [2438] (.Orphan.) =>.SUP.Orphan O39 - APT: 银联在线安全输入程序 - (.中国银联股份有限公司.) -- C:\WINDOWS\System32\Tasks\银联在线安全输入程序 [2360] {1F5E46E3B8C0B8C33918E7CB4BE3A31D} ---\\ Auto loading programs from Registry and folders (23) - 2s O4 - HKLM\..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Defender notification icon.) -- C:\Program Files\Windows Defender\MSASCuiL.exe =>.Microsoft Windows? O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek高清晰音频管理器.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp? O4 - HKLM\..\Run: [ShadowPlay] . (.Microsoft Corporation - Windows 主进程 (Rundll32).) -- C:\Windows\System32\rundll32.exe =>.Microsoft Corporation O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\VULCAN\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation? O4 - HKCU\..\Run: [Steam] -- C:\Program Files (x86)\Steam\steam.exe (.not file.) O4 - HKCU\..\Run: [ctfmon] . (.Microsoft Corporation - CTF 加载程序.) -- C:\Windows\System32\ctfmon.exe =>.Microsoft Corporation O4 - HKCU\..\Run: [Thunder] . (.深圳市迅雷网络技术有限公司 - 迅雷.) -- C:\Program Files (x86)\Thunder Network\Thunder9\Program\Thunder.exe {7506B5D2917A135C04E229EE21449A8D} O4 - HKCU\..\Run: [BaiduYunDetect] . (...) -- C:\Users\VULCAN\AppData\Roaming\baidu\BaiduNetdisk\YunDetectService.exe {1FD2D30E260FC289CFAF11518F2CD36F} O4 - HKCU\..\Run: [XMP] . (.深圳市迅雷网络技术有限公司 - 迅雷影音.) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\xmp.exe {16E6F4E66382FBA84730D899} O4 - HKCU\..\Run: [QQ2009] . (.Tencent - 腾讯QQ.) -- C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe =>.SUP.Tencent O4 - HKCU\..\Run: [ExpressVPN4] . (.ExpressVPN - ExpressVpn.) -- C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpn.exe =>.Express Vpn LLC? O4 - HKLM\..\Wow6432Node\Run: [OSD] . (.OEM - OSD Service Control.) -- C:\Program Files (x86)\OEM\OSD\OSDCtrl.exe =>.OEM O4 - HKLM\..\Wow6432Node\Run: [EaseUS Cleanup] . (.CHENGDU Yiwo Tech Development Co., Ltd. - CleanUpUI Application.) -- E:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\CleanUpUI.exe =>.CHENGDU YIWO Tech Development Co., Ltd.? O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows? O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows? O4 - HKUS\S-1-5-21-3795826015-3801581077-2544062959-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\VULCAN\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation? O4 - HKUS\S-1-5-21-3795826015-3801581077-2544062959-1001\..\Run: [Steam] -- C:\Program Files (x86)\Steam\steam.exe (.not file.) O4 - HKUS\S-1-5-21-3795826015-3801581077-2544062959-1001\..\Run: [ctfmon] . (.Microsoft Corporation - CTF 加载程序.) -- C:\Windows\System32\ctfmon.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-3795826015-3801581077-2544062959-1001\..\Run: [Thunder] . (.深圳市迅雷网络技术有限公司 - 迅雷.) -- C:\Program Files (x86)\Thunder Network\Thunder9\Program\Thunder.exe {7506B5D2917A135C04E229EE21449A8D} O4 - HKUS\S-1-5-21-3795826015-3801581077-2544062959-1001\..\Run: [BaiduYunDetect] . (...) -- C:\Users\VULCAN\AppData\Roaming\baidu\BaiduNetdisk\YunDetectService.exe {1FD2D30E260FC289CFAF11518F2CD36F} O4 - HKUS\S-1-5-21-3795826015-3801581077-2544062959-1001\..\Run: [XMP] . (.深圳市迅雷网络技术有限公司 - 迅雷影音.) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\xmp.exe {16E6F4E66382FBA84730D899} O4 - HKUS\S-1-5-21-3795826015-3801581077-2544062959-1001\..\Run: [QQ2009] . (.Tencent - 腾讯QQ.) -- C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe =>.SUP.Tencent O4 - HKUS\S-1-5-21-3795826015-3801581077-2544062959-1001\..\Run: [ExpressVPN4] . (.ExpressVPN - ExpressVpn.) -- C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpn.exe =>.Express Vpn LLC? ---\\ Process running (57) - 7s [MD5.7039199C6F3F0ACAF327ACABB8F69003] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968] [PID.1768] =>.NVIDIA Corporation? [MD5.5495E7F548D0DD4BD5A3D2C071DB1FB3] - (.Intel Corporation - igfxCUIService Module.) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe [341984] [PID.2116] =>.Intel(R) pGFX? [MD5.BECEAE2FDC4F7729A93E94AC2CCD78CC] - (.Public Domain; Author Iain Patterson 2003-2014 - The non-sucking service manager.) -- C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe [331264] [PID.3420] [MD5.6C1DFF36B3DE5832842D9D8279D567C5] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [640928] [PID.3468] =>.Intel Corporation-Wireless Connectivity Solutions? [MD5.E2D55A721B90A215FDA3AE38CCC1FAD3] - (.Copyright (C) 2014,OEM - .) -- C:\Program Files (x86)\OEM\OSD\OSDSrv.exe [9728] [PID.3484] [MD5.ED4E15C84708FDE029A14B37B88B755D] - (...) -- C:\Program Files (x86)\UCBrowser\Application\UCService.exe [600464] [PID.3492] =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? [MD5.C1F85D44C56DAD7545A1918BF421B30F] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960] [PID.3500] =>.NVIDIA Corporation? [MD5.347A7C973E51692A08C8169A4DEBA6E3] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [251496] [PID.3528] =>.Synaptics Incorporated? [MD5.FF8D4732B9907C240AE0AD58F8E40F3C] - (.Tencent - QQ安全防护进程(Q盾).) -- C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe [115104] [PID.3548] =>.SUP.Tencent [MD5.9CAD9C932B4F8F8E3B50630C811815F7] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984] [PID.3556] =>.NVIDIA Corporation? [MD5.00000000000000000000000000000000] - (.Intel Corporation - Intel(R) Wireless Bluetooth(R) iBtSiva Serv.) -- C:\WINDOWS\system32\ibtsiva.exe [0] [PID.3592] =>.Intel Corporation [MD5.2B099DEBCFCBE33036406739F94C529C] - (.Electronic Arts - OriginWebHelperService.) -- C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208] [PID.3604] =>.Electronic Arts, Inc.? [MD5.B082C6B7A13BA376F06B9C10031D6B25] - (.中国银联股份有限公司 - UPSecurityInputService.) -- C:\Windows\SysWOW64\UPEditNew\UPService.exe [361240] [PID.3616] {1F5E46E3B8C0B8C33918E7CB4BE3A31D} [MD5.ACCF57F2150DC52DC2B92349390FAE90] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [157600] [PID.3632] =>.Intel Corporation-Wireless Connectivity Solutions? [MD5.FEE5D92DDAC2AFE8FDCEBC1A4A4F542D] - (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3750304] [PID.3808] =>.Intel Corporation-Wireless Connectivity Solutions? [MD5.0F0BB33129C878432400F003599F466E] - (.Intel Corporation - IntelCpHeciSvc Executable.) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHeciSvc.exe [301536] [PID.15264] =>.Intel(R) pGFX? [MD5.C6E0E37B6AC972400F29A4A5251D4AAA] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648] [PID.13960] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group? [MD5.5AD9D814037E4B3171947140AFA35B36] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [415520] [PID.14160] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group? [MD5.8213094EA736A9C575AB0E22AD09B0BA] - (.Intel Corporation - Intel(R) Security Assist.) -- C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872] [PID.8780] =>.Intel Corporation [MD5.7039199C6F3F0ACAF327ACABB8F69003] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968] [PID.10816] =>.NVIDIA Corporation? [MD5.6C56DE64E13467FCE31B8BFE2F5165CE] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784] [PID.4756] =>.NVIDIA Corporation? [MD5.27899AD0483C908C6BC616F78E710959] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4246120] [PID.11484] =>.Synaptics Incorporated? [MD5.C21DD0961E4DAD611055B4E6452FD059] - (.中国银联股份有限公司 - UPSecurityInput.) -- C:\Windows\SysWOW64\UPEditNew\UPSecurityInput.exe [3833112] [PID.17280] {1F5E46E3B8C0B8C33918E7CB4BE3A31D} [MD5.49790BA72DB8A5EB10C130B1E450F9C1] - (.Intel Corporation - igfxEM Module.) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxEM.exe [523232] [PID.11896] =>.Intel(R) pGFX? [MD5.6650EC0A1EF53811CBE3F35A99CCB2F6] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [219240] [PID.17184] =>.Synaptics Incorporated? [MD5.E1A7B3D8C0EEE327AE3683EC5BAA1BCE] - (.Sogou.com Inc. - 搜狗拼音输入法 Metro代理程序.) -- C:\Windows\SysWOW64\IME\SogouPY\SogouImeBroker.exe [572480] [PID.16892] =>.SUP.Elex [MD5.E4B1157F6F5AD4F40B308EDF8011E612] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [2457536] [PID.672] =>.NVIDIA Corporation? [MD5.CC0B892A201ECB74EB2E50C7C7A8AE82] - (.Realtek Semiconductor - Realtek高清晰音频管理器.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16407296] [PID.19016] =>.Realtek Semiconductor Corp? [MD5.83F8AA1B8B35228B88F9FB2212928601] - (.深圳市迅雷网络技术有限公司 - 迅雷.) -- C:\Program Files (x86)\Thunder Network\Thunder9\Program\Thunder.exe [1368408] [PID.21104] {7506B5D2917A135C04E229EE21449A8D} [MD5.A544D1FA8AAA8F45442FB0CB55F8E714] - (.NVIDIA Corporation - NVIDIA Capture Server.) -- C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe [7607232] [PID.15448] =>.NVIDIA Corporation? [MD5.D2F3C11933BFB69AAD92421EC7106002] - (...) -- C:\Users\VULCAN\AppData\Roaming\baidu\BaiduNetdisk\YunDetectService.exe [1051680] [PID.9044] {1FD2D30E260FC289CFAF11518F2CD36F} [MD5.19716CC5419C3FC6D0EF94E25674CDB2] - (.NVIDIA Corporation - NVIDIA ShadowPlay Helper.) -- C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe [545216] [PID.13860] =>.NVIDIA Corporation? [MD5.AB8C4B1761535FC07BEB1FB9070FF760] - (.NVIDIA Corporation - NVIDIA Share.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [1714112] [PID.12200] =>.NVIDIA Corporation? [MD5.594F91C5985AC402ECD2D7F1376AFFFD] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [521160] [PID.19896] =>.Mozilla Corporation? [MD5.3420D60A2BDCEE5D246CA0FAFBE46244] - (.深圳市迅雷网络技术有限公司 - 迅雷影音.) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\xmp.exe [347792] [PID.9816] {16E6F4E66382FBA84730D899} [MD5.0BBD5BC2622B5CAB0A51439DF3BEFD6A] - (.深圳市迅雷网络技术有限公司 - ThunderBrowser.) -- C:\Program Files (x86)\Thunder Network\Thunder9\Program\TBC\ThunderBrowser.exe [368984] [PID.13044] {7506B5D2917A135C04E229EE21449A8D} [MD5.7A31F6E79C0457B4FC1DF9CAACB6A9E8] - (.Node.js - NVIDIA Web Helper Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [15554496] [PID.17452] =>.NVIDIA Corporation? [MD5.E638F1730559BAF29EF48F142C570D34] - (.Tencent - 腾讯QQ.) -- C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe [109472] [PID.16944] =>.SUP.Tencent [MD5.E638F1730559BAF29EF48F142C570D34] - (.Tencent - 腾讯QQ.) -- C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe [109472] [PID.12312] =>.SUP.Tencent [MD5.1715B901B6F4F4CD12A3911987EBE349] - (.Tencent - 腾讯QQ.) -- C:\Program Files (x86)\Tencent\QQ\Bin\QQApp.exe [46368] [PID.1696] =>.SUP.Tencent [MD5.0BBD5BC2622B5CAB0A51439DF3BEFD6A] - (.深圳市迅雷网络技术有限公司 - ThunderBrowser.) -- C:\Program Files (x86)\Thunder Network\Thunder9\Program\TBC\ThunderBrowser.exe [368984] [PID.5128] {7506B5D2917A135C04E229EE21449A8D} [MD5.5D74DD3C037259926C030218B1CBA228] - (.Tencent - 腾讯QQ多客户端管理服务.) -- C:\Program Files (x86)\Tencent\QQ\Bin\TXPlatform.exe [145696] [PID.10284] =>.SUP.Tencent [MD5.20390A75179ECE5BBE874C5B3B876BA3] - (.深圳市迅雷网络技术有限公司 - DownloadSDKServer.) -- C:\Program Files (x86)\Thunder Network\Thunder9\Program\SDK\DownloadSDKServer.exe [78680] [PID.14872] {7506B5D2917A135C04E229EE21449A8D} [MD5.AB8C4B1761535FC07BEB1FB9070FF760] - (.NVIDIA Corporation - NVIDIA Share.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [1714112] [PID.16628] =>.NVIDIA Corporation? [MD5.50CACB0374D25DBEAE02559E911D3424] - (.ExpressVPN - ExpressVpn.) -- C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpn.exe [806528] [PID.7372] =>.Express Vpn LLC? [MD5.B54083158A780CB2983B59A54FD67232] - (.OEM - On Screen Display Application.) -- C:\Program Files (x86)\OEM\OSD\OSD.exe [141824] [PID.9132] =>.OEM [MD5.6651E47EEA3ABCC3F66B314243582219] - (...) -- C:\Users\VULCAN\AppData\Local\MozillaOnline\COBA\helper.exe [284856] [PID.19868] {479F5C004000753253E7DD7FB9916339} [MD5.DBE440017ADEF623761D55B58FBEDE35] - (...) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe [74752] [PID.1136] =>.Skype Technologies [MD5.D5BAF8954AF730DB5DD90255B28B2A42] - (.Sogou.com Inc. - 搜狗输入法 云计算代理.) -- C:\Program Files (x86)\SogouInput\8.6.0.1423\SogouCloud.exe [1848896] [PID.9736] =>.SUP.Elex [MD5.AE5EDD465773CD2E43D4590E67BEF067] - (...) -- C:\Program Files (x86)\ExpressVPN\xvpnd\xvpnd.exe [9112704] [PID.4064] =>.Express Vpn LLC? [MD5.5614A72C29D1BBEAD78FE507013B2488] - (.Valve Corporation - Steam Client Bootstrapper.) -- G:\Program Files (x86)\Steam\Steam.exe [3062560] [PID.11816] =>.Valve? [MD5.61B1A52289316351CFC9984B51058F30] - (.Valve Corporation - Steam Client WebHelper.) -- G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [3470112] [PID.1392] =>.Valve? [MD5.03404CCE10E4A207953E954C2AF8D41E] - (.Valve Corporation - Steam Client Service.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1608480] [PID.16680] =>.Valve? [MD5.61B1A52289316351CFC9984B51058F30] - (.Valve Corporation - Steam Client WebHelper.) -- G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [3470112] [PID.16412] =>.Valve? [MD5.61B1A52289316351CFC9984B51058F30] - (.Valve Corporation - Steam Client WebHelper.) -- G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [3470112] [PID.14668] =>.Valve? [MD5.E9FE8CA7DB7BA615C32EFA90E92725FF] - (.Sogou.com Inc. - 搜狗拼音输入法 工具.) -- C:\Program Files (x86)\SogouInput\8.6.0.1423\SGTool.exe [9419840] [PID.8996] =>.SUP.Elex [MD5.472F7AD194FFF2EDEB2DEA58C03FFEE6] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\VULCAN\Desktop\ZHPDiag3.exe [2807680] [PID.13200] =>.Nicolas Coolman ---\\ Google Chrome, Start,Search,Extensions (3) - 0s G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] Michael Gundlach =>.Wladimir Palant {AdBlock} G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet} G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc. ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (34) - 7s M0 - MFSP: prefs.js [VULCAN - 2q8o7d6c.default] http://www.google.fr/ =>.Google Inc. P2 - EXT FILE: (.COBA - China Online Banking Assistant.) -- C:\Users\VULCAN\AppData\Roaming\Mozilla\Firefox\Profiles\2q8o7d6c.default\extensions\coba@mozilla.com.cn.xpi P2 - EXT FILE: (.火狐修复工具 - 让您方便的一键修复大部分浏览器使用中的常见问题,也可以针对您所遇到的问题选择.) -- C:\Users\VULCAN\AppData\Roaming\Mozilla\Firefox\Profiles\2q8o7d6c.default\extensions\commonfix@mozillaonline.com.xpi P2 - EXT FILE: (.Addons Manager - To manage the addons package in Firefo.) -- C:\Users\VULCAN\AppData\Roaming\Mozilla\Firefox\Profiles\2q8o7d6c.default\extensions\cpmanager@mozillaonline.com.xpi P2 - EXT FILE: (.Easy Screenshot - You can capture a screen shot by selec.) -- C:\Users\VULCAN\AppData\Roaming\Mozilla\Firefox\Profiles\2q8o7d6c.default\extensions\easyscreenshot@mozillaonline.com.xpi P2 - EXT FILE: (.Mozilla Online Limited - Tab Tweak.) -- C:\Users\VULCAN\AppData\Roaming\Mozilla\Firefox\Profiles\2q8o7d6c.default\extensions\tabtweak@mozillaonline.com.xpi P2 - EXT FILE: (. - __MSG_extensionDescription__.) -- C:\Users\VULCAN\AppData\Roaming\Mozilla\Firefox\Profiles\2q8o7d6c.default\extensions\wx-assistant@mozillaonline.com.xpi P2 - EXT FILE: (.Adblock Plus - Ads were yesterday!.) -- C:\Users\VULCAN\AppData\Roaming\Mozilla\Firefox\Profiles\2q8o7d6c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus P2 - EXT FILE: (...) -- C:\Users\VULCAN\AppData\Roaming\Mozilla\Firefox\Profiles\2q8o7d6c.default\searchplugins\ywihsrp0.xml P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT: (.Mozilla Online Limited - 火狐主页.) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\cehomepage@mozillaonline.com P2 - EXT: (.Mozilla Online Limited - 网银支付助手.) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\coba@mozilla.com.cn P2 - EXT: (.Mozilla Online - 網頁截圖.) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\easyscreenshot@mozillaonline.com P2 - EXT: (.agunchan - xThunder.) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\xthunder@lshai.com P2 - EXT: (.Mozilla Online Limited - 火狐主页.) -- C:\Users\VULCAN\AppData\Roaming\Mozilla\Firefox\Profiles\2q8o7d6c.default\extensions\cehomepage@mozillaonline.com P2 - EXT: (.agunchan - xThunder.) -- C:\Users\VULCAN\AppData\Roaming\Mozilla\Firefox\Profiles\2q8o7d6c.default\extensions\xthunder@lshai.com P2 - FPN: [HKCU] [@1.qq.com/npqqwebgame] - (...) -- C:\Users\VULCAN\AppData\Roaming\Tencent\WebGamePlugin\1.0.4.3\npqqwebgame.dll =>.SUP.Tencent P2 - FPN: [HKCU] [@xunlei.com/npxunlei;version=1.0.0.2] - (.Thunder.) -- C:\Program Files (x86)\Thunder Network\Thunder9\Data\npxunlei1.0.0.2.dll =>.Thunder P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll =>.Adobe Systems Incorporated P2 - FPN: [HKLM] [@baidu.com/BaiduExpert-npplugin] - (.百度在线网络技术(北京)有限公司.) -- C:\Users\VULCAN\AppData\Roaming\baidu\BDWebAdapter\3.0.348.0\npBDExNP.dll P2 - FPN: [HKLM] [@qq.com/npqscall] - (.Tencent.) -- C:\Program Files (x86)\Common Files\Tencent\Npchrome\npactivex.dll =>.SUP.Tencent P2 - FPN: [HKLM] [@qq.com/QQDownloadPlugin] - (.Tencent Technology (Shenzhen) Company Limited.) -- C:\Program Files (x86)\Tencent\QQDownload\Browser\769\npXFPlugin.dll =>.SUP.Tencent P2 - FPN: [HKLM] [@qq.com/QQMiniDLPlugin] - (.Tencent Technology (Shenzhen) Company Limited.) -- C:\Program Files (x86)\Common Files\Tencent\QQMiniDL\60\Browser\npXFMiniDLPlugin.dll =>.SUP.Tencent P2 - FPN: [HKLM] [@qq.com/QQPhotoDrawEx] - (.Copyright (C) 1998-2013 Tencent. All Rights Reserved.) -- C:\Program Files (x86)\Tencent\Qzone\npQQPhotoDrawEx.dll =>.SUP.Tencent P2 - FPN: [HKLM] [@qq.com/QzoneMusic] - (.Tencent.) -- C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\npQzoneMusic.dll =>.SUP.Tencent P2 - FPN: [HKLM] [@qq.com/TXSSO] - (.Tencent.) -- C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.5.16\bin\npSSOAxCtrlForPTLogin.dll =>.SUP.Tencent P2 - FPN: [HKLM] [@tencent.com/npQQMailWebKit,version=1.0.0.1] - (.Tencent.) -- C:\Program Files (x86)\QQMailPlugin\npQQMailWebKit.dll =>.SUP.Tencent P2 - FPN: [HKLM] [@tencent.com/nptxftnWebKit,version=1.0.0.1] - (.Tencent Technology (Shenzhen) Company Limited.) -- C:\Program Files (x86)\QQMailPlugin\nptxftnWebKit.dll =>.SUP.Tencent P2 - FPN: [HKLM] [@xunlei.com/npaplayer] - (.ShenZhen Thunder Networking Technologies, LTD.) -- C:\Users\Public\Thunder Network\APlayer\codecs\npaplayer.dll P2 - FPN: [HKLM] [@xunlei.com/npxunlei;version=1.0.0.1] - (.Thunder.) -- C:\Program Files (x86)\Thunder Network\Thunder9\Data\npxunlei1.0.0.2.dll =>.Thunder ---\\ Internet Explorer Extensions, Start, Search (16) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/ =>PUP.Optional.Browser R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation R0 - HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer\Main,Start Page = http://gotot.fuzhugo.