Solved My pc, and now the android infected

[BoucherDeFrance3]

Hi all,

My configuration is:
Pc 1: Samsung galaxy book
Antivirus: adaware total security
Antispyware: comodo
Ram: 4gb

PC 2: monitor: acer r1 series

Android phone: Huawei y8 2018
Android antivirus: lookout

and i have bugs & malwares installed on all my comodo virtual desktops: the containment & the secure shopping, which makes impossibility to make online shopping

bugs & malwares in the infected virtual desktop of containment (comodo sandbox)--:
-reimage
-yara editor trial
-diffview trial
-techtoolstore->privazer
-tuneup360
-audio/video to exe
-registry first aid
-smart privacy cleaner
-if/when i try again to reinstall the virtual desktop of comodo sandbox: impossible->error of installation of microsoft siverlight

and the bugs & infections installed in the virtual desktop of comodo secure shopping:
-pchelpsoft pc cleaner
-spyhunter
-radiorage en page d'accueil
-systools pdf bates numberer
-wondershare 1-click pc care


android emulated on my Windows of my two computers on MEmu are infected by the malicious apps on/of that link:

breakingnews.fr/technologie/supprimez-ces-applications-android-desagreables-qui-peuvent-se-connecter-a-vos-comptes-google-et-facebook-des-maintenant-220819.html

which infected the two pc, memu, hijacked and hacked my gmail accounts,

because of that infections &bbugs, camtasia/snagit freezes and crash,

have also two bugs on two others devices (ray) : the 64 GB SD Card & the Acer R1 Series Monitor:





i have bug on acer r1 series monitor on desktop pc:
if/when i turn on the screen it's takes between 10 minutes & 1 hour to turn on the screen (longtime black screen with at certains time a energy star logo)



the 64 GB sd infected it's impossible to take with sony cybershot my important video the april 10Th:
"database error"

i have thèses apps ans bugs on the six disks below:



Disk comodo rescue disk micro usb black: Boot error on grub of comodo bootable rescue disk + comodo cleaning essentials 64 installed



Disk comodo rescue disk usb green: Boot error on grub of comodo bootable rescue disk + comodo cleaning essentials 64 installed



Disk recovery system cyberlink power2go micro usb green: Error to create bootable with data of C:/ recovery' disk with cyberlink power2go ans Windows ADK + comodo cleaning essentials 64 installed



Disk recovery system cyberlink power2go usb purple: Error to create bootable with data of C:/ recovery' disk with cyberlink power2go ans Windows ADK + comodo cleaning essentials 64 installed



Disk ad aware rescue disk micro usb red: If i boot on it, the commandline of bootable os of adaware rescue disk blocks and freezes on X:\Windows\system32> + in explorer it appears into drive letter, but no free/used space description appears, if i open this disk i have error message



Disk ad aware rescue disk usb magenta: If i boot on it, the commandline of bootable os of adaware rescue disk blocks and freezes on X:\Windows\system32> + comodo cleaning essentials 64 installed.






Make way for Android disinfection / troubleshooting:

the Android currently plugged into this PC:
machine N ° 2: Huawei Android phone:


my Android phone has been infected (Android / Mac / IO disinfection forums with helpers) and very slow
to start and launch, and very slow to launch Mobizen (video capture),

Mobizen when I want to record a video capture tells me a message saying: screen resolution not compatible
when I am in landscape, whereas usually on the same screen / window in landscape when I recorded with Mobizen
until 15/01/2020 it did not put this message and it recorded, more I launch the "assistant launch" at the bottom of this message and that
do not launch the wizard

disinfection / mutual aid: equivalent of Adwcleaner / ZHP / FRST on Android / Apple devices (Mac, IPod, etc ...)?

and for Mobizen's message, capture below:
https://www.cjoint.com/c/JAqjOjtn4QT


I got bored to upload the error message from Android to CJoint and to photograph it to save it on the PC for this topic,
first samsung camera front of the PC did not work, I tried to update via the Drivers Hub application for Windows the driver of Samsung Camera Front
to photograph from the PC the error message from Android with the PC camera, but not sufficient,
to manage to photograph and upload the error message of Android on cjoint for this topic I even installed / used
Start Menu X / ClassicStart8 (by Spyware Terminator 2015 editors) to access the Windows Camera application (because Cortana & the start menu don't work which made the Camera application inaccessible),
and installed Creative Webcam Software, and suddenly I bought "OneSafe Driver Manager" from Avanquest and put the driver for
the camera up to date and I was finally able to photograph the message and I was able to send it to my partner
(auparravent I try to photograph it with the IPOD connected to the pc but the photo was unfortunately made at 45 ° 1/4 turn
which made me decide to use the Windows camera and buy OneSafe,
also tried YouCam 9 but it says no camera detected (internal camera of the PC not recognized)

Android disinfection on this topic / forum with helpers (like on PC with ZHPCleaner, Malekal, etc ...) will be fine for my Android phone

already passed MBAM for Android, CleanMaster, Protectstar IShredder to erase free space from my phone and its 400 GB Micro SD card
but the problems and those cited above persist

an article on Malekal in his forum talks about Android infections in the link below, a priori Malekal disinfects Android, PC and Mac:
hxxps://forum.malekal.com/viewtopic.php?t=52878

and also big bug:

when I record a video with TechSmith Fuse on my Android phone, the video is choppy, disinfection / optimization of my Android device is announced soon

ThePhotoStick is installed on our huawei smartphone

And some video screen captures apps on my android machine crashes and freezes frequently, which makes my recordings corrupted

Have you solution for troubleshoot my Android from pc, by assign letter to my android Huawei y6 2018 phone from windows explorer?

Thanks...

 

[Cookiegal]

We don't do malware removal on Android or Apple devices. All we can suggest there is to reset those devices to factory settings. Someone will be able to help you with malware on your computer.

 

[BoucherDeFrance3]

and now sysinfo for usb disks, 64 GB SD, android device (soon as disk letter but actually mobile on win explorer) & the two pc (bugs & infected in continu since november 16Th, 2002/November 2002)--included acer r1 series (all infected since july 31th 2001/july 2001)--:

Tech Support Guy System Info Utility version 1.0.0.9
OS Version: Microsoft Windows 10 Famille, 64 bit, Build 16299, Installed 20200429003115.000000+120
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz, Intel64 Family 6 Model 142 Stepping 9, CPU Count: 4
Total Physical RAM: 4 GB
Graphics Card: Intel(R) HD Graphics 620, 1024 MB
Hard Drives: C: 63 GB (7 GB Free); G: 19 GB (1 GB Free); I: 7369 GB (1929 GB Free); J: 63 GB (5 GB Free);
Motherboard: SAMSUNG ELECTRONICS CO., LTD. SM-W720NZKBXEF, ver SGL8766A67-C01-G001-S0001+10.0.16299, s/n 123490EN400015
System: American Megatrends Inc., ver SECCSD - 1072009, s/n 14SWR52K30000M
Antivirus: Avira Antivirus, Enabled and Updated

and i wanna uninstall playstation emulator from all my computers

Thanks...

Frow

 

[DR.M]

Hi, Frow.

Welcome to the TSG Forums.

Please do the following:

Download Farbar Recovery Scan Tool and save it to your desktop. --> IMPORTANT

You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your operating system is not English, rename the downloaded file as EnglishFRST64.exe (for 64-bit), or EnglishFRST.exe (for 32-bit) so the resultant log will be in English.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button and wait for a while.
• The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt. Please copy and paste the content of these two logs in your next reply.

NOTES:

1. Do not run any tool unless instructed to do so. Also, do not uninstall or install any software during the proceedure, unless I ask you to do so.

2. Always ask before act. Do not continue if you are not sure, or if something unexpected happens.

3. I am still in training and my fixes have to be approved by my instructor, so there may be a slight delay in my replies. Look at it as a good thing though, since you will have two people looking at your problem.

 

[BoucherDeFrance3]

the 7 usb/sd disks listed in this spoiler below partially not recognized on my two computers:

Spoiler

the 64 GB sd infected it's impossible to take with sony cybershot my important video the april 10Th:
"database error"

i have thèses apps ans bugs on the six disks below:



Disk comodo rescue disk micro usb black: Boot error on grub of comodo bootable rescue disk + comodo cleaning essentials 64 installed



Disk comodo rescue disk usb green: Boot error on grub of comodo bootable rescue disk + comodo cleaning essentials 64 installed



Disk recovery system cyberlink power2go micro usb green: Error to create bootable with data of C:/ recovery' disk with cyberlink power2go ans Windows ADK + comodo cleaning essentials 64 installed



Disk recovery system cyberlink power2go usb purple: Error to create bootable with data of C:/ recovery' disk with cyberlink power2go ans Windows ADK + comodo cleaning essentials 64 installed



Disk ad aware rescue disk micro usb red: If i boot on it, the commandline of bootable os of adaware rescue disk blocks and freezes on X:\Windows\system32> + in explorer it appears into drive letter, but no free/used space description appears, if i open this disk i have error message



Disk ad aware rescue disk usb magenta: If i boot on it, the commandline of bootable os of adaware rescue disk blocks and freezes on X:\Windows\system32> + comodo cleaning essentials 64 installed.

my frst logs, but frst64 is autolaunched from comodo containment, i can't disable comodo sandbox/auto-containment:


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2020
Ran by 3REM APUB3AMFUW 4REM (administrator) on DESKTOP-47BQ27M (SAMSUNG ELECTRONICS CO., LTD. Galaxy Book 12) (04-05-2020 14:14:54)
Running from C:\Users\3REM APUB3AMFUW 4REM\Desktop
Loaded Profiles: 3REM APUB3AMFUW 4REM & _ashbackuppb_ & _ashbackup_ (Available Profiles: 3REM APUB3AMFUW 4REM & _ashbackuppb_ & _ashbackup_)
Platform: Windows Vista (TM) Ultimate Service Pack 2 (X64) Language: Français (France)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] I:\efm hors lfs hyper-applications-réparation internet\TranslucentTB_2.exe
() \Device\HarddiskVolume4\Applications installées\Advanced\ASCAvSvc.exe
() \Device\HarddiskVolume4\Applications installées\Advanced\ASCAvWsc.exe
() \Device\HarddiskVolume4\Applications installées\Advanced\Monitor.exe
() \Device\HarddiskVolume4\Applications installées\Advanced\Monitor_IObitDel_kymyrt.exe
() \Device\HarddiskVolume4\Applications installées\Malwarebytes\MBAMService.exe
() \Device\HarddiskVolume4\Applications installées\NiceCopier\NiceCopier.exe
(Alfredo Anibal Santos Silva -> Carifred) I:\efm hors lfs hyper-applications-réparation internet\kc_rename.UltraAdwareKiller.exe
(Alfredo Anibal Santos Silva -> Carifred) I:\efm hors lfs hyper-applications-réparation internet\kc_rename.UltraAdwareKiller64.exe
(Alfredo Anibal Santos Silva -> Carifred.com) C:\Program Files\UVK - Ultra Virus Killer\UVK_en.exe
(Alfredo Anibal Santos Silva -> Carifred.com) C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe
(Almeza Company) [File not signed] C:\Users\3REM APUB3AMFUW 4REM\Documents\Speed Install\speedinstall.exe
(Anvei Technology Co., LTD -> Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerTray.exe
(Cole Williams Software Limited -> ) C:\Windows\SysWOW64\Codecs\TrayMenu.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\AppManager\CAMTray.exe
(Flexera Software LLC -> Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe
(Maxthon (Asia) Limited. -> Maxthon) C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\mxnitro\MxNitro.exe <4>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe <44>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\osk.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Tweakbit Pty Ltd -> TweakBit) C:\Program Files (x86)\TweakBit\PCRepairKit\PCRepairKit.exe
(ultracopier.first-world.info) [File not signed] C:\Program Files\Ultracopier\ultracopier.exe
(win.rar GmbH -> Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
Failed to access process -> csrss.exe
Failed to access process -> csrss.exe
Failed to access process -> dwm.exe
Failed to access process -> fontdrvhost.exe
Failed to access process -> fontdrvhost.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> WmiPrvSE.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\RunOnce: [GrpConv] => grpconv -o
HKLM-x32\...\Winlogon: [Userinit]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4136713201-357479433-3490252857-1001\...\Run: [] => [X]
HKU\S-1-5-21-4136713201-357479433-3490252857-1001\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [10566352 2015-09-02] (Well Known Media Ltd -> )
HKU\S-1-5-21-4136713201-357479433-3490252857-1001\...\Run: [TweakBit\PCRepairKit\Start PCRepairKit оn logon] => C:\Program Files (x86)\TweakBit\PCRepairKit\PCRepairKit.exe [5780120 2019-10-10] (Tweakbit Pty Ltd -> TweakBit)
HKU\S-1-5-21-4136713201-357479433-3490252857-1001\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [620032 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4136713201-357479433-3490252857-1001\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [368640 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4136713201-357479433-3490252857-1001\...\RunOnce: [Application Restart #2] => C:\Program Files\internet explorer\iexplore.exe -restart /WERRESTART <==== ATTENTION
HKU\S-1-5-21-4136713201-357479433-3490252857-1001\...\RunOnce: [V3IS80Setup] => C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\Temp\I8007032\Setup.exe [504040 2009-07-29] (AhnLab, Inc. -> AhnLab, Inc.) <==== ATTENTION
HKU\S-1-5-21-4136713201-357479433-3490252857-1001\...\Policies\Explorer: [NoInstrumentation] 1
SubSystems: [Windows] => "%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16" <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E818E4B-293C-4C13-8815-D4D233D4FE7D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {0F94D470-3FEC-4408-AF47-C2A4EEA42A5D} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {2204C254-7B6D-4D7A-A24F-92B0B9E2D0AA} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {3144778E-5266-4416-88F3-4FCF312AE3E1} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {326E93AC-B2A8-43D3-BD18-A4353DB92903} - System32\Tasks\SecTimeSync\TimeSyncInit => C:\Windows\SecTimeSync.exe [1630256 2013-08-23] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
Task: {5690DE54-A38F-4E31-9639-7AC08C96BC3F} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-20] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {5E9A66DB-8353-48D6-B079-1478AD1CA2C9} - System32\Tasks\Samsung\SRS\SRS Logon => C:\Program Files\Samsung\Recovery\SRSMessages.exe [4193008 2017-02-01] (Samsung Electronics CO., LTD. -> Samsung Electronics)
Task: {6296F0BF-E65C-46A6-ACF0-C4B903DB4BA1} - System32\Tasks\ShowWindow => C:\Program Files (x86)\Show Window\Show Window.exe [1204312 2017-11-10] (SAMSUNG ELECTRONICS CO,.LTD. -> Samsung Electronics Co., Ltd.)
Task: {69D5E9B0-2A5C-42D7-B323-CBAC9258EB32} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {6C3806B4-3601-4B88-B859-772BB3B84B37} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2982184 2016-02-23] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {90840407-6BB1-41C8-9A90-82322C3AEB9A} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27848432 2020-05-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {94152486-CBF9-47DC-872F-1E2B91BBB190} - \AdvancedSystemRepairPro-Maintenance-Autorun -> No File <==== ATTENTION
Task: {A5207942-581C-435D-BFC4-7ED9F5EFD012} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {AA551A10-59A1-40B6-A430-10ECF4D54B39} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [228880 2020-04-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {B607D369-EBF0-4F76-8153-8A2097537E2C} - System32\Tasks\Moo0 System Monitor 1.83 => C:\Program Files (x86)\Moo0\SystemMonitor 1.83\SystemMonitor.exe [3497984 2019-06-14] (Moo0) [File not signed]
Task: {D3E56915-37BF-4F76-9F4C-B96298918458} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2759304 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {E9978D80-C4C2-4749-AD24-C16EB718BFD8} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {E9C95F3A-7EBA-46FF-A05E-67D4B1EA54D9} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AppManager.exe_20200504_124408_0232.job => C:\Program Files (x86)\CyberLink\AppManager\AppManager.exe
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\PC Clean Maestro Scan.job => C:\Program Files (x86)\CompuClever\PC Clean Maestro\pccum.exe
Task: C:\Windows\Tasks\ReviverSoft Start Menu Reviver Run once task.job => C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe
Task: C:\Windows\Tasks\simplitec Power Suite.job => D:\Applications installées\simpliclean2.3.0.104\PowerSuite.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e7a3896f-b4aa-4931-ba43-7ed6d96a98e9}: [DhcpNameServer] 192.168.1.1
ManualProxies:

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4136713201-357479433-3490252857-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fr.search.yahoo.com/?fr=avantsearch6
SearchScopes: HKU\S-1-5-21-4136713201-357479433-3490252857-1001 -> DefaultScope {7B5E17A5-1DFB-4269-9519-177F01849132} URL =
SearchScopes: HKU\S-1-5-21-4136713201-357479433-3490252857-1001 -> {7B5E17A5-1DFB-4269-9519-177F01849132} URL =
Toolbar: HKU\S-1-5-21-4136713201-357479433-3490252857-1001 -> No Name - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - No File
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc. -> Belarc, Inc.)

