~ ZHPDiag v2017.9.24.167 By Nicolas Coolman (2017/09/24)
~ Run by arctic-deer (Administrator)  (2017/09/25 01:06:12)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Certificate ZHPDiag: Legal
~ State version:  Version OK
~ Mode: Scan
~ Report: C:\Users\arctic-deer\Desktop\ZHPDiag.txt
~ Report: C:\Users\arctic-deer\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 15063)  =>.Microsoft Corporation

---\\ Internet Browsers (4) - 0s
~ MFIE: Mozilla Firefox 55.0.3 (x86 en-US)
~ OPIE: Opera 47.0.2631.80
~ MSIE: Microsoft Edge v40
~ MSIE: Internet Explorer v11.608.15063.0

---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK

---\\ System protection software (2) - 12s
Norton Security v22.10.1.10 (Protection)
Windows Defender  (Deactivate)

---\\ System optimization software (1) - 13s
~ Tweaking.com - Windows Repair v4.0.6 (Optimize)

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System:  64-bit 
~ Boot mode: Normal (Normal boot)
Total RAM: 4051.52 MB (34% free) : OK  =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 245 GB (82%) free of 296 GB : OK  =>.Disk Space

---\\ Connection to the system mode (3) - 0s


---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 245 GB free of 296 GB  (System)
~ Drive D: has 171 GB free of 177 GB

---\\ State of the Windows Security Center (7) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Search Generic System Files (24) - 3s
[MD5.3AF6D6F752EDE013ED15DFD2D44F8EF9] - 05/09/2017 - (.Microsoft Corporation - مستكشف Windows.) -- C:\WINDOWS\Explorer.exe [4848960]  =>.Microsoft Windows®
[MD5.ECB702B8C5650381C0784F1EEABB97BC] - 19/03/2017 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [68608]  =>.Microsoft Corporation
[MD5.0242626678C83AE788C655C1990A3CC3] - 28/07/2017 - (.Microsoft Corporation - ‎‎تطبيق بدء تشغيل Windows.) -- C:\WINDOWS\System32\Wininit.exe [318232]  =>.Microsoft Windows Publisher®
[MD5.9AA7516745C98B81FC10227FF2652391] - 05/09/2017 - (.Microsoft Corporation - ملحقات الإنترنت لـ Win32.) -- C:\WINDOWS\System32\wininet.dll [3307008]  =>.Microsoft Corporation
[MD5.9CDA170849A4F66F4D68B3DBB3AC8394] - 05/09/2017 - (.Microsoft Corporation - تطبيق تسجيل دخول Windows.) -- C:\WINDOWS\System32\Winlogon.exe [706560]  =>.Microsoft Corporation
[MD5.50CDF68A8EA8A2A9165CD573FA6C42D8] - 19/03/2017 - (.Microsoft Corporation - مكتبة تراخيص البرامج.) -- C:\WINDOWS\System32\sppcomapi.dll [414208]  =>.Microsoft Corporation
[MD5.0F9FA6A2D4EAE50393DCE473759A9845] - 19/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [661224]  =>.Microsoft Windows®
[MD5.3F969D5ADEAB3284ABD500B37D74A8F8] - 19/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [508344]  =>.Microsoft Windows®
[MD5.5A6D591D56791BA63CE73FCAD60D89A1] - 05/09/2017 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [610720]  =>.Microsoft Windows®
[MD5.01733BEEE02E51F712330D5909BD701C] - 19/03/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [29088]  =>.Microsoft Windows®
[MD5.B6E5AD7C83A5254DEE9D86023C0E5A81] - 19/03/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [93184]  =>.Microsoft Corporation
[MD5.ABE77AD954BC3D72F559CF0C381E50BC] - 19/03/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [160256]  =>.Microsoft Corporation
[MD5.185A4519B7764F4DEF714D890A7A9FD2] - 19/03/2017 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [150528]  =>.Microsoft Corporation
[MD5.02B9639D9997E95CDF2F4C4F3BDCC73D] - 13/07/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [86528]  =>.Microsoft Corporation
[MD5.C6C8315E3262FAE460529C6DA2951682] - 19/03/2017 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [115200]  =>.Microsoft Corporation
[MD5.DCC05E5EAA580C97F13B434FAFACED85] - 19/03/2017 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [214528]  =>.Microsoft Corporation
[MD5.F2AD1B72C5A6475FB5FF332E1980DF88] - 19/03/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [467352]  =>.Microsoft Windows®
[MD5.BAD3C424788BC071C3EC82CFCDA954D2] - 05/09/2017 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [305152]  =>.Microsoft Corporation
[MD5.075F8C81457804BB79DD33FE69A96C57] - 28/07/2017 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2327456]  =>.Microsoft Windows®
[MD5.2CC6C325B271C7CA60F374F8F868CB45] - 19/03/2017 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [97792]  =>.Microsoft Corporation
[MD5.5279EC98F6218D29EADDFECCC0D80E9A] - 19/03/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [107008]  =>.Microsoft Corporation
[MD5.53A01D3FDB701AC5D9DDE4140227E3D9] - 20/03/2017 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [183296]  =>.Microsoft Corporation
[MD5.D74756DD1518D28A09CDA99696273FA4] - 01/08/2017 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [119712]  =>.Microsoft Windows®
[MD5.E3429DBBEA3965BB96E24B16EF4A2551] - 19/03/2017 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [397216]  =>.Microsoft Windows®

---\\ Non Microsoft non disabled Windows Services (7) - 2s
O23 - Service: Bitdefender RedLine Service (bdredline) . (.Bitdefender - Bitdefender redline update.) - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe  =>.Bitdefender SRL®
O23 - Service: Bitdefender Device Management Service (DevMgmtService) . (.Bitdefender - Bitdefender Device Management Service.) - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe  =>.Bitdefender SRL®
O23 - Service: Norton Security (NS) . (.Symantec Corporation - Norton Security.) - C:\Program Files\Norton Security\Engine\22.10.1.10\NS.exe  =>.Symantec Corporation®
O23 - Service: ProductAgentService (ProductAgentService) . (.Bitdefender - Bitdefender Agent.) - C:\Program Files\Bitdefender Agent\ProductAgentService.exe  =>.Bitdefender SRL®
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) . (.Bitdefender - Bitdefender Update Service.) - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe  =>.Bitdefender SRL®
O23 - Service: Bitdefender Virus Shield (VSSERV) . (.Bitdefender - Bitdefender Security Service.) - C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe  =>.Bitdefender SRL®
O23 - Service: Bitdefender Protected Service (vsservp) . (.Bitdefender - Bitdefender ASMI Protected Service.) - C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe  =>.Bitdefender SRL®

---\\ Services not Microsoft (SR=Run, SS=Stop) (22) - 94s
SS - Disabl [18/05/2017] [ 2246256]  Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe  =>.Adobe Systems Incorporated®
SS - Disabl [16/12/2015] [  255472]   (AMD External Events Utility) . (.AMD.) - C:\WINDOWS\System32\atiesrxx.exe  =>.Microsoft Windows Hardware Compatibility Publisher®
SS - Disabl [16/07/2010] [ 1824064]  AuthenTec Fingerprint Service (ATService) . (.AuthenTec, Inc..) - C:\Program Files (x86)\Fingerprint Sensor\AtService.exe  =>.AuthenTec, Inc.®
SR - Auto   [07/09/2017] [ 2090152]  Bitdefender RedLine Service (bdredline) . (.Bitdefender.) - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe  =>.Bitdefender SRL®
SS - Demand [         0] [       0]  @%systemroot%\system32\browser.dll,-100 (Browser) . (...) - C:\WINDOWS\System32\browser.dll
SR - Auto   [27/06/2017] [  103072]  Bitdefender Device Management Service (DevMgmtService) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe  =>.Bitdefender SRL®
SS - Disabl [10/03/2017] [  145224]  Epson Scanner Service (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\WINDOWS\system32\EscSvc64.exe  =>.SEIKO EPSON CORPORATION®
SS - Disabl [26/11/2016] [ 1565000]  خدمة KSU (ksu) . (.AO Kaspersky Lab.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe  =>.Kaspersky Lab®
SS - Disabl [01/11/2009] [  262144]  Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe  =>.Intel Corporation
SS - Disabl [09/05/2017] [ 4470736]  Malwarebytes Service (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe  =>.Malwarebytes Corporation®
SS - Disabl [18/09/2017] [  175568]  Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe  =>.Mozilla Corporation®
SR - Auto   [24/08/2017] [  326144]  Norton Security (NS) . (.Symantec Corporation.) - C:\Program Files\Norton Security\Engine\22.10.1.10\NS.exe  =>.Symantec Corporation®
SS - Disabl [24/08/2017] [  326144]  PowerSavingUtilityService (PowerSavingUtilityService) . (.FUJITSU LIMITED.) - C:\Program Files\Fujitsu\PSUtility\PSUService.exe  =>.FUJITSU LIMITED ®
SR - Auto   [24/08/2017] [  326144]  ProductAgentService (ProductAgentService) . (.Bitdefender.) - C:\Program Files\Bitdefender Agent\ProductAgentService.exe  =>.Bitdefender SRL®
SS - Disabl [24/08/2017] [  326144]  Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) . (.arvato digital services llc.) - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe  =>.Arvato Digital Services Canada Inc®
SS - Disabl [24/08/2017] [  326144]  Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) . (.arvato digital services llc.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe  =>.Arvato Digital Services Canada Inc®
SS - Disabl [24/08/2017] [  326144]  Ilyda(UK) Ribbon Commander Framework Stability Service (RibbonCommanderSrv) . (.ILYDA (UK).) - C:\Program Files (x86)\Common Files\IlydaUK\RibbonCommander\RibbonCommanderSrv.exe {407B311CA8F2A16E940ABC8370726B68}
SS - Disabl [24/08/2017] [  326144]  Fujitsu Diagnostic Testhandler (TestHandler) . (.Fujitsu Technology Solutions.) - C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\HaDTMan.exe {071246A7B330F062151933F7FFEEBB7F}  =>.Fujitsu Technology Solutions
SS - Disabl [24/08/2017] [  326144]  Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe  =>.Intel Corporation
SR - Auto   [24/08/2017] [  326144]  Bitdefender Desktop Update Service (UPDATESRV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe  =>.Bitdefender SRL®
SR - Auto   [24/08/2017] [  326144]  Bitdefender Virus Shield (VSSERV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe  =>.Bitdefender SRL®
SR - Auto   [24/08/2017] [  326144]  Bitdefender Protected Service (vsservp) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe  =>.Bitdefender SRL®