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer ---\\ Microsoft Edge,Plugins,Start,Search,Extensions (1) - 0s E0 - Microsoft Edge: HKU\S-1-5-21-3795826015-3801581077-2544062959-1001\HomeButtonPage = http://hao.360.cn/ ---\\ Internet Explorer, Proxy Management (3) - 0s R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit= F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet= ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (53) ---\\ Browser Helper Object (BHO) (3) - 0s O2 - BHO: QQCycloneHelper [64Bits] - {00000000-12C9-4305-82F9-43058F20E8D2} . (.Tencent Technology (Shenzhen) Company Limited - QQDownload Plugin DLL.) -- C:\Program Files (x86)\Tencent\QQDownload\QQIEHelper01.dll =>.SUP.Tencent O2 - BHO: XunleiBHO [64Bits] - {004B0726-A010-4ABF-8556-FCDB7F1FCA1E} (.Orphan.) =>PUP.Optional.Xunlei O2 - BHO: Shareaza Web Download Hook [64Bits] - {0EEDB912-C5FA-486F-8334-57288578C627} (.Orphan.) ---\\ Global shortcuts Startup (189) - 25s O4 - GS\Desktop [Administrator]: Crysis with BlackFire's Mod Ultimate.lnk . (...) C:\Users\VULCAN\Desktop\Crysis\BFMU.bat O4 - GS\Desktop [Administrator]: Crysis.lnk . (...) C:\Users\VULCAN\Desktop\Crysis\Bin64\Crysis.exe -mod CrysisExpanded -devmode O4 - GS\Desktop [Administrator]: Detention - 快捷方式.lnk . (...) E:\Detention\Detention.exe O4 - GS\Desktop [Administrator]: Dolphin.lnk . (...) E:\Program Files\Dolphin\Dolphin.exe O4 - GS\Desktop [Administrator]: Freedom - 快捷方式.lnk . (...) E:\game\Soldaty Svobody\Freedom.Exe O4 - GS\Desktop [Administrator]: Furi - 快捷方式.lnk . (...) E:\Program Files (x86)\Furi zhongwenban\Furi.exe O4 - GS\Desktop [Administrator]: Outlast2 - 快捷方式.lnk . (.Red Barrels Inc. - Outlast 2.) F:\Outlast 2\Binaries\Win64\Outlast2.exe =>.Red Barrels Inc. O4 - GS\Desktop [Administrator]: QQ旋风.lnk . (.Tencent Technology (Shenzhen) Company Limited - QQ旋风.) C:\Program Files (x86)\Tencent\QQDownload\QQDownload.exe =>.SUP.Tencent O4 - GS\Desktop [Administrator]: samp - 快捷方式.lnk . (...) C:\Program Files (x86)\Rockstar Games\GTA San Andreas\samp.exe O4 - GS\Desktop [Administrator]: Saved files - 快捷方式.lnk . (...) E:\Saved files O4 - GS\Desktop [Administrator]: StateOfDecay.lnk . (...) C:\Users\VULCAN\Desktop\State of Decay YOSE\StateOfDecay.exe O4 - GS\Desktop [Administrator]: Steam - 快捷方式.lnk . (.Valve Corporation - Steam Client Bootstrapper.) G:\Program Files (x86)\Steam\Steam.exe =>.Valve? O4 - GS\Desktop [Administrator]: Uplay.lnk . (.Ubisoft - Uplay launcher.) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe =>.Ubisoft Entertainment Sweden AB? O4 - GS\Desktop [Administrator]: Watch_Dogs2 - 快捷方式.lnk . (...) E:\SteamLibrary\steamapps\common\Watch_Dogs2 =>.Steam Games O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\VULCAN\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Desktop [Administrator]: 孤岛危机2.lnk . (.www.yxdown.com - 游迅网启动客户端.) G:\Youxun\Install\Crysis2_chs\开始游戏.exe O4 - GS\Desktop [Administrator]: 百度网盘.lnk . (.Baidu. All rights reserved. - BaiduNetdisk.) C:\Users\VULCAN\AppData\Roaming\baidu\BaiduNetdisk\BaiduNetdisk.exe {1FD2D30E260FC289CFAF11518F2CD36F} O4 - GS\Desktop [Administrator]: 英雄联盟.lnk . (.腾讯计算机系统有限公司 - 腾讯游戏登录程序.) E:\Program Files\腾讯游戏\英雄联盟\TCLS\Client.exe =>.SUP.Tencent O4 - GS\Desktop [Administrator]: 迅雷.lnk . (.深圳市迅雷网络技术有限公司 - 迅雷.) C:\Program Files (x86)\Thunder Network\Thunder9\Program\Thunder.exe -StartType:DesktopIcon {7506B5D2917A135C04E229EE21449A8D} O4 - GS\Desktop [Administrator]: 银联安全控件非插件版.lnk . (.中国银联股份有限公司 - UPSecurityInput.) C:\Windows\SysWOW64\UPEditNew\UPSecurityInput.exe {1F5E46E3B8C0B8C33918E7CB4BE3A31D} O4 - GS\Quicklaunch [Administrator]: DS3 Tool.lnk . (.www.motioninjoy.com - DS3_Tool.) C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe =>.www.motioninjoy.com O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://ttxx.210997.com =>.Google Inc. O4 - GS\Quicklaunch [Administrator]: Mozilla Firefox.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe http://gotot.fuzhugo.com =>.Microsoft Corporation O4 - GS\Quicklaunch [Administrator]: Nexus Mod Manager.lnk . (.Black Tree Gaming - Nexus Mod Manager.) E:\Program Files\Nexus Mod Manager\NexusClient.exe =>.Black Tree Gaming Ltd.? O4 - GS\Quicklaunch [Administrator]: QQ旋风.lnk . (.Tencent Technology (Shenzhen) Company Limited - QQ旋风.) C:\Program Files (x86)\Tencent\QQDownload\QQDownload.exe =>.SUP.Tencent O4 - GS\Quicklaunch [Administrator]: Shareaza.lnk . (.Shareaza Development Team - Shareaza Ultimate File Sharing.) E:\Program Files\Shareaza\Shareaza.exe =>.Shareaza Development Team O4 - GS\Quicklaunch [Administrator]: UC浏览器.lnk . (.UCWeb Inc. - UC浏览器.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? O4 - GS\Quicklaunch [Administrator]: 易我分区管理大师 11.0.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) E:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\epm0.exe =>.CHENGDU YIWO Tech Development Co., Ltd.? O4 - GS\Quicklaunch [Administrator]: 百度网盘.lnk . (.Baidu. All rights reserved. - BaiduNetdisk.) C:\Users\VULCAN\AppData\Roaming\baidu\BaiduNetdisk\BaiduNetdisk.exe {1FD2D30E260FC289CFAF11518F2CD36F} O4 - GS\Quicklaunch [Administrator]: 腾讯QQ.lnk . (.Tencent - 腾讯QQ.) C:\Program Files (x86)\Tencent\QQ\Bin\QQScLauncher.exe =>.SUP.Tencent O4 - GS\Quicklaunch [Administrator]: 迅雷.lnk . (.深圳市迅雷网络技术有限公司 - 迅雷.) C:\Program Files (x86)\Thunder Network\Thunder9\Program\Thunder.exe -StartType:QuickLaunch {7506B5D2917A135C04E229EE21449A8D} O4 - GS\Quicklaunch [Administrator]: 酷我音乐.lnk . (.酷我科技 - 酷我音乐.) C:\Program Files (x86)\kuwo\kuwomusic\8.5.2.0_UG6\bin\KwMusic.exe {50DA1504909F7273486D47AC0AB74675} O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [Administrator]: 传真收件人.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [Administrator]: 蓝牙文件传送.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation O4 - GS\TaskBar [Administrator]: Borderless Gaming.lnk . (.Codeusa Software - Borderless Gaming.) C:\Program Files (x86)\Borderless Gaming\BorderlessGaming.exe {1C7DC54D08621A96136B378AA9E4392B} =>.Codeusa Software O4 - GS\TaskBar [Administrator]: ExpressVPN.lnk . (.ExpressVPN - ExpressVpn.) C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpn.exe =>.Express Vpn LLC? O4 - GS\TaskBar [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://ttxx.210997.com =>.Mozilla Corporation O4 - GS\TaskBar [Administrator]: nullDC_Win32_Release.lnk . (...) C:\Users\VULCAN\Desktop\nullDC 1.04 r150 SM-A Fixes by masterchan777\nullDC_Win32_Release.exe O4 - GS\TaskBar [Administrator]: Snipping Tool.lnk . (.Microsoft Corporation - 截图工具.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\TaskBar [Administrator]: 迅雷.lnk . (.深圳市迅雷网络技术有限公司 - 迅雷.) C:\Program Files (x86)\Thunder Network\Thunder9\Program\Thunder.exe -StartType:PinTaskbar {7506B5D2917A135C04E229EE21449A8D} O4 - GS\TaskBar [Administrator]: 酷我音乐.lnk . (.酷我科技 - 酷我音乐.) C:\Program Files (x86)\kuwo\kuwomusic\8.5.2.0_UG6\bin\KwMusic.exe {50DA1504909F7273486D47AC0AB74675} O4 - GS\Startup [Administrator]: KwGBDeamon.lnk . (.酷我科技 - KwGBDeamon.) C:\ProgramData\KWGameBox\KwGameBox\bin\KwGBDeamon.exe {50DA1504909F7273486D47AC0AB74675} O4 - GS\Programs [Administrator]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\VULCAN\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation? O4 - GS\Programs [Administrator]: 可选功能.lnk . (.Microsoft Corporation - 需求帮助程序的功能.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation O4 - GS\Desktop [Guest]: Crysis with BlackFire's Mod Ultimate.lnk . (...) C:\Users\VULCAN\Desktop\Crysis\BFMU.bat O4 - GS\Desktop [Guest]: Crysis.lnk . (...) C:\Users\VULCAN\Desktop\Crysis\Bin64\Crysis.exe -mod CrysisExpanded -devmode O4 - GS\Desktop [Guest]: Detention - 快捷方式.lnk . (...) E:\Detention\Detention.exe O4 - GS\Desktop [Guest]: Dolphin.lnk . (...) E:\Program Files\Dolphin\Dolphin.exe O4 - GS\Desktop [Guest]: Freedom - 快捷方式.lnk . (...) E:\game\Soldaty Svobody\Freedom.Exe O4 - GS\Desktop [Guest]: Furi - 快捷方式.lnk . (...) E:\Program Files (x86)\Furi zhongwenban\Furi.exe O4 - GS\Desktop [Guest]: Outlast2 - 快捷方式.lnk . (.Red Barrels Inc. - Outlast 2.) F:\Outlast 2\Binaries\Win64\Outlast2.exe =>.Red Barrels Inc. O4 - GS\Desktop [Guest]: QQ旋风.lnk . (.Tencent Technology (Shenzhen) Company Limited - QQ旋风.) C:\Program Files (x86)\Tencent\QQDownload\QQDownload.exe =>.SUP.Tencent O4 - GS\Desktop [Guest]: samp - 快捷方式.lnk . (...) C:\Program Files (x86)\Rockstar Games\GTA San Andreas\samp.exe O4 - GS\Desktop [Guest]: Saved files - 快捷方式.lnk . (...) E:\Saved files O4 - GS\Desktop [Guest]: StateOfDecay.lnk . (...) C:\Users\VULCAN\Desktop\State of Decay YOSE\StateOfDecay.exe O4 - GS\Desktop [Guest]: Steam - 快捷方式.lnk . (.Valve Corporation - Steam Client Bootstrapper.) G:\Program Files (x86)\Steam\Steam.exe =>.Valve? O4 - GS\Desktop [Guest]: Uplay.lnk . (.Ubisoft - Uplay launcher.) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe =>.Ubisoft Entertainment Sweden AB? O4 - GS\Desktop [Guest]: Watch_Dogs2 - 快捷方式.lnk . (...) E:\SteamLibrary\steamapps\common\Watch_Dogs2 =>.Steam Games O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\VULCAN\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Desktop [Guest]: 孤岛危机2.lnk . (.www.yxdown.com - 游迅网启动客户端.) G:\Youxun\Install\Crysis2_chs\开始游戏.exe O4 - GS\Desktop [Guest]: 百度网盘.lnk . (.Baidu. All rights reserved. - BaiduNetdisk.) C:\Users\VULCAN\AppData\Roaming\baidu\BaiduNetdisk\BaiduNetdisk.exe {1FD2D30E260FC289CFAF11518F2CD36F} O4 - GS\Desktop [Guest]: 英雄联盟.lnk . (.腾讯计算机系统有限公司 - 腾讯游戏登录程序.) E:\Program Files\腾讯游戏\英雄联盟\TCLS\Client.exe =>.SUP.Tencent O4 - GS\Desktop [Guest]: 迅雷.lnk . (.深圳市迅雷网络技术有限公司 - 迅雷.) C:\Program Files (x86)\Thunder Network\Thunder9\Program\Thunder.exe -StartType:DesktopIcon {7506B5D2917A135C04E229EE21449A8D} O4 - GS\Desktop [Guest]: 银联安全控件非插件版.lnk . (.中国银联股份有限公司 - UPSecurityInput.) C:\Windows\SysWOW64\UPEditNew\UPSecurityInput.exe {1F5E46E3B8C0B8C33918E7CB4BE3A31D} O4 - GS\Quicklaunch [Guest]: DS3 Tool.lnk . (.www.motioninjoy.com - DS3_Tool.) C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe =>.www.motioninjoy.com O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://ttxx.210997.com =>.Google Inc. O4 - GS\Quicklaunch [Guest]: Mozilla Firefox.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe http://gotot.fuzhugo.com =>.Microsoft Corporation O4 - GS\Quicklaunch [Guest]: Nexus Mod Manager.lnk . (.Black Tree Gaming - Nexus Mod Manager.) E:\Program Files\Nexus Mod Manager\NexusClient.exe =>.Black Tree Gaming Ltd.? O4 - GS\Quicklaunch [Guest]: QQ旋风.lnk . (.Tencent Technology (Shenzhen) Company Limited - QQ旋风.) C:\Program Files (x86)\Tencent\QQDownload\QQDownload.exe =>.SUP.Tencent O4 - GS\Quicklaunch [Guest]: Shareaza.lnk . (.Shareaza Development Team - Shareaza Ultimate File Sharing.) E:\Program Files\Shareaza\Shareaza.exe =>.Shareaza Development Team O4 - GS\Quicklaunch [Guest]: UC浏览器.lnk . (.UCWeb Inc. - UC浏览器.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? O4 - GS\Quicklaunch [Guest]: 易我分区管理大师 11.0.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) E:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\epm0.exe =>.CHENGDU YIWO Tech Development Co., Ltd.? O4 - GS\Quicklaunch [Guest]: 百度网盘.lnk . (.Baidu. All rights reserved. - BaiduNetdisk.) C:\Users\VULCAN\AppData\Roaming\baidu\BaiduNetdisk\BaiduNetdisk.exe {1FD2D30E260FC289CFAF11518F2CD36F} O4 - GS\Quicklaunch [Guest]: 腾讯QQ.lnk . (.Tencent - 腾讯QQ.) C:\Program Files (x86)\Tencent\QQ\Bin\QQScLauncher.exe =>.SUP.Tencent O4 - GS\Quicklaunch [Guest]: 迅雷.lnk . (.深圳市迅雷网络技术有限公司 - 迅雷.) C:\Program Files (x86)\Thunder Network\Thunder9\Program\Thunder.exe -StartType:QuickLaunch {7506B5D2917A135C04E229EE21449A8D} O4 - GS\Quicklaunch [Guest]: 酷我音乐.lnk . (.酷我科技 - 酷我音乐.) C:\Program Files (x86)\kuwo\kuwomusic\8.5.2.0_UG6\bin\KwMusic.exe {50DA1504909F7273486D47AC0AB74675} O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [Guest]: 传真收件人.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [Guest]: 蓝牙文件传送.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation O4 - GS\TaskBar [Guest]: Borderless Gaming.lnk . (.Codeusa Software - Borderless Gaming.) C:\Program Files (x86)\Borderless Gaming\BorderlessGaming.exe {1C7DC54D08621A96136B378AA9E4392B} =>.Codeusa Software O4 - GS\TaskBar [Guest]: ExpressVPN.lnk . (.ExpressVPN - ExpressVpn.) C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpn.exe =>.Express Vpn LLC? O4 - GS\TaskBar [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://ttxx.210997.com =>.Mozilla Corporation O4 - GS\TaskBar [Guest]: nullDC_Win32_Release.lnk . (...) C:\Users\VULCAN\Desktop\nullDC 1.04 r150 SM-A Fixes by masterchan777\nullDC_Win32_Release.exe O4 - GS\TaskBar [Guest]: Snipping Tool.lnk . (.Microsoft Corporation - 截图工具.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\TaskBar [Guest]: 迅雷.lnk . (.深圳市迅雷网络技术有限公司 - 迅雷.) C:\Program Files (x86)\Thunder Network\Thunder9\Program\Thunder.exe -StartType:PinTaskbar {7506B5D2917A135C04E229EE21449A8D} O4 - GS\TaskBar [Guest]: 酷我音乐.lnk . (.酷我科技 - 酷我音乐.) C:\Program Files (x86)\kuwo\kuwomusic\8.5.2.0_UG6\bin\KwMusic.exe {50DA1504909F7273486D47AC0AB74675} O4 - GS\Startup [Guest]: KwGBDeamon.lnk . (.酷我科技 - KwGBDeamon.) C:\ProgramData\KWGameBox\KwGameBox\bin\KwGBDeamon.exe {50DA1504909F7273486D47AC0AB74675} O4 - GS\Programs [Guest]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\VULCAN\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation? O4 - GS\Programs [Guest]: 可选功能.lnk . (.Microsoft Corporation - 需求帮助程序的功能.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation O4 - GS\Desktop [VULCAN]: Crysis with BlackFire's Mod Ultimate.lnk . (...) C:\Users\VULCAN\Desktop\Crysis\BFMU.bat O4 - GS\Desktop [VULCAN]: Crysis.lnk . (...) C:\Users\VULCAN\Desktop\Crysis\Bin64\Crysis.exe -mod CrysisExpanded -devmode O4 - GS\Desktop [VULCAN]: Detention - 快捷方式.lnk . (...) E:\Detention\Detention.exe O4 - GS\Desktop [VULCAN]: Dolphin.lnk . (...) E:\Program Files\Dolphin\Dolphin.exe O4 - GS\Desktop [VULCAN]: Freedom - 快捷方式.lnk . (...) E:\game\Soldaty Svobody\Freedom.Exe O4 - GS\Desktop [VULCAN]: Furi - 快捷方式.lnk . (...) E:\Program Files (x86)\Furi zhongwenban\Furi.exe O4 - GS\Desktop [VULCAN]: Outlast2 - 快捷方式.lnk . (.Red Barrels Inc. - Outlast 2.) F:\Outlast 2\Binaries\Win64\Outlast2.exe =>.Red Barrels Inc. O4 - GS\Desktop [VULCAN]: QQ旋风.lnk . (.Tencent Technology (Shenzhen) Company Limited - QQ旋风.) C:\Program Files (x86)\Tencent\QQDownload\QQDownload.exe =>.SUP.Tencent O4 - GS\Desktop [VULCAN]: samp - 快捷方式.lnk . (...) C:\Program Files (x86)\Rockstar Games\GTA San Andreas\samp.exe O4 - GS\Desktop [VULCAN]: Saved files - 快捷方式.lnk . (...) E:\Saved files O4 - GS\Desktop [VULCAN]: StateOfDecay.lnk . (...) C:\Users\VULCAN\Desktop\State of Decay YOSE\StateOfDecay.exe O4 - GS\Desktop [VULCAN]: Steam - 快捷方式.lnk . (.Valve Corporation - Steam Client Bootstrapper.) G:\Program Files (x86)\Steam\Steam.exe =>.Valve? O4 - GS\Desktop [VULCAN]: Uplay.lnk . (.Ubisoft - Uplay launcher.) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe =>.Ubisoft Entertainment Sweden AB? O4 - GS\Desktop [VULCAN]: Watch_Dogs2 - 快捷方式.lnk . (...) E:\SteamLibrary\steamapps\common\Watch_Dogs2 =>.Steam Games O4 - GS\Desktop [VULCAN]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\VULCAN\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Desktop [VULCAN]: 孤岛危机2.lnk . (.www.yxdown.com - 游迅网启动客户端.) G:\Youxun\Install\Crysis2_chs\开始游戏.exe O4 - GS\Desktop [VULCAN]: 百度网盘.lnk . (.Baidu. All rights reserved. - BaiduNetdisk.) C:\Users\VULCAN\AppData\Roaming\baidu\BaiduNetdisk\BaiduNetdisk.exe {1FD2D30E260FC289CFAF11518F2CD36F} O4 - GS\Desktop [VULCAN]: 英雄联盟.lnk . (.腾讯计算机系统有限公司 - 腾讯游戏登录程序.) E:\Program Files\腾讯游戏\英雄联盟\TCLS\Client.exe =>.SUP.Tencent O4 - GS\Desktop [VULCAN]: 迅雷.lnk . (.深圳市迅雷网络技术有限公司 - 迅雷.) C:\Program Files (x86)\Thunder Network\Thunder9\Program\Thunder.exe -StartType:DesktopIcon {7506B5D2917A135C04E229EE21449A8D} O4 - GS\Desktop [VULCAN]: 银联安全控件非插件版.lnk . (.中国银联股份有限公司 - UPSecurityInput.) C:\Windows\SysWOW64\UPEditNew\UPSecurityInput.exe {1F5E46E3B8C0B8C33918E7CB4BE3A31D} O4 - GS\Quicklaunch [VULCAN]: DS3 Tool.lnk . (.www.motioninjoy.com - DS3_Tool.) C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe =>.www.motioninjoy.com O4 - GS\Quicklaunch [VULCAN]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://ttxx.210997.com =>.Google Inc. O4 - GS\Quicklaunch [VULCAN]: Mozilla Firefox.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe http://gotot.fuzhugo.com =>.Microsoft Corporation O4 - GS\Quicklaunch [VULCAN]: Nexus Mod Manager.lnk . (.Black Tree Gaming - Nexus Mod Manager.) E:\Program Files\Nexus Mod Manager\NexusClient.exe =>.Black Tree Gaming Ltd.? O4 - GS\Quicklaunch [VULCAN]: QQ旋风.lnk . (.Tencent Technology (Shenzhen) Company Limited - QQ旋风.) C:\Program Files (x86)\Tencent\QQDownload\QQDownload.exe =>.SUP.Tencent O4 - GS\Quicklaunch [VULCAN]: Shareaza.lnk . (.Shareaza Development Team - Shareaza Ultimate File Sharing.) E:\Program Files\Shareaza\Shareaza.exe =>.Shareaza Development Team O4 - GS\Quicklaunch [VULCAN]: UC浏览器.lnk . (.UCWeb Inc. - UC浏览器.