Edge:
======
Edge Notifications: HKU\S-1-5-21-4136713201-357479433-3490252857-1001 -> hxxps://www.adaware.com

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi => not found
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\[email protected] => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\[email protected] => not found
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [flljooaijgdgaaogmfhakpojmddcjjmj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S2 a2AntiMalware; C:\Program Files\Ashampoo\Ashampoo Anti-Virus\a2service.exe [9664720 2020-04-07] (Emsisoft Ltd -> Ashampoo GmbH & Co. KG)
S3 AbAdminService; D:\Applications installées\ToolbarTerminator\AbAdminService.exe [37912 2017-07-18] (Ascora GmbH -> Ascora GmbH)
S2 AdblockerSrv; C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerSrv.exe [314064 2013-06-14] (Anvei Technology Co., LTD -> )
S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43072 2012-03-19] (ArcSoft, Inc. -> ArcSoft, Inc.)
S2 AdvancedSystemCareService11; D:\Applications installées\Advanced\ASCService.exe [1664800 2017-12-09] (IObit Information Technology -> IObit)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1209856 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537144 2020-03-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485960 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485960 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573760 2020-03-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ASCAntivirusSrv; D:\Applications installées\Advanced\ascavsvc.exe [1990928 2018-01-18] (IObit Information Technology -> IObit)
S2 astsvr; C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolBarService.exe [119568 2014-12-11] (Anvei Technology Co., LTD -> Anvisoft)
S2 AtherosSvc; C:\Windows\system32\DRIVERS\AdminService.exe [421800 2017-11-08] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [634896 2020-04-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989888 2020-01-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [382992 2020-03-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [243288 2020-04-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161552 2020-04-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 CCManagementService; C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\CompuClever\Program Management Console\ccmanagementservice.exe [169864 2016-12-15] (CompuClever Systems Inc. -> CompuClever Systems Inc.)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2015-08-10] (CyberGhost S.R.L. -> CyberGhost S.R.L)
S2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11401312 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
S2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11401312 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2651840 2019-04-11] (Comodo Security Solutions, Inc. -> COMODO)
S2 COSService.exe; C:\Program Files\COMODO\COMMON\COSService.exe [3550400 2014-10-07] (Comodo Security Solutions -> COMODO Security Solutions)
S2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2870520 2020-01-13] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-12-26] (Check Point Software Technologies Ltd. -> )
S2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-12-26] (Check Point Software Technologies Ltd. -> )
S2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2218032 2016-12-15] (Intel Corporation -> Intel Corporation)
S2 Ext2Srv; C:\Program Files\Ext2Fsd\Ext2Srv.exe [42488 2017-11-02] (Beijing NormalSoft technology Co.,Ltd. -> www.ext2fsd.com)
S2 gdipp_svc_32; C:\Program Files (x86)\UX Pack\gdipp\gdipp_svc_32.exe [93696 2010-09-20] (gdipp Project) [File not signed]
S2 gdipp_svc_64; C:\Program Files (x86)\UX Pack\gdipp\gdipp_svc_64.exe [106496 2010-09-20] (gdipp Project) [File not signed]
S2 Grip sensor Reset service; C:\windows\system32\GripResetService.exe [21504 2017-01-13] (Samsung Electronics) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-20] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-20] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-10-26] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; D:\Applications installées\Malwarebytes\mbamservice.exe [4470736 2017-05-09] (Malwarebytes Corporation -> Malwarebytes)
S2 MdmLdrSvc; C:\Windows\System32\MdmLdrSvc.exe [448616 2017-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Samsung Electronics Co.,Ltd.)
S2 PanelManagerSvc; C:\Windows\System32\PanelManagerSvc.exe [384464 2017-05-11] (Microsoft Windows Hardware Compatibility Publisher -> )
S2 RCD; C:\Windows\System32\RCDService.exe [471144 2017-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Samsung Electronics Co.,Ltd.)
S2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18168 2019-12-30] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S2 rsEngineSvc; C:\Program Files\Reason\Security\rsEngineSvc.exe [89880 2016-09-30] (Reason Software Company Inc. -> Reason Software Company Inc.)
S2 SafiService; C:\Windows\System32\DriverStore\FileRepository\safidrv.inf_amd64_0e89535d35916282\SafiService.exe [62568 2017-10-09] (Microsoft Windows Hardware Compatibility Publisher -> )
S2 Samsung Pen Service; C:\Program Files (x86)\Samsung\Air Command\SamsungPenService.exe [51832 2017-09-28] (Microsoft Windows Hardware Compatibility Publisher -> )
S2 Samsung System Service; C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemService.exe [172632 2017-08-29] (SAMSUNG ELECTRONICS CO,.LTD. -> Samsung Electronics Co., Ltd.)
S2 SbieSvc; C:\Users\3REM APUB3AMFUW 4REM\Desktop\LFS Hyper-Anti-JJAD-UEFM Suite Edition Anti-TFM 600\alternatives bureaux virtuels sandbox secureshopping (bitdefender safepay sandboxie)\sandboxie\SbieSvc.exe [328344 2019-04-22] (Invincea, Inc. -> Sandboxie Holdings, LLC)
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1570520 2016-02-02] (Flexera Software LLC -> Secunia)
S2 Start Menu Logon Manager; C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe [764648 2015-08-01] (Corel Corporation -> ReviverSoft) [File not signed]
S2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [302328 2019-12-30] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4528344 2020-01-21] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation -> Microsoft Corporation)
S2 WlSarService; C:\windows\system32\WlSarService.exe [55808 2017-05-19] (Samsung Electronics Co., Ltd.) [File not signed]
S2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [42208 2020-03-13] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2020-01-22] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2020-01-21] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)
S2 ashbackup; "c:\Program Files\Ashampoo\Ashampoo Backup 2016\bin\backupService-ab.exe" "--controlFolder=c:\ProgramData\Ashampoo Backup\control" "--id=ashbackup" daemon
S2 ashbackuppb; "c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\backupService-abpb.exe" "--controlFolder=c:\ProgramData\Ashampoo Backup PB\control" "--id=ashbackuppb" daemon
S3 asrrealtimesrv; C:\Program Files (x86)\Advanced System Repair Pro 1.9.2.4.0\asrrealtimesrv.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 amdrv; C:\Windows\system32\drivers\amdrv.sys [203680 2020-05-04] (Zemana Ltd. -> Zemana Ltd.)
S1 AMonLWLH; C:\Windows\system32\DRIVERS\amonlwlh.sys [48184 2009-02-11] (AhnLab, Inc. -> AhnLab, Inc.)
S2 amwrtdrv; C:\Windows\System32\amwrtdrv.sys [18392 2016-07-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed]
R3 AppNodeEnum; C:\Windows\system32\DRIVERS\AppNodeEnum.sys [26976 2017-08-30] (WDKTestCert jy.ahn,130269026254766932 -> )
S2 asdnet; C:\Windows\system32\DRIVERS\asdnet.sys [19280 2013-06-09] (Anvei Technology Co., LTD -> )
S1 asrdmon; C:\Windows\system32\drivers\asrdmon.sys [19608 2020-05-03] (Advanced System Repair, Inc. -> Advanced System Repair Inc.)
S3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1605376 2016-11-23] (Bitdefender SRL -> BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [878072 2016-11-23] (Bitdefender SRL -> BitDefender)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\Windows\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [208360 2020-03-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [196560 2020-04-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 BcmGnssBus; C:\Windows\System32\drivers\BcmGnssBus.sys [130696 2017-01-16] (Broadcom Corporation -> Broadcom Corporation)
S0 bdisk; C:\Windows\System32\DRIVERS\bdisk.sys [85488 2014-10-07] (Comodo Security Solutions -> COMODO Security Solutions Inc.)
S0 CBUFS; C:\Windows\System32\DRIVERS\CBUFS.sys [230712 2014-10-07] (Comodo Security Solutions -> COMODO Security Solutions Inc.)
S0 cbvd; C:\Windows\System32\DRIVERS\cbvd.sys [677744 2014-10-07] (Comodo Security Solutions -> COMODO Security Solutions Inc.)
S2 CLFCL5.20; C:\Windows\system32\DRIVERS\CLFCL5.20\000.fcl [46952 2020-03-19] (CyberLink Corp. -> CyberLink Corp.)
S0 cmdboot; C:\Windows\System32\DRIVERS\cmdboot.sys [17872 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmdcss; C:\Windows\system32\drivers\cmdcss.sys [125000 2018-02-28] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [43416 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
S1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [849048 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
S2 cpbak; C:\Windows\System32\DRIVERS\cpbak.sys [66832 2020-01-10] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S1 CPEPMon; C:\Windows\System32\DRIVERS\CPEPMon.sys [111088 2020-01-10] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S1 cposfw; C:\Windows\System32\DRIVERS\cposfw.sys [113440 2020-01-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [72576 2016-12-15] (Intel Corporation -> Intel Corporation)
S3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [67968 2016-12-15] (Intel Corporation -> Intel Corporation)
S1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation)
S1 epnetflt; C:\Windows\system32\drivers\epnetflt.sys [130336 2019-10-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S1 epp; C:\Program Files\Ashampoo\Ashampoo Anti-Virus\epp.sys [155112 2020-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
S0 eppdisk; C:\Windows\System32\drivers\eppdisk.sys [37776 2020-04-07] (Emsisoft Ltd -> Emsisoft Ltd)
R1 eppwfp; C:\Program Files\Ashampoo\Ashampoo Anti-Virus\eppwfp.sys [134896 2020-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
S1 epregflt; C:\Windows\system32\drivers\epregflt.sys [132176 2019-05-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [355200 2016-12-15] (Intel Corporation -> Intel Corporation)
S2 Ext2Fsd; C:\Windows\system32\Drivers\Ext2Fsd.sys [826360 2017-11-02] (Beijing NormalSoft technology Co.,Ltd. -> www.ext2fsd.com)
S3 GridinSoftAntiRansomwareDriver; C:\Windows\System32\DRIVERS\gsars.sys [32528 2017-03-02] (GridinSoft, LLC -> Gridinsoft, LLC)
S3 GridinSoftTrafficInspectDriver; C:\Windows\system32\DRIVERS\gsinspect.sys [38160 2017-03-02] (GridinSoft, LLC -> )
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-10-26] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S0 ignis; C:\Windows\System32\drivers\ignis.sys [300840 2016-08-15] (Bitdefender SRL -> Bitdefender)
R3 IMX241; C:\Windows\System32\drivers\imx241.sys [154528 2017-03-19] (Intel Corporation -> Intel Corporation)
R3 IMX258; C:\Windows\System32\drivers\imx258.sys [167840 2017-03-19] (Intel Corporation -> Intel Corporation)
S3 iobit_monitor_server; D:\Applications installées\Advanced\drivers\Monitor_win10_x64.sys [24056 2017-07-19] (IObit Information Technology -> IObit)
S2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [65264 2019-08-12] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 MdmIf; C:\Windows\System32\Drivers\MdmIf.sys [38816 2017-11-13] (WDKTestCert MBBDriverBuild,131533048005359657 -> Samsung Electronics Co., Ltd.)
S1 MEmuDrv; C:\Windows\system32\DRIVERS\MEmuDrv.sys [319192 2019-09-21] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S3 ModemCtrl; C:\Windows\System32\drivers\ModemCtrl.sys [44480 2017-11-13] (WDKTestCert MBBDriverBuild,131533048005359657 -> Samsung Electronics Co., Ltd.)
R3 PenS2Helper; C:\Windows\system32\DRIVERS\PenS2Helper.sys [45808 2017-09-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 phantomtap; C:\Windows\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2016-02-02] (Secunia -> Secunia)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 Qcamain10x64; C:\Windows\System32\drivers\Qcamain10x64.sys [2328488 2017-11-08] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
S0 Reparse; C:\Windows\System32\DRIVERS\CBReparse.sys [674160 2014-10-07] (Comodo Security Solutions -> COMODO Security Solutions Inc.)
R1 SafiDrv; C:\Windows\System32\drivers\SafiDrv.sys [43136 2017-10-09] (Windows Phone OEM Root 2013 (TEST ONLY) -> Samsung Electronics Co.,Ltd.)
R1 SAMOPanel; C:\Windows\system32\DRIVERS\SAMOPanel.sys [137168 2017-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Samsung Electronics Co.,Ltd.)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SbieDrv; C:\Users\3REM APUB3AMFUW 4REM\Desktop\LFS Hyper-Anti-JJAD-UEFM Suite Edition Anti-TFM 600\alternatives bureaux virtuels sandbox secureshopping (bitdefender safepay sandboxie)\sandboxie\SbieDrv.sys [228616 2019-04-23] (Invincea, Inc. -> Sandboxie Holdings, LLC)
R3 TchS2Helper; C:\Windows\System32\drivers\TchS2Helper.sys [30840 2017-02-02] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [485512 2016-04-28] (Bitdefender SRL -> BitDefender S.R.L.)
R3 vdbus; C:\Windows\System32\drivers\vdbus.sys [826040 2014-10-07] (Comodo Security Solutions -> COMODO Security Solutions Inc.)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [42000 2016-10-31] (Intel(R) Software -> Intel Corporation)
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [461240 2020-01-21] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Moo0\SystemMonitor 1.83\WinRing0x64.sys [14544 2008-07-26] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 wmbclass; C:\Windows\System32\drivers\wmbclass.sys [337920 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
S1 bdfwfpf; \??\E:\Antivirus installés\AdAware Antivirus\AdAwareProxyEngine\1.0.0.8\bdfwfpf.sys [X]
S3 gzflt; \??\E:\Antivirus installés\AdAware Antivirus\Antimalware Engine\3.0.129.0\gzflt.sys [X]
U3 iswSvc; no ImagePath

 

