~ ZHPDiag v2018.4.24.82 By Nicolas Coolman (2018/04/24) ~ Run by Wesam (Administrator) (2018/04/25 19:19:33) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ Certificate ZHPDiag: Legal ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\Wesam\Desktop\ZHPDiag.txt ~ Report: C:\Users\Wesam\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601) =>.Microsoft Corporation ---\\ Internet Browsers (2) - 0s ~ GCIE: Google Chrome v65.0.3325.181 ~ MSIE: Internet Explorer v11.0.9600.18738 ---\\ Windows Product Information (4) - 3s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System protection software (2) - 0s Microsoft Security Essentials v4.10.209.0 (Protection) Microsoft Security Client v4.10.0209.0 (Protection) ---\\ Surveillance software (3) - 0s ~ Adobe Flash Player 29 ActiveX (Surveillance) ~ Adobe Flash Player 29 PPAPI (Surveillance) ~ Adobe Acrobat Reader DC (Surveillance) ---\\ Sharing software PeerToPeer (1) - 0s ~ µTorrent v3.5.3.44396 (P2P) ---\\ Informations on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 8095.976 MB (58% free) : OK =>.RAM Value System Restore: Activé (Enable) System drive C: has 74 GB (18%) free of 409 GB : OK =>.Disk Space ---\\ Connection to the system mode (3) - 0s ~ Computer Name: WESAM-PC ~ User Name: Wesam ~ Logged in as Administrator ---\\ Enumeration of the disk units (1) - 0s ~ Drive C: has 74 GB free of 409 GB (System) ---\\ State of the Windows Security Center (11) - 0s [HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (25) - 4s [MD5.AC4C51EB24AA95B77F705AB159189E24] - 21/11/2010 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2872320] =>.Microsoft Corporation [MD5.C36BB659F08F046B139C8D1B980BF1AC] - 30/03/2017 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [46080] =>.Microsoft Corporation [MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation [MD5.A15B2949219541629C2D43F4545BCB33] - 29/06/2017 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [3240960] =>.Microsoft Corporation [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - 17/07/2014 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [455168] =>.Microsoft Corporation [MD5.067FA52BFB59A56110A12312EF9AF243] - 21/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation [MD5.492D07D79E7024CA310867B526D9636D] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation [MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation [MD5.0DC2A9882540DEA4A55B08785E09D8FC] - 04/04/2017 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [496128] =>.Microsoft Corporation [MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows® [MD5.B8BD2BB284668C84865658C77574381A] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation [MD5.F036CE71586E93D94DAB220D7BDF4416] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation [MD5.9B38580063D281A99E68EF5813022A5F] - 08/09/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [106496] =>.Microsoft Corporation [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 14/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation [MD5.EE88FE7F43A53B376142FAE2DAA50EF1] - 13/06/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [159744] =>.Microsoft Corporation [MD5.E47D571FEC2C76E867935109AB2A770C] - 11/05/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [262144] =>.Microsoft Corporation [MD5.7FD5A7FB8F55254E9AF5666C653AF3CA] - 09/06/2017 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1680616] =>.Microsoft Windows® [MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation [MD5.471815800AE33E6F1C32FB1B97C490CA] - 21/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation [MD5.1B6163C503398B23FF8B939C67747683] - 21/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888] =>.Microsoft Corporation [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation [MD5.028D61D9803FBEFB7426696A7840BB48] - 10/05/2017 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [117248] =>.Microsoft Corporation [MD5.0D08D2F3B3FF84E433346669B5E0F639] - 21/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Windows® ---\\ Non Microsoft non disabled Windows Services (33) - 4s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: (AdobeUpdateService) . (.Adobe Systems Incorporated - Adobe Update Service.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated® O23 - Service: Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated® O23 - Service: AvrcpService (AvrcpService) . (.Realtek Semiconductor Corporation - Realtek Bluetooth AVRCP Service.) - C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe =>.Realtek Semiconductor Corporation O23 - Service: Bluetooth Device Monitor (Bluetooth Device Monitor) . (.Motorola Solutions, Inc. - Bluetooth Device Monitor.) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe =>.Motorola Solutions Inc.® O23 - Service: Bluetooth Media Service (Bluetooth Media Service) . (.Motorola Solutions, Inc. - Bluetooth Media Service.) - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe =>.Motorola Solutions Inc.® O23 - Service: Bluetooth OBEX Service (Bluetooth OBEX Service) . (.Motorola Solutions, Inc. - Bluetooth OBEX Service.) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe =>.Motorola Solutions Inc.® O23 - Service: BTDevManager (BTDevManager) . (.Realtek All Rights Reserved - Realtek Bluetooth BTDevManager Service Appl.) - C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe =>.Realtek All Rights Reserved O23 - Service: CyberLink FCL Service 5.18 (CLFCL5.18) . (.CyberLink Corp. - .) - C:\Windows\System32\DRIVERS\CLFCL5.18\000.fcl =>.CyberLink Corp. O23 - Service: dahkService (dahkService) . (.Dobe Systems Incorporated - Dobe Download Manager.) - C:\ProgramData\dahkService\dahkService.exe {3C57DB35ADE9A2CCEC04675EED197C82} =>PUP.Optional.Salus O23 - Service: DFServ (DFServ) . (.Faronics Corporation - Deep Freeze service.) - C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe =>.Faronics Corporation O23 - Service: Google Update Service (gupdate) (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.) O23 - Service: Hotspot Shield Service (hshld) . (.AnchorFree Inc. - Hss.Service.Application.) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe =>.AnchorFree Inc® O23 - Service: Lenovo PM Service (IBMPMSVC) . (.Lenovo. - Lenovo Power Management Service.) - C:\Windows\System32\ibmpmsvc.exe =>.Lenovo. O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware® O23 - Service: KingoSoftService (KingoSoftService) . (...) - C:\Users\Wesam\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe =>.FingerPower Digital Technology Ltd.® O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) . (.Lenovo Group Limited - Microphone Mute Controll Service for ThinkP.) - C:\Program Files\Lenovo\HOTKEY\micmute.exe =>.LENOVO(JAPAN)LTD.® O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) . (.Lenovo Group Limited - Auto Scroll Start Service.) - C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe =>.Lenovo(Japan)Ltd.® O23 - Service: LiveUpdate (LiveUpdateSvc) . (.IObit - Product Updater.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe =>.IObit Information Technology® O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products® O23 - Service: MobogenieService (MobogenieService) . (.Mobogenie.com - MobogenieService.exe.) - C:\Program Files (x86)\Mobogenie3\MobogenieService.exe =>.Mobogenie.com O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation® O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe =>.NVIDIA Corporation® O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe =>.NVIDIA Corporation® O23 - Service: Origin Web Helper Service (Origin Web Helper Service) . (.Electronic Arts - OriginWebHelperService.) - C:\Program Files (x86)\Origin\OriginWebHelperService.exe =>.Electronic Arts, Inc.® O23 - Service: RosettaStoneDaemon (RosettaStoneDaemon) . (.Rosetta Stone Ltd. - Rosetta Stone Ltd. application.) - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe =>.Rosetta Stone Ltd® O23 - Service: RtkBleServ (RtkBleServ) . (.Realtek Semiconductor Corporation - Realtek Bluetooth 4.0 Service Application.) - C:\Program Files (x86)\Realtek\Realtek Bluetooth\RtkBleServ.exe =>.Realtek Semiconductor Corporation O23 - Service: saiyi technology limit (saiyitechnology) . (.PandaViewer - .) - C:\ProgramData\yahoochrome_D\desktop244.exe =>Hijacker.Browser O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe =>.Samsung Electronics CO., LTD.® O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) . (.Lenovo Group Limited - ThinkPad Message Client Loader.) - C:\Program Files\Lenovo\HOTKEY\tphkload.exe =>.LENOVO(JAPAN)LTD.® O23 - Service: On Screen Display (TPHKSVC) . (.Lenovo Group Limited - On screen display Fn+Fx handler.) - C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe =>.LENOVO(JAPAN)LTD.® ---\\ Services not Microsoft (SR=Run, SS=Stop) (41) - 6s SR - Auto [09/02/2018] [ 83984] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® SS - Demand [18/04/2018] [ 273408] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated® SR - Auto [14/02/2018] [ 818128] (AdobeUpdateService) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated® SR - Auto [05/01/2018] [ 2319848] Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated® SR - Auto [07/05/2013] [ 35328] AvrcpService (AvrcpService) . (.Realtek Semiconductor Corporation.) - C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe =>.Realtek Semiconductor Corporation SR - Auto [26/03/2014] [ 1206648] Bluetooth Device Monitor (Bluetooth Device Monitor) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe =>.Motorola Solutions Inc.® SR - Auto [26/03/2014] [ 1706360] Bluetooth Media Service (Bluetooth Media Service) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe =>.Motorola Solutions Inc.® SR - Auto [26/03/2014] [ 1165688] Bluetooth OBEX Service (Bluetooth OBEX Service) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe =>.Motorola Solutions Inc.® SS - Demand [25/01/2010] [ 245760] BrYNSvc (BrYNSvc) . (.Brother Industries, Ltd..) - C:\Program Files (x86)\Browny02\BrYNSvc.exe =>.Brother Industries, Ltd. SR - Auto [06/11/2013] [ 66560] BTDevManager (BTDevManager) . (.Realtek All Rights Reserved.) - C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe =>.Realtek All Rights Reserved SS - Demand [21/08/2013] [ 279024] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - Software and Firmware Products® SR - Auto [25/04/2018] [ 2179776] dahkService (dahkService) . (.Dobe Systems Incorporated.) - C:\ProgramData\dahkService\dahkService.exe {3C57DB35ADE9A2CCEC04675EED197C82} =>PUP.Optional.Salus SR - Auto [16/09/2017] [ 1399672] DFServ (DFServ) . (.Faronics Corporation.) - C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe =>.Faronics Corporation SS - Demand [20/06/2017] [ 1045256] FLEXnet Licensing Service (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe =>.Acresso Software Inc.® SS - Auto [10/04/2018] [ 53120] Hotspot Shield Service (hshld) . (.AnchorFree Inc..) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe =>.AnchorFree Inc® SR - Auto [07/11/2013] [ 66856] Lenovo PM Service (IBMPMSVC) . (.Lenovo..) - C:\Windows\System32\ibmpmsvc.exe =>.LENOVO(JAPAN)LTD.® SR - Auto [13/02/2013] [ 731648] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation SS - Demand [13/02/2013] [ 820184] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel® Trusted Connect Service® SR - Auto [16/05/2013] [ 169432] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware® SR - Auto [08/03/2018] [ 17384] KingoSoftService (KingoSoftService) . (...) - C:\Users\Wesam\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe =>.FingerPower Digital Technology Ltd.® SR - Auto [24/06/2013] [ 110072] Lenovo Microphone Mute (LENOVO.MICMUTE) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\HOTKEY\micmute.exe =>.LENOVO(JAPAN)LTD.® SR - Auto [10/08/2012] [ 136288] Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe =>.Lenovo(Japan)Ltd.® SS - Auto [29/07/2016] [ 3046688] LiveUpdate (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe =>.IObit Information Technology® SR - Auto [16/05/2013] [ 366552] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products® SS - Demand [19/12/2015] [ 223120] memoQ 7.8 Auto Update Helper (memoQauhlp78) . (.Kilgray.) - C:\Program Files (x86)\Kilgray\memoQ-2015\MemoQ.AutoUpdate.exe {0080BC543F1FE8CE1C} SR - Auto [28/05/2015] [ 127680] MobogenieService (MobogenieService) . (.Mobogenie.com.) - C:\Program Files (x86)\Mobogenie3\MobogenieService.exe =>.Mobogenie.com SR - Auto [14/03/2018] [ 522688] NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation® SS - Demand [14/03/2018] [ 522688] NVIDIA NetworkService Container (NvContainerNetworkService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation® SR - Auto [24/03/2018] [ 464272] NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe =>.NVIDIA Corporation® SR - Auto [14/03/2018] [ 469952] NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe =>.NVIDIA Corporation® SS - Demand [10/04/2018] [ 2158912] Origin Client Service (Origin Client Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginClientService.exe =>.Electronic Arts, Inc.® SS - Auto [10/04/2018] [ 3028808] Origin Web Helper Service (Origin Web Helper Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginWebHelperService.exe =>.Electronic Arts, Inc.® SR - Auto [19/06/2012] [ 1646608] RosettaStoneDaemon (RosettaStoneDaemon) . (.Rosetta Stone Ltd..) - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe =>.Rosetta Stone Ltd® SS - Demand [01/03/2013] [ 118520] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe =>.Riverbed Technology, Inc.® SR - Auto [25/04/2013] [ 42496] RtkBleServ (RtkBleServ) . (.Realtek Semiconductor Corporation.) - C:\Program Files (x86)\Realtek\Realtek Bluetooth\RtkBleServ.exe =>.Realtek Semiconductor Corporation SS - Auto [25/02/2018] [ 512312] saiyi technology limit (saiyitechnology) . (.PandaViewer.) - C:\ProgramData\yahoochrome_D\desktop244.exe =>Hijacker.Browser =>Hijacker.Browser SS - Auto [18/07/2017] [ 317408] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® SR - Auto [16/01/2017] [ 752224] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe =>.Samsung Electronics CO., LTD.® SS - Demand [19/02/2010] [ 517096] Adobe SwitchBoard (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe =>.Adobe Systems Incorporated SR - Auto [20/06/2013] [ 125432] Lenovo Hotkey Client Loader (TPHKLOAD) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\HOTKEY\tphkload.exe =>.LENOVO(JAPAN)LTD.® SR - Auto [20/06/2013] [ 125504] On Screen Display (TPHKSVC) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe =>.LENOVO(JAPAN)LTD.® ---\\ Task Planned Automatically (Register) (152) - 1s O38 - TASK: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} [64Bits][\Microsoft\Windows\Time Synchronization\SynchronizeTime] - (.Microsoft Corporation - A tool to aid in developing services for Wi.) -- C:\Windows\System32\sc.exe [45056] =>.Microsoft Corporation O38 - TASK: {0CBA3406-A7DA-45A7-9243-3F10BE536B79} [64Bits][\{5C9526DC-4B99-B0A9-73AA-ABCEB5282BD7}] - (.Microsoft Corporation - Windows® installer.) -- C:\Users\Wesam\AppData\Local\YNefFbqsd.exe [73216] [/q /i http://freshrefreshnerer184rb.info/3P35vpiS.] =>Adware.TasksRedirect O38 - TASK: {0E4CC627-5B85-4465-9B89-53A394991676} [64Bits][\Lenovo\Lenovo Service Bridge\S-1-5-21-216371645-2073123549-188151620-1000] - (.Lenovo Group Limited - LSBUpdater.) -- C:\Users\Wesam\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [121800] =>.Lenovo Group Limited O38 - TASK: {0F6CB55C-A74F-451E-BE39-CEA99307AE83} [64Bits][\GoogleUpdateTaskMachineUA] - (...) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.) [0] (.Orphan.) =>.SUP.Orphan O38 - TASK: {1A122B20-4CB2-4915-98B0-8800C8C9FB96} [64Bits][\Microsoft\Windows\Media Center\PBDADiscoveryW2] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation O38 - TASK: {1C820BF7-9798-4664-BD4B-53E0CFD25173} [64Bits][\Microsoft\Windows\Media Center\RegisterSearch] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation O38 - TASK: {1D13A914-FF84-43FC-8A6D-DF05741D6454} [64Bits][\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952] =>.NVIDIA Corporation O38 - TASK: {205F78DB-18CD-485B-9FC8-AEFF62ECA66F} [64Bits][\Microsoft\Windows\Media Center\OCURActivate] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation O38 - TASK: {21B59E88-4DB8-4F39-9C98-9E3B8F42D901} [64Bits][\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline] - (.Microsoft Corporation - Manages scheduled tasks.) -- C:\Windows\System32\schtasks.exe [285696] =>.Microsoft Corporation O38 - TASK: {21F70600-C408-42F1-9B3C-6B69FA4301D8} [64Bits][\Microsoft\Windows\Media Center\DispatchRecoveryTasks] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation O38 - TASK: {226AC7BB-B6BD-4E05-8579-D8D31875897A} [64Bits][\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA telemetry monitor.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912] =>.NVIDIA Corporation O38 - TASK: {2967E9FD-9849-4276-9692-613CECE8D6C8} [64Bits][\{9D348F29-7CC0-96EB-C07B-28787E595588}] - (.Microsoft Corporation - Windows® installer.) -- C:\Users\Wesam\AppData\Roaming\nXuEOuakTz.exe [73216] [/q /i http://freshrefreshnerer184.info/6GJJ0V46N0.] =>Adware.TasksRedirect O38 - TASK: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} [64Bits][\Microsoft\Windows\WindowsBackup\ConfigNotification] - (.Microsoft Corporation - Microsoft® Windows Backup.) -- C:\Windows\System32\sdclt.exe [1264640] =>.Microsoft Corporation O38 - TASK: {2F78397F-BB80-4FB8-BE1B-8ABBB49308C8} [64Bits][\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464] =>.NVIDIA Corporation O38 - TASK: {372FB2A8-96DE-442F-88AD-298AA519EA42} [64Bits][\System\SystemDown] - (...) -- C:\Users\Wesam\AppData\Local\Elements (.not file.) [0] (.Orphan.) =>.SUP.Orphan O38 - TASK: {39AB75F7-8EE0-4AFE-9DF0-EFB71E485938} [64Bits][\Microsoft\Windows\Media Center\UpdateRecordPath] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation O38 - TASK: {3A537FA1-1F0A-42B8-BD79-617E625B6134} [64Bits][\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver] - (.Microsoft Corporation - Windows Disk Diagnostic User Resolver.) -- C:\Windows\system32\DFDWiz.exe [79360] =>.Microsoft Corporation O38 - TASK: {3FA425D1-7FA7-4AF4-8143-C465DB91831B} [64Bits][\Adobe Flash Player Updater] - (.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 29.0 d0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [273408] =>.Adobe Systems Incorporated O38 - TASK: {40EB5DBC-92CD-4822-B3DF-0C6EFF2F4125} [64Bits][\Uninstaller_SkipUac_Wesam] - (.IObit - Uninstall Programs.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [4580640] =>.IObit O38 - TASK: {415CE87F-81EC-4D0B-864B-A7C5180AF2E3} [64Bits][\Microsoft\Windows\Media Center\ConfigureInternetTimeService] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation O38 - TASK: {42C3869F-455A-4B81-8E54-2BF70F152DB0} [64Bits][\Microsoft\Windows\Media Center\InstallPlayReady] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation O38 - TASK: {4B97010A-6421-4888-BDD0-0CC456148C80} [64Bits][\AdobeGCInvoker-1.0-Wesam-PC-Wesam] - (.Adobe Systems, Incorporated - Adobe GC Invoker Utility.) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880] =>.Adobe Systems, Incorporated O38 - TASK: {4ED02629-B7F9-459A-A220-AEFF8153556D} [64Bits][\Opera scheduled Autoupdate 2796787680] - (.Microsoft Corporation - Windows Command Processor.) -- C:\Windows\System32\cmd.exe [345088] =>.Microsoft Corporation O38 - TASK: {4FD82EB8-3142-4993-A712-F17AFE26674D} [64Bits][\DriverToolkit Autorun] - (...) -- C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe (.not file.) [0] (.Orphan.) =>.SUP.DriverToolkit O38 - TASK: {5A40E926-9E86-4B89-9CFD-B12311724371} [64Bits][\Microsoft\Windows\UPnP\UPnPHostConfig] - (.Microsoft Corporation - A tool to aid in developing services for Wi.) -- C:\Windows\System32\sc.exe [45056] =>.Microsoft Corporation O38 - TASK: {5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6} [64Bits][\Microsoft\Windows\Defrag\ScheduledDefrag] - (.Microsoft Corp. - Disk Defragmenter Module.) -- C:\Windows\system32\defrag.exe [183296] =>.Microsoft Corp. O38 - TASK: {5D1B8E95-BADF-422F-B722-502E27D1CD90} [64Bits][\Microsoft\Windows\Media Center\MediaCenterRecoveryTask] - (.Microsoft Corporation - Windows Media Center Store Update Manager.) -- C:\Windows\ehome\mcupdate.exe [198656] =>.Microsoft Corporation O38 - TASK: {5D38C8FE-FAB1-4FEC-9D39-08CAB036FBF6} [64Bits][\Microsoft\Windows\Media Center\OCURDiscovery] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation O38 - TASK: {5E26C3FA-CE9D-42E1-AD72-CB9DE761AE80} [64Bits][\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask] - (.Microsoft Corporation - Windows Media Center Store Update Manager.) -- C:\Windows\ehome\mcupdate.exe [198656] =>.Microsoft Corporation O38 - TASK: {68B2218B-E4BF-49D5-8309-B33FE5F113AE} [64Bits][\Microsoft\Windows\Media Center\PvrRecoveryTask] - (.Microsoft Corporation - Windows Media Center Store Update Manager.) -- C:\Windows\ehome\mcupdate.exe [198656] =>.Microsoft Corporation O38 - TASK: {72DB7465-BC54-491B-A92A-4637A28C9BBF} [64Bits][\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck] - (.Microsoft Corporation - AppID Certificate Store Verification Task.) -- C:\Windows\system32\appidcertstorecheck.exe [17920] =>.Microsoft Corporation O38 - TASK: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} [64Bits][\Microsoft\Windows\Windows Media Sharing\UpdateLibrary] - (.Microsoft Corporation - Windows Media Player Network Sharing Servic.) -- C:\Program Files\Windows Media Player\wmpnscfg.exe [70656] =>.Microsoft Corporation O38 - TASK: {75DF9D67-A589-4780-927D-50E0CF76AE61} [64Bits][\{33D3B582-644F-481A-A4DF-78049AED0281}] - (...) -- C:\Users\Wesam\Downloads\Programs\MicrosoftTranslatorInstallerForOffice.exe (.not file.) [0] (.Orphan.) =>.SUP.Orphan O38 - TASK: {786F676E-A0E2-427F-94C5-F9CE63FB6503} [64Bits][\klcp_update] - (.KLite Inc - Setup/Uninstall.) -- C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648] =>.KLite Inc O38 - TASK: {7C2C8A66-9AF2-40F3-96FE-AC7D300F50BA} [64Bits][\Adobe Uninstaller] - (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409936] =>.Adobe Systems Incorporated O38 - TASK: {7FC13C37-7C0F-4A76-9560-DD8C14FE7187} [64Bits][\SystemSecurity\CheckUpdate] - (...) -- C:\Users\Wesam\AppData\Local\Temp\OmagarableQuest.exe (.not file.) [0] (.Orphan.) =>.SUP.Orphan O38 - TASK: {854D93C3-D98D-4B80-BEAD-DFAAC92EEE32} [64Bits][\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA GeForce Experience.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952] =>.NVIDIA Corporation O38 - TASK: {8764FFFA-2D4F-48BB-A937-A98894AB4C32} [64Bits][\AdobeAAMUpdater-1.0-Wesam-PC-Wesam] - (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128] =>.Adobe Systems Incorporated O38 - TASK: {8A55E633-4BCF-4139-8CE8-EE5B7332F5B9} [64Bits][\GoogleUpdateTaskMachineCore] - (...) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.) [0] (.Orphan.) =>.SUP.Orphan O38 - TASK: {8D05FFA8-3F81-4D1A-95A8-35813A5E9E96} [64Bits][\Opera scheduled Autoupdate 3370276873] - (.Microsoft Corporation - Windows Command Processor.) -- C:\Windows\System32\cmd.exe [345088] =>.Microsoft Corporation O38 - TASK: {8E5B5C54-71E7-4068-9A0A-14ACDD1A8AFA} [64Bits][\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector] - (.Microsoft Corporation - Windows Disk Failure Diagnostic Module.) -- C:\Windows\System32\dfdts.dll [45568] =>.Microsoft Corporation O38 - TASK: {93F955A6-011C-4DAC-89A7-C13C89566918} [64Bits][\Adobe Acrobat Update Task] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1183256] =>.Adobe Systems Incorporated O38 - TASK: {994C86AD-A929-4B2C-88A0-4E25A107A029} [64Bits][\Microsoft\Windows\SystemRestore\SR] - (.Microsoft Corporation - Microsoft® Windows System Protection Config.) -- C:\Windows\System32\srrstr.dll [270848] =>.Microsoft Corporation O38 - TASK: {A48CABBF-24C8-4B87-B00F-9261807C3B43} [64Bits][\Microsoft\Windows\AppID\PolicyConverter] - (.Microsoft Corporation - AppID Policy Converter Task.) -- C:\Windows\system32\appidpolicyconverter.exe [148480] =>.Microsoft Corporation O38 - TASK: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} [64Bits][\Microsoft\Windows\Location\Notifications] - (.Microsoft Corporation - Location Activity.) -- C:\Windows\System32\LocationNotifications.exe [90112] =>.Microsoft Corporation O38 - TASK: {A7C54AD8-6961-40AB-AB71-B10873D0E453} [64Bits][\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184] =>.NVIDIA Corporation O38 - TASK: {A7C73732-9F11-4281-8D19-764D4EC9D94D} [64Bits][\Microsoft\Windows\Application Experience\ProgramDataUpdater] - (.Microsoft Corporation - Program Compatibility Data Updater.) -- C:\Windows\System32\aepdu.dll [412160] =>.Microsoft Corporation O38 - TASK: {ADE8180A-92D7-474C-B515-90966E2B332E} [64Bits][\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA nodejs launcher.) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832] =>.NVIDIA Corporation O38 - TASK: {B5D21F37-3B9C-4BE8-92B5-6F45AB982925} [64Bits][\Microsoft\Windows\Media Center\PvrScheduleTask] - (.Microsoft Corporation - Windows Media Center Store Update Manager.) -- C:\Windows\ehome\mcupdate.exe [198656] =>.Microsoft Corporation O38 - TASK: {B650F439-1799-43C3-A3DD-5A51865D8475} [64Bits][\Microsoft\Windows\Media Center\PBDADiscoveryW1] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation O38 - TASK: {BB87C84E-4BA3-4A2E-BA3F-BF4318E08978} [64Bits][\Microsoft\Windows\Windows Activation Technologies\ValidationTask] - (.Microsoft Corporation - Windows Activation Technologies Service.) -- C:\Windows\System32\Wat\WatAdminSvc.exe [1255736] =>.Microsoft Corporation O38 - TASK: {BFD7235B-0785-4073-8CE1-D7B76E0A413B} [64Bits][\Microsoft\Windows\Media Center\RecordingRestart] - (.Microsoft Corporation - Windows Media Center Host Module.) -- C:\Windows\ehome\ehrec.exe [76800] =>.Microsoft Corporation O38 - TASK: {C016366B-7126-46CA-B36B-592A3D95A60B} [64Bits][\Microsoft\Windows\Customer Experience Improvement Program\Consolidator] - (.Microsoft Corporation - Windows SQM Consolidator.) -- C:\Windows\System32\wsqmcons.exe [293888] =>.Microsoft Corporation O38 - TASK: {C6C081AC-BDEE-4E77-9C03-4930F3F738C5} [64Bits][\WPD\SqmUpload_S-1-5-21-216371645-2073123549-188151620-1000] - (.Microsoft Corporation - Windows Portable Device API Components.) -- C:\Windows\System32\portabledeviceapi.dll [758272] =>.Microsoft Corporation O38 - TASK: {C783B59D-F95B-4540-8F0D-45BDD573A38F} [64Bits][\Microsoft\Windows\Media Center\SqlLiteRecoveryTask] - (.Microsoft Corporation - Windows Media Center Store Update Manager.) -- C:\Windows\ehome\mcupdate.exe [198656] =>.Microsoft Corporation O38 - TASK: {CB14BC09-6B91-44F5-BE94-FFA8D6B52890} [64Bits][\Opera scheduled Autoupdate 4086469641] - (.Microsoft Corporation - Windows Command Processor.) -- C:\Windows\System32\cmd.exe [345088] =>.Microsoft Corporation O38 - TASK: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} [64Bits][\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask] - (.Microsoft Corporation - Windows Remote Assistance COM Server.) -- C:\Windows\System32\raserver.exe [125952] =>.Microsoft Corporation O38 - TASK: {CC9CFB31-1991-47B7-BAF2-36B1D1C8B8E3} [64Bits][\Microsoft\Windows\Media Center\PBDADiscovery] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation O38 - TASK: {CE2BBC7A-8C11-4948-8294-9710F2C574A5} [64Bits][\Microsoft\Windows\Media Center\mcupdate] - (.Microsoft Corporation - Windows Media Center Store Update Manager.) -- C:\Windows\ehome\mcupdate.exe [198656] =>.Microsoft Corporation O38 - TASK: {D0250F3F-6480-484F-B719-42F659AC64D5} [64Bits][\Microsoft\Windows\Windows Error Reporting\QueueReporting] - (.Microsoft Corporation - Windows Problem Reporting.) -- C:\Windows\System32\wermgr.exe [50688] =>.Microsoft Corporation O38 - TASK: {D165A436-F676-406F-8BA2-7256F8F13650} [64Bits][\{9A363435-8A58-4BC6-97D5-FD91CE288154}] - (...) -- C:\Program Files (x86)\SEMD70\UNWISE32.EXE (.not file.) [0] (.Orphan.) =>.SUP.Orphan O38 - TASK: {D2AC582D-E6A9-4FA8-9CA8-FAD67F0BC6DF} [64Bits][\AzureSDKService] - (.Franchesco Copyright © 2018 - Franchesco.) -- C:\Users\Wesam\AppData\Local\Temp\MonoCecil\Fazathron.exe [184320] O38 - TASK: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} [64Bits][\Microsoft\Windows\Autochk\Proxy] - (.Microsoft Corporation - Autochk Proxy DLL.) -- C:\Windows\System32\acproxy.dll [11264] =>.Microsoft Corporation O38 - TASK: {D906FDE4-1E7C-4484-8F31-4A3CEEED0140} [64Bits][\Microsoft\Windows\Media Center\PeriodicScanRetry] - (.Microsoft Corporation - Windows Media Center Store Update Manager.) -- C:\Windows\ehome\mcupdate.exe [198656] =>.Microsoft Corporation O38 - TASK: {DB610159-04D8-4575-AB45-18C3A8B1CA03} [64Bits][\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464] =>.NVIDIA Corporation O38 - TASK: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} [64Bits][\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask] - (.Microsoft Corporation - A tool to aid in developing services for Wi.) -- C:\Windows\System32\sc.exe [45056] =>.Microsoft Corporation O38 - TASK: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} [64Bits][\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange] - (.Microsoft Corporation - Base Filtering Engine.) -- C:\Windows\System32\bfe.dll [705024] =>.Microsoft Corporation O38 - TASK: {E2C31372-7912-45B0-856B-4BEB85309450} [64Bits][\Microsoft\Windows\Media Center\ActivateWindowsSearch] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation O38 - TASK: {E3163C33-301D-4730-A266-5518C5ED3967} [64Bits][\Microsoft\Windows\Bluetooth\UninstallDeviceTask] - (.Microsoft Corporation - Bluetooth Uninstall Device Task.) -- C:\Windows\System32\BthUdTask.exe [36864] =>.Microsoft Corporation O38 - TASK: {E3CC563C-E42B-4AB7-960B-4FC117DBDFBB} [64Bits][\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688] =>.NVIDIA Corporation O38 - TASK: {E3D0CE66-4D14-4998-9BC6-ED1455DB7A4F} [64Bits][\Microsoft\Windows\Media Center\ehDRMInit] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation O38 - TASK: {E522BBAB-223E-4682-9CEE-6E3BC5AE812B} [64Bits][\Microsoft\Windows\Media Center\ReindexSearchRoot] - (.Microsoft Corporation - Digital TV Tuner device registration applic.) -- C:\Windows\ehome\ehPrivJob.exe [295936] =>.Microsoft Corporation O38 - TASK: {EB02381F-D652-4B1C-894A-712498C62C51} [64Bits][\Microsoft\Windows\MUI\LPRemove] - (.Microsoft Corporation - MUI Language pack cleanup.) -- C:\Windows\system32\lpremove.exe [71168] =>.Microsoft Corporation O38 - TASK: {ED60130C-4D03-41A0-A383-4619497F5C98} [64Bits][\Adobe Flash Player PPAPI Notifier] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [1366528] =>.Adobe Systems Incorporated O38 - TASK: {EE4FBA98-68EA-4B34-AF0E-B397253BEF0C} [64Bits][\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan] - (.Microsoft Corporation - Microsoft Malware Protection Command Line U.) -- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [410784] =>.Microsoft Corporation O38 - TASK: {FB3C354D-297A-4EB2-9B58-090F6361906B} [64Bits][\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem] - (.Microsoft Corporation - Power Settings Command-Line Tool.) -- C:\Windows\System32\powercfg.exe [71168] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - (.Microsoft Corporation.) -- C:\Windows\System32\sc.exe [w32time task_ed] =>.Microsoft Corporation C:\Windows\System32\Tasks\{5C9526DC-4B99-B0A9-73AA-ABCEB5282BD7} - (.Microsoft Corporation.) -- C:\Users\Wesam\AppData\Local\YNefFbqsd.exe [/q /i http://freshrefreshnerer184rb.info/3P35vpiS.] [/q /i http://freshrefreshnerer184rb.info/3P35vpiS.] =>Adware.TasksRedirect C:\Windows\System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-216371645-2073123549-188151620-1000 - (.Lenovo Group Limited.) -- C:\Users\Wesam\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [] =>.Lenovo Group Limited C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA - (...) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.) [/ua] (.Orphan.) =>.SUP.Orphan C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - (.Microsoft Corporation.) -- C:\Windows\ehome\ehPrivJob.exe [/wait:90] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch - (.Microsoft Corporation.) -- C:\Windows\ehome\ehPrivJob.exe [/DoRegisterSearch] =>.Microsoft Corporation C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [-d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\] =>.NVIDIA Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate - (.Microsoft Corporation.) -- C:\Windows\ehome\ehPrivJob.exe [/OCURActivate] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - (.Microsoft Corporation.) -- C:\Windows\System32\schtasks.exe [/run] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - (.Microsoft Corporation.) -- C:\Windows\ehome\ehPrivJob.exe [/DoRecoveryTasks] =>.Microsoft Corporation C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [] =>.NVIDIA Corporation C:\Windows\System32\Tasks\{9D348F29-7CC0-96EB-C07B-28787E595588} - (.Microsoft Corporation.) -- C:\Users\Wesam\AppData\Roaming\nXuEOuakTz.exe [/q /i http://freshrefreshnerer184.info/6GJJ0V46N0.] [/q /i http://freshrefreshnerer184.info/6GJJ0V46N0.] =>Adware.TasksRedirect C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - (.Microsoft Corporation.) -- C:\Windows\System32\sdclt.exe [/CONFIGNOTIFICATION] =>.Microsoft Corporation C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [] =>.NVIDIA Corporation C:\Windows\System32\Tasks\System\SystemDown - (...) -- C:\Users\Wesam\AppData\Local\Elements (.not file.) [Browser\ElementsSetup.exe] (.Orphan.) =>.SUP.Orphan C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath - (.Microsoft Corporation.) -- C:\Windows\ehome\ehPrivJob.exe [/DoUpdateRecordPath] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - (.Microsoft Corporation.) -- C:\Windows\system32\DFDWiz.exe [] =>.Microsoft Corporation C:\Windows\System32\Tasks\Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [] =>.Adobe Systems Incorporated C:\Windows\System32\Tasks\Uninstaller_SkipUac_Wesam - (.IObit.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [/UninstallExplorer] =>.IObit C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - (.Microsoft Corporation.) -- C:\Windows\ehome\ehPrivJob.exe [/DoConfigureInternetTimeService] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady - (.Microsoft Corporation.) -- C:\Windows\ehome\ehPrivJob.exe [/InstallPlayReady] =>.Microsoft Corporation C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-Wesam-PC-Wesam - (.Adobe Systems, Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [] =>.Adobe Systems, Incorporated C:\Windows\System32\Tasks\Opera scheduled Autoupdate 2796787680 - (.Microsoft Corporation.) -- C:\Windows\System32\cmd.exe [" "C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\ghwrbvai\vrrgsrbe.exe] =>.Microsoft Corporation C:\Windows\System32\Tasks\DriverToolkit Autorun - (...) -- C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe (.not file.) [--autorun] (.Orphan.) C:\Windows\System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig - (.Microsoft Corporation.) -- C:\Windows\System32\sc.exe [config upnphost start= auto] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag - (.Microsoft Corp..) -- C:\Windows\system32\defrag.exe [-c] =>.Microsoft Corp. C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - (.Microsoft Corporation.) -- C:\Windows\ehome\mcupdate.exe [-MediaCenterRecoveryTask] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery - (.Microsoft Corporation.) -- C:\Windows\ehome\ehPrivJob.exe [/OCURDiscovery] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - (.Microsoft Corporation.) -- C:\Windows\ehome\mcupdate.exe [-ObjectStoreRecoveryTask] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - (.Microsoft Corporation.) -- C:\Windows\ehome\mcupdate.exe [-PvrRecoveryTask] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - (.Microsoft Corporation.) -- C:\Windows\system32\appidcertstorecheck.exe [] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmpnscfg.exe [] =>.Microsoft Corporation C:\Windows\System32\Tasks\{33D3B582-644F-481A-A4DF-78049AED0281} - (...) -- C:\Users\Wesam\Downloads\Programs\MicrosoftTranslatorInstallerForOffice.exe (.not file.) [C:\Users\Wesam\Downloads\Programs\MicrosoftTranslatorInstallerForOffice.exe] (.Orphan.) =>.SUP.Orphan C:\Windows\System32\Tasks\klcp_update - (.KLite Inc.) -- C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [/verysilent] =>.KLite Inc C:\Windows\System32\Tasks\Adobe Uninstaller - (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [--sapCode=PHSP --productVersion=18.1.1 --productPl] =>.Adobe Systems Incorporated C:\Windows\System32\Tasks\SystemSecurity\CheckUpdate - (...) -- C:\Users\Wesam\AppData\Local\Temp\OmagarableQuest.exe (.not file.) [] (.Orphan.) =>.SUP.Orphan C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [] =>.NVIDIA Corporation C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Wesam-PC-Wesam - (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [-mode=scheduled] =>.Adobe Systems Incorporated C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore - (...) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.) [/c] (.Orphan.) =>.SUP.Orphan C:\Windows\System32\Tasks\Opera scheduled Autoupdate 3370276873 - (.Microsoft Corporation.) -- C:\Windows\System32\cmd.exe [" "C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\fitusbhf\vrrgsrbe.exe] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - (.Microsoft Corporation.) -- C:\Windows\System32\dfdts.dll [dfdts.dll] =>.Microsoft Corporation C:\Windows\System32\Tasks\Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [] =>.Adobe Systems Incorporated C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore\SR - (.Microsoft Corporation.) -- C:\Windows\System32\srrstr.dll [srrstr.dll] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\AppID\PolicyConverter - (.Microsoft Corporation.) -- C:\Windows\system32\appidpolicyconverter.exe [] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Location\Notifications - (.Microsoft Corporation.) -- C:\Windows\System32\LocationNotifications.exe [] =>.Microsoft Corporation C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [] =>.NVIDIA Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - (.Microsoft Corporation.) -- C:\Windows\System32\aepdu.dll [aepdu.dll] =>.Microsoft Corporation C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [--launcher=TaskScheduler] =>.NVIDIA Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask - (.Microsoft Corporation.) -- C:\Windows\ehome\mcupdate.exe [-PvrSchedule] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - (.Microsoft Corporation.) -- C:\Windows\ehome\ehPrivJob.exe [/wait:7] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - (.Microsoft Corporation.) -- C:\Windows\System32\Wat\WatAdminSvc.exe [/run] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart - (.Microsoft Corporation.) -- C:\Windows\ehome\ehrec.exe [/RestartRecording] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - (.Microsoft Corporation.) -- C:\Windows\System32\wsqmcons.exe [] =>.Microsoft Corporation C:\Windows\System32\Tasks\WPD\SqmUpload_S-1-5-21-216371645-2073123549-188151620-1000 - (.Microsoft Corporation.) -- C:\Windows\System32\portabledeviceapi.dll [portabledeviceapi.dll] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - (.Microsoft Corporation.) -- C:\Windows\ehome\mcupdate.exe [-SqlLiteRecoveryTask] =>.Microsoft Corporation C:\Windows\System32\Tasks\Opera scheduled Autoupdate 4086469641 - (.Microsoft Corporation.) -- C:\Windows\System32\cmd.exe [" "C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\wgjjgeeb\vrrgsrbe.exe] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - (.Microsoft Corporation.) -- C:\Windows\System32\raserver.exe [/offerraupdate] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery - (.Microsoft Corporation.) -- C:\Windows\ehome\ehPrivJob.exe [/PBDADiscovery] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\mcupdate - (.Microsoft Corporation.) -- C:\Windows\ehome\mcupdate.exe [$(Arg0)] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - (.Microsoft Corporation.) -- C:\Windows\System32\wermgr.exe [-queuereporting] =>.Microsoft Corporation C:\Windows\System32\Tasks\{9A363435-8A58-4BC6-97D5-FD91CE288154} - (...) -- C:\Program Files (x86)\SEMD70\UNWISE32.EXE (.not file.) [C:\Program Files (x86)\SEMD70\UNWISE32.EXE] (.Orphan.) =>.SUP.Orphan C:\Windows\System32\Tasks\AzureSDKService - (.Franchesco Copyright © 2018.) -- C:\Users\Wesam\AppData\Local\Temp\MonoCecil\Fazathron.exe [] C:\Windows\System32\Tasks\Microsoft\Windows\Autochk\Proxy - (.Microsoft Corporation.) -- C:\Windows\System32\acproxy.dll [acproxy.dll] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - (.Microsoft Corporation.) -- C:\Windows\ehome\mcupdate.exe [-pscn 0] =>.Microsoft Corporation C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [] =>.NVIDIA Corporation C:\Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - (.Microsoft Corporation.) -- C:\Windows\System32\sc.exe [sppsvc] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - (.Microsoft Corporation.) -- C:\Windows\System32\bfe.dll [bfe.dll] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - (.Microsoft Corporation.) -- C:\Windows\ehome\ehPrivJob.exe [/DoActivateWindowsSearch] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - (.Microsoft Corporation.) -- C:\Windows\System32\BthUdTask.exe [$(Arg0)] =>.Microsoft Corporation C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContain] =>.NVIDIA Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit - (.Microsoft Corporation.) -- C:\Windows\ehome\ehPrivJob.exe [/DRMInit] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - (.Microsoft Corporation.) -- C:\Windows\ehome\ehPrivJob.exe [/DoReindexSearchRoot] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\MUI\LPRemove - (.Microsoft Corporation.) -- C:\Windows\system32\lpremove.exe [] =>.Microsoft Corporation C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [-check pepperplugin] =>.Adobe Systems Incorporated C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan - (.Microsoft Corporation.) -- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [Scan -ScheduleJob -RestrictPrivileges] =>.Microsoft Corporation C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - (.Microsoft Corporation.) -- C:\Windows\System32\powercfg.exe [-energy -auto] =>.Microsoft Corporation ---\\ Auto loading programs from Registry and folders (23) - 2s O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe =>.Intel Corporation O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe =>.Intel Corporation O4 - HKLM\..\Run: [BTMTrayAgent] . (.Motorola Solutions, Inc. - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll =>.Motorola Solutions Inc.® O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe =>.Microsoft Corporation® O4 - HKLM\..\Run: [BtServer] . (.Realtek Semiconductor Corporation - Realtek Bluetooth BTServer Application.) -- C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe =>.Realtek Semiconductor Corporation O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated® O4 - HKLM\..\Run: [AdobeGCInvoker-1.0] . (.Adobe Systems, Incorporated - Adobe GC Invoker Utility.) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe =>.Adobe Systems Incorporated® O4 - HKCU\..\Run: [AdobeBridge] (.Orphan.) =>.SUP.Orphan O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - HKCU\..\Run: [MicrosoftRuntime] . (...) -- C:\Users\Wesam\AppData\Roaming\libraries\MicrosoftRuntimeUpdate.vbe O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe =>.Intel Corporation - Software and Firmware Products® O4 - HKLM\..\Wow6432Node\Run: [IMSS] . (.Intel Corporation - PIcon startup utility.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe =>.Intel Corporation - Software and Firmware Products® O4 - HKLM\..\Wow6432Node\Run: [331BigDog] . (.Vimicro - VM331 StiMnt.) -- C:\Program Files (x86)\USB Camera\VM331STI.EXE =>.Vimicro O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated® O4 - HKLM\..\Wow6432Node\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe =>.Elaborate Bytes AG® O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe =>.Adobe Systems Incorporated® O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe =>.Adobe Systems, Incorporated® O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-216371645-2073123549-188151620-1000\..\Run: [AdobeBridge] (.Orphan.) =>.SUP.Orphan O4 - HKUS\S-1-5-21-216371645-2073123549-188151620-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - HKUS\S-1-5-21-216371645-2073123549-188151620-1000\..\Run: [MicrosoftRuntime] . (...) -- C:\Users\Wesam\AppData\Roaming\libraries\MicrosoftRuntimeUpdate.vbe ---\\ Process running (76) - 2s [MD5.58B3506B3A0BAED2F820E137841BC290] - (.Faronics Corporation - Deep Freeze service.) -- C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe [1399672] [PID.788] =>.Faronics Corporation [MD5.00000000000000000000000000000000] - (.Lenovo. - Lenovo Power Management Service.) -- C:\Windows\system32\ibmpmsvc.exe [0] [PID.840] =>.Lenovo. [MD5.453668B304CF5603818D3886408A1519] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464272] [PID.1060] =>.NVIDIA Corporation® [MD5.453668B304CF5603818D3886408A1519] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464272] [PID.1592] =>.NVIDIA Corporation® [MD5.CA805DA983594B01F3554464B2E5158F] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984] [PID.2116] =>.Adobe Systems, Incorporated® [MD5.CD283D86E1DE13F6AEED204F7CACCAAA] - (.Adobe Systems Incorporated - Adobe Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128] [PID.2356] =>.Adobe Systems Incorporated® [MD5.58A5D48F16E89575C21C0B14A15D4383] - (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848] [PID.2524] =>.Adobe Systems Incorporated® [MD5.F9E224D23B9E0527916DD92FDDDCD524] - (.Realtek Semiconductor Corporation - Realtek Bluetooth AVRCP Service.) -- C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe [35328] [PID.2584] =>.Realtek Semiconductor Corporation [MD5.B3F737C626AA61E31DCB949F7BE9AFAE] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2822896] [PID.2644] =>.Synaptics Incorporated® [MD5.00000000000000000000000000000000] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [0] [PID.2664] =>.Intel Corporation [MD5.00000000000000000000000000000000] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [0] [PID.2672] =>.Intel Corporation [MD5.00000000000000000000000000000000] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [0] [PID.2752] =>.Intel Corporation [MD5.F3AF779478DB966DBD6798F44EC6462A] - (.Faronics Corporation - Deep Freeze utility.) -- C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe [2954472] [PID.2828] =>.Faronics Corporation® [MD5.F614912C0B685EAB07A64C622A20DE53] - (.Realtek Semiconductor Corporation - Realtek Bluetooth BTServer Application.) -- C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe [280576] [PID.2836] =>.Realtek Semiconductor Corporation [MD5.502AA98A7FDAE7919BBEDA91555CDA5D] - (.Realtek All Rights Reserved - Realtek Bluetooth BTDevManager Service Appl.) -- C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe [66560] [PID.2964] =>.Realtek All Rights Reserved [MD5.FABF99CC2834CAFE4DE8556F30C2CF4F] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4027504] [PID.2972] =>.Tonec Inc. [MD5.C9B49C44417FFB323255F641840234B2] - (.Samsung - .) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1023648] [PID.3012] =>.Samsung Electronics CO., LTD.® [MD5.EA5CFF81F7B2AC9D5F8ED201CA40F363] - (.Dobe Systems Incorporated - Dobe Download Manager.) -- C:\ProgramData\dahkService\dahkService.exe [2179776] [PID.1748] {3C57DB35ADE9A2CCEC04675EED197C82} =>PUP.Optional.Salus [MD5.985BB06ADFCDCB4CF3C4393A0B68AB58] - (.Synaptics Incorporated - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [202992] [PID.2504] =>.Synaptics Incorporated® [MD5.BF4A79EC40F8FAA549B5BA5C93A941FB] - (.Faronics Corporation - Deep Freeze DF Locker.) -- C:\Windows\Temp\DFLocker64.exe [225000] [PID.3312] =>.Faronics Corporation® [MD5.83AFB9756D2F71BFCF31B68262CBD58F] - (.Franchesco Copyright © 2018 - Franchesco.) -- C:\Users\Wesam\AppData\Local\Temp\MonoCecil\Fazathron.exe [184320] [PID.3496] [MD5.A86CE46F97FF99B66E6BB38DACA411F9] - (. - SkypePlugin.exe.) -- C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe [265728] [PID.3624] =>.Realtek Semiconductor Corp. [MD5.E0E7C48CAF25943DB1B034364501134A] - (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848] [PID.3708] =>.Intel Corporation - Software and Firmware Products® [MD5.FA6220C7FDF2D94CFF82D45B72E5C929] - (.Vimicro - VM331 StiMnt.) -- C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960] [PID.3744] =>.Vimicro [MD5.3BD79A1F6D2EA0FDDEA3F8914B2A6A0C] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984] [PID.3784] =>.Elaborate Bytes AG® [MD5.E2CB8918F91D39E24C4A488ED9F22325] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe [1870928] [PID.3860] =>.Adobe Systems, Incorporated® [MD5.E3D8C4FDFB3946B383B4C4D4A524FACE] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318112] [PID.3916] =>.Samsung Electronics CO., LTD.® [MD5.B289C20C10B241F6016FECD92B267098] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [275512] [PID.3984] =>.Tonec Inc.® [MD5.7021BCD337B4A88CF3A63AA4F0C5D05D] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704] [PID.3996] =>.Oracle America, Inc.® [MD5.F0C7401DA2771989BAC423F74CC696BF] - (.Adobe Systems Incorporated - Adobe IPC Broker.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe [1077240] [PID.1332] {0E2722567B65B5A9CE108C80A50AE40D} =>.Adobe Systems Incorporated [MD5.DDA8E5AD97231AB50B81FED04C28F64C] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648] [PID.3884] =>.Intel(R) Corporation [MD5.D5D64BCA9C6FB62F05D1B986E7EB84DB] - (...) -- C:\Users\Wesam\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe [17384] [PID.4008] =>.FingerPower Digital Technology Ltd.® [MD5.D253E6009F05776F505F96866CCF460F] - (.Lenovo Group Limited - Auto Scroll Start Service.) -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [136288] [PID.2568] =>.Lenovo(Japan)Ltd.® [MD5.AE4BACF8C7D93CBE4EFE11401DCB0A34] - (.Lenovo Group Limited - Lenovo Auto Scroll Utility.) -- C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe [74288] [PID.3424] =>.Lenovo(Japan)Ltd.® [MD5.F57A690656A8CACFABB78E30D1E71EE1] - (.Mobogenie.com - MobogenieService.exe.) -- C:\Program Files (x86)\Mobogenie3\MobogenieService.exe [127680] [PID.4180] =>.Mobogenie.com [MD5.74AABA63DC9557F16D37402BECCDAC15] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688] [PID.4212] =>.NVIDIA Corporation® [MD5.4DFCEB68ADDF290C541D4BD36BBB1AB5] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [469952] [PID.4276] =>.NVIDIA Corporation® [MD5.F9800ACC5925012F5B6F20BAD8310934] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952] [PID.4484] =>.NVIDIA Corporation® [MD5.9D12F0AC68565E97C07B75314D53F2CE] - (...) -- C:\Program Files (x86)\Mobogenie3\MoboGenieHelper.exe [105152] [PID.4616] [MD5.15DC6F3F5A6E5F823BD9755DEBFA4C72] - (.Adobe Systems Incorporated - Creative Cloud.) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2386392] [PID.4888] =>.Adobe Systems Incorporated® [MD5.CC465ECBC1700B2D91E152ED9165994A] - (.Rosetta Stone Ltd. - Rosetta Stone Ltd. application.) -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [1646608] [PID.5044] =>.Rosetta Stone Ltd® [MD5.543AFFECD35CFABD4490661F83685A0D] - (.Realtek Semiconductor Corporation - Realtek Bluetooth 4.0 Service Application.) -- C:\Program Files (x86)\Realtek\Realtek Bluetooth\RtkBleServ.exe [42496] [PID.5072] =>.Realtek Semiconductor Corporation [MD5.2EF52E3C5AEEA56D179421AFAE3FA54B] - (.Node.js - NVIDIA Web Helper Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [15997376] [PID.5088] =>.NVIDIA Corporation® [MD5.46826B02C346D48A62FF11882AF662BB] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224] [PID.2156] =>.Samsung Electronics CO., LTD.® [MD5.5B62F45C87CC0FB176C5358EEA6CFB4C] - (.Lenovo Group Limited - On screen display Fn+Fx handler.) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [125504] [PID.2464] =>.LENOVO(JAPAN)LTD.® [MD5.EEE8F526111B627ADF5A9CE0FAC4D383] - (.Lenovo Group Limited - ThinkPad Message Client Loader.) -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe [125432] [PID.4632] =>.LENOVO(JAPAN)LTD.® [MD5.0C7E0A4F15CCCF67DCDE1646C859746E] - (.Lenovo Group Limited - NumLock on screen display for ThinkPad.) -- C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe [207408] [PID.2712] =>.Lenovo(Japan)Ltd.® [MD5.99641AFB55830D222D8B1BF7D3B47FF0] - (.Lenovo Group Limited - NumLock indicator for ThinkPad.) -- C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe [163176] [PID.2884] =>.Lenovo(Japan)Ltd.® [MD5.F43BD5D437A3F8EA438A23FB04ABBB73] - (.Lenovo Group Limited - Microphone Mute Controll Service for ThinkP.) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe [110072] [PID.2604] =>.LENOVO(JAPAN)LTD.® [MD5.328689D90CB241661691D4F838EEC031] - (.Lenovo Group Limited - On screen display drawer.) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe [567800] [PID.5788] =>.LENOVO(JAPAN)LTD.® [MD5.7607F359BDBF24E94AA1E405B09B9360] - (.Lenovo Group Limited - ThinkPad Message Receiver for Shortcut Hot.) -- C:\Program Files\Lenovo\HOTKEY\shtctky.exe [92152] [PID.5796] =>.LENOVO(JAPAN)LTD.® [MD5.062041EBDC30BE0087A18A33A02E048E] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [199408] [PID.6328] =>.Synaptics Incorporated® [MD5.FEFF60CA0FBC86A043495FA79581CEA9] - (.Motorola Solutions, Inc. - Bluetooth Device Monitor.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [1206648] [PID.6984] =>.Motorola Solutions Inc.® [MD5.075D93A7094E1BCBDE3A2D8EBA803745] - (.Motorola Solutions, Inc. - Bluetooth OBEX Service.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [1165688] [PID.7112] =>.Motorola Solutions Inc.® [MD5.F6234C4C494D411DEE452483C866EFC8] - (.Motorola Solutions, Inc. - Bluetooth Media Service.) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1706360] [PID.6176] =>.Motorola Solutions Inc.® [MD5.7490C8E5FD740F9B0178E0AB3ED35E7E] - (.IObit - UninstallerMonitor.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe [2271008] [PID.6392] =>.IObit Information Technology® [MD5.9FE032AD8751C5DDCF01DE26C1EE84BC] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [366552] [PID.7924] =>.Intel Corporation - Software and Firmware Products® [MD5.9BFDEFD51800A2D47D43919653F4BEF4] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.4780] =>.Intel Corporation - Intel® Management Engine Firmware® [MD5.5D9A6230D70565DB03A428B44DE524D6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592] [PID.7160] =>.Google Inc® [MD5.5D9A6230D70565DB03A428B44DE524D6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592] [PID.3004] =>.Google Inc® [MD5.5D9A6230D70565DB03A428B44DE524D6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592] [PID.4860] =>.Google Inc® [MD5.5D9A6230D70565DB03A428B44DE524D6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592] [PID.6012] =>.Google Inc® [MD5.5D9A6230D70565DB03A428B44DE524D6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592] [PID.5584] =>.Google Inc® [MD5.5D9A6230D70565DB03A428B44DE524D6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592] [PID.7380] =>.Google Inc® [MD5.5D9A6230D70565DB03A428B44DE524D6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592] [PID.3412] =>.Google Inc® [MD5.5D9A6230D70565DB03A428B44DE524D6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592] [PID.6832] =>.Google Inc® [MD5.5D9A6230D70565DB03A428B44DE524D6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592] [PID.7428] =>.Google Inc® [MD5.5D9A6230D70565DB03A428B44DE524D6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592] [PID.2620] =>.Google Inc® [MD5.5D9A6230D70565DB03A428B44DE524D6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592] [PID.7128] =>.Google Inc® [MD5.5D9A6230D70565DB03A428B44DE524D6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592] [PID.4796] =>.Google Inc® [MD5.5D9A6230D70565DB03A428B44DE524D6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592] [PID.5528] =>.Google Inc® [MD5.5D9A6230D70565DB03A428B44DE524D6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592] [PID.1924] =>.Google Inc® [MD5.5D9A6230D70565DB03A428B44DE524D6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592] [PID.7508] =>.Google Inc® [MD5.53174E79994A4FF151CF230A4AEA9AEC] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Wesam\Downloads\Programs\ZHPDiag3.exe [3076992] [PID.6112] =>.Nicolas Coolman [MD5.D0B23D1F0D1D730493CF89BE5DCBBB4E] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe [53840] [PID.3176] =>.Adobe Systems, Incorporated® [MD5.E673121312D0BF7CD31EB1FAD539B9F4] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat_sl.exe [51280] [PID.7324] =>.Adobe Systems, Incorporated® ---\\ Google Chrome, Start,Search,Extensions (28) - 1s G0 - GCSP: Preferences [User Data\Default][HomePage] http://amazon-space.ru G0 - GCSP: Preferences [User Data\Default][HomePage] http://startimes.