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? O4 - GS\Quicklaunch [VULCAN]: 易我分区管理大师 11.0.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) E:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\epm0.exe =>.CHENGDU YIWO Tech Development Co., Ltd.? O4 - GS\Quicklaunch [VULCAN]: 百度网盘.lnk . (.Baidu. All rights reserved. - BaiduNetdisk.) C:\Users\VULCAN\AppData\Roaming\baidu\BaiduNetdisk\BaiduNetdisk.exe {1FD2D30E260FC289CFAF11518F2CD36F} O4 - GS\Quicklaunch [VULCAN]: 腾讯QQ.lnk . (.Tencent - 腾讯QQ.) C:\Program Files (x86)\Tencent\QQ\Bin\QQScLauncher.exe =>.SUP.Tencent O4 - GS\Quicklaunch [VULCAN]: 迅雷.lnk . (.深圳市迅雷网络技术有限公司 - 迅雷.) C:\Program Files (x86)\Thunder Network\Thunder9\Program\Thunder.exe -StartType:QuickLaunch {7506B5D2917A135C04E229EE21449A8D} O4 - GS\Quicklaunch [VULCAN]: 酷我音乐.lnk . (.酷我科技 - 酷我音乐.) C:\Program Files (x86)\kuwo\kuwomusic\8.5.2.0_UG6\bin\KwMusic.exe {50DA1504909F7273486D47AC0AB74675} O4 - GS\sendTo [VULCAN]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [VULCAN]: 传真收件人.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [VULCAN]: 蓝牙文件传送.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation O4 - GS\TaskBar [VULCAN]: Borderless Gaming.lnk . (.Codeusa Software - Borderless Gaming.) C:\Program Files (x86)\Borderless Gaming\BorderlessGaming.exe {1C7DC54D08621A96136B378AA9E4392B} =>.Codeusa Software O4 - GS\TaskBar [VULCAN]: ExpressVPN.lnk . (.ExpressVPN - ExpressVpn.) C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpn.exe =>.Express Vpn LLC? O4 - GS\TaskBar [VULCAN]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://ttxx.210997.com =>.Mozilla Corporation O4 - GS\TaskBar [VULCAN]: nullDC_Win32_Release.lnk . (...) C:\Users\VULCAN\Desktop\nullDC 1.04 r150 SM-A Fixes by masterchan777\nullDC_Win32_Release.exe O4 - GS\TaskBar [VULCAN]: Snipping Tool.lnk . (.Microsoft Corporation - 截图工具.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\TaskBar [VULCAN]: 迅雷.lnk . (.深圳市迅雷网络技术有限公司 - 迅雷.) C:\Program Files (x86)\Thunder Network\Thunder9\Program\Thunder.exe -StartType:PinTaskbar {7506B5D2917A135C04E229EE21449A8D} O4 - GS\TaskBar [VULCAN]: 酷我音乐.lnk . (.酷我科技 - 酷我音乐.) C:\Program Files (x86)\kuwo\kuwomusic\8.5.2.0_UG6\bin\KwMusic.exe {50DA1504909F7273486D47AC0AB74675} O4 - GS\Startup [VULCAN]: KwGBDeamon.lnk . (.酷我科技 - KwGBDeamon.) C:\ProgramData\KWGameBox\KwGameBox\bin\KwGBDeamon.exe {50DA1504909F7273486D47AC0AB74675} O4 - GS\Programs [VULCAN]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\VULCAN\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation? O4 - GS\Programs [VULCAN]: 可选功能.lnk . (.Microsoft Corporation - 需求帮助程序的功能.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation O4 - GS\CommonDesktop [Public]: 3D Vision Photo Viewer.lnk . (.NVIDIA Corporation - NVIDIA 3D Vision Photo Viewer.) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe =>.NVIDIA Corporation? O4 - GS\CommonDesktop [Public]: 3DMark 11.lnk . (.Futuremark - 3DMark 11 GUI.) E:\Program Files\Futuremark\3DMark 11\bin\x64\3DMark11.exe =>.FUTUREMARK INC? O4 - GS\CommonDesktop [Public]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files (x86)\Audacity\audacity.exe =>.The Audacity Team O4 - GS\CommonDesktop [Public]: Battle.net.lnk . (.Blizzard Entertainment - Blizzard App Launcher.) E:\Program Files (x86)\Battlenet\Battle.net\Battle.net Launcher.exe =>.Blizzard Entertainment, Inc.? O4 - GS\CommonDesktop [Public]: Bayonetta.lnk . (...) E:\Games\Bayonetta\Bayonetta.exe O4 - GS\CommonDesktop [Public]: Borderless Gaming.lnk . (.Codeusa Software - Borderless Gaming.) C:\Program Files (x86)\Borderless Gaming\BorderlessGaming.exe {1C7DC54D08621A96136B378AA9E4392B} =>.Codeusa Software O4 - GS\CommonDesktop [Public]: DS3 Tool.lnk . (.www.motioninjoy.com - DS3_Tool.) C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe =>.www.motioninjoy.com O4 - GS\CommonDesktop [Public]: ExpressVPN.lnk . (.ExpressVPN - ExpressVpn.) C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpn.exe =>.Express Vpn LLC? O4 - GS\CommonDesktop [Public]: GeForce Experience.lnk . (.NVIDIA Corporation - NVIDIA GeForce Experience.) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe =>.NVIDIA Corporation? O4 - GS\CommonDesktop [Public]: GOG Galaxy.lnk . (.GOG.com - GOG Galaxy.) E:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe =>.GOG Limited? O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://ttxx.210997.com =>.Google Inc. O4 - GS\CommonDesktop [Public]: Gwent.lnk . (...) E:\Program Files (x86)\GOG Galaxy\Games\Gwent\Gwent.exe O4 - GS\CommonDesktop [Public]: LibreOffice 5.3.lnk . (.The Document Foundation - .) C:\Program Files (x86)\LibreOffice 5\program\soffice.exe =>.The Document Foundation O4 - GS\CommonDesktop [Public]: Lightroom 5 64 bits.lnk . (.Adobe Systems - Adobe Photoshop Lightroom 64-bit.) E:\Program Files\Adobe\Adobe Photoshop Lightroom 5\lightroom.exe =>.Adobe Systems Incorporated? O4 - GS\CommonDesktop [Public]: LOOT.lnk . (.Copyright (C) 2013-2016 WrinklyNinja - .) C:\Program Files (x86)\LOOT\LOOT.exe O4 - GS\CommonDesktop [Public]: Nexus Mod Manager.lnk . (.Black Tree Gaming - Nexus Mod Manager.) E:\Program Files\Nexus Mod Manager\NexusClient.exe =>.Black Tree Gaming Ltd.? O4 - GS\CommonDesktop [Public]: Notepad++.lnk . (.Don HO don.h@free.fr - Notepad++ : a free (GNU) source code editor.) C:\Program Files\Notepad++\notepad++.exe =>.Notepad++? O4 - GS\CommonDesktop [Public]: Origin.lnk . (.Electronic Arts - Origin.) C:\Program Files (x86)\Origin\Origin.exe =>.Electronic Arts, Inc.? O4 - GS\CommonDesktop [Public]: Shareaza.lnk . (.Shareaza Development Team - Shareaza Ultimate File Sharing.) E:\Program Files\Shareaza\Shareaza.exe =>.Shareaza Development Team O4 - GS\CommonDesktop [Public]: StarCraft II.lnk . (.Blizzard Entertainment - StarCraft II.) E:\Program Files (x86)\Hearthstone\Starcraft II\StarCraft II\StarCraft II.exe =>.Blizzard Entertainment, Inc.? O4 - GS\CommonDesktop [Public]: The Witcher Rise of the White Wolf.lnk . (.CD Projekt Red - The Witcher Game Launcher.) E:\SteamLibrary\steamapps\common\The Witcher Enhanced Edition\launcher.exe http://ttxx.210997.com =>.CD Projekt RED O4 - GS\CommonDesktop [Public]: Ultima IV - Quest of the Avatar.lnk . (.DOSBox Team - DOSBox DOS Emulator.) E:\Program Files (x86)\GOG Galaxy\Games\Ultima 4 - Quest of the Avatar\DOSBOX\DOSBox.exe -conf "..\dosboxULTIMA4.conf" -conf "..\dosboxULTIMA4_single.conf" -noconsole -c exit =>.DOSBox Team O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN? O4 - GS\CommonDesktop [Public]: 哈利波特:魁地奇世界杯繁体中文版.lnk . (...) C:\Program Files (x86)\10101966\DoyoGameLauncher.exe {200A7ACE318D9BAA3ED33EC2D993005F} O4 - GS\CommonDesktop [Public]: 易我分区管理大师 11.0.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) E:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\epm0.exe =>.CHENGDU YIWO Tech Development Co., Ltd.? O4 - GS\CommonDesktop [Public]: 腾讯QQ.lnk . (.Tencent - 腾讯QQ.) C:\Program Files (x86)\Tencent\QQ\Bin\QQScLauncher.exe =>.SUP.Tencent O4 - GS\CommonDesktop [Public]: 迅雷影音.lnk . (.深圳市迅雷网络技术有限公司 - 迅雷影音.) C:\Program Files (x86)\Thunder Network\XMP\V5.2.3.5004\Bin\XMP.exe {16E6F4E66382FBA84730D899} O4 - GS\CommonDesktop [Public]: 酷我音乐.lnk . (.酷我科技 - 酷我音乐.) C:\Program Files (x86)\kuwo\kuwomusic\8.5.2.0_UG6\bin\KwMusic.exe {50DA1504909F7273486D47AC0AB74675} O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\VULCAN\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation? O4 - GS\Programs [Public]: 可选功能.lnk . (.Microsoft Corporation - 需求帮助程序的功能.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe http://hao.qquu8.com =>.Microsoft Corporation O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - 记事本.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - 画图.) C:\WINDOWS\system32\mspaint.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - 远程桌面连接.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - 截图工具.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - 步骤记录器.) C:\WINDOWS\system32\psr.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows 写字板应用程序.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS 查看器.) C:\WINDOWS\system32\xpsrchvw.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - 字符映射表.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: Adobe Photoshop Lightroom 5 64 bits.lnk . (.Adobe Systems - Adobe Photoshop Lightroom 64-bit.) E:\Program Files\Adobe\Adobe Photoshop Lightroom 5\lightroom.exe =>.Adobe Systems Incorporated? O4 - GS\ProgramsCommon [Public]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files (x86)\Audacity\audacity.exe =>.The Audacity Team O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://ttxx.210997.com =>.Google Inc. O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: LOOT.lnk . (.Copyright (C) 2013-2016 WrinklyNinja - .) C:\Program Files (x86)\LOOT\LOOT.exe O4 - GS\ProgramsCommon [Public]: MiracastView.lnk . (.Microsoft Corporation - MiracastView.) C:\WINDOWS\MiracastView\MiracastView.exe =>.Microsoft Windows? O4 - GS\ProgramsCommon [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://ttxx.210997.com =>.Mozilla Corporation O4 - GS\ProgramsCommon [Public]: PrintDialog.lnk . (.Microsoft Corporation - Print Dialog.) C:\WINDOWS\PrintDialog\PrintDialog.exe =>.Microsoft Windows? O4 - GS\ProgramsCommon [Public]: UC浏览器.lnk . (.UCWeb Inc. - UC浏览器.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: 酷我音乐.lnk . (.酷我科技 - 酷我音乐.) C:\Program Files (x86)\kuwo\kuwomusic\8.5.2.0_UG6\bin\KwMusic.exe {50DA1504909F7273486D47AC0AB74675} ---\\ Lop.com/Domain Hijackers (13) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 211.167.230.100 211.167.230.200 O17 - HKLM\System\CCS\Services\Tcpip\..\{080d5a5d-1186-4b5f-aaae-fd2e8e0e1215}: DhcpNameServer = 192.168.198.1 =>.Local IP Adress O17 - HKLM\System\CCS\Services\Tcpip\..\{0A3479D7-827D-4460-9EC6-3718D4E10C47}: DhcpNameServer = 10.0.1.1 =>.Private IP (10.0.0.0 - 10.255.255.255) =>.Private IP O17 - HKLM\System\CCS\Services\Tcpip\..\{18DD7DDE-04C4-4ADE-BE90-8601EB6BC3F5}: DhcpNameServer = 10.0.1.1 =>.Private IP (10.0.0.0 - 10.255.255.255) =>.Private IP O17 - HKLM\System\CCS\Services\Tcpip\..\{4322354C-778F-41E2-9F08-F6F9FFDBFFEB}: DhcpNameServer = 10.0.1.1 =>.Private IP (10.0.0.0 - 10.255.255.255) =>.Private IP O17 - HKLM\System\CCS\Services\Tcpip\..\{583F17FA-9B64-424E-A1B2-164C79C6C961}: DhcpNameServer = 10.0.1.1 =>.Private IP (10.0.0.0 - 10.255.255.255) =>.Private IP O17 - HKLM\System\CCS\Services\Tcpip\..\{797fb0a6-f98b-4c23-83df-02b0520152eb}: DhcpNameServer = 192.168.198.1 =>.Local IP Adress O17 - HKLM\System\CCS\Services\Tcpip\..\{8df004d5-1fad-49a4-8532-94f742291c5b}: DhcpNameServer = 10.43.0.1 =>.Private IP (10.0.0.0 - 10.255.255.255) =>.Private IP O17 - HKLM\System\CCS\Services\Tcpip\..\{A6FC0B3A-2E8F-46E1-998F-ECB03772A3DE}: DhcpNameServer = 10.0.1.1 =>.Private IP (10.0.0.0 - 10.255.255.255) =>.Private IP O17 - HKLM\System\CCS\Services\Tcpip\..\{B81450F9-5594-4220-8F52-C1BE73AB55E0}: DhcpNameServer = 10.0.1.1 =>.Private IP (10.0.0.0 - 10.255.255.255) =>.Private IP O17 - HKLM\System\CCS\Services\Tcpip\..\{c1eab2ba-b1cc-4ac7-9e62-4518e56bac14}: DhcpNameServer = 211.167.230.100 211.167.230.200 O17 - HKLM\System\CCS\Services\Tcpip\..\{CF1F44A6-0BE3-43A6-97A2-A83F5AE7A2BA}: DhcpNameServer = 10.0.1.1 =>.Private IP (10.0.0.0 - 10.255.255.255) =>.Private IP O17 - HKLM\System\CCS\Services\Tcpip\..\{dab00dcf-d894-4986-aeea-42ac61b20106}: DhcpNameServer = 211.167.230.100 211.167.230.200 ---\\ Extra protocols (22) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML 查看器.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Win32 的 OLE32 扩展.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - 流视频的 ActiveX 控件.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Win32 的 OLE32 扩展.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Win32 的 OLE32 扩展.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Win32 的 OLE32 扩展.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Win32 的 OLE32 扩展.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML 查看器.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Win32 的 OLE32 扩展.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML 查看器.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Win32 的 OLE32 扩展.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML 查看器.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - 流视频的 ActiveX 控件.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML 查看器.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation ---\\ Software installed (135) - 30s O42 - Logiciel: 360压缩 - (.360安全中心.) [HKLM][64Bits] -- 360压缩 =>.Qihoo 360 Software (Beijing) Company Limited? O42 - Logiciel: 3DMark 11 - (.Futuremark.) [HKLM][64Bits] -- {f9e83b9c-ab7e-4005-8f32-4ea69703a5e4} =>.FUTUREMARK INC? O42 - Logiciel: 3DMark 11 - (.Futuremark.) [HKLM][64Bits] -- {FD67BFA0-E205-47AA-BA09-123B3B72DB5E} =>.Futuremark O42 - Logiciel: Adobe Flash Player 26 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated? O42 - Logiciel: Adobe Photoshop Lightroom 5 64-bit - (.Adobe.) [HKLM][64Bits] -- {6C1A010F-9108-4162-A26F-9FEC4AC0F0F0} =>.Adobe O42 - Logiciel: Ansel - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel =>.NVIDIA Corporation O42 - Logiciel: Asmedia USB Host Controller Driver - (.Asmedia Technology.) [HKLM][64Bits] -- {E4FB0B39-C991-4EE7-95DD-1A1A7857D33D} =>.Asmedia Technology O42 - Logiciel: Audacity 2.1.0 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1 =>.Audacity Team O42 - Logiciel: Audiosurf - (.Dylan Fitterer.) [HKLM][64Bits] -- Steam App 12900 =>.SteamApp.Game O42 - Logiciel: Batman™: Arkham Origins - (.WB Games Montreal.) [HKLM][64Bits] -- Steam App 209000 =>.SteamApp.Game O42 - Logiciel: Battle.net - (.Blizzard Entertainment.) [HKLM][64Bits] -- Battle.net =>.Blizzard Entertainment, Inc.? O42 - Logiciel: Battlefield™ 1 - (.Electronic Arts.) [HKLM][64Bits] -- {335B50BC-6130-4BAF-9A6A-F1561270587B} =>.Electronic Arts, Inc.? O42 - Logiciel: Bayonetta - (..) [HKLM][64Bits] -- Bayonetta_is1 O42 - Logiciel: BlackFire's Mod Ultimate 1.3 - (.BlackFireBR.) [HKLM][64Bits] -- BlackFire's Mod Ultimate 1.3 O42 - Logiciel: Borderlands: The Pre-Sequel - (.2K Australia.) [HKLM][64Bits] -- Steam App 261640 =>.Valve? O42 - Logiciel: Borderless Gaming - (.Codeusa Software.) [HKLM][64Bits] -- Borderless Gaming_is1 =>.Codeusa Software O42 - Logiciel: Cities: Skylines - (.Colossal Order Ltd..) [HKLM][64Bits] -- Steam App 255710 =>.SteamApp.Game O42 - Logiciel: Click Install if prompted - (.ExpressVpn.) [HKLM][64Bits] -- {92A9572E-834E-477B-A100-C9AD3EE4B4B9} =>.ExpressVPN O42 - Logiciel: COBA Helper - (.Mozilla Online Limited.) [HKCU][64Bits] -- MozillaOnlineCOBA O42 - Logiciel: Dolphin - (.Dolphin Team.) [HKLM][64Bits] -- Dolphin =>.Dolphin Team O42 - Logiciel: ExpressVPN - (.ExpressVPN.) [HKLM][64Bits] -- {66ca889b-9921-449a-bab2-0bb27ebd6e9e} =>.Express Vpn LLC? O42 - Logiciel: ExpressVPN - (.ExpressVPN.) [HKLM][64Bits] -- {76920ACC-7C84-4139-A013-86CB34B35E49} =>.ExpressVPN O42 - Logiciel: Furi 中文版 - (..) [HKLM][64Bits] -- Furi 中文版 O42 - Logiciel: Futuremark SystemInfo - (.Futuremark.) [HKLM][64Bits] -- {79659071-4B68-4EC8-833C-49C97B68FCD0} =>.Futuremark O42 - Logiciel: GOG Galaxy - (.GOG.com.) [HKLM][64Bits] -- {7258BA11-600C-430E-A759-27E2C691A335}_is1 =>.GOG Limited? O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc? O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: Grand Theft Auto: San Andreas - (.Rockstar Games.) [HKLM][64Bits] -- Steam App 12120 =>.SteamApp.Game O42 - Logiciel: GTA San Andreas - (.Rockstar Games.) [HKLM][64Bits] -- {D417C96A-FCC7-4590-A1BB-FAF73F5BC98E} =>.Rockstar Games O42 - Logiciel: Gwent - (.GOG.com.) [HKLM][64Bits] -- 1971477531_is1 =>.GOG Limited? O42 - Logiciel: Hearthstone - (.Blizzard Entertainment.) [HKLM][64Bits] -- Hearthstone =>.Blizzard Entertainment, Inc.? O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {12CB6BC1-4E71-4890-AA0E-26CED6AD7EDD} =>.Intel Corporation O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {1CEAC85D-2590-4760-800F-8DE5E91F3700} =>.Intel Corporation O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {62260D0F-633D-4B77-B394-BB57DF7223D9} =>.Intel Corporation O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {EA30CEC3-9CC5-4C80-AE8E-209A6F894961} =>.Intel Corporation O42 - Logiciel: Intel(R) ME UninstallLegacy - (.Intel Corporation.) [HKLM][64Bits] -- {3DF3AC42-174D-4915-9ED2-448AD4338B83} =>.Intel Corporation O42 - Logiciel: Intel(R) PRO/Wireless Driver - (.Intel Corporation.) [HKLM][64Bits] -- {805619bc-44b5-4ee5-809b-ec644a752d41} =>.Intel Corporation O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel(R) pGFX? O42 - Logiciel: Intel® PROSet/Wireless WiFi Software - (.Intel Corporation.) [HKLM][64Bits] -- {054CAF3F-AF48-4F02-AB25-919F3B676C33} =>.Intel Corporation O42 - Logiciel: Intel® Security Assist - (.Intel Corporation.) [HKLM][64Bits] -- {4B230374-6475-4A73-BA6E-41015E9C5013} =>.Intel Corporation O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {7D84E343-A23D-451C-B123-0195B2D903A6} =>.Intel Corporation O42 - Logiciel: Killing Floor 2 - (.Tripwire Interactive.) [HKLM][64Bits] -- Steam App 232090 =>.SteamApp.Game O42 - Logiciel: LAME v3.99.3 (for Windows) - (.Audacity.) [HKLM][64Bits] -- LAME_is1 =>.Audacity O42 - Logiciel: LibreOffice 5.3.2.2 - (.The Document Foundation.) [HKLM][64Bits] -- {682C33C0-5D61-48F0-B0A2-1A504F4C5905} =>.The Document Foundation O42 - Logiciel: LOOT version 0.10.3 - (.LOOT Team.) [HKLM][64Bits] -- {BF634210-A0D4-443F-A657-0DCE38040374}_is1 =>.LOOT Team O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {F2508213-9989-4E85-A078-72BE483917EF} =>.Microsoft Corporation O42 - Logiciel: Microsoft Games for Windows Marketplace - (.Microsoft Corporation.) [HKLM][64Bits] -- {4CB0307C-565E-4441-86BE-0DF2E4FB828C} =>.Microsoft Corporation O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe =>.Microsoft Corporation? O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2BFC7AA0-544C-4E3A-8796-67F3BE655BE9} =>.Microsoft Corporation O42 - Logiciel: MotioninJoy Gamepad tool 0.7.1001 - (.www.motioninjoy.com.) [HKLM][64Bits] -- {330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1 =>.www.motioninjoy.com O42 - Logiciel: Mozilla Firefox 54.0.1 (x86 zh-CN) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 54.0.1 (x86 zh-CN) =>.Mozilla Corporation? O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla O42 - Logiciel: NarutoOnline 2.3.0.983 - (.Oasgames, Inc..) [HKLM][64Bits] -- NarutoOnline O42 - Logiciel: Nexus Mod Manager - (.Black Tree Gaming.) [HKLM][64Bits] -- 6af12c54-643b-4752-87d0-8335503010de_is1 =>.Black Tree Gaming Ltd.? O42 - Logiciel: Notepad++ (64-bit x64) - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++ =>.Notepad++ Team O42 - Logiciel: NVIDIA 3D Vision 驱动程序 384.94 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Backend - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Display Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Display Container LS - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Display Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Display Watchdog Plugin - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog =>.NVIDIA Corporation O42 - Logiciel: NVIDIA GeForce Experience 3.8.0.89 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA LocalSystem Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Message Bus for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus =>.NVIDIA Corporation O42 - Logiciel: NVIDIA NetworkService Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService =>.NVIDIA Corporation O42 - Logiciel: NVIDIA NodeJS - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Optimus Update 27.1.