Start::
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] . (. - .) -- Teams.exe
O4 - HKCU\..\Run: [Discord] . (. - .) -- Discord.exe
O4 - HKUS\S-1-5-21-2605194543-985791352-2678761907-1001\..\Run: [com.squirrel.Teams.Teams] . (. - .) -- Teams.exe
O4 - HKUS\S-1-5-21-2605194543-985791352-2678761907-1001\..\Run: [Discord] . (. - .) -- Discord.exe
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:LDNews
[HKEY_USERS\S-1-5-21-2605194543-985791352-2678761907-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:LDNews
d:\Program Files\ibxupdater.exe
d:\Program Files\ImpotExpert.exe
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\035
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\036
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\063
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\065
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\066
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\067
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\068
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\071
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\072
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\073
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\074
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\075
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\076
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\077
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\078
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\079
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\080
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\081
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\082
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\083
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\084
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\085
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\086
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\087
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\088
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\089
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\090
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\091
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\092
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\093
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\094
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\095
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\096
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\097
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\098
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\099
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\100
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\101
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\102
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\103
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\104
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\105
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\106
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\107
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\108
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\109
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\110
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\111
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\112
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\113
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\114
d:\Users\danso\AppData\Local\Google\Chrome\User Data\Default\File System\Plugins
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\starcraft ii\versions\base83830\sc2_x64.exe.FriendlyAppName
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\starcraft ii\versions\base83830\sc2_x64.exe.ApplicationCompany
[HKU\S-1-5-21-2605194543-985791352-2678761907-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\starcraft ii\versions\base83830\sc2_x64.exe.FriendlyAppName
[HKU\S-1-5-21-2605194543-985791352-2678761907-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\starcraft ii\versions\base83830\sc2_x64.exe.ApplicationCompany
C:\WINDOWS\capicom.dll
EmptyPrefetch
EmptyClsid