[BoucherDeFrance3]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-04 14:14 - 2020-05-04 14:16 - 000000000 ____D C:\FRST
2020-05-04 14:12 - 2020-05-04 14:12 - 000001139 _____ C:\Users\Public\Desktop\Start Menu Reviver.lnk
2020-05-04 14:12 - 2020-05-04 14:12 - 000000332 _____ C:\Windows\Tasks\ReviverSoft Start Menu Reviver Run once task.job
2020-05-04 14:11 - 2020-05-04 14:11 - 000001369 _____ C:\Users\Public\Desktop\EaseUS Todo PCTrans.lnk
2020-05-04 14:11 - 2020-05-04 14:11 - 000001251 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\TweakBit PCRepairKit.lnk
2020-05-04 14:11 - 2020-05-04 14:11 - 000001234 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Moo0 Info Video 1.10.lnk
2020-05-04 14:11 - 2020-05-04 14:11 - 000000000 ____D C:\ProgramData\TweakBit
2020-05-04 14:11 - 2020-05-04 14:11 - 000000000 ____D C:\Program Files (x86)\EaseUS
2020-05-04 14:10 - 2020-05-04 14:10 - 000001285 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Moo0 Visionneuse d'Image SP 1.80.lnk
2020-05-04 14:10 - 2020-05-04 14:10 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\CompuClever
2020-05-04 14:10 - 2020-05-04 14:10 - 000000000 ____D C:\ProgramData\ReviverSoft
2020-05-04 14:10 - 2020-05-04 14:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2020-05-04 14:10 - 2020-05-04 14:10 - 000000000 ____D C:\Program Files (x86)\TweakBit
2020-05-04 14:09 - 2020-05-04 14:10 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\CompuClever
2020-05-04 14:09 - 2020-05-04 14:09 - 000001279 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\PC Clean Maestro.lnk
2020-05-04 14:09 - 2020-05-04 14:09 - 000000466 _____ C:\Windows\Tasks\PC Clean Maestro Scan.job
2020-05-04 14:09 - 2020-05-04 14:09 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CompuClever
2020-05-04 14:09 - 2020-05-04 14:09 - 000000000 ____D C:\ProgramData\OO Software
2020-05-04 14:09 - 2020-05-04 14:09 - 000000000 ____D C:\ProgramData\CompuClever
2020-05-04 14:09 - 2020-05-04 14:09 - 000000000 ____D C:\Program Files (x86)\CompuClever
2020-05-04 14:09 - 2014-10-07 13:14 - 003550400 _____ (COMODO Security Solutions) C:\Windows\system32\Drivers\COSService.exe
2020-05-04 14:08 - 2020-05-04 14:08 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2020-05-04 13:58 - 2020-05-04 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2020-05-04 13:58 - 2020-05-04 13:58 - 000001067 _____ C:\Users\Public\Desktop\PC Benchmark.lnk
2020-05-04 13:57 - 2020-05-04 14:10 - 000000000 ____D C:\Program Files\ReviverSoft
2020-05-04 13:57 - 2020-05-04 13:57 - 000001312 _____ C:\Users\Public\Desktop\SyTools Open Office Writer Recovery - DEMO Vesrion 2.0.lnk
2020-05-04 13:57 - 2020-05-04 13:57 - 000001276 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Moo0 Destructeur de Fichier 1.21.lnk
2020-05-04 13:57 - 2020-05-04 13:57 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\ReviverSoft
2020-05-04 13:57 - 2020-05-04 13:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools Open Office Writer Recovery
2020-05-04 13:57 - 2020-05-04 13:57 - 000000000 ____D C:\Program Files (x86)\SysTools Open Office Writer Recovery
2020-05-04 13:57 - 2020-05-04 13:57 - 000000000 ____D C:\Program Files (x86)\OTL-TFC-Rem VBS Worm-USB File Resc setup.exe 0.0.0.0
2020-05-04 13:25 - 2020-05-04 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandizip
2020-05-04 13:25 - 2020-05-04 13:25 - 000000000 ____D C:\ProgramData\Astroburn Lite
2020-05-04 13:25 - 2020-05-04 13:25 - 000000000 ____D C:\Program Files\Bandizip
2020-05-04 13:25 - 2020-05-04 13:25 - 000000000 ____D C:\Program Files\Astroburn Lite
2020-05-04 13:25 - 2020-05-04 13:25 - 000000000 ____D C:\Program Files (x86)\KillSoft
2020-05-04 13:24 - 2020-05-04 13:24 - 000001996 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Avant Browser.lnk
2020-05-04 13:24 - 2020-05-04 13:24 - 000001990 _____ C:\Users\Public\Desktop\Avant Browser.lnk
2020-05-04 13:24 - 2020-05-04 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jtrent238's System Support
2020-05-04 13:24 - 2020-05-04 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avant Browser
2020-05-04 13:24 - 2020-05-04 13:24 - 000000000 ____D C:\Program Files (x86)\jtrent238
2020-05-04 13:23 - 2020-05-04 13:24 - 000000000 ____D C:\Program Files (x86)\Avant Browser
2020-05-04 13:22 - 2020-05-04 13:22 - 000000000 ____D C:\Program Files (x86)\FileHippo.com
2020-05-04 13:20 - 2020-05-04 13:20 - 000001260 _____ C:\Users\Public\Desktop\Slim Toolbar.lnk
2020-05-04 13:20 - 2020-05-04 13:20 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\Anvisoft
2020-05-04 13:16 - 2020-05-04 13:16 - 000000897 _____ C:\Users\Public\Desktop\Astroburn Pro.lnk
2020-05-04 13:16 - 2020-05-04 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Pro
2020-05-04 13:15 - 2020-05-04 13:15 - 000000000 ____D C:\ProgramData\Astroburn Pro
2020-05-04 13:15 - 2020-05-04 13:15 - 000000000 ____D C:\Program Files\Astroburn Pro
2020-05-04 12:45 - 2020-05-04 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKillerPE
2020-05-04 12:44 - 2020-05-04 12:44 - 000002292 _____ C:\Users\Public\Desktop\CyberLink Application Manager.lnk
2020-05-04 12:44 - 2020-05-04 12:44 - 000000240 _____ C:\Windows\Tasks\AppManager.exe_20200504_124408_0232.job
2020-05-04 12:43 - 2020-05-04 12:44 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Application Manager
2020-05-04 12:43 - 2020-05-04 12:43 - 000000000 ____D C:\Program Files (x86)\CyberLink
2020-05-04 12:41 - 2020-05-04 14:10 - 000000000 ____D C:\ProgramData\Ultra Adware Killer
2020-05-04 12:41 - 2020-05-04 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A-PDF to Video
2020-05-04 12:40 - 2020-05-04 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2020-05-04 12:39 - 2020-05-04 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder Plus
2020-05-04 12:36 - 2020-05-04 12:36 - 000001048 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\AnyZip.lnk
2020-05-04 12:36 - 2020-05-04 12:36 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyZip
2020-05-04 12:36 - 2020-05-04 12:36 - 000000000 ____D C:\Program Files (x86)\AnyZip
2020-05-04 12:34 - 2020-05-04 12:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ant Renamer
2020-05-04 12:34 - 2020-05-04 12:35 - 000000000 ____D C:\Program Files (x86)\Ant Renamer
2020-05-04 12:34 - 2020-05-04 12:34 - 000000973 _____ C:\Users\Public\Desktop\GridinSoft Anti-Ransomware.lnk
2020-05-04 12:34 - 2020-05-04 12:34 - 000000000 ____D C:\ProgramData\Ant Renamer
2020-05-04 12:33 - 2020-05-04 12:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Ransomware
2020-05-04 12:33 - 2020-05-04 12:33 - 000002058 _____ C:\Users\Public\Desktop\AntiRansomware.lnk
2020-05-04 12:33 - 2020-05-04 12:33 - 000000000 ____D C:\Program Files\GridinSoft Anti-Ransomware
2020-05-04 12:33 - 2017-03-02 19:16 - 000038160 _____ C:\Windows\system32\Drivers\gsinspect.sys
2020-05-04 12:33 - 2017-03-02 19:16 - 000032528 _____ (Gridinsoft, LLC) C:\Windows\system32\Drivers\gsars.sys
2020-05-04 12:32 - 2020-05-04 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiRansomware
2020-05-04 12:32 - 2020-05-04 12:32 - 000000000 ____D C:\ProgramData\Abelssoft
2020-05-04 12:32 - 2020-05-04 12:32 - 000000000 ____D C:\Program Files (x86)\AntiRansomware
2020-05-04 12:30 - 2020-05-04 12:30 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\amdrv.sys
2020-05-04 12:30 - 2020-05-04 12:30 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\AMSDK
2020-05-04 12:28 - 2020-05-04 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Locky
2020-05-04 12:28 - 2020-05-04 12:28 - 000000000 ____D C:\Program Files (x86)\AxBx
2020-05-04 12:27 - 2020-05-04 12:27 - 000001306 _____ C:\Users\Public\Desktop\AMCap.lnk
2020-05-04 12:27 - 2020-05-04 12:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMCap
2020-05-04 12:27 - 2020-05-04 12:27 - 000000000 ____D C:\Program Files (x86)\Noël Danjou
2020-05-04 12:26 - 2020-05-04 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allway Sync
2020-05-04 12:26 - 2020-05-04 12:26 - 000000000 ____D C:\Program Files\Allway Sync
2020-05-04 12:04 - 2020-05-04 12:04 - 000001247 _____ C:\Users\Public\Desktop\Le Petit Robert 2017.lnk
2020-05-04 12:04 - 2020-05-04 12:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Le Petit Robert 2017
2020-05-04 12:04 - 2020-05-04 12:04 - 000000000 ____D C:\ProgramData\Le Robert
2020-05-04 12:04 - 2020-05-04 12:04 - 000000000 ____D C:\Program Files (x86)\Le Robert
2020-05-04 12:03 - 2020-05-04 12:03 - 000000813 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-05-04 12:02 - 2020-05-04 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-05-04 12:02 - 2020-05-04 12:02 - 000001116 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\muCommander.lnk
2020-05-04 12:02 - 2020-05-04 12:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-04 12:02 - 2017-05-31 11:09 - 000077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2020-05-04 12:01 - 2020-05-04 12:02 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\muCommander
2020-05-04 12:01 - 2020-05-04 12:01 - 000001887 _____ C:\Users\Public\Desktop\MultiCommander (x64).lnk
2020-05-04 12:01 - 2020-05-04 12:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiCommander
2020-05-04 12:01 - 2020-05-04 12:01 - 000000000 ____D C:\Program Files (x86)\muCommander
2020-05-04 12:00 - 2020-05-04 12:01 - 000000000 ____D C:\Program Files\MultiCommander (x64)
2020-05-04 11:59 - 2020-05-04 11:59 - 000000586 _____ C:\Users\Public\Desktop\AOMEI OneKey Recovery 1.6.lnk
2020-05-04 11:58 - 2020-05-04 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI OneKey Recovery 1.6
2020-05-04 11:58 - 2020-05-04 11:58 - 000000936 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\PeerBlock.lnk
2020-05-04 11:58 - 2016-07-28 09:38 - 000031192 _____ C:\Windows\system32\ambakdrv.sys
2020-05-04 11:58 - 2016-07-28 09:38 - 000018392 _____ C:\Windows\system32\amwrtdrv.sys
2020-05-04 11:58 - 2016-07-28 09:38 - 000012248 _____ C:\Windows\system32\amreg.sys
2020-05-04 11:57 - 2020-05-04 11:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
2020-05-04 11:57 - 2020-05-04 11:57 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2020-05-04 11:56 - 2020-05-04 11:56 - 000000000 ____D C:\Program Files (x86)\Secunia
2020-05-04 11:53 - 2020-05-04 11:54 - 000000948 _____ C:\Users\Public\Desktop\Reason Core Security.lnk
2020-05-04 11:53 - 2020-05-04 11:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reason Core Security
2020-05-04 11:53 - 2020-05-04 11:53 - 000000000 ____D C:\Program Files\Reason
2020-05-04 11:50 - 2020-05-04 11:50 - 000001003 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Movavi Video Suite 18.lnk
2020-05-04 11:49 - 2020-05-04 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recover Keys
2020-05-04 11:49 - 2020-05-04 11:50 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Movavi Video Suite 18
2020-05-04 11:49 - 2020-05-04 11:50 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Suite 18
2020-05-04 11:49 - 2020-05-04 11:49 - 000000000 ____D C:\ProgramData\movavi
2020-05-04 11:44 - 2020-05-04 11:44 - 000000609 _____ C:\Users\Public\Desktop\Fraps.lnk
2020-05-04 11:44 - 2020-05-04 11:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2020-05-04 11:43 - 2020-05-04 11:43 - 000000000 ____D C:\Fraps
2020-05-04 11:39 - 2020-05-04 11:39 - 000001816 _____ C:\Users\Public\Desktop\AhnLab V3 Internet Security 8.0.lnk
2020-05-04 11:39 - 2020-05-04 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AhnLab
2020-05-04 11:39 - 2009-08-31 12:02 - 001758256 _____ (AhnLab, Inc.) C:\Windows\system32\Drivers\ahnsze.sys
2020-05-04 11:39 - 2009-07-29 07:58 - 000072760 _____ (AhnLab, Inc.) C:\Windows\system32\Drivers\AMonHKNT.sys
2020-05-04 11:39 - 2009-07-29 06:16 - 000133176 _____ (AhnLab, Inc.) C:\Windows\system32\Drivers\AMonTDNt.sys
2020-05-04 11:39 - 2009-07-29 06:16 - 000114232 _____ (AhnLab, Inc.) C:\Windows\system32\Drivers\AMonTDLH.sys
2020-05-04 11:39 - 2009-07-29 06:14 - 000041016 _____ (AhnLab, Inc.) C:\Windows\system32\Drivers\AhnRghNt.sys
2020-05-04 11:39 - 2009-07-21 20:04 - 000025656 _____ (AhnLab, Inc.) C:\Windows\system32\Drivers\CdmDrvNt.sys
2020-05-04 11:39 - 2009-07-21 20:03 - 000025656 _____ (AhnLab, Inc.) C:\Windows\system32\Drivers\AhnRec2k.sys
2020-05-04 11:39 - 2009-07-16 07:56 - 000073272 _____ (AhnLab, Inc.) C:\Windows\system32\Drivers\AhnFlt2k.sys
2020-05-04 11:39 - 2009-04-19 22:36 - 000017976 _____ (AhnLab, Inc.) C:\Windows\system32\V3w32se2.dll
2020-05-04 11:39 - 2009-02-11 03:58 - 000048184 _____ (AhnLab, Inc.) C:\Windows\system32\Drivers\AMonLWLH.sys
2020-05-04 11:38 - 2020-05-04 11:38 - 000000000 ____D C:\Program Files\AhnLab
2020-05-04 11:38 - 2009-08-31 12:31 - 001741824 _____ (AhnLab, Inc.) C:\Windows\system32\BTScan.exe
2020-05-04 11:38 - 2009-08-31 12:02 - 002275376 _____ (AhnLab, Inc.) C:\Windows\system32\Drivers\v3engine.sys
2020-05-04 10:24 - 2020-05-04 11:39 - 000000000 ____D C:\ProgramData\AhnLab
2020-05-04 10:24 - 2020-05-04 10:24 - 000000743 _____ C:\Users\Public\Desktop\Allavsoft.lnk
2020-05-04 10:22 - 2020-05-04 10:22 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allavsoft
2020-05-04 10:21 - 2020-05-04 10:21 - 000001031 _____ C:\Users\Public\Desktop\AKVIS MakeUp.lnk
2020-05-04 10:21 - 2020-05-04 10:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS
2020-05-04 10:21 - 2020-05-04 10:21 - 000000000 ____D C:\Program Files (x86)\AKVIS
2020-05-04 10:20 - 2020-05-04 10:20 - 000000964 _____ C:\Users\Public\Desktop\AIMP.lnk
2020-05-04 10:20 - 2020-05-04 10:20 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\Downloaded Installations
2020-05-04 10:20 - 2020-05-04 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2020-05-04 10:19 - 2020-05-04 10:19 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\AIMP
2020-05-04 10:19 - 2020-05-04 10:19 - 000000000 ____D C:\Program Files (x86)\AIMP
2020-05-04 10:13 - 2020-05-04 10:13 - 000000691 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\AIDA64 Engineer.lnk
2020-05-04 10:12 - 2020-05-04 10:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2020-05-04 10:12 - 2020-05-04 10:12 - 000000892 _____ C:\Users\Public\Desktop\Advanced SystemCare Ultimate 11.lnk
2020-05-04 10:12 - 2020-05-04 10:12 - 000000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2020-05-04 10:12 - 2020-05-04 10:12 - 000000000 ____D C:\ProgramData\{7F40DE3E-8294-4E24-B2EA-80F6C6BB173C}
2020-05-04 10:11 - 2020-05-04 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Ultimate
2020-05-04 10:08 - 2020-05-04 10:12 - 000000651 _____ C:\Users\3REM
2020-05-04 10:08 - 2020-05-04 10:08 - 000000000 ____D C:\Windows\Tasks\ImCleanDisabled
2020-05-04 10:08 - 2020-05-04 10:08 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\RoamingStartup Manager
2020-05-04 10:08 - 2020-05-04 10:08 - 000000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2020-05-04 10:06 - 2020-05-04 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Renamer
2020-05-04 10:06 - 2020-05-04 10:06 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
2020-05-04 10:06 - 2020-05-04 10:06 - 000002201 _____ C:\Users\Public\Desktop\Belarc Advisor.lnk
2020-05-04 10:06 - 2020-05-04 10:06 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\Turbo View & Convert
2020-05-04 10:04 - 2020-05-04 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2020-05-04 10:04 - 2020-05-04 10:04 - 000000000 ____D C:\ProgramData\Anvisoft
2020-05-04 10:04 - 2020-05-04 10:04 - 000000000 ____D C:\Program Files (x86)\Belarc
2020-05-04 10:03 - 2020-05-04 10:03 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\Adobe_Systems_Incorporate
2020-05-04 10:03 - 2013-06-09 04:40 - 000019280 _____ C:\Windows\system32\Drivers\asdnet.sys
2020-05-04 10:02 - 2020-05-04 10:02 - 000002285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 3.0.lnk
2020-05-04 10:02 - 2020-05-04 10:02 - 000002273 _____ C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2020-05-04 10:01 - 2020-05-04 10:03 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\Documents\My Digital Editions
2020-05-04 10:01 - 2020-05-04 10:01 - 000000811 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\GiliSoft Add Watermark to Video 7.1.0.lnk
2020-05-04 10:01 - 2020-05-04 10:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GiliSoft
2020-05-04 10:01 - 2020-05-04 10:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2020-05-04 10:01 - 2020-05-04 10:01 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-05-04 09:59 - 2020-05-04 09:59 - 000000714 _____ C:\Users\Public\Desktop\SysTools AD Console.lnk
2020-05-04 09:58 - 2020-05-04 09:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools AD Console
2020-05-04 09:54 - 2020-05-04 09:54 - 000000699 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Acebyte Media Converter Suite 7.lnk
2020-05-04 09:52 - 2020-05-04 09:52 - 000001005 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\UTILILAB NitroBROWSER.lnk
2020-05-04 09:52 - 2020-05-04 09:52 - 000000991 _____ C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UTILILAB NitroBROWSER.lnk
2020-05-04 09:52 - 2020-05-04 09:52 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UTILILAB
2020-05-04 09:51 - 2020-05-04 09:51 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\mxnitro
2020-05-04 09:48 - 2020-05-04 09:48 - 000000982 _____ C:\Users\Public\Desktop\Optimisation en 1 clic.lnk
2020-05-04 09:48 - 2020-05-04 09:48 - 000000936 _____ C:\Users\Public\Desktop\simpliclean.lnk
2020-05-04 09:48 - 2020-05-04 09:48 - 000000420 _____ C:\Windows\Tasks\simplitec Power Suite.job
2020-05-04 09:48 - 2020-05-04 09:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Optimisation du système