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus =>.NVIDIA Corporation O42 - Logiciel: NVIDIA PhysX 系统软件 9.17.0524 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session =>.NVIDIA Corporation O42 - Logiciel: NVIDIA ShadowPlay 3.8.0.89 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay =>.NVIDIA Corporation O42 - Logiciel: Nvidia Share - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC =>.NVIDIA Corporation O42 - Logiciel: NVIDIA SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv =>.NVIDIA Corporation O42 - Logiciel: NVIDIA SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo =>.NVIDIA Corporation? O42 - Logiciel: NVIDIA Telemetry Client - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Telemetry Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core =>.NVIDIA Corporation O42 - Logiciel: NVIDIA User Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Virtual Audio 3.90.1 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Virtual Host Controller - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Watchdog Plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog =>.NVIDIA Corporation O42 - Logiciel: NVIDIA 更新 27.1.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation O42 - Logiciel: NVIDIA 控制面板 384.94 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation O42 - Logiciel: NVIDIA 图形驱动程序 384.94 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation O42 - Logiciel: Online.io Application - (.Microleaves.) [HKLM][64Bits] -- {4C6314F6-2DE8-4354-856A-787679AEF407} =>.SUP.Microleaves O42 - Logiciel: OpenAL - (.Open Audio Library.) [HKLM][64Bits] -- OpenAL =>.Creative Labs Inc? O42 - Logiciel: OpenIV - (..black/OpenIV Team.) [HKCU][64Bits] -- OpenIV =>..black/OpenIV Team O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin =>.Electronic Arts, Inc.? O42 - Logiciel: OSD - (.OEM.) [HKLM][64Bits] -- {445FFA4E-70A8-493B-9A8C-D095244D03BE}_is1 =>.OEM O42 - Logiciel: QQ旋风4.7 - (.腾讯科技(深圳)有限公司.) [HKLM][64Bits] -- QQ旋风 O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp? O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp? O42 - Logiciel: Rise of the White Wolf - (.CD Projekt RED.) [HKLM][64Bits] -- {339E16B5-E231-4E85-B43D-0C7DD20B76C1} =>.CD Projekt RED O42 - Logiciel: Rise of the White Wolf - (.CD Projekt RED.) [HKLM][64Bits] -- Rise of the White Wolf 2.0 =>.CD Projekt RED O42 - Logiciel: Rockstar Games Social Club - (.Rockstar Games.) [HKLM][64Bits] -- Rockstar Games Social Club =>.Rockstar Games, Inc.? O42 - Logiciel: Shareaza 2.7.9.0 - (.Shareaza Development Team.) [HKLM][64Bits] -- Shareaza_is1 =>.Shareaza Development Team O42 - Logiciel: Sleeping Dogs: Definitive Edition - (.United Front Games.) [HKLM][64Bits] -- Steam App 307690 =>.SteamApp.Game O42 - Logiciel: StarCraft II - (.Blizzard Entertainment.) [HKLM][64Bits] -- StarCraft II =>.Blizzard Entertainment, Inc.? O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam =>.Valve Corporation O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated? O42 - Logiciel: Tencent QQMail Plugin - (..) [HKLM][64Bits] -- QQMailPlugin =>.SUP.Tencent O42 - Logiciel: The Binding of Isaac: Rebirth - (.Nicalis, Inc..) [HKLM][64Bits] -- Steam App 250900 =>.SteamApp.Game O42 - Logiciel: The Elder Scrolls V: Skyrim Special Edition - (.Bethesda Game Studios.) [HKLM][64Bits] -- Steam App 489830 =>.SteamApp.Game O42 - Logiciel: The Witcher: Enhanced Edition - (.CD PROJEKT RED.) [HKLM][64Bits] -- Steam App 20900 =>.SteamApp.Game O42 - Logiciel: Traffic Exchange - (.Microleaves.) [HKLM][64Bits] -- {92C1F287-B8A1-415C-B872-4000F57C055A} =>.SUP.Microleaves O42 - Logiciel: trotux - Uninstall - (..) [HKLM][64Bits] -- {5D5CD82D-24CC-4A15-9C79-9A9878DC3AD8} =>.SUP.Trotux O42 - Logiciel: UC浏览器 - (.广州市动景计算机科技有限公司.) [HKLM][64Bits] -- UCBrowser =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? O42 - Logiciel: Ultima IV - Quest of the Avatar - (.GOG.com.) [HKLM][64Bits] -- 1207658962_is1 =>.GOG Limited? O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM][64Bits] -- Unlocker =>.Cedrick Collomb O42 - Logiciel: Uplay - (.Ubisoft.) [HKLM][64Bits] -- Uplay =>.Ubisoft Entertainment Sweden AB? O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: Vulkan Run Time Libraries 1.0.42.1 - (.LunarG, Inc..) [HKLM][64Bits] -- VulkanRT1.0.42.1 =>.LunarG, Inc.? O42 - Logiciel: Windows 10 Update and Privacy Settings - (.Microsoft Corporation.) [HKLM][64Bits] -- {293F2009-0145-450B-B4AA-063D43FB368C} =>.Microsoft Corporation O42 - Logiciel: 百度网盘 - (.百度在线网络技术(北京)有限公司.) [HKLM][64Bits] -- 百度云管家 {1FD2D30E260FC289CFAF11518F2CD36F} O42 - Logiciel: 百度下载助手 1.6.0.77 - (.Beijing baidu Netcom science and technology co.ltd.) [HKLM][64Bits] -- BaiduRJDownloader =>.Baidu (China) Co., Ltd.? O42 - Logiciel: 法语助手智能输入法 - (.欧路软件.) [HKLM][64Bits] -- Frhelper_ime_is1 O42 - Logiciel: 哈利波特:魁地奇世界杯繁体中文版 - (..) [HKLM][64Bits] -- DoyoGames_10101966 O42 - Logiciel: 酷我音乐 - (.酷我科技.) [HKLM][64Bits] -- KwMusic7 {50DA1504909F7273486D47AC0AB74675} O42 - Logiciel: 酷我游戏 - (.北京酷我科技有限公司.) [HKLM][64Bits] -- KwGameLite {50DA1504909F7273486D47AC0AB74675} O42 - Logiciel: 酷我游戏 2.9.4.4 - (.酷我科技.) [HKCU][64Bits] -- 酷我游戏 {50DA1504909F7273486D47AC0AB74675} O42 - Logiciel: 乐游游戏盒 - (..) [HKCU][64Bits] -- leyoubox O42 - Logiciel: 企鹅游戏中心_1.2.466 - (.腾讯科技(深圳)有限公司.) [HKLM][64Bits] -- AppStore O42 - Logiciel: 搜狗拼音输入法 8.6正式版 - (.Sogou.com.) [HKLM][64Bits] -- Sogou Input O42 - Logiciel: 腾讯QQ - (.腾讯科技(深圳)有限公司.) [HKLM][64Bits] -- {052CFB79-9D62-42E3-8A15-DE66C2C97C3E} O42 - Logiciel: 迅雷 - (.迅雷网络技术有限公司.) [HKLM][64Bits] -- thunder_is1 {7506B5D2917A135C04E229EE21449A8D} O42 - Logiciel: 迅雷影音 - (.迅雷网络技术有限公司.) [HKLM][64Bits] -- 迅雷影音 {16E6F4E66382FBA84730D899} O42 - Logiciel: 易我分区管理大师 11.0 - (.EaseUS.) [HKLM][64Bits] -- EaseUS Partition Master_is1 =>.CHENGDU YIWO Tech Development Co., Ltd.? O42 - Logiciel: 银联安全控件非插件版 1.0.0.2 - (.中国银联股份有限公司.) [HKLM][64Bits] -- 银联安全控件非插件版 O42 - Logiciel: 英特尔® PROSet/无线软件 - (.Intel Corporation.) [HKLM][64Bits] -- {227fd89d-2205-499a-8b73-9ec775789c4d} =>.Intel(R) Wireless Connectivity Solutions? O42 - Logiciel: 英特尔® 芯片组设备软件 - (.Intel(R) Corporation.) [HKLM][64Bits] -- {fb610cea-ba50-4d4b-a717-cf025419035c} =>.Intel(R) Software and Firmware Products? O42 - Logiciel: 英雄联盟 - (.Tencent.) [HKLM][64Bits] -- 英雄联盟 =>.SUP.Tencent O42 - Logiciel: 自由战士 - (..) [HKLM][64Bits] -- 自由战士 ---\\ HKCU & HKLM Software Keys (159) - 30s HKLM\SOFTWARE\Wow6432Node\00584ab HKLM\SOFTWARE\Wow6432Node\360Safe =>.Qihu 360 Software Co., LTD HKLM\SOFTWARE\Wow6432Node\360SD HKLM\SOFTWARE\Wow6432Node\360zip HKLM\SOFTWARE\Wow6432Node\3DMLAUNCHER HKLM\SOFTWARE\Wow6432Node\A6A369FD6E6EEC393047AD36DC01A180 =>Adware.CrossRider HKLM\SOFTWARE\Wow6432Node\Activision =>.Activision HKLM\SOFTWARE\Wow6432Node\Adobe =>.Adobe HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies =>.AGEIA Technologies HKLM\SOFTWARE\Wow6432Node\baidu =>.Baidu HKLM\SOFTWARE\Wow6432Node\Bethesda Softworks =>.Bethesda Softworks HKLM\SOFTWARE\Wow6432Node\Blizzard Entertainment =>.Blizzard Entertainment HKLM\SOFTWARE\Wow6432Node\Caphyon =>.Caphyon HKLM\SOFTWARE\Wow6432Node\cd projekt red =>.CD Projekt RED HKLM\SOFTWARE\Wow6432Node\CoreCodec HKLM\SOFTWARE\Wow6432Node\Crysis2AdvacedGraphicsOptions =>.Electronic Arts, Inc. HKLM\SOFTWARE\Wow6432Node\dbmkdb HKLM\SOFTWARE\Wow6432Node\EA Games =>.EA Games HKLM\SOFTWARE\Wow6432Node\EaseUS =>.EaseUS Software HKLM\SOFTWARE\Wow6432Node\EasyAntiCheat =>.EasyAntiCheat HKLM\SOFTWARE\Wow6432Node\Electronic Arts =>.Electronic Arts HKLM\SOFTWARE\Wow6432Node\EVP =>.EVP Software HKLM\SOFTWARE\Wow6432Node\ExpressVpn =>.ExpressVPN HKLM\SOFTWARE\Wow6432Node\Francophonie HKLM\SOFTWARE\Wow6432Node\GOG.com =>.GOG.com HKLM\SOFTWARE\Wow6432Node\Google =>.Google HKLM\SOFTWARE\Wow6432Node\HaaliMkx =>.Haali Media HKLM\SOFTWARE\Wow6432Node\Intel =>.Intel HKLM\SOFTWARE\Wow6432Node\Khronos =>.Khronos HKLM\SOFTWARE\Wow6432Node\Lame For Audacity =>.Audacity HKLM\SOFTWARE\Wow6432Node\lamyu HKLM\SOFTWARE\Wow6432Node\LiveUpdate360 =>.Qihu 360 Software Co., LTD HKLM\SOFTWARE\Wow6432Node\LOOT HKLM\SOFTWARE\Wow6432Node\Luletain HKLM\SOFTWARE\Wow6432Node\Macromedia =>.Macromedia HKLM\SOFTWARE\Wow6432Node\Mozilla =>.Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org =>.mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins =>.MozillaPlugins HKLM\SOFTWARE\Wow6432Node\Nuance =>.Nuance HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation =>.nVidia Corporation HKLM\SOFTWARE\Wow6432Node\ODBC =>.DB Connectivity Solutions HKLM\SOFTWARE\Wow6432Node\OpenAL =>.Open Audio Library HKLM\SOFTWARE\Wow6432Node\Origin =>.Electronic Arts, Inc. HKLM\SOFTWARE\Wow6432Node\Realtek =>.Realtek Semiconductor Corp. HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp. HKLM\SOFTWARE\Wow6432Node\rising =>.Rising Star Games HKLM\SOFTWARE\Wow6432Node\Rockstar Games =>.Rockstar Games HKLM\SOFTWARE\Wow6432Node\Shareaza HKLM\SOFTWARE\Wow6432Node\SogouComponents =>.SUP.Sogou HKLM\SOFTWARE\Wow6432Node\SogouInput =>.SUP.Sogou HKLM\SOFTWARE\Wow6432Node\square enix =>.Square Enix HKLM\SOFTWARE\Wow6432Node\SRS Labs =>.SRS Labs HKLM\SOFTWARE\Wow6432Node\Tencent =>.SUP.Tencent HKLM\SOFTWARE\Wow6432Node\The Document Foundation =>.The Document Foundation HKLM\SOFTWARE\Wow6432Node\Thunder Network HKLM\SOFTWARE\Wow6432Node\TPHelper HKLM\SOFTWARE\Wow6432Node\Ubisoft =>.Ubisoft HKLM\SOFTWARE\Wow6432Node\UCBrowser =>.UCWeb Inc. HKLM\SOFTWARE\Wow6432Node\UCBrowserPID =>.UCWeb Inc. HKLM\SOFTWARE\Wow6432Node\Valve =>.Valve HKLM\SOFTWARE\Wow6432Node\VideoLAN =>.VideoLAN HKLM\SOFTWARE\Wow6432Node\Volatile =>.Microsoft Corporation HKLM\SOFTWARE\Wow6432Node\WOW6432Node =>.Microsoft Corporation HKLM\SOFTWARE\Wow6432Node\yxbox HKLM\SOFTWARE\Wow6432Node\yxdown HKLM\SOFTWARE\Wow6432Node\Zupidrnosh HKLM\SOFTWARE\Wow6432Node\自由战士 HKLM\SOFTWARE\Wow6432Node\RegisteredApplications =>.Microsoft Corporation HKCU\SOFTWARE\360 =>.Qihu 360 Software Co., LTD HKCU\SOFTWARE\360Safe =>.Qihu 360 Software Co., LTD HKCU\SOFTWARE\360zip HKCU\SOFTWARE\A6A369FD6E6EEC393047AD36DC01A180 =>Adware.CrossRider HKCU\SOFTWARE\Adobe =>.Adobe HKCU\SOFTWARE\Adobe Lightroom =>.Adobe Inc. HKCU\SOFTWARE\AMPLITUDE Studios =>.Amplitude Studios HKCU\SOFTWARE\APlayer HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation HKCU\SOFTWARE\Audiosurf, LLC HKCU\SOFTWARE\Baidu =>.Baidu HKCU\SOFTWARE\Berserk Games =>.Berserk Games HKCU\SOFTWARE\Blizzard Entertainment =>.Blizzard Entertainment HKCU\SOFTWARE\bmk HKCU\SOFTWARE\BugSplat =>.Bugsplat Game HKCU\SOFTWARE\cd projekt red =>.CD Projekt RED HKCU\SOFTWARE\CDProjektRED HKCU\SOFTWARE\Chromium =>.Chromium HKCU\SOFTWARE\Codeusa Software =>.Codeusa Software HKCU\SOFTWARE\Colossal Order =>.Colossal Order HKCU\SOFTWARE\CoreAAC =>.Core Codec HKCU\SOFTWARE\CrystalIDEA Software =>.CrystalIdea Software HKCU\SOFTWARE\DisplayCardInfo HKCU\SOFTWARE\downer HKCU\SOFTWARE\EaseUS =>.EaseUS Software HKCU\SOFTWARE\Epic Games =>.Epic Games HKCU\SOFTWARE\ExpressVPN =>.ExpressVPN HKCU\SOFTWARE\FileSmasher HKCU\SOFTWARE\Futuremark =>.Futuremark HKCU\SOFTWARE\Gabest =>.Gabest HKCU\SOFTWARE\GameSpy =>.GameSpy HKCU\SOFTWARE\GOG.com =>.GOG.com HKCU\SOFTWARE\Google =>.Google HKCU\SOFTWARE\home =>.Unknown HKCU\SOFTWARE\Intel =>.Intel HKCU\SOFTWARE\IO Interactive =>.IO Interactive HKCU\SOFTWARE\kuwo HKCU\SOFTWARE\LiveUpdate360 =>.Qihu 360 Software Co., LTD HKCU\SOFTWARE\Logitech =>.Logitech HKCU\SOFTWARE\Macromedia =>.Macromedia HKCU\SOFTWARE\Magnet =>.Magnet HKCU\SOFTWARE\MediaChance =>.Mediachance HKCU\SOFTWARE\Mine =>.Microsoft Corporation HKCU\SOFTWARE\MiniQQDownloader =>Trojan.GenericKD HKCU\SOFTWARE\Mozilla =>.Mozilla HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins HKCU\SOFTWARE\NewTechnologyStudio =>.New Technology Studio HKCU\SOFTWARE\NTSCorp =>.NTSCorp Ltd HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation HKCU\SOFTWARE\QtProject =>.QtProject HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp. HKCU\SOFTWARE\RedCandleGames HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation HKCU\SOFTWARE\RISING =>.Rising Star Games HKCU\SOFTWARE\Rockstar Games =>.Rockstar Games HKCU\SOFTWARE\SAMP HKCU\SOFTWARE\SecuROM =>.SecuROM HKCU\SOFTWARE\Shareaza HKCU\SOFTWARE\SogouInput =>.SUP.Sogou HKCU\SOFTWARE\SogouInput.ppup =>.SUP.Sogou HKCU\SOFTWARE\Spiderling Games HKCU\SOFTWARE\SuperChainMedia HKCU\SOFTWARE\Synaptics =>.Synaptics HKCU\SOFTWARE\SyncEngines =>.Microsoft Corporation HKCU\SOFTWARE\Tencent =>.SUP.Tencent HKCU\SOFTWARE\TesSafe HKCU\SOFTWARE\The Document Foundation =>.The Document Foundation HKCU\SOFTWARE\TheGameBakers HKCU\SOFTWARE\Thunder Network HKCU\SOFTWARE\TPHelper HKCU\SOFTWARE\Trolltech =>.Trolltech HKCU\SOFTWARE\Ubisoft =>.Ubisoft HKCU\SOFTWARE\UCBrowser =>.UCWeb Inc. HKCU\SOFTWARE\UCBrowserPID =>.UCWeb Inc. HKCU\SOFTWARE\Unity =>.Unity HKCU\SOFTWARE\Valve =>.Valve HKCU\SOFTWARE\VideoLAN =>.VideoLAN HKCU\SOFTWARE\Volition =>.Volition HKCU\SOFTWARE\Winamp =>.Nullsoft Inc. HKCU\SOFTWARE\WinAuth3 HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation HKCU\SOFTWARE\XPusher HKCU\SOFTWARE\Youxun HKCU\SOFTWARE\YXGStart HKCU\SOFTWARE\ZHP =>.Nicolas Coolman HKCU\SOFTWARE\SogouInput.ppup.user =>.SUP.Sogou HKCU\SOFTWARE\SogouInput.user =>.SUP.Sogou HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation HKCU\SOFTWARE\AppDataLow\Tencent =>.SUP.Tencent HKCU\SOFTWARE\AppDataLow\Thunder BHO Platform HKCU\SOFTWARE\AppDataLow\Thunder Network ---\\ Contents of the Common Files folders (344) - 14s O43 - CFD: 31/07/2017 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] AD -- C:\Program Files\Frhelper_Ime {101B667A9426A663AC5C64BCA25BD192} O43 - CFD: 31/07/2017 - [] D -- C:\Program Files\Intel =>.Intel Corporation O43 - CFD: 24/07/2017 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] AD -- C:\Program Files\LibreOffice 5 =>.LibreOffice O43 - CFD: 22/10/2016 - [] AD -- C:\Program Files\MotioninJoy =>.MotionInjoy O43 - CFD: 22/04/2017 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation O43 - CFD: 30/07/2017 - [] D -- C:\Program Files\Notepad++ =>.Don Ho O43 - CFD: 05/08/2017 - [] D -- C:\Program Files\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 22/04/2017 - [] D -- C:\Program Files\Realtek =>.Realtek O43 - CFD: 22/04/2017 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation O43 - CFD: 06/08/2017 - [] D -- C:\Program Files\Rockstar Games =>.Rockstar Games, Inc.? O43 - CFD: 22/04/2017 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated? O43 - CFD: 10/07/2015 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation O43 - CFD: 03/08/2017 - [] D -- C:\Program Files\Unlocker =>.Cedrick Collomb O43 - CFD: 15/04/2017 - [] AD -- C:\Program Files\UNP =>.Microsoft Corporation O43 - CFD: 24/07/2017 - [] RD -- C:\Program Files\Windows Defender =>.Microsoft Corporation O43 - CFD: 20/03/2017 - [] D -- C:\Program Files\Windows Defender Advanced Threat Protection =>.Microsoft Corporation O43 - CFD: 20/03/2017 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation O43 - CFD: 20/03/2017 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation O43 - CFD: 19/03/2017 - [] D -- C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] D -- C:\Program Files\Windows NT =>.Microsoft Corporation O43 - CFD: 24/07/2017 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation O43 - CFD: 19/03/2017 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation O43 - CFD: 19/03/2017 - [] D -- C:\Program Files\Windows Security =>.Microsoft Corporation O43 - CFD: 19/03/2017 - [] SHD -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation O43 - CFD: 09/08/2017 - [] HD -- C:\Program Files\WindowsApps =>.Microsoft Corporation O43 - CFD: 19/03/2017 - [] D -- C:\Program Files\WindowsPowerShell =>.Microsoft Corporation O43 - CFD: 26/11/2016 - [] D -- C:\Program Files (x86)\10101966 {200A7ACE318D9BAA3ED33EC2D993005F} =>Heuristic.Suspect O43 - CFD: 22/10/2016 - [] D -- C:\Program Files (x86)\360 =>.Qihu 360 Software O43 - CFD: 28/04/2017 - [] D -- C:\Program Files (x86)\3dm_game_files O43 - CFD: 22/10/2016 - [] AD -- C:\Program Files (x86)\ASM104xUSB3 =>.ASMedia Technology Inc O43 - CFD: 22/10/2016 - [] AD -- C:\Program Files (x86)\Audacity =>.Audacity O43 - CFD: 22/04/2017 - [] AD -- C:\Program Files (x86)\Borderless Gaming {1C7DC54D08621A96136B378AA9E4392B} O43 - CFD: 11/02/2017 - [] D -- C:\Program Files (x86)\cache =>.Legitimate O43 - CFD: 06/11/2016 - [] D -- C:\Program Files (x86)\Coickgrereward =>.Glarysoft LTD? O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\Common Files =>.Microsoft Corporation O43 - CFD: 22/10/2016 - [] D -- C:\Program Files (x86)\Electronic Arts =>.Electronic Arts O43 - CFD: 28/03/2017 - [] AD -- C:\Program Files (x86)\ExpressVPN =>.Express Vpn LLC? O43 - CFD: 28/03/2017 - [] AD -- C:\Program Files (x86)\ExpressVpn Tap Driver Win10 =>.ExprsVPN LLC? O43 - CFD: 10/02/2017 - [] D -- C:\Program Files (x86)\extend O43 - CFD: 22/10/2016 - [] D -- C:\Program Files (x86)\Futuremark =>.FUTUREMARK INC? O43 - CFD: 29/01/2017 - [] D -- C:\Program Files (x86)\Google =>.Google Inc? O43 - CFD: 22/10/2016 - [] D -- C:\Program Files (x86)\hhh O43 - CFD: 19/02/2017 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield O43 - CFD: 31/07/2017 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation O43 - CFD: 24/07/2017 - [] D -- C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation O43 - CFD: 22/10/2016 - [] D -- C:\Program Files (x86)\kuwo {50DA1504909F7273486D47AC0AB74675} O43 - CFD: 22/10/2016 - [] AD -- C:\Program Files (x86)\Lame For Audacity =>.Audacity O43 - CFD: 04/05/2017 - [] AD -- C:\Program Files (x86)\LOOT O43 - CFD: 22/10/2016 - [] HD -- C:\Program Files (x86)\Microsoft =>.Microsoft Corporation O43 - CFD: 26/10/2016 - [] D -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE =>.Microsoft Corporation O43 - CFD: 22/10/2016 - [] AD -- C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation O43 - CFD: 22/10/2016 - [] D -- C:\Program Files (x86)\Microsoft XNA =>.Microsoft Corporation O43 - CFD: 19/03/2017 - [] D -- C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation O43 - CFD: 12/11/2016 - [0] D -- C:\Program Files (x86)\MotioninJoy =>.MotionInjoy O43 - CFD: 24/07/2017 - [] AD -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla O43 - CFD: 24/07/2017 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\MSBuild =>.Microsoft Corporation O43 - CFD: 27/12/2016 - [] D -- C:\Program Files (x86)\NarutoOnline {508A19B53BD1D7225F3F8951F4B89F29} O43 - CFD: 05/08/2017 - [] D -- C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 22/10/2016 - [] D -- C:\Program Files (x86)\OEM =>.OEM O43 - CFD: 22/10/2016 - [] D -- C:\Program Files (x86)\OpenAL =>.Open Audio Library O43 - CFD: 07/02/2017 - [] AD -- C:\Program Files (x86)\Origin =>.Electronic Arts, Inc. O43 - CFD: 22/10/2016 - [0] D -- C:\Program Files (x86)\Origin Games =>.Electronic Arts, Inc. O43 - CFD: 25/07/2017 - [] D -- C:\Program Files (x86)\QQMailPlugin =>.SUP.Tencent O43 - CFD: 22/10/2016 - [] D -- C:\Program Files (x86)\Realtek =>.Realtek O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation O43 - CFD: 06/08/2017 - [] D -- C:\Program Files (x86)\Rockstar Games =>.Rockstar Games, Inc.? O43 - CFD: 02/08/2017 - [] AD -- C:\Program Files (x86)\SogouInput =>.SUP.Elex O43 - CFD: 20/11/2016 - [] D -- C:\Program Files (x86)\SpeedFan =>.Almico Software O43 - CFD: 22/10/2016 - [0] HD -- C:\Program Files (x86)\Temp =>.Microsoft Corporation O43 - CFD: 25/07/2017 - [] D -- C:\Program Files (x86)\Tencent =>.SUP.Tencent O43 - CFD: 27/07/2017 - [] D -- C:\Program Files (x86)\Thunder Network =>.Thunder Network O43 - CFD: 30/11/2016 - [] D -- C:\Program Files (x86)\Ubisoft =>.Ubisoft O43 - CFD: 24/07/2017 - [] D -- C:\Program Files (x86)\UCBrowser =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? O43 - CFD: 22/04/2017 - [0] HD -- C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation O43 - CFD: 10/02/2017 - [] D -- C:\Program Files (x86)\uwdi {4BB052CFC3F3745FF89F3A1D453BAB22} O43 - CFD: 30/10/2016 - [] D -- C:\Program Files (x86)\VideoLAN =>.VideoLan Team O43 - CFD: 25/07/2017 - [] D -- C:\Program Files (x86)\VulkanRT =>.LunarG, Inc O43 - CFD: 24/07/2017 - [] D -- C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation O43 - CFD: 20/03/2017 - [] D -- C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 20/03/2017 - [] D -- C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 19/03/2017 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform =>.Microsoft Corporation O43 - CFD: 19/03/2017 - [] D -- C:\Program Files (x86)\Windows NT =>.Microsoft Corporation O43 - CFD: 24/07/2017 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation O43 - CFD: 19/03/2017 - [] D -- C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation O43 - CFD: 19/03/2017 - [] SHD -- C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation O43 - CFD: 19/03/2017 - [] D -- C:\Program Files (x86)\WindowsPowerShell =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360安全中心 O43 - CFD: 19/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation O43 - CFD: 24/07/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation O43 - CFD: 24/07/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net =>.Games Software O43 - CFD: 20/10/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1 =>.Electronic Arts, Inc. O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Borderless Gaming O43 - CFD: 11/10/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin =>.Dolphin DevTeam O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN =>.ExpressVPN O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Furi 中文版 O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark =>.Futuremark O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com =>.GOG.com O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.3 =>.LibreOffice O43 - CFD: 19/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy =>.MotionInjoy O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NarutoOnline O43 - CFD: 01/05/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager =>.Winstep Software Technologies O43 - CFD: 30/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ =>.Don Ho O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin =>.Electronic Arts, Inc. O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games =>.Rockstar Games O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shareaza =>.Shareaza (P2P) O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II O43 - CFD: 19/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games O43 - CFD: 19/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] AD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher Rise of the White Wolf =>.Atari Inc O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器 O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultima series O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\哈利波特:魁地奇世界杯繁体中文版 O43 - CFD: 29/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\搜狗拼音输入法 O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\易我分区管理大师 11.0 O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\法语助手 O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\游迅网 O43 - CFD: 25/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件 O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\迅雷软件 O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\酷我音乐 O43 - CFD: 22/10/2016 - [] D -- C:\ProgramData\.mono =>.Legitimate O43 - CFD: 06/08/2017 - [] D -- C:\ProgramData\360zip O43 - CFD: 18/12/2016 - [] D -- C:\ProgramData\Adobe =>.Adobe O43 - CFD: 22/04/2017 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation O43 - CFD: 22/10/2016 - [] D -- C:\ProgramData\AVAST Software =>.AVAST Software O43 - CFD: 22/10/2016 - [] D -- C:\ProgramData\Avg =>.AVG Software O43 - CFD: 22/10/2016 - [] D -- C:\ProgramData\Avira =>.Avira Software O43 - CFD: 04/02/2017 - [] D -- C:\ProgramData\Baidu =>.Baidu O43 - CFD: 22/10/2016 - [] D -- C:\ProgramData\Battle.net =>.Games Software O43 - CFD: 14/10/2016 - [] D -- C:\ProgramData\BDSReport O43 - CFD: 09/03/2017 - [] D -- C:\ProgramData\Blizzard Entertainment =>.Blizzard Entertainment O43 - CFD: 04/02/2017 - [] D -- C:\ProgramData\boost_interprocess =>.boost.org O43 - CFD: 13/11/2016 - [] D -- C:\ProgramData\Caphyon =>.Caphyon O43 - CFD: 16/02/2017 - [] D -- C:\ProgramData\CDProjekt RED O43 - CFD: 12/10/2016 - [] D -- C:\ProgramData\CleanAndroid O43 - CFD: 16/07/2016 - [0] D -- C:\ProgramData\Comms =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation O43 - CFD: 10/02/2017 - [] D -- C:\ProgramData\EA Core =>.Electronic Arts, Inc. O43 - CFD: 10/02/2017 - [] D -- C:\ProgramData\Electronic Arts =>.Electronic Arts O43 - CFD: 11/10/2016 - [] D -- C:\ProgramData\ExpressVPN =>.ExpressVPN O43 - CFD: 11/02/2017 - [] D -- C:\ProgramData\For Honor O43 - CFD: 01/02/2017 - [] D -- C:\ProgramData\gameicon O43 - CFD: 25/10/2016 - [] D -- C:\ProgramData\GOG.com =>.GOG.com O43 - CFD: 31/07/2017 - [] D -- C:\ProgramData\Intel =>.Intel Corporation O43 - CFD: 31/07/2017 - [] D -- C:\ProgramData\Intel.sav =>.Intel Corporation O43 - CFD: 20/10/2016 - [] D -- C:\ProgramData\kuwodata O43 - CFD: 14/10/2016 - [] D -- C:\ProgramData\KWGameBox O43 - CFD: 31/07/2017 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation O43 - CFD: 09/08/2017 - [] D -- C:\ProgramData\NVIDIA =>.nVidia Corporation O43 - CFD: 05/08/2017 - [] D -- C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 10/04/2017 - [] D -- C:\ProgramData\Origin =>.Electronic Arts, Inc. O43 - CFD: 31/07/2017 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation O43 - CFD: 31/07/2017 - [] D -- C:\ProgramData\Roaming =>.Microsoft Corporation O43 - CFD: 19/03/2017 - [0] D -- C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation O43 - CFD: 20/10/2016 - [] D -- C:\ProgramData\SogouInput =>.SUP.Sogou O43 - CFD: 22/04/2017 - [0] SHD -- C:\ProgramData\Templates =>.Microsoft Corporation O43 - CFD: 31/07/2017 - [] D -- C:\ProgramData\Tencent =>.SUP.Tencent O43 - CFD: 11/10/2016 - [] D -- C:\ProgramData\Thunder Network =>.Thunder Network O43 - CFD: 19/01/2017 - [] D -- C:\ProgramData\Ubisoft =>.Ubisoft O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\USOPrivate =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\USOShared =>.Microsoft Corporation O43 - CFD: 15/10/2016 - [] D -- C:\ProgramData\Windows O43 - CFD: 20/03/2017 - [] D -- C:\ProgramData\WindowsHolographicDevices =>.Microsoft Corporation O43 - CFD: 28/02/2017 - [] D -- C:\ProgramData\X360CE =>.Microsoft Corporation O43 - CFD: 23/01/2017 - [] D -- C:\ProgramData\{plbackup-CFE0-66E8-660553B4C955} O43 - CFD: 26/01/2016 - [0] SHD -- C:\ProgramData\「开始」菜单 O43 - CFD: 26/01/2016 - [0] SHD -- C:\ProgramData\桌面 O43 - CFD: 19/02/2017 - [] D -- C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared =>.Microsoft Corporation O43 - CFD: 26/01/2016 - [] D -- C:\Program Files (x86)\Common Files\PostureAgent =>.Microsoft Corporation O43 - CFD: 19/03/2017 - [] D -- C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation O43 - CFD: 24/07/2017 - [] D -- C:\Program Files (x86)\Common Files\Steam =>.Steam Games O43 - CFD: 20/03/2017 - [] D -- C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation O43 - CFD: 25/07/2017 - [] D -- C:\Program Files (x86)\Common Files\Tencent =>.SUP.Tencent O43 - CFD: 14/12/2016 - [] D -- C:\Program Files (x86)\Common Files\Thunder Network =>.Thunder Network O43 - CFD: 22/10/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\.mono =>.Legitimate O43 - CFD: 27/01/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\360DiagnoseScan O43 - CFD: 26/01/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\360Login O43 - CFD: 05/08/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\360zip O43 - CFD: 18/12/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\Adobe =>.Adobe O43 - CFD: 28/07/2017 - [0] D -- C:\Users\VULCAN\AppData\Roaming\Aniqok O43 - CFD: 14/10/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\Audacity =>.Audacity O43 - CFD: 04/02/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\baidu =>.Baidu O43 - CFD: 27/01/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\BaiduYunGuanjia O43 - CFD: 27/01/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\BaiduYunKernel O43 - CFD: 27/01/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\BaiduYunKongMing O43 - CFD: 22/10/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\Battle.net =>.Games Software O43 - CFD: 27/12/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\Brotsoft O43 - CFD: 13/11/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\CD Projekt RED =>.CD Projekt RED O43 - CFD: 12/10/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\CleanAndroid O43 - CFD: 22/04/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Codeusa Software =>.Codeusa Software O43 - CFD: 12/11/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\cqby O43 - CFD: 02/04/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\downer O43 - CFD: 23/11/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\Doyo O43 - CFD: 16/04/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Duelyst O43 - CFD: 20/04/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\EasyAntiCheat O43 - CFD: 22/10/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\epm =>.Easus O43 - CFD: 27/01/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\Expert O43 - CFD: 11/10/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\Francochinois O43 - CFD: 12/11/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\GameSetup O43 - CFD: 08/10/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\HD Tune Pro =>.EFD Software O43 - CFD: 31/07/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Intel =>.Intel Corporation O43 - CFD: 19/11/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\Io Interactive =>.IO Interactive O43 - CFD: 17/03/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\khedge2574 O43 - CFD: 12/11/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\Kuai8Res O43 - CFD: 09/02/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\leyoubox O43 - CFD: 22/04/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\LibreOffice =>.LibreOffice O43 - CFD: 02/04/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\LoginTool O43 - CFD: 29/01/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\LolClient =>.LolClient O43 - CFD: 26/01/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\Macromedia =>.Macromedia O43 - CFD: 22/04/2017 - [] SD -- C:\Users\VULCAN\AppData\Roaming\Microsoft =>.Microsoft Corporation O43 - CFD: 22/10/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\MotioninJoy =>.MotionInjoy O43 - CFD: 11/10/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\Mozilla =>.Mozilla Corporation O43 - CFD: 15/10/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\New Technology Studio =>.New Technology Studio O43 - CFD: 30/07/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Notepad++ =>.Don Ho O43 - CFD: 22/10/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\NVIDIA =>.nVidia Corporation O43 - CFD: 24/03/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Origin =>.Electronic Arts, Inc. O43 - CFD: 22/10/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\Profiles =>.Microsoft Corporation O43 - CFD: 31/03/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Shareaza =>.Shareaza (P2P) O43 - CFD: 12/10/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\Skype =>.Skype O43 - CFD: 15/10/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\Steam =>.Steam Games O43 - CFD: 23/11/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\Temp =>.Microsoft Corporation O43 - CFD: 29/07/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Tencent =>.SUP.Tencent O43 - CFD: 02/04/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\UCChannel =>.SUP.UCBrowser O43 - CFD: 04/08/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\vlc =>.VideoLan Team O43 - CFD: 07/03/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\WinAuth O43 - CFD: 14/12/2016 - [] D -- C:\Users\VULCAN\AppData\Roaming\XLGameBox O43 - CFD: 10/02/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\youxunbox O43 - CFD: 31/01/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\yxqxunyou O43 - CFD: 09/08/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 24/07/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\迅雷游戏 O43 - CFD: 24/07/2017 - [] D -- C:\Users\VULCAN\AppData\Local\Adobe =>.Adobe O43 - CFD: 13/10/2016 - [] D -- C:\Users\VULCAN\AppData\Local\ali213GameLauncher O43 - CFD: 22/04/2017 - [0] SHD -- C:\Users\VULCAN\AppData\Local\Application Data =>.Microsoft Corporation O43 - CFD: 04/02/2017 - [] D -- C:\Users\VULCAN\AppData\Local\Baidu =>.Baidu O43 - CFD: 08/08/2017 - [] D -- C:\Users\VULCAN\AppData\Local\Battle.net =>.Games Software O43 - CFD: 01/05/2017 - [] D -- C:\Users\VULCAN\AppData\Local\Black_Tree_Gaming =>.Black Tree Gaming Ltd O43 - CFD: 22/10/2016 - [] D -- C:\Users\VULCAN\AppData\Local\Blizzard =>.Blizzard O43 - CFD: 09/03/2017 - [] D -- C:\Users\VULCAN\AppData\Local\Blizzard Entertainment =>.Blizzard Entertainment O43 - CFD: 11/10/2016 - [] D -- C:\Users\VULCAN\AppData\Local\CEF =>.CEF O43 - CFD: 13/12/2016 - [] D -- C:\Users\VULCAN\AppData\Local\Chromium =>.Chromium O43 - CFD: 25/02/2017 - [] D -- C:\Users\VULCAN\AppData\Local\Colossal Order =>.Colossal Order Ltd O43 - CFD: 18/11/2016 - [] D -- C:\Users\VULCAN\AppData\Local\Comms =>.Microsoft Corporation O43 - CFD: 30/04/2017 - [] D -- C:\Users\VULCAN\AppData\Local\ConnectedDevicesPlatform =>.Microsoft Corporation O43 - CFD: 06/08/2017 - [] D -- C:\Users\VULCAN\AppData\Local\CrashDumps =>.Microsoft Corporation O43 - CFD: 28/04/2017 - [0] D -- C:\Users\VULCAN\AppData\Local\DBG =>.DBG O43 - CFD: 31/07/2017 - [] D -- C:\Users\VULCAN\AppData\Local\Diagnostics =>.Microsoft Corporation O43 - CFD: 02/04/2017 - [] D -- C:\Users\VULCAN\AppData\Local\downer O43 - CFD: 31/07/2017 - [] D -- C:\Users\VULCAN\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation O43 - CFD: 06/02/2017 - [] D -- C:\Users\VULCAN\AppData\Local\ExpressVPN =>.ExpressVPN O43 - CFD: 14/10/2016 - [] D -- C:\Users\VULCAN\AppData\Local\Futuremark =>.Futuremark O43 - CFD: 16/02/2017 - [] D -- C:\Users\VULCAN\AppData\Local\GalaxyCommunicationService =>.Galaxy Communication O43 - CFD: 29/01/2017 - [] D -- C:\Users\VULCAN\AppData\Local\Google =>.Google O43 - CFD: 22/10/2016 - [0] D -- C:\Users\VULCAN\AppData\Local\Grijupy O43 - CFD: 22/04/2017 - [0] SHD -- C:\Users\VULCAN\AppData\Local\History =>.Microsoft Corporation O43 - CFD: 19/11/2016 - [] D -- C:\Users\VULCAN\AppData\Local\IO Interactive =>.IO Interactive O43 - CFD: 11/10/2016 - [] D -- C:\Users\VULCAN\AppData\Local\IsolatedStorage =>.id Software O43 - CFD: 12/10/2016 - [] D -- C:\Users\VULCAN\AppData\Local\KBSdata O43 - CFD: 17/10/2016 - [] D -- C:\Users\VULCAN\AppData\Local\KwGMusic O43 - CFD: 23/01/2017 - [] D -- C:\Users\VULCAN\AppData\Local\kwmusic O43 - CFD: 06/05/2017 - [] D -- C:\Users\VULCAN\AppData\Local\LOOT O43 - CFD: 11/10/2016 - [] D -- C:\Users\VULCAN\AppData\Local\Macromedia =>.Macromedia O43 - CFD: 31/07/2017 - [] D -- C:\Users\VULCAN\AppData\Local\Microsoft =>.Microsoft Corporation O43 - CFD: 11/10/2016 - [] D -- C:\Users\VULCAN\AppData\Local\MicrosoftEdge =>.Microsoft Corporation O43 - CFD: 11/10/2016 - [] D -- C:\Users\VULCAN\AppData\Local\Mozilla =>.Mozilla Corporation O43 - CFD: 03/08/2017 - [] D -- C:\Users\VULCAN\AppData\Local\MozillaOnline O43 - CFD: 26/01/2016 - [0] D -- C:\Users\VULCAN\AppData\Local\NetworkTiles =>.NetworkTiles O43 - CFD: 15/10/2016 - [] D -- C:\Users\VULCAN\AppData\Local\New Technology Studio =>.New Technology Studio O43 - CFD: 17/12/2016 - [] D -- C:\Users\VULCAN\AppData\Local\NVIDIA =>.nVidia Corporation O43 - CFD: 25/07/2017 - [] D -- C:\Users\VULCAN\AppData\Local\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 23/10/2016 - [] D -- C:\Users\VULCAN\AppData\Local\Origin =>.Electronic Arts, Inc. O43 - CFD: 28/07/2017 - [] D -- C:\Users\VULCAN\AppData\Local\Packages =>.Microsoft Corporation O43 - CFD: 11/10/2016 - [0] D -- C:\Users\VULCAN\AppData\Local\PeerDistRepub =>.Microsoft Corporation O43 - CFD: 26/01/2016 - [] D -- C:\Users\VULCAN\AppData\Local\Programs =>.Microsoft Corporation O43 - CFD: 26/01/2016 - [] D -- C:\Users\VULCAN\AppData\Local\Publishers =>.Microsoft Corporation O43 - CFD: 14/01/2017 - [] D -- C:\Users\VULCAN\AppData\Local\RecomTips O43 - CFD: 31/07/2017 - [] D -- C:\Users\VULCAN\AppData\Local\Recovery =>.Recovery Labs O43 - CFD: 12/10/2016 - [] D -- C:\Users\VULCAN\AppData\Local\Rockstar Games =>.Rockstar Games O43 - CFD: 31/03/2017 - [] D -- C:\Users\VULCAN\AppData\Local\Shareaza =>.Shareaza (P2P) O43 - CFD: 01/05/2017 - [] D -- C:\Users\VULCAN\AppData\Local\Skyrim Special Edition =>.Nogenious Skyrim Game O43 - CFD: 18/10/2016 - [] D -- C:\Users\VULCAN\AppData\Local\speech =>.Microsoft Corporation O43 - CFD: 13/12/2016 - [] D -- C:\Users\VULCAN\AppData\Local\Steam =>.Steam Games O43 - CFD: 24/11/2016 - [] D -- C:\Users\VULCAN\AppData\Local\StreetFighterV =>.StreetFighter Games O43 - CFD: 09/08/2017 - [] D -- C:\Users\VULCAN\AppData\Local\Temp =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [0] SHD -- C:\Users\VULCAN\AppData\Local\Temporary Internet Files =>.Microsoft Corporation O43 - CFD: 25/07/2017 - [] D -- C:\Users\VULCAN\AppData\Local\Tencent =>.SUP.Tencent O43 - CFD: 10/03/2017 - [] D -- C:\Users\VULCAN\AppData\Local\The Witcher =>.Atari Inc O43 - CFD: 26/01/2016 - [] D -- C:\Users\VULCAN\AppData\Local\TileDataLayer =>.Microsoft Corporation O43 - CFD: 09/08/2017 - [] D -- C:\Users\VULCAN\AppData\Local\Ubisoft Game Launcher =>.Ubisoft O43 - CFD: 02/04/2017 - [] D -- C:\Users\VULCAN\AppData\Local\UCBrowser =>.SUP.UCBrowser O43 - CFD: 15/04/2017 - [] D -- C:\Users\VULCAN\AppData\Local\UNP =>.Microsoft Corporation O43 - CFD: 04/03/2017 - [] D -- C:\Users\VULCAN\AppData\Local\VirtualStore =>.Microsoft Corporation O43 - CFD: 09/02/2017 - [] D -- C:\Users\VULCAN\AppData\Local\yxh O43 - CFD: 09/08/2017 - [] D -- C:\Users\VULCAN\AppData\Local\ZHP =>.Nicolas Coolman O43 - CFD: 26/01/2016 - [0] D -- C:\Users\VULCAN\AppData\Local\Programs\Common =>.Microsoft Corporation O43 - CFD: 19/03/2017 - [] RD -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] RD -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation O43 - CFD: 24/07/2017 - [] RD -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools O43 - CFD: 19/03/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer O43 - CFD: 24/07/2017 - [] RD -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation O43 - CFD: 07/08/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games O43 - CFD: 19/03/2017 - [] RD -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft =>.Ubisoft O43 - CFD: 03/08/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker =>.Cedrick Collomb O43 - CFD: 19/03/2017 - [] RD -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\乐游游戏盒 O43 - CFD: 22/04/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\百度网盘 O43 - CFD: 22/04/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\精品游戏 O43 - CFD: 25/07/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 O43 - CFD: 22/04/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\自由战士 O43 - CFD: 22/04/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\迅雷软件 O43 - CFD: 22/04/2017 - [] D -- C:\Users\VULCAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\酷我游戏 O43 - CFD: 30/01/2017 - [] D -- C:\Users\Default\AppData\Local\AdvinstAnalytics O43 - CFD: 22/04/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [0] SHD -- C:\Users\Default\AppData\Local\History =>.Microsoft Corporation O43 - CFD: 20/03/2017 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation O43 - CFD: 19/03/2017 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation O43 - CFD: 30/01/2017 - [] D -- C:\Users\Default User\AppData\Local\AdvinstAnalytics O43 - CFD: 22/04/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation O43 - CFD: 20/03/2017 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation O43 - CFD: 19/03/2017 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation O43 - CFD: 26/04/2017 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\CEF =>.CEF O43 - CFD: 22/04/2017 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation O43 - CFD: 26/04/2017 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 22/04/2017 - [0] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\PeerDistRepub =>.Microsoft Corporation O43 - CFD: 22/04/2017 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\UCBrowser =>.SUP.UCBrowser O43 - CFD: 22/04/2017 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\ExpressVPN =>.ExpressVPN O43 - CFD: 06/08/2017 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Tencent =>.SUP.Tencent ---\\ ShellIconOverlayIdentifiers (SIOI) (6) - 1s O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\VULCAN\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\FileSyncShell.dll =>.Microsoft Corporation? O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\VULCAN\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\FileSyncShell.dll =>.Microsoft Corporation? O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\VULCAN\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\FileSyncShell.dll =>.Microsoft Corporation? O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\VULCAN\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\FileSyncShell.dll =>.Microsoft Corporation? O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\VULCAN\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\FileSyncShell.dll =>.Microsoft Corporation? O106 - SIOI: ReadOnlyOverlayHandler Class [ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\VULCAN\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\FileSyncShell.dll =>.Microsoft Corporation? ---\\ Image File Execution Options (18) - 0s O50 - IFEO:C:\Windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\\3] =>.Microsoft Windows? O50 - IFEO:C:\WINDOWS\System32\drvinst.exe - (.Microsoft Corporation - 驱动程序安装模块.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - IE 每用户初始化工具.) [MitigationOptions\\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 无人参与安装工具.) [MitigationOptions\\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\mmc.exe - (.Microsoft Corporation - Microsoft 管理控制台.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\MRT.exe - (.Microsoft Corporation - Microsoft Windows 恶意软件删除工具.) [CFGOptions\\1] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML 应用程序主机.) [MitigationOptions\\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation 主机.) [MitigationOptions\\1118481] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\\2097152] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\rundll32.exe - (.Microsoft Corporation - Windows 主进程 (Rundll32).) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\\4294967296] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - 后台处理程序子系统应用.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - 后台处理程序子系统应用.) [MitigationOptions\\2097152] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Windows 服务主进程.) [MinimumStackCommitInBytes\\32768] =>.Microsoft Windows Publisher? O50 - IFEO:C:\Windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation ---\\ System Drivers List (75) - 8s O58 - SDL:2015/10/16 15:35:10 A . (.360.cn - 360Box64.) -- C:\WINDOWS\System32\drivers\360Box64.sys [321616] =>.Qihoo 360 Software (Beijing) Company Limited? O58 - SDL:2014/12/24 19:18:16 A . (.360.cn - 360流量监控模块.) -- C:\WINDOWS\System32\drivers\360netmon.sys [72776] =>.Qihoo 360 Software (Beijing) Company Limited? O58 - SDL:2017/03/19 04:56:25 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107424] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135512] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83352] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259488] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [27040] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [132000] =>.Microsoft Windows? O58 - SDL:2015/12/01 19:05:18 A . (.360.cn - BAPIDRV.) -- C:\WINDOWS\System32\drivers\BAPIDRV64.SYS [181328] =>.Qihoo 360 Software (Beijing) Company Limited? O58 - SDL:2017/02/04 18:38:36 A . (.百度在线网络技术(北京)有限公司 - .) -- C:\WINDOWS\System32\drivers\bbnetdriver.sys [126056] =>.Baidu (China) Co., Ltd.? O58 - SDL:2017/03/19 04:56:25 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider O58 - SDL:2017/03/19 04:56:23 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [533920] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\cht4dx64.sys [102816] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) -- C:\WINDOWS\System32\drivers\cht4sx64.sys [347032] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T4 Chipset.) -- C:\WINDOWS\System32\drivers\cht4vx64.sys [2104224] =>.Microsoft Windows? O58 - SDL:2017/08/08 20:59:57 A . (.作者 - .) -- C:\WINDOWS\System32\drivers\EasyAntiCheat.sys [780328] =>.EasyAntiCheat Oy? O58 - SDL:2017/03/19 04:56:23 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3419040] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64416] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:28 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys [33280] =>.Intel(R) Corporation O58 - SDL:2017/03/19 04:56:28 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation O58 - SDL:2017/03/19 04:56:28 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [70656] =>.Intel Corporation O58 - SDL:2017/03/19 04:56:28 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [85504] =>.Intel Corporation O58 - SDL:2017/03/19 04:56:28 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [165376] =>.Intel Corporation O58 - SDL:2017/03/19 04:56:28 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448] =>.Intel Corporation O58 - SDL:2017/03/19 04:56:23 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group? O58 - SDL:2017/03/19 04:56:19 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation O58 - SDL:2017/03/19 04:56:26 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673184] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412064] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [526240] =>.Microsoft Windows? O58 - SDL:2017/01/13 21:12:04 A . (.Intel Corporation - Intel(R) Wireless Bluetooth(R) Filter Drive.) -- C:\WINDOWS\System32\drivers\ibtusb.sys [253696] =>.Intel Corporation-Wireless Connectivity Solutions? O58 - SDL:2016/11/20 18:05:32 A . (.Highresolution Enterprises [www.highrez.co.uk] - Kernel level port access driver.) -- C:\WINDOWS\System32\drivers\inpoutx64.sys [15008] =>.Red Fox UK Limited? O58 - SDL:2016/09/16 11:08:56 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [821224] =>.Intel(R) OWR? O58 - SDL:2015/12/08 01:53:18 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\intelaud.sys [51704] =>.Intel(R) Wireless Display? O58 - SDL:2015/12/08 01:53:18 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\iwdbus.sys [39920] =>.Intel(R) Wireless Display? O58 - SDL:2017/03/19 04:56:25 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108960] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [123808] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [103328] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82848] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59808] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys [64416] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575904] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [842656] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63904] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [108960] =>.Microsoft Windows? O58 - SDL:2015/11/05 11:18:42 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\WINDOWS\System32\drivers\Netwbw02.sys [3509512] =>.Intel Corporation-Wireless Connectivity Solutions? O58 - SDL:2017/04/13 14:10:36 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\WINDOWS\System32\drivers\Netwtw02.sys [6730496] =>.Intel Corporation-Wireless Connectivity Solutions? O58 - SDL:2017/03/19 04:56:25 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150432] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166304] =>.Microsoft Windows? O58 - SDL:2017/07/27 01:09:22 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\WINDOWS\System32\drivers\nvvad64v.sys [48064] =>.NVIDIA Corporation? O58 - SDL:2017/07/27 01:09:23 A . (.NVIDIA Corporation - Virtual USB Host Controller driver.) -- C:\WINDOWS\System32\drivers\nvvhci.sys [57792] =>.NVIDIA Corporation? O58 - SDL:2016/11/24 08:14:56 A . (.作者 - SysEnter Application.) -- C:\WINDOWS\System32\drivers\PassGuard_x64.sys [111416] {070FB88B3264E843F8FC566D6768AED3} O58 - SDL:2017/03/19 04:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58784] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [61848] =>.Microsoft Windows? O58 - SDL:2016/01/20 17:28:32 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Dr.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [887552] =>.Realtek Semiconductor Corp? O58 - SDL:2015/10/30 10:16:02 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4644096] =>.Realtek Semiconductor Corp? O58 - SDL:2017/03/19 04:56:26 A . (.作者 - .) -- C:\WINDOWS\System32\drivers\SDFRd.sys [31128] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44960] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81824] =>.Microsoft Windows? O58 - SDL:2015/12/03 22:00:16 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys [58984] =>.Synaptics Incorporated? O58 - SDL:2015/12/03 22:00:18 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [62568] =>.Synaptics Incorporated? O58 - SDL:2015/12/03 22:00:18 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys [62568] =>.Synaptics Incorporated? O58 - SDL:2017/03/19 04:56:25 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31136] =>.Microsoft Windows? O58 - SDL:2015/12/03 22:00:10 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [853608] =>.Synaptics Incorporated? O58 - SDL:2016/06/24 16:20:24 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\tap0901.sys [27136] =>.The OpenVPN Project O58 - SDL:2017/03/10 17:21:44 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\tapexpressvpn.sys [45048] =>.ExprsVPN LLC? O58 - SDL:2015/10/08 21:16:00 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [185600] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group? O58 - SDL:2017/03/19 04:56:25 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166816] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305568] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [32160] =>.Microsoft Windows? O58 - SDL:2017/03/19 04:56:25 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [64920] =>.Microsoft Windows? O58 - SDL:2017/07/03 10:20:18 A . (.