---\\ Task Planned Automatically (Register) (49) - 37s
O40 - TASK: {02F68908-FB5F-4E5E-A86B-93C272AB999E} [64Bits][\Microsoft\Windows\Media Center\PvrRecoveryTask] - (...) -- C:\WINDOWS\ehome\mcupdate.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {08EA6E6D-B10F-4374-B1D7-1FAA78311D96} [64Bits][\Norton WSC Integration] - (.Symantec Corporation - WSCStub.) -- C:\Program Files\Norton Security\Engine\22.10.1.10\WSCStub.exe  [2981984]   =>.Symantec Corporation®
O40 - TASK: {0D281CEF-D0B3-412B-82E6-0FD757D58667} [64Bits][\GU5SkipUAC] - (.Glarysoft Ltd - Glary Utilities 5.) -- C:\Program Files (x86)\Glary Utilities 5\Integrator.exe  [897528]   =>.Glarysoft LTD®
O40 - TASK: {14C00B76-8864-4ECE-87B5-BA66EC987D47} [64Bits][\Microsoft\Windows\Media Center\RegisterSearch] - (...) -- C:\WINDOWS\ehome\ehPrivJob.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {16B9D215-DD5D-4171-B0DD-858A916A61B0} [64Bits][\EPSON L382 Series Update {D39CE6D0-ADC5-4BF6-861B-A58C0EBF6DE5}] - (.SEIKO EPSON CORPORATION - E_DTSKSD.EXE.) -- C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRRE.EXE  [690536]   =>.SEIKO EPSON CORPORATION®
O40 - TASK: {1BEB8178-47BD-4227-B3F8-5F1E7DFC833E} [64Bits][\CorelUpdateHelperTask] - (.Corel Corporation - Corel Update Helper x32.) -- C:\Program Files (x86)\Corel\CUH\v2\CUH.EXE  [1618368]   =>.Corel Corporation®
O40 - TASK: {1CA95D12-B04E-4CB8-8333-00DCFE8C5F7C} [64Bits][\Fujitsu\DeskUpdate] - (.Fujitsu Technology Solutions - DeskUpdate command line application.) -- C:\Program Files (x86)\Fujitsu\DeskUpdate\ducmd.exe  [363288]  {071246A7B330F062151933F7FFEEBB7F}  =>.Fujitsu Technology Solutions
O40 - TASK: {1DB6E995-65AD-46D4-9877-8A354D32FCA4} [64Bits][\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864] - (.Bitdefender - Bitdefender Agent WatchDog.) -- C:\Program Files\Bitdefender Agent\WatchDog.exe  [574232]   =>.Bitdefender SRL®
O40 - TASK: {22518DC6-261E-453A-B82F-C25D43A2D0A3} [64Bits][\GMHSkipUAC] - (.Glarysoft Ltd - .) -- C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {2A84A707-A1F1-45F7-8533-10AA18603DB9} [64Bits][\Microsoft\Windows\Media Center\PBDADiscoveryW2] - (...) -- C:\WINDOWS\ehome\ehPrivJob.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {33D4ED15-4312-4AC5-B109-AF94A2CDE080} [64Bits][\Microsoft\Windows\Media Center\MediaCenterRecoveryTask] - (...) -- C:\WINDOWS\ehome\mcupdate.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {33F430A1-8E52-4B2C-B30A-5011409E01FA} [64Bits][\Health-Check-deep] - (.arctic-deer-PC\arctic-deer - .) -- C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {37476B87-7DD1-43EF-B096-76EACB36D197} [64Bits][\Microsoft\Windows\Media Center\InstallPlayReady] - (...) -- C:\WINDOWS\ehome\ehPrivJob.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {443D3B75-9651-49E2-9E70-D78EBFDCB652} [64Bits][\Microsoft\Windows\Media Center\PeriodicScanRetry] - (...) -- C:\WINDOWS\ehome\MCUpdate.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {46278CDE-A4B4-44BD-A0FC-E76AA9652616} [64Bits][\Microsoft\Windows\Media Center\PvrScheduleTask] - (...) -- C:\WINDOWS\ehome\mcupdate.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {4F8A0D13-FA0D-4CFF-85AA-2987275C6339} [64Bits][\Health-Check-auto] - (.arctic-deer-PC\arctic-deer - .) -- C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {521FDDF9-10D5-487E-B611-77F8B352C4A6} [64Bits][\Health-Check] - (.arctic-deer-PC\arctic-deer - .) -- C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {590C541C-D8FE-40B3-A821-74E2F0F2E9AF} [64Bits][\Microsoft\Windows\Media Center\SqlLiteRecoveryTask] - (...) -- C:\WINDOWS\ehome\mcupdate.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {64FA8F1B-EFD0-4B7A-A559-301FC99EFBC9} [64Bits][\Microsoft\Windows\Media Center\ReindexSearchRoot] - (...) -- C:\WINDOWS\ehome\ehPrivJob.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {6E39B108-6650-4472-9A8C-7D420CAB620D} [64Bits][\Fujitsu\DeskUpdateStartup] - (.Fujitsu Technology Solutions - DeskUpdate command line application.) -- c:\Fujitsu\Programs\DeskUpdate\ducmd.exe  [363288]  {071246A7B330F062151933F7FFEEBB7F}  =>.Fujitsu Technology Solutions
O40 - TASK: {75F7D69B-7778-46F9-BA6A-D03098372A0E} [64Bits][\Cybertron\Privacy Eraser\SkipUAC_arctic-deer] - (.Cybertron Software, Co., Ltd. - Privacy Eraser.) -- C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser.exe  [4593240]   =>.Cybertron Software Co., Ltd®
O40 - TASK: {7C7E0B4D-3E94-4708-B31A-DC529082A775} [64Bits][\Norton Security\Norton Security Error Analyzer] - (.Symantec Corporation - Symantec Error Reporting.) -- C:\Program Files\Norton Security\Engine\22.10.1.10\symerr.exe  [102008]   =>.Symantec Corporation®
O40 - TASK: {7C8FAAFC-D70E-4DCD-902B-5CB805118CE0} [64Bits][\Microsoft\Windows\Media Center\ehDRMInit] - (...) -- C:\WINDOWS\ehome\ehPrivJob.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {7E7B3671-6598-41BF-92BE-8AEF2E270C44} [64Bits][\Microsoft\Windows\Media Center\RecordingRestart] - (...) -- C:\WINDOWS\ehome\ehrec (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {882329E5-D8B9-4B93-B871-DEA21C5C4EBB} [64Bits][\Microsoft\Windows\Media Center\OCURActivate] - (...) -- C:\WINDOWS\ehome\ehPrivJob.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {88CBC03B-5465-4857-9639-72979C062FF9} [64Bits][\UninstallMonitor] - (. - UninstallMonitor.) -- C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {9869AF27-8E9D-4C6D-ADD5-3F2DA859A5E3} [64Bits][\Microsoft\Windows\Media Center\mcupdate] - (...) -- C:\WINDOWS\ehome\mcupdate (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {994BB815-F59F-4A06-8D88-526E33B95D3A} [64Bits][\Microsoft\Windows\Media Center\PBDADiscoveryW1] - (...) -- C:\WINDOWS\ehome\ehPrivJob.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {9D8BDF6B-D0EB-4DBA-BDF4-E7C46326B91B} [64Bits][\CorelUpdateHelperTaskCore] - (.Corel Corporation - Corel Update Helper x32.) -- c:\Program Files (x86)\Corel\CUH\v2\CUH.EXE  [1618368]   =>.Corel Corporation®
O40 - TASK: {9E01F302-A9CE-4A64-B614-E8FAFC7A8784} [64Bits][\ASC9_SkipUac_arctic-deer] - (.arctic-deer-PC\arctic-deer - .) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {A1343BB4-81F3-4E91-BD07-7800EF7F7B6F} [64Bits][\Microsoft\Windows\Media Center\mcupdate_scheduled] - (. - Check for Media Center updates..) -- C:\WINDOWS\ehome\mcupdate (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {A97FCF71-22FC-4BC4-9C66-F8DCB451893E} [64Bits][\Microsoft\Windows\Media Center\ActivateWindowsSearch] - (...) -- C:\WINDOWS\ehome\ehPrivJob.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {B73BC59E-1342-4EF4-B196-4F167423676A} [64Bits][\RDReminder] - (.DLLFILES - .) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.DllFilesFixer
O40 - TASK: {B802C920-463A-4EC1-8529-D7191AD35773} [64Bits][\Norton Security\Norton Security Autofix] - (.Symantec Corporation - Symantec Error Reporting.) -- C:\Program Files\Norton Security\Engine\22.10.1.10\symerr.exe  [102008]   =>.Symantec Corporation®
O40 - TASK: {B9A47C7D-2ED0-4100-8D08-557F12EE8392} [64Bits][\Norton Security\Norton Security Error Processor] - (.Symantec Corporation - Symantec Error Reporting.) -- C:\Program Files\Norton Security\Engine\22.10.1.10\symerr.exe  [102008]   =>.Symantec Corporation®
O40 - TASK: {B9B26892-CC88-408A-A931-D0259A2FF979} [64Bits][\Microsoft\Windows\Media Center\ConfigureInternetTimeService] - (...) -- C:\WINDOWS\ehome\ehPrivJob.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {BD316292-67D1-486F-85D1-76B176624BF5} [64Bits][\Microsoft\Windows\Media Center\DispatchRecoveryTasks] - (...) -- C:\WINDOWS\ehome\ehPrivJob.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {C730D67E-1451-4B15-8A4E-992970D45190} [64Bits][\GlaryInitialize 5] - (.Glarysoft Ltd - Glary Utilities Initialize.) -- C:\Program Files (x86)\Glary Utilities 5\Initialize.exe  [134648]   =>.Glarysoft LTD®
O40 - TASK: {C9D0E4B6-9A85-499B-A80D-738B456D2422} [64Bits][\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C] - (.Bitdefender - Bitdefender agent.) -- C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe  [321744]   =>.Bitdefender SRL®
O40 - TASK: {D4DFD7C6-F5DF-4CC4-B6E6-36FD17045455} [64Bits][\smadav] - (.Smadsoft - Smadav USB Antivirus & Additional Protectio.) -- C:\Program Files (x86)\SMADAV\SMΔRTP.exe  [1879152]   =>.SmadSoft
O40 - TASK: {D7B16463-75B3-4FA3-AAF0-2B7B41DD6653} [64Bits][\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask] - (...) -- C:\WINDOWS\ehome\mcupdate.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {D8791197-BADA-4506-AD06-202F7C443749} [64Bits][\Tweaking.com - Windows Repair Tray Icon] - (.Tweaking.com - Tweaking.com - Windows Repair Tray Icon.) -- C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe  [218336]   =>.Tweaking LLC®
O40 - TASK: {DE2BC518-FB4D-4DCA-8A8D-203D4D6DF62C} [64Bits][\Microsoft\Windows\Media Center\UpdateRecordPath] - (...) -- C:\WINDOWS\ehome\ehPrivJob.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {E23BA688-DD4C-429D-A884-630FF56B43FD} [64Bits][\Microsoft\Windows\Media Center\OCURDiscovery] - (...) -- C:\WINDOWS\ehome\ehPrivJob.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {E37B4B53-8252-4512-9FF0-1C87D672183B} [64Bits][\Opera scheduled Autoupdate 1449256104] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe  [974936]   =>.Opera Software AS®
O40 - TASK: {E44CFAC1-5B3A-41BF-88E4-ABA9BDDB5897} [64Bits][\SmartDefrag_Update] - (.arctic-deer - .) -- C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan
O40 - TASK: {E4923CFE-1761-4963-B810-AE0367F11937} [64Bits][\EPSON L382 Series Update {8B704999-7F14-42F1-9CA8-CC917CD633AB}] - (.SEIKO EPSON CORPORATION - E_DTSKSD.EXE.) -- C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRRE.EXE  [690536]   =>.SEIKO EPSON CORPORATION®
O40 - TASK: {F3C3F80A-DFDD-4B73-AA7F-815C0C76CCD8} [64Bits][\Remediation\AntimalwareMigrationTask] - (.Symantec Corporation - WSCStub.) -- C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe  [2981984]   =>.Symantec Corporation®
O40 - TASK: {FCF49412-E256-49C2-AB32-6EE231B7E73F} [64Bits][\Microsoft\Windows\Media Center\PBDADiscovery] - (...) -- C:\WINDOWS\ehome\ehPrivJob.exe (.not file.)  [0]  (.Orphan.)  =>.SUP.Orphan

---\\ Auto loading programs from Registry and folders (19) - 4s
O4 - HKLM\..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Defender notification icon.) -- C:\Program Files\Windows Defender\MSASCuiL.exe  =>.Microsoft Windows®
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe  =>.Synaptics Incorporated®
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - إدارة صوت Realtek HD.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe  =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [Malwarebytes TrayApp] . (.Malwarebytes - Malwarebytes Tray Application.) -- C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe  =>.Malwarebytes Corporation®
O4 - HKLM\..\Run: [PSUTility] . (.FUJITSU LIMITED - TrayManager.) -- C:\Program Files\Fujitsu\PSUtility\TrayManager.exe  =>.FUJITSU LIMITED ®
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe  =>.Alps Electric Co., Ltd.
O4 - HKCU\..\Run: [Privacy Eraser] . (.Cybertron Software, Co., Ltd. - Privacy Eraser.) -- C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser64.exe  =>.Cybertron Software Co., Ltd®
O4 - HKCU\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe  =>.Glarysoft LTD®
O4 - HKLM\..\Wow6432Node\Run: [FUJ02B1_Apps] . (.FUJITSU LIMITED - FUJITSU Battery Check Tool.) -- C:\Program Files (x86)\Fujitsu\FUJ02B1\CheckBatteryPack.exe  =>.FUJITSU LIMITED®
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe  =>.Advanced Micro Devices, Inc.®
O4 - HKLM\..\Wow6432Node\Run: [IndicatorUtility] . (.FUJITSU LIMITED - Fujitsu Hotkey Utility.) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe  =>.FUJITSU LIMITED ®
O4 - HKLM\..\Wow6432Node\Run: [LoadFUJ02E3] . (.FUJITSU LIMITED - FUJ02E3 Utility.) -- C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe  =>.FUJITSU LIMITED ®
O4 - HKLM\..\Wow6432Node\Run: [SMΔRT-Protection] . (.Smadsoft - Smadav USB Antivirus & Additional Protectio.) -- C:\Program Files (x86)\Smadav\SMΔRTP.exe  =>.SmadSoft
O4 - HKLM\..\Wow6432Node\Run: [DeskUpdateNotifier] . (.Fujitsu Technology Solutions - DeskUpdate Notifier.) -- C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe {071246A7B330F062151933F7FFEEBB7F}  =>.Fujitsu Technology Solutions
O4 - HKLM\..\Wow6432Node\Run: [ATSwpNav] . (. - DeskUpdate Notifier.) -- C:\Program Files (x86)\Fingerprint Sensor\ATSwpNav" -run
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe  =>.Microsoft Windows®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe  =>.Microsoft Windows®
O4 - HKUS\S-1-5-21-4109908064-3473555827-3755470482-1000\..\Run: [Privacy Eraser] . (.Cybertron Software, Co., Ltd. - Privacy Eraser.) -- C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser64.exe  =>.Cybertron Software Co., Ltd®
O4 - HKUS\S-1-5-21-4109908064-3473555827-3755470482-1000\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe  =>.Glarysoft LTD®

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (28) - 31s
M0 - MFSP: prefs.js [arctic-deer - av81ba7v.default] http://search.norton.com?o=APN12179&prt=SSS&chn=1000170&ver=1.0.1.5&tpr=111&guid=c81612d2-db98-455e-98ce-0ad02e4e2f2d&doi=2017-9-7 
P2 - EXT FILE: (.Flag Full WHOIS + custom setting - Specifies the country's flag of the se.) -- C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\addons@whois.uanic.name.xpi
P2 - EXT FILE: (...) -- C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\idsafe@norton.com.xpi
P2 - EXT FILE: (.NO Google Analytics - Blocks Google Analytics.) -- C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\jid1-JcGokIiQyjoBAQ@jetpack.xpi  =>.NO Google Analytics
P2 - EXT FILE: (.Country Flag + - Shows country flag based on the server.) -- C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\jid1-s7swGsO2vJBPMv@jetpack.xpi
P2 - EXT FILE: (.DuckDuckGo Plus - DuckDuckGo Plus.) -- C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi  =>.DuckDuckGo Plus
P2 - EXT FILE: (.Norton Safe Search - Search safely online by enabling Norto.) -- C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\nortonsafesearch@symantec.com.xpi
P2 - EXT FILE: (. - __MSG_swDesc__.) -- C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\nortonsafeweb@symantec.com.xpi  =>PUP.Optional.SafeWeb
P2 - EXT FILE: (.Private Tab - Adds private tabs.) -- C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\privateTab@infocatcher.xpi  =>.Private Tab
P2 - EXT FILE: (.uBlock Origin - __MSG_popupTipPicker__".) -- C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\uBlock0@raymondhill.net.xpi  =>.uBlock Origin
P2 - EXT FILE: (.Bluhell Firewall - Lightweight Ad-Blocker and Tracking/Pr.) -- C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi  =>.Bluhell Firewall
P2 - EXT FILE: (.Bluhell Firewall - Lightweight Ad-Blocker and Tracking/Pr.) -- C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\{802a552e-13d1-4683-a40a-1e5325fba4bb}.xpi  =>.Bluhell Firewall
P2 - EXT FILE: (.Adblock Plus - Ads were yesterday!.) -- C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi  =>.Adblock Plus
P2 - EXT FILE: (.Jaril<em:homepageURLhttps://addons.mo - <em:id>{ec8030f7-c20a-464f-9b0e-13a3a9.) -- C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi
P2 - EXT FILE: (.Google Privacy <!-- We'll probably hav - gPrivacy - Make search engines respect.) -- C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\{ea61041c-1e22-4400-99a0-aea461e69d04}.xpi
P2 - EXT FILE: (.WorldIP - Professional Geo Add-on with security .) -- C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\{f36c6cd1-da73-491d-b290-8fc9115bfa55}.xpi
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi  =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\clicktoplay-rollout@mozilla.org.xpi  =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi  =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi  =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\followonsearch@mozilla.com.xpi  =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi  =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\shield-recipe-client@mozilla.org.xpi  =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi  =>.Mozilla Corporation
P2 - EXT: (.Myip.ms - Whois &amp; Flags Firefox &amp; Websites Popularity Rating.) -- C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\myipms2@myip.ms
P2 - FPN: [HKLM] [@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp] - (...) -- C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll
P2 - FPN: [HKLM] [@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf] - (...) -- C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll
P2 - FPN: [HKLM] [@microsoft.com/Lync,version=15.0] - (.Microsoft.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll  =>.Microsoft

---\\ Opera, Plugins,Start,Search (10) - 2s
B2 - EXT: [Ghostery] C:\Users\arctic-deer\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg  =>.Ghostery
B2 - EXT: [glinchiney] C:\Users\arctic-deer\AppData\Roaming\Opera Software\Opera Stable\Extensions\colooklfiganllfdabmgaonfbjpeoied
B2 - EXT: [uarnet] C:\Users\arctic-deer\AppData\Roaming\Opera Software\Opera Stable\Extensions\ieledhioefjpnnonfeoiphbaipffkemc
B2 - EXT: [pauliew] C:\Users\arctic-deer\AppData\Roaming\Opera Software\Opera Stable\Extensions\jhpahencahdfmlmglnminjfoopabapfh
B2 - EXT: [HOTCLEANER.COM] C:\Users\arctic-deer\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfpoajlbkhlfoeeokbppmecpplmieedm
B2 - EXT: [andy-portmen] C:\Users\arctic-deer\AppData\Roaming\Opera Software\Opera Stable\Extensions\ljealnphmlekclcdoeficainfegfjgkc
B2 - EXT: [webdevmedia] C:\Users\arctic-deer\AppData\Roaming\Opera Software\Opera Stable\Extensions\nihdkclnhikkafmhcdfenecgbabjjfmg
B2 - EXT: [webdevmedia] C:\Users\arctic-deer\AppData\Roaming\Opera Software\Opera Stable\Extensions\nknnchdeakoneodhopnlnbjjmdkmmmpm
B2 - EXT: [adblockplus] C:\Users\arctic-deer\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp  =>.adblockplus
B2 - EXT: [elennorphen] C:\Users\arctic-deer\AppData\Roaming\Opera Software\Opera Stable\Extensions\omcdndhjjchagccadgkhfdcbbhabamee

---\\ Internet Explorer Extensions, Start, Search (14) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/  =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank  =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank  =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = 




























































R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk  =>.Microsoft Corporation
R1 - HKEY_USERS\S-1-5-21-4109908064-3473555827-3755470482-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve  =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - مستعرض الإنترنت.) (11.00.15063.608 (WinBuild.160101.0800)) -- C:\Windows\SysWOW64\ieframe.dll  =>.Microsoft Corporation

---\\ Internet Explorer, Proxy Management (6) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []  =>.Microsoft

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)  =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.)  =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (24)

---\\ Browser Helper Object (BHO) (5) - 1s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll  =>.Tonec Inc.®
O2 - BHO: Bitdefender Wallet  [64Bits] - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} . (.Bitdefender - Bitdefender Password Manager Internet Explo.) -- C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll  =>.Bitdefender SRL®
O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll  =>.Microsoft Corporation®
O2 - BHO: Norton Identity Safety [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton Security\Engine32\22.10.1.10\coieplg.dll  =>.Symantec Corporation®
O2 - BHO: Partner BHO Class [64Bits] - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}  (.Orphan.)

---\\ Internet Explorer Toolbars (1) - 0s
O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) --  (.not file.)