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google-analytics.com =>.Google Inc. G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.startimes.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://lms.arabou.edu.kw G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc. G0 - GCSP: Preferences [User Data\Default][HomePage] http://sstatic1.histats.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://sstats.adobe.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://stats.g.doubleclick.net G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.jo =>.Google Inc. G2 - GCE: Preference [Wesam][User Data\Default] [aapbdbdomjkkjkaonfhkkikfgjllcleb] =>.Google Inc. {Traduction} G2 - GCE: Preference [Wesam][User Data\Default] [aogmoaejeldkmidbjekbanidedmckaje] https://ia800502.us.archive.org/15/it... G2 - GCE: Preference [Wesam][User Data\Default] [dghgilfjbjhmipjjpbfbnjlebolilbcm] About the poems of W.B. Yeats G2 - GCE: Preference [Wesam][User Data\Default] [efaidnbmnnnibpcajpcglclefindmkaj] =>.Adobe Inc. {Acrobat} G2 - GCE: Preference [Wesam][User Data\Default] [fcfenmboojpjinhpgggodefccipikbpd] Bing =>.Microsoft Corporation G2 - GCE: Preference [Wesam][User Data\Default] [fegdaofkfamofchhodegbadbkedlnpla] Mansfield Park Vol I Chs 14-18: Comm... G2 - GCE: Preference [Wesam][User Data\Default] [ggoeoejlplkjllchjcaeamehmkjjanec] Moreland Perkins G2 - GCE: Preference [Wesam][User Data\Default] [hnmpcagpplmpfojmgmnngilcnanddlhb] Windscribe =>.Windscribe G2 - GCE: Preference [Wesam][User Data\Default] [lghdlgiponoekdlgkmmdpmjobigoafhd] BookAddiction G2 - GCE: Preference [Wesam][User Data\Default] [nbfmmnmgcninghpphknojgieijiihhad] Only A Novel. Lovers' Vows G2 - GCE: Preference [Wesam][User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module =>.IDM Computer Solutions, Inc. G2 - GCE: Preference [Wesam][User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet} G2 - GCE: Preference [Wesam][User Data\Default] [oedddegdhbanjjgcalamiodgngapmapj] Imagined Empires in Jane Austen's Man... G2 - GCE: Preference [Wesam][User Data\Default] [ojhbgcchcbdjdenibfmjofobklkkhofc] Simple EPUB Reader =>.Kunihiro Ando G2 - GCE: Preference [Wesam][User Data\Default] [onhiacboedfinnofagfgoaanfedhmfab] Reverso Context =>.Reverso.net G2 - GCE: Preference [Wesam][User Data\Default] [pbdpajcdgknpendpmecafmopknefafha] browser_action:{default_icon:{18:images/icon-18.pn G2 - GCE: Preference [Wesam][User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc. C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\SystemTable =>.SUP.BrowserExtension ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (2) - 1s P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll =>.Google Inc. P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll =>.Google Inc. ---\\ Internet Explorer Extensions, Start, Search (15) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com =>.Google Inc. R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (11.00.9600.18739 (winblue_ltsb_escrow.170628-1907)) -- C:\Windows\System32\ieframe.dll =>.Microsoft Corporation ---\\ INTERNET EXPLORER, trusted site and sensitive site (2) - 0s ~ Microsoft Internet Explorer Restricted Site(s) Domains: 0(Good) / 0(Bad) ~ Microsoft Internet Explorer Restricted Site(s) EscDomains: 0(Good) / 0(Bad) ---\\ Internet Explorer, Proxy Management (5) - 0s R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 =>.Default.Value R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 =>.Default.Value R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 =>.Default.Value R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Browser Helper Object (BHO) (6) - 0s O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll =>.Tonec Inc.® O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} . (.IObit - Uninstall for explorer.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll =>.IObit Information Technology® O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll =>.Oracle America, Inc.® O2 - BHO: Adobe Acrobat Create PDF Helper [64Bits] - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll =>.Adobe Systems, Incorporated® O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll =>.Oracle America, Inc.® O2 - BHO: SmartSelect [64Bits] - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll =>.Adobe Systems, Incorporated® ---\\ Global shortcuts Startup (126) - 13s O4 - GS\Desktop [Administrator]: MonoConc Pro.lnk . (.Athelstan - MonoConc Pro for Windows(TM).) C:\Program Files (x86)\MonoConc Pro\MP2.1N.exe O4 - GS\Desktop [Administrator]: Oxford Advanced Learner's Dictionary.lnk . (...) C:\Program Files (x86)\Oxford\OALD9\OALD9.exe {630313764D8C0197DBA6414ED38C8F8E} O4 - GS\Desktop [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Wesam\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Administrator]: Collins COBUILD Dictionary on CD-ROM 2006.lnk . (.Colins COBUILD 2006 - Colins COBUILD 2006.) C:\Program Files (x86)\Collins COBUILD\Cobuild Dictionary 2006\ccd.exe O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Administrator]: jetAudio.lnk . (.JetAudio, Inc. - jetAudio.) C:\Program Files (x86)\JetAudio\JetAudio.exe =>.JetAudio, Inc. O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O4 - GS\Quicklaunch [Administrator]: Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle =>.Microsoft Corporation® O4 - GS\Quicklaunch [Administrator]: Mobogenie3.lnk . (.Mobogenie.com - Mobogenie.exe.) C:\Program Files (x86)\Mobogenie3\Mobogenie.exe =>.Mobogenie.com O4 - GS\Quicklaunch [Administrator]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Administrator]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Administrator]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Wesam\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [Administrator]: Format Factory.lnk . (.Free Time Co., Ltd. - FormatFactory.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe =>.Free Time Co., Ltd.® O4 - GS\sendTo [Administrator]: memoQ.lnk . (.Kilgray - memoQ.) C:\Program Files (x86)\Kilgray\memoQ-2015\MemoQ32.exe {0080BC543F1FE8CE1C} O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl® O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O4 - GS\TaskBar [Administrator]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation O4 - GS\TaskBar [Administrator]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation O4 - GS\Startup [Administrator]: ghwrbvai.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\System32\cmd.exe /c start "" "C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\ghwrbvai\vrrgsrbe.exe" =>.Microsoft Corporation O4 - GS\Startup [Administrator]: wgjjgeeb.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\System32\cmd.exe /c start "" "C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\wgjjgeeb\vrrgsrbe.exe" =>.Microsoft Corporation O4 - GS\Programs [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O4 - GS\Desktop [Guest]: MonoConc Pro.lnk . (.Athelstan - MonoConc Pro for Windows(TM).) C:\Program Files (x86)\MonoConc Pro\MP2.1N.exe O4 - GS\Desktop [Guest]: Oxford Advanced Learner's Dictionary.lnk . (...) C:\Program Files (x86)\Oxford\OALD9\OALD9.exe {630313764D8C0197DBA6414ED38C8F8E} O4 - GS\Desktop [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Wesam\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Guest]: Collins COBUILD Dictionary on CD-ROM 2006.lnk . (.Colins COBUILD 2006 - Colins COBUILD 2006.) C:\Program Files (x86)\Collins COBUILD\Cobuild Dictionary 2006\ccd.exe O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Guest]: jetAudio.lnk . (.JetAudio, Inc. - jetAudio.) C:\Program Files (x86)\JetAudio\JetAudio.exe =>.JetAudio, Inc. O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O4 - GS\Quicklaunch [Guest]: Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle =>.Microsoft Corporation® O4 - GS\Quicklaunch [Guest]: Mobogenie3.lnk . (.Mobogenie.com - Mobogenie.exe.) C:\Program Files (x86)\Mobogenie3\Mobogenie.exe =>.Mobogenie.com O4 - GS\Quicklaunch [Guest]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Guest]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Guest]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Wesam\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [Guest]: Format Factory.lnk . (.Free Time Co., Ltd. - FormatFactory.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe =>.Free Time Co., Ltd.® O4 - GS\sendTo [Guest]: memoQ.lnk . (.Kilgray - memoQ.) C:\Program Files (x86)\Kilgray\memoQ-2015\MemoQ32.exe {0080BC543F1FE8CE1C} O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl® O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O4 - GS\TaskBar [Guest]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation O4 - GS\TaskBar [Guest]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation O4 - GS\Startup [Guest]: ghwrbvai.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\System32\cmd.exe /c start "" "C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\ghwrbvai\vrrgsrbe.exe" =>.Microsoft Corporation O4 - GS\Startup [Guest]: wgjjgeeb.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\System32\cmd.exe /c start "" "C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\wgjjgeeb\vrrgsrbe.exe" =>.Microsoft Corporation O4 - GS\Programs [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O4 - GS\Desktop [Wesam]: MonoConc Pro.lnk . (.Athelstan - MonoConc Pro for Windows(TM).) C:\Program Files (x86)\MonoConc Pro\MP2.1N.exe O4 - GS\Desktop [Wesam]: Oxford Advanced Learner's Dictionary.lnk . (...) C:\Program Files (x86)\Oxford\OALD9\OALD9.exe {630313764D8C0197DBA6414ED38C8F8E} O4 - GS\Desktop [Wesam]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\Desktop [Wesam]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Wesam\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Wesam]: Collins COBUILD Dictionary on CD-ROM 2006.lnk . (.Colins COBUILD 2006 - Colins COBUILD 2006.) C:\Program Files (x86)\Collins COBUILD\Cobuild Dictionary 2006\ccd.exe O4 - GS\Quicklaunch [Wesam]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Wesam]: jetAudio.lnk . (.JetAudio, Inc. - jetAudio.) C:\Program Files (x86)\JetAudio\JetAudio.exe =>.JetAudio, Inc. O4 - GS\Quicklaunch [Wesam]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O4 - GS\Quicklaunch [Wesam]: Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle =>.Microsoft Corporation® O4 - GS\Quicklaunch [Wesam]: Mobogenie3.lnk . (.Mobogenie.com - Mobogenie.exe.) C:\Program Files (x86)\Mobogenie3\Mobogenie.exe =>.Mobogenie.com O4 - GS\Quicklaunch [Wesam]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Wesam]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Wesam]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Wesam\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\sendTo [Wesam]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [Wesam]: Format Factory.lnk . (.Free Time Co., Ltd. - FormatFactory.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe =>.Free Time Co., Ltd.® O4 - GS\sendTo [Wesam]: memoQ.lnk . (.Kilgray - memoQ.) C:\Program Files (x86)\Kilgray\memoQ-2015\MemoQ32.exe {0080BC543F1FE8CE1C} O4 - GS\sendTo [Wesam]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl® O4 - GS\TaskBar [Wesam]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Wesam]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O4 - GS\TaskBar [Wesam]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation O4 - GS\TaskBar [Wesam]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation O4 - GS\Startup [Wesam]: ghwrbvai.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\System32\cmd.exe /c start "" "C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\ghwrbvai\vrrgsrbe.exe" =>.Microsoft Corporation O4 - GS\Startup [Wesam]: wgjjgeeb.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\System32\cmd.exe /c start "" "C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\wgjjgeeb\vrrgsrbe.exe" =>.Microsoft Corporation O4 - GS\Programs [Wesam]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O4 - GS\CommonDesktop [Public]: memoQ 2015.lnk . (.Kilgray - memoQ.) C:\Program Files (x86)\Kilgray\memoQ-2015\MemoQ32.exe {0080BC543F1FE8CE1C} O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\system32\cmd.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\Windows\system32\notepad.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff =>.Microsoft Corporation® O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Bluetooth File Transfer Wizard.lnk . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\Windows\system32\calc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Display Switch.) C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Math Input Panel Accessory.) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Windows Mobility Center.) C:\Windows\system32\mblctr.exe /open =>.Microsoft Corporation O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.) C:\Windows\system32\NetProj.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\Windows\system32\mstsc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\Windows\System32\mobsync.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows host process (Rundll32).) C:\Windows\system32\rundll32.exe %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut =>..Microsoft Corporation O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\Windows\system32\charmap.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Microsoft® Disk Defragmenter.) C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Disk Space Cleanup Manager for Windows.) C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Resource and Performance Monitor.) C:\Windows\system32\perfmon.exe /res =>.Microsoft Corporation O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - System Information.) C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Microsoft® Windows System Restore.) C:\Windows\system32\rstrui.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc /s =>..Microsoft Corporation O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Windows Easy Transfer Post Migration Applic.) C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Windows Easy Transfer Application.) C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: Acrobat Reader DC.lnk . (.Flexera Software LLC - InstallShield.) C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\SC_Reader.ico =>.Flexera Software LLC O4 - GS\ProgramsCommon [Public]: Adobe Acrobat DC.lnk . (.Flexera Software LLC - InstallShield.) C:\Windows\Installer\{AC76BA86-1033-FFFF-7760-0C0F074E4100}\_SC_Acrobat.ico =>.Flexera Software LLC O4 - GS\ProgramsCommon [Public]: Adobe Acrobat Distiller DC.lnk . (.Adobe Systems Incorporated. - Acrobat Distiller.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrodist.exe =>.Adobe Systems, Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Bridge CS6 (64bit).lnk . (.Adobe Systems, Inc. - Adobe Bridge CS6.) C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Bridge CS6.lnk . (.Adobe Systems, Inc. - Adobe Bridge CS6.) C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Creative Cloud.lnk . (.Adobe Systems Incorporated - Adobe Creative Cloud.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe ExtendScript Toolkit CS6.lnk . (.Adobe Systems Incorporated - ExtendScript Toolkit CS6 and Debugger (32 b.) C:\Program Files (x86)\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Extension Manager CS6.lnk . (.Adobe Systems Incorporated - Adobe Extension Manager CS6.) C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Adobe Extension Manager CS6.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Photoshop CC 2017.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CC 2017.) C:\Program Files\Adobe\Adobe Photoshop CC 2017\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Photoshop CS6 (64 Bit).lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS6.) C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Photoshop CS6.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS6.) C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: CyberLink PowerDVD 18.lnk . (.CyberLink Corp. - CyberLink PowerDVD18.) C:\Program Files (x86)\CyberLink\PowerDVD18\PDVDLP.exe =>.CyberLink Corp.® O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\ProgramsCommon [Public]: IObit Uninstaller.lnk . (.IObit - Uninstall Programs.) C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe =>.IObit Information Technology® O4 - GS\ProgramsCommon [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: Microsoft PowerPoint Viewer .lnk . (...) C:\Windows\Installer\{95140000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe =>.Microsoft Corporation® O4 - GS\ProgramsCommon [Public]: Microsoft Security Essentials.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Security Client\msseces.exe =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: Mouse Properties (Touchpad Clickpad Trackpad TrackPoint Mouse Pointer Pointing Pad).lnk . (.Microsoft Corporation - Mouse and Keyboard Control Panel Applets.) C:\Windows\System32\main.cpl =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: Sidebar.lnk . (.Microsoft Corporation - Windows Desktop Gadgets.) C:\Program Files (x86)\Windows Sidebar\sidebar.exe /showgadgets =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\DVD Maker\DVDMaker.exe =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: WordWeb Pro.lnk . (.WordWeb Software - WordWeb.) C:\Program Files (x86)\WordWeb\wweb32.exe -shownow =>.WordWeb Software® O4 - GS\ProgramsCommon [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation ---\\ Lop.com/Domain Hijackers (4) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = lan =>.Local Domain O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 =>.Local IP Adress O17 - HKLM\System\CCS\Services\Tcpip\..\{CB08EFD0-057B-4F9D-9CD5-C9BD4F0E2506}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress O17 - HKLM\System\CCS\Services\Tcpip\..\{CB08EFD0-057B-4F9D-9CD5-C9BD4F0E2506}: DhcpDomain = lan =>.Local Domain ---\\ Extra protocols (21) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation® ---\\ AppInit_DLLs Registry value Autorun (2) - 0s O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 391.) - C:\Windows\System32\nvinitx.dll =>.NVIDIA Corporation O20 - Winlogon : UserInit . (.Microsoft Corporation - Userinit Logon Application.) - C:\Windows\system32\userinit.exe =>.Microsoft Corporation ---\\ List of the image extension registry keys (2) - 0s [HKEY_CLASSES_ROOT\.jpe]@="PandaViewer.jpg" =>Hijacker.Browser [HKEY_CLASSES_ROOT\.tif]@="PandaViewer.tif" =>Hijacker.Browser ---\\ ASIC (ActiveSetup Installed Components) (10) - 1s O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utilit.) -- C:\Windows\System32\unregmp2.exe =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - Microsoft(C) Register Server.) -- C:\Windows\System32\regsvr32.exe =>.Microsoft Corporation O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Enable TLS1.1 and 1.2 [64Bits] - {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utilit.) -- C:\Windows\System32\unregmp2.exe =>.Microsoft Corporation O40 - ASIC: Disable SSL3 [64Bits] - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll =>.Microsoft Corporation® O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\Installer\chrmstp.exe =>.Google Inc® ---\\ Software installed (113) - 18s O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>.BitTorrent Inc® O42 - Logiciel: Adobe Acrobat DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-1033-FFFF-7760-0C0F074E4100} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Acrobat Reader DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AC0F074E4100} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {8C9AA2C1-D07A-48E8-9DD8-471A072947F4} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Creative Cloud =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 29 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 29 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Photoshop CC 2017 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- PHSP_18_1_1 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Photoshop CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {74EB3499-8B95-4B5C-96EB-7B342F3FD0C6} =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824265200} =>.Adobe Systems Incorporated O42 - Logiciel: Brother MFL-Pro Suite DCP-J125 - (.Brother Industries, Ltd..) [HKLM][64Bits] -- {FB83EAC4-E3F6-4666-B45B-44522F2344B6} =>.Macrovision Corporation® O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} =>.Cisco Systems, Inc. O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {AF312B06-5C5C-468E-89B3-BE6DE2645722} =>.Cisco Systems, Inc. O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F} =>.Cisco Systems, Inc. O42 - Logiciel: Compatibility Pack for the 2007 Office system - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0020-0409-0000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: CyberLink PowerDVD 18 - (.CyberLink Corp..) [HKLM][64Bits] -- {0F4F617F-E8D5-46A3-A0F9-43855182A3B1} =>.CyberLink Corp.® O42 - Logiciel: English Grammar in Use Extra content - (.Cambridge University Press.) [HKLM][64Bits] -- English Grammar in Use Extra content =>.Cambridge University Press O42 - Logiciel: Flame Painter 1.2 - (.Peter Blaskovic.) [HKLM][64Bits] -- Flame Painter_is1 O42 - Logiciel: FormatFactory 4.1.0.0 - (.Free Time.) [HKLM][64Bits] -- FormatFactory =>.Free Time O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc® O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: Grammarly for Microsoft® Office Suite - (.Grammarly.) [HKCU][64Bits] -- {da7635e6-2ab8-496a-b5b5-8f82fb640c16} =>.Grammarly, Inc.® O42 - Logiciel: Grammarly for Microsoft® Office Suite - (.Grammarly.) [HKLM][64Bits] -- {B443A4BE-E688-43BD-B152-6724A38437B1} =>.Grammarly O42 - Logiciel: Hotspot Shield 7.6.4 - (.AnchorFree Inc..) [HKLM][64Bits] -- {AF599C42-A2E5-4251-B7EE-4925C187EDD1} =>.Anchorfree Inc. O42 - Logiciel: Hotspot Shield 7.6.4 - (.AnchorFree Inc..) [HKLM][64Bits] -- {cf9b6026-00eb-468c-a903-1f509496b033} =>.AnchorFree Inc® O42 - Logiciel: Hotspot Shield 7.6.4 - (.AnchorFree Inc..) [HKLM][64Bits] -- HotspotShield =>.Anchorfree Inc. O42 - Logiciel: Integrated Camera - (.Vimicro.) [HKLM][64Bits] -- {ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332} =>.Vimicro O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation - Software and Firmware Products® O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - Software and Firmware Products® O42 - Logiciel: Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version - (.Intel Corporation.) [HKLM][64Bits] -- {302600C1-6BDF-4FD1-1405-148929CC1385} =>.Intel Corporation O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} =>.Intel Corporation O42 - Logiciel: Intel(R) USB 3.0 eXtensible Host Controller Driver - (.Intel Corporation.) [HKLM][64Bits] -- {240C3DDD-C5E9-4029-9DF7-95650D040CF2} =>.Intel Corporation - Software and Firmware Products® O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {44B72151-611E-429D-9765-9BA093D7E48A} =>.Intel Corporation O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager =>.Tonec Inc.® O42 - Logiciel: IObit Uninstaller - (.IObit.) [HKLM][64Bits] -- IObitUninstall =>.IObit Information Technology® O42 - Logiciel: Java 8 Update 171 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F64180171F0} =>.Oracle Corporation O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation O42 - Logiciel: jetAudio Basic - (.COWON.) [HKLM][64Bits] -- {DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A} =>.COWON O42 - Logiciel: Kingo ROOT version 1.5.8.3353 - (.Kingosoft Technology Ltd..) [HKLM][64Bits] -- {AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1 =>.Kingosoft Technology Ltd. O42 - Logiciel: K-Lite Codec Pack 13.5.9 Full - (.KLCP.) [HKLM][64Bits] -- KLiteCodecPack_is1 =>.KLCP O42 - Logiciel: LADSPA_plugins-win-0.4.15 - (.Audacity Team.) [HKLM][64Bits] -- LADSPA_plugins-win_is1 =>.Audacity Team O42 - Logiciel: LAME v3.99.3 (for Windows) - (.Audacity.) [HKLM][64Bits] -- LAME_is1 =>.Audacity O42 - Logiciel: Lenovo Auto Scroll Utility - (..) [HKLM][64Bits] -- LenovoAutoScrollUtility =>.Lenovo(Japan)Ltd.® O42 - Logiciel: Lenovo Patch Utility - (.Lenovo Group Limited.) [HKLM][64Bits] -- {C6FB6B4A-1378-4CD3-9CD3-42BA69FCBD43} =>.Lenovo Group Limited O42 - Logiciel: Lenovo Patch Utility 64 bit - (.Lenovo Group Limited.) [HKLM][64Bits] -- {053ACA98-6B07-4DD0-9DB3-F51E3EB1780C} =>.Lenovo Group Limited O42 - Logiciel: Lenovo Power Management Driver - (.Lenovo Group Limited.) [HKLM][64Bits] -- Power Management Driver =>.Lenovo Group Limited O42 - Logiciel: Lenovo Service Bridge - (.Lenovo.) [HKCU][64Bits] -- {2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1 =>.Lenovo O42 - Logiciel: MDI To TIFF File Converter - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-00A6-0409-0000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: memoQ 2015 - (.Kilgray.) [HKLM][64Bits] -- {02493572-ba7f-4e14-9669-d4f3ca7e6734}_is1 O42 - Logiciel: Microsoft PowerPoint Viewer - (.Microsoft Corporation.) [HKLM][64Bits] -- {95140000-00AF-0409-0000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {2AA3C13E-0531-41B8-AE48-AE28C940A809} =>.Microsoft Corporation O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client =>.Microsoft Corporation® O42 - Logiciel: Mobogenie3 - (.Mobogenie.com.) [HKLM][64Bits] -- Mobogenie3 =>.Mobogenie.com O42 - Logiciel: MonoConc Pro - (..) [HKLM][64Bits] -- MonoConc Pro O42 - Logiciel: Need for Speed™ Payback - (.Electronic Arts.) [HKLM][64Bits] -- {F4CF3D08-565C-40B7-B351-D3033DE2172B} =>.Electronic Arts, Inc.® O42 - Logiciel: NVIDIA Backend - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Control Panel 391.35 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Display Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Display Container LS - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Display Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Display Watchdog Plugin - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog =>.NVIDIA Corporation O42 - Logiciel: NVIDIA GeForce Experience 3.13.1.30 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Graphics Driver 391.35 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA LocalSystem Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Message Bus for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus =>.NVIDIA Corporation O42 - Logiciel: NVIDIA NetworkService Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService =>.NVIDIA Corporation O42 - Logiciel: NVIDIA NodeJS - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Optimus Update 31.1.10.