2020-05-04 09:47 - 2020-05-04 09:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
2020-05-04 09:47 - 2020-05-04 09:47 - 000000699 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Acebyte Video Converter 7 Ultimate.lnk
2020-05-04 09:47 - 2020-05-04 09:47 - 000000000 ____D C:\ProgramData\simplitec
2020-05-04 09:47 - 2020-05-04 09:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acebyte Video Converter 7 Ultimate
2020-05-04 09:34 - 2020-05-04 09:54 - 000099384 _____ C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\inst.exe
2020-05-04 09:34 - 2020-05-04 09:54 - 000082816 _____ (VSO Software) C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\pcouffin.sys
2020-05-04 09:34 - 2020-05-04 09:54 - 000007859 _____ C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\pcouffin.cat
2020-05-04 09:34 - 2020-05-04 09:54 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Vso
2020-05-04 09:34 - 2020-05-04 09:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acebyte Media Converter Suite 7
2020-05-04 09:34 - 2020-05-04 09:46 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\Documents\PcSetup
2020-05-04 09:34 - 2020-05-04 09:34 - 000082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys
2020-05-04 09:33 - 2020-05-04 09:53 - 000000000 ____D C:\ProgramData\Acebyte
2020-05-04 09:33 - 2020-05-04 09:47 - 000000000 ____D C:\Windows\SysWOW64\sysdir
2020-05-04 09:33 - 2020-05-04 09:33 - 000000678 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Kastor All Video Downloader.lnk
2020-05-04 09:32 - 2020-05-04 09:32 - 000000711 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Kastor Free Video Converter.lnk
2020-05-04 09:31 - 2020-05-04 09:31 - 000000702 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Free Tube To Mp3.lnk
2020-05-04 09:23 - 2019-01-12 11:48 - 000000000 ____D C:\Program Files (x86)\Program Files (x86)
2020-05-04 09:22 - 2020-05-04 09:22 - 000002267 _____ C:\Users\Public\Desktop\Xilisoft Convertisseur Vidéo Ultimate.lnk
2020-05-04 09:22 - 2020-05-04 09:22 - 000000000 ____D C:\Windows\E3B8562DC9D54D90A2DF1C66C1FDB932.TMP
2020-05-04 09:22 - 2020-05-04 09:22 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip Self-Extractor
2020-05-04 09:22 - 2020-05-04 09:22 - 000000000 ____D C:\ProgramData\WinZipSE
2020-05-04 09:22 - 2020-05-04 09:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2020-05-04 09:22 - 2020-05-04 09:22 - 000000000 ____D C:\Program Files (x86)\WinZip Self-Extractor
2020-05-04 09:21 - 2020-05-04 09:21 - 000012661 _____ C:\ProgramData\zfcvtmok.dsr
2020-05-04 09:21 - 2020-05-04 09:21 - 000000016 _____ C:\ProgramData\mntemp
2020-05-04 09:21 - 2020-05-04 09:21 - 000000000 ____D C:\ProgramData\Xilisoft
2020-05-04 09:21 - 2020-05-04 09:21 - 000000000 ____D C:\Program Files (x86)\Xilisoft
2020-05-04 09:16 - 2020-05-04 09:16 - 000001775 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\CyberGhost 5.lnk
2020-05-04 09:16 - 2020-05-04 09:16 - 000001172 _____ C:\Users\Public\Desktop\SysTools CDR Recovery.lnk
2020-05-04 09:16 - 2020-05-04 09:16 - 000000965 _____ C:\Users\Public\Desktop\SysTools Excel Recovery.lnk
2020-05-04 09:16 - 2020-05-04 09:16 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\CyberGhost
2020-05-04 09:16 - 2020-05-04 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools Excel Recovery
2020-05-04 09:16 - 2020-05-04 09:16 - 000000000 ____D C:\Program Files\SysTools Excel Recovery
2020-05-04 09:15 - 2020-05-04 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools CDR Recovery
2020-05-04 09:15 - 2020-05-04 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2020-05-04 09:15 - 2020-05-04 09:16 - 000000000 ____D C:\Program Files\CyberGhost 5
2020-05-04 09:15 - 2020-05-04 09:15 - 000000000 ____D C:\Program Files (x86)\SysTools CDR Recovery
2020-05-04 09:14 - 2020-05-04 09:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2020-05-04 09:14 - 2020-05-04 09:14 - 000000000 ____D C:\Program Files (x86)\TechSmith
2020-05-04 09:13 - 2020-05-04 09:13 - 000000000 ____D C:\ProgramData\Rebit
2020-05-04 09:13 - 2020-05-04 09:13 - 000000000 ____D C:\Program Files\Rebit
2020-05-04 09:12 - 2020-05-04 09:12 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2020-05-04 09:10 - 2020-05-04 09:10 - 000000000 ____D C:\Windows\UXBackup
2020-05-04 09:09 - 2020-05-04 09:10 - 000000000 ____D C:\Program Files (x86)\UX Pack
2020-05-04 09:09 - 2016-08-24 03:43 - 000499712 _____ C:\Windows\uxpack.icons
2020-05-04 09:09 - 2016-01-15 05:03 - 000015872 _____ C:\Windows\SysWOW64\PEChecksum.exe
2020-05-04 09:09 - 2014-05-22 05:01 - 002413056 _____ C:\Windows\UxStyle_Core_Jul13_x86.msi
2020-05-04 09:09 - 2011-08-11 12:47 - 000076288 _____ C:\Windows\SysWOW64\moveex.exe
2020-05-04 09:09 - 2003-08-19 01:44 - 000118845 _____ (Matt Ginzton) C:\Windows\Flurry.scr
2020-05-04 09:07 - 2020-05-04 09:07 - 000002427 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Continue repair 2020-05-04 09.07.09.536.lnk
2020-05-04 09:02 - 2020-05-04 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UVK - Ultra Virus Killer
2020-05-04 09:01 - 2020-05-04 09:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Tube To Mp3
2020-05-04 09:01 - 2020-05-04 09:07 - 000000000 ____D C:\Program Files\UVK - Ultra Virus Killer
2020-05-04 09:01 - 2020-05-04 09:02 - 000001863 _____ C:\Users\Public\Desktop\UVK - Ultra Virus Killer.lnk
2020-05-04 09:01 - 2020-05-04 09:02 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\KastorTubeToMp3
2020-05-04 09:01 - 2020-05-04 09:01 - 000000000 ____D C:\ProgramData\UVK
2020-05-04 09:00 - 2020-05-04 09:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kastor Free Video Converter
2020-05-04 08:59 - 2020-05-04 09:01 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\KastorVideoConverter
2020-05-04 08:57 - 2020-05-04 08:57 - 000001088 _____ C:\Users\Public\Desktop\Folderico.lnk
2020-05-04 08:57 - 2020-05-04 08:57 - 000000000 ____D C:\ProgramData\Informer Technologies, Inc
2020-05-04 08:57 - 2020-05-04 08:57 - 000000000 ____D C:\ProgramData\Folderico
2020-05-04 08:56 - 2020-05-04 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folderico
2020-05-04 08:56 - 2020-05-04 08:57 - 000000000 ____D C:\Program Files (x86)\Folderico
2020-05-04 08:50 - 2020-05-04 08:50 - 000000000 ____D C:\ProgramData\Panda Security
2020-05-04 08:49 - 2020-05-04 08:49 - 000000858 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Speed Install.lnk
2020-05-04 08:48 - 2020-05-04 08:49 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\Documents\Speed Install
2020-05-04 08:48 - 2020-05-04 08:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speed Install
2020-05-04 08:48 - 2020-05-04 08:48 - 000000889 _____ C:\Users\Public\Desktop\Sticky Previews.lnk
2020-05-04 08:48 - 2020-05-04 08:48 - 000000837 _____ C:\Users\Public\Desktop\Speccy.lnk
2020-05-04 08:48 - 2020-05-04 08:48 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Smart PC Utilities
2020-05-04 08:48 - 2020-05-04 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2020-05-04 08:48 - 2020-05-04 08:48 - 000000000 ____D C:\Program Files\Speccy
2020-05-04 08:47 - 2020-05-04 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Previews
2020-05-04 08:47 - 2020-05-04 08:48 - 000000000 ____D C:\Program Files\Sticky Previews
2020-05-04 08:47 - 2020-05-04 08:47 - 000001865 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\SUPERAntiSpyware Free Edition.lnk
2020-05-04 08:47 - 2020-05-04 08:47 - 000001153 _____ C:\Users\Public\Desktop\Symlink helper.lnk
2020-05-04 08:47 - 2020-05-04 08:47 - 000000799 _____ C:\Users\Public\Desktop\ToolbarTerminator.lnk
2020-05-04 08:47 - 2020-05-04 08:47 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2020-05-04 08:47 - 2020-05-04 08:47 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Abelssoft
2020-05-04 08:47 - 2020-05-04 08:47 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\Abelssoft
2020-05-04 08:47 - 2020-05-04 08:47 - 000000000 ____D C:\ProgramData\XDMessagingv4
2020-05-04 08:47 - 2020-05-04 08:47 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2020-05-04 08:47 - 2020-05-04 08:47 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2020-05-04 08:46 - 2020-05-04 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toolbar Terminator
2020-05-04 08:46 - 2020-05-04 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symlink helper
2020-05-04 08:46 - 2020-05-04 08:46 - 000001292 _____ C:\Users\Public\Desktop\Turbo View & Convert.lnk
2020-05-04 08:46 - 2020-05-04 08:46 - 000001144 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\trolCommander.lnk
2020-05-04 08:46 - 2020-05-04 08:46 - 000000000 ____D C:\ProgramData\SUPERSetup
2020-05-04 08:46 - 2020-05-04 08:46 - 000000000 ____D C:\Program Files (x86)\Symlink helper
2020-05-04 08:46 - 2020-05-04 08:46 - 000000000 ____D C:\Program Files (x86)\File Identifier
2020-05-04 08:45 - 2020-05-04 08:46 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\trolCommander
2020-05-04 08:45 - 2020-05-04 08:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Storage Format Tool 5.3
2020-05-04 08:45 - 2020-05-04 08:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turbo View & Convert
2020-05-04 08:45 - 2020-05-04 08:45 - 000001042 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\USB Disk Storage Format Tool.lnk
2020-05-04 08:45 - 2020-05-04 08:45 - 000000063 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Create Bootable USB.url
2020-05-04 08:45 - 2020-05-04 08:45 - 000000000 ____D C:\Program Files\USB Disk Storage Format Tool
2020-05-04 08:45 - 2020-05-04 08:45 - 000000000 ____D C:\Program Files (x86)\trolCommander
2020-05-04 08:45 - 2020-05-04 08:45 - 000000000 ____D C:\Program Files (x86)\IMSIDesign
2020-05-04 08:44 - 2020-05-04 11:47 - 000000000 ____D C:\Windows\SysWOW64\Codecs
2020-05-04 08:44 - 2020-05-04 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 - Codec Pack
2020-05-04 08:44 - 2020-05-04 08:44 - 000001082 _____ C:\Users\Public\Desktop\Winja.lnk
2020-05-04 08:44 - 2020-05-04 08:44 - 000000849 _____ C:\Users\Public\Desktop\WinSnap.lnk
2020-05-04 08:44 - 2020-05-04 08:44 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\PhrozenWinja
2020-05-04 08:44 - 2020-05-04 08:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winja
2020-05-04 08:43 - 2020-05-04 08:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSnap
2020-05-04 08:43 - 2020-05-04 08:44 - 000000000 ____D C:\Program Files\WinSnap
2020-05-04 08:41 - 2020-05-04 08:41 - 000000839 _____ C:\Users\Public\Desktop\Restore Point Creator.lnk
2020-05-04 08:40 - 2020-05-04 08:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restore Point Creator
2020-05-04 08:40 - 2020-05-04 08:40 - 000000787 _____ C:\Users\Public\Desktop\Amazing GIF to Video Converter.lnk
2020-05-04 08:40 - 2020-05-04 08:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazing
2020-05-04 08:39 - 2020-05-04 08:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ext2Fsd
2020-05-04 08:39 - 2020-05-04 08:39 - 000000000 ____D C:\Program Files\Ext2Fsd
2020-05-04 08:39 - 2017-11-02 13:53 - 000826360 _____ (www.ext2fsd.com) C:\Windows\system32\Drivers\ext2fsd.sys
2020-05-04 08:38 - 2020-05-04 10:12 - 000000000 ____D C:\ProgramData\ProductData
2020-05-04 08:38 - 2020-05-04 10:12 - 000000000 ____D C:\ProgramData\IObit
2020-05-04 08:38 - 2020-05-04 10:08 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\LocalLow\IObit
2020-05-04 08:38 - 2020-05-04 08:38 - 000001417 _____ C:\Users\Public\Desktop\IObit Software Updater.lnk
2020-05-04 08:38 - 2020-05-04 08:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Software Updater
2020-05-04 08:38 - 2020-05-04 08:38 - 000000000 ____D C:\Program Files (x86)\IObit
2020-05-04 08:37 - 2020-05-04 10:09 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\IObit
2020-05-04 08:37 - 2020-05-04 08:37 - 000000929 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Remo Recover.lnk
2020-05-04 08:37 - 2009-02-12 15:11 - 000026024 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rsdrvx64.sys
2020-05-04 08:36 - 2020-05-04 08:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover
2020-05-04 08:36 - 2020-05-04 08:37 - 000000000 ____D C:\Program Files\Remo Recover 5.0
2020-05-04 08:35 - 2020-05-04 08:35 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\ultracopier
2020-05-04 08:35 - 2020-05-04 08:35 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\NiceCopier
2020-05-04 08:35 - 2020-05-04 08:35 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\winappmanager
2020-05-04 08:35 - 2020-05-04 08:35 - 000000000 ____D C:\ProgramData\Expert PDF 14
2020-05-04 08:34 - 2020-05-04 08:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NiceCopier
2020-05-04 08:33 - 2020-05-04 08:34 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultracopier
2020-05-04 08:33 - 2020-05-04 08:34 - 000000000 ____D C:\Program Files\Ultracopier
2020-05-04 08:25 - 2020-05-04 14:09 - 000320870 _____ C:\Windows\ntbtlog.txt
2020-05-04 08:23 - 2020-05-04 08:23 - 000327498 _____ C:\Windows\system32\Drivers\fvstore.dat
2020-05-04 08:23 - 2020-05-04 08:23 - 000000000 _____ C:\Windows\cpepmon.mlf
2020-05-04 03:28 - 2020-05-04 03:28 - 002283520 _____ (Farbar) C:\Users\3REM APUB3AMFUW 4REM\Desktop\EnglishFRST64.exe
2020-05-03 21:19 - 2020-05-03 21:19 - 000001024 _____ C:\Users\Public\Desktop\PotPlayer 64 bit.lnk
2020-05-03 21:19 - 2020-05-03 21:19 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\PotPlayerMini64
2020-05-03 21:19 - 2020-05-03 21:19 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Daum
2020-05-03 21:19 - 2020-05-03 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2020-05-03 21:19 - 2020-05-03 21:19 - 000000000 ____D C:\Program Files\DAUM
2020-05-03 21:12 - 2020-05-03 21:18 - 028682912 _____ (Kakao) C:\Users\3REM APUB3AMFUW 4REM\Downloads\PotPlayerSetup64.exe
2020-05-03 21:11 - 2020-05-04 01:52 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\vlc
2020-05-03 21:11 - 2020-05-03 21:11 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-05-03 21:11 - 2020-05-03 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-05-03 21:11 - 2020-05-03 21:11 - 000000000 ____D C:\Program Files\VideoLAN
2020-05-03 21:10 - 2020-05-03 21:10 - 042544720 _____ C:\Users\3REM APUB3AMFUW 4REM\Downloads\vlc-3.0.10-win64.exe
2020-05-03 19:56 - 2020-05-03 20:01 - 006250880 _____ (Avanquest Software ) C:\Users\3REM APUB3AMFUW 4REM\Downloads\OneSafe_PC_Cleaner_D (1).exe
2020-05-03 19:53 - 2020-05-03 19:55 - 006250880 _____ (Avanquest Software ) C:\Users\3REM APUB3AMFUW 4REM\Downloads\OneSafe_PC_Cleaner_D.exe
2020-05-03 19:39 - 2020-05-03 19:39 - 000000000 ____D C:\ProgramData\Emsisoft
2020-05-03 19:39 - 2020-04-07 08:01 - 000037776 _____ (Emsisoft Ltd) C:\Windows\system32\Drivers\eppdisk.sys
2020-05-03 19:36 - 2020-05-03 19:36 - 000001068 _____ C:\Users\Public\Desktop\Ashampoo Anti-Virus.lnk
2020-05-03 19:07 - 2020-05-03 19:25 - 404113000 _____ (Ashampoo GmbH & Co. KG ) C:\Users\3REM APUB3AMFUW 4REM\Downloads\ashampoo_anti-virus_2020.1.0_sm.exe
2020-05-03 18:48 - 2020-05-03 18:48 - 000848486 _____ C:\Users\3REM APUB3AMFUW 4REM\Downloads\MENU-LOULOU-3-VOL-2020-FR.pdf
2020-05-03 18:36 - 2020-05-03 18:36 - 000003692 _____ C:\Windows\system32\Tasks\Moo0 System Monitor 1.83
2020-05-03 18:36 - 2020-05-03 18:36 - 000001290 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Moo0 Moniteur Système 1.83.lnk
2020-05-03 18:36 - 2020-05-03 18:36 - 000001262 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Moo0 Couper la Vidéo 1.17.lnk
2020-05-03 18:34 - 2020-05-04 14:11 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0
2020-05-03 18:34 - 2020-05-04 14:11 - 000000000 ____D C:\Program Files (x86)\Moo0
2020-05-03 18:34 - 2020-05-03 18:34 - 000001290 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Moo0 Enregistreur audio 1.49.lnk
2020-05-03 18:33 - 2020-05-03 18:33 - 004901376 _____ (Moo0) C:\Users\3REM APUB3AMFUW 4REM\Downloads\Moo0 SystemMonitor v1.83 Installer.exe
2020-05-03 15:51 - 2020-05-03 16:03 - 000000000 ____D C:\Dist
2020-05-03 15:31 - 2020-05-03 15:31 - 000019608 _____ (Advanced System Repair Inc.) C:\Windows\system32\Drivers\asrdmon.sys
2020-05-03 15:11 - 2020-05-04 08:25 - 000000000 ____D C:\ProgramData\TSR7Settings
2020-05-03 15:10 - 2020-05-03 15:10 - 000001126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2020-05-03 15:10 - 2020-05-03 15:10 - 000001044 _____ C:\Users\Public\Desktop\WinRAR.lnk
2020-05-03 15:10 - 2020-05-03 15:10 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\WinRAR
2020-05-03 15:10 - 2020-05-03 15:10 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-05-03 15:10 - 2020-05-03 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-05-03 15:09 - 2020-05-03 15:10 - 000000000 ____D C:\Program Files\WinRAR
2020-05-03 15:06 - 2020-05-03 15:09 - 003214504 _____ (Alexander Roshal) C:\Users\3REM APUB3AMFUW 4REM\Downloads\winrar-x64-580.exe
2020-05-03 15:05 - 2020-05-03 15:10 - 016982006 _____ C:\Users\3REM APUB3AMFUW 4REM\Downloads\Advanced.System.Repair.Pro.1.9.2.4.rar
2020-05-03 14:33 - 2020-05-03 14:33 - 000000000 ____D C:\ProgramData\DiffView
2020-05-03 14:27 - 2020-05-03 16:04 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\spotmau
2020-05-03 14:26 - 2020-05-03 16:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2020-05-03 14:26 - 2020-05-03 14:26 - 000080113 _____ C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\userenv.xml
2020-05-03 14:25 - 2020-05-03 16:04 - 000000000 ____D C:\Program Files (x86)\Wondershare
2020-05-03 14:25 - 2020-05-03 14:25 - 004335856 _____ (Wondershare Software Co.,Ltd ) C:\Users\3REM APUB3AMFUW 4REM\Downloads\1-click-pc-care_full821.exe
2020-05-03 14:24 - 2020-05-03 14:24 - 000001106 _____ C:\Users\3REM APUB3AMFUW 4REM\Downloads\1-click-pc-care_full821-7.5.0.exe