---\\ Global shortcuts Startup (90) - 15s
O4 - GS\Desktop [Administrator]: Accurate Times.lnk . (.JAS - .) C:\Accurate Times\accu.exe  
O4 - GS\Desktop [Administrator]: ISE.lnk . (...) C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\DILMUNmWorX\ISE\ISEc.exe  
O4 - GS\Desktop [Administrator]: Norton Installation Files.lnk . (...) C:\Users\Public\Downloads\Norton\{NS21000000-TTW-FSD00001}  
O4 - GS\Desktop [Administrator]: Strings calculate.lnk . (...) C:\Program Files (x86)\حساب \حساب.exe  
O4 - GS\Desktop [Administrator]: Swiff Player.lnk . (.GlobFX Technologies - Swiff Player.) C:\Program Files (x86)\GlobFX\Swiff Player\SWFPlayer.exe    =>.GlobFX Technologies
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\arctic-deer\AppData\Roaming\ZHP\ZHPDiag3.exe    =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: ميزان .lnk . (...) C:\Program Files (x86)\alMwazeen\ميزان .exe  
O4 - GS\Quicklaunch [Administrator]: Accurate Times.lnk . (.JAS - .) C:\Accurate Times\accu.exe  
O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe    =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Administrator]: Revo Uninstaller Pro.lnk . (.VS Revo Group - Revo Uninstaller Pro.) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe    =>.VS Revo Group®
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo   =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: مستلم الفاكس.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo   =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: نقل الملفات عبر Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe    =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: Iridium Browser.lnk . (.The browser authors - .) C:\Program Files (x86)\Iridium\iridium.exe --force-fieldtrials=*EnforceCTForProblematicRoots/Disabled/   =>.The browser authors
O4 - GS\TaskBar [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe    =>.Mozilla Corporation®
O4 - GS\TaskBar [Administrator]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe    =>.Opera Software AS®
O4 - GS\TaskBar [Administrator]: Sleipnir 5.lnk . (.Fenrir Inc. - Sleipnir 6 for Windows.) C:\Program Files (x86)\Fenrir Inc\Sleipnir5\bin\Sleipnir.exe   {4BDF91CB8C9B8A688E630A7F205F8F8F}
O4 - GS\Programs [Administrator]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\arctic-deer\AppData\Local\Microsoft\OneDrive\OneDrive.exe    =>.Microsoft Corporation®
O4 - GS\Programs [Administrator]: التحديث وإعدادات الخصوصية.lnk . (.Microsoft Corporation - UNP UXLauncher.) C:\Windows\System32\UNP\UNPUXLauncher.exe /campaignID {91be532c-f9f1-406a-9858-43697c6f437a} /launchtype toast   =>.Microsoft Corporation
O4 - GS\Desktop [arctic-deer]: Accurate Times.lnk . (.JAS - .) C:\Accurate Times\accu.exe  
O4 - GS\Desktop [arctic-deer]: ISE.lnk . (...) C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\DILMUNmWorX\ISE\ISEc.exe  
O4 - GS\Desktop [arctic-deer]: Norton Installation Files.lnk . (...) C:\Users\Public\Downloads\Norton\{NS21000000-TTW-FSD00001}  
O4 - GS\Desktop [arctic-deer]: Strings calculate.lnk . (...) C:\Program Files (x86)\حساب الجمل\حساب الجمل.exe  
O4 - GS\Desktop [arctic-deer]: Swiff Player.lnk . (.GlobFX Technologies - Swiff Player.) C:\Program Files (x86)\GlobFX\Swiff Player\SWFPlayer.exe    =>.GlobFX Technologies
O4 - GS\Desktop [arctic-deer]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\arctic-deer\AppData\Roaming\ZHP\ZHPDiag3.exe    =>.Nicolas Coolman
O4 - GS\Desktop [arctic-deer]: ميزان .lnk . (...) C:\Program Files (x86)\alMwazeen\ميزان .exe  
O4 - GS\Quicklaunch [arctic-deer]: Accurate Times.lnk . (.JAS - .) C:\Accurate Times\accu.exe  
O4 - GS\Quicklaunch [arctic-deer]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe    =>.Microsoft Corporation®
O4 - GS\Quicklaunch [arctic-deer]: Revo Uninstaller Pro.lnk . (.VS Revo Group - Revo Uninstaller Pro.) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe    =>.VS Revo Group®
O4 - GS\sendTo [arctic-deer]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo   =>.Microsoft Corporation
O4 - GS\sendTo [arctic-deer]: مستلم الفاكس.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo   =>.Microsoft Corporation
O4 - GS\sendTo [arctic-deer]: نقل الملفات عبر Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe    =>.Microsoft Corporation
O4 - GS\TaskBar [arctic-deer]: Iridium Browser.lnk . (.The browser authors - .) C:\Program Files (x86)\Iridium\iridium.exe --force-fieldtrials=*EnforceCTForProblematicRoots/Disabled/   =>.The browser authors
O4 - GS\TaskBar [arctic-deer]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe    =>.Mozilla Corporation®
O4 - GS\TaskBar [arctic-deer]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe    =>.Opera Software AS®
O4 - GS\TaskBar [arctic-deer]: Sleipnir 5.lnk . (.Fenrir Inc. - Sleipnir 6 for Windows.) C:\Program Files (x86)\Fenrir Inc\Sleipnir5\bin\Sleipnir.exe   {4BDF91CB8C9B8A688E630A7F205F8F8F}
O4 - GS\Programs [arctic-deer]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\arctic-deer\AppData\Local\Microsoft\OneDrive\OneDrive.exe    =>.Microsoft Corporation®
O4 - GS\Programs [arctic-deer]: التحديث وإعدادات الخصوصية.lnk . (.Microsoft Corporation - UNP UXLauncher.) C:\Windows\System32\UNP\UNPUXLauncher.exe /campaignID {91be532c-f9f1-406a-9858-43697c6f437a} /launchtype toast   =>.Microsoft Corporation
O4 - GS\Desktop [Guest]: Accurate Times.lnk . (.JAS - .) C:\Accurate Times\accu.exe  
O4 - GS\Desktop [Guest]: ISE.lnk . (...) C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\DILMUNmWorX\ISE\ISEc.exe  
O4 - GS\Desktop [Guest]: Norton Installation Files.lnk . (...) C:\Users\Public\Downloads\Norton\{NS21000000-TTW-FSD00001}  
O4 - GS\Desktop [Guest]: Strings calculate.lnk . (...) C:\Program Files (x86)\حساب \حساب .exe  
O4 - GS\Desktop [Guest]: Swiff Player.lnk . (.GlobFX Technologies - Swiff Player.) C:\Program Files (x86)\GlobFX\Swiff Player\SWFPlayer.exe    =>.GlobFX Technologies
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\arctic-deer\AppData\Roaming\ZHP\ZHPDiag3.exe    =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: ميزان .lnk . (...) C:\Program Files (x86)\alMwazeen\ميزان .exe  
O4 - GS\Quicklaunch [Guest]: Accurate Times.lnk . (.JAS - .) C:\Accurate Times\accu.exe  
O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe    =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Guest]: Revo Uninstaller Pro.lnk . (.VS Revo Group - Revo Uninstaller Pro.) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe    =>.VS Revo Group®
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo   =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: مستلم الفاكس.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo   =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: نقل الملفات عبر Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe    =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: Iridium Browser.lnk . (.The browser authors - .) C:\Program Files (x86)\Iridium\iridium.exe --force-fieldtrials=*EnforceCTForProblematicRoots/Disabled/   =>.The browser authors
O4 - GS\TaskBar [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe    =>.Mozilla Corporation®
O4 - GS\TaskBar [Guest]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe    =>.Opera Software AS®
O4 - GS\TaskBar [Guest]: Sleipnir 5.lnk . (.Fenrir Inc. - Sleipnir 6 for Windows.) C:\Program Files (x86)\Fenrir Inc\Sleipnir5\bin\Sleipnir.exe   {4BDF91CB8C9B8A688E630A7F205F8F8F}
O4 - GS\Programs [Guest]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\arctic-deer\AppData\Local\Microsoft\OneDrive\OneDrive.exe    =>.Microsoft Corporation®
O4 - GS\Programs [Guest]: التحديث وإعدادات الخصوصية.lnk . (.Microsoft Corporation - UNP UXLauncher.) C:\Windows\System32\UNP\UNPUXLauncher.exe /campaignID {91be532c-f9f1-406a-9858-43697c6f437a} /launchtype toast   =>.Microsoft Corporation
O4 - GS\CommonDesktop [Public]: Bitdefender.lnk . (.Bitdefender - .) C:\Program Files (x86)\Bitdefender\Bitdefender Security\bdagent.exe /seccenter   =>.BitDefender
O4 - GS\CommonDesktop [Public]: Norton Security.lnk . (.Symantec Corporation - .) C:\Program Files (x86)\Norton Security\Engine\22.10.1.10\uistub.exe /win8   =>.Symantec Corporation
O4 - GS\CommonDesktop [Public]: PdfGrabber 8.0.lnk . (.PixelPlanet - PdfGrabber.) C:\Program Files (x86)\PixelPlanet\PdfGrabber 8.0\PdfGrabber.exe   {0CFFBD4A04713986322B391ED7FE6B02}  =>.PixelPlanet
O4 - GS\CommonDesktop [Public]: SharpKeys.lnk . (...) C:\WINDOWS\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_F33C5543CA54DFFA237A37.exe  
O4 - GS\CommonDesktop [Public]: SMADΔV.lnk . (.Smadsoft - Smadav USB Antivirus & Additional Protectio.) C:\Program Files (x86)\SMADAV\SMΔRTP.exe    =>.SmadSoft
O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\arctic-deer\AppData\Local\Microsoft\OneDrive\OneDrive.exe    =>.Microsoft Corporation®
O4 - GS\Programs [Public]: التحديث وإعدادات الخصوصية.lnk . (.Microsoft Corporation - UNP UXLauncher.) C:\Windows\System32\UNP\UNPUXLauncher.exe /campaignID {91be532c-f9f1-406a-9858-43697c6f437a} /launchtype toast   =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe    =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - ‎‎المفكرة.) C:\WINDOWS\system32\notepad.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) C:\WINDOWS\system32\eudcedit.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Bluetooth File Transfer Wizard.lnk . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - ‎‎‫مركز إعدادات الكمبيوتر الشخصي المحمول لـ.) C:\WINDOWS\system32\mblctr.exe /open   =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - ‎‎الرسام.) C:\WINDOWS\system32\mspaint.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - ‎‎الاتصال بسطح المكتب البعيد.) C:\WINDOWS\system32\mstsc.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - ‎‎أداة القطع.) C:\WINDOWS\system32\SnippingTool.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - ‎‎مسجل الخطوات.) C:\WINDOWS\system32\psr.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - ‎‎Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1   =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - ‎‎تطبيق المفكرة لـ Windows.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - ‎‎عارض XPS.) C:\WINDOWS\system32\xpsrchvw.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - ‎‎مخطط توزيع الأحرف.) C:\WINDOWS\system32\charmap.exe    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Glary Utilities 5.lnk . (.Glarysoft Ltd - Glary Utilities 5.) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe    =>.Glarysoft LTD®
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: LaunchCenter.lnk . (.Fujitsu Technology Solutions - Fujitsu LaunchCenter.) C:\Program Files (x86)\Fujitsu\LaunchCenter\LaunchCenter.exe    =>.Fujitsu Technology Solutions
O4 - GS\ProgramsCommon [Public]: MiracastView.lnk . (.Microsoft Corporation - MiracastView.) C:\WINDOWS\MiracastView\MiracastView.exe    =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe    =>.Mozilla Corporation®
O4 - GS\ProgramsCommon [Public]: Opera Browser.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe    =>.Opera Software AS®
O4 - GS\ProgramsCommon [Public]: PdfGrabber 8.0.lnk . (.PixelPlanet - PdfGrabber.) C:\Program Files (x86)\PixelPlanet\PdfGrabber 8.0\PdfGrabber.exe   {0CFFBD4A04713986322B391ED7FE6B02}  =>.PixelPlanet
O4 - GS\ProgramsCommon [Public]: PrintDialog.lnk . (.Microsoft Corporation - Print Dialog.) C:\WINDOWS\PrintDialog\PrintDialog.exe    =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: Registry Repair.lnk . (.Glarysoft Ltd - Glarysoft RegistryCleaner.) C:\Program Files (x86)\Glarysoft\Registry Repair 5\RegistryCleaner.exe    =>.Glarysoft LTD®
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - ‎‎Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1   =>.Microsoft Corporation

---\\ Lop.com/Domain Hijackers (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.178.158.171 82.178.158.181
O17 - HKLM\System\CCS\Services\Tcpip\..\{be3f2594-e317-44a0-b5b0-e3013a245f19}: DhcpNameServer = 192.168.1.1  =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{fcdf8860-6fc4-477d-958c-32d1f9d3a9b9}: DhcpNameServer = 82.178.158.171 82.178.158.181

---\\ Extra protocols (27) - 2s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\SysWOW64\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\SysWOW64\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll  =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\SysWOW64\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\SysWOW64\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\SysWOW64\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\SysWOW64\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll  =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\SysWOW64\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll  =>.Microsoft Corporation®
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\SysWOW64\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\SysWOW64\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll  =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\SysWOW64\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll  =>.Microsoft Corporation
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll  =>.Microsoft Corporation®
O18 - Handler: osf [64Bits] - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL  =>.Microsoft Corporation®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\SysWOW64\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll  =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll  =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\SysWOW64\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll  =>.Microsoft Corporation
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll  =>.Microsoft Corporation®
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll  =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll  =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll  =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL  =>.Microsoft Corporation®