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus =>.NVIDIA Corporation O42 - Logiciel: NVIDIA PhysX System Software 9.13.0725 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session =>.NVIDIA Corporation O42 - Logiciel: NVIDIA ShadowPlay 3.13.1.30 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay =>.NVIDIA Corporation O42 - Logiciel: Nvidia Share - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC =>.NVIDIA Corporation O42 - Logiciel: NVIDIA SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv =>.NVIDIA Corporation O42 - Logiciel: NVIDIA SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Telemetry Client - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Telemetry Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA TelemetryApi helper for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Update 31.1.10.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core =>.NVIDIA Corporation O42 - Logiciel: NVIDIA User Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Virtual Audio 4.04.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Virtual Host Controller - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Watchdog Plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog =>.NVIDIA Corporation O42 - Logiciel: OALD9 - (.Oxford University Press.) [HKLM][64Bits] -- Oxford Advanced Learner's Dictionary {630313764D8C0197DBA6414ED38C8F8E} O42 - Logiciel: On Screen Display - (..) [HKLM][64Bits] -- OnScreenDisplay =>.Lenovo(Japan)Ltd.® O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin =>.Electronic Arts, Inc.® O42 - Logiciel: PDF Settings CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BFEAAE77-BD7F-4534-B286-9C5CB4697EB1} =>.Adobe Systems Incorporated O42 - Logiciel: Plagiarism Checker X - (.Plagiarism Checker X, LLC.) [HKLM][64Bits] -- {FC689EC0-8FBE-4EE0-9F6B-9C6F67513026} O42 - Logiciel: Plagiarism Checker X - (.Plagiarism Checker X, LLC.) [HKLM][64Bits] -- Plagiarism Checker X 6.0.3 O42 - Logiciel: QUICKfind server v1.1 - (.IDM.) [HKLM][64Bits] -- QUICKfind =>.IDM O42 - Logiciel: REALTEK Bluetooth Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {9D3D8C60-A5EF-4123-B2B9-172095903AB} =>.Realtek Semiconductor Corp® O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A} =>.Realtek Semiconductor Corp® O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp® O42 - Logiciel: REALTEK Wireless LAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {9DAABC60-A5EF-41FF-B2B9-17329590CD5} =>.Realtek Semiconductor Corp® O42 - Logiciel: Registry Trash Keys Finder (Freeware) - (.SNC.) [HKLM][64Bits] -- Registry Trash Keys Finder =>.SNC O42 - Logiciel: Rosetta Stone Ltd Services - (.Rosetta Stone Ltd..) [HKLM][64Bits] -- {3165E4A6-D5DE-46B0-8597-D55E2B826B84} =>.Rosetta Stone Ltd. O42 - Logiciel: Rosetta Stone TOTALe - (.Rosetta Stone, Ltd.) [HKLM][64Bits] -- {6B6BC189-D606-4BC7-9758-E6C364F76A55} =>.Rosetta Stone, Ltd O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} =>.Samsung Electronics CO., LTD.® O42 - Logiciel: Skype™ 7.40 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {3B7E914A-93D5-4A29-92BB-AF8C3F66C431} =>.Skype Technologies S.A. O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated O42 - Logiciel: TAP-Windows 9.21.2 - (.OpenVPN Technologie.) [HKLM][64Bits] -- TAP-Windows =>.OpenVPN Technologie O42 - Logiciel: Telegram Desktop version 1.2.6 - (.Telegram Messenger LLP.) [HKCU][64Bits] -- {53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1 =>.Telegram Messenger LLP O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM][64Bits] -- VirtualCloneDrive =>.Elaborate Bytes O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: Vulkan Run Time Libraries 1.0.65.1 - (.LunarG, Inc..) [HKLM][64Bits] -- VulkanRT1.0.65.1 =>.LunarG, Inc.® O42 - Logiciel: WinPcap 4.1.3 - (.Riverbed Technology, Inc..) [HKLM][64Bits] -- WinPcapInst =>.Riverbed Technology, Inc. O42 - Logiciel: WinRAR 5.40 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH® O42 - Logiciel: WordWeb Pro - (.WordWeb Software.) [HKLM][64Bits] -- WordWeb =>.WordWeb Software® ---\\ HKCU & HKLM Software Keys (198) - 18s HKCU\Software\csastats =>Adware.InstallCore HKLM\SOFTWARE\Adobe =>.Adobe HKLM\SOFTWARE\Brother =>.Brother HKLM\SOFTWARE\Brother Industries, Ltd. =>.Brother Industries, Ltd. HKLM\SOFTWARE\Caphyon =>.Caphyon HKLM\SOFTWARE\COWON =>.COWON HKLM\SOFTWARE\CyberLink =>.CyberLink Corporation HKLM\SOFTWARE\EA Games =>.EA Games HKLM\SOFTWARE\Elaborate Bytes =>.Elaborate Bytes HKLM\SOFTWARE\Electronic Arts =>.Electronic Arts HKLM\SOFTWARE\Eset =>.ESET HKLM\SOFTWARE\Faronics =>.Faronics HKLM\SOFTWARE\Google =>.Google HKLM\SOFTWARE\HCP HKLM\SOFTWARE\HotspotShield =>.AnchorFree Inc. HKLM\SOFTWARE\IBM =>.IBM HKLM\SOFTWARE\Icaros =>.Icaros HKLM\SOFTWARE\IDM =>.IDM HKLM\SOFTWARE\IM Providers =>.IM Providers HKLM\SOFTWARE\InstallShield =>.InstallShield HKLM\SOFTWARE\Intel =>.Intel HKLM\SOFTWARE\Internet Download Manager =>.Tonec Inc HKLM\SOFTWARE\IObit =>.IObit HKLM\SOFTWARE\JavaSoft =>.JavaSoft HKLM\SOFTWARE\JreMetrics =>.JreMetrics HKLM\SOFTWARE\Kaplan HKLM\SOFTWARE\Khronos =>.Khronos HKLM\SOFTWARE\Kilgray HKLM\SOFTWARE\KLCodecPack =>.KLite Inc HKLM\SOFTWARE\Lake =>.Lake Sofware HKLM\SOFTWARE\Lame For Audacity =>.Audacity HKLM\SOFTWARE\LAV =>.LAV Inc HKLM\SOFTWARE\Lenovo =>.Lenovo HKLM\SOFTWARE\Lingea HKLM\SOFTWARE\LTD HKLM\SOFTWARE\Macromedia =>.Macromedia HKLM\SOFTWARE\Macrovision =>.Macrovision HKLM\SOFTWARE\MAXSOFT-OCRON =>.Maxsoft-Ocron, Inc HKLM\SOFTWARE\Mobogenie3 HKLM\SOFTWARE\Mozilla =>.Mozilla HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins HKLM\SOFTWARE\Mr DJ =>.Mr DJ HKLM\SOFTWARE\Novell =>.Novell HKLM\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions HKLM\SOFTWARE\Origin =>.Electronic Arts, Inc. HKLM\SOFTWARE\OUP HKLM\SOFTWARE\Paltalk HKLM\SOFTWARE\Plagiarism Checker X, LLC HKLM\SOFTWARE\PlagiarismCheckerX HKLM\SOFTWARE\Realtek =>.Realtek Semiconductor Corp. HKLM\SOFTWARE\REALTEK Semiconductor Corp. =>.Realtek Semiconductor Corp. HKLM\SOFTWARE\RtWLan =>.Realtek Semiconductor Corp. HKLM\SOFTWARE\Skype =>.Skype HKLM\SOFTWARE\SNC =>.SNC HKLM\SOFTWARE\SYLSoft HKLM\SOFTWARE\Symantec =>.Symantec HKLM\SOFTWARE\VideoLAN =>.VideoLAN HKLM\SOFTWARE\Vimicro =>.Vimicro HKLM\SOFTWARE\Westwood HKLM\SOFTWARE\WinPcap =>.Riverbed Technology HKLM\SOFTWARE\Wow6432Node =>.Microsoft Corporation HKLM\SOFTWARE\ZSMC =>.ZSMC Corporation HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation HKLM\SOFTWARE\WOW6432Node\Adobe =>.Adobe HKLM\SOFTWARE\WOW6432Node\Brother =>.Brother HKLM\SOFTWARE\WOW6432Node\Brother Industries, Ltd. =>.Brother Industries, Ltd. HKLM\SOFTWARE\WOW6432Node\Caphyon =>.Caphyon HKLM\SOFTWARE\WOW6432Node\COWON =>.COWON HKLM\SOFTWARE\WOW6432Node\CyberLink =>.CyberLink Corporation HKLM\SOFTWARE\WOW6432Node\EA Games =>.EA Games HKLM\SOFTWARE\WOW6432Node\Elaborate Bytes =>.Elaborate Bytes HKLM\SOFTWARE\WOW6432Node\Electronic Arts =>.Electronic Arts HKLM\SOFTWARE\WOW6432Node\Eset =>.ESET HKLM\SOFTWARE\WOW6432Node\Faronics =>.Faronics HKLM\SOFTWARE\WOW6432Node\Google =>.Google HKLM\SOFTWARE\WOW6432Node\HCP HKLM\SOFTWARE\WOW6432Node\HotspotShield =>.AnchorFree Inc. HKLM\SOFTWARE\WOW6432Node\IBM =>.IBM HKLM\SOFTWARE\WOW6432Node\Icaros =>.Icaros HKLM\SOFTWARE\WOW6432Node\IDM =>.IDM HKLM\SOFTWARE\WOW6432Node\IM Providers =>.IM Providers HKLM\SOFTWARE\WOW6432Node\InstallShield =>.InstallShield HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel HKLM\SOFTWARE\WOW6432Node\Internet Download Manager =>.Tonec Inc HKLM\SOFTWARE\WOW6432Node\IObit =>.IObit HKLM\SOFTWARE\WOW6432Node\JavaSoft =>.JavaSoft HKLM\SOFTWARE\WOW6432Node\JreMetrics =>.JreMetrics HKLM\SOFTWARE\WOW6432Node\Kaplan HKLM\SOFTWARE\WOW6432Node\Khronos =>.Khronos HKLM\SOFTWARE\WOW6432Node\Kilgray HKLM\SOFTWARE\WOW6432Node\KLCodecPack =>.KLite Inc HKLM\SOFTWARE\WOW6432Node\Lake =>.Lake Sofware HKLM\SOFTWARE\WOW6432Node\Lame For Audacity =>.Audacity HKLM\SOFTWARE\WOW6432Node\LAV =>.LAV Inc HKLM\SOFTWARE\WOW6432Node\Lenovo =>.Lenovo HKLM\SOFTWARE\WOW6432Node\Lingea HKLM\SOFTWARE\WOW6432Node\LTD HKLM\SOFTWARE\WOW6432Node\Macromedia =>.Macromedia HKLM\SOFTWARE\WOW6432Node\Macrovision =>.Macrovision HKLM\SOFTWARE\WOW6432Node\MAXSOFT-OCRON =>.Maxsoft-Ocron, Inc HKLM\SOFTWARE\WOW6432Node\Mobogenie3 HKLM\SOFTWARE\WOW6432Node\Mozilla =>.Mozilla HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins HKLM\SOFTWARE\WOW6432Node\Mr DJ =>.Mr DJ HKLM\SOFTWARE\WOW6432Node\Novell =>.Novell HKLM\SOFTWARE\WOW6432Node\NVIDIA Corporation =>.nVidia Corporation HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions HKLM\SOFTWARE\WOW6432Node\Origin =>.Electronic Arts, Inc. HKLM\SOFTWARE\WOW6432Node\OUP HKLM\SOFTWARE\WOW6432Node\Paltalk HKLM\SOFTWARE\WOW6432Node\Plagiarism Checker X, LLC HKLM\SOFTWARE\WOW6432Node\PlagiarismCheckerX HKLM\SOFTWARE\WOW6432Node\Realtek =>.Realtek Semiconductor Corp. HKLM\SOFTWARE\WOW6432Node\REALTEK Semiconductor Corp. =>.Realtek Semiconductor Corp. HKLM\SOFTWARE\WOW6432Node\RtWLan =>.Realtek Semiconductor Corp. HKLM\SOFTWARE\WOW6432Node\Skype =>.Skype HKLM\SOFTWARE\WOW6432Node\SNC =>.SNC HKLM\SOFTWARE\WOW6432Node\SYLSoft HKLM\SOFTWARE\WOW6432Node\Symantec =>.Symantec HKLM\SOFTWARE\WOW6432Node\VideoLAN =>.VideoLAN HKLM\SOFTWARE\WOW6432Node\Vimicro =>.Vimicro HKLM\SOFTWARE\WOW6432Node\Westwood HKLM\SOFTWARE\WOW6432Node\WinPcap =>.Riverbed Technology HKLM\SOFTWARE\WOW6432Node\Wow6432Node =>.Microsoft Corporation HKLM\SOFTWARE\WOW6432Node\ZSMC =>.ZSMC Corporation HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation HKCU\SOFTWARE\A-PDF =>.A-PDF Software HKCU\SOFTWARE\Adobe =>.Adobe HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation HKCU\SOFTWARE\ASProtect =>.ASPack Software HKCU\SOFTWARE\Babylon =>Adware.Babylon HKCU\SOFTWARE\bd71a23c HKCU\SOFTWARE\BitTorrent =>.BitTorrent (P2P) HKCU\SOFTWARE\Brother =>.Brother HKCU\SOFTWARE\Chromium =>.Chromium HKCU\SOFTWARE\COWON =>.COWON HKCU\SOFTWARE\CyberLink =>.CyberLink Corporation HKCU\SOFTWARE\DownloadManager =>.DownloadManager HKCU\SOFTWARE\DriverToolkit =>.SUP.DriverToolkit HKCU\SOFTWARE\DSS =>.DSS Software HKCU\SOFTWARE\eb27f46a HKCU\SOFTWARE\Elaborate Bytes =>.Elaborate Bytes HKCU\SOFTWARE\ElAmigos =>.ElAmigos HKCU\SOFTWARE\Electronic Arts =>.Electronic Arts HKCU\SOFTWARE\emFiZXIxQrphYmJlci5ubwxx HKCU\SOFTWARE\Empress HKCU\SOFTWARE\Escape Motions HKCU\SOFTWARE\FreeTime =>.FreeTime Inc HKCU\SOFTWARE\Google =>.Google HKCU\SOFTWARE\Grammarly =>.Grammarly HKCU\SOFTWARE\HCP HKCU\SOFTWARE\HotspotShield =>.AnchorFree Inc. HKCU\SOFTWARE\IBM =>.IBM HKCU\SOFTWARE\Icaros =>.Icaros HKCU\SOFTWARE\IM Providers =>.IM Providers HKCU\SOFTWARE\imo.im HKCU\SOFTWARE\Intel =>.Intel HKCU\SOFTWARE\Intel Corporation =>.Intel Corporation HKCU\SOFTWARE\JavaSoft =>.JavaSoft HKCU\SOFTWARE\JEDI-VCL =>.JEDI Project HKCU\SOFTWARE\Lake =>.Lake Sofware HKCU\SOFTWARE\Lenovo =>.Lenovo HKCU\SOFTWARE\Macromedia =>.Macromedia HKCU\SOFTWARE\madshi =>.madshi.net HKCU\SOFTWARE\MediaInfo =>.Jérôme Martinez HKCU\SOFTWARE\Mobogenie =>.Mobogenie HKCU\SOFTWARE\Mobogenie3 HKCU\SOFTWARE\Mozilla =>.Mozilla HKCU\SOFTWARE\MPC-HC =>.MPC-HC Team HKCU\SOFTWARE\Netscape =>.Netscape HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions HKCU\SOFTWARE\OUP HKCU\SOFTWARE\PlagiarismCheckerX HKCU\SOFTWARE\ProtectedStorage =>.Microsoft Corporation HKCU\SOFTWARE\QtProject =>.QtProject HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp. HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation HKCU\SOFTWARE\Samsung =>.Samsung Electronics HKCU\SOFTWARE\SecuROM =>.SecuROM HKCU\SOFTWARE\Skype =>.Skype HKCU\SOFTWARE\skypeapp-2e0dc9b3eb55 =>.Skype Technologies HKCU\SOFTWARE\Stedman's HKCU\SOFTWARE\Synaptics =>.Synaptics HKCU\SOFTWARE\TelegramDesktop HKCU\SOFTWARE\Trolltech =>.Trolltech HKCU\SOFTWARE\Valve =>.Valve HKCU\SOFTWARE\VB and VBA Program Settings =>.Microsoft Corporation HKCU\SOFTWARE\WinRAR =>.WinRAR HKCU\SOFTWARE\WinRAR SFX =>.RarLab HKCU\SOFTWARE\WixSharp =>.Legitimate HKCU\SOFTWARE\WordWeb HKCU\SOFTWARE\Wow32Win HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation HKCU\SOFTWARE\ZHP =>.Nicolas Coolman HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation HKCU\SOFTWARE\AppDataLow\Software\Adobe =>.Adobe ---\\ Contents of the Common Files folders (544) - 17s O43 - CFD: 19/08/2017 - [] D -- C:\Program Files\Adobe =>.Adobe Systems Incorporated® O43 - CFD: 22/04/2018 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation O43 - CFD: 15/06/2017 - [] D -- C:\Program Files\DVD Maker =>.Aone Software O43 - CFD: 13/06/2017 - [] D -- C:\Program Files\Intel =>.Intel Corporation O43 - CFD: 12/07/2017 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation O43 - CFD: 22/04/2018 - [] D -- C:\Program Files\Java =>.Oracle O43 - CFD: 13/06/2017 - [] D -- C:\Program Files\Lenovo =>.Lenovo O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Microsoft Games =>.Microsoft Corporation O43 - CFD: 15/06/2017 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation O43 - CFD: 13/06/2017 - [] D -- C:\Program Files\Microsoft Security Client =>.Microsoft Corporation O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation O43 - CFD: 22/04/2018 - [] D -- C:\Program Files\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation O43 - CFD: 13/06/2017 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated® O43 - CFD: 15/04/2018 - [] D -- C:\Program Files\TAP-Windows =>.OpenVPN Technologie O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation O43 - CFD: 15/06/2017 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Corporation O43 - CFD: 15/06/2017 - [] D -- C:\Program Files\Windows Journal =>.Microsoft Corporation O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation O43 - CFD: 15/06/2017 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows NT =>.Microsoft Corporation O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation O43 - CFD: 20/06/2017 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH® O43 - CFD: 22/04/2018 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated® O43 - CFD: 06/11/2017 - [] D -- C:\Program Files (x86)\Audacity =>.Audacity O43 - CFD: 08/03/2018 - [] D -- C:\Program Files (x86)\Babylon =>Adware.Babylon O43 - CFD: 10/09/2017 - [] D -- C:\Program Files (x86)\Brother =>.Brother O43 - CFD: 10/09/2017 - [] D -- C:\Program Files (x86)\Browny02 =>.Brother Industries, Ltd. O43 - CFD: 19/07/2017 - [] D -- C:\Program Files (x86)\Cambridge =>.Cambridge O43 - CFD: 13/06/2017 - [] D -- C:\Program Files (x86)\Cisco =>.Cisco Systems, Inc. O43 - CFD: 17/04/2018 - [] D -- C:\Program Files (x86)\Collins COBUILD O43 - CFD: 22/04/2018 - [] D -- C:\Program Files (x86)\Common Files =>.Microsoft Corporation O43 - CFD: 17/04/2018 - [] D -- C:\Program Files (x86)\CyberLink =>.CyberLink Corporation O43 - CFD: 18/09/2017 - [0] D -- C:\Program Files (x86)\Educational Testing Service O43 - CFD: 12/07/2017 - [] D -- C:\Program Files (x86)\Elaborate Bytes =>.Elaborate Bytes O43 - CFD: 27/01/2018 - [] D -- C:\Program Files (x86)\Electronic Arts =>.Electronic Arts O43 - CFD: 16/09/2017 - [] D -- C:\Program Files (x86)\Faronics O43 - CFD: 09/09/2017 - [] D -- C:\Program Files (x86)\Flame Painter O43 - CFD: 16/09/2017 - [] D -- C:\Program Files (x86)\Fluenz O43 - CFD: 12/11/2017 - [] D -- C:\Program Files (x86)\FormatFactory =>.Free Time Co., Ltd.® O43 - CFD: 25/04/2018 - [] D -- C:\Program Files (x86)\Google =>.Google Inc® O43 - CFD: 15/04/2018 - [] D -- C:\Program Files (x86)\Hotspot Shield =>.OpenVPN Technologies, Inc.® O43 - CFD: 15/07/2017 - [] D -- C:\Program Files (x86)\IDM =>.IDM O43 - CFD: 17/04/2018 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield O43 - CFD: 13/06/2017 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation O43 - CFD: 21/08/2017 - [] D -- C:\Program Files (x86)\Internet Download Manager =>.Tonec Inc O43 - CFD: 12/07/2017 - [] D -- C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation O43 - CFD: 20/06/2017 - [] D -- C:\Program Files (x86)\IObit =>.IObit O43 - CFD: 04/11/2017 - [] D -- C:\Program Files (x86)\JetAudio =>.JetAudio, Inc. O43 - CFD: 11/10/2017 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack =>.KLite Inc O43 - CFD: 09/09/2017 - [] D -- C:\Program Files (x86)\Kilgray {0080BC543F1FE8CE1C} O43 - CFD: 16/04/2018 - [] D -- C:\Program Files (x86)\Kingo ROOT =>.Kingosoft Technology Ltd O43 - CFD: 05/11/2017 - [] D -- C:\Program Files (x86)\Lame For Audacity =>.Audacity O43 - CFD: 13/06/2017 - [] D -- C:\Program Files (x86)\Lenovo =>.Lenovo O43 - CFD: 10/09/2017 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation O43 - CFD: 13/06/2017 - [] D -- C:\Program Files (x86)\Microsoft Security Client =>.Microsoft Corporation O43 - CFD: 10/09/2017 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio =>.Microsoft Corporation O43 - CFD: 10/09/2017 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8 =>.Microsoft Corporation O43 - CFD: 10/09/2017 - [] D -- C:\Program Files (x86)\Microsoft Works =>.Microsoft Corporation O43 - CFD: 18/06/2017 - [] D -- C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation O43 - CFD: 15/04/2018 - [] D -- C:\Program Files (x86)\Mobogenie3 =>Adware.Wizzcaster O43 - CFD: 10/09/2017 - [] D -- C:\Program Files (x86)\modiconv =>.Microsoft Corporation® O43 - CFD: 19/11/2017 - [] D -- C:\Program Files (x86)\MonoConc Pro O43 - CFD: 18/04/2018 - [0] D -- C:\Program Files (x86)\Mr DJ =>.Mr DJ O43 - CFD: 10/09/2017 - [] D -- C:\Program Files (x86)\MSBuild =>.Microsoft Corporation O43 - CFD: 10/09/2017 - [] D -- C:\Program Files (x86)\MSECache =>.Microsoft Corporation O43 - CFD: 22/04/2018 - [] D -- C:\Program Files (x86)\Need For Speed Payback O43 - CFD: 17/04/2018 - [] D -- C:\Program Files (x86)\NSIS Uninstall Information =>.MSIS O43 - CFD: 22/04/2018 - [] D -- C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 24/04/2018 - [] D -- C:\Program Files (x86)\Origin =>.Electronic Arts, Inc. O43 - CFD: 22/04/2018 - [0] D -- C:\Program Files (x86)\Origin Games =>.Electronic Arts, Inc. O43 - CFD: 25/07/2017 - [] D -- C:\Program Files (x86)\Oxford {630313764D8C0197DBA6414ED38C8F8E} =>.Oxford O43 - CFD: 17/04/2018 - [] D -- C:\Program Files (x86)\PlagiarismCheckerX O43 - CFD: 27/01/2018 - [0] D -- C:\Program Files (x86)\R.G. Mechanics =>.R.G. Mechanics O43 - CFD: 18/06/2017 - [] D -- C:\Program Files (x86)\Realtek =>.Realtek O43 - CFD: 13/06/2017 - [] D -- C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver =>.Realtek Semiconductor Corp. O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation O43 - CFD: 20/06/2017 - [] D -- C:\Program Files (x86)\Rosetta Stone =>.Rosetta Stone Ltd® O43 - CFD: 20/06/2017 - [] D -- C:\Program Files (x86)\RosettaStoneLtdServices =>.Rosetta Stone Ltd® O43 - CFD: 20/02/2018 - [] D -- C:\Program Files (x86)\Samsung =>.Samsung Electronics O43 - CFD: 16/09/2017 - [0] D -- C:\Program Files (x86)\SEMD70 O43 - CFD: 16/09/2017 - [] RD -- C:\Program Files (x86)\Skype =>.Skype O43 - CFD: 20/06/2017 - [] D -- C:\Program Files (x86)\TrashReg =>.Alexander Asyabrik O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation O43 - CFD: 13/06/2017 - [] D -- C:\Program Files (x86)\USB Camera O43 - CFD: 21/06/2017 - [] D -- C:\Program Files (x86)\VideoLAN =>.VideoLan Team O43 - CFD: 13/06/2017 - [] D -- C:\Program Files (x86)\Vimicro =>.Vimicro O43 - CFD: 22/04/2018 - [] D -- C:\Program Files (x86)\VulkanRT =>.LunarG, Inc O43 - CFD: 15/06/2017 - [] D -- C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 15/06/2017 - [] D -- C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT =>.Microsoft Corporation O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation O43 - CFD: 20/08/2017 - [] D -- C:\Program Files (x86)\WinPcap =>.Riverbed Technology O43 - CFD: 17/04/2018 - [] D -- C:\Program Files (x86)\WordWeb =>.WordWeb Software® O43 - CFD: 19/07/2017 - [] HD -- C:\Program Files (x86)\Zero G Registry =>.Flexera O43 - CFD: 18/06/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation O43 - CFD: 10/09/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools O43 - CFD: 10/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother =>.Brother O43 - CFD: 17/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collins COBUILD O43 - CFD: 12/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes =>.Elaborate Bytes O43 - CFD: 09/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flame Painter O43 - CFD: 16/02/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation O43 - CFD: 15/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield =>.Hotspot Shield O43 - CFD: 13/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel =>.Intel Corporation O43 - CFD: 21/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller =>.IObit O43 - CFD: 22/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle O43 - CFD: 04/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jetAudio =>.JetAudio, Inc. O43 - CFD: 11/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack =>.KLite Inc O43 - CFD: 16/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingo ROOT =>.Kingosoft Technology Ltd O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation O43 - CFD: 10/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office =>.Microsoft Corporation O43 - CFD: 10/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005 =>.Microsoft Corporation O43 - CFD: 08/03/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobogenie3 =>Adware.Wizzcaster O43 - CFD: 19/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MonoConc Pro O43 - CFD: 27/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 22/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin =>.Electronic Arts, Inc. O43 - CFD: 25/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oxford =>.Oxford O43 - CFD: 17/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plagiarism Checker X O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone =>.Rosetta Stone O43 - CFD: 20/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung =>.Samsung Electronics O43 - CFD: 14/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype =>.Skype O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation O43 - CFD: 21/11/2010 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC =>.Wacom Technology O43 - CFD: 21/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team O43 - CFD: 20/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap =>.Riverbed Technology O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR O43 - CFD: 21/08/2017 - [] D -- C:\ProgramData\Adobe =>.Adobe O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation O43 - CFD: 25/04/2018 - [0] SHD -- C:\ProgramData\b24g23ji2 O43 - CFD: 15/03/2018 - [] D -- C:\ProgramData\Babylon =>Adware.Babylon O43 - CFD: 10/09/2017 - [] D -- C:\ProgramData\Brother =>.Brother O43 - CFD: 17/04/2018 - [] D -- C:\ProgramData\CLSK =>.CLSK O43 - CFD: 17/04/2018 - [] D -- C:\ProgramData\CyberLink =>.CyberLink Corporation O43 - CFD: 25/04/2018 - [] D -- C:\ProgramData\dahkService =>PUP.Optional.Salus O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop =>.Microsoft Corporation O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites =>.Microsoft Corporation O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\FLEXnet =>.Flexera Software O43 - CFD: 15/04/2018 - [] D -- C:\ProgramData\Hotspot Shield =>.Hotspot Shield O43 - CFD: 18/06/2017 - [0] D -- C:\ProgramData\IDM =>.IDM O43 - CFD: 17/04/2018 - [] D -- C:\ProgramData\install_backup O43 - CFD: 17/04/2018 - [] D -- C:\ProgramData\install_clap =>.Microsoft Corporation O43 - CFD: 13/06/2017 - [] D -- C:\ProgramData\Intel =>.Intel Corporation O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\IObit =>.IObit O43 - CFD: 07/03/2018 - [] D -- C:\ProgramData\IsolatedStorage =>.id Software O43 - CFD: 09/09/2017 - [] D -- C:\ProgramData\Kilgray CP Client O43 - CFD: 25/09/2017 - [] D -- C:\ProgramData\KONAMI =>.Konami O43 - CFD: 13/06/2017 - [] D -- C:\ProgramData\Lenovo =>.Lenovo O43 - CFD: 11/09/2017 - [] D -- C:\ProgramData\MemoQ O43 - CFD: 10/09/2017 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation O43 - CFD: 10/09/2017 - [] D -- C:\ProgramData\Microsoft Help =>.Microsoft Corporation O43 - CFD: 10/09/2017 - [] D -- C:\ProgramData\MSScanAppDataDir O43 - CFD: 25/04/2018 - [] D -- C:\ProgramData\NVIDIA =>.nVidia Corporation O43 - CFD: 23/04/2018 - [] D -- C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 18/01/2018 - [] D -- C:\ProgramData\Oracle =>.Oracle O43 - CFD: 23/04/2018 - [] D -- C:\ProgramData\Origin =>.Electronic Arts, Inc. O43 - CFD: 22/04/2018 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation O43 - CFD: 17/04/2018 - [] D -- C:\ProgramData\PDVD =>.PDVD O43 - CFD: 24/04/2018 - [] D -- C:\ProgramData\ProductData =>.Microsoft Corporation O43 - CFD: 18/06/2017 - [] D -- C:\ProgramData\Realtek =>.Realtek O43 - CFD: 20/08/2017 - [] D -- C:\ProgramData\regid.1986-12.com.adobe =>.Adobe Inc. O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\Rosetta Stone =>.Rosetta Stone O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\Rosetta Stone Backups O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\RosettaStoneLtdServices O43 - CFD: 20/02/2018 - [] D -- C:\ProgramData\Samsung =>.Samsung Electronics O43 - CFD: 14/01/2018 - [] D -- C:\ProgramData\Skype =>.Skype O43 - CFD: 10/09/2017 - [] D -- C:\ProgramData\SSScanAppDataDir =>.Nuance Communications O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu =>.Microsoft Corporation O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates =>.Microsoft Corporation O43 - CFD: 17/04/2018 - [] D -- C:\ProgramData\WordWeb O43 - CFD: 25/04/2018 - [] D -- C:\ProgramData\yahoochrome_D O43 - CFD: 22/04/2018 - [] D -- C:\Program Files (x86)\Common Files\Adobe =>.Adobe O43 - CFD: 18/09/2017 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR =>.Adobe Inc. O43 - CFD: 04/11/2017 - [] D -- C:\Program Files (x86)\Common Files\COWON =>.COWON O43 - CFD: 17/06/2017 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER =>.Designer O43 - CFD: 13/06/2017 - [] D -- C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield O43 - CFD: 20/06/2017 - [] D -- C:\Program Files (x86)\Common Files\IObit =>.IObit O43 - CFD: 22/04/2018 - [] D -- C:\Program Files (x86)\Common Files\Java =>.Oracle O43 - CFD: 13/06/2017 - [] D -- C:\Program Files (x86)\Common Files\Lenovo =>.Lenovo O43 - CFD: 25/07/2017 - [] D -- C:\Program Files (x86)\Common Files\Lingea Shared O43 - CFD: 20/06/2017 - [] D -- C:\Program Files (x86)\Common Files\Macrovision Shared =>.Rovi Corporation O43 - CFD: 10/09/2017 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared =>.Microsoft Corporation O43 - CFD: 16/09/2017 - [] D -- C:\Program Files (x86)\Common Files\Novell Files O43 - CFD: 22/04/2018 - [] D -- C:\Program Files (x86)\Common Files\Oracle =>.Oracle O43 - CFD: 13/06/2017 - [] D -- C:\Program Files (x86)\Common Files\postureAgent =>.Microsoft Corporation O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation O43 - CFD: 16/09/2017 - [] D -- C:\Program Files (x86)\Common Files\Skype =>.Skype O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines =>.Microsoft Corporation O43 - CFD: 10/09/2017 - [] D -- C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation O43 - CFD: 09/03/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\Acapela Group =>.Acapela Group O43 - CFD: 22/04/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\Adobe =>.Adobe O43 - CFD: 06/11/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\audacity =>.Audacity O43 - CFD: 15/03/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\Babylon =>Adware.Babylon O43 - CFD: 15/06/2017 - [] RD -- C:\Users\Wesam\AppData\Roaming\Brother =>.Brother O43 - CFD: 19/07/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\Cambridge =>.Cambridge O43 - CFD: 04/11/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\COWON =>.COWON O43 - CFD: 17/04/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\CyberLink =>.CyberLink