2020-05-03 09:50 - 2020-05-04 10:04 - 000001289 _____ C:\Users\Public\Desktop\Anvi AD Blocker.lnk
2020-05-03 09:49 - 2020-05-04 13:20 - 000000000 ____D C:\Program Files (x86)\Anvisoft
2020-05-03 08:08 - 2020-05-04 12:43 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2020-05-03 07:59 - 2020-05-04 12:42 - 000000000 ____D C:\ProgramData\install_backup
2020-05-03 07:52 - 2020-05-03 07:56 - 325769456 _____ C:\Users\3REM APUB3AMFUW 4REM\Downloads\PowerDVD_20.0.1519.62_Essential_DVD191112-01.exe
2020-05-03 07:19 - 2020-05-03 21:07 - 000000000 ___HD C:\SandBlastBackup
2020-05-03 07:14 - 2020-05-03 07:14 - 000000000 _____ C:\Windows\system32\Drivers\etc\lmhosts
2020-05-02 20:32 - 2020-05-02 20:32 - 000440708 _____ C:\Windows\system32\Drivers\vsconfig.xml
2020-05-02 20:29 - 2020-05-02 20:29 - 000000778 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2020-05-02 20:29 - 2020-05-02 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2020-05-02 20:28 - 2020-05-02 20:28 - 000000000 ___RD C:\Users\Skip!Creation
2020-05-02 20:28 - 2020-05-02 20:28 - 000000000 ___RD C:\Users\Public\Documents\Sandblast AgentSystemDirectory_Do Not_Discard
2020-05-02 20:28 - 2020-05-02 20:28 - 000000000 ___RD C:\Users\3REM APUB3AMFUW 4REM\Documents\_Check-PointSystemFilesDo Not_Remove
2020-05-02 20:28 - 2020-05-02 20:28 - 000000000 ___RD C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Endpoint_FrameworkDirectoryDon'tDelete
2020-05-02 20:28 - 2020-05-02 20:28 - 000000000 ___RD C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\EndpointSecurity0Folder0Do not0Erase
2020-05-02 20:28 - 2020-05-02 20:28 - 000000000 ___RD C:\ProgramData\0CP0SecurityRepositoryDon't0Delete
2020-05-02 20:28 - 2020-05-02 20:28 - 000000000 ___RD C:\Program Files (x86)\!Check-Point!SecurityRepository!Do NotDiscard
2020-05-02 20:28 - 2020-01-10 16:37 - 000066832 _____ (Check Point Software Technologies) C:\Windows\system32\Drivers\cpbak.sys
2020-05-02 20:16 - 2020-05-02 20:16 - 005951576 _____ (Check Point Software Technologies Ltd.) C:\Users\3REM APUB3AMFUW 4REM\Downloads\ZASPSetupWeb_158_038_18284.exe
2020-05-02 19:05 - 2020-05-03 07:25 - 000000000 ____D C:\Program Files (x86)\CheckPoint
2020-05-02 19:05 - 2020-05-02 19:05 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\CheckPoint
2020-05-02 19:04 - 2020-05-02 19:05 - 001085512 _____ (CheckPoint Software Technologies Ltd.) C:\Users\3REM APUB3AMFUW 4REM\Downloads\ZaarSetup_1_000_0601_000.exe
2020-05-02 19:01 - 2020-05-02 20:26 - 000000000 ____D C:\ProgramData\CheckPoint
2020-05-02 19:01 - 2020-05-02 19:01 - 005984464 _____ (Check Point Software Technologies Ltd.) C:\Users\3REM APUB3AMFUW 4REM\Downloads\zafwSetupWeb_151_504_17269.exe
2020-05-02 18:56 - 2020-05-02 18:56 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\AdAwareUpdater
2020-05-02 18:56 - 2020-05-02 18:56 - 000000000 ____D C:\Program Files\Common Files\adaware
2020-05-02 18:53 - 2020-05-02 18:53 - 002708912 _____ C:\Users\3REM APUB3AMFUW 4REM\Downloads\Adaware_Installer.exe
2020-05-02 17:09 - 2020-05-02 17:09 - 000001201 _____ C:\Users\Public\Desktop\Ashampoo Backup 2018.lnk
2020-05-02 17:09 - 2020-05-02 17:09 - 000000020 __SHC C:\Users\_ashbackup_.DESKTOP-47BQ27M\ntuser.ini
2020-05-02 17:09 - 2020-05-02 17:09 - 000000000 _SHDL C:\Users\_ashbackup_.DESKTOP-47BQ27M\Voisinage réseau
2020-05-02 17:09 - 2020-05-02 17:09 - 000000000 _SHDL C:\Users\_ashbackup_.DESKTOP-47BQ27M\Voisinage d'impression
2020-05-02 17:09 - 2020-05-02 17:09 - 000000000 _SHDL C:\Users\_ashbackup_.DESKTOP-47BQ27M\Modèles
2020-05-02 17:09 - 2020-05-02 17:09 - 000000000 _SHDL C:\Users\_ashbackup_.DESKTOP-47BQ27M\Mes documents
2020-05-02 17:09 - 2020-05-02 17:09 - 000000000 _SHDL C:\Users\_ashbackup_.DESKTOP-47BQ27M\Menu Démarrer
2020-05-02 17:09 - 2020-05-02 17:09 - 000000000 _SHDL C:\Users\_ashbackup_.DESKTOP-47BQ27M\Documents\Mes vidéos
2020-05-02 17:09 - 2020-05-02 17:09 - 000000000 _SHDL C:\Users\_ashbackup_.DESKTOP-47BQ27M\Documents\Mes images
2020-05-02 17:09 - 2020-05-02 17:09 - 000000000 _SHDL C:\Users\_ashbackup_.DESKTOP-47BQ27M\Documents\Ma musique
2020-05-02 17:09 - 2020-05-02 17:09 - 000000000 _SHDL C:\Users\_ashbackup_.DESKTOP-47BQ27M\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2020-05-02 17:09 - 2020-05-02 17:09 - 000000000 _SHDL C:\Users\_ashbackup_.DESKTOP-47BQ27M\AppData\Local\Historique
2020-05-02 17:09 - 2020-05-02 17:09 - 000000000 ___DC C:\Users\_ashbackup_.DESKTOP-47BQ27M
2020-05-02 17:07 - 2020-05-04 08:23 - 000000000 ___DC C:\Users\_ashbackuppb_
2020-05-02 17:07 - 2020-05-03 07:16 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\Ashampoo
2020-05-02 17:07 - 2020-05-02 17:07 - 000001225 _____ C:\Users\Public\Desktop\Ashampoo Backup Pro 10.lnk
2020-05-02 17:07 - 2020-05-02 17:07 - 000000020 __SHC C:\Users\_ashbackuppb_\ntuser.ini
2020-05-02 17:07 - 2020-05-02 17:07 - 000000000 _SHDL C:\Users\_ashbackuppb_\Voisinage réseau
2020-05-02 17:07 - 2020-05-02 17:07 - 000000000 _SHDL C:\Users\_ashbackuppb_\Voisinage d'impression
2020-05-02 17:07 - 2020-05-02 17:07 - 000000000 _SHDL C:\Users\_ashbackuppb_\Modèles
2020-05-02 17:07 - 2020-05-02 17:07 - 000000000 _SHDL C:\Users\_ashbackuppb_\Mes documents
2020-05-02 17:07 - 2020-05-02 17:07 - 000000000 _SHDL C:\Users\_ashbackuppb_\Menu Démarrer
2020-05-02 17:07 - 2020-05-02 17:07 - 000000000 _SHDL C:\Users\_ashbackuppb_\Documents\Mes vidéos
2020-05-02 17:07 - 2020-05-02 17:07 - 000000000 _SHDL C:\Users\_ashbackuppb_\Documents\Mes images
2020-05-02 17:07 - 2020-05-02 17:07 - 000000000 _SHDL C:\Users\_ashbackuppb_\Documents\Ma musique
2020-05-02 17:07 - 2020-05-02 17:07 - 000000000 _SHDL C:\Users\_ashbackuppb_\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2020-05-02 17:07 - 2020-05-02 17:07 - 000000000 _SHDL C:\Users\_ashbackuppb_\AppData\Local\Historique
2020-05-02 17:07 - 2020-05-02 17:07 - 000000000 ___DC C:\Users\_ashbackuppb_\AppData\Local\Ashampoo
2020-05-02 17:07 - 2020-05-02 17:07 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\Ashampoo Backup PB
2020-05-02 17:07 - 2020-05-02 17:07 - 000000000 ____D C:\ProgramData\Ashampoo Backup PB
2020-05-02 17:06 - 2020-05-03 07:17 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\Ashampoo Backup
2020-05-02 17:06 - 2020-05-02 17:06 - 000001201 _____ C:\Users\Public\Desktop\Ashampoo Backup 2016.lnk
2020-05-02 17:06 - 2020-05-02 17:06 - 000000020 ___SH C:\Users\_ashbackup_\ntuser.ini
2020-05-02 17:06 - 2020-05-02 17:06 - 000000000 _SHDL C:\Users\_ashbackup_\Voisinage réseau
2020-05-02 17:06 - 2020-05-02 17:06 - 000000000 _SHDL C:\Users\_ashbackup_\Voisinage d'impression
2020-05-02 17:06 - 2020-05-02 17:06 - 000000000 _SHDL C:\Users\_ashbackup_\Modèles
2020-05-02 17:06 - 2020-05-02 17:06 - 000000000 _SHDL C:\Users\_ashbackup_\Mes documents
2020-05-02 17:06 - 2020-05-02 17:06 - 000000000 _SHDL C:\Users\_ashbackup_\Menu Démarrer
2020-05-02 17:06 - 2020-05-02 17:06 - 000000000 _SHDL C:\Users\_ashbackup_\Documents\Mes vidéos
2020-05-02 17:06 - 2020-05-02 17:06 - 000000000 _SHDL C:\Users\_ashbackup_\Documents\Mes images
2020-05-02 17:06 - 2020-05-02 17:06 - 000000000 _SHDL C:\Users\_ashbackup_\Documents\Ma musique
2020-05-02 17:06 - 2020-05-02 17:06 - 000000000 _SHDL C:\Users\_ashbackup_\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2020-05-02 17:06 - 2020-05-02 17:06 - 000000000 ____D C:\Users\_ashbackup_
2020-05-02 17:06 - 2020-05-02 17:06 - 000000000 ____D C:\ProgramData\Ashampoo Backup
2020-05-02 17:05 - 2020-05-03 19:32 - 000000000 ____D C:\Program Files\Ashampoo
2020-05-02 17:03 - 2020-05-02 17:04 - 086070288 _____ (Ashampoo GmbH & Co. KG ) C:\Users\3REM APUB3AMFUW 4REM\Downloads\ashampoo_backup_2018_11.10_sm.exe
2020-05-02 17:02 - 2020-05-02 17:03 - 064954800 _____ (Ashampoo GmbH & Co. KG ) C:\Users\3REM APUB3AMFUW 4REM\Downloads\ashampoo_backup_pro_10_10.10_sm.exe
2020-05-02 17:02 - 2020-05-02 17:02 - 057673176 _____ (Ashampoo GmbH & Co. KG ) C:\Users\3REM APUB3AMFUW 4REM\Downloads\ashampoo_backup_2016_10.08_sm.exe
2020-05-02 17:00 - 2020-05-03 15:22 - 000002549 _____ C:\Users\Public\Desktop\Setup Fix-It 14.0.34.73.lnk
2020-05-02 17:00 - 2020-05-02 17:00 - 000000000 ____D C:\ProgramData\EaseUS Todo PCTrans
2020-05-02 16:58 - 2020-05-04 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans
2020-05-02 16:58 - 2020-05-02 16:58 - 000000000 ____D C:\ProgramData\SystemAcCrux
2020-05-02 16:57 - 2020-05-02 16:58 - 026213872 _____ (EaseUS ) C:\Users\3REM APUB3AMFUW 4REM\Downloads\pct_free_easeus.exe
2020-05-02 16:57 - 2020-05-02 16:57 - 001511616 _____ C:\Users\3REM APUB3AMFUW 4REM\Downloads\pctrans_free_installer.exe
2020-05-02 16:55 - 2020-05-02 16:56 - 059153960 _____ C:\Users\3REM APUB3AMFUW 4REM\Downloads\FI_PRO_14.0.34.73_FRA.exe
2020-05-02 16:12 - 2020-05-02 16:12 - 000000000 ____D C:\Windows\SysWOW64\Avira
2020-05-02 16:02 - 2020-05-04 03:40 - 000000000 ____D C:\Windows\Minidump
2020-05-02 15:43 - 2020-05-02 15:43 - 002270936 _____ (Cermak Technologies, Inc.) C:\Users\3REM APUB3AMFUW 4REM\Downloads\SysInfo.exe
2020-05-01 16:01 - 2020-05-01 16:01 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\CEF
2020-05-01 15:53 - 2020-05-01 15:53 - 000000000 ____D C:\Users\Public\Security Sessions
2020-05-01 15:50 - 2020-05-01 15:50 - 000003592 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2020-05-01 15:45 - 2020-05-01 15:45 - 000003374 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2020-05-01 15:45 - 2020-05-01 15:45 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2020-05-01 15:42 - 2020-04-06 21:13 - 000196560 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2020-05-01 15:42 - 2020-03-27 12:48 - 000208360 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2020-05-01 15:42 - 2019-06-07 15:09 - 000078936 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys
2020-05-01 15:42 - 2019-03-20 19:50 - 000089736 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2020-05-01 15:42 - 2019-03-20 19:50 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2020-05-01 15:42 - 2019-03-20 19:50 - 000045472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2020-05-01 15:42 - 2019-03-20 19:50 - 000022336 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avelam.sys
2020-05-01 15:32 - 2020-05-01 15:32 - 000001684 _____ C:\Users\Public\Desktop\PortraitPro Body 3 Trial.lnk
2020-05-01 15:32 - 2020-05-01 15:32 - 000001637 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\PortraitPro 19 Trial.lnk
2020-05-01 15:32 - 2020-05-01 15:32 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\ArcSoft
2020-05-01 15:32 - 2020-05-01 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PortraitPro Body 3 Trial
2020-05-01 15:32 - 2020-05-01 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PortraitPro 19 Trial
2020-05-01 15:32 - 2020-05-01 15:32 - 000000000 ____D C:\ProgramData\ArcSoft
2020-05-01 15:28 - 2020-05-01 15:28 - 000001561 _____ C:\Users\Public\Desktop\Perfect365.lnk
2020-05-01 15:28 - 2020-05-01 15:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft
2020-05-01 15:28 - 2020-05-01 15:28 - 000000000 ____D C:\Program Files (x86)\ArcSoft
2020-05-01 15:27 - 2020-05-03 21:05 - 000001752 _____ C:\Windows\Sandboxie.ini
2020-05-01 15:27 - 2020-05-01 15:53 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\Avira
2020-05-01 15:27 - 2020-05-01 15:23 - 000001722 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Sandboxed Web Browser.lnk
2020-05-01 15:26 - 2020-05-01 15:27 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-05-01 15:26 - 2020-05-01 15:26 - 000003806 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate
2020-05-01 15:24 - 2020-05-01 15:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-05-01 15:24 - 2020-05-01 15:24 - 000001267 _____ C:\Users\Public\Desktop\Avira.lnk
2020-05-01 15:23 - 2020-05-01 15:49 - 000000000 ____D C:\ProgramData\Avira
2020-05-01 15:23 - 2020-05-01 15:49 - 000000000 ____D C:\Program Files (x86)\Avira
2020-05-01 15:23 - 2020-05-01 15:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2020-05-01 15:19 - 2020-05-01 15:19 - 004342776 _____ (Avira Operations GmbH & Co. KG) C:\Users\3REM APUB3AMFUW 4REM\Downloads\avira_fr_sptl1_1279078669-1588163268__phpwstvad.exe
2020-05-01 15:17 - 2020-05-01 15:17 - 006228120 _____ (Sandboxie Holdings, LLC) C:\Users\3REM APUB3AMFUW 4REM\Downloads\SandboxieInstall-5.30.exe
2020-05-01 15:16 - 2020-05-01 15:16 - 018747808 _____ (ArcSoft) C:\Users\3REM APUB3AMFUW 4REM\Downloads\perfect365_retail_tbyb_all.exe
2020-05-01 15:14 - 2020-05-01 15:23 - 202435208 _____ (Anthropics Technology Ltd. ) C:\Users\3REM APUB3AMFUW 4REM\Downloads\PortraitProBodyTrialSetup64.exe
2020-05-01 15:13 - 2020-05-01 15:21 - 233793984 _____ (Anthropics Technology Ltd. ) C:\Users\3REM APUB3AMFUW 4REM\Downloads\PortraitProTrialSetup64.exe
2020-05-01 13:01 - 2020-05-03 15:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2020-05-01 13:01 - 2020-05-01 20:35 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Foxit Software
2020-05-01 13:01 - 2020-05-01 13:01 - 000001162 _____ C:\Users\Public\Desktop\Foxit PhantomPDF.lnk
2020-05-01 13:01 - 2020-05-01 13:01 - 000000000 ____D C:\Users\Public\Foxit Software
2020-05-01 13:01 - 2020-05-01 13:01 - 000000000 ____D C:\ProgramData\adaware
2020-05-01 12:33 - 2020-05-01 12:39 - 556213864 _____ (Foxit Software Inc.) C:\Users\3REM APUB3AMFUW 4REM\Downloads\FoxitPhantomPDF93_L10N_Setup_Website.A92BY-R6NQ-A3E.exe
2020-05-01 12:25 - 2020-05-01 12:28 - 153569280 _____ C:\Users\3REM APUB3AMFUW 4REM\Downloads\FoxitPhantomPDF504_Business_fra_Setup (1).msi
2020-05-01 12:24 - 2020-05-01 12:27 - 153569280 _____ C:\Users\3REM APUB3AMFUW 4REM\Downloads\FoxitPhantomPDF504_Business_fra_Setup.msi
2020-05-01 11:53 - 2020-05-01 11:53 - 021673392 _____ C:\Users\3REM APUB3AMFUW 4REM\Downloads\Samsung Galaxy S3 S Voice demo.mp4
2020-05-01 11:38 - 2020-05-01 11:38 - 000000000 ____D C:\ProgramData\Apple
2020-05-01 11:36 - 2020-05-01 11:36 - 000001861 _____ C:\Users\Public\Desktop\iMazing.lnk
2020-05-01 11:36 - 2020-05-01 11:36 - 000001803 _____ C:\Users\Public\Desktop\Mp3tag.lnk
2020-05-01 11:36 - 2020-05-01 11:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2020-05-01 11:36 - 2020-05-01 11:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMazing
2020-05-01 11:33 - 2020-05-01 11:33 - 000000000 ____D C:\Program Files\DigiDNA
2020-05-01 11:21 - 2020-05-01 11:21 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Apple Computer
2020-05-01 11:20 - 2020-05-01 11:21 - 109797216 _____ (DigiDNA ) C:\Users\3REM APUB3AMFUW 4REM\Downloads\iMazing2forWindows.exe
2020-05-01 11:19 - 2020-05-01 11:19 - 024373448 _____ (Reincubate Ltd) C:\Users\3REM APUB3AMFUW 4REM\Downloads\iphonebackupextractor-latest.exe
2020-05-01 11:19 - 2020-05-01 11:19 - 000001367 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\iPhone Backup Extractor.lnk
2020-05-01 11:19 - 2020-05-01 11:19 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Reincubate
2020-05-01 11:19 - 2020-05-01 11:19 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate
2020-05-01 11:17 - 2020-05-04 08:09 - 000004206 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{4138A332-FF7F-40C8-88A4-8B4C7C608607}
2020-05-01 11:17 - 2020-05-01 11:17 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Adobe
2020-04-30 14:48 - 2020-04-30 17:54 - 000000000 ____D C:\BCUninstaller
2020-04-30 03:17 - 2020-04-30 03:17 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\SafiAgent
2020-04-30 03:17 - 2020-04-30 03:17 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\PanelManager
2020-04-30 03:16 - 2020-05-04 08:23 - 000041470 _____ C:\Windows\system32\IMX258_REAR.aiqd
2020-04-30 03:16 - 2020-05-04 08:23 - 000041470 _____ C:\Windows\system32\IMX241_FRONT.aiqd
2020-04-29 16:13 - 2020-05-04 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kastor All Video Downloader
2020-04-29 16:13 - 2020-04-29 16:13 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\KastorAllVideoDownloader
2020-04-29 16:13 - 2020-04-29 16:13 - 000000000 ____D C:\Program Files (x86)\Kastor All Video Downloader
2020-04-29 16:12 - 2020-04-29 16:12 - 011923560 _____ (KastorSoft ) C:\Users\3REM APUB3AMFUW 4REM\Downloads\setup_allvideodownloader.exe
2020-04-29 15:13 - 2020-05-03 15:50 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEmu
2020-04-29 15:13 - 2020-04-29 16:54 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\Downloads\MEmu Download
2020-04-29 15:12 - 2020-05-03 15:46 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\.MemuHyperv
2020-04-29 15:12 - 2019-09-21 10:10 - 000319192 _____ (Maiwei Corporation) C:\Windows\system32\Drivers\MEmuDrv.sys
2020-04-29 15:11 - 2020-04-29 15:13 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\.android
2020-04-29 15:09 - 2020-04-29 15:14 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\Microvirt
2020-04-29 15:04 - 2020-04-29 15:08 - 358180192 _____ (Microvirt Software Technology Co. Ltd.) C:\Users\3REM APUB3AMFUW 4REM\Downloads\MEmu-Setup-7.1.6-had132bbee.exe
2020-04-29 15:02 - 2020-04-29 15:02 - 012630982 _____ C:\Users\3REM APUB3AMFUW 4REM\Downloads\Faronics_DFS.zip
2020-04-29 15:02 - 2020-04-29 15:02 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\Downloads\Faronics_DFS
2020-04-29 14:59 - 2020-04-29 15:00 - 087915538 _____ C:\Users\3REM APUB3AMFUW 4REM\Downloads\Faronics_AVE.zip
2020-04-29 14:55 - 2020-04-29 14:56 - 087476261 _____ C:\Users\3REM APUB3AMFUW 4REM\Downloads\Faronics_PSE.zip
2020-04-29 14:19 - 2020-04-29 15:00 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\Desktop\LFS Hyper-Anti-JJAD-UEFM Suite Edition Anti-TFM 600
2020-04-29 13:43 - 2020-04-29 13:43 - 000003686 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