---\\ Software installed (109) - 30s
O42 - Logiciel: Access Quran - (.Free Islam.) [HKLM][64Bits] -- {22E1577F-76EE-4791-B29C-ADD10C648C5D}
O42 - Logiciel: Access Quran - (.Free Islam.) [HKLM][64Bits] -- Access Quran 10.05
O42 - Logiciel: Accurate Times 5.3.9 - (.Mohammad Odeh (ICOP).) [HKLM][64Bits] -- Accurate Times_is1
O42 - Logiciel: alMwazeen - (.ammar alhille.) [HKLM][64Bits] -- alMwazeen1.0
O42 - Logiciel: ALPS Touch Pad Driver - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}  =>.Alps Electric Co., LTD.®
O42 - Logiciel: Al-Quran Al-Hakeem Calculator - (.KazSoft.) [HKLM][64Bits] -- Al-Quran Al-Hakeem Calculator1.1.1
O42 - Logiciel: AMD Catalyst Control Center - (.AMD.) [HKLM][64Bits] -- WUCCCApp  =>.Advanced Micro Devices, Inc.®
O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM][64Bits] -- {8877487B-50A1-5629-093F-DD2FE43ECA3C}  =>.ATI Technologies, Inc.
O42 - Logiciel: Atom TechSoft For Excel Password Recovery version 1.0 - (.Atom TechSoft.) [HKLM][64Bits] -- {9EAB0089-173F-4D5A-B452-56AB1A4B6AF9}_is1
O42 - Logiciel: AuthenTec Fingerprint Software - (.AuthenTec, Inc..) [HKLM][64Bits] -- {2B97F94C-F062-4508-817E-DAD1D1ABF526}  =>.AuthenTec, Inc.
O42 - Logiciel: Bagher Soft - (.bagher.) [HKLM][64Bits] -- Bagher Soft1.0
O42 - Logiciel: BDAntiRansomware - (.Bitdefender.) [HKLM][64Bits] -- {BE40AB1F-558F-4434-B72F-461EF97E7796}_is1  =>.BitDefender
O42 - Logiciel: Bitdefender Agent - (.Bitdefender.) [HKLM][64Bits] -- Bitdefender Agent  =>.Bitdefender SRL®
O42 - Logiciel: Bitdefender Device Management - (.Bitdefender.) [HKLM][64Bits] -- Bitdefender Device Management  =>.Bitdefender SRL®
O42 - Logiciel: Bitdefender Total Security - (.Bitdefender.) [HKLM][64Bits] -- Bitdefender  =>.Bitdefender SRL®
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {220F7FC9-7E80-4920-9579-81D88A57FA6C}  =>.ATI
O42 - Logiciel: Catalyst Control Center Graphics Previews Vista - (.ATI.) [HKLM][64Bits] -- {DD66089A-F868-B0F2-0390-C49606A474AF}  =>.ATI
O42 - Logiciel: Catalyst Control Center InstallProxy - (.ATI Technologies, Inc..) [HKLM][64Bits] -- {D13347CD-B657-0824-5808-7E96984CD89D}  =>.ATI Technologies, Inc.
O42 - Logiciel: Catalyst Control Center Localization All - (.ATI.) [HKLM][64Bits] -- {C52F48D1-E719-8F33-FB14-21312C24B445}  =>.ATI
O42 - Logiciel: ccc-core-static - (.ATI.) [HKLM][64Bits] -- {13DA4FDF-2714-9E95-C096-48ABEC308CD3}  =>.ATI
O42 - Logiciel: ccc-utility64 - (.ATI.) [HKLM][64Bits] -- {5633497C-9D4F-847D-0CBC-120FE63AC71C}  =>.ATI
O42 - Logiciel: Convert PDF to Word Desktop Software version 5.2.0 - (.Convertpdftoword.net.) [HKLM][64Bits] -- {84A79DF3-D855-4671-B67A-E6B8846EC5A3}_is1
O42 - Logiciel: Corel PaintShop Pro X9 - (.Corel Corporation.) [HKLM][64Bits] -- _{998717E5-1031-4D28-A143-48ADAF062E5F}  =>.Corel Corporation®
O42 - Logiciel: Corel Update Manager - (.Corel corporation.) [HKLM][64Bits] -- {B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}  =>.Corel Corporation
O42 - Logiciel: DeskUpdate 4.11 - (.Fujitsu Technology Solutions.) [HKLM][64Bits] -- DeskUpdate_is1  =>.Fujitsu Technology Solutions
O42 - Logiciel: EPSON L382 Series Printer Uninstall - (.Seiko Epson Corporation.) [HKLM][64Bits] -- EPSON L382 Series  =>.SEIKO EPSON CORPORATION®
O42 - Logiciel: Epson Scan 2 - (.Seiko Epson Corporation.) [HKLM][64Bits] -- Epson Scan 2  =>.SEIKO EPSON CORPORATION®
O42 - Logiciel: EPSON Scan OCR Component - (.SEIKO EPSON Corp..) [HKLM][64Bits] -- {563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}  =>.Macrovision Corporation®
O42 - Logiciel: Epson Software Updater - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {82B94253-3FBC-4779-B3BF-C690AD54AFDB}  =>.Seiko Epson Corporation
O42 - Logiciel: Excel Password Recovery Master 4.1 - (..) [HKLM][64Bits] -- Excel Password Recovery Master_is1
O42 - Logiciel: Fujitsu Hotkey Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {BA0CC975-682B-4678-A35C-05E607F36387}  =>.FUJITSU LIMITED
O42 - Logiciel: Fujitsu Hotkey Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}  =>.FUJITSU LIMITED
O42 - Logiciel: Fujitsu MobilityCenter Extension Utility - (..) [HKLM][64Bits] -- InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}
O42 - Logiciel: Fujitsu MobilityCenter Extension Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {EC314CDF-3521-482B-A21C-65AC95664814}  =>.FUJITSU LIMITED
O42 - Logiciel: Fujitsu System Extension Utility - (..) [HKLM][64Bits] -- InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}
O42 - Logiciel: Fujitsu System Extension Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}  =>.FUJITSU LIMITED
O42 - Logiciel: Glary Utilities 5.83 - (.Glarysoft Ltd.) [HKLM][64Bits] -- Glary Utilities 5  =>.Glarysoft LTD®
O42 - Logiciel: GPL Ghostscript Lite 9.14.17 - (.Free Distribution.) [HKLM][64Bits] -- GPL Ghostscript Lite_is1
O42 - Logiciel: ICA - (.Corel Corporation.) [HKLM][64Bits] -- {998717E5-1031-4D28-A143-48ADAF062E5F}  =>.Corel Corporation
O42 - Logiciel: ILYDA (UK) Ltd - Ribbon Commander 1.1.232 - (.ILYDA (UK) Ltd.) [HKLM][64Bits] -- {F96BEA75-4C93-4A6F-AE2E-308BFE0146C2}
O42 - Logiciel: ILYDA (UK) Ltd - Vertex42.com Template Gallery - (.ILYDA (UK) Ltd.) [HKLM][64Bits] -- {D4DF61D5-ACB3-4CCB-A1B2-AB1DFBD8C062}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}  =>.Intel Corporation®
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager  =>.Tonec Inc.®
O42 - Logiciel: IPM_PSP_COM64 - (.Corel Corporation.) [HKLM][64Bits] -- {966E78A9-AB34-4FC6-BEDA-7D3F1F42121D}  =>.Corel Corporation
O42 - Logiciel: Iridium Browser - (.The Iridium Authors.) [HKLM][64Bits] -- {6C2A8137-09A5-4ADB-8F01-54D85BF7FAAC}  =>.The Iridium Authors
O42 - Logiciel: ISE 2.2 - (..) [HKLM][64Bits] -- ISE 2.2
O42 - Logiciel: Java 8 Update 131 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F32180131F0}  =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10}  =>.Oracle Corporation
O42 - Logiciel: JiNa Arabic OCR version 1.1.0 - (.Convertpdftoword.net.) [HKLM][64Bits] -- {FBE8F5BC-0025-4491-9CA2-21990EC85F18}_is1
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}  =>.Microsoft Corporation
O42 - Logiciel: Kaspersky Software Updater - (.Kaspersky Lab.) [HKLM][64Bits] -- {DEEDA858-A9B4-4212-8873-2F2CE2706E68}  =>.Kaspersky Lab
O42 - Logiciel: Kaspersky Software Updater - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{DEEDA858-A9B4-4212-8873-2F2CE2706E68}  =>.Kaspersky Lab®
O42 - Logiciel: Malwarebytes version 3.1.2.1733 - (.Malwarebytes.) [HKLM][64Bits] -- {35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1  =>.Malwarebytes Corporation®
O42 - Logiciel: MansionTracker - (..) [HKLM][64Bits] -- ST6UNST #2
O42 - Logiciel: Microsoft Access MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0409-1000-0000000FF1CE}  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Access Setup Metadata MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0117-0409-1000-0000000FF1CE}  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE}  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}  =>.Microsoft Corporation
O42 - Logiciel: Microsoft DCF MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0409-1000-0000000FF1CE}  =>.Microsoft Corporation
O42 - Logiciel: Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291. - (.Microsoft Corporation.) [HKLM][64Bits] -- {25E80DAA-FD87-DCE5-202C-CC02F6673002}  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Excel MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0409-1000-0000000FF1CE}  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Groove MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0409-1000-0000000FF1CE}  =>.Microsoft Corporation
O42 - Logiciel: Microsoft InfoPath MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0409-1000-0000000FF1CE}  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Lync MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0409-1000-0000000FF1CE}  =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe  =>.Microsoft Corporation®
O42 - Logiciel: Microsoft OneNote MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0409-1000-0000000FF1CE}  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0409-1000-0000000FF1CE}  =>.Microsoft Corporation
O42 - Logiciel: Microsoft PowerPoint MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0409-1000-0000000FF1CE}  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Publisher MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0409-1000-0000000FF1CE}  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Word MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0409-1000-0000000FF1CE}  =>.Microsoft Corporation
O42 - Logiciel: Moonphase 3.3 - (..) [HKCU][64Bits] -- Moonphase 3.3
O42 - Logiciel: Mozilla Firefox 55.0.3 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 55.0.3 (x86 en-US)  =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService  =>.Mozilla
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}  =>.Microsoft
O42 - Logiciel: NAPS2 5.5.0 - (.Ben Olden-Cooligan.) [HKLM][64Bits] -- NAPS2 (Not Another PDF Scanner 2)_is1  =>.Ben Olden-Cooligan
O42 - Logiciel: Norton Security - (.Symantec Corporation.) [HKLM][64Bits] -- NS  =>.Symantec Corporation®
O42 - Logiciel: Opera Stable 47.0.2631.80 - (.Opera Software.) [HKLM][64Bits] -- Opera 47.0.2631.80  =>.Opera Software AS®
O42 - Logiciel: PdfGrabber 8.0 (64bit) - (.PixelPlanet.) [HKLM][64Bits] -- {436B31A2-3E3B-4D6D-B589-20E7C238B7C6}  =>.PixelPlanet
O42 - Logiciel: PhotoFiltre 7 - (.Antonio Da Cruz.) [HKCU][64Bits] -- PhotoFiltre 7  =>.Antonio Da Cruz
O42 - Logiciel: Power Saving Utility - (..) [HKLM][64Bits] -- InstallShield_{7254349B-460B-488F-B4DB-A96100C5C48B}
O42 - Logiciel: Power Saving Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {7254349B-460B-488F-B4DB-A96100C5C48B}  =>.FUJITSU LIMITED
O42 - Logiciel: Privacy Eraser - (.Cybertron Software Co., Ltd..) [HKLM][64Bits] -- {CB5AC03C-B8AD-980F-998E-51969A6DFC9F}_is1  =>.Cybertron Software Co., Ltd®
O42 - Logiciel: PSPPContent - (.Corel Corporation.) [HKLM][64Bits] -- {91773E30-F29C-4381-854A-95281DEB8DA1}  =>.Corel Corporation
O42 - Logiciel: PSPPHelp - (.Corel Corporation.) [HKLM][64Bits] -- {9F087D85-EDDC-4DC4-B665-AFDD3734D987}  =>.Corel Corporation
O42 - Logiciel: PSPPro64 - (.Corel Corporation.) [HKLM][64Bits] -- {9722764A-D7C1-483A-931C-9C0A95D5F4EB}  =>.Corel Corporation
O42 - Logiciel: Quant Advisory Ltd - mathlayer Library - (.Quant Advisory Ltd.) [HKLM][64Bits] -- {2CB06BBC-EF38-49E4-A495-6ECA5278F453}
O42 - Logiciel: Quraan Analysis - (..) [HKLM][64Bits] -- QuraanAnalysis
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}  =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}  =>.Realtek Semiconductor Corp.
O42 - Logiciel: Registry Repair 5.0.1.86 - (.Glarysoft Ltd.) [HKLM][64Bits] -- Registry Repair  =>.Glarysoft LTD®
O42 - Logiciel: Revo Uninstaller Pro 3.1.9 - (.VS Revo Group, Ltd..) [HKLM][64Bits] -- {67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1  =>.VS Revo Group, Ltd.
O42 - Logiciel: Setup - (.Corel Corporation.) [HKLM][64Bits] -- {9E0054AB-F957-4177-850E-3541960DBD53}  =>.Corel Corporation
O42 - Logiciel: SharpKeys - (.RandyRants.com.) [HKLM][64Bits] -- {636E94DA-99C0-448F-A931-3DAD83B4975F}  =>.RandyRants.com
O42 - Logiciel: Sleipnir Version 6.2.7 - (.Fenrir Inc..) [HKLM][64Bits] -- FenrirSleipnirV5_is1 {75486E6A7B30DB99F381C3C8D6C4E242}
O42 - Logiciel: Swiff Player 1.7.2 - (.GlobFX Technologies.) [HKLM][64Bits] -- Swiff Player_is1  =>.GlobFX Technologies
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey  =>.Synaptics Incorporated®
O42 - Logiciel: SystemDiagnostics - (.Fujitsu Technology Solutions.) [HKLM][64Bits] -- {80B0B731-5FAE-475D-8844-20F46373780D}  =>.Fujitsu Technology Solutions
O42 - Logiciel: Timaeus 8 Lite - (.Zoidiasoft Technologies, LLC.) [HKLM][64Bits] -- {49AF305E-F83A-4B58-A0D0-DF9CB5658A5D}
O42 - Logiciel: Tweaking.com - Windows Repair - (.Tweaking.com.) [HKLM][64Bits] -- Tweaking.com - Windows Repair  =>.Tweaking.com
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer  =>.Unity Technologies ApS
O42 - Logiciel: Update for Skype for Business 2015 (KB3213574) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8C2A4D8F-3020-403E-94D4-E8EC03F9E723}  =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB3213574) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{8C2A4D8F-3020-403E-94D4-E8EC03F9E723}  =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB3213574) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8C2A4D8F-3020-403E-94D4-E8EC03F9E723}  =>.Microsoft Corporation®
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player  =>.VideoLAN
O42 - Logiciel: Windows 10 Update and Privacy Settings - (.Microsoft Corporation.) [HKLM][64Bits] -- {4DFCD818-036A-4229-A67D-CF17DC461D92}  =>.Microsoft Corporation
O42 - Logiciel: WinRAR 5.50 beta 4 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver  =>.win.rar GmbH®
O42 - Logiciel: ZET 9 Lite 2.29 - (.ZET Astrology Software.) [HKLM][64Bits] -- ZET 9 Lite 2.29
O42 - Logiciel: أدلة EPSON - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {84CECC1B-21EF-41B1-9A91-3E724E5D99D3}  =>.Seiko Epson Corporation
O42 - Logiciel: ارصاد - (..) [HKLM][64Bits] -- ST6UNST #1