Corporation O43 - CFD: 25/04/2018 - [] RSHD -- C:\Users\Wesam\AppData\Roaming\DE25E01C-A553-C0F0-1FF2-A9F4C346ED68 O43 - CFD: 25/04/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\DMCache =>.DMCache O43 - CFD: 07/07/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\dvdcss =>.VideoLan Team O43 - CFD: 24/08/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\EnglishGrammarinUseExtra O43 - CFD: 15/06/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\Google =>.Google O43 - CFD: 31/01/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\Grammarly =>.Grammarly O43 - CFD: 13/06/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\Identities =>.Microsoft Corporation O43 - CFD: 10/09/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\IDM =>.IDM O43 - CFD: 10/09/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\InstallShield =>.InstallShield O43 - CFD: 20/06/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\IObit =>.IObit O43 - CFD: 07/03/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\IsolatedStorage =>.id Software O43 - CFD: 16/04/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\Kingosoft =>.Kingosoft O43 - CFD: 16/07/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\ldoce5 O43 - CFD: 25/07/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\led =>.LED O43 - CFD: 17/04/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\libraries O43 - CFD: 20/06/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\Macromedia =>.Macromedia O43 - CFD: 21/11/2010 - [0] D -- C:\Users\Wesam\AppData\Roaming\Media Center Programs =>.Microsoft Corporation O43 - CFD: 11/09/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\MemoQ O43 - CFD: 25/04/2018 - [] SD -- C:\Users\Wesam\AppData\Roaming\Microsoft =>.Microsoft Corporation O43 - CFD: 08/03/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\Mobogenie =>.Mobogenie O43 - CFD: 11/07/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\MPC-HC =>.MPC-HC Team O43 - CFD: 18/06/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\My Bluetooth =>.Legitimate O43 - CFD: 22/04/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\NVIDIA =>.nVidia Corporation O43 - CFD: 23/04/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\Origin =>.Electronic Arts, Inc. O43 - CFD: 25/07/2017 - [0] D -- C:\Users\Wesam\AppData\Roaming\Oxford Advanced Learner's Dictionary O43 - CFD: 17/04/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\Plagiarism Checker X, LLC O43 - CFD: 20/06/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\ProductData =>.Microsoft Corporation O43 - CFD: 27/01/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\Red Alert 3 O43 - CFD: 21/07/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\Rosetta Stone =>.Rosetta Stone O43 - CFD: 20/02/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\Samsung =>.Samsung Electronics O43 - CFD: 15/07/2017 - [] RHD -- C:\Users\Wesam\AppData\Roaming\SecuROM =>.SecuROM O43 - CFD: 15/04/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\Skype =>.Skype O43 - CFD: 30/08/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\Strokes 6.0 O43 - CFD: 30/08/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\Sun =>.Oracle O43 - CFD: 23/03/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\Telegram Desktop =>.Telegram Messenger LLP O43 - CFD: 25/04/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\uTorrent O43 - CFD: 22/04/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\vlc =>.VideoLan Team O43 - CFD: 25/04/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\WidModule O43 - CFD: 25/04/2018 - [] SHD -- C:\Users\Wesam\AppData\Roaming\Windows Manager O43 - CFD: 18/06/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\WinRAR =>.WinRAR O43 - CFD: 17/04/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\WordWeb O43 - CFD: 25/04/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 24/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\A.V.M O43 - CFD: 25/04/2018 - [] D -- C:\Users\Wesam\AppData\Local\Adobe =>.Adobe O43 - CFD: 06/03/2018 - [] D -- C:\Users\Wesam\AppData\Local\Adobe_Systems_Incorporate =>.Adobe Inc. O43 - CFD: 17/04/2018 - [] D -- C:\Users\Wesam\AppData\Local\AdvinstAnalytics =>.SUP.Various O43 - CFD: 13/06/2017 - [0] SHD -- C:\Users\Wesam\AppData\Local\Application Data =>.Microsoft Corporation O43 - CFD: 13/06/2017 - [] D -- C:\Users\Wesam\AppData\Local\Apps =>.Microsoft Corporation O43 - CFD: 05/11/2017 - [] D -- C:\Users\Wesam\AppData\Local\Audacity =>.Audacity O43 - CFD: 09/03/2018 - [] D -- C:\Users\Wesam\AppData\Local\Babylon =>Adware.Babylon O43 - CFD: 15/06/2017 - [] D -- C:\Users\Wesam\AppData\Local\CEF =>.CEF O43 - CFD: 25/04/2018 - [] D -- C:\Users\Wesam\AppData\Local\CrashDumps =>.Microsoft Corporation O43 - CFD: 17/04/2018 - [] D -- C:\Users\Wesam\AppData\Local\CyberLink =>.CyberLink Corporation O43 - CFD: 13/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Deployment =>.Microsoft Corporation O43 - CFD: 30/03/2018 - [] D -- C:\Users\Wesam\AppData\Local\Diagnostics =>.Microsoft Corporation O43 - CFD: 20/02/2018 - [] D -- C:\Users\Wesam\AppData\Local\Downloaded Installations =>.Microsoft Corporation O43 - CFD: 26/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\DriverToolkit =>.SUP.DriverToolkit O43 - CFD: 25/04/2018 - [] SHD -- C:\Users\Wesam\AppData\Local\Elements Browser O43 - CFD: 23/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation O43 - CFD: 05/09/2017 - [] D -- C:\Users\Wesam\AppData\Local\Escape Motions O43 - CFD: 24/09/2017 - [0] D -- C:\Users\Wesam\AppData\Local\ESET =>.ESET O43 - CFD: 07/03/2018 - [] D -- C:\Users\Wesam\AppData\Local\FileViewPro =>.SUP.Solvusoft O43 - CFD: 25/04/2018 - [] D -- C:\Users\Wesam\AppData\Local\FradieMerqury O43 - CFD: 14/06/2017 - [] D -- C:\Users\Wesam\AppData\Local\Google =>.Google O43 - CFD: 15/07/2017 - [] D -- C:\Users\Wesam\AppData\Local\Grammarly =>.Grammarly O43 - CFD: 13/06/2017 - [0] SHD -- C:\Users\Wesam\AppData\Local\History =>.Microsoft Corporation O43 - CFD: 22/12/2017 - [] D -- C:\Users\Wesam\AppData\Local\iSpeaker O43 - CFD: 22/12/2017 - [] D -- C:\Users\Wesam\AppData\Local\iWriter O43 - CFD: 16/04/2018 - [] D -- C:\Users\Wesam\AppData\Local\Kingosoft =>.Kingosoft O43 - CFD: 15/07/2017 - [] D -- C:\Users\Wesam\AppData\Local\ldoce5 O43 - CFD: 20/04/2018 - [] D -- C:\Users\Wesam\AppData\Local\LenovoServiceBridge O43 - CFD: 25/04/2018 - [] D -- C:\Users\Wesam\AppData\Local\Microsoft =>.Microsoft Corporation O43 - CFD: 03/08/2017 - [] D -- C:\Users\Wesam\AppData\Local\Microsoft Games =>.Microsoft Corporation O43 - CFD: 01/01/2018 - [] D -- C:\Users\Wesam\AppData\Local\Microsoft Help =>.Microsoft Corporation O43 - CFD: 23/04/2018 - [] D -- C:\Users\Wesam\AppData\Local\NVIDIA =>.nVidia Corporation O43 - CFD: 28/02/2018 - [] D -- C:\Users\Wesam\AppData\Local\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 22/04/2018 - [] D -- C:\Users\Wesam\AppData\Local\Origin =>.Electronic Arts, Inc. O43 - CFD: 31/01/2018 - [] D -- C:\Users\Wesam\AppData\Local\Package Cache =>.Microsoft Corporation O43 - CFD: 18/06/2017 - [] D -- C:\Users\Wesam\AppData\Local\Programs =>.Microsoft Corporation O43 - CFD: 20/02/2018 - [] D -- C:\Users\Wesam\AppData\Local\Samsung =>.Samsung Electronics O43 - CFD: 25/04/2018 - [] D -- C:\Users\Wesam\AppData\Local\Temp =>.Microsoft Corporation O43 - CFD: 13/06/2017 - [0] SHD -- C:\Users\Wesam\AppData\Local\Temporary Internet Files =>.Microsoft Corporation O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign0002ec461140c17e =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign0082987500555a3f =>.SUP.Temporary O43 - CFD: 22/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign00a14bb3775bb69e =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign02f5bf11c3cc421a =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign038a0d639a83ab8b =>.SUP.Temporary O43 - CFD: 17/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign0439cc0b3e1876be =>.SUP.Temporary O43 - CFD: 14/09/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign050169fb121f7f79 =>.SUP.Temporary O43 - CFD: 22/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign07c999c33eac25cc =>.SUP.Temporary O43 - CFD: 25/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign099acefd4f51934a =>.SUP.Temporary O43 - CFD: 09/09/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign0ae0ad52f67255cd =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign0b7dda1b6d858cd2 =>.SUP.Temporary O43 - CFD: 25/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign0bde96e0543f30cb =>.SUP.Temporary O43 - CFD: 25/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign0ecc66105b0a1f25 =>.SUP.Temporary O43 - CFD: 27/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign117fe0c326524c8d =>.SUP.Temporary O43 - CFD: 23/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign11880036d8fbefa2 =>.SUP.Temporary O43 - CFD: 22/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign137945866463b339 =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign13d1235bdd1f7c8b =>.SUP.Temporary O43 - CFD: 08/09/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign1507c29505492394 =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign161b9bfe0e29062c =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign16a798110246cb8e =>.SUP.Temporary O43 - CFD: 23/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign173346c20ce5e033 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign192058ea53b8608c =>.SUP.Temporary O43 - CFD: 08/09/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign195394624dc3f4f2 =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign1b1e739acc9970f8 =>.SUP.Temporary O43 - CFD: 25/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign1c2cd05a8a9fd702 =>.SUP.Temporary O43 - CFD: 10/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign1d30f84c5bee17c2 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign1d425337e8a92ced =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign1f2058871850b9d8 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign1f237da12092b3cb =>.SUP.Temporary O43 - CFD: 22/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign2170871966b31972 =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign24fcfc4b445f6b80 =>.SUP.Temporary O43 - CFD: 08/09/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign25467a36cd1b31ac =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign259c454fc3805ab5 =>.SUP.Temporary O43 - CFD: 25/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign2602799b9aac0b64 =>.SUP.Temporary O43 - CFD: 17/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign26f54dcb41f8f671 =>.SUP.Temporary O43 - CFD: 10/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign28965af40b0308b8 =>.SUP.Temporary O43 - CFD: 26/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign28f8f77eeb98812b =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign292f154b0bfe7d06 =>.SUP.Temporary O43 - CFD: 25/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign2a1b98644918b654 =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign2be47d9d1a5196d8 =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign2c0e6e483d488e93 =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign2f67ab44b80ef61b =>.SUP.Temporary O43 - CFD: 07/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign34aa418f6e8cc925 =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign352f4ed7b3d1611d =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign36517260b875eea7 =>.SUP.Temporary O43 - CFD: 25/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign36692e20fc8d61fd =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign399f8e98e0f87682 =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign3c249854549710fe =>.SUP.Temporary O43 - CFD: 22/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign40ce28c6aa838a05 =>.SUP.Temporary O43 - CFD: 23/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign4451b66ccbcfac2d =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign44d895c829830dc2 =>.SUP.Temporary O43 - CFD: 10/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign44f22f2078799a65 =>.SUP.Temporary O43 - CFD: 10/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign47c297733ebb8d8a =>.SUP.Temporary O43 - CFD: 21/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign47d6b7fe4fcaddf4 =>.SUP.Temporary O43 - CFD: 12/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign48baaed809e41da3 =>.SUP.Temporary O43 - CFD: 10/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign4aaae85d2efcb80e =>.SUP.Temporary O43 - CFD: 22/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign4b3df73f4181feb9 =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign4c5024046d70351e =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign4e3759bf07f7e359 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign4f4a1cf0730918f9 =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign50e14511879e8553 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign50e45669cf9fe2c1 =>.SUP.Temporary O43 - CFD: 17/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign527831b5033e9428 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign53d91c12a0095f99 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign559efe8ef36b89e4 =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign59df4e5ce5c245e4 =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign5a97f538b809d5b6 =>.SUP.Temporary O43 - CFD: 22/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign5b79e904813fdc70 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign5b8ee417ee050b7c =>.SUP.Temporary O43 - CFD: 20/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign5cbf1a9456bfb4e8 =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign5d38abe0fe742131 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign5d9ce6e9bc029698 =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign5e61c286c0a57e2e =>.SUP.Temporary O43 - CFD: 17/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign5fc6110c0a9abebb =>.SUP.Temporary O43 - CFD: 20/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign60f2f36f9669ce24 =>.SUP.Temporary O43 - CFD: 14/09/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign62ea79a190022b64 =>.SUP.Temporary O43 - CFD: 12/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign63905dd2b932872c =>.SUP.Temporary O43 - CFD: 20/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign63bff509065038ff =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign63eb08183fc4c83f =>.SUP.Temporary O43 - CFD: 17/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign6409257059a4f08f =>.SUP.Temporary O43 - CFD: 07/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign65cfc65d271e59a7 =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign668a7c404f8afdba =>.SUP.Temporary O43 - CFD: 09/09/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign695e2ebe76f0a862 =>.SUP.Temporary O43 - CFD: 17/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign6a811ea321a8c76e =>.SUP.Temporary O43 - CFD: 26/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign6a813994dec428ad =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign6b6df2b8aba863da =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign6d135b335633bae9 =>.SUP.Temporary O43 - CFD: 10/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign6f2d7a25d26cf4a3 =>.SUP.Temporary O43 - CFD: 07/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign6f746b1d7e65e34f =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign73d281dcc704e879 =>.SUP.Temporary O43 - CFD: 10/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign744efffa8cd4d048 =>.SUP.Temporary O43 - CFD: 21/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign761c532f516e09ef =>.SUP.Temporary O43 - CFD: 12/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign764eebfa2c50db43 =>.SUP.Temporary O43 - CFD: 14/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign77ee0410e32b60b3 =>.SUP.Temporary O43 - CFD: 24/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign797e282e58b9d3fe =>.SUP.Temporary O43 - CFD: 10/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign7a1b0d6c90f53373 =>.SUP.Temporary O43 - CFD: 26/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign7a8ee628f7ed1d17 =>.SUP.Temporary O43 - CFD: 14/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign7de33cb95f662ca0 =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign7de70720bba62332 =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign7fbed50bbb9c3c1c =>.SUP.Temporary O43 - CFD: 30/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign83826f40e2238e16 =>.SUP.Temporary O43 - CFD: 21/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign8525b0a28a580301 =>.SUP.Temporary O43 - CFD: 24/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign8603aa44d8038b05 =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign86793c1d0dbf6c90 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign86b6b02fb2f524a4 =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign887b9a5f5e9212b9 =>.SUP.Temporary O43 - CFD: 22/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign893498378c1288ef =>.SUP.Temporary O43 - CFD: 10/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign8ab2ebde4d319ecc =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign8c12a219a211e4f5 =>.SUP.Temporary O43 - CFD: 10/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign8c9577d627e1126a =>.SUP.Temporary O43 - CFD: 26/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign8e01a9797804b01e =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign8e785e1e5e47dafc =>.SUP.Temporary O43 - CFD: 25/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign8e8940c3d7c5fa69 =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign8f4da9261b080b6f =>.SUP.Temporary O43 - CFD: 10/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign90d353792eeb35f0 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign92842826110537dd =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign92a4a6f9fa5f7250 =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign92b620b2cf414976 =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign930362998553df16 =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign940db853ef6728e8 =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign942dac12e9bccf44 =>.SUP.Temporary O43 - CFD: 30/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign95719b2cfd7a1113 =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign97e0993653c6c599 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign980d0d9bb5c575b6 =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsign9a01ce003661b7ad =>.SUP.Temporary O43 - CFD: 25/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigna07ce06372a6b5b8 =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigna17fd4f36d9c64c5 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigna2d52a731b2354da =>.SUP.Temporary O43 - CFD: 10/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigna3fd8639799d22fe =>.SUP.Temporary O43 - CFD: 21/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigna5b77ecb2d277ea6 =>.SUP.Temporary O43 - CFD: 07/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigna7e0f0655d05562b =>.SUP.Temporary O43 - CFD: 21/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigna87497560b3032a4 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignaaabfd99aab03e6c =>.SUP.Temporary O43 - CFD: 26/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignaadb22c5fa63c071 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignab0b2e4be154587c =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignab1ef182c82d40b1 =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignabc2d9a95771c8cb =>.SUP.Temporary O43 - CFD: 10/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignad7911bf3f0a2f6b =>.SUP.Temporary O43 - CFD: 07/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignb0c928a1c6318fb7 =>.SUP.Temporary O43 - CFD: 23/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignb2a04bf926a2c932 =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignb2bbece268933f7b =>.SUP.Temporary O43 - CFD: 14/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignb451031e7339bb9b =>.SUP.Temporary O43 - CFD: 23/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignb4d148f011e582cf =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignb5d7272646982ed3 =>.SUP.Temporary O43 - CFD: 23/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignb6aad48fdfdff958 =>.SUP.Temporary O43 - CFD: 21/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignb8863365c585dca9 =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignb9d8fb6d759d0cea =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignba0dbf5ce2eeb648 =>.SUP.Temporary O43 - CFD: 12/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignba37b35aea2d43bb =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignbbc2ed5b6fb7738f =>.SUP.Temporary O43 - CFD: 27/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignbbe6617924872161 =>.SUP.Temporary O43 - CFD: 12/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignbc2e7b35c85b4772 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignc00fb2b5593ce820 =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignc0d4f95e5a354f50 =>.SUP.Temporary O43 - CFD: 10/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignc1ae7a821d65335d =>.SUP.Temporary O43 - CFD: 26/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignc38f6df21462fdcd =>.SUP.Temporary O43 - CFD: 22/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignc435db13e7a5073e =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignc437ffcbfabb842c =>.SUP.Temporary O43 - CFD: 25/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignc44fe9f4e812c645 =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignc51ef1d2395fbe39 =>.SUP.Temporary O43 - CFD: 23/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignc6269cd0f916bdf6 =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignc6b4f0969c29eb04 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignc76d8e8a3e0b0db0 =>.SUP.Temporary O43 - CFD: 24/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigncd55827469198f4c =>.SUP.Temporary O43 - CFD: 10/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigncd69574ec9673276 =>.SUP.Temporary O43 - CFD: 17/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigncda545342c8a1883 =>.SUP.Temporary O43 - CFD: 24/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignd033b3b4746f40f0 =>.SUP.Temporary O43 - CFD: 22/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignd1b23dfd9c05aa6d =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignd22ea30b3d0f2fb5 =>.SUP.Temporary O43 - CFD: 21/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignd298c561d7d7d1f7 =>.SUP.Temporary O43 - CFD: 21/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignd2eeca5151932a36 =>.SUP.Temporary O43 - CFD: 10/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignd4057593f53a4974 =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignd4368d2813f3761f =>.SUP.Temporary O43 - CFD: 12/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignd4b5cc5a5507154d =>.SUP.Temporary O43 - CFD: 30/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignd4eaee40641d5e2c =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignd53e2727d0a8cdeb =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignd8f0cfa668820dfb =>.SUP.Temporary O43 - CFD: 10/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignd90c690c3ecab8fa =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignd9319a2ca7da4354 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignd9bb56417d7825e4 =>.SUP.Temporary O43 - CFD: 20/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignda3e33300413f10e =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignda49146b421f348f =>.SUP.Temporary O43 - CFD: 22/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigndcc752a0350965d7 =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignde5cf215a4a7cb07 =>.SUP.Temporary O43 - CFD: 20/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigndf455aab1d3bbd76 =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigndf998661eabbe091 =>.SUP.Temporary O43 - CFD: 09/09/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigne1be20c882eca29c =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigne22641c1d4d656dc =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigne263e120406c9332 =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigne28541da3c89a15c =>.SUP.Temporary O43 - CFD: 22/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigne291e6cb249cd6e0 =>.SUP.Temporary O43 - CFD: 16/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigne858a39d9777095d =>.SUP.Temporary O43 - CFD: 25/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignea0f43a411dd53c1 =>.SUP.Temporary O43 - CFD: 20/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignea92d428a1d728f2 =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignead7e8a8711bcbdd =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsigneb4a29d38cf1aa37 =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignebd3cbee5405b4f7 =>.SUP.Temporary O43 - CFD: 14/09/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignec35eae06f90a591 =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignec598cbe09049d09 =>.SUP.Temporary O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignede6ec999d82dac7 =>.SUP.Temporary O43 - CFD: 14/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignee654693edbaa05b =>.SUP.Temporary O43 - CFD: 24/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignee65683ecd0527a5 =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignee83df4ac670b630 =>.SUP.Temporary O43 - CFD: 25/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignef64f43305b3d311 =>.SUP.Temporary O43 - CFD: 27/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignf2534cb9e956d108 =>.SUP.Temporary O43 - CFD: 15/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignf32f05f07ca98ac3 =>.SUP.Temporary O43 - CFD: 22/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignf49314dd7335312b =>.SUP.Temporary O43 - CFD: 10/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignf756d0448be877a1 =>.SUP.Temporary O43 - CFD: 22/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignf800866832a6030a =>.SUP.Temporary O43 - CFD: 21/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignfa4bf3ab777738fc =>.SUP.Temporary O43 - CFD: 24/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignfb3cb1293d0d9295 =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignfb9e218f28abf88e =>.SUP.Temporary O43 - CFD: 26/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignfbe49ee12b7eb08c =>.SUP.Temporary O43 - CFD: 17/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignfc000a08c54b2174 =>.SUP.Temporary O43 - CFD: 13/07/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignfe291719fb9245f0 =>.SUP.Temporary O43 - CFD: 18/08/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Tempzxpsignfe814afa1d8501cf =>.SUP.Temporary O43 - CFD: 16/04/2018 - [] D -- C:\Users\Wesam\AppData\Local\uts O43 - CFD: 09/09/2017 - [] D -- C:\Users\Wesam\AppData\Local\VirtualStore =>.Microsoft Corporation O43 - CFD: 25/04/2018 - [] D -- C:\Users\Wesam\AppData\Local\ZHP =>.Nicolas Coolman O43 - CFD: 13/06/2017 - [0] D -- C:\Users\Wesam\AppData\Local\Programs\Common =>.Microsoft Corporation O43 - CFD: 18/06/2017 - [] D -- C:\Users\Wesam\AppData\Local\Programs\Lenovo =>.Lenovo O43 - CFD: 15/06/2017 - [] D -- C:\Users\Wesam\AppData\LocalLow\Adobe =>.Adobe O43 - CFD: 20/06/2017 - [] D -- C:\Users\Wesam\AppData\LocalLow\IObit =>.IObit O43 - CFD: 14/06/2017 - [] D -- C:\Users\Wesam\AppData\LocalLow\Microsoft =>.Microsoft Corporation O43 - CFD: 01/11/2017 - [] D -- C:\Users\Wesam\AppData\LocalLow\Oracle =>.Oracle O43 - CFD: 30/08/2017 - [] D -- C:\Users\Wesam\AppData\LocalLow\Sun =>.Oracle O43 - CFD: 25/04/2018 - [] D -- C:\Users\Wesam\AppData\LocalLow\uTorrent O43 - CFD: 19/11/2017 - [] D -- C:\Users\Wesam\Desktop\Corpus O43 - CFD: 14/07/2009 - [] RD -- C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation O43 - CFD: 15/06/2017 - [] RD -- C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools O43 - CFD: 25/04/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps O43 - CFD: 17/04/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Collins COBUILD O43 - CFD: 12/11/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory =>.FormatFactory O43 - CFD: 27/01/2018 - [] D -- C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation O43 - CFD: 21/08/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc O43 - CFD: 18/06/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo =>.Lenovo O43 - CFD: 14/07/2009 - [] RD -- C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation O43 - CFD: 19/11/2017 - [0] D -- C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MonoConc Pro O43 - CFD: 20/06/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder =>.SNC O43 - CFD: 25/04/2018 - [] RD -- C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation O43 - CFD: 10/07/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop =>.Telegram Messenger LLP O43 - CFD: 20/06/2017 - [] D -- C:\Users\Wesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\History =>.Microsoft Corporation O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation O43 - CFD: 15/06/2017 - [0] D -- C:\Users\Default\AppData\Local\Microsoft Help =>.Microsoft Corporation O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation O43 - CFD: 15/06/2017 - [0] D -- C:\Users\Default User\AppData\Local\Microsoft Help =>.Microsoft Corporation O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation O43 - CFD: 25/04/2018 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Local\CrashDumps =>.Microsoft Corporation O43 - CFD: 16/04/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\CrashRpt O43 - CFD: 14/07/2009 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation O43 - CFD: 18/04/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Maxthon5 =>.Maxthon International Ltd O43 - CFD: 14/07/2009 - [] SD -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation ---\\ ShellIconOverlayIdentifiers (SIOI) (7) - 0s O106 - SIOI: [ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll =>.Tonec Inc.