2020-04-29 13:37 - 2020-04-30 14:49 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\Marcin_Szeniak
2020-04-29 13:36 - 2020-05-03 21:07 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\CrashDumps
2020-04-29 13:34 - 2020-04-29 13:34 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\QtProject
2020-04-29 13:33 - 2019-11-08 10:15 - 003600896 _____ C:\Windows\system32\pwNative.exe
2020-04-29 13:33 - 2019-11-08 10:15 - 000019152 _____ C:\Windows\system32\pwdrvio.sys
2020-04-29 13:33 - 2019-11-08 10:15 - 000012504 _____ C:\Windows\system32\pwdspio.sys
2020-04-29 13:32 - 2020-05-03 15:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCUninstaller
2020-04-29 13:32 - 2020-04-29 13:32 - 000000913 _____ C:\Users\Public\Desktop\BCUninstaller.lnk
2020-04-29 11:32 - 2020-05-02 15:27 - 000006144 _____ C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-04-29 11:32 - 2020-04-29 11:33 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Winamp
2020-04-29 11:32 - 2020-04-29 11:32 - 000001048 _____ C:\Users\Public\Desktop\Winamp.lnk
2020-04-29 11:32 - 2020-04-29 11:32 - 000000000 ____D C:\Program Files (x86)\Winamp
2020-04-29 11:32 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2020-04-29 11:32 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2020-04-29 11:30 - 2020-05-03 19:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2020-04-29 11:30 - 2020-04-29 11:30 - 000001253 _____ C:\Users\Public\Desktop\Ashampoo Snap 7.lnk
2020-04-29 11:30 - 2020-04-29 11:30 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\CrashRpt
2020-04-29 11:29 - 2020-04-29 11:29 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2020-04-29 11:28 - 2020-04-29 11:52 - 000000000 ____D C:\Windows\system32\MRT
2020-04-29 11:28 - 2020-04-29 11:28 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-04-29 11:24 - 2019-03-28 11:11 - 000029232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2020-04-29 11:24 - 2019-03-28 08:35 - 000622832 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_clr0400.dll
2020-04-29 11:24 - 2019-03-28 08:35 - 000433448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140_clr0400.dll
2020-04-29 11:24 - 2019-03-28 08:35 - 000087296 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140_clr0400.dll
2020-04-29 11:24 - 2019-03-28 08:35 - 000083768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140_clr0400.dll
2020-04-29 11:23 - 2020-04-29 11:23 - 000000000 ____D C:\Program Files\rempl
2020-04-29 11:23 - 2020-04-29 11:23 - 000000000 ____D C:\Program Files\CUAssistant
2020-04-29 11:23 - 2019-03-28 11:11 - 000017968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2020-04-29 11:23 - 2019-03-28 11:09 - 000032816 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2020-04-29 11:23 - 2019-03-28 11:09 - 000017968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2020-04-29 11:23 - 2019-03-28 08:35 - 000772176 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_clr0400.dll
2020-04-29 11:23 - 2019-03-28 08:35 - 000702400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase_clr0400.dll
2020-04-29 11:22 - 2018-06-08 14:09 - 000130808 _____ (Microsoft Corporation) C:\Windows\system32\osrss.dll
2020-04-29 11:22 - 2017-12-08 00:13 - 001008640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-04-29 11:22 - 2017-12-08 00:10 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-04-29 10:57 - 2020-04-29 10:57 - 000000000 ____D C:\ProgramData\Tech Tool Store
2020-04-29 10:52 - 2020-04-29 13:35 - 000000000 ___HD C:\VTRoot
2020-04-29 10:48 - 2020-04-29 10:48 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Comodo
2020-04-29 10:42 - 2020-04-29 07:45 - 000744808 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2020-04-29 10:33 - 2020-04-29 10:33 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Macromedia
2020-04-29 09:14 - 2020-04-29 09:14 - 000000000 ____D C:\ProgramData\Comodo Downloader
2020-04-29 09:02 - 2020-04-29 09:02 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\Desktop\FRST-OlderVersion
2020-04-29 09:02 - 2020-04-27 21:25 - 000005238 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\ZHPFix.txt
2020-04-29 09:02 - 2020-04-27 20:59 - 000504607 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\ZHPDiag.html
2020-04-29 09:02 - 2020-04-27 20:59 - 000417912 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\ZHPDiag.txt
2020-04-29 09:02 - 2020-04-27 11:46 - 000002076 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\text.txt
2020-04-29 09:02 - 2020-04-26 18:43 - 000000855 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\UnZacMe_26_04_2020_18.43.24.txt
2020-04-29 09:02 - 2020-04-26 17:54 - 005766144 _____ (Tweaking.com) C:\Users\3REM APUB3AMFUW 4REM\Desktop\tweaking.com_registry_backup_setup.exe
2020-04-29 09:02 - 2020-04-25 03:58 - 000055243 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Shortcut_Module_25_04_2020_03_58_52.txt
2020-04-29 09:02 - 2020-04-24 16:43 - 000054572 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Ultra Virus Killer Report.htm
2020-04-29 09:02 - 2020-04-23 17:39 - 000122565 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Shortcut_Module_23_04_2020_17_39_54.txt
2020-04-29 09:02 - 2020-04-23 13:29 - 014740016 _____ (Zemana Ltd. ) C:\Users\3REM APUB3AMFUW 4REM\Desktop\Zemana_AntiLogger_AQFR.exe
2020-04-29 09:02 - 2020-04-23 12:51 - 002637824 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\shortcut-module.exe
2020-04-29 09:02 - 2020-04-23 09:13 - 001039290 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\unlocker-1-9-2.zip
2020-04-29 09:02 - 2020-04-23 09:02 - 000346112 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Unlocker_1.9.2.msi
2020-04-29 09:02 - 2020-04-23 07:54 - 015780508 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\ultracopier-windows-x86_64-2.2.4.0-setup (1).exe
2020-04-29 09:02 - 2020-04-23 07:51 - 015780508 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\ultracopier-windows-x86_64-2.2.4.0-setup.exe
2020-04-29 09:02 - 2020-04-21 12:09 - 000062712 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\ZHPCleaner-[R]-21042020-12_05_58.html
2020-04-29 09:02 - 2020-04-21 12:05 - 000035662 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\ZHPCleaner (R).html
2020-04-29 09:02 - 2020-04-21 12:05 - 000022241 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\ZHPCleaner (R).txt
2020-04-29 09:02 - 2020-04-21 12:03 - 000069714 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\ZHPCleaner-[S]-21042020-12_00_45.html
2020-04-29 09:02 - 2020-04-21 12:00 - 000039302 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\ZHPCleaner (S).html
2020-04-29 09:02 - 2020-04-21 12:00 - 000024786 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\ZHPCleaner (S).txt
2020-04-29 09:02 - 2020-04-21 09:45 - 003297152 _____ (Nicolas Coolman) C:\Users\3REM APUB3AMFUW 4REM\Desktop\ZHPCleaner (1).exe
2020-04-29 09:01 - 2020-05-04 14:17 - 000034645 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\FRST.txt
2020-04-29 09:01 - 2020-05-04 14:11 - 000001013 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\AdsFix_Donate.lnk
2020-04-29 09:01 - 2020-05-04 08:23 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat
2020-04-29 09:01 - 2020-04-29 09:01 - 000002138 _____ C:\Users\Public\Desktop\COMODO Antivirus.lnk
2020-04-29 09:01 - 2020-04-29 09:01 - 000000000 ____D C:\Windows\system32\Tasks\COMODO
2020-04-29 09:01 - 2020-04-29 09:01 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\Desktop\ZHPCleaner-[S]-21042020-12_00_45_files
2020-04-29 09:01 - 2020-04-29 09:01 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\Desktop\ZHPCleaner-[R]-21042020-12_05_58_files
2020-04-29 09:01 - 2020-04-29 09:01 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\Desktop\mbar
2020-04-29 09:01 - 2020-04-28 10:05 - 000003384 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\fixlist.txt
2020-04-29 09:01 - 2020-04-28 09:40 - 011678816 _____ (ESET) C:\Users\3REM APUB3AMFUW 4REM\Desktop\avremover_nt64_enu.exe
2020-04-29 09:01 - 2020-04-28 09:40 - 010442848 _____ (ESET) C:\Users\3REM APUB3AMFUW 4REM\Desktop\avremover_nt32_enu.exe
2020-04-29 09:01 - 2020-04-27 20:52 - 000039559 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Process_Analyzer.txt
2020-04-29 09:01 - 2020-04-27 11:50 - 192609285 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\macOS Transformation Pack 5.0.rar
2020-04-29 09:01 - 2020-04-27 11:50 - 040543328 _____ (AMD Inc.) C:\Users\3REM APUB3AMFUW 4REM\Desktop\radeon-software-adrenalin-2020-20.4.2-minimalsetup-200423_web.exe
2020-04-29 09:01 - 2020-04-27 00:03 - 000010078 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Fixlog.txt
2020-04-29 09:01 - 2020-04-26 21:16 - 008196784 _____ (Malwarebytes) C:\Users\3REM APUB3AMFUW 4REM\Desktop\adwcleaner_8.0.4.exe
2020-04-29 09:01 - 2020-04-26 21:16 - 002434048 _____ (Farbar) C:\Users\3REM APUB3AMFUW 4REM\Desktop\FRST64-2.1.exe
2020-04-29 09:01 - 2020-04-26 21:16 - 001980016 _____ (Malwarebytes) C:\Users\3REM APUB3AMFUW 4REM\Desktop\MBSetup.exe
2020-04-29 09:01 - 2020-04-26 17:53 - 025122016 _____ (Remo Software ) C:\Users\3REM APUB3AMFUW 4REM\Desktop\remo-recover-windows.exe
2020-04-29 09:01 - 2020-04-26 17:53 - 005198336 _____ (AVAST Software) C:\Users\3REM APUB3AMFUW 4REM\Desktop\aswMBR.exe
2020-04-29 09:01 - 2020-04-25 14:38 - 000041384 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\Addition.txt
2020-04-29 09:01 - 2020-04-24 20:46 - 005726104 _____ (SOSVirus) C:\Users\3REM APUB3AMFUW 4REM\Desktop\AdsFix.exe
2020-04-29 09:01 - 2020-04-24 13:18 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\Desktop\unlocker-1-9-2
2020-04-29 09:01 - 2020-04-23 13:36 - 010413312 _____ (Avanquest Software) C:\Users\3REM APUB3AMFUW 4REM\Desktop\AutoSaveEssentials_trial.exe
2020-04-29 09:01 - 2020-04-23 13:33 - 012303432 _____ (Avanquest Software) C:\Users\3REM APUB3AMFUW 4REM\Desktop\Expert_PDF_Installer.exe
2020-04-29 09:01 - 2020-04-23 13:25 - 003187112 _____ (inPixio) C:\Users\3REM APUB3AMFUW 4REM\Desktop\InPixio_PhotoStudio_FR_FT.exe
2020-04-29 09:01 - 2020-04-23 10:21 - 012356104 _____ (IObit ) C:\Users\3REM APUB3AMFUW 4REM\Desktop\iobit-software-updater-setup.exe
2020-04-29 09:01 - 2020-04-23 08:54 - 007729656 _____ (Józef Starosczyk ) C:\Users\3REM APUB3AMFUW 4REM\Desktop\chsetup-1.44.exe
2020-04-29 09:01 - 2020-04-23 08:46 - 011417191 _____ ( ) C:\Users\3REM APUB3AMFUW 4REM\Desktop\NiceCopierSetup_15.02.27.exe
2020-04-29 09:01 - 2020-04-23 08:46 - 011417191 _____ ( ) C:\Users\3REM APUB3AMFUW 4REM\Desktop\NiceCopierSetup_15.02.27 - Copie.exe
2020-04-29 09:01 - 2020-04-23 07:24 - 006137720 _____ (Marcin Szeniak ) C:\Users\3REM APUB3AMFUW 4REM\Desktop\BCUninstaller_4.16_setup.exe
2020-04-29 09:01 - 2020-04-21 12:39 - 002281984 _____ (Farbar) C:\Users\3REM APUB3AMFUW 4REM\Desktop\FRST64.exe
2020-04-29 09:01 - 2019-03-18 21:22 - 000017872 _____ (COMODO) C:\Windows\system32\Drivers\cmdboot.sys
2020-04-29 09:01 - 2017-06-01 17:57 - 006503848 _____ (SosVirus) C:\Users\3REM APUB3AMFUW 4REM\Desktop\adsfix_4_01.06.17.2.exe
2020-04-29 09:00 - 2020-05-04 14:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2020-04-29 09:00 - 2020-05-04 14:09 - 000000000 ____D C:\Program Files\COMODO
2020-04-29 09:00 - 2019-02-15 05:48 - 000337080 _____ (COMODO) C:\Windows\system32\cmdkbdcss64.dll
2020-04-29 09:00 - 2019-02-15 05:48 - 000267448 _____ (COMODO) C:\Windows\SysWOW64\cmdkbdcss32.dll
2020-04-29 09:00 - 2019-02-15 05:47 - 000447704 _____ (COMODO) C:\Windows\system32\cssguard64.dll
2020-04-29 09:00 - 2019-02-15 05:47 - 000349496 _____ (COMODO) C:\Windows\SysWOW64\cssguard32.dll
2020-04-29 09:00 - 2019-02-15 05:47 - 000050264 _____ (COMODO) C:\Windows\system32\csscsr64.dll
2020-04-29 09:00 - 2018-02-28 08:11 - 000125000 _____ (COMODO) C:\Windows\system32\Drivers\cmdcss.sys
2020-04-29 08:52 - 2020-05-03 21:02 - 000000000 ____D C:\Windows\system32\Drivers\CLFCL5.20
2020-04-29 08:51 - 2020-05-04 12:44 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\CyberLink
2020-04-29 08:51 - 2020-04-29 08:52 - 000000000 ____D C:\ProgramData\PDVD
2020-04-29 08:49 - 2020-05-04 12:42 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2020-04-29 08:49 - 2020-05-04 12:42 - 000000000 ____D C:\ProgramData\install_clap
2020-04-29 08:49 - 2020-05-03 08:11 - 000000000 ____D C:\ProgramData\CLSK
2020-04-29 08:30 - 2020-05-03 09:51 - 000000000 ___HD C:\ProgramData\CyberLink
2020-04-29 08:13 - 2020-04-29 08:57 - 000000000 ____D C:\ProgramData\Comodo
2020-04-29 08:13 - 2020-04-29 08:13 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\Lavasoft
2020-04-29 08:13 - 2020-04-29 08:13 - 000000000 ____D C:\ProgramData\Shared Space
2020-04-29 08:10 - 2020-04-29 08:10 - 000000000 ____D C:\ProgramData\BitDefender
2020-04-29 08:09 - 2020-04-29 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-04-29 08:09 - 2020-04-29 08:09 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\LavasoftStatistics
2020-04-29 08:06 - 2020-04-29 08:06 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\Lavasoft
2020-04-29 08:06 - 2020-04-29 08:06 - 000000000 ____D C:\ProgramData\Lavasoft
2020-04-29 07:56 - 2020-04-29 08:24 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\PlaceholderTileLogoFolder
2020-04-29 07:53 - 2018-06-29 10:09 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2020-04-29 07:53 - 2018-06-29 09:58 - 000462336 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2020-04-29 07:53 - 2018-06-13 23:14 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-04-29 07:53 - 2018-06-13 23:02 - 002786304 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-04-29 07:53 - 2018-06-08 08:07 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-04-29 07:53 - 2018-06-08 08:02 - 000253440 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2020-04-29 07:53 - 2018-06-08 07:57 - 001345024 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2020-04-29 07:53 - 2018-05-11 23:54 - 001300992 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2020-04-29 07:53 - 2018-05-03 08:19 - 000496640 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2020-04-29 07:53 - 2018-03-30 05:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2020-04-29 07:53 - 2018-03-30 05:43 - 000067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2020-04-29 07:53 - 2018-03-30 05:36 - 000825856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2020-04-29 07:53 - 2018-03-30 05:35 - 000858112 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-04-29 07:53 - 2018-03-30 05:35 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2020-04-29 07:53 - 2018-03-30 05:33 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2020-04-29 07:53 - 2018-03-30 05:33 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2020-04-29 07:53 - 2018-03-30 05:25 - 001055744 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2020-04-29 07:53 - 2018-03-13 07:25 - 001346560 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2020-04-29 07:53 - 2018-03-01 09:30 - 000264040 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-04-29 07:53 - 2018-03-01 08:03 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2020-04-29 07:53 - 2018-03-01 07:53 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2020-04-29 07:53 - 2018-03-01 07:53 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2020-04-29 07:53 - 2018-03-01 07:53 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2020-04-29 07:53 - 2018-02-10 06:45 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2020-04-29 07:53 - 2018-02-10 06:42 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2020-04-29 07:53 - 2017-11-26 15:26 - 000048112 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-04-29 07:53 - 2017-11-26 14:35 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wuautoappupdate.dll
2020-04-29 07:52 - 2019-02-13 08:33 - 001909560 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2020-04-29 07:52 - 2018-05-04 11:37 - 000278448 _____ (Microsoft Corporation) C:\Windows\system32\Notifier.exe
2020-04-29 07:43 - 2020-04-29 07:43 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\Comms
2020-04-29 07:41 - 2020-04-29 07:41 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\DBG
2020-04-29 07:38 - 2020-04-30 06:30 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\Packages
2020-04-29 07:38 - 2020-04-30 03:17 - 000000000 __SHD C:\Users\3REM APUB3AMFUW 4REM\IntelGraphicsProfiles
2020-04-29 07:38 - 2020-04-29 08:06 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\Publishers
2020-04-29 07:38 - 2020-04-29 07:38 - 000000000 ___RD C:\Users\3REM APUB3AMFUW 4REM\3D Objects
2020-04-29 07:38 - 2020-04-29 07:38 - 000000000 ___HD C:\Users\3REM APUB3AMFUW 4REM\MicrosoftEdgeBackups
2020-04-29 07:38 - 2020-04-29 07:38 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\VirtualStore
2020-04-29 07:38 - 2020-04-29 07:38 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\MicrosoftEdge
2020-04-29 07:38 - 2020-04-29 07:38 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\LoopBackService
2020-04-29 07:38 - 2020-04-29 07:38 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\ConnectedDevicesPlatform
2020-04-29 07:37 - 2020-05-04 08:35 - 000000000 ____D C:\Users\3REM APUB3AMFUW 4REM
2020-04-29 07:37 - 2020-04-29 07:37 - 000000020 ___SH C:\Users\3REM APUB3AMFUW 4REM\ntuser.ini
2020-04-29 00:31 - 2020-04-29 00:31 - 000000000 ____D C:\ProgramData\ToastGenerator
2020-04-29 00:31 - 2020-04-29 00:31 - 000000000 _____ C:\Windows\system32\Drivers\144D_SAMSUNG_na_Galaxy Book 12_P04H.mrk
2020-04-29 00:27 - 2020-04-29 00:27 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2020-03-18 19:55 - 2020-03-18 19:55 - 000045056 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\phantomtap.sys