---\\ HKCU & HKLM Software Keys (143) - 30s
HKLM\SOFTWARE\Wow6432Node\ACD Systems  =>.ACD Systems
HKLM\SOFTWARE\Wow6432Node\Adobe  =>.Adobe
HKLM\SOFTWARE\Wow6432Node\Amigabit
HKLM\SOFTWARE\Wow6432Node\Ashampoo  =>.Ashampoo
HKLM\SOFTWARE\Wow6432Node\ATI  =>.ATI
HKLM\SOFTWARE\Wow6432Node\ATI Technologies  =>.ATI Technologies
HKLM\SOFTWARE\Wow6432Node\Auslogics  =>.Auslogics
HKLM\SOFTWARE\Wow6432Node\AuthenTec  =>.AuthenTec
HKLM\SOFTWARE\Wow6432Node\AVG  =>.AVG Software
HKLM\SOFTWARE\Wow6432Node\Avira  =>.Avira
HKLM\SOFTWARE\Wow6432Node\AviraSpeedup  =>.Avira Software
HKLM\SOFTWARE\Wow6432Node\BCL Technologies  =>.BCL Technologies
HKLM\SOFTWARE\Wow6432Node\Bitdefender  =>.Bitdefender
HKLM\SOFTWARE\Wow6432Node\Bitdefender Agent  =>.Bitdefender
HKLM\SOFTWARE\Wow6432Node\Caphyon  =>.Caphyon
HKLM\SOFTWARE\Wow6432Node\Corel  =>.Corel
HKLM\SOFTWARE\Wow6432Node\CyberLink  =>.CyberLink Corporation
HKLM\SOFTWARE\Wow6432Node\Daossoft
HKLM\SOFTWARE\Wow6432Node\dll-files.com  =>.SUP.DllFilesFixer
HKLM\SOFTWARE\Wow6432Node\EaseUS  =>.EaseUS Software
HKLM\SOFTWARE\Wow6432Node\EPSON  =>.EPSON
HKLM\SOFTWARE\Wow6432Node\Foxit Software  =>.Foxit Software
HKLM\SOFTWARE\Wow6432Node\Free Islam
HKLM\SOFTWARE\Wow6432Node\Fujitsu  =>.Fujitsu
HKLM\SOFTWARE\Wow6432Node\Glarysoft  =>.Glarysoft
HKLM\SOFTWARE\Wow6432Node\GlobFX Technologies  =>.GlobFX Technologies
HKLM\SOFTWARE\Wow6432Node\Google  =>.Google
HKLM\SOFTWARE\Wow6432Node\HeimdalSecurity
HKLM\SOFTWARE\Wow6432Node\IlydaUK
HKLM\SOFTWARE\Wow6432Node\Innovative Solutions  =>.Innovative Solutions
HKLM\SOFTWARE\Wow6432Node\Intel  =>.Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager  =>.Tonec Inc
HKLM\SOFTWARE\Wow6432Node\IObit  =>.IObit
HKLM\SOFTWARE\Wow6432Node\iSumsoft  =>.DNSoft
HKLM\SOFTWARE\Wow6432Node\iSunshare
HKLM\SOFTWARE\Wow6432Node\JavaSoft  =>.JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics  =>.JreMetrics
HKLM\SOFTWARE\Wow6432Node\KasperskyLab  =>.Kaspersky Labs
HKLM\SOFTWARE\Wow6432Node\Khronos  =>.Khronos
HKLM\SOFTWARE\Wow6432Node\Macromedia  =>.Macromedia
HKLM\SOFTWARE\Wow6432Node\MimarSinan  =>.Mimar Sinan
HKLM\SOFTWARE\Wow6432Node\Mozilla  =>.Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org  =>.mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins  =>.MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Norton  =>.Symantec Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC  =>.DB Connectivity Solutions
HKLM\SOFTWARE\Wow6432Node\Opera Software  =>.Opera Software
HKLM\SOFTWARE\Wow6432Node\PowerPivot  =>.PowerPivot
HKLM\SOFTWARE\Wow6432Node\Realtek  =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Safer Networking Limited  =>.Safer Networking Limited
HKLM\SOFTWARE\Wow6432Node\SEIKO EPSON Corp.  =>.SEIKO EPSON CORP.
HKLM\SOFTWARE\Wow6432Node\Symantec  =>.Symantec
HKLM\SOFTWARE\Wow6432Node\The Iridium Authors  =>.The Iridium Authors
HKLM\SOFTWARE\Wow6432Node\TuneUp  =>.TuneUp
HKLM\SOFTWARE\Wow6432Node\TweakBit  =>.TweakBit
HKLM\SOFTWARE\Wow6432Node\VideoLAN  =>.VideoLAN
HKLM\SOFTWARE\Wow6432Node\Volatile  =>.Microsoft Corporation
HKLM\SOFTWARE\Wow6432Node\webroot  =>.Webroot
HKLM\SOFTWARE\Wow6432Node\WOW6432Node  =>.Microsoft Corporation
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications  =>.Microsoft Corporation
HKCU\SOFTWARE\Adobe  =>.Adobe
HKCU\SOFTWARE\Anonymous
HKCU\SOFTWARE\AppDataLow  =>.Microsoft Corporation
HKCU\SOFTWARE\ASCOMP
HKCU\SOFTWARE\Ashampoo  =>.Ashampoo
HKCU\SOFTWARE\ASProtect  =>.ASPack Software
HKCU\SOFTWARE\ATI  =>.ATI
HKCU\SOFTWARE\AviraSpeedup  =>.Avira Software
HKCU\SOFTWARE\Bitdefender  =>.Bitdefender
HKCU\SOFTWARE\Chromium  =>.Chromium
HKCU\SOFTWARE\Common  =>.Corel Corporation
HKCU\SOFTWARE\Corel  =>.Corel
HKCU\SOFTWARE\CPDSoftware
HKCU\SOFTWARE\CyberLink  =>.CyberLink Corporation
HKCU\SOFTWARE\Cybertron  =>.Cybertron Software Ltd
HKCU\SOFTWARE\Dashlane_profiles  =>.Dashlane, Inc
HKCU\SOFTWARE\dll-files.com  =>.SUP.DllFilesFixer
HKCU\SOFTWARE\DownloadManager  =>.DownloadManager
HKCU\SOFTWARE\EaseUS  =>.EaseUS Software
HKCU\SOFTWARE\EPSON  =>.EPSON
HKCU\SOFTWARE\EPSON Software Updater  =>.Epson/Seico
HKCU\SOFTWARE\Foxit Software  =>.Foxit Software
HKCU\SOFTWARE\Free Password Recovery Software
HKCU\SOFTWARE\Fujitsu  =>.Fujitsu
HKCU\SOFTWARE\Glarysoft  =>.Glarysoft
HKCU\SOFTWARE\GlobFX Technologies  =>.GlobFX Technologies
HKCU\SOFTWARE\Google  =>.Google
HKCU\SOFTWARE\IlydaUK
HKCU\SOFTWARE\IM Providers  =>.IM Providers
HKCU\SOFTWARE\Innovative Solutions  =>.Innovative Solutions
HKCU\SOFTWARE\Iridium
HKCU\SOFTWARE\JavaSoft  =>.JavaSoft
HKCU\SOFTWARE\K7 Computing
HKCU\SOFTWARE\KasperskyLab  =>.Kaspersky Labs
HKCU\SOFTWARE\KutoolsForExcel  =>.Addin Technology Inc
HKCU\SOFTWARE\Licenses  =>.Microsoft Corporation
HKCU\SOFTWARE\Local AppWizard-Generated Applications  =>.ZWCAD
HKCU\SOFTWARE\Locky  =>.Legitimate
HKCU\SOFTWARE\Macromedia  =>.Macromedia
HKCU\SOFTWARE\Malwarebytes  =>.Malwarebytes
HKCU\SOFTWARE\Mirage  =>.Mirage Game
HKCU\SOFTWARE\Modern UI Test  =>.Legitimate
HKCU\SOFTWARE\Mozilla  =>.Mozilla
HKCU\SOFTWARE\MozillaPlugins  =>.MozillaPlugins
HKCU\SOFTWARE\Netscape  =>.Netscape
HKCU\SOFTWARE\Nico Mak Computing  =>.Nico Mak Computing
HKCU\SOFTWARE\Norton  =>.Symantec Corporation
HKCU\SOFTWARE\O&O  =>.O&O Software GmbH
HKCU\SOFTWARE\ODBC  =>.DB Connectivity Solutions
HKCU\SOFTWARE\Opera Software  =>.Opera Software
HKCU\SOFTWARE\oxisoft.com
HKCU\SOFTWARE\PhotoFiltre 7  =>.Antonio Da Cruz
HKCU\SOFTWARE\PN64eJ4ahup
HKCU\SOFTWARE\Pointstone  =>.Pointstone
HKCU\SOFTWARE\RandyRants
HKCU\SOFTWARE\Realtek  =>.Realtek Semiconductor Corp.
HKCU\SOFTWARE\RegisteredApplications  =>.Microsoft Corporation
HKCU\SOFTWARE\Resplendence Sp  =>.Resplendence Software
HKCU\SOFTWARE\Rixler Software
HKCU\SOFTWARE\Safer Networking Limited  =>.Safer Networking Limited
HKCU\SOFTWARE\SEIKO EPSON CORPORATION  =>.Seiko Epson Corporation
HKCU\SOFTWARE\SMADΔV
HKCU\SOFTWARE\Softplicity  =>.Softplicity
HKCU\SOFTWARE\Synaptics  =>.Synaptics
HKCU\SOFTWARE\TAdvCheckList  =>.Borland
HKCU\SOFTWARE\The Silicon Realms Toolworks  =>.The Silicon Realms Toolworks
HKCU\SOFTWARE\Thegrideon Software  =>.Thegrideon Software
HKCU\SOFTWARE\Trolltech  =>.Trolltech
HKCU\SOFTWARE\Unity  =>.Unity
HKCU\SOFTWARE\VB and VBA Program Settings  =>.Microsoft Corporation
HKCU\SOFTWARE\VS Revo Group  =>.VS Revo Group
HKCU\SOFTWARE\WinRAR  =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX  =>.RarLab
HKCU\SOFTWARE\Wow6432Node  =>.Microsoft Corporation
HKCU\SOFTWARE\www.horoscopus.net
HKCU\SOFTWARE\ZET 9
HKCU\SOFTWARE\ZHP  =>.Nicolas Coolman
HKCU\SOFTWARE\Zoidiasoft Technologies
HKCU\SOFTWARE\AppDataLow\Software  =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\Norton  =>.Symantec Corporation
HKCU\SOFTWARE\AppDataLow\Software\QiYi  =>.SUP.IQIYIVideo
HKCU\SOFTWARE\AppDataLow\Software\Unity  =>.Unity
HKCU\SOFTWARE\AppDataLow\Software\webroot  =>.Webroot