® O106 - SIOI: [ AccExtIco1] - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}. (. - Core Sync.) -- C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated® O106 - SIOI: [ AccExtIco2] - {853B7E05-C47D-4985-909A-D0DC5C6D7303}. (. - Core Sync.) -- C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated® O106 - SIOI: [ AccExtIco3] - {42D38F2E-98E9-4382-B546-E24E4D6D04BB}. (. - Core Sync.) -- C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated® O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation ---\\ Search Context Menu Handlers (SCMH) (50) - 1s O108 - CMH1: $PowerDVD18 [64Bits] - {EF1ED1FB-2224-4150-B12A-CDDE6D442D5A} . (.CyberLink Corp. - CyberLink PowerDVDShell.) -- C:\ProgramData\CyberLink\PowerDVD18\OpenWith\PDVD_Shell64.dll =>.CyberLink Corp.® O108 - CMH1: AccExt [64Bits] - {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} . (. - Core Sync.) -- C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated® O108 - CMH1: Adobe.Acrobat.ContextMenu [64Bits] - {A6595CD1-BF77-430A-A452-18696685F7C7} . (.Adobe Systems Inc. - Adobe Acrobat Context Menu.) -- C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll =>.Adobe Systems, Incorporated® O108 - CMH1: BriefcaseMenu [64Bits] - {85BBD920-42A0-1069-A2E4-08002B30309D} . (.Microsoft Corporation - Windows Briefcase.) -- C:\Windows\System32\syncui.dll =>.Microsoft Corporation O108 - CMH1: BtSendToMenuEx [64Bits] - {CF24E6B8-F148-4BCB-9108-ADF313966E80} . (.Realtek Semiconductor Corporation - Realtek Bluetooth Device Menu DLL.) -- C:\Program Files (x86)\Realtek\Realtek Bluetooth\DevMenuExt.dll =>.Realtek Semiconductor Corporation O108 - CMH1: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- C:\Program Files\Microsoft Security Client\shellext.dll =>.Microsoft Corporation® O108 - CMH1: IObitUnstaler [64Bits] - {B19ED566-D419-470b-B111-3C89040BC027} . (.IObit - IObitUnlockerExtension.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll =>.IObit Information Technology® O108 - CMH1: MemoQContextMenu [64Bits] - {E81E9F62-F62B-49BE-8F07-FA55E1C231EE} . (.Kilgray - memoQ Context Menu Module.) -- C:\Program Files (x86)\Kilgray\memoQ-2015\MemoQContextMenu.dll {0080BC543F1FE8CE1C} O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation O108 - CMH1: Open With EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O108 - CMH1: VirtualCloneDrive [64Bits] - {B7056B8E-4F99-44f8-8CBD-282390FE5428} . (.Elaborate Bytes AG - CloseTray.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll =>.Elaborate Bytes AG® O108 - CMH1: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH® O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.) O108 - CMH1: XXX Groove GFS Context Menu Handler XXX [64Bits] - {6C467336-8281-4E60-8204-430CED96822D} . (.Orphan.) O108 - CMH2: BtSendToMenuEx [64Bits] - {CF24E6B8-F148-4BCB-9108-ADF313966E80} . (.Realtek Semiconductor Corporation - Realtek Bluetooth Device Menu DLL.) -- C:\Program Files (x86)\Realtek\Realtek Bluetooth\DevMenuExt.dll =>.Realtek Semiconductor Corporation O108 - CMH2: Compatibility [64Bits] - {1d27f844-3a1f-4410-85ac-14651078412d} . (.Microsoft Corporation - Compatibility Tab Shell Extension Library.) -- C:\Windows\System32\acppage.dll =>.Microsoft Corporation O108 - CMH2: IObitUnstaler [64Bits] - {B19ED566-D419-470b-B111-3C89040BC027} . (.IObit - IObitUnlockerExtension.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll =>.IObit Information Technology® O108 - CMH2: NvAppShExt [64Bits] - {A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) -- C:\Windows\system32\nv3dappshext.dll =>.NVIDIA Corporation O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation O108 - CMH2: OpenGLShExt [64Bits] - {E97DEC16-A50D-49bb-AE24-CF682282E08D} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) -- C:\Windows\system32\nv3dappshext.dll =>.NVIDIA Corporation O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation O108 - CMH3: jetAudio [64Bits] - {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} . (.JetAudio - Shell Extension for jetAudio.) -- C:\Program Files (x86)\JetAudio\JetFlExt64.dll O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation O108 - CMH3: XXX Groove GFS Context Menu Handler XXX [64Bits] - {6C467336-8281-4E60-8204-430CED96822D} . (.Orphan.) O108 - CMH4: EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation O108 - CMH4: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- C:\Program Files\Microsoft Security Client\shellext.dll =>.Microsoft Corporation® O108 - CMH4: IObitUnstaler [64Bits] - {B19ED566-D419-470b-B111-3C89040BC027} . (.IObit - IObitUnlockerExtension.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll =>.IObit Information Technology® O108 - CMH4: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - Client Side Caching UI.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O108 - CMH4: XXX Groove GFS Context Menu Handler XXX [64Bits] - {6C467336-8281-4E60-8204-430CED96822D} . (.Orphan.) O108 - CMH5: Gadgets [64Bits] - {6B9228DA-9C15-419e-856C-19E768A13BDC} . (.Microsoft Corporation - Sidebar droptarget.) -- C:\Program Files\Windows Sidebar\sbdrop.dll =>.Microsoft Corporation O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation O108 - CMH5: NvCplDesktopContext [64Bits] - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) -- C:\Windows\System32\nvshext.dll =>.NVIDIA Corporation O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O108 - CMH5: XXX Groove GFS Context Menu Handler XXX [64Bits] - {6C467336-8281-4E60-8204-430CED96822D} . (.Orphan.) O108 - CMH6: AccExt [64Bits] - {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} . (. - Core Sync.) -- C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated® O108 - CMH6: Adobe.Acrobat.ContextMenu [64Bits] - {A6595CD1-BF77-430A-A452-18696685F7C7} . (.Adobe Systems Inc. - Adobe Acrobat Context Menu.) -- C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll =>.Adobe Systems, Incorporated® O108 - CMH6: BriefcaseMenu [64Bits] - {85BBD920-42A0-1069-A2E4-08002B30309D} . (.Microsoft Corporation - Windows Briefcase.) -- C:\Windows\System32\syncui.dll =>.Microsoft Corporation O108 - CMH6: IObitUnstaler [64Bits] - {B19ED566-D419-470b-B111-3C89040BC027} . (.IObit - IObitUnlockerExtension.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll =>.IObit Information Technology® O108 - CMH6: jetAudio [64Bits] - {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} . (.JetAudio - Shell Extension for jetAudio.) -- C:\Program Files (x86)\JetAudio\JetFlExt64.dll O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation O108 - CMH6: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - Client Side Caching UI.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation O108 - CMH6: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH® O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.) O108 - CMH6: XXX Groove GFS Context Menu Handler XXX [64Bits] - {6C467336-8281-4E60-8204-430CED96822D} . (.Orphan.) O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O108 - CMH7: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- C:\Program Files\Microsoft Security Client\shellext.dll =>.Microsoft Corporation® O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O108 - CMH7: VirtualCloneDrive [64Bits] - {B7056B8E-4F99-44f8-8CBD-282390FE5428} . (.Elaborate Bytes AG - CloseTray.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll =>.Elaborate Bytes AG® ---\\ Image File Execution Options (4) - 0s O50 - IFEO:C:\Windows\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialization Utility.) [MitigationOptions\\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\\256] =>.Microsoft Corporation ---\\ System Drivers List (76) - 6s O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows® O58 - SDL:2010/11/21 06:23:47 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows® O58 - SDL:2010/11/21 06:23:47 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows® O58 - SDL:2009/06/10 23:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation O58 - SDL:2009/06/10 23:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd. O58 - SDL:2009/06/10 23:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd. O58 - SDL:2009/07/14 04:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd. O58 - SDL:2014/03/26 12:37:38 A . (.Motorola Solutions, Inc. - Bluetooth Auxiliary Driver.) -- C:\Windows\System32\drivers\btmaux.sys [140600] =>.Motorola Solutions Inc.® O58 - SDL:2018/04/19 04:55:28 A . (...) -- C:\Windows\System32\drivers\butldsk.sys [192408] =>Trojan.CoreBot O58 - SDL:2009/06/10 23:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation O58 - SDL:2009/07/14 04:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows® O58 - SDL:2015/07/17 17:21:32 A . (.Faronics Corporation - Deep Freeze driver.) -- C:\Windows\System32\drivers\DeepFrz.sys [218088] =>.Faronics Corporation® O58 - SDL:2015/07/17 17:23:08 A . (.Faronics Corporation - Deep Freeze driver.) -- C:\Windows\System32\drivers\DfDiskLo.sys [38632] =>.Faronics Corporation® O58 - SDL:2015/07/17 17:23:40 A . (.Faronics Corporation - Deep Freeze Driver.) -- C:\Windows\System32\drivers\DFFilter.sys [43240] =>.Faronics Corporation® O58 - SDL:2014/12/21 01:31:04 A . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) -- C:\Windows\System32\drivers\ElbyCDIO.sys [40344] =>.Elaborate Bytes AG® O58 - SDL:2009/07/14 04:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows® O58 - SDL:2009/06/10 23:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation O58 - SDL:2015/07/17 17:22:36 A . (.Faronics Corporation - Deep Freeze driver.) -- C:\Windows\System32\drivers\FarDisk.sys [31464] =>.Faronics Corporation® O58 - SDL:2015/07/17 17:22:04 A . (.Faronics Corporation - Deep Freeze Driver.) -- C:\Windows\System32\drivers\FarSpace.sys [117992] =>.Faronics Corporation® O58 - SDL:2009/06/10 23:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc. O58 - SDL:2013/05/16 16:05:54 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [64624] =>.Intel Corporation - Intel® Management Engine Firmware® O58 - SDL:2010/11/21 06:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows® O58 - SDL:2010/11/21 06:23:47 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows® O58 - SDL:2013/11/07 18:46:20 A . (.Lenovo. - Lenovo Power Management Driver.) -- C:\Windows\System32\drivers\ibmpmdrv.sys [54528] =>.LENOVO(JAPAN)LTD.® O58 - SDL:2017/08/05 19:26:42 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [225568] =>.Tonec Inc.® O58 - SDL:2013/08/08 22:44:54 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [4448800] =>.Intel Corporation O58 - SDL:2009/07/14 04:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows® O58 - SDL:2013/08/08 22:53:58 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [452088] =>.Intel Corporation - Software and Firmware Products® O58 - SDL:2013/10/21 10:25:42 A . (.Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Dri.) -- C:\Windows\System32\drivers\iusb3hcs.sys [20464] =>.Intel Corporation - Software and Firmware Products® O58 - SDL:2013/10/21 10:25:36 A . (.Intel Corporation - Intel(R) USB 3.0 Hub Driver.) -- C:\Windows\System32\drivers\iusb3hub.sys [368624] =>.Intel Corporation - Software and Firmware Products® O58 - SDL:2013/10/21 10:25:38 A . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller.) -- C:\Windows\System32\drivers\iusb3xhc.sys [790000] =>.Intel Corporation - Software and Firmware Products® O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows® O58 - SDL:2013/03/01 04:49:12 A . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\drivers\npf.sys [36600] =>.Riverbed Technology, Inc.® O58 - SDL:2018/03/25 19:26:02 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [17371168] =>.NVIDIA Corporation® O58 - SDL:2018/03/25 19:26:40 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvpciflt.sys [48032] =>.NVIDIA Corporation® O58 - SDL:2010/11/21 06:23:47 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows® O58 - SDL:2010/11/21 06:23:47 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows® O58 - SDL:2017/12/15 05:03:48 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\Windows\System32\drivers\nvvad64v.sys [59240] =>.NVIDIA Corporation® O58 - SDL:2018/01/10 17:05:20 A . (.NVIDIA Corporation - Virtual USB Host Controller driver.) -- C:\Windows\System32\drivers\nvvhci.sys [59752] =>.NVIDIA Corporation® O58 - SDL:2009/07/14 04:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows® O58 - SDL:2013/06/18 16:22:36 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [872152] =>.Realtek Semiconductor Corp® O58 - SDL:2013/04/19 05:56:08 A . (.Realtek Semiconductor Corporation - Realtek Bluetooth A2DP Driver.) -- C:\Windows\System32\drivers\RtkA2dp.sys [177736] =>.Realtek Semiconductor Corp® O58 - SDL:2013/06/21 06:44:06 A . (.Realtek Semiconductor Corporation - Realtek Bluetooth Avrcp Controller Driver.) -- C:\Windows\System32\drivers\RtkAvrcpCtrlr.sys [66904] =>.Realtek Semiconductor Corp® O58 - SDL:2013/09/05 14:39:42 A . (.Realtek Semiconductor Corporation - Realtek Bluetooth Filter Driver.) -- C:\Windows\System32\drivers\RtkBtfilter.sys [547544] =>.Realtek Semiconductor Corp® O58 - SDL:2013/06/24 10:36:52 A . (.Realsil Semiconductor Corporation - RTS PCIE READER Driver.) -- C:\Windows\System32\drivers\RtsPer.sys [418008] =>.Realtek Semiconductor Corp® O58 - SDL:2014/04/11 13:52:14 A . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driverr.) -- C:\Windows\System32\drivers\rtwlane.sys [3402968] =>.Realtek Semiconductor Corp® O58 - SDL:2009/06/10 23:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Rovi Corporation O58 - SDL:2009/07/14 04:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows® O58 - SDL:2014/11/11 14:48:18 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_Intel.sys [33008] =>.Synaptics Incorporated® O58 - SDL:2017/05/18 23:17:28 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver.) -- C:\Windows\System32\drivers\ssudbus.sys [131984] =>.Samsung Electronics Co., Ltd.® O58 - SDL:2017/05/18 23:17:30 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver.) -- C:\Windows\System32\drivers\ssudmdm.sys [166288] =>.Samsung Electronics Co., Ltd.® O58 - SDL:2017/05/18 23:17:44 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Mobile Logging Device Driver.) -- C:\Windows\System32\drivers\ssudserd.sys [166288] =>.Samsung Electronics Co., Ltd.® O58 - SDL:2009/07/14 04:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows® O58 - SDL:2014/11/11 14:48:22 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\Windows\System32\drivers\SynTP.sys [567024] =>.Synaptics Incorporated® O58 - SDL:2016/04/21 12:10:04 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\Windows\System32\drivers\tap0901.sys [27136] =>.The OpenVPN Project O58 - SDL:2013/07/24 18:02:46 A . (.Elaborate Bytes AG - Virtual CloneDrive SCSI miniport.) -- C:\Windows\System32\drivers\VClone.sys [36864] =>.Elaborate Bytes AG O58 - SDL:2009/07/14 04:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows® O58 - SDL:2013/08/02 14:46:46 A . (.Vimicro Corporation - VM0331 Digital Camera Driver.) -- C:\Windows\System32\drivers\vm331avs.sys [1064832] =>.Vimicro Corporation O58 - SDL:2009/07/14 04:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows® ---\\ Last modified or created user files (9) - 129s O61 - LFC: 2018/04/25 00:28:12 A . (.Dobe Systems Incorporated.) -- C:\ProgramData\dahkService\dahkService.exe [2179776] {3C57DB35ADE9A2CCEC04675EED197C82} =>PUP.Optional.Salus O61 - LFC: 2018/04/22 22:49:26 A . (.Copyright (C) 2016 Google Inc..) -- C:\ProgramData\Origin\SelfUpdate\Staged\libEGL_Swift.dll [148992] O61 - LFC: 2018/04/22 22:49:26 A . (.Copyright (C) 2016 Google Inc..) -- C:\ProgramData\Origin\SelfUpdate\Staged\libGLESv2_Swift.dll [5201408] O61 - LFC: 2018/04/25 00:27:56 ASH . (..) -- C:\Users\Wesam\AppData\Local\Elements Browser\ElementsSetup.exe [546816] O61 - LFC: 2018/04/22 22:34:27 A . (..) -- C:\Users\Wesam\AppData\Local\Origin\ThinSetup\10.5.16.49299\libEGL.dll [15360] O61 - LFC: 2018/04/22 22:34:27 A . (.Copyright (C) 2016 Google Inc..) -- C:\Users\Wesam\AppData\Local\Origin\ThinSetup\10.5.16.49299\libEGL_Swift.dll [148992] O61 - LFC: 2018/04/22 22:34:27 A . (..) -- C:\Users\Wesam\AppData\Local\Origin\ThinSetup\10.5.16.49299\libGLESv2.dll [3090944] O61 - LFC: 2018/04/22 22:34:27 A . (.Copyright (C) 2016 Google Inc..) -- C:\Users\Wesam\AppData\Local\Origin\ThinSetup\10.5.16.49299\libGLESv2_Swift.dll [5201408] O61 - LFC: 2018/04/25 00:28:12 A . (.Franchesco Copyright © 2018.) -- C:\Users\Wesam\AppData\Roaming\Windows Manager\vovament.exe [184320] ---\\ File Associations Shell Spawning (10) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (...) -- C:\Windows\System32\WScript.exe "%1" %* =>.Default.Value O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S =>.Default.Value ---\\ Start Menu Internet (8) - 0s O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation ---\\ Search Browser Infection (3) - 0s O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com O69 - SBI: SearchScopes [HKCU] [64Bits]{DAB0CC43-0757-4DB8-A2E4-47A329B54640} - (Google) - http://www.google.com/ =>.Google Inc. O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com ---\\ Search Svchost Services (33) - 1s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [236032] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [794624] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [859648] =>.Microsoft Corporation O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll [680448] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [683520] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2651136] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [30720] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70144] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [156672] =>.Microsoft Corporation O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [67584] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [1110016] =>.Microsoft Corporation O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [90624] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [210432] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [44544] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [193536] =>.Microsoft Corporation ---\\ Firewall Active Exception List (72) - 10s O87 - FAEL: "{2DDD0E89-4700-4E0A-B201-66E3C1E3446C}" [In-None-P6-FALSE] .(...) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "{FB8D2489-BF33-4FB7-8C7D-7D7CAD9BB69C}" [In-None-P17-FALSE] .(...) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "{0B3039A1-6DC9-472D-850C-960D28DFDCEB}" [In-None-P6-TRUE] .(.Rosetta Stone Ltd. - Rosetta Stone Ltd. application.) -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe =>.Rosetta Stone Ltd® O87 - FAEL: "{DCDE1076-7E59-46AA-82AB-D7F2ECEB8136}" [Out-None-P6-TRUE] .(.Rosetta Stone Ltd. - Rosetta Stone Ltd. application.) -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe =>.Rosetta Stone Ltd® O87 - FAEL: "{358E6F7D-225C-4B95-ADD9-53B1EE68BC79}" [In-None-P6-TRUE] .(.Rosetta Stone Ltd. - Rosetta Stone Ltd. application.) -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe =>.Rosetta Stone Ltd® O87 - FAEL: "{39624E03-A5FC-4697-8442-9D55C8A72DF9}" [Out-None-P6-TRUE] .(.Rosetta Stone Ltd. - Rosetta Stone Ltd. application.) -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe =>.Rosetta Stone Ltd® O87 - FAEL: "{08CF0509-2F3D-4BDF-B81C-5C4B98EB669D}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Wesam\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O87 - FAEL: "{E60D7BCE-D51B-4203-962E-7BEAB13E40AA}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Wesam\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O87 - FAEL: "{64479169-BBE6-4BE6-8569-693C1162F1F4}" [In-None-P17-TRUE] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O87 - FAEL: "{9FADAE9C-D749-4CBB-9AC8-8F39BA8C56FB}" [In-None-P6-FALSE] .(...) -- C:\Program Files (x86)\Easy Learning 6.0\Easy Learning.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "{EF332719-C8EF-4724-9B3D-56751CEB2C97}" [In-None-P17-FALSE] .(...) -- C:\Program Files (x86)\Easy Learning 6.0\Easy Learning.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "{37917F60-C5A4-4DDA-9EED-25761DF90E66}" [Out-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Easy Learning 6.0\Easy Learning.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "TCP Query User{EF384023-17F0-4848-B3A1-EAE023DA74C9}C:\program files\java\jre1.8.0_144\bin\java.exe" [In-None-P6-TRUE] .(...) -- C:\program files\java\jre1.8.0_144\bin\java.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "UDP Query User{B08BAEEB-7B0E-47CA-9D17-3DD218A521FE}C:\program files\java\jre1.8.0_144\bin\java.exe" [In-None-P17-TRUE] .(...) -- C:\program files\java\jre1.8.0_144\bin\java.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "{07F5044C-5381-44EB-A610-7253296C9DB1}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\arcai.com\aips.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "{4BA82652-FFA9-46A1-8D5A-DDB269243D23}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\arcai.com\aips.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "{A25B4A59-B1CA-43B5-B71B-7FB5223FECD7}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\arcai.com\netcut_windows.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "{FE001AA8-F6A3-4DBE-8D77-77A996DBC207}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\arcai.com\netcut_windows.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "TCP Query User{C939F4DE-D84F-4944-97AF-03233864DF39}C:\program files\لعبة الكانتر ستريك\hl.exe" [In-None-P6-TRUE] .(...) -- C:\program files\لعبة الكانتر ستريك\hl.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "UDP Query User{A898528F-2B4E-4F78-B55A-0399D8492B25}C:\program files\لعبة الكانتر ستريك\hl.exe" [In-None-P17-TRUE] .(...) -- C:\program files\لعبة الكانتر ستريك\hl.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "{75FA0402-A3DB-438B-A8A8-70C5F43E4A72}" [In-None-P6-FALSE] .(.Kilgray - memoQ.) -- C:\Program Files (x86)\Kilgray\memoQ-2015\MemoQ.exe {0080BC543F1FE8CE1C} O87 - FAEL: "{DFBA981E-7980-4FB9-8354-48B0AC3F9010}" [In-None-P17-FALSE] .(.Kilgray - memoQ.) -- C:\Program Files (x86)\Kilgray\memoQ-2015\MemoQ.exe {0080BC543F1FE8CE1C} O87 - FAEL: "{AE70C000-4DD2-4D95-9D59-C4E03F12EB87}" [In-None-P6-FALSE] .(.Kilgray - memoQ.) -- C:\Program Files (x86)\Kilgray\memoQ-2015\MemoQ.exe {0080BC543F1FE8CE1C} O87 - FAEL: "{469F66DB-BA4F-4332-B82F-AF1CDE822C97}" [In-None-P17-FALSE] .(.Kilgray - memoQ.) -- C:\Program Files (x86)\Kilgray\memoQ-2015\MemoQ.exe {0080BC543F1FE8CE1C} O87 - FAEL: "{C7CC127E-EC5F-446B-9767-A402B9359415}" [In-None-P6-FALSE] .(.Kilgray - memoQ.) -- C:\Program Files (x86)\Kilgray\memoQ-2015\MemoQ32.exe {0080BC543F1FE8CE1C} O87 - FAEL: "{340CD4D1-EF76-43E4-80D5-CE3BF40C7D41}" [In-None-P17-FALSE] .(.Kilgray - memoQ.) -- C:\Program Files (x86)\Kilgray\memoQ-2015\MemoQ32.exe {0080BC543F1FE8CE1C} O87 - FAEL: "{D1E4D695-CB65-434C-9147-C2A471192816}" [In-None-P6-FALSE] .(.Kilgray - memoQ.) -- C:\Program Files (x86)\Kilgray\memoQ-2015\MemoQ32.exe {0080BC543F1FE8CE1C} O87 - FAEL: "{65D9D9B3-ED95-484F-A6A8-A548E5BAA9F7}" [In-None-P17-FALSE] .(.Kilgray - memoQ.) -- C:\Program Files (x86)\Kilgray\memoQ-2015\MemoQ32.exe {0080BC543F1FE8CE1C} O87 - FAEL: "{AEEBDDEB-C515-4C19-A2E2-55965DB051D3}" [In-None-P6-FALSE] .(...) -- C:\Program Files (x86)\Kilgray\memoQ-2015\memoQSearch.exe {0080BC543F1FE8CE1C} O87 - FAEL: "{173F9987-282C-4EB6-B590-87EB8F8DADE2}" [In-None-P17-FALSE] .(...) -- C:\Program Files (x86)\Kilgray\memoQ-2015\memoQSearch.exe {0080BC543F1FE8CE1C} O87 - FAEL: "{41F4FF53-8FB0-48B6-8A2F-9726E2C6619A}" [In-None-P6-FALSE] .(...) -- C:\Program Files (x86)\Kilgray\memoQ-2015\memoQSearch.exe {0080BC543F1FE8CE1C} O87 - FAEL: "{CC53A9E9-392B-4DEB-98E7-C3CF1C81288D}" [In-None-P17-FALSE] .(...) -- C:\Program Files (x86)\Kilgray\memoQ-2015\memoQSearch.exe {0080BC543F1FE8CE1C} O87 - FAEL: "{F9B9592E-6C34-4B70-80E8-744F2D85B2D1}" [In-None-P6-FALSE] .(.Kilgray - MemoQ.CALManager.) -- C:\Program Files (x86)\Kilgray\memoQ CAL Management Tool\memoQ CAL license manager.exe {0080BC543F1FE8CE1C} O87 - FAEL: "{5C508A2D-85D6-4A90-9FB1-815BC08F8776}" [In-None-P17-FALSE] .(.Kilgray - MemoQ.CALManager.) -- C:\Program Files (x86)\Kilgray\memoQ CAL Management Tool\memoQ CAL license manager.exe {0080BC543F1FE8CE1C} O87 - FAEL: "{748D967D-FA8A-4938-B387-6CA437AF7864}" [In-None-P6-FALSE] .(.Kilgray - MemoQ.CALManager.) -- C:\Program Files (x86)\Kilgray\memoQ CAL Management Tool\memoQ CAL license manager.exe {0080BC543F1FE8CE1C} O87 - FAEL: "{64490921-E26E-4F3E-92A3-636F089D81B5}" [In-None-P17-FALSE] .(.Kilgray - MemoQ.CALManager.) -- C:\Program Files (x86)\Kilgray\memoQ CAL Management Tool\memoQ CAL license manager.exe {0080BC543F1FE8CE1C} O87 - FAEL: "{0FCA7E0C-6BDB-4FE4-A870-F00D09817858}" [In-None-P6-FALSE] .(.Microsoft - MemoQ.CP.Client.) -- C:\Program Files (x86)\Kilgray\Content Connector Client\MemoQ.CP.Client.exe =>.Microsoft O87 - FAEL: "{C57004EE-13F9-4C3D-A80F-939E6B07ABF8}" [In-None-P17-FALSE] .(.Microsoft - MemoQ.CP.Client.) -- C:\Program Files (x86)\Kilgray\Content Connector Client\MemoQ.CP.Client.exe =>.Microsoft O87 - FAEL: "{7769BBA3-F653-47FD-BF7E-CC1943ADC99C}" [In-None-P6-FALSE] .(.Microsoft - MemoQ.CP.Client.) -- C:\Program Files (x86)\Kilgray\Content Connector Client\MemoQ.CP.Client.exe =>.Microsoft O87 - FAEL: "{9DB73283-B29F-4EFE-8194-5CB9FD60613E}" [In-None-P17-FALSE] .