==================== Three months (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-04 14:11 - 2017-12-08 00:46 - 002415980 _____ C:\Windows\system32\PerfStringBackup.INI
2020-05-04 14:11 - 2017-12-07 15:15 - 001160410 _____ C:\Windows\system32\perfh00C.dat
2020-05-04 14:11 - 2017-12-07 15:15 - 000265116 _____ C:\Windows\system32\perfc00C.dat
2020-05-04 14:09 - 2017-09-29 15:44 - 000000000 ____D C:\Windows\INF
2020-05-04 10:04 - 2017-12-07 08:00 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-04 09:14 - 2017-12-07 07:47 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-05-04 09:09 - 2017-09-29 15:46 - 000000000 __RSD C:\Windows\media
2020-05-04 09:09 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\Cursors
2020-05-04 08:23 - 2017-12-08 00:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-05-04 08:23 - 2017-09-29 10:45 - 000524288 _____ C:\Windows\system32\config\BBI
2020-05-04 01:10 - 2017-12-08 00:39 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-05-03 20:53 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\LiveKernelReports
2020-05-03 15:49 - 2017-09-29 15:46 - 000000000 ___SD C:\Windows\Downloaded Program Files
2020-05-03 15:46 - 2017-10-10 18:41 - 000000000 ____D C:\Windows\Panther
2020-05-03 12:14 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\DeliveryOptimization
2020-05-02 18:29 - 2017-09-29 10:45 - 000032768 _____ C:\Windows\system32\config\ELAM
2020-05-02 16:02 - 2017-12-08 00:39 - 000222072 _____ C:\Windows\system32\FNTCACHE.DAT
2020-05-02 03:19 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\rescache
2020-05-02 03:17 - 2017-09-29 15:37 - 000000000 ____D C:\Windows\CbsTemp
2020-05-02 03:16 - 2017-12-07 15:11 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2020-05-02 03:16 - 2017-09-29 16:41 - 000000000 ____D C:\Windows\SysWOW64\winrm
2020-05-02 03:16 - 2017-09-29 16:41 - 000000000 ____D C:\Windows\SysWOW64\WCN
2020-05-02 03:16 - 2017-09-29 16:41 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2020-05-02 03:16 - 2017-09-29 16:41 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2020-05-02 03:16 - 2017-09-29 16:41 - 000000000 ____D C:\Windows\system32\winrm
2020-05-02 03:16 - 2017-09-29 16:41 - 000000000 ____D C:\Windows\system32\WCN
2020-05-02 03:16 - 2017-09-29 16:41 - 000000000 ____D C:\Windows\system32\slmgr
2020-05-02 03:16 - 2017-09-29 16:41 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ___SD C:\Windows\SysWOW64\F12
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ___SD C:\Windows\system32\F12
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ___SD C:\Windows\system32\dsc
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\SysWOW64\oobe
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\SysWOW64\MUI
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\SysWOW64\com
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\system32\oobe
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\system32\MUI
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\system32\migwiz
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\system32\com
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\IME
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\Help
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Windows Defender
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Common Files\system
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-05-02 03:16 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-05-02 03:16 - 2017-09-29 10:45 - 000000000 ____D C:\Windows\system32\Sysprep
2020-05-02 03:16 - 2017-09-29 10:45 - 000000000 ____D C:\Windows\system32\Dism
2020-05-02 03:16 - 2017-09-29 10:45 - 000000000 ____D C:\Windows\servicing
2020-05-02 03:07 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-02 03:07 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\AppReadiness
2020-05-02 02:59 - 2017-12-07 08:00 - 000000000 ____D C:\Windows\RSTLog
2020-05-01 15:45 - 2017-09-29 15:46 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-04-30 04:31 - 2017-12-07 08:12 - 000026673 _____ C:\Windows\diagwrn.xml
2020-04-30 04:31 - 2017-12-07 08:12 - 000026673 _____ C:\Windows\diagerr.xml
2020-04-30 03:20 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\appcompat
2020-04-30 03:17 - 2017-12-07 07:47 - 000000000 ____D C:\ProgramData\CacheWrite
2020-04-29 07:38 - 2017-12-08 00:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-04-29 07:38 - 2017-12-07 15:12 - 000000000 ____D C:\Windows\MSetup
2020-04-29 07:26 - 2017-12-07 08:05 - 000000000 ____D C:\ProgramData\Samsung
2020-04-29 05:50 - 2017-09-29 15:46 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2020-04-29 00:32 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2020-04-29 00:31 - 2017-12-07 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2020-04-29 00:27 - 2017-12-07 08:06 - 000002322 _____ C:\Windows\system32\Tasks\SAgent
2020-04-29 00:27 - 2017-12-07 08:06 - 000002268 _____ C:\Windows\system32\Tasks\ShowWindow
2020-04-29 00:27 - 2017-12-07 08:00 - 000003118 _____ C:\Windows\system32\Tasks\Intel PTT EK Recertification