---\\ Contents of the Common Files folders (378) - 40s
O43 - CFD: 13/07/2017 - [] D -- C:\Program Files\AMD  =>.Advanced Micro Devices, Inc.®
O43 - CFD: 25/08/2017 - [] AD -- C:\Program Files\Apoint2K  =>.Alps Electric Co., LTD.®
O43 - CFD: 04/12/2015 - [] D -- C:\Program Files\ATI  =>.ATI Technologies, Inc®
O43 - CFD: 13/07/2017 - [] AD -- C:\Program Files\ATI Technologies  =>.ATI Technologies
O43 - CFD: 12/07/2017 - [] D -- C:\Program Files\Bitdefender  =>.Bitdefender
O43 - CFD: 25/09/2017 - [] AD -- C:\Program Files\Bitdefender Agent  =>.Bitdefender
O43 - CFD: 07/09/2017 - [] D -- C:\Program Files\Common Files  =>.Microsoft Corporation
O43 - CFD: 18/07/2017 - [] AD -- C:\Program Files\Corel  =>.Corel Corporation
O43 - CFD: 26/06/2017 - [] D -- C:\Program Files\Cybertron  =>.Cybertron Software Ltd
O43 - CFD: 27/07/2017 - [] D -- C:\Program Files\Fujitsu {3365564E96DF87027906309EC07F4204}  =>.Fujitsu
O43 - CFD: 04/06/2017 - [] D -- C:\Program Files\Geomancy
O43 - CFD: 01/07/2017 - [] AD -- C:\Program Files\GSLITE
O43 - CFD: 22/09/2017 - [] D -- C:\Program Files\Internet Explorer  =>.Microsoft Corporation
O43 - CFD: 26/06/2017 - [] AD -- C:\Program Files\Iridium  =>.Open Source Business Alliance e.V.®
O43 - CFD: 16/08/2017 - [] D -- C:\Program Files\Malwarebytes  =>.Malwarebytes
O43 - CFD: 02/08/2016 - [] D -- C:\Program Files\Microsoft Analysis Services  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [] D -- C:\Program Files\Microsoft Games  =>.Microsoft Corporation
O43 - CFD: 16/08/2017 - [] D -- C:\Program Files\Microsoft IntelliType Pro  =>.Microsoft Corporation
O43 - CFD: 02/08/2016 - [] AD -- C:\Program Files\Microsoft Office  =>.Microsoft Corporation
O43 - CFD: 02/08/2016 - [] D -- C:\Program Files\Microsoft SQL Server  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [] D -- C:\Program Files\Microsoft.NET  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [] D -- C:\Program Files\MSBuild  =>.Microsoft Corporation
O43 - CFD: 07/09/2017 - [] AD -- C:\Program Files\Norton Security  =>.Symantec
O43 - CFD: 07/09/2017 - [] D -- C:\Program Files\NortonInstaller  =>.Symantec
O43 - CFD: 13/07/2017 - [] D -- C:\Program Files\Realtek  =>.Realtek
O43 - CFD: 13/07/2017 - [] D -- C:\Program Files\Reference Assemblies  =>.Microsoft Corporation
O43 - CFD: 09/07/2017 - [] AD -- C:\Program Files\SanityCheck
O43 - CFD: 09/12/2015 - [] AD -- C:\Program Files\Stellarium
O43 - CFD: 13/07/2017 - [] D -- C:\Program Files\Synaptics  =>.Synaptics Incorporated®
O43 - CFD: 22/09/2017 - [0] HD -- C:\Program Files\Uninstall Information  =>.Microsoft Corporation
O43 - CFD: 07/07/2017 - [] AD -- C:\Program Files\UNP  =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\Program Files\VS Revo Group  =>.VS Revo Group
O43 - CFD: 09/07/2017 - [] AD -- C:\Program Files\WhySoSlow
O43 - CFD: 16/08/2017 - [] RD -- C:\Program Files\Windows Defender  =>.Microsoft Corporation
O43 - CFD: 22/09/2017 - [] D -- C:\Program Files\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 16/08/2017 - [] D -- C:\Program Files\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files\Windows Multimedia Platform  =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files\Windows NT  =>.Microsoft Corporation
O43 - CFD: 22/09/2017 - [] D -- C:\Program Files\Windows Photo Viewer  =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files\Windows Portable Devices  =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files\Windows Security  =>.Microsoft Corporation
O43 - CFD: 25/09/2017 - [] HD -- C:\Program Files\WindowsApps  =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files\WindowsPowerShell  =>.Microsoft Corporation
O43 - CFD: 22/06/2017 - [] AD -- C:\Program Files\WinRAR  =>.win.rar GmbH®
O43 - CFD: 18/09/2017 - [] AD -- C:\Program Files (x86)\Al-Quran Al-Hakeem Calculator
O43 - CFD: 18/09/2017 - [] AD -- C:\Program Files (x86)\alMwazeen
O43 - CFD: 20/07/2017 - [] D -- C:\Program Files (x86)\ASCOMP Software
O43 - CFD: 27/07/2017 - [] D -- C:\Program Files (x86)\Ashampoo  =>.Ashampoo GmbH
O43 - CFD: 13/07/2017 - [] AD -- C:\Program Files (x86)\ATI Technologies  =>.ATI Technologies
O43 - CFD: 22/06/2017 - [] AD -- C:\Program Files (x86)\Atom TechSoft For Excel Password Recovery
O43 - CFD: 24/01/2016 - [] AD -- C:\Program Files (x86)\Bagher Soft
O43 - CFD: 07/09/2017 - [] D -- C:\Program Files (x86)\Common Files  =>.Microsoft Corporation
O43 - CFD: 20/07/2017 - [] AD -- C:\Program Files (x86)\Convert PDF to Word Desktop Software
O43 - CFD: 18/07/2017 - [] D -- C:\Program Files (x86)\Corel  =>.Corel Corporation
O43 - CFD: 21/05/2017 - [] D -- C:\Program Files (x86)\Daossoft Office Password Rescuer
O43 - CFD: 12/12/2015 - [] D -- C:\Program Files (x86)\DILMUNmWorX
O43 - CFD: 18/12/2015 - [] D -- C:\Program Files (x86)\EaseUS  =>.EaseUS Software
O43 - CFD: 21/05/2017 - [] D -- C:\Program Files (x86)\Elcomsoft  =>.Elcomsoft
O43 - CFD: 12/07/2017 - [] D -- C:\Program Files (x86)\epson  =>.SEIKO EPSON CORPORATION®
O43 - CFD: 12/07/2017 - [] D -- C:\Program Files (x86)\EPSON Software  =>.Epson/Seico
O43 - CFD: 23/06/2017 - [] AD -- C:\Program Files (x86)\Excel Password Recovery Master
O43 - CFD: 26/06/2017 - [] D -- C:\Program Files (x86)\Fenrir Inc {75486E6A7B30DB99F381C3C8D6C4E242}
O43 - CFD: 25/08/2017 - [] AD -- C:\Program Files (x86)\Fingerprint Sensor  =>.AuthenTec, Inc.®
O43 - CFD: 18/12/2015 - [] AD -- C:\Program Files (x86)\FolderTransfer4
O43 - CFD: 14/05/2016 - [] D -- C:\Program Files (x86)\Foxit Software  =>.Foxit Software
O43 - CFD: 24/08/2017 - [] D -- C:\Program Files (x86)\Fujitsu {071246A7B330F062151933F7FFEEBB7F}  =>.Fujitsu
O43 - CFD: 09/09/2017 - [] D -- C:\Program Files (x86)\Glary Utilities 5  =>.GlarySoft
O43 - CFD: 18/09/2017 - [] D -- C:\Program Files (x86)\Glarysoft  =>.GlarySoft
O43 - CFD: 02/08/2016 - [] D -- C:\Program Files (x86)\GlobFX
O43 - CFD: 22/06/2017 - [] D -- C:\Program Files (x86)\IlydaUK
O43 - CFD: 11/12/2015 - [] D -- C:\Program Files (x86)\Innovative Solutions  =>.Innovative Solutions
O43 - CFD: 27/07/2017 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information  =>.InstallShield
O43 - CFD: 04/12/2015 - [] D -- C:\Program Files (x86)\Intel  =>.Intel Corporation
O43 - CFD: 22/09/2017 - [] D -- C:\Program Files (x86)\Internet Download Manager  =>.Tonec Inc
O43 - CFD: 22/09/2017 - [] D -- C:\Program Files (x86)\Internet Explorer  =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\Program Files (x86)\IObit  =>.IObit
O43 - CFD: 22/06/2017 - [] D -- C:\Program Files (x86)\iSumsoft Excel Password Refixer
O43 - CFD: 22/06/2017 - [] D -- C:\Program Files (x86)\iSunshare Excel Password Genius {1F9328815B72A7C2BF3C701A0074A515}
O43 - CFD: 16/05/2017 - [] D -- C:\Program Files (x86)\Java  =>.Oracle
O43 - CFD: 20/07/2017 - [] AD -- C:\Program Files (x86)\JiNa Arabic OCR
O43 - CFD: 04/06/2017 - [] D -- C:\Program Files (x86)\Kaspersky Lab  =>.Kaspersky Lab
O43 - CFD: 16/08/2017 - [] AD -- C:\Program Files (x86)\KazSoft Falnama  Hazrat Ghous e Azam RA
O43 - CFD: 04/12/2015 - [] AD -- C:\Program Files (x86)\Magical Jelly Bean  =>.ONE UP LTD.®
O43 - CFD: 17/07/2017 - [] D -- C:\Program Files (x86)\MansionTracker
O43 - CFD: 04/12/2015 - [] D -- C:\Program Files (x86)\Microsoft  =>.Microsoft Corporation
O43 - CFD: 02/08/2016 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services  =>.Microsoft Corporation
O43 - CFD: 02/08/2016 - [] D -- C:\Program Files (x86)\Microsoft Office  =>.Microsoft Corporation
O43 - CFD: 02/08/2016 - [] D -- C:\Program Files (x86)\Microsoft SQL Server  =>.Microsoft Corporation
O43 - CFD: 04/12/2015 - [] AD -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [] AD -- C:\Program Files (x86)\Microsoft.NET  =>.Microsoft Corporation
O43 - CFD: 16/12/2015 - [] D -- C:\Program Files (x86)\Moonphase 3.3
O43 - CFD: 18/09/2017 - [] AD -- C:\Program Files (x86)\Mozilla Firefox  =>.Mozilla
O43 - CFD: 18/09/2017 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service  =>.Mozilla
O43 - CFD: 13/07/2017 - [] D -- C:\Program Files (x86)\MSBuild  =>.Microsoft Corporation
O43 - CFD: 15/12/2015 - [] D -- C:\Program Files (x86)\MSECache  =>.Microsoft Corporation
O43 - CFD: 18/07/2017 - [] AD -- C:\Program Files (x86)\NAPS2
O43 - CFD: 05/12/2015 - [] D -- C:\Program Files (x86)\Norton Internet Security  =>.Symantec
O43 - CFD: 07/09/2017 - [] D -- C:\Program Files (x86)\NortonInstaller  =>.Symantec
O43 - CFD: 16/01/2017 - [] D -- C:\Program Files (x86)\Office Activator  =>Hacktool.Office
O43 - CFD: 12/12/2015 - [] AD -- C:\Program Files (x86)\Office Key Remover
O43 - CFD: 07/09/2017 - [] AD -- C:\Program Files (x86)\Opera  =>.Opera Software
O43 - CFD: 18/07/2017 - [] D -- C:\Program Files (x86)\PhotoFiltre 7  =>.Antonio Da Cruz
O43 - CFD: 20/07/2017 - [] AD -- C:\Program Files (x86)\PixelPlanet  =>.PixelPlanet
O43 - CFD: 22/07/2017 - [] D -- C:\Program Files (x86)\Pointstone {1E600E539078A378196FBC5627EB6553}  =>.Pointstone
O43 - CFD: 16/08/2017 - [] AD -- C:\Program Files (x86)\Quraan Analysis
O43 - CFD: 22/09/2017 - [] D -- C:\Program Files (x86)\RandyRants.com  =>.RandyRants.com
O43 - CFD: 04/12/2015 - [] D -- C:\Program Files (x86)\Realtek  =>.Realtek
O43 - CFD: 13/07/2017 - [] D -- C:\Program Files (x86)\Reference Assemblies  =>.Microsoft Corporation
O43 - CFD: 19/09/2017 - [] D -- C:\Program Files (x86)\SMADAV  =>.SmadAV
O43 - CFD: 16/08/2017 - [] D -- C:\Program Files (x86)\Spybot - Search & Destroy 2  =>.SaferNetworking
O43 - CFD: 16/08/2017 - [] D -- C:\Program Files (x86)\Spybot Anti-Beacon  =>.SaferNetworking
O43 - CFD: 19/08/2017 - [0] D -- C:\Program Files (x86)\Tahafi
O43 - CFD: 12/12/2015 - [] AD -- C:\Program Files (x86)\Top Password  =>.Top Password
O43 - CFD: 22/09/2017 - [] D -- C:\Program Files (x86)\Tweaking.com  =>.Tweaking LLC®
O43 - CFD: 22/09/2017 - [0] HD -- C:\Program Files (x86)\Uninstall Information  =>.Microsoft Corporation
O43 - CFD: 30/10/2016 - [] D -- C:\Program Files (x86)\VideoLAN  =>.VideoLan Team
O43 - CFD: 16/08/2017 - [] D -- C:\Program Files (x86)\Windows Defender  =>.Microsoft Corporation
O43 - CFD: 16/08/2017 - [] AD -- C:\Program Files (x86)\Windows Live  =>.Microsoft Corporation
O43 - CFD: 04/12/2015 - [] AD -- C:\Program Files (x86)\Windows Live SkyDrive  =>.Microsoft Corporation
O43 - CFD: 22/09/2017 - [] D -- C:\Program Files (x86)\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 16/08/2017 - [] D -- C:\Program Files (x86)\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform  =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files (x86)\Windows NT  =>.Microsoft Corporation
O43 - CFD: 22/09/2017 - [] D -- C:\Program Files (x86)\Windows Photo Viewer  =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files (x86)\Windows Portable Devices  =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files (x86)\WindowsPowerShell  =>.Microsoft Corporation
O43 - CFD: 17/12/2015 - [] D -- C:\Program Files (x86)\Zoidiasoft Technologies
O43 - CFD: 18/09/2017 - [] D -- C:\Program Files (x86)\الاختيارات
O43 - CFD: 02/08/2016 - [] D -- C:\Program Files (x86)\حساب الأبعاد الأبجدية
O43 - CFD: 18/09/2017 - [] D -- C:\Program Files (x86)\حساب الجمل
O43 - CFD: 19/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories  =>.Microsoft Corporation
O43 - CFD: 17/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accurate Times
O43 - CFD: 22/09/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools  =>.Administrative Tools
O43 - CFD: 14/05/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare  =>.IObit
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center  =>.Advanced Micro Devices Inc
O43 - CFD: 18/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASCOMP Software
O43 - CFD: 27/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo  =>.Ashampoo GmbH
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atom TechSoft For Excel Password Recovery
O43 - CFD: 16/05/2017 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BDAntiRansomware
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security  =>.Bitdefender
O43 - CFD: 20/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Convert PDF to Word Desktop Software
O43 - CFD: 18/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X9
O43 - CFD: 14/05/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer  =>.SUP.DllFilesFixer
O43 - CFD: 14/05/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3  =>.IObit
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans 8.6  =>.EaseUS Software
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON  =>.EPSON
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software  =>.Epson/Seico
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel Password Recovery Master
O43 - CFD: 22/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fenrir Inc
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Transfer 4
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader  =>.Foxit Corporation
O43 - CFD: 24/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fujitsu  =>.Fujitsu
O43 - CFD: 09/07/2010 - [0] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games  =>.Microsoft Corporation
O43 - CFD: 18/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5  =>.GlarySoft
O43 - CFD: 18/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft  =>.GlarySoft
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IlydaUK
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager  =>.Tonec Inc
O43 - CFD: 02/08/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller  =>.IObit
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iridium Browser
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java  =>.Oracle
O43 - CFD: 20/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JiNa Arabic OCR
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater  =>.Kaspersky Labs
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder Plus
O43 - CFD: 19/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance  =>.Microsoft Corporation
O43 - CFD: 16/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes  =>.Malwarebytes
O43 - CFD: 14/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013  =>.Microsoft Corporation
O43 - CFD: 18/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAPS2
O43 - CFD: 07/09/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security  =>.Symantec
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office Key Remover
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power Saving Utility
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Privacy Eraser
O43 - CFD: 22/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RandyRants.com  =>.RandyRants.com
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro  =>.VS Revo Group
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus  =>.SmadAV
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag  =>.IObit
O43 - CFD: 19/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Swiff Player
O43 - CFD: 19/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Timaeus 8 Lite
O43 - CFD: 22/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com  =>.Tweaking.com
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN  =>.VideoLan Team
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR  =>.WinRAR
O43 - CFD: 12/12/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ارصاد
O43 - CFD: 19/07/2017 - [] D -- C:\ProgramData\ABBYY  =>.ABBYY Software
O43 - CFD: 20/07/2017 - [] D -- C:\ProgramData\Adobe  =>.Adobe
O43 - CFD: 27/07/2017 - [0] D -- C:\ProgramData\Amigabit
O43 - CFD: 16/07/2017 - [] D -- C:\ProgramData\Atc
O43 - CFD: 16/08/2017 - [] D -- C:\ProgramData\ATI  =>.ATI
O43 - CFD: 15/07/2017 - [] D -- C:\ProgramData\BDLogging  =>.Bitdefender
O43 - CFD: 07/09/2017 - [] D -- C:\ProgramData\Bitdefender  =>.Bitdefender
O43 - CFD: 07/09/2017 - [] D -- C:\ProgramData\boost_interprocess  =>.boost.org
O43 - CFD: 18/07/2017 - [] D -- C:\ProgramData\Corel  =>.Corel Corporation
O43 - CFD: 15/07/2017 - [] D -- C:\ProgramData\EPSON  =>.EPSON
O43 - CFD: 24/07/2017 - [0] D -- C:\ProgramData\firebird  =>.Legitimate
O43 - CFD: 24/08/2017 - [] D -- C:\ProgramData\Fujitsu  =>.Fujitsu
O43 - CFD: 18/09/2017 - [] D -- C:\ProgramData\Glarysoft  =>.GlarySoft
O43 - CFD: 16/07/2017 - [0] D -- C:\ProgramData\IDM  =>.IDM
O43 - CFD: 11/12/2015 - [] D -- C:\ProgramData\Innovative Solutions  =>.Innovative Solutions
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\IObit  =>.IObit
O43 - CFD: 07/08/2017 - [] D -- C:\ProgramData\Isolated Storage  =>.Microsoft Corporation
O43 - CFD: 24/01/2016 - [] D -- C:\ProgramData\K7 Computing
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Kaspersky Lab  =>.Kaspersky Lab
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\Kaspersky Lab Setup Files  =>.Kaspersky Lab
O43 - CFD: 15/12/2015 - [] D -- C:\ProgramData\Logs  =>.ABBYY Software
O43 - CFD: 16/08/2017 - [] D -- C:\ProgramData\Malwarebytes  =>.Malwarebytes
O43 - CFD: 16/08/2017 - [] SD -- C:\ProgramData\Microsoft  =>.Microsoft Corporation
O43 - CFD: 14/07/2017 - [] D -- C:\ProgramData\Microsoft Help  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\Microsoft OneDrive  =>.Microsoft Corporation
O43 - CFD: 22/09/2017 - [] D -- C:\ProgramData\Norton  =>.Symantec Corporation
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\NortonInstaller  =>.Symantec
O43 - CFD: 02/08/2016 - [] D -- C:\ProgramData\Oracle  =>.Oracle
O43 - CFD: 18/07/2017 - [] D -- C:\ProgramData\Package Cache  =>.Microsoft Corporation
O43 - CFD: 01/07/2017 - [] D -- C:\ProgramData\PDF Writer  =>.Acro Software
O43 - CFD: 20/07/2017 - [] D -- C:\ProgramData\PixelPlanet  =>.PixelPlanet
O43 - CFD: 18/09/2017 - [] D -- C:\ProgramData\Protexis  =>.Protexis Inc.
O43 - CFD: 18/07/2017 - [] D -- C:\ProgramData\Protexis64  =>.Protexis Inc.
O43 - CFD: 20/07/2017 - [] D -- C:\ProgramData\regid.1986-12.com.adobe  =>.Adobe Inc.
O43 - CFD: 13/07/2017 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft  =>.Microsoft Corporation
O43 - CFD: 16/05/2017 - [0] D -- C:\ProgramData\Shared Space  =>.Comodo Group.
O43 - CFD: 19/03/2017 - [0] D -- C:\ProgramData\SoftwareDistribution  =>.Microsoft Corporation
O43 - CFD: 20/07/2017 - [0] D -- C:\ProgramData\SolidDocuments  =>.SolidDocuments
O43 - CFD: 16/08/2017 - [] D -- C:\ProgramData\Spybot - Search & Destroy  =>.SaferNetworking
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Temp  =>.Microsoft Corporation
O43 - CFD: 22/06/2017 - [] D -- C:\ProgramData\UniqueId  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\USOPrivate  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [] D -- C:\ProgramData\USOShared  =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\ProgramData\VS Revo Group  =>.VS Revo Group
O43 - CFD: 20/03/2017 - [] D -- C:\ProgramData\WindowsHolographicDevices  =>.Microsoft Corporation
O43 - CFD: 14/05/2016 - [0] D -- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
O43 - CFD: 14/05/2016 - [0] D -- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
O43 - CFD: 20/07/2017 - [] AD -- C:\Program Files (x86)\Common Files\Adobe  =>.Adobe
O43 - CFD: 04/12/2015 - [] AD -- C:\Program Files (x86)\Common Files\Fujitsu  =>.Fujitsu
O43 - CFD: 22/06/2017 - [] AD -- C:\Program Files (x86)\Common Files\IlydaUK
O43 - CFD: 04/12/2015 - [] D -- C:\Program Files (x86)\Common Files\InstallShield  =>.InstallShield
O43 - CFD: 02/08/2016 - [] D -- C:\Program Files (x86)\Common Files\IObit  =>.IObit
O43 - CFD: 16/05/2017 - [] D -- C:\Program Files (x86)\Common Files\Java  =>.Oracle
O43 - CFD: 13/07/2017 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared  =>.Microsoft Corporation
O43 - CFD: 27/07/2017 - [0] D -- C:\Program Files (x86)\Common Files\Pointstone  =>.Pointstone
O43 - CFD: 04/12/2015 - [] D -- C:\Program Files (x86)\Common Files\postureAgent  =>.Microsoft Corporation
O43 - CFD: 18/07/2017 - [] D -- C:\Program Files (x86)\Common Files\Protexis  =>.Protexis Inc.
O43 - CFD: 19/03/2017 - [] D -- C:\Program Files (x86)\Common Files\Services  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines  =>.Microsoft Corporation
O43 - CFD: 07/09/2017 - [] D -- C:\Program Files (x86)\Common Files\Symantec Shared  =>.Symantec Corporation
O43 - CFD: 13/07/2017 - [] D -- C:\Program Files (x86)\Common Files\System  =>.Microsoft Corporation
O43 - CFD: 04/12/2015 - [] D -- C:\Program Files (x86)\Common Files\Windows Live  =>.Microsoft Corporation
O43 - CFD: 20/07/2017 - [] AD -- C:\Program Files (x86)\Common Files\XpressUpdate  =>.PixelPlanet
O43 - CFD: 20/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Adobe  =>.Adobe
O43 - CFD: 18/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\ASCOMP Software
O43 - CFD: 05/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Roaming\ATI  =>.ATI
O43 - CFD: 12/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Bitdefender  =>.Bitdefender
O43 - CFD: 18/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Corel  =>.Corel Corporation
O43 - CFD: 19/05/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\CyberLink  =>.CyberLink Corporation
O43 - CFD: 26/06/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Cybertron  =>.Cybertron Software Ltd
O43 - CFD: 02/08/2016 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Dashlane  =>.Dashlane
O43 - CFD: 07/09/2017 - [0] D -- C:\Users\arctic-deer\AppData\Roaming\DiskDefrag  =>.Auslogics
O43 - CFD: 23/09/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\DMCache  =>.DMCache
O43 - CFD: 12/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Epson  =>.EPSON
O43 - CFD: 26/06/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Fenrir Inc
O43 - CFD: 14/05/2016 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Foxit AgentInformation  =>.Foxit Corporation
O43 - CFD: 09/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Foxit Software  =>.Foxit Software
O43 - CFD: 01/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Free Islam
O43 - CFD: 07/09/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\GlarySoft  =>.GlarySoft
O43 - CFD: 04/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Google  =>.Google
O43 - CFD: 04/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Identities  =>.Microsoft Corporation
O43 - CFD: 17/08/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\IDM  =>.IDM
O43 - CFD: 12/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\InstallShield  =>.InstallShield
O43 - CFD: 02/08/2016 - [] D -- C:\Users\arctic-deer\AppData\Roaming\IObit  =>.IObit
O43 - CFD: 07/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Macromedia  =>.Macromedia
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\arctic-deer\AppData\Roaming\Media Center Programs  =>.Microsoft Corporation
O43 - CFD: 16/08/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Microsoft  =>.Microsoft Corporation
O43 - CFD: 29/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Mozilla  =>.Mozilla Corporation
O43 - CFD: 18/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\NAPS2
O43 - CFD: 04/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Opera Software  =>.Opera Software
O43 - CFD: 22/05/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Passware  =>.Passware
O43 - CFD: 19/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\PhotoFiltre 7  =>.Antonio Da Cruz
O43 - CFD: 20/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\PixelPlanet  =>.PixelPlanet
O43 - CFD: 22/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Pointstone  =>.Pointstone
O43 - CFD: 12/07/2017 - [0] D -- C:\Users\arctic-deer\AppData\Roaming\QuickScan  =>.Bitdefender
O43 - CFD: 11/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Roaming\RPEng  =>PUP.Optional.Generic
O43 - CFD: 17/01/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Skype  =>.Skype
O43 - CFD: 31/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Smadav  =>.SmadAV
O43 - CFD: 20/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\SolidDocuments  =>.SolidDocuments
O43 - CFD: 22/09/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Stellarium
O43 - CFD: 02/08/2016 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Sun  =>.Oracle
O43 - CFD: 22/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Total Privacy
O43 - CFD: 18/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Ulead Systems  =>.Ulead Systems
O43 - CFD: 10/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\vlc  =>.VideoLan Team
O43 - CFD: 22/06/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\WinRAR  =>.WinRAR
O43 - CFD: 18/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\YCanPDF  =>.YCanPDF
O43 - CFD: 25/09/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 07/12/2015 - [0] D -- C:\Users\arctic-deer\AppData\Local\ActiveSync  =>.Microsoft Corporation
O43 - CFD: 20/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\Adobe  =>.Adobe
O43 - CFD: 09/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Local\AMD  =>.AMD
O43 - CFD: 05/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Local\ATI  =>.ATI
O43 - CFD: 17/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Local\Avira  =>.Avira Software
O43 - CFD: 01/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\Caphyon  =>.Caphyon
O43 - CFD: 04/06/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\CEF  =>.CEF
O43 - CFD: 22/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\Chromium  =>.Chromium
O43 - CFD: 07/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Local\Comms  =>.Microsoft Corporation
O43 - CFD: 17/01/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\ConnectedDevicesPlatform  =>.Microsoft Corporation
O43 - CFD: 18/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\Corel PaintShop Pro  =>.Corel
O43 - CFD: 22/09/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\CrashDumps  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [0] D -- C:\Users\arctic-deer\AppData\Local\DBG  =>.DBG
O43 - CFD: 17/08/2017 - [0] D -- C:\Users\arctic-deer\AppData\Local\Diagnostics  =>.Microsoft Corporation
O43 - CFD: 20/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\Downloaded Installations  =>.Microsoft Corporation
O43 - CFD: 22/09/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\ElevatedDiagnostics  =>.Microsoft Corporation
O43 - CFD: 27/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\Foxit Reader  =>.Foxit Corporation
O43 - CFD: 08/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Local\Google  =>.Google
O43 - CFD: 05/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Local\GWX  =>.GWX
O43 - CFD: 21/09/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\IIIQF  =>.Scrabblo
O43 - CFD: 11/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Local\Innovative Solutions  =>.Innovative Solutions
O43 - CFD: 26/06/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\Iridium
O43 - CFD: 22/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\Licenses  =>.Microsoft Corporation
O43 - CFD: 07/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Local\lptmp1183325098
O43 - CFD: 08/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Local\lptmp2037872198
O43 - CFD: 22/09/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\Microsoft  =>.Microsoft Corporation
O43 - CFD: 17/05/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\Microsoft Help  =>.Microsoft Corporation
O43 - CFD: 07/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Local\MicrosoftEdge  =>.Microsoft Corporation
O43 - CFD: 29/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\Mozilla  =>.Mozilla Corporation
O43 - CFD: 02/08/2016 - [0] D -- C:\Users\arctic-deer\AppData\Local\NetworkTiles  =>.NetworkTiles
O43 - CFD: 18/09/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\NPE  =>.NPE
O43 - CFD: 04/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Local\Opera Software  =>.Opera Software
O43 - CFD: 22/09/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\Packages  =>.Microsoft Corporation
O43 - CFD: 04/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Local\Programs  =>.Microsoft Corporation
O43 - CFD: 07/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Local\Publishers  =>.Microsoft Corporation
O43 - CFD: 16/08/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\Recovery  =>.Recovery Labs
O43 - CFD: 19/06/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\ShamurShamur  =>.Unknown
O43 - CFD: 09/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Local\stellarium
O43 - CFD: 25/09/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\Temp  =>.Microsoft Corporation
O43 - CFD: 22/06/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\Thegrideon
O43 - CFD: 07/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Local\TileDataLayer  =>.Microsoft Corporation
O43 - CFD: 12/12/2015 - [] D -- C:\Users\arctic-deer\AppData\Local\Unity  =>.Unity
O43 - CFD: 07/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\UNP  =>.Microsoft Corporation
O43 - CFD: 15/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\VirtualStore  =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\VS Revo Group  =>.VS Revo Group
O43 - CFD: 25/09/2017 - [] D -- C:\Users\arctic-deer\AppData\Local\ZHP  =>.Nicolas Coolman
O43 - CFD: 04/12/2015 - [0] D -- C:\Users\arctic-deer\AppData\Local\Programs\Common  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [] RD -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [] RD -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [] RD -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools  =>.Administrative Tools
O43 - CFD: 13/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bagher Soft
O43 - CFD: 13/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daossoft Office Password Rescuer
O43 - CFD: 07/09/2017 - [0] D -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Halloran Software
O43 - CFD: 13/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager  =>.Tonec Inc
O43 - CFD: 13/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iSumsoft Excel Password Refixer
O43 - CFD: 13/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iSunshare Excel Password Genius
O43 - CFD: 19/03/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance  =>.Microsoft Corporation
O43 - CFD: 17/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MansionTracker
O43 - CFD: 13/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moonphase 3.3
O43 - CFD: 18/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7  =>.Antonio Da Cruz
O43 - CFD: 13/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quraan Analysis
O43 - CFD: 30/07/2017 - [] RD -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup  =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] RD -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools  =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [] RD -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell  =>.Microsoft Corporation
O43 - CFD: 13/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR  =>.WinRAR
O43 - CFD: 13/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZET 9 Lite
O43 - CFD: 13/07/2017 - [] D -- C:\Users\arctic-deer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\برنامج حساب الجمل
O43 - CFD: 17/01/2017 - [] D -- C:\Users\Default\AppData\Local\Adobe  =>.Adobe
O43 - CFD: 17/01/2017 - [] D -- C:\Users\Default\AppData\Local\ATI  =>.ATI
O43 - CFD: 20/03/2017 - [] D -- C:\Users\Default\AppData\Local\Microsoft  =>.Microsoft Corporation
O43 - CFD: 30/04/2017 - [0] D -- C:\Users\Default\AppData\Local\Microsoft Help  =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [0] D -- C:\Users\Default\AppData\Local\Temp  =>.Microsoft Corporation
O43 - CFD: 17/01/2017 - [] D -- C:\Users\Default User\AppData\Local\Adobe  =>.Adobe
O43 - CFD: 17/01/2017 - [] D -- C:\Users\Default User\AppData\Local\ATI  =>.ATI
O43 - CFD: 20/03/2017 - [] D -- C:\Users\Default User\AppData\Local\Microsoft  =>.Microsoft Corporation
O43 - CFD: 30/04/2017 - [0] D -- C:\Users\Default User\AppData\Local\Microsoft Help  =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - [0] D -- C:\Users\Default User\AppData\Local\Temp  =>.Microsoft Corporation
O43 - CFD: 24/08/2017 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\CrashDumps  =>.Microsoft Corporation
O43 - CFD: 24/08/2017 - [0] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\DBG  =>.DBG
O43 - CFD: 22/09/2017 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft  =>.Microsoft Corporation
O43 - CFD: 29/07/2017 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Microsoft  =>.Microsoft Corporation
O43 - CFD: 21/09/2017 - []  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Solvusoft  =>.SUP.Solvusoft