(.Microsoft - MemoQ.CP.Client.) -- C:\Program Files (x86)\Kilgray\Content Connector Client\MemoQ.CP.Client.exe =>.Microsoft O87 - FAEL: "{D989EE4B-46A6-4583-BB0E-1EDE84A4EDA7}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Faronics\Deep Freeze Enterprise Server\DFServerService.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "{1C1E9471-0620-4A81-A964-CAD42D021002}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Faronics\Deep Freeze Enterprise Server\DFServerService.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "{1C197B36-458B-46ED-947C-0C2C1CBA9705}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Faronics\Deep Freeze Enterprise Server\DFServerService.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "{C8F0D09A-E615-41A0-9DA8-4E2602A29991}" [Out-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Faronics\Deep Freeze Enterprise Server\DFServerService.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "{FA045D3C-F151-4434-9166-79C269168B3F}" [In-None-P6-TRUE] .(.Faronics Corporation - Deep Freeze service.) -- C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe =>.Faronics Corporation O87 - FAEL: "{BFA7F4B7-DD41-4381-A5AC-D96CD3F23266}" [Out-None-P6-TRUE] .(.Faronics Corporation - Deep Freeze service.) -- C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe =>.Faronics Corporation O87 - FAEL: "{7218E3E7-5D23-4797-8CD9-CB91E0CCA2C0}" [In-None-P17-TRUE] .(.Faronics Corporation - Deep Freeze service.) -- C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe =>.Faronics Corporation O87 - FAEL: "{3236B362-842D-4EBF-9D4C-6D90D56FA1CB}" [Out-None-P17-TRUE] .(.Faronics Corporation - Deep Freeze service.) -- C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe =>.Faronics Corporation O87 - FAEL: "{14BB050F-3593-4682-B554-0E1E6BFBAF76}" [In-None-P17-TRUE] .(.Free Time Co., Ltd. - Format Factory EBook Codec Online Installer.) -- C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe =>.Free Time Co., Ltd.® O87 - FAEL: "{029215BE-7F86-45DB-8788-7D3192EB9CAF}" [In-None-P17-TRUE] .(.Free Time Co., Ltd. - FormatFactory.) -- C:\Program Files (x86)\FormatFactory\FormatFactory.exe =>.Free Time Co., Ltd.® O87 - FAEL: "{F1A00190-0686-4106-80E2-42312B40798D}" [In-None-P6-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation® O87 - FAEL: "{E6A0CF77-7D9B-48BA-8ACB-12859C8A615A}" [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation® O87 - FAEL: "{12D206D9-CEF9-4BA1-9944-1C499D295CAE}" [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation® O87 - FAEL: "{52BD0EAF-7AEB-4F27-AC64-E2E67DFC4D0D}" [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation® O87 - FAEL: "{FBAB0266-D149-4BB5-B98E-A083787E602F}" [In-None-P6-TRUE] .(.NVIDIA Corporation - NVIDIA Streamer Server Component.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe =>.NVIDIA Corporation® O87 - FAEL: "{0533A9FE-B232-4127-B6BE-8FB3A75C1F96}" [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Streamer Server Component.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe =>.NVIDIA Corporation® O87 - FAEL: "{4091C9E9-70A2-4DCE-BE11-66BE720AD5D9}" [In-None-P17-TRUE] .(.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O87 - FAEL: "{08216BA9-1EEC-4402-9B34-B39971856BF6}" [In-None-P17-TRUE] .(.CyberLink Corp. - PowerDVD 18.) -- C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD.exe =>.CyberLink Corp.® O87 - FAEL: "{1783E14C-EA36-4CE5-899E-E9F0688165EC}" [In-None-P17-TRUE] .(.CyberLink - Media Server Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe =>.CyberLink Corp.® O87 - FAEL: "{0D5BFB86-4C72-4343-9D90-A0203CB2F9DC}" [In-None-P17-TRUE] .(.CyberLink Corp. - PowerDVD 18.) -- C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe =>.CyberLink Corp.® O87 - FAEL: "{AF53DC76-2735-4090-A743-66F7AC618231}" [In-None-P17-TRUE] .(.CyberLink Corp. - PowerDVD 18.0.) -- C:\Program Files (x86)\CyberLink\PowerDVD18\Movie\PowerDVDMovie.exe =>.CyberLink Corp.® O87 - FAEL: "{50B819E9-C4DB-4889-A90C-6DF9139637C3}" [In-None-P17-TRUE] .(.CyberLink Corp. - CyberLink PowerDVD18.) -- C:\Program Files (x86)\CyberLink\PowerDVD18\CastingStation.exe =>.CyberLink Corp.® O87 - FAEL: "{570250BF-5621-47A1-8868-5142D057F0C8}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "{AA4E7302-8C8E-4CCA-9FAA-01E3F89343C3}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe (.not file.) =>.SUP.Orphan O87 - FAEL: "{26B2D21A-F421-46E9-960C-9D5BA7BED5EB}" [In-None-P6-TRUE] .(.mobogenie.com - downloader.) -- C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe =>.Mobogenie.com O87 - FAEL: "{5AC04279-6F26-4BF1-99A0-C688E97B92A7}" [In-None-P17-TRUE] .(.mobogenie.com - downloader.) -- C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe =>.Mobogenie.com O87 - FAEL: "{1F6458C4-5F1E-4B78-B1FF-AAEC1B7EA903}" [In-None-P6-TRUE] .(.Electronic Arts - Need for Speed™ Payback.) -- C:\Program Files (x86)\Need For Speed Payback\NeedForSpeedPaybackTrial.exe {5BAD6FAB6D18FD2F443F66AAE33E10A8} =>.Electronic Arts O87 - FAEL: "{379066D4-DB7B-4FAB-BE16-75D6ECC86B23}" [In-None-P17-TRUE] .(.Electronic Arts - Need for Speed™ Payback.) -- C:\Program Files (x86)\Need For Speed Payback\NeedForSpeedPaybackTrial.exe {5BAD6FAB6D18FD2F443F66AAE33E10A8} =>.Electronic Arts O87 - FAEL: "{C298ED04-ACC0-403E-BE36-676301E35817}" [In-None-P6-TRUE] .(.Electronic Arts - Need for Speed™ Payback.) -- C:\Program Files (x86)\Need For Speed Payback\NeedForSpeedPayback.exe =>.Electronic Arts O87 - FAEL: "{F367A3DA-E6FC-43A1-ADCF-DA220A3B11D7}" [In-None-P17-TRUE] .(.Electronic Arts - Need for Speed™ Payback.) -- C:\Program Files (x86)\Need For Speed Payback\NeedForSpeedPayback.exe =>.Electronic Arts O87 - FAEL: "{3426D1E9-6A1C-40D1-8EB3-E70E9DB985EB}" [In-None-P6-TRUE] .(.mobogenie.com - downloader.) -- C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe =>.Mobogenie.com O87 - FAEL: "{B37DFB34-6704-42A2-9609-8F63D36A6B11}" [In-None-P17-TRUE] .(.mobogenie.com - downloader.) -- C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe =>.Mobogenie.com ---\\ Product Upgrade Codes (79) - 0s O90 - PUC: "00002109020090400000000000F01FEC" [HKLM] . (.Compatibility Pack for the 2007 Office system.) -- C:\Windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe O90 - PUC: "00002109030000000000000000F01FEC" [HKLM] . (.Microsoft Office Enterprise 2007.) =>Microsoft Corporation O90 - PUC: "000021091A0090400000000000F01FEC" [HKLM] . (.Microsoft Office OneNote MUI (English) 2007.) =>Microsoft Corporation O90 - PUC: "000021092B0090400000000000F01FEC" [HKLM] . (.Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs.) -- C:\Windows\Installer\{90120000-00B2-0409-0000-0000000FF1CE}\expxic.exe =>Microsoft Corporation O90 - PUC: "00002109411090400000000000F01FEC" [HKLM] . (.Microsoft Office Groove Setup Metadata MUI (English) 2007.) =>Microsoft Corporation O90 - PUC: "00002109440090400000000000F01FEC" [HKLM] . (.Microsoft Office InfoPath MUI (English) 2007.) =>Microsoft Corporation O90 - PUC: "00002109510090400000000000F01FEC" [HKLM] . (.Microsoft Office Access MUI (English) 2007.) =>Microsoft Corporation O90 - PUC: "00002109511090400000000000F01FEC" [HKLM] . (.Microsoft Office Shared Setup Metadata MUI (English) 2007.) =>Microsoft Corporation O90 - PUC: "00002109610090400000000000F01FEC" [HKLM] . (.Microsoft Office Excel MUI (English) 2007.) =>Microsoft Corporation O90 - PUC: "00002109611090400100000000F01FEC" [HKLM] . (.Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007.) =>Microsoft Corporation O90 - PUC: "000021096A0090400000000000F01FEC" [HKLM] . (.MDI To TIFF File Converter.) O90 - PUC: "00002109711090400000000000F01FEC" [HKLM] . (.Microsoft Office Access Setup Metadata MUI (English) 2007.) =>Microsoft Corporation O90 - PUC: "00002109810090400000000000F01FEC" [HKLM] . (.Microsoft Office PowerPoint MUI (English) 2007.) =>Microsoft Corporation O90 - PUC: "00002109910090400000000000F01FEC" [HKLM] . (.Microsoft Office Publisher MUI (English) 2007.) =>Microsoft Corporation O90 - PUC: "00002109A10090400000000000F01FEC" [HKLM] . (.Microsoft Office Outlook MUI (English) 2007.) =>Microsoft Corporation O90 - PUC: "00002109A20000000100000000F01FEC" [HKLM] . (.Microsoft Office Office 64-bit Components 2007.) =>Microsoft Corporation O90 - PUC: "00002109A20090400100000000F01FEC" [HKLM] . (.Microsoft Office Shared 64-bit MUI (English) 2007.) =>Microsoft Corporation O90 - PUC: "00002109AB0090400000000000F01FEC" [HKLM] . (.Microsoft Office Groove MUI (English) 2007.) =>Microsoft Corporation O90 - PUC: "00002109B10090400000000000F01FEC" [HKLM] . (.Microsoft Office Word MUI (English) 2007.) =>Microsoft Corporation O90 - PUC: "00002109C20090400000000000F01FEC" [HKLM] . (.Microsoft Office Proofing (English) 2007.) =>Microsoft Corporation O90 - PUC: "00002109E60090400000000000F01FEC" [HKLM] . (.Microsoft Office Shared MUI (English) 2007.) =>Microsoft Corporation O90 - PUC: "00002109F10090400000000000F01FEC" [HKLM] . (.Microsoft Office Proof (English) 2007.) =>Microsoft Corporation O90 - PUC: "00002109F100A0C00000000000F01FEC" [HKLM] . (.Microsoft Office Proof (Spanish) 2007.) =>Microsoft Corporation O90 - PUC: "00002109F100C0400000000000F01FEC" [HKLM] . (.Microsoft Office Proof (French) 2007.) =>Microsoft Corporation O90 - PUC: "00004109500200000000000000F01FEC" [HKLM] . (.Microsoft Office File Validation Add-In.) =>Microsoft Corporation O90 - PUC: "00004159FA0090400000000000F01FEC" [HKLM] . (.Microsoft PowerPoint Viewer.) =>Microsoft Corporation O90 - PUC: "0CE986CFEBF80EE4F9B6C9F676150362" [HKLM] . (.Plagiarism Checker X.) -- C:\Windows\Installer\{FC689EC0-8FBE-4EE0-9F6B-9C6F67513026}\LogoGroup.exe O90 - PUC: "0D741DA1E0EBC6D3CA11466FCD14361F" [HKLM] . (.Microsoft .NET Framework 4.5.) =>Microsoft Corporation O90 - PUC: "1007C6B46D7C017319E3B52CF3EC196E" [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148.) =>Microsoft Corporation O90 - PUC: "1038C85769625584FA5435B4210089A0" [HKLM] . (.Samsung Kies.) -- C:\Windows\Installer\{758C8301-2696-4855-AF45-534B1200980A}\ARPPRODUCTICON.exe =>Samsung Electronics O90 - PUC: "121E2D80A6F7BE3479DF26B944094330" [HKLM] . (.Microsoft_VC90_CRT_x86.) -- C:\Windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe =>Microsoft Corporation O90 - PUC: "15127B44E116D9247956B90A397D4EA8" [HKLM] . (.Intel® Trusted Connect Service Client.) =>Intel Corporation O90 - PUC: "1926E8D15D0BCE53481466615F760A7F" [HKLM] . (.Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219.) =>Microsoft Corporation O90 - PUC: "1A57DEF7C006B493386717E2A288162F" [HKLM] . (.Microsoft Visual C++ 2017 x86 Additional Runtime - 14.12.25810.) =>Microsoft Corporation O90 - PUC: "1af2a8da7e60d0b429d7e6453b3d0182" [HKLM] . (.Microsoft Visual C++ 2005 Redistributable (x64).) =>Microsoft Corporation O90 - PUC: "1C006203FDB61DF44150419892CC3158" [HKLM] . (.Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1419.2).) -- C:\Windows\Installer\{302600C1-6BDF-4FD1-1405-148929CC1385}\IntelBluetoothICO =>Intel Corporation O90 - PUC: "1C2AA9C8A70D8E84D98D74A17092744F" [HKLM] . (.Adobe AIR.) =>Adobe Inc. O90 - PUC: "1D5E3C0FEDA1E123187686FED06E995A" [HKLM] . (.Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219.) =>Microsoft Corporation O90 - PUC: "21EE4A31AE32173319EEFE3BD6FDFFE3" [HKLM] . (.Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005.) =>Microsoft Corporation O90 - PUC: "22BEFC8F7E2A1793E9ADB411DEFE1C58" [HKLM] . (.Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005.) =>Microsoft Corporation O90 - PUC: "24C995FA5E2A15247BEE94521C78DE1D" [HKLM] . (.Hotspot Shield 7.6.4.) O90 - PUC: "4EA42A62D9304AC4784BF2468110170F" [HKLM] . (.Java 8 Update 171 (64-bit).) -- C:\Program Files\Java\jre1.8.0_171\\bin\javaws.exe =>Sun Microsystems O90 - PUC: "60B213FAC5C5E864983BEBD62E467522" [HKLM] . (.Cisco LEAP Module.) =>Cisco Systems, Inc. O90 - PUC: "62DBF9290209B993A9A757D1160F9B24" [HKLM] . (.Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005.) =>Microsoft Corporation O90 - PUC: "67D6ECF5CD5FBA732B8B22BAC8DE1B4D" [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161.) =>Microsoft Corporation O90 - PUC: "68AB67CA3301FFFF7706C0F070E41400" [HKLM] . (.Adobe Acrobat DC.) -- C:\Windows\Installer\{AC76BA86-1033-FFFF-7760-0C0F074E4100}\_SC_Acrobat.ico =>Adobe Inc. O90 - PUC: "68AB67CA408033019195008142622500" [HKLM] . (.Adobe Refresh Manager.) -- C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824265200}\ARPPRODUCTICON.exe =>Adobe Inc. O90 - PUC: "68AB67CA7DA73301B744CAF070E41400" [HKLM] . (.Adobe Acrobat Reader DC.) -- C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\SC_Reader.ico =>Adobe Inc. O90 - PUC: "6A4E5613ED5D0B6458795DE5B228B648" [HKLM] . (.Rosetta Stone Ltd Services.) -- C:\Windows\Installer\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}\StoneyIcon.exe O90 - PUC: "6E0FE4A0219AEDC47A3FE6657E1CA3F2" [HKLM] . (.Cisco PEAP Module.) =>Cisco Systems, Inc. O90 - PUC: "6E815EB96CCE9A53884E7857C57002F0" [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161.) =>Microsoft Corporation O90 - PUC: "6E8D947A316B3EB3F8F540C548BE2AB9" [HKLM] . (.Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005.) =>Microsoft Corporation O90 - PUC: "77EAAEFBF7DB43542B68C9C54B96E71B" [HKLM] . (.PDF Settings CS6.) O90 - PUC: "7810FB462D3FB89499AE61A39FEAE69C" [HKLM] . (.Cisco EAP-FAST Module.) =>Cisco Systems, Inc. O90 - PUC: "7A948DC21A686A438B9F7DF2B5129AEA" [HKLM] . (.Microsoft Visual C++ 2017 x64 Additional Runtime - 14.12.25810.) =>Microsoft Corporation O90 - PUC: "7C9F8B73BF303523781852719CD9C700" [HKLM] . (.Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030.) =>Microsoft Corporation O90 - PUC: "84b9c17023c712640acaf308593282f8" [HKLM] . (.Microsoft Visual C++ 2005 Redistributable (x64).) =>Microsoft Corporation O90 - PUC: "91785D291CBB3CC40AB8659C8E48CCC2" [HKLM] . (.Microsoft_VC80_CRT_x86.) -- C:\Windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe =>Microsoft Corporation O90 - PUC: "981CB6B6606D7CB479856E3C467FA655" [HKLM] . (.Rosetta Stone TOTALe.) -- C:\Windows\Installer\{6B6BC189-D606-4BC7-9758-E6C364F76A55}\StoneyIcon.exe O90 - PUC: "A089CE062ADB6BC44A720BA745894BAC" [HKLM] . (.Google Update Helper.) =>Google Inc. O90 - PUC: "A419E7B35D3992A429BBFAC8F3664C13" [HKLM] . (.Skype™ 7.40.) -- C:\Windows\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe =>Skype Technologies O90 - PUC: "b25099274a207264182f8181add555d0" [HKLM] . (.Microsoft Visual C++ 2005 Redistributable.) =>Microsoft Corporation O90 - PUC: "BE25982827556663C89A00B0C67E3905" [HKLM] . (.Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.12.25810.) =>Microsoft Corporation O90 - PUC: "C025571B2A687A53689168CD7369889B" [HKLM] . (.Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030.) =>Microsoft Corporation O90 - PUC: "c1c4f01781cc94c4c8fb1542c0981a2a" [HKLM] . (.Microsoft Visual C++ 2005 Redistributable.) =>Microsoft Corporation O90 - PUC: "C3AEB2FCAE628F23AAB933F1E743AB79" [HKLM] . (.Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030.) =>Microsoft Corporation O90 - PUC: "CDA2E99C7430E6336A301F99B2905D28" [HKLM] . (.Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.12.25810.) =>Microsoft Corporation O90 - PUC: "CFD2C1F142D260E3CB8B271543DA9F98" [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148.) =>Microsoft Corporation O90 - PUC: "D20352A90C039D93DBF6126ECE614057" [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17.) =>Microsoft Corporation O90 - PUC: "DC8A59DBF9D1DA5389A1E3975220E6BB" [HKLM] . (.Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030.) =>Microsoft Corporation O90 - PUC: "E31C3AA213508B14EA84EA829C048A90" [HKLM] . (.Microsoft Security Client.) =>Microsoft Corporation O90 - PUC: "F60730A4A66673047777F5728467D401" [HKLM] . (.Java Auto Updater.) =>Sun Microsystems O90 - PUC: "F716F4F05D8E3A640A9F345815283A1B" [HKLM] . (..) O90 - PUC: "89ACA35070B60DD4D93B5FE1E31B87C0" [HKCU] . (.Lenovo Patch Utility 64 bit.) -- %APPDATA%\Microsoft\Installer\{053ACA98-6B07-4DD0-9DB3-F51E3EB1780C}\ARPPRODUCTICON.exe O90 - PUC: "A4B6BF6C87313DC4C93D24AB96CFDB34" [HKCU] . (.Lenovo Patch Utility.) -- %APPDATA%\Microsoft\Installer\{C6FB6B4A-1378-4CD3-9CD3-42BA69FCBD43}\ARPPRODUCTICON.exe O90 - PUC: "EB4A344B886EDB341B2576423A48731B" [HKCU] . (.Grammarly for Microsoft® Office Suite.) -- %APPDATA%\Microsoft\Installer\{B443A4BE-E688-43BD-B152-6724A38437B1}\grammarly.ico =>Microsoft Corporation O90 - PUC: "89ACA35070B60DD4D93B5FE1E31B87C0" [HKU] . (.Lenovo Patch Utility 64 bit.) -- %APPDATA%\Microsoft\Installer\{053ACA98-6B07-4DD0-9DB3-F51E3EB1780C}\ARPPRODUCTICON.exe O90 - PUC: "A4B6BF6C87313DC4C93D24AB96CFDB34" [HKU] . (.Lenovo Patch Utility.) -- %APPDATA%\Microsoft\Installer\{C6FB6B4A-1378-4CD3-9CD3-42BA69FCBD43}\ARPPRODUCTICON.exe O90 - PUC: "EB4A344B886EDB341B2576423A48731B" [HKU] . (.Grammarly for Microsoft® Office Suite.) -- %APPDATA%\Microsoft\Installer\{B443A4BE-E688-43BD-B152-6724A38437B1}\grammarly.ico =>Microsoft Corporation ---\\ Windows Installer Scan (33) - 38s [MD5.F5683A237DE586FF2A2E522DE64827F1] [WIS][2018/04/10 16:48:48] (.AnchorFree Inc. - Hotspot Shield 7.6.4.) -- C:\Windows\Installer\11c6ace.msi [22446080] =>.AnchorFree Inc. [MD5.D739D6547F1C38BD7FF376CFD13E1181] [WIS][2017/03/25 11:12:35] (.Plagiarism Checker X, LLC - Plagiarism Checker X.) -- C:\Windows\Installer\1365901.msi [2161664] [MD5.8DB22B85C6207C522F9E1904A41FF38F] [WIS][2013/05/16 16:05:56] (.Intel Corporation - Intel(R) Trusted Connect Service Client.) -- C:\Windows\Installer\13de23.msi [7933952] =>.Intel Corporation [MD5.536A7A1F384F85DE40D8B6E00107598E] [WIS][2018/04/22 14:08:42] (.Oracle Corporation - Java SE Runtime Environment 8 Update 171.) -- C:\Windows\Installer\1b0755.msi [39620608] =>.Oracle Corporation [MD5.EFAFE089C4933ED9F788AD68EEA4FE57] [WIS][2018/04/22 14:08:42] (.Oracle Corporation - Java Auto Updater.) -- C:\Windows\Installer\1b0762.msi [761856] =>.Oracle Corporation [MD5.2145D5A402DDF391EE9AF0665304B9A6] [WIS][2017/09/18 10:33:42] (.Adobe Systems Incorporated - Adobe AIR Installer.) -- C:\Windows\Installer\1e86c7.msi [45056] =>.Adobe Systems Incorporated [MD5.23B97F4BEDD554D3F629B60637AFC936] [WIS][2015/03/17 11:42:22] (.Adobe Systems Incorporated.) -- C:\Windows\Installer\3115af.msi [2792960] =>.Adobe Systems Incorporated [MD5.E4AF16B0574B2598AADD353A35A3722B] [WIS][2012/04/05 22:23:00] (.Adobe - InstallShield® 12 - Premier Edition 12.0.) -- C:\Windows\Installer\728211.msi [2211328] =>.Adobe [MD5.78B41A323699DAF1C25265890733BE26] [WIS][2012/04/05 22:23:00] (.Adobe - InstallShield® 12 - Premier Edition 12.0.) -- C:\Windows\Installer\728217.msi [1997312] =>.Adobe [MD5.5EE609A2EEC40D710274413D4DD40ABB] [WIS][2012/04/05 22:22:57] (.Adobe Systems Incorporated - PDF Settings CS6.) -- C:\Windows\Installer\728232.msi [2259968] =>.Adobe Systems Incorporated [MD5.F0628F319D7AAE11286B944829E9C9D6] [WIS][2018/02/20 18:29:49] (.Samsung Electronics Co., Ltd..) -- C:\Windows\Installer\742c4b.msi [70320640] =>.Samsung Electronics Co., Ltd. [MD5.F3393D3FF18B824864B806E0B86F0A67] [WIS][2012/11/08 08:30:52] (.Cisco Systems, Inc..) -- C:\Windows\Installer\7b80d.msi [1559552] =>.Cisco Systems, Inc. [MD5.626978BF496BABC1E6F1464D697B707D] [WIS][2012/11/08 08:39:00] (.Cisco Systems, Inc..) -- C:\Windows\Installer\7b813.msi [1304064] =>.Cisco Systems, Inc. [MD5.3FC36EF669376540BB082615F9ECADB2] [WIS][2012/11/08 08:37:52] (.Cisco Systems, Inc..) -- C:\Windows\Installer\7b819.msi [836608] =>.Cisco Systems, Inc. [MD5.C2791BBBF63FC2CE323F9D134C06ACAB] [WIS][2012/07/24 21:53:42] (.Rosetta Stone Ltd. - Rosetta Stone Ltd. installer.) -- C:\Windows\Installer\888685.msi [969216] =>.Rosetta Stone Ltd. [MD5.12154568109F1B425E9CD11D897D0F81] [WIS][2012/07/24 21:53:36] (.Rosetta Stone, Ltd - Rosetta Stone TOTALe.) -- C:\Windows\Installer\88868b.msi [512512] =>.Rosetta Stone, Ltd [MD5.35614D3EDD0E0ECC1E58F1434517920F] [WIS][2018/01/29 00:18:54] (.Grammarly - The Grammarly add-in for Microsoft® Office .) -- C:\Windows\Installer\88de39.msi [638976] =>.Grammarly [MD5.3768DC32CC8229651C0F8356B87C4FE3] [WIS][2014/05/30 18:04:54] (.Intel Corporation - Intel(R) PROSet/Wireless Software for Bluet.) -- C:\Windows\Installer\9ffc4.msi [34598912] =>.Intel Corporation [MD5.B481CDD721328826410A7F39454DD9BF] [WIS][2013/08/05 13:22:36] (.PeterZeng; lenovo - Lenovo Patch Utility.) -- C:\Windows\Installer\9ffca.msi [3346944] [MD5.9E7AA4DA5500974EC2324A870AF209D4] [WIS][2013/08/05 13:22:48] (.Peter Zeng,Lenovo - Lenovo Patch Utility 64 bit.) -- C:\Windows\Installer\9ffd0.msi [3495936] =>.Peter Zeng,Lenovo [MD5.E53FA74C34A43723EBCCAAFFB7313247] [WIS][2018/01/14 20:29:26] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\b00dc.msi [45522944] =>.Skype Technologies S.A. [MD5.7C3CB3CBA11691D8CF040D9390A7586D] [WIS][2015/03/17 12:06:42] (.Adobe Systems Incorporated - Installers.) -- C:\Windows\Installer\c5c26c.msi [12911616] =>.Adobe Systems Incorporated [MD5.7F9BBDB60B98B6AB6A09446AFADA65CB] [WIS][2018/02/27 20:10:57] (.Adobe Systems Incorporated - Adobe ARM Installer.) -- C:\Windows\Installer\d6bce8.msi [884736] =>.Adobe Systems Incorporated [MD5.F0EE2E7F283866A2A0FEA9BE2D12A979] [WIS][2017/11/15 06:30:32] (.Google Inc. - Google Update Helper.) -- C:\Windows\Installer\f90b1.msi [40960] =>.Google Inc. [MD5.CF478CA41BB57CA934019B65FCD35FB2] [WIS][2017/08/11 13:05:31] (.Adobe Systems, Incorporated.) -- C:\Windows\Installer\1559c1.msp [100052992] =>.Adobe Systems, Incorporated [MD5.B5B294D6E8CF1D6C89EC5F6CC580C8CE] [WIS][2017/04/05 05:14:23] (.Adobe Systems, Incorporated.) -- C:\Windows\Installer\3115b0.msp [92508160] =>.Adobe Systems, Incorporated [MD5.A58EAEAA86B7D4FA1891CA2EEDDCA3DD] [WIS][2018/02/12 17:26:08] (.Adobe Systems, Incorporated.) -- C:\Windows\Installer\5b379.msp [103362560] =>.Adobe Systems, Incorporated [MD5.82F476D2A7125BB7EBF5A2A657BAB293] [WIS][2017/11/13 07:26:16] (.Adobe Systems, Incorporated.) -- C:\Windows\Installer\bbf8f.msp [23506944] =>.Adobe Systems, Incorporated [MD5.A9095FC652E0273E10F1D9481C59067D] [WIS][2018/02/23 16:25:19] (.Adobe Systems, Incorporated.) -- C:\Windows\Installer\c0543.msp [1343488] =>.Adobe Systems, Incorporated [MD5.C0DAFFDDF7FD6A4D592EF5D5080CDFCF] [WIS][2017/01/10 12:10:28] (.Adobe Systems, Incorporated.) -- C:\Windows\Installer\c5c72f.msp [205488128] =>.Adobe Systems, Incorporated [MD5.0762EDB0E4C8D62A4328C3360BC7AD2C] [WIS][2017/07/11 07:57:12] (.Adobe Systems, Incorporated.) -- C:\Windows\Installer\c5d93.msp [1732608] =>.Adobe Systems, Incorporated [MD5.77AB51250501ADDD4D491DECDB6121FD] [WIS][2017/08/28 19:40:46] (.Adobe Systems, Incorporated.) -- C:\Windows\Installer\ccb25d.msp [2424832] =>.Adobe Systems, Incorporated [MD5.3617A09ABC822D955214EBE86A991CF3] [WIS][2017/11/29 13:42:28] (.Adobe Systems, Incorporated.) -- C:\Windows\Installer\d2763.msp [1355776] =>.Adobe Systems, Incorporated ---\\ FEATURE CONTROLE. (1) - 0s [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:MemoQ.exe ---\\ Additional Scan (O88) (425) - 22s HKLM\SYSTEM\CurrentControlSet\Services\dahkService =>PUP.Optional.Salus C:\ProgramData\dahkService\dahkService.exe =>PUP.Optional.Salus HKLM\SYSTEM\CurrentControlSet\Services\saiyitechnology =>Hijacker.Browser C:\ProgramData\yahoochrome_D\desktop244.exe =>Hijacker.Browser C:\Windows\System32\Tasks\DriverToolkit Autorun =>.SUP.DriverToolkit C:\Program Files (x86)\Babylon =>Adware.Babylon C:\Program Files (x86)\Mobogenie3\Mobogenie.exe =>Adware.Wizzcaster C:\Program Files (x86)\Mobogenie3 =>Adware.Wizzcaster C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobogenie3 =>Adware.Wizzcaster C:\ProgramData\Babylon =>Adware.Babylon C:\ProgramData\dahkService =>PUP.Optional.Salus C:\Users\Wesam\AppData\Roaming\Babylon =>Adware.Babylon C:\Users\Wesam\AppData\Local\AdvinstAnalytics =>.SUP.Various C:\Users\Wesam\AppData\Local\Babylon =>Adware.Babylon C:\Users\Wesam\AppData\Local\DriverToolkit =>.SUP.DriverToolkit C:\Users\Wesam\AppData\Local\FileViewPro =>.SUP.Solvusoft C:\Users\Wesam\AppData\Local\Tempzxpsign0002ec461140c17e =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign0082987500555a3f =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign00a14bb3775bb69e =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign02f5bf11c3cc421a =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign038a0d639a83ab8b =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign0439cc0b3e1876be =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign050169fb121f7f79 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign07c999c33eac25cc =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign099acefd4f51934a =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign0ae0ad52f67255cd =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign0b7dda1b6d858cd2 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign0bde96e0543f30cb =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign0ecc66105b0a1f25 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign117fe0c326524c8d =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign11880036d8fbefa2 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign137945866463b339 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign13d1235bdd1f7c8b =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign1507c29505492394 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign161b9bfe0e29062c =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign16a798110246cb8e =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign173346c20ce5e033 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign192058ea53b8608c =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign195394624dc3f4f2 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign1b1e739acc9970f8 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign1c2cd05a8a9fd702 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign1d30f84c5bee17c2 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign1d425337e8a92ced =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign1f2058871850b9d8 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign1f237da12092b3cb =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign2170871966b31972 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign24fcfc4b445f6b80 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign25467a36cd1b31ac =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign259c454fc3805ab5 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign2602799b9aac0b64 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign26f54dcb41f8f671 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign28965af40b0308b8 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign28f8f77eeb98812b =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign292f154b0bfe7d06 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign2a1b98644918b654 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign2be47d9d1a5196d8 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign2c0e6e483d488e93 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign2f67ab44b80ef61b =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign34aa418f6e8cc925 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign352f4ed7b3d1611d =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign36517260b875eea7 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign36692e20fc8d61fd =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign399f8e98e0f87682 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign3c249854549710fe =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign40ce28c6aa838a05 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign4451b66ccbcfac2d =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign44d895c829830dc2 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign44f22f2078799a65 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign47c297733ebb8d8a =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign47d6b7fe4fcaddf4 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign48baaed809e41da3 