深圳市迅雷网络技术有限公司 - XLGuard.sys.) -- C:\WINDOWS\System32\drivers\XLGuard.sys [36584] {7506B5D2917A135C04E229EE21449A8D} O58 - SDL:2016/03/29 17:00:16 A . (.深圳市迅雷网络技术有限公司 - xlwfp.sys.) -- C:\WINDOWS\System32\drivers\XLWFP.sys [59664] =>.ShenZhen Thunder Networking Technologies Ltd.? O58 - SDL:2016/01/20 12:07:38 A . (...) -- C:\WINDOWS\System32\epmntdrv.sys [18016] =>.CHENGDU YIWO Tech Development Co., Ltd.? O58 - SDL:2016/01/20 12:07:38 A . (...) -- C:\WINDOWS\System32\EuGdiDrv.sys [10848] =>.CHENGDU YIWO Tech Development Co., Ltd.? O58 - SDL:2017/02/01 14:57:52 A . (.TENCENT - Loader64 NT Driver.) -- C:\WINDOWS\System32\TesSafe.sys [1007928] =>.SUP.Tencent ---\\ Last modified or created user files (12) - 5s O61 - LFC: 2017/08/03 06:38:32 A . (..) -- C:\Users\VULCAN\AppData\Local\MozillaOnline\COBA\uninstaller.exe [61164] O61 - LFC: 2017/08/06 16:03:19 A . (.Copyright © 2013.) -- C:\Users\VULCAN\AppData\Local\NVIDIA\NvBackend\StreamingAssetsData\la_noire\19410377\automated_launch.exe [29184] O61 - LFC: 2017/08/09 20:36:22 A . (..) -- C:\Users\VULCAN\AppData\LocalLow\SogouPY\Components\Picface\PicfaceData\sgim_piccell.v2.bin [4200414] =>.SUP.Sogou O61 - LFC: 2017/08/09 20:36:22 A . (..) -- C:\Users\VULCAN\AppData\LocalLow\SogouPY\Components\Picface\PicfaceData\sgim_picface_sugg.bin [163896] =>.SUP.Sogou O61 - LFC: 2017/08/09 20:36:22 A . (..) -- C:\Users\VULCAN\AppData\LocalLow\SogouPY\Components\Picface\PicfaceData\sgim_picidx.v2.bin [55466] =>.SUP.Sogou O61 - LFC: 2017/08/09 00:13:23 A . (..) -- C:\Users\VULCAN\AppData\LocalLow\SogouPY\sgim_clipboard.bin [403458] =>.SUP.Sogou O61 - LFC: 2017/08/09 00:13:23 A . (..) -- C:\Users\VULCAN\AppData\LocalLow\SogouPY\sgim_eng_usr.bin [220318] =>.SUP.Sogou O61 - LFC: 2017/08/09 20:28:27 A . (..) -- C:\Users\VULCAN\AppData\LocalLow\SogouPY\sgim_ext.bin [3781786] =>.SUP.Sogou O61 - LFC: 2017/08/09 00:13:23 A . (..) -- C:\Users\VULCAN\AppData\LocalLow\SogouPY\sgim_keymap.bin [312258] =>.SUP.Sogou O61 - LFC: 2017/08/03 23:39:04 A . (..) -- C:\Users\VULCAN\AppData\LocalLow\SogouPY\sgim_uspm.bin [78692] =>.SUP.Sogou O61 - LFC: 2017/08/09 00:13:22 A . (..) -- C:\Users\VULCAN\AppData\LocalLow\SogouPY\sgim_usr_v3new.bin [504232] =>.SUP.Sogou O61 - LFC: 2017/08/09 19:59:35 A . (..) -- C:\Users\VULCAN\AppData\Roaming\Francochinois\FrhelperIME\data_us.bin [16660] ---\\ File Associations Shell Spawning (10) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - 事件查看器管理单元启动程序.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - 注册表编辑器.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.UCWeb Inc. - UC浏览器.) -- C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? ---\\ Start Menu Internet (16) - 1s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation? O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc? O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation? O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.UCWeb Inc. - UC浏览器.) -- C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe =>.TAOBAO (CHINA) SOFTWARE CO.,LTD.? =>.SUP.UCBrowser O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE 每用户初始化工具.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.UCWeb Inc. - UC浏览器.) -- C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe =>.SUP.UCBrowser O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE 每用户初始化工具.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.UCWeb Inc. - UC浏览器.) -- C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe =>.SUP.UCBrowser O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE 每用户初始化工具.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.UCWeb Inc. - UC浏览器.) -- C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe =>.SUP.UCBrowser ---\\ Search Browser Infection (4) - 14s O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/ =>.Bing.com O69 - SBI: SearchScopes [HKCU] {64AF4D11-6492-4C25-B014-B6C6CEE3B0C5} [DefaultScope] - (百度) - http://www.baidu.com/ O69 - SBI: SearchScopes [HKCU] {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} - (百度一下,你就知道) - http://www.baidu.com/ O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com ---\\ Search Svchost Services (48) - 0s O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft 智能卡证书传播服务.) -- C:\WINDOWS\System32\certprop.dll [189952] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft 智能卡证书传播服务.) -- C:\WINDOWS\System32\certprop.dll [189952] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - 服务器服务 DLL.) -- C:\WINDOWS\system32\srvsvc.dll [303616] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - 组策略客户端.) -- C:\WINDOWS\System32\gpsvc.dll [1269248] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE 扩展.) -- C:\WINDOWS\System32\ikeext.dll [934912] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - 通过 IPv4 网络提供 IPv6 连接的服务。.) -- C:\WINDOWS\System32\iphlpsvc.dll [996864] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - 辅助登录服务 DLL.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - 应用程序信息服务.) -- C:\WINDOWS\System32\appinfo.dll [138752] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI 发现服务.) -- C:\WINDOWS\system32\iscsiexe.dll [150016] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost 服务.) -- C:\WINDOWS\System32\eapsvc.dll [108032] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - 任务计划程序服务.) -- C:\WINDOWS\system32\schedsvc.dll [877568] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [221696] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - 计算机浏览器服务 DLL.) -- C:\WINDOWS\System32\browser.dll [133120] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [413696] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - 远程桌面配置服务.) -- C:\Windows\System32\SessEnv.dll [385536] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - 问题报告和解决方案.) -- C:\WINDOWS\System32\wercplsupport.dll [91648] =>.Microsoft Corporation O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll [192512] =>.Microsoft Corporation O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1135104] =>.Microsoft Corporation O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - 自然身份验证服务.) -- C:\WINDOWS\System32\NaturalAuth.dll [723968] =>.Microsoft Corporation O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® 帐户服务.) -- C:\WINDOWS\system32\wlidsvc.dll [2155008] =>.Microsoft Corporation O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [877568] =>.Microsoft Corporation O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [1013248] =>.Microsoft Corporation O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [536064] =>.Microsoft Corporation O83 - Search Svchost Services: xbgm (xbgm) . (.Microsoft Corporation - Xbox Game Monitoring Service.) -- C:\WINDOWS\System32\xbgmsvc.dll [301216] =>.Microsoft Windows Publisher? O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell 主题服务 Dll.) -- C:\WINDOWS\system32\themeservice.dll [69632] =>.Microsoft Corporation O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) -- C:\Windows\System32\TokenBroker.dll [1054208] =>.Microsoft Corporation O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - 地理定位服务.) -- C:\WINDOWS\System32\lfsvc.dll [43520] =>.Microsoft Corporation O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - 红外监视程序.) -- C:\WINDOWS\System32\irmon.dll [24576] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - 远程访问自动拨号管理器.) -- C:\WINDOWS\System32\rasauto.dll [104448] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - 远程访问连接管理器.) -- C:\WINDOWS\System32\rasmans.dll [873472] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - 动态接口管理器.) -- C:\Windows\System32\mprdim.dll [490496] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - 系统事件通知服务(SENS).) -- C:\WINDOWS\System32\sens.dll [69632] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT 帮助程序组件.) -- C:\WINDOWS\System32\ipnathlp.dll [537600] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft (R) Windows(TM) 电话服务器.) -- C:\Windows\System32\tapisrv.dll [306688] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows 更新代理.) -- C:\WINDOWS\system32\wuaueng.dll [2444288] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - 后台智能传送服务.) -- C:\WINDOWS\System32\qmgr.dll [1159680] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell 服务 Dll.) -- C:\Windows\System32\shsvcs.dll [612864] =>.Microsoft Corporation O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [55296] =>.Microsoft Corporation O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - 飞行设置.) -- C:\WINDOWS\system32\flightsettings.dll [699904] =>.Microsoft Corporation O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) -- C:\WINDOWS\system32\WpnService.dll [276480] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE 服务.) -- C:\WINDOWS\System32\bdesvc.dll [385536] =>.Microsoft Corporation O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1067008] =>.Microsoft Corporation O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - 更新会话 Orchestrator 内核.) -- C:\WINDOWS\system32\usocore.dll [681984] =>.Microsoft Corporation O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - 网络安装服务.) -- C:\WINDOWS\System32\NetSetupSvc.dll [261632] =>.Microsoft Corporation O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - 设备安装管理器.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [233984] =>.Microsoft Corporation O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft 网络连接助手服务.) -- C:\WINDOWS\System32\ncasvc.dll [167424] =>.Microsoft Corporation O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) -- C:\WINDOWS\System32\XboxGipSvc.dll [18944] =>.Microsoft Corporation O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - 软件安装服务.) -- C:\Windows\System32\appmgmts.dll [196096] =>.Microsoft Corporation ---\\ Firewall Active Exception List (94) - 13s O87 - FAEL: "UDP Query User{56E52761-08A8-4477-B5EC-150D43C6389D}C:\program files (x86)\kuwo\kuwomusic\8.5.2.0_ug6\bin\kwservice.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\kuwo\kuwomusic\8.5.2.0_ug6\bin\kwservice.exe {50DA1504909F7273486D47AC0AB74675} O87 - FAEL: "TCP Query User{A9612950-6637-487B-AA03-892D2CE9D1A3}C:\program files (x86)\kuwo\kuwomusic\8.5.2.0_ug6\bin\kwservice.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\kuwo\kuwomusic\8.5.2.0_ug6\bin\kwservice.exe {50DA1504909F7273486D47AC0AB74675} O87 - FAEL: "UDP Query User{6160DE00-9D5E-4A6F-8BBB-7CCA1285CF5A}E:\program files (x86)\hearthstone\starcraft ii\starcraft ii\versions\base51702\sc2_x64.exe" [In-None-P17-FALSE] .(...) -- E:\program files (x86)\hearthstone\starcraft ii\starcraft ii\versions\base51702\sc2_x64.exe (.not file.) O87 - FAEL: "TCP Query User{514BD115-3929-456A-888C-DA6E25D04BEB}E:\program files (x86)\hearthstone\starcraft ii\starcraft ii\versions\base51702\sc2_x64.exe" [In-None-P6-FALSE] .(...) -- E:\program files (x86)\hearthstone\starcraft ii\starcraft ii\versions\base51702\sc2_x64.exe (.not file.) O87 - FAEL: "UDP Query User{98A311C2-2EBA-4E58-B6CB-078254476675}E:\program files (x86)\hearthstone\starcraft ii\starcraft ii\versions\base51702\sc2.exe" [In-None-P17-TRUE] .(...) -- E:\program files (x86)\hearthstone\starcraft ii\starcraft ii\versions\base51702\sc2.exe (.not file.) O87 - FAEL: "TCP Query User{4FD9AD61-F6E9-4C72-A76D-12DC87269EDC}E:\program files (x86)\hearthstone\starcraft ii\starcraft ii\versions\base51702\sc2.exe" [In-None-P6-TRUE] .(...) -- E:\program files (x86)\hearthstone\starcraft ii\starcraft ii\versions\base51702\sc2.exe (.not file.) O87 - FAEL: "{2615906F-CC18-489A-991A-D36A9D1984C1}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe (.not file.) O87 - FAEL: "UDP Query User{3ABA1A76-4B71-4690-84F0-EB3604393EB9}E:\game\soldaty svobody\开始游戏.exe" [In-None-P17-TRUE] .(.Copyright (C) 2015 - 游戏安装程序.) -- E:\game\soldaty svobody\开始游戏.exe {35D0DB03C4179B99E5337097D3EA37CE} O87 - FAEL: "TCP Query User{00311D0D-C1BE-448E-B74E-32EED739D23D}E:\game\soldaty svobody\开始游戏.exe" [In-None-P6-TRUE] .(.Copyright (C) 2015 - 游戏安装程序.) -- E:\game\soldaty svobody\开始游戏.exe {35D0DB03C4179B99E5337097D3EA37CE} O87 - FAEL: "UDP Query User{78CD2925-1FFF-42A1-AA32-C75679C1C716}E:\program files (x86)\hearthstone\starcraft ii\starcraft ii\versions\base51702\sc2_x64.exe" [In-None-P17-TRUE] .(...) -- E:\program files (x86)\hearthstone\starcraft ii\starcraft ii\versions\base51702\sc2_x64.exe (.not file.) O87 - FAEL: "TCP Query User{833FB67C-5D48-4B2C-B8E4-80599D8DEA5F}E:\program files (x86)\hearthstone\starcraft ii\starcraft ii\versions\base51702\sc2_x64.exe" [In-None-P6-TRUE] .(...) -- E:\program files (x86)\hearthstone\starcraft ii\starcraft ii\versions\base51702\sc2_x64.exe (.not file.) O87 - FAEL: "{91C39D5F-C361-4478-8BF0-8B7D95D57AC1}" [In-None-P17-TRUE] .(...) -- C:\Users\VULCAN\AppData\Local\Temp\nsm82D8.tmp\QQPCDetector.exe (.not file.) =>.Temporary file not necessary O87 - FAEL: "{6EB65718-2B65-41AF-8DD4-8CB11559D088}" [In-None-P6-TRUE] .(...) -- C:\Users\VULCAN\AppData\Local\Temp\nsm82D8.tmp\QQPCDetector.exe (.not file.) =>.Temporary file not necessary O87 - FAEL: "{431B3683-94D9-4DCD-852D-1FBCB019DBF2}" [In-None-P17-TRUE] .(...) -- G:\SteamLibrary\steamapps\common\Cities_Skylines\Cities.exe =>.Steam Games O87 - FAEL: "{13417116-38FA-4B74-8AB3-8C0830B179A9}" [In-None-P6-TRUE] .(...) -- G:\SteamLibrary\steamapps\common\Cities_Skylines\Cities.exe =>.Steam Games O87 - FAEL: "{E47F872D-6977-45CD-90CC-C581FF3DB5DD}" [In-None-P17-TRUE] .(.深圳市迅雷网络技术有限公司 - Xunlei Application.) -- C:\Users\Public\Thunder Network\Pusher\Pusher\XmpTipWnd.1.0.0.92.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{93B48745-1495-4045-BC9E-530498E51532}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - Xunlei Application.) -- C:\Users\Public\Thunder Network\Pusher\Pusher\XmpTipWnd.1.0.0.92.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{22274B2C-4CAB-423A-822C-53932A377F13}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\DPInst.exe (.not file.) O87 - FAEL: "{E48D71F9-1F83-4B5C-A87E-AE9A4AF62002}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\PreInstall.exe (.not file.) O87 - FAEL: "{4A1628A5-CDDA-4B49-8C7E-DFE5A1512A9B}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\InstallDriver.exe (.not file.) O87 - FAEL: "{A5C32800-4AE6-46BE-95EF-F73C5BBBA2E2}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\DPInstX64.exe (.not file.) O87 - FAEL: "{5DEDF11A-DCBF-4C88-8D2A-63064B3B1C3D}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\adb.exe (.not file.) O87 - FAEL: "{20E44F2C-3C3B-40A2-A8B7-3C156D6F3CBF}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\aapt.exe (.not file.) O87 - FAEL: "{F0AAD188-2C8A-499F-AFBB-1A479ADE84AD}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{7120842B-B527-4489-8F73-32D54C3F7A90}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - 迅雷影音.) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\APlayer.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{A5BDEDC4-7274-4C8B-B85C-788E29257FE0}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - 迅雷影音.) -- C:\Program Files (x86)\Thunder Network\XMP\V5.2.3.5004\Bin\XMP.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{D2E84543-A289-4E79-80CA-6FED04BE4B53}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Program Files (x86)\Thunder Network\XMP\V5.2.3.5004\Bin\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{1ADCD27B-3EB9-4C2F-8773-64A2958468D2}" [In-None-P17-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Users\VULCAN\AppData\Local\Temp\xlliveud\xmp_5.2.3.5004\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{4793F321-4EE0-40B0-898A-9704FB1A34D0}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Users\VULCAN\AppData\Local\Temp\xlliveud\xmp_5.2.3.5004\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{D6B8FD73-0B6E-4EC1-9697-44BADF7CA05D}" [In-None-P17-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\DPInst.exe (.not file.) O87 - FAEL: "{1E1CF872-6913-4FE2-A698-BB76AE6A1065}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\DPInst.exe (.not file.) O87 - FAEL: "{F5B3DF2D-DE34-479D-855D-005BEB703699}" [In-None-P17-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\PreInstall.exe (.not file.) O87 - FAEL: "{FA3DD9FC-1794-47A3-A2B8-E93AB65CE1AB}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\PreInstall.exe (.not file.) O87 - FAEL: "{9A499A72-DB1C-46D9-B030-539715D859C9}" [In-None-P17-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\InstallDriver.exe (.not file.) O87 - FAEL: "{50314FA5-7296-4E20-AE12-134B9A7E34A9}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\InstallDriver.exe (.not file.) O87 - FAEL: "{700D7B2B-87D2-4ACF-9CC8-EAF76DFE6AD8}" [In-None-P17-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\DPInstX64.exe (.not file.) O87 - FAEL: "{497A4A42-31BF-489E-9DC3-933CA2CD3448}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\DPInstX64.exe (.not file.) O87 - FAEL: "{F26BD2A4-9EE5-40E7-A82A-6942771C08EF}" [In-None-P17-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\adb.exe (.not file.) O87 - FAEL: "{A416960C-F089-4D21-B396-4E75FD1451FC}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\adb.exe (.not file.) O87 - FAEL: "{94A1585C-3ADC-4283-B182-D5BB2216650E}" [In-None-P17-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\aapt.exe (.not file.) O87 - FAEL: "{DD2DC383-F6EB-4F3B-9F52-F034A1EC691D}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\aapt.exe (.not file.) O87 - FAEL: "{A59B9FE1-428B-43C9-BFA4-3077626BA308}" [In-None-P17-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{D9B5BE7E-AE3A-4AC4-B976-2A8CC25972BD}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{4A46C029-A661-4744-BEA7-2E42E7B2A5D0}" [In-None-P17-TRUE] .