---\\ ShellIconOverlayIdentifiers (SIOI) (9) - 1s
O106 - SIOI: OverlayExcluded Class [  OverlayExcluded] - {4433A54A-1AC8-432F-90FC-85F045CF383C}. (.Symantec Corporation - Backup Shell.) -- C:\Program Files\Norton Security\Engine32\22.10.1.10\bushell.dll  =>.Symantec Corporation®
O106 - SIOI: OverlayPending Class [  OverlayPending] - {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}. (.Symantec Corporation - Backup Shell.) -- C:\Program Files\Norton Security\Engine32\22.10.1.10\bushell.dll  =>.Symantec Corporation®
O106 - SIOI: OverlayProtected Class [  OverlayProtected] - {476D0EA3-80F9-48B5-B70B-05E677C9C148}. (.Symantec Corporation - Backup Shell.) -- C:\Program Files\Norton Security\Engine32\22.10.1.10\bushell.dll  =>.Symantec Corporation®
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\arctic-deer\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll  =>.Microsoft Corporation®
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\arctic-deer\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll  =>.Microsoft Corporation®
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\arctic-deer\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll  =>.Microsoft Corporation®
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\arctic-deer\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll  =>.Microsoft Corporation®
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\arctic-deer\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll  =>.Microsoft Corporation®
O106 - SIOI: ReadOnlyOverlayHandler Class [ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\arctic-deer\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll  =>.Microsoft Corporation®

---\\ Image File Execution Options (17) - 1s
O50 - IFEO:C:\Windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\\3]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\\3]  =>.Microsoft Windows®
O50 - IFEO:C:\WINDOWS\System32\drvinst.exe - (.Microsoft Corporation - Driver Installation Module.) [DisableExceptionChainValidation\\3]  =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) [MitigationOptions\\256]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - ‎‎أداة التثبيت المساعدة غير المراقبة لـ IE.) [MitigationOptions\\256]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mmc.exe - (.Microsoft Corporation - ‎‎Microsoft Management Console.) [DisableExceptionChainValidation\\3]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - ‎‎مضيف تطبيق Microsoft (R) HTML.) [MitigationOptions\\256]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - مضيف Windows Presentation Foundation.) [MitigationOptions\\1118481]  =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\\2097152]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\rundll32.exe - (.Microsoft Corporation - Windows host process (Rundll32).) [DisableExceptionChainValidation\\3]  =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\\4294967296]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\\3]  =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [DisableExceptionChainValidation\\3]  =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\\2097152]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - ‎‎عملية مضيفة لخدمات Windows.) [MinimumStackCommitInBytes\\32768]  =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\\3]  =>.Microsoft Corporation