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign4aaae85d2efcb80e =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign4b3df73f4181feb9 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign4c5024046d70351e =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign4e3759bf07f7e359 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign4f4a1cf0730918f9 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign50e14511879e8553 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign50e45669cf9fe2c1 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign527831b5033e9428 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign53d91c12a0095f99 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign559efe8ef36b89e4 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign59df4e5ce5c245e4 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign5a97f538b809d5b6 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign5b79e904813fdc70 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign5b8ee417ee050b7c =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign5cbf1a9456bfb4e8 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign5d38abe0fe742131 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign5d9ce6e9bc029698 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign5e61c286c0a57e2e =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign5fc6110c0a9abebb =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign60f2f36f9669ce24 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign62ea79a190022b64 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign63905dd2b932872c =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign63bff509065038ff =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign63eb08183fc4c83f =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign6409257059a4f08f =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign65cfc65d271e59a7 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign668a7c404f8afdba =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign695e2ebe76f0a862 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign6a811ea321a8c76e =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign6a813994dec428ad =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign6b6df2b8aba863da =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign6d135b335633bae9 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign6f2d7a25d26cf4a3 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign6f746b1d7e65e34f =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign73d281dcc704e879 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign744efffa8cd4d048 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign761c532f516e09ef =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign764eebfa2c50db43 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign77ee0410e32b60b3 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign797e282e58b9d3fe =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign7a1b0d6c90f53373 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign7a8ee628f7ed1d17 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign7de33cb95f662ca0 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign7de70720bba62332 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign7fbed50bbb9c3c1c =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign83826f40e2238e16 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign8525b0a28a580301 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign8603aa44d8038b05 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign86793c1d0dbf6c90 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign86b6b02fb2f524a4 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign887b9a5f5e9212b9 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign893498378c1288ef =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign8ab2ebde4d319ecc =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign8c12a219a211e4f5 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign8c9577d627e1126a =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign8e01a9797804b01e =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign8e785e1e5e47dafc =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign8e8940c3d7c5fa69 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign8f4da9261b080b6f =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign90d353792eeb35f0 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign92842826110537dd =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign92a4a6f9fa5f7250 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign92b620b2cf414976 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign930362998553df16 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign940db853ef6728e8 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign942dac12e9bccf44 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign95719b2cfd7a1113 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign97e0993653c6c599 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign980d0d9bb5c575b6 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsign9a01ce003661b7ad =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigna07ce06372a6b5b8 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigna17fd4f36d9c64c5 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigna2d52a731b2354da =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigna3fd8639799d22fe =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigna5b77ecb2d277ea6 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigna7e0f0655d05562b =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigna87497560b3032a4 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignaaabfd99aab03e6c =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignaadb22c5fa63c071 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignab0b2e4be154587c =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignab1ef182c82d40b1 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignabc2d9a95771c8cb =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignad7911bf3f0a2f6b =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignb0c928a1c6318fb7 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignb2a04bf926a2c932 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignb2bbece268933f7b =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignb451031e7339bb9b =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignb4d148f011e582cf =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignb5d7272646982ed3 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignb6aad48fdfdff958 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignb8863365c585dca9 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignb9d8fb6d759d0cea =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignba0dbf5ce2eeb648 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignba37b35aea2d43bb =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignbbc2ed5b6fb7738f =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignbbe6617924872161 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignbc2e7b35c85b4772 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignc00fb2b5593ce820 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignc0d4f95e5a354f50 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignc1ae7a821d65335d =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignc38f6df21462fdcd =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignc435db13e7a5073e =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignc437ffcbfabb842c =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignc44fe9f4e812c645 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignc51ef1d2395fbe39 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignc6269cd0f916bdf6 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignc6b4f0969c29eb04 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignc76d8e8a3e0b0db0 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigncd55827469198f4c =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigncd69574ec9673276 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigncda545342c8a1883 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignd033b3b4746f40f0 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignd1b23dfd9c05aa6d =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignd22ea30b3d0f2fb5 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignd298c561d7d7d1f7 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignd2eeca5151932a36 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignd4057593f53a4974 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignd4368d2813f3761f =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignd4b5cc5a5507154d =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignd4eaee40641d5e2c =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignd53e2727d0a8cdeb =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignd8f0cfa668820dfb =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignd90c690c3ecab8fa =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignd9319a2ca7da4354 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignd9bb56417d7825e4 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignda3e33300413f10e =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignda49146b421f348f =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigndcc752a0350965d7 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignde5cf215a4a7cb07 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigndf455aab1d3bbd76 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigndf998661eabbe091 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigne1be20c882eca29c =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigne22641c1d4d656dc =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigne263e120406c9332 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigne28541da3c89a15c =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigne291e6cb249cd6e0 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigne858a39d9777095d =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignea0f43a411dd53c1 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignea92d428a1d728f2 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignead7e8a8711bcbdd =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsigneb4a29d38cf1aa37 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignebd3cbee5405b4f7 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignec35eae06f90a591 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignec598cbe09049d09 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignede6ec999d82dac7 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignee654693edbaa05b =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignee65683ecd0527a5 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignee83df4ac670b630 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignef64f43305b3d311 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignf2534cb9e956d108 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignf32f05f07ca98ac3 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignf49314dd7335312b =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignf756d0448be877a1 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignf800866832a6030a =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignfa4bf3ab777738fc =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignfb3cb1293d0d9295 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignfb9e218f28abf88e =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignfbe49ee12b7eb08c =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignfc000a08c54b2174 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignfe291719fb9245f0 =>.SUP.Temporary C:\Users\Wesam\AppData\Local\Tempzxpsignfe814afa1d8501cf =>.SUP.Temporary HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>.SUP.Orphan HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX =>.SUP.Orphan HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} =>.SUP.Orphan HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX =>.SUP.Orphan HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX =>.SUP.Orphan HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX =>.SUP.Orphan HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX =>.SUP.Orphan C:\Windows\System32\drivers\butldsk.sys =>Trojan.CoreBot C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_adobe-flash-player.en.softonic.com_0.localstorage =>.SUP.Softonic C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_adobe-flash-player.en.softonic.com_0.localstorage-journal =>.SUP.Softonic C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_imo.en.softonic.com_0.localstorage =>.SUP.Softonic C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_imo.en.softonic.com_0.localstorage-journal =>.SUP.Softonic C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_swf-player.en.softonic.com_0.localstorage =>.SUP.Softonic C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_swf-player.en.softonic.com_0.localstorage-journal =>.SUP.Softonic C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_uhytajrtpo-a.akamaihd.net_0.localstorage =>.SUP.AkamaiHD C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_uhytajrtpo-a.akamaihd.net_0.localstorage-journal =>.SUP.AkamaiHD C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bringmesports.dl.myway.com_0.localstorage =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bringmesports.dl.myway.com_0.localstorage-journal =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bringmesports.dl.tb.ask.com_0.localstorage =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bringmesports.dl.tb.ask.com_0.localstorage-journal =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_couponxplorer.dl.myway.com_0.localstorage =>.SUP.CouponXplorer C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_couponxplorer.dl.myway.com_0.localstorage-journal =>.SUP.CouponXplorer C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_couponxplorer.dl.tb.ask.com_0.localstorage =>.SUP.CouponXplorer C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_couponxplorer.dl.tb.ask.com_0.localstorage-journal =>.SUP.CouponXplorer C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_flightsearchapp.dl.myway.com_0.localstorage =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_flightsearchapp.dl.myway.com_0.localstorage-journal =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_flightsearchapp.dl.tb.ask.com_0.localstorage =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_flightsearchapp.dl.tb.ask.com_0.localstorage-journal =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_free.fromdoctopdf.com_0.localstorage =>.SUP.FromDocToPDF C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_free.fromdoctopdf.com_0.localstorage-journal =>.SUP.FromDocToPDF C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.myway.com_0.localstorage =>.SUP.FromDocToPDF C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.myway.com_0.localstorage-journal =>.SUP.FromDocToPDF C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.tb.ask.com_0.localstorage =>.SUP.FromDocToPDF C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.tb.ask.com_0.localstorage-journal =>.SUP.FromDocToPDF C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gamingwonderland.dl.myway.com_0.localstorage =>PUP.Optional.Browser C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gamingwonderland.dl.myway.com_0.localstorage-journal =>PUP.Optional.Browser C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gamingwonderland.dl.tb.ask.com_0.localstorage =>PUP.Optional.Browser C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gamingwonderland.dl.tb.ask.com_0.localstorage-journal =>PUP.Optional.Browser C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_getformsonline.dl.tb.ask.com_0.localstorage =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_getformsonline.dl.tb.ask.com_0.localstorage-journal =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gifables.dl.tb.ask.com_0.localstorage =>Toolbar.Ask C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gifables.dl.tb.ask.com_0.localstorage-journal =>Toolbar.Ask C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_howtosimplified.dl.tb.ask.com_0.localstorage =>Toolbar.Ask C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_howtosimplified.dl.tb.ask.com_0.localstorage-journal =>Toolbar.Ask C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_internetspeedtracker.dl.myway.com_0.localstorage =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_internetspeedtracker.dl.myway.com_0.localstorage-journal =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_internetspeedtracker.dl.tb.ask.com_0.localstorage =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_internetspeedtracker.dl.tb.ask.com_0.localstorage-journal =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_myradioaccess.dl.myway.com_0.localstorage =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_myradioaccess.dl.myway.com_0.localstorage-journal =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_myradioaccess.dl.tb.ask.com_0.localstorage =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_myradioaccess.dl.tb.ask.com_0.localstorage-journal =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_newtabtv.com_0.localstorage =>Adware.NewTabTV C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_newtabtv.com_0.localstorage-journal =>Adware.NewTabTV C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_notehomepage.dl.tb.ask.com_0.localstorage =>Toolbar.Ask C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_notehomepage.dl.tb.ask.com_0.localstorage-journal =>Toolbar.Ask C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_putlocker.io_0.localstorage =>PUP.Optional.PutLocker C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_putlocker.io_0.localstorage-journal =>PUP.Optional.PutLocker C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_putlockers.tv_0.localstorage =>PUP.Optional.PutLocker C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_putlockers.tv_0.localstorage-journal =>PUP.Optional.PutLocker C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.newtabtvsearch.com_0.localstorage =>Adware.NewTabTV C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.newtabtvsearch.com_0.localstorage-journal =>Adware.NewTabTV C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_translationbuddy.dl.tb.ask.com_0.localstorage =>Toolbar.Ask C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_translationbuddy.dl.tb.ask.com_0.localstorage-journal =>Toolbar.Ask C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.myway.com_0.localstorage =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.myway.com_0.localstorage-journal =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.tb.ask.com_0.localstorage =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.tb.ask.com_0.localstorage-journal =>.SUP.MindSpark C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.plusnetwork.com_0.localstorage =>PUP.Optional.PlusNetwork C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.plusnetwork.com_0.localstorage-journal =>PUP.Optional.PlusNetwork C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\002 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\003 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\004 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\005 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\006 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\010 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\011 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\012 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\013 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\014 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\015 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\016 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\017 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\018 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\019 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\020 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\021 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\022 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\023 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\024 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\025 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\026 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\027 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\028 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\029 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\030 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\031 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\032 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\033 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\034 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\035 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\036 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\037 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\038 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\039 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\040 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\041 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\042 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\043 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\044 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\045 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\046 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\047 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\048 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\049 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\050 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\051 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\052 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\053 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\054 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\055 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\056 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\057 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\058 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\059 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\060 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\061 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\062 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\063 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\064 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\065 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\066 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\067 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\068 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\069 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\070 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\071 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\072 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\073 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\074 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\075 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\076 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\077 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\078 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\079 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\080 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\081 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\082 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\083 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\084 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\085 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\086 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\087 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\088 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\089 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\090 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\091 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\092 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\093 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\094 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\095 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\096 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\097 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\098 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\099 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\100 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\101 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\102 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\103 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\104 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\105 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\106 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\107 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\108 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\109 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\110 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\111 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\112 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\113 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\114 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\115 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\116 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\117 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\118 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\119 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\120 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\121 =>.SUP.Temporary.Chrome C:\Users\Wesam\AppData\Local\Google\Chrome\User Data\Default\File System\122 =>.SUP.Temporary.Chrome ---\\ Summary of the elements found (25) - 0s https://nicolascoolman.eu/2017/09/07/pup-optional-salus/ =>PUP.Optional.Salus https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser https://nicolascoolman.eu/2017/10/13/adware-tasksredirect/ =>Adware.TasksRedirect https://nicolascoolman.eu/2017/09/12/origine-lignes-orphelines/ =>.SUP.Orphan https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.DriverToolkit https://nicolascoolman.eu/2017/10/05/sup-browserextension/ =>.SUP.BrowserExtension https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P) https://nicolascoolman.eu/2017/09/19/adware-installcore-3/ =>Adware.InstallCore https://nicolascoolman.eu/2017/03/03/adware-babylon/ =>Adware.Babylon https://nicolascoolman.eu/2017/09/15/adware-wizzcaster/ =>Adware.Wizzcaster https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Various https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Solvusoft https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Trojan.CoreBot https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Softonic https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ =>.SUP.AkamaiHD https://nicolascoolman.eu/2017/01/15/superfluous-mindspark/ =>.SUP.MindSpark https://nicolascoolman.eu/2017/11/09/sup-couponxplorer/ =>.SUP.CouponXplorer https://nicolascoolman.eu/2017/12/02/sup-fromdoctopdf/ =>.SUP.FromDocToPDF https://nicolascoolman.eu/2017/01/26/hijacker-browser/ =>PUP.Optional.Browser https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware.NewTabTV https://www.nicolascoolman.com/fr/spyware-putlocker/ =>PUP.Optional.PutLocker https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.PlusNetwork https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Chrome ~ Unselected Options: O82, ~ End of the scan, 11277 items in 04mn49s (2410)(0)