(.深圳市迅雷网络技术有限公司 - 迅雷影音.) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\APlayer.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{0A52358B-BD27-4D8E-8B00-4CED19A5141C}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - 迅雷影音.) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\APlayer.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{0A1C1422-AC80-43B9-933A-B39DD3CC3221}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Common Files\Thunder Network\Kankan\XLBugReport.exe (.not file.) O87 - FAEL: "{685A359A-F5B5-4B03-B7A3-A2EBBAA4BD34}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Common Files\Thunder Network\Kankan\XLBugReport.exe (.not file.) O87 - FAEL: "{B92D4E4B-B086-407E-BBCB-88367828CF0F}" [In-None-P17-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Program Files (x86)\Thunder Network\XMP\V5.2.3.5004\Bin\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{D0BB9B28-C356-429F-B764-FA7408BAD5F5}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Program Files (x86)\Thunder Network\XMP\V5.2.3.5004\Bin\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{94EBCCDD-50FB-4752-B67E-D44A074383B8}" [In-None-P17-TRUE] .(.深圳市迅雷网络技术有限公司 - 迅雷影音.) -- C:\Program Files (x86)\Thunder Network\XMP\V5.2.3.5004\Bin\XMP.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{5CE3993F-0F2C-4915-ADC5-7D9DDA4D122E}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - 迅雷影音.) -- C:\Program Files (x86)\Thunder Network\XMP\V5.2.3.5004\Bin\XMP.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "UDP Query User{63FB17EE-6FE3-4880-8842-BD1DA73AACE2}E:\program files (x86)\gog galaxy\games\gwent\gwent.exe" [In-None-P17-TRUE] .(...) -- E:\program files (x86)\gog galaxy\games\gwent\gwent.exe O87 - FAEL: "TCP Query User{BDA38961-A496-4BF2-AA73-F09D2A774F47}E:\program files (x86)\gog galaxy\games\gwent\gwent.exe" [In-None-P6-TRUE] .(...) -- E:\program files (x86)\gog galaxy\games\gwent\gwent.exe O87 - FAEL: "{C7FF28DA-8B6E-4791-9975-74FB4F1CCB83}" [In-None-P17-TRUE] .(...) -- G:\SteamLibrary\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe (.not file.) =>.Steam Games O87 - FAEL: "{70FA0ACC-94FB-49AA-8EF1-6826BB3BCA62}" [In-None-P6-TRUE] .(...) -- G:\SteamLibrary\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe (.not file.) =>.Steam Games O87 - FAEL: "{0C1EDFD2-F88C-4BD5-AF40-D89A0EBB9B47}" [In-None-P17-TRUE] .(.深圳市迅雷网络技术有限公司 - Xunlei Application.) -- C:\Users\Public\Thunder Network\Pusher\Pusher\XmpTipWnd.1.0.0.92.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{492D6DC7-E1C5-4983-98AE-09E6CAF333E9}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - Xunlei Application.) -- C:\Users\Public\Thunder Network\Pusher\Pusher\XmpTipWnd.1.0.0.92.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{652256E6-41FA-48C2-8797-648125C036A4}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Users\VULCAN\AppData\Local\Temp\xlliveud\xmp_5.2.3.5004\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{9EAF6646-E854-4CAD-A418-3E8DAAAEFABD}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\DPInst.exe (.not file.) O87 - FAEL: "{5AEC4953-F268-426C-876D-E52C32D19275}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\PreInstall.exe (.not file.) O87 - FAEL: "{1A90E2DC-A31E-47DF-BDD8-0EBCA44BFB6C}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\InstallDriver.exe (.not file.) O87 - FAEL: "{A60041BC-2B65-4FCF-9AA1-5EEAB6AAC005}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\DPInstX64.exe (.not file.) O87 - FAEL: "{C4BAD576-E79E-4282-A765-EBBCACE9E783}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\adb.exe (.not file.) O87 - FAEL: "{2C1017CB-975D-4212-8098-BFEC594BF254}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\aapt.exe (.not file.) O87 - FAEL: "{86B78830-CCAE-40FC-ACED-FC85765FFF5E}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{70F314AA-F971-4225-9004-77B6270CBE04}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - 迅雷影音.) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\APlayer.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{D53CC02D-5623-4264-A7A1-6CA475F270D6}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Common Files\Thunder Network\Kankan\XLBugReport.exe (.not file.) O87 - FAEL: "{0CD17418-FE02-47AE-B2FE-B7B87EDF872C}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Program Files (x86)\Thunder Network\XMP\V5.2.3.5004\Bin\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{9BF7A754-DCAA-4E20-AFC1-3A460B1BFF26}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - 迅雷影音.) -- C:\Program Files (x86)\Thunder Network\XMP\V5.2.3.5004\Bin\XMP.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{C6AAE903-7247-4429-B137-C0102FF4B4EA}" [In-None-P17-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Users\VULCAN\AppData\Local\Temp\xlliveud\xmp_5.2.3.5004\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{74D1FE2B-DFCF-4413-A53C-9E2EC2EBF101}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Users\VULCAN\AppData\Local\Temp\xlliveud\xmp_5.2.3.5004\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{57C74DD1-9DCF-46D0-BE9A-1C73EE62C7B3}" [In-None-P17-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\DPInst.exe (.not file.) O87 - FAEL: "{DE066EA9-3AF3-4A0E-8C0D-2839BF6704AD}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\DPInst.exe (.not file.) O87 - FAEL: "{6900C513-484E-4007-A2BF-7446E296DEE0}" [In-None-P17-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\PreInstall.exe (.not file.) O87 - FAEL: "{008E6F9E-7C74-445D-8A80-8D9F1D0D0D5F}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\PreInstall.exe (.not file.) O87 - FAEL: "{270984E0-05E5-424B-81E8-117868D1E7C4}" [In-None-P17-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\InstallDriver.exe (.not file.) O87 - FAEL: "{FEECE2CD-B37F-4B03-8FFA-1DB0EB053AF1}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\InstallDriver.exe (.not file.) O87 - FAEL: "{52E29F53-A019-4D4F-AAEF-F94FA2AEBA68}" [In-None-P17-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\DPInstX64.exe (.not file.) O87 - FAEL: "{6B83EC10-CF2B-45B0-BC26-C1FAE3493EB9}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\DPInstX64.exe (.not file.) O87 - FAEL: "{BBD50917-579C-4BB7-9C04-7D77D6AB18BC}" [In-None-P17-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\adb.exe (.not file.) O87 - FAEL: "{61D25CD7-C1CF-474A-98A9-A50D30DE3F56}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\adb.exe (.not file.) O87 - FAEL: "{8C4C6ACD-AA29-458D-80D7-3BED38895B1E}" [In-None-P17-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\aapt.exe (.not file.) O87 - FAEL: "{7EF30FF8-BF93-441A-923A-4FF269B330D3}" [In-None-P6-TRUE] .(...) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\aapt.exe (.not file.) O87 - FAEL: "{0DA78A5D-2B40-4AB6-86B3-8741017EA8AC}" [In-None-P17-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{60763040-CCE4-4234-AD5F-6343FA42FD72}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{FC31024C-0E4A-49A2-99F2-F8805F77338D}" [In-None-P17-TRUE] .(.深圳市迅雷网络技术有限公司 - 迅雷影音.) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\APlayer.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{E4656EAD-39C6-449D-8E21-AF6ABD8DDD67}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - 迅雷影音.) -- C:\Users\Public\Thunder Network\XMP5\V5.2.3.5004\Program\APlayer.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{126F4CE3-9F93-442D-9806-D4B7F48B02DA}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Common Files\Thunder Network\Kankan\XLBugReport.exe (.not file.) O87 - FAEL: "{50FF50F1-EC38-494C-BFBD-3CE25DDAB68D}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Common Files\Thunder Network\Kankan\XLBugReport.exe (.not file.) O87 - FAEL: "{E6CA9CA5-1A99-4E1E-8971-86ABF107B58F}" [In-None-P17-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Program Files (x86)\Thunder Network\XMP\V5.2.3.5004\Bin\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{19956187-2771-4428-BCD9-1E305A5BA53B}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - XLLiveUD.) -- C:\Program Files (x86)\Thunder Network\XMP\V5.2.3.5004\Bin\XLLiveUD.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{B866BD11-AADB-4EBF-9E09-B79DBC11776E}" [In-None-P17-TRUE] .(.深圳市迅雷网络技术有限公司 - 迅雷影音.) -- C:\Program Files (x86)\Thunder Network\XMP\V5.2.3.5004\Bin\XMP.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{D9CDD197-CD6B-4A86-ADE2-F2BA649990D6}" [In-None-P6-TRUE] .(.深圳市迅雷网络技术有限公司 - 迅雷影音.) -- C:\Program Files (x86)\Thunder Network\XMP\V5.2.3.5004\Bin\XMP.exe {16E6F4E66382FBA84730D899} O87 - FAEL: "{3BE9523D-20DE-40A4-B447-1C700AD52DBA}" [In-None-P6-TRUE] .(...) -- E:\program files\腾讯游戏\xunyou_yxq\xunyou.exe (.not file.) ---\\ Search Tracing Registry Key (2) - 1s HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tencentdl_RASAPI32 =>.SUP.Tencent HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tencentdl_RASMANCS =>.SUP.Tencent ---\\ Additional Scan (O88) (95) - 2s C:\WINDOWS\Tasks\Traffic Exchange v2 - 1.job =>.SUP.Microleaves C:\WINDOWS\Tasks\Traffic Exchange v2 - 2.job =>.SUP.Microleaves C:\WINDOWS\Tasks\Traffic Exchange v2 - 3.job =>.SUP.Microleaves C:\WINDOWS\System32\Tasks\Traffic Exchange v2 - 1 =>.SUP.Microleaves C:\WINDOWS\System32\Tasks\Traffic Exchange v2 - 2 =>.SUP.Microleaves C:\WINDOWS\System32\Tasks\Traffic Exchange v2 - 3 =>.SUP.Microleaves C:\Users\VULCAN\AppData\Roaming\Tencent\WebGamePlugin\1.0.4.3\npqqwebgame.dll =>.SUP.Tencent [HKCU\SOFTWARE\MozillaPlugins\@1.qq.com/npqqwebgame] =>.SUP.Tencent C:\Program Files (x86)\Common Files\Tencent\Npchrome\npactivex.dll =>.SUP.Tencent [HKLM\SOFTWARE\MozillaPlugins\@qq.com/npqscall] =>.SUP.Tencent C:\Program Files (x86)\Tencent\QQDownload\Browser\769\npXFPlugin.dll =>.SUP.Tencent [HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQDownloadPlugin] =>.SUP.Tencent C:\Program Files (x86)\Common Files\Tencent\QQMiniDL\60\Browser\npXFMiniDLPlugin.dll =>.SUP.Tencent [HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQMiniDLPlugin] =>.SUP.Tencent C:\Program Files (x86)\Tencent\Qzone\npQQPhotoDrawEx.dll =>.SUP.Tencent [HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQPhotoDrawEx] =>.SUP.Tencent C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\npQzoneMusic.dll =>.SUP.Tencent [HKLM\SOFTWARE\MozillaPlugins\@qq.com/QzoneMusic] =>.SUP.Tencent C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.5.16\bin\npSSOAxCtrlForPTLogin.dll =>.SUP.Tencent [HKLM\SOFTWARE\MozillaPlugins\@qq.com/TXSSO] =>.SUP.Tencent C:\Program Files (x86)\QQMailPlugin\npQQMailWebKit.dll =>.SUP.Tencent [HKLM\SOFTWARE\MozillaPlugins\@tencent.com/npQQMailWebKit,version=1.0.0.1] =>.SUP.Tencent C:\Program Files (x86)\QQMailPlugin\nptxftnWebKit.dll =>.SUP.Tencent [HKLM\SOFTWARE\MozillaPlugins\@tencent.com/nptxftnWebKit,version=1.0.0.1] =>.SUP.Tencent [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{004B0726-A010-4ABF-8556-FCDB7F1FCA1E}] =>PUP.Optional.Xunlei [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{004B0726-A010-4ABF-8556-FCDB7F1FCA1E}] =>PUP.Optional.Xunlei [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}] =>.SUP.Orphan [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EEDB912-C5FA-486F-8334-57288578C627}] =>.SUP.Orphan [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QQMailPlugin] =>.SUP.Tencent [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4C6314F6-2DE8-4354-856A-787679AEF407}] =>.SUP.Microleaves [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5D5CD82D-24CC-4A15-9C79-9A9878DC3AD8}] =>.SUP.Trotux [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{92C1F287-B8A1-415C-B872-4000F57C055A}] =>.SUP.Microleaves [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\英雄联盟] =>.SUP.Tencent [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\QQMailPlugin] =>.SUP.Tencent [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4C6314F6-2DE8-4354-856A-787679AEF407}] =>.SUP.Microleaves [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5D5CD82D-24CC-4A15-9C79-9A9878DC3AD8}] =>.SUP.Trotux [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92C1F287-B8A1-415C-B872-4000F57C055A}] =>.SUP.Microleaves [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\英雄联盟] =>.SUP.Tencent C:\Program Files (x86)\10101966 =>Heuristic.Suspect C:\Program Files (x86)\QQMailPlugin =>.SUP.Tencent C:\Program Files (x86)\Tencent =>.SUP.Tencent C:\ProgramData\SogouInput =>.SUP.Sogou C:\ProgramData\Tencent =>.SUP.Tencent C:\Program Files (x86)\Common Files\Tencent =>.SUP.Tencent C:\Users\VULCAN\AppData\Roaming\Tencent =>.SUP.Tencent C:\Users\VULCAN\AppData\Roaming\UCChannel =>.SUP.UCBrowser C:\Users\VULCAN\AppData\Local\Tencent =>.SUP.Tencent C:\Users\VULCAN\AppData\Local\UCBrowser =>.SUP.UCBrowser C:\Users\VULCAN\AppData\LocalLow\SogouPY\Components\Picface\PicfaceData\sgim_piccell.v2.bin =>.SUP.Sogou C:\Users\VULCAN\AppData\LocalLow\SogouPY\Components\Picface\PicfaceData\sgim_picface_sugg.bin =>.SUP.Sogou C:\Users\VULCAN\AppData\LocalLow\SogouPY\Components\Picface\PicfaceData\sgim_picidx.v2.bin =>.SUP.Sogou C:\Users\VULCAN\AppData\LocalLow\SogouPY\sgim_clipboard.bin =>.SUP.Sogou C:\Users\VULCAN\AppData\LocalLow\SogouPY\sgim_eng_usr.bin =>.SUP.Sogou C:\Users\VULCAN\AppData\LocalLow\SogouPY\sgim_ext.bin =>.SUP.Sogou C:\Users\VULCAN\AppData\LocalLow\SogouPY\sgim_keymap.bin =>.SUP.Sogou C:\Users\VULCAN\AppData\LocalLow\SogouPY\sgim_uspm.bin =>.SUP.Sogou C:\Users\VULCAN\AppData\LocalLow\SogouPY\sgim_usr_v3new.bin =>.SUP.Sogou C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe =>.SUP.UCBrowser [HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tencentdl_RASAPI32] =>.SUP.Tencent [HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tencentdl_RASMANCS] =>.SUP.Tencent C:\Users\VULCAN\AppData\Roaming\Browser_V5.4.4799.303_r_4087_(Build1509241503).exe =>Heuristic.Suspect C:\Users\VULCAN\AppData\Roaming\cbcq_Y_516334_37cs.exe =>Heuristic.Suspect C:\Users\VULCAN\AppData\Roaming\gameboxsetup.exe =>Heuristic.Suspect C:\Users\VULCAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.hao123.com_0.localstorage =>PUP.Optional.Browser C:\Users\VULCAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.hao123.com_0.localstorage-journal =>PUP.Optional.Browser [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\01720pdw] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\0i56vvq2] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\1pmew4lp] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\2dw5ufde] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\3j4mmk4w] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\4ykmpoga] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\82i4fde3] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\d3bqwfoj] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\d4yxt1sc] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\e2zt0mw1] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\f7yy4x82] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\gl38pzch] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\hkx2jugm] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\irrafo4c] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\ite3fh64] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\kh08auii] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\kpelxpt8] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\njlr3h5k] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\p47nmqv1] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\paxc53oe] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\pm0ncfa3] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\rn9ufz9z] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\s77ms1yy] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\schl5kwq] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\toehwq66] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\v8saxnch] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\vkecgkpb] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\vuld1yds] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\w27rvae7] =>.SUP.Elex [HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\wu8fhe08] =>.SUP.Elex ---\\ Summary of the elements found (11) - 0s https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Microleaves https://nicolascoolman.eu/2017/02/23/tencentadressbar/ =>.SUP.Tencent https://nicolascoolman.eu/2017/01/26/hijacker-browser/ =>PUP.Optional.Browser https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Xunlei https://nicolascoolman.eu/2017/03/04/superfluous-ucbrowser/ =>.SUP.UCBrowser https://nicolascoolman.eu/2017/03/14/superfluous-trotux/ =>.SUP.Trotux https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider https://www.nicolascoolman.com/fr/pup-sogou/ =>.SUP.Sogou https://nicolascoolman.eu/2017/04/25/trojan-generickd/ =>Trojan.GenericKD https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect https://nicolascoolman.eu/2017/03/28/superfluous-elex/ =>.SUP.Elex ~ Unselected Options: O82, ~ End of the scan, 39786 items in 03mn41s (1668)(0)