---\\ System Drivers List (166) - 34s
O58 - SDL:2017/07/12 20:44:02 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\00B51725.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/22 15:00:57 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\073A1DE3.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/15 14:42:05 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\09076C84.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/11 16:49:13 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\0954154A.sys   [252832]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 02:58:50 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\0B1F58F0.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/14 10:30:39 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\0DA55DF2.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/13 11:58:47 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\10425344.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 02:30:26 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\130B4333.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 02:51:19 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\1374532F.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/11 18:55:20 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\151B75D1.sys   [252832]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 02:40:48 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\164F4B22.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 00:58:25 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\168B7CC6.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/15 14:32:20 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\173E650E.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/11 17:17:04 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\17DF2A9B.sys   [252832]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/13 23:22:51 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\181A5ED5.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/24 05:41:44 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\1A8B0E26.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/16 16:32:59 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\1AC70F88.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 18:05:12 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\1BBB0EA4.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/08/06 04:47:50 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\1CF75C9F.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/14 16:41:01 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\21B3796A.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/24 04:06:28 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\22C8453C.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 03:40:00 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\24737872.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/09 21:12:41 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\251C42AC.sys   [252832]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/12 16:54:20 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\262C6757.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/13 23:21:26 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\274B5DBF.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/16 12:27:07 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\29DC535A.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/17 16:32:09 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\2AA35D06.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/12 05:13:15 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\2AAA4EC0.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/09 21:04:09 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\2C4C3C24.sys   [252832]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/11 18:34:55 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\2C4D6630.sys   [252832]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 03:51:17 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\2CF20114.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/09 16:10:34 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\2D925B71.sys   [252832]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/11 18:17:05 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\2F52588A.sys   [252832]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/12 05:12:02 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\31B04DD2.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/14 16:58:18 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\352506A4.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/15 14:34:44 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\353866E4.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/08/24 18:53:43 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\3752626E.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 03:11:18 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\389F627A.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/17 18:17:17 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\3A162D7E.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/11 18:14:39 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\3D5F56AE.sys   [252832]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/14 17:12:41 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\3F0811A6.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/03/19 00:56:25 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys   [107424]  =>.Microsoft Windows®
O58 - SDL:2017/07/20 00:56:21 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\40497B31.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/16 12:25:30 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\4139521D.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/22 15:06:49 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\42492261.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/17 16:30:29 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\440A5BC0.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/15 14:42:43 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\447F6D01.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 11:31:20 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\47786130.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 03:06:41 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\4A835EF2.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 18:06:08 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\4AF20F5B.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/12 20:39:02 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\4CEB1351.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/10 05:46:36 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\52434C02.sys   [252832]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/01 04:39:31 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\545D5978.sys   [252832]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/12 16:20:49 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\54674DB0.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/10 05:48:35 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\56984D87.sys   [252832]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 02:56:56 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\58B9577B.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/12 20:49:09 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\5A661B0F.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/12 21:23:36 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\5B62356D.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/13 11:56:53 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\5DDB51D0.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/14 10:32:49 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\5FD25F9A.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/18 13:09:49 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\6035104C.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/17 18:19:29 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\603C2F2D.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/24 20:45:44 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\6125420B.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/12 20:40:37 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\61961487.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/08/06 04:46:09 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\62655B52.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 01:21:38 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\63010E87.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/09 14:52:54 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\66FC2000.sys   [252832]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/24 05:01:10 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\68B56F19.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/12 20:47:41 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\6BA219F0.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/12 20:43:28 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\6D2F16B6.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/23 04:08:12 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\6E2A786D.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/06 15:41:00 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\71015A6A.sys   [252832]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 03:00:30 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\71B85A36.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/12 20:44:23 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\726A176A.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/09 21:03:28 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\72DF3B9E.sys   [252832]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/12 20:48:33 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\72E71A9A.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/24 20:33:48 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\733238E8.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 02:10:18 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\740033CA.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 01:20:09 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\743D0D68.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/22 15:06:38 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\7471223D.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/20 01:59:47 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\76DB2BBE.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/12 16:22:03 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\775D4EA1.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/15 14:42:29 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\78B16CD3.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/09 14:54:29 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\7BA62136.sys   [252832]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/12 20:49:22 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\7C371B3A.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/07/12 20:34:41 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\7E950FFD.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/03/19 00:56:25 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys   [1135512]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys   [83352]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys   [259488]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys   [27040]  =>.Microsoft Windows®
O58 - SDL:2009/09/28 07:31:00 A . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\WINDOWS\System32\drivers\Apfiltr.sys   [269872]  =>.Alps Electric Co., LTD.®
O58 - SDL:2017/03/19 00:56:25 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys   [132000]  =>.Microsoft Windows®
O58 - SDL:2017/06/07 05:04:24 A . (.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Active Threat Control Filesyste.) -- C:\WINDOWS\System32\drivers\atc.sys   [950160]  =>.Bitdefender SRL®
O58 - SDL:2017/01/16 14:45:04 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\drivers\athw10x.sys   [4317112]  =>.Qualcomm Atheros®
O58 - SDL:2016/08/02 15:43:23 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\WINDOWS\System32\drivers\AtihdWT6.sys   [101376]  =>.Advanced Micro Devices
O58 - SDL:2015/12/16 20:07:42 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\atikmdag.sys   [21648880]  =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2015/12/16 20:07:40 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\WINDOWS\System32\drivers\atikmpag.sys   [674288]  =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2009/05/05 12:00:28 A . (.Advanced Micro Devices Inc. - AMD PCIE Filter Driver for ATI PCIE chipset.) -- C:\WINDOWS\System32\drivers\AtiPcie.sys   [16440]  =>.Advanced Micro Devices, Inc.®
O58 - SDL:2017/04/19 07:19:22 A . (.BitDefender - Active Virus Control filter driver.) -- C:\WINDOWS\System32\drivers\avc3.sys   [1612648]  =>.Bitdefender SRL®
O58 - SDL:2017/03/19 00:56:25 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys   [9728]  =>.Windows (R) Win 7 DDK provider
O58 - SDL:2016/03/14 22:04:45 A . (.Bitdefender - Bitdefender Early Launch Anti-Malware Drive.) -- C:\WINDOWS\System32\drivers\bdelam.sys   [23672]  =>.Microsoft Windows Early Launch Anti-malware Publisher®
O58 - SDL:2017/05/11 05:16:00 A . (.© Bitdefender SRL - privacy Filter Driver.) -- C:\WINDOWS\System32\drivers\bdprivmon.sys   [47856]  =>.Bitdefender SRL®
O58 - SDL:2015/12/04 19:27:06 A . (.BitDefender - FileVault Disk Driver.) -- C:\WINDOWS\System32\drivers\bdvedisk.sys   [87912]  =>.Bitdefender SRL®
O58 - SDL:2017/03/19 00:56:23 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys   [533920]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\cht4dx64.sys   [102816]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) -- C:\WINDOWS\System32\drivers\cht4sx64.sys   [347032]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T4 Chipset.) -- C:\WINDOWS\System32\drivers\cht4vx64.sys   [2104224]  =>.Microsoft Windows®
O58 - SDL:2016/08/02 15:40:17 A . (.ELAN Microelectronic Corp. - ELAN SMBus Driver.) -- C:\WINDOWS\System32\drivers\ETDSMBus.sys   [31832]  =>.ELAN MICROELECTRONICS CORPORATION®
O58 - SDL:2017/03/19 00:56:23 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys   [3419040]  =>.Microsoft Windows®
O58 - SDL:2017/09/19 14:32:06 A . (.Malwarebytes - Malwarebytes Anti-Ransomware Protection.) -- C:\WINDOWS\System32\drivers\farflt.sys   [101784]  =>.Malwarebytes Corporation®
O58 - SDL:2016/07/08 22:57:44 A . (.FUJITSU LIMITED - WDM driver for FUJ02B1 PnP device.) -- C:\WINDOWS\System32\drivers\fuj02b1.sys   [67848]  =>.FUJITSU LIMITED®
O58 - SDL:2016/08/02 15:40:03 A . (.FUJITSU LIMITED - WDM driver for FUJ02E3 PnP device.) -- C:\WINDOWS\System32\drivers\fuj02e3.sys   [29904]  =>.FUJITSU LIMITED®
O58 - SDL:2017/09/07 21:05:27 A . (.Glarysoft Ltd - The driver for the Startup Manager tool.) -- C:\WINDOWS\System32\drivers\GUBootStartup.sys   [20160]  =>.Glarysoft Ltd®
O58 - SDL:2017/09/07 21:09:59 A . (.Glarysoft Ltd - The driver for the Startup Manager tool.) -- C:\WINDOWS\System32\drivers\GUSBootStartup.sys   [20160]  =>.Glarysoft Ltd®
O58 - SDL:2017/05/11 05:37:02 A . (.BitDefender LLC - BitDefender Gonzales FileSystem Driver.) -- C:\WINDOWS\System32\drivers\gzflt.sys   [187688]  =>.Bitdefender SRL®
O58 - SDL:2009/11/01 20:04:42 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECIx64.sys   [56344]  =>.Intel Corporation®
O58 - SDL:2017/03/19 00:56:25 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys   [64416]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:28 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys   [33280]  =>.Intel(R) Corporation
O58 - SDL:2017/03/19 00:56:28 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys   [81408]  =>.Intel(R) Corporation
O58 - SDL:2017/03/19 00:56:28 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys   [70656]  =>.Intel Corporation
O58 - SDL:2017/03/19 00:56:28 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys   [85504]  =>.Intel Corporation
O58 - SDL:2017/03/19 00:56:28 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys   [165376]  =>.Intel Corporation
O58 - SDL:2017/03/19 00:56:28 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys   [168448]  =>.Intel Corporation
O58 - SDL:2017/03/19 00:56:23 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys   [38128]  =>.Intel Corporation - Client Components Group®
O58 - SDL:2017/03/19 00:56:19 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys   [113152]  =>.Intel Corporation
O58 - SDL:2010/06/08 12:33:14 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\WINDOWS\System32\drivers\iaStor.sys   [540696]  =>.Intel Corporation®
O58 - SDL:2017/03/19 00:56:26 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys   [673184]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys   [412064]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys   [526240]  =>.Microsoft Windows®
O58 - SDL:2017/08/05 20:26:42 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\WINDOWS\System32\drivers\idmwfp.sys   [225568]  =>.Tonec Inc.®
O58 - SDL:2017/06/08 05:19:10 A . (.Bitdefender - IGNIS filter driver.) -- C:\WINDOWS\System32\drivers\ignis.sys   [346704]  =>.Bitdefender SRL®
O58 - SDL:2016/08/02 15:39:28 A . (.Intel Corporation - Intel(R) Turbo Boost Technology Driver.) -- C:\WINDOWS\System32\drivers\Impcd.sys   [158976]  =>.Intel Corporation
O58 - SDL:2017/03/19 00:56:25 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys   [108960]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys   [123808]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys   [103328]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys   [82848]  =>.Microsoft Windows®
O58 - SDL:2017/06/27 12:06:28 A . (.‏‏الكاتب - .) -- C:\WINDOWS\System32\drivers\mbae64.sys   [77376]  =>.Malwarebytes Corporation®
O58 - SDL:2017/09/19 14:32:05 A . (.Malwarebytes - Malwarebytes Real-Time Protection.) -- C:\WINDOWS\System32\drivers\mbam.sys   [45472]  =>.Malwarebytes Corporation®
O58 - SDL:2017/09/18 18:04:54 A . (.Malwarebytes - Malwarebytes Chameleon.) -- C:\WINDOWS\System32\drivers\MBAMChameleon.sys   [188352]  =>.Malwarebytes Corporation®
O58 - SDL:2017/09/19 14:31:58 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys   [253856]  =>.Malwarebytes Corporation®
O58 - SDL:2017/03/19 00:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys   [59808]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys   [64416]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys   [575904]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys   [842656]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys   [63904]  =>.Microsoft Windows®
O58 - SDL:2017/08/17 08:48:55 A . (.Malwarebytes - Malwarebytes Web Protection.) -- C:\WINDOWS\System32\drivers\mwac.sys   [93600]  =>.Malwarebytes Corporation®
O58 - SDL:2017/03/19 00:56:25 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys   [108960]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys   [150432]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys   [166304]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys   [58784]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys   [61848]  =>.Microsoft Windows®
O58 - SDL:2016/12/21 14:52:50 A . (.VS Revo Group - Revo Uninstaller Minifilter.) -- C:\WINDOWS\System32\drivers\revoflt.sys   [40240]  =>.VS Revo Group®
O58 - SDL:2016/12/17 19:59:10 A . (.Resplendence Software Projects Sp. - Resplendence WhySoSlow Monitoring Driver.) -- C:\WINDOWS\System32\drivers\rspWhy64.sys   [28928]  =>.Daniel Terhell®
O58 - SDL:2017/01/16 14:45:58 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Dr.) -- C:\WINDOWS\System32\drivers\rt640x64.sys   [946696]  =>.Realtek Semiconductor Corp.®
O58 - SDL:2009/10/28 14:40:58 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys   [2018080]  =>.Realtek Semiconductor Corp®
O58 - SDL:2017/03/19 00:56:26 A . (.‏‏الكاتب - .) -- C:\WINDOWS\System32\drivers\SDFRd.sys   [31128]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys   [44960]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys   [81824]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys   [31136]  =>.Microsoft Windows®
O58 - SDL:2017/09/07 20:49:31 A . (.Symantec Corporation - Symantec Event Library.) -- C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS   [102568]  =>.Symantec Corporation®
O58 - SDL:2009/10/09 23:16:28 A . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys   [293936]  =>.Synaptics Incorporated®
O58 - SDL:2017/04/11 04:19:24 A . (.BitDefender S.R.L. - Trufos Kernel Module.) -- C:\WINDOWS\System32\drivers\trufos.sys   [439576]  =>.Bitdefender SRL®
O58 - SDL:2017/03/19 00:56:25 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys   [166816]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS   [305568]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys   [32160]  =>.Microsoft Windows®
O58 - SDL:2017/03/19 00:56:25 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys   [64920]  =>.Microsoft Windows®

---\\ Last modified or created user files (2) - 40s
O61 - LFC: 2017/09/22 21:24:51 A . (.SafeBytes Software Inc..) -- C:\Users\arctic-deer\Downloads\DriverAssist-Setup.exe   [1581904] {463F6D94619182019C6197DED298F044}  =>PUP.Optional.DriverAssist
O61 - LFC: 2017/09/18 19:13:01 A . (..) -- C:\Users\arctic-deer\Downloads\FTS_DeskUpdate_4153859_1182252.EXE   [2493104] {11211F490205EB4CEF8628C39C72A76EF6B6}

---\\ File Associations Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\WINDOWS\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\WINDOWS\System32\eventvwr.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE  =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (16) - 1s
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox> [64Bits][HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe   =>.Mozilla Corporation®
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe   =>.Microsoft Corporation®
O68 - StartMenuInternet: <Iridium> <Iridium> [64Bits][HKLM\..\Shell\open\Command] (.The browser authors - Iridium.) -- C:\Program Files\Iridium\\iridium.exe   =>.Open Source Business Alliance e.V.®
O68 - StartMenuInternet: <OperaStable> <Opera Stable> [64Bits][HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe   =>.Opera Software AS®
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe  =>.Mozilla Corporation
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <Iridium> <Iridium> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.The browser authors - Iridium.) -- C:\Program Files\Iridium\iridium.exe  =>.The browser authors
O68 - StartMenuInternet: <OperaStable> <Opera Stable> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe  =>.Opera Software
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe  =>.Mozilla Corporation
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <Iridium> <Iridium> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.The browser authors - Iridium.) -- C:\Program Files\Iridium\iridium.exe  =>.The browser authors
O68 - StartMenuInternet: <OperaStable> <Opera Stable> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe  =>.Opera Software
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe  =>.Mozilla Corporation
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <Iridium> <Iridium> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.The browser authors - Iridium.) -- C:\Program Files\Iridium\iridium.exe  =>.The browser authors
O68 - StartMenuInternet: <OperaStable> <Opera Stable> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe  =>.Opera Software

---\\ Search Browser Infection (4) - 12s
O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/  =>.Bing.com
O69 - SBI: SearchScopes [HKCU] [64Bits]{5A4733BC-BBC6-4579-B11F-156592769C5B} - (Google) - http://www.google.com/  =>.Google Inc.
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/  =>.Bing.com
O69 - SBI: SearchScopes [HKLM] [64Bits]{50264D38-3E95-47B0-ABC4-1BFBD17FA000} [DefaultScope] - (Google) - http://www.google.com/  =>.Google Inc.

---\\ Search Svchost Services (46) - 4s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\WINDOWS\System32\certprop.dll   [189952]  =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\WINDOWS\System32\certprop.dll   [189952]  =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\System32\srvsvc.dll   [303104]  =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - عميل نهج المجموعة.) -- C:\WINDOWS\System32\gpsvc.dll   [1269248]  =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\WINDOWS\System32\ikeext.dll   [934912]  =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\WINDOWS\System32\iphlpsvc.dll   [996864]  =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي الخاصة بخدمة تسجي.) -- C:\WINDOWS\system32\seclogon.dll   [31232]  =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\WINDOWS\System32\appinfo.dll   [138752]  =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\WINDOWS\System32\iscsiexe.dll   [150016]  =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\WINDOWS\System32\eapsvc.dll   [108032]  =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - خدمة جدولة المهام.) -- C:\WINDOWS\System32\schedsvc.dll   [877568]  =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\System32\wbem\WMIsvc.dll   [221696]  =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\System32\profsvc.dll   [413184]  =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\WINDOWS\System32\sessenv.dll   [385536]  =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - تقارير المشاكل وحلولها.) -- C:\WINDOWS\System32\wercplsupport.dll   [93184]  =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\WINDOWS\System32\Windows.SharedPC.AccountManager.dll   [192512]  =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll   [1135104]  =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Natural Authentication Service.) -- C:\WINDOWS\System32\NaturalAuth.dll   [723968]  =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\WINDOWS\System32\wlidsvc.dll   [2153984]  =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll   [877568]  =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll   [1015296]  =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\WINDOWS\System32\Windows.Internal.Management.dll   [536064]  =>.Microsoft Corporation
O83 - Search Svchost Services: xbgm (xbgm) . (.Microsoft Corporation - Xbox Game Monitoring Service.) -- C:\WINDOWS\System32\xbgmsvc.dll   [301216]  =>.Microsoft Windows Publisher®
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\WINDOWS\System32\themeservice.dll   [69632]  =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) -- C:\WINDOWS\System32\TokenBroker.dll   [1052160]  =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\WINDOWS\System32\lfsvc.dll   [43520]  =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infrared Monitor.) -- C:\WINDOWS\System32\irmon.dll   [24576]  =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll   [104448]  =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll   [874496]  =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\System32\mprdim.dll   [490496]  =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\System32\sens.dll   [69632]  =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\System32\ipnathlp.dll   [537600]  =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\WINDOWS\System32\tapisrv.dll   [306688]  =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - عامل Windows Update.) -- C:\WINDOWS\System32\wuaueng.dll   [2445824]  =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll   [1159680]  =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمات Windows Sh.) -- C:\WINDOWS\System32\shsvcs.dll   [612864]  =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\System32\dmwappushsvc.dll   [55296]  =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - إعدادات الطيران.) -- C:\WINDOWS\System32\flightsettings.dll   [699904]  =>.Microsoft Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) -- C:\WINDOWS\System32\WpnService.dll   [276480]  =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\WINDOWS\System32\bdesvc.dll   [385536]  =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\System32\XboxNetApiSvc.dll   [1067008]  =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\WINDOWS\System32\usocore.dll   [681984]  =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - خدمة إعداد الشبكة.) -- C:\WINDOWS\System32\NetSetupSvc.dll   [261632]  =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll   [233984]  =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\WINDOWS\System32\ncasvc.dll   [167424]  =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) -- C:\WINDOWS\System32\XboxGipSvc.dll   [18944]  =>.Microsoft Corporation

---\\ Firewall Active Exception List (1) - 2s
O87 - FAEL: "{3D805097-76C1-44CA-9627-B547AB9DCC97}" [In-None-P6-TRUE] .(.CodingBest Software - Folder Transfer.) -- C:\Program Files (x86)\FolderTransfer4\FolderTransferNew.exe

---\\ Additional Scan (O88) (10) - 0s
C:\WINDOWS\System32\Tasks\RDReminder  =>.SUP.DllFilesFixer
C:\Users\arctic-deer\AppData\Roaming\Mozilla\Firefox\Profiles\av81ba7v.default\extensions\nortonsafeweb@symantec.com.xpi  =>PUP.Optional.SafeWeb
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}  =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}  =>.SUP.Orphan
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}  =>.SUP.Orphan
C:\Program Files (x86)\Office Activator  =>Hacktool.Office
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer  =>.SUP.DllFilesFixer
C:\Users\arctic-deer\AppData\Roaming\RPEng  =>PUP.Optional.Generic
C:\Users\arctic-deer\Downloads\DriverAssist-Setup.exe  =>PUP.Optional.DriverAssist
C:\Program Files (x86)\Common Files\wruninstall.exe  =>Heuristic.Suspect

---\\ Summary of the elements found (9) - 0s
https://nicolascoolman.eu/2017/09/12/origine-lignes-orphelines/  =>.SUP.Orphan
https://nicolascoolman.eu/2017/09/17/sup-dllfilesfixer/  =>.SUP.DllFilesFixer
https://www.nicolascoolman.com/fr/pup-safeweb/  =>PUP.Optional.SafeWeb
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.IQIYIVideo
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>Hacktool.Office
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.Generic
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Solvusoft
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.DriverAssist
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/  =>Heuristic.Suspect

~ Unselected Options:  O82,
~ End of the scan, 53061 items in 06mn59s (1409)(0)