 

[BoucherDeFrance3]

==================== Files in the root of some directories ========




2017-01-14 13:37 - 2017-01-14 13:37 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2020-05-04 09:34 - 2020-05-04 09:54 - 000099384 _____ () C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\inst.exe
2020-05-04 09:34 - 2020-05-04 09:54 - 000007859 _____ () C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\pcouffin.cat
2020-05-04 09:34 - 2020-05-04 09:54 - 000001167 _____ () C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\pcouffin.inf
2020-05-04 09:46 - 2020-05-04 09:54 - 000000034 _____ () C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\pcouffin.log
2020-05-04 09:34 - 2020-05-04 09:54 - 000082816 _____ (VSO Software) C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\pcouffin.sys
2020-05-03 14:26 - 2020-05-03 14:26 - 000080113 _____ () C:\Users\3REM APUB3AMFUW 4REM\AppData\Roaming\userenv.xml
2020-04-29 11:32 - 2020-05-02 15:27 - 000006144 _____ () C:\Users\3REM APUB3AMFUW 4REM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini




==================== FLock ==============================




2020-05-03 21:07 C:\SandBlastBackup




==================== SigCheckExt =========================




2013-12-17 03:28 - 2013-12-17 03:28 - 000122368 _____ C:\Windows\system32\avi.x64.dll
2020-05-04 11:38 - 2009-08-31 12:31 - 001741824 _____ (AhnLab, Inc.) C:\Windows\system32\BTScan.exe
2013-12-17 03:27 - 2013-12-17 03:27 - 000135680 _____ C:\Windows\system32\dsmux.x64.exe
2013-12-17 03:27 - 2013-12-17 03:27 - 000332288 _____ C:\Windows\system32\dxr.x64.dll
2015-09-05 10:09 - 2015-09-05 10:09 - 000105984 _____ (Beepa P/L) C:\Windows\system32\frapsv64.dll
2013-12-17 03:27 - 2013-12-17 03:27 - 000481792 _____ C:\Windows\system32\gdsmux.x64.exe
2017-12-07 08:05 - 2017-01-13 12:10 - 000021504 _____ (Samsung Electronics) C:\Windows\system32\GripResetService.exe
2013-12-17 03:27 - 2013-12-17 03:27 - 000024576 _____ C:\Windows\system32\mkunicode.x64.dll
2013-12-17 03:27 - 2013-12-17 03:27 - 000160768 _____ C:\Windows\system32\mkv2vfr.x64.exe
2013-12-17 03:27 - 2013-12-17 03:27 - 000174080 _____ C:\Windows\system32\mkx.x64.dll
2013-12-17 03:27 - 2013-12-17 03:27 - 000084992 _____ C:\Windows\system32\mkzlib.x64.dll
2013-12-17 03:27 - 2013-12-17 03:27 - 000166400 _____ C:\Windows\system32\mp4.x64.dll
2013-12-17 03:26 - 2013-12-17 03:26 - 000139264 _____ C:\Windows\system32\ogm.x64.dll
2020-04-29 13:33 - 2019-11-08 10:15 - 003600896 _____ C:\Windows\system32\pwNative.exe
2013-12-17 03:26 - 2013-12-17 03:26 - 000180736 _____ C:\Windows\system32\ts.x64.dll
2013-12-17 04:38 - 2013-12-17 04:38 - 001929216 _____ (xy-VSFilter Team) C:\Windows\system32\VSFilter.dll
2017-05-19 09:38 - 2017-05-19 09:38 - 000055808 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\WlSarService.exe
2017-12-07 08:10 - 2012-08-06 07:14 - 001731072 _____ (Samsung Electronics) C:\Windows\MSetCaller.exe
2013-12-17 03:28 - 2013-12-17 03:28 - 000109568 _____ C:\Windows\SysWOW64\avi.dll
2013-12-17 03:28 - 2013-12-17 03:28 - 000097792 _____ C:\Windows\SysWOW64\avs.dll
2013-12-17 03:28 - 2013-12-17 03:28 - 000093184 _____ C:\Windows\SysWOW64\avss.dll
2013-02-16 15:02 - 2013-02-16 15:02 - 000107584 _____ (Un4seen Developments) C:\Windows\SysWOW64\bass.dll
2011-05-12 15:16 - 2011-05-12 15:16 - 000019008 _____ (Un4seen Developments) C:\Windows\SysWOW64\basscd.dll
2009-12-09 13:40 - 2009-12-09 13:40 - 000025152 _____ (Un4seen Developments) C:\Windows\SysWOW64\bassflac.dll
2012-08-23 15:43 - 2012-08-23 15:43 - 000054328 _____ (Un4seen Developments) C:\Windows\SysWOW64\bassopus.dll
2012-12-05 19:27 - 2012-12-05 19:27 - 000025664 _____ (Un4seen Developments) C:\Windows\SysWOW64\basswv.dll
2012-10-16 15:17 - 2012-10-16 15:17 - 000149720 _____ (MaresWEB) C:\Windows\SysWOW64\bass_aac.dll
2013-01-31 18:02 - 2013-01-31 18:02 - 000009416 _____ (MaresWEB) C:\Windows\SysWOW64\bass_alac.dll
2011-08-03 17:48 - 2011-08-03 17:48 - 000033456 _____ (MaresWEB) C:\Windows\SysWOW64\bass_ape.dll
2012-05-09 14:26 - 2012-05-09 14:26 - 000021112 _____ (MaresWEB) C:\Windows\SysWOW64\bass_mpc.dll
2009-04-24 12:20 - 2009-04-24 12:20 - 000005960 _____ (MaresWEB) C:\Windows\SysWOW64\bass_ofr.dll
2010-03-24 13:15 - 2010-03-24 13:15 - 000047104 _____ C:\Windows\SysWOW64\bass_tak.dll
2008-02-27 22:49 - 2008-02-27 22:49 - 000008536 _____ (MaresWEB) C:\Windows\SysWOW64\bass_tta.dll
2007-01-19 18:06 - 2007-01-19 18:06 - 000868352 _____ (Sony Corporation) C:\Windows\SysWOW64\DSDProcessUnit.dll
2013-12-17 03:27 - 2013-12-17 03:27 - 000113152 _____ C:\Windows\SysWOW64\dsmux.exe
2013-12-17 03:27 - 2013-12-17 03:27 - 000249856 _____ C:\Windows\SysWOW64\dxr.dll
2006-11-29 19:33 - 2006-11-29 19:33 - 000086016 _____ (Sony Corporation) C:\Windows\SysWOW64\FLWindowsVistaAPI.dll
2015-09-05 10:09 - 2015-09-05 10:09 - 000094208 _____ (Beepa P/L) C:\Windows\SysWOW64\frapsvid.dll
2013-12-17 03:27 - 2013-12-17 03:27 - 000358400 _____ C:\Windows\SysWOW64\gdsmux.exe
2007-10-07 16:36 - 2007-10-07 16:36 - 000258048 _____ C:\Windows\SysWOW64\libFLAC.dll
2006-11-03 08:15 - 2006-11-03 08:15 - 002809948 _____ (Intel Corporation) C:\Windows\SysWOW64\libmmd.dll
2020-05-04 14:08 - 2020-05-04 14:08 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2013-12-17 03:27 - 2013-12-17 03:27 - 000024576 _____ C:\Windows\SysWOW64\mkunicode.dll
2013-12-17 03:27 - 2013-12-17 03:27 - 000137728 _____ C:\Windows\SysWOW64\mkv2vfr.exe
2013-12-17 03:27 - 2013-12-17 03:27 - 000150528 _____ C:\Windows\SysWOW64\mkx.dll
2013-12-17 03:27 - 2013-12-17 03:27 - 000080384 _____ C:\Windows\SysWOW64\mkzlib.dll
2020-05-04 09:09 - 2011-08-11 12:47 - 000076288 _____ C:\Windows\SysWOW64\moveex.exe
2013-12-17 03:27 - 2013-12-17 03:27 - 000142336 _____ C:\Windows\SysWOW64\mp4.dll
2005-08-05 18:30 - 2005-08-05 18:30 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2013-12-17 03:27 - 2013-12-17 03:27 - 000528384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp80.dll
2013-12-17 03:27 - 2013-12-17 03:27 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-12-17 03:27 - 2013-12-17 03:27 - 000585728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr80.dll
2013-12-17 03:26 - 2013-12-17 03:26 - 000123392 _____ C:\Windows\SysWOW64\ogm.dll
2011-02-11 12:26 - 2011-02-11 12:26 - 000237568 _____ C:\Windows\SysWOW64\OptimFROG.dll
2020-05-04 09:09 - 2016-01-15 05:03 - 000015872 _____ C:\Windows\SysWOW64\PEChecksum.exe
2017-01-14 13:37 - 2017-01-14 13:37 - 000278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2011-07-08 16:45 - 2011-07-08 16:45 - 000112640 _____ (Thomas Becker, Osnabrueck) C:\Windows\SysWOW64\tak_deco_lib.dll
2013-12-17 03:26 - 2013-12-17 03:26 - 000154624 _____ C:\Windows\SysWOW64\ts.dll
2013-12-17 04:38 - 2013-12-17 04:38 - 001573376 _____ (xy-VSFilter Team) C:\Windows\SysWOW64\VSFilter.dll
2006-08-01 04:23 - 2006-08-01 04:23 - 000126976 _____ (Sony Corporation) C:\Windows\SysWOW64\VzCs.dll
2020-04-29 09:01 - 2020-04-24 20:46 - 005726104 _____ (SOSVirus) C:\Users\3REM APUB3AMFUW 4REM\Desktop\AdsFix.exe
2020-04-29 09:01 - 2017-06-01 17:57 - 006503848 _____ (SosVirus) C:\Users\3REM APUB3AMFUW 4REM\Desktop\adsfix_4_01.06.17.2.exe
2020-04-29 09:01 - 2020-04-26 17:53 - 005198336 _____ (AVAST Software) C:\Users\3REM APUB3AMFUW 4REM\Desktop\aswMBR.exe
2020-05-04 03:28 - 2020-05-04 03:28 - 002283520 _____ (Farbar) C:\Users\3REM APUB3AMFUW 4REM\Desktop\EnglishFRST64.exe
2020-04-29 09:01 - 2020-04-26 21:16 - 002434048 _____ (Farbar) C:\Users\3REM APUB3AMFUW 4REM\Desktop\FRST64-2.1.exe
2020-04-29 09:01 - 2020-04-21 12:39 - 002281984 _____ (Farbar) C:\Users\3REM APUB3AMFUW 4REM\Desktop\FRST64.exe
2020-04-29 09:01 - 2020-04-23 08:46 - 011417191 _____ ( ) C:\Users\3REM APUB3AMFUW 4REM\Desktop\NiceCopierSetup_15.02.27 - Copie.exe
2020-04-29 09:01 - 2020-04-23 08:46 - 011417191 _____ ( ) C:\Users\3REM APUB3AMFUW 4REM\Desktop\NiceCopierSetup_15.02.27.exe
2020-04-29 09:02 - 2020-04-23 12:51 - 002637824 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\shortcut-module.exe
2020-04-29 09:02 - 2020-04-23 07:54 - 015780508 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\ultracopier-windows-x86_64-2.2.4.0-setup (1).exe
2020-04-29 09:02 - 2020-04-23 07:51 - 015780508 _____ C:\Users\3REM APUB3AMFUW 4REM\Desktop\ultracopier-windows-x86_64-2.2.4.0-setup.exe
2020-04-29 09:02 - 2020-04-21 09:45 - 003297152 _____ (Nicolas Coolman) C:\Users\3REM APUB3AMFUW 4REM\Desktop\ZHPCleaner (1).exe
2020-05-03 14:24 - 2020-05-03 14:24 - 000001106 _____ C:\Users\3REM APUB3AMFUW 4REM\Downloads\1-click-pc-care_full821-7.5.0.exe
2020-05-03 18:33 - 2020-05-03 18:33 - 004901376 _____ (Moo0) C:\Users\3REM APUB3AMFUW 4REM\Downloads\Moo0 SystemMonitor v1.83 Installer.exe




==================== SigCheck ============================




(There is no automatic fix for files that do not pass verification.)




C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION





ATTENTION: ==> Could not access BCD. -> Impossible d'ouvrir le magasin des donn�es de configuration de d�marrage.
Le client ne dispose pas d'un privil�ge n�cessaire.





==================== BCD ================================
Impossible d'ouvrir le magasin des donn�es de configuration de d�marrage.
Le client ne dispose pas d'un privil�ge n�cessaire.




==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-05-2020
Ran by 3REM APUB3AMFUW 4REM (04-05-2020 14:28:50)
Running from C:\Users\3REM APUB3AMFUW 4REM\Desktop
Windows Vista (TM) Ultimate Service Pack 2 (X64) (2020-04-28 22:31:15)
Boot Mode: Safe Mode (with Networking)
==========================================================





==================== Accounts: =============================




3REM APUB3AMFUW 4REM (S-1-5-21-4136713201-357479433-3490252857-1001 - Administrator - Enabled) => C:\Users\3REM APUB3AMFUW 4REM
Administrateur (S-1-5-21-4136713201-357479433-3490252857-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4136713201-357479433-3490252857-503 - Limited - Disabled)
Invité (S-1-5-21-4136713201-357479433-3490252857-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4136713201-357479433-3490252857-504 - Limited - Disabled)
_ashbackuppb_ (S-1-5-21-4136713201-357479433-3490252857-1003 - Administrator - Enabled) => C:\Users\_ashbackuppb_
_ashbackup_ (S-1-5-21-4136713201-357479433-3490252857-1004 - Administrator - Enabled) => C:\Users\_ashbackup_.DESKTOP-47BQ27M




==================== Security Center ========================




(If an entry is included in the fixlist, it will be removed.)




AV: Avira Antivirus (Disabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: COMODO Antivirus (Enabled - Up to date) {9E3E06E3-F8E0-3C44-2336-BBD8AF8F84B8}
AV: Ashampoo Anti-Virus (Enabled - Up to date) {5FD8BF8F-F242-6153-61B5-8FF333E8736B}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Ashampoo Anti-Virus (Enabled - Up to date) {E4B95E6B-D478-6EDD-5B05-B481486F39D6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Extreme Security Firewall (Enabled) {217C3BCF-3FBD-7C30-A427-2D11E16F3BEB}




==================== Installed Programs ======================




(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)




Acebyte Media Converter Suite 7 7.0.0.15 (HKLM-x32\...\Acebyte Media Converter Suite 7_is1) (Version: - Copyright (C) 2003-2016 Acebyte)
Acebyte Video Converter 7 Ultimate 7.0.0.15 (HKLM-x32\...\Acebyte Video Converter 7 Ultimate_is1) (Version: - Copyright (C) 2003-2016 Acebyte)
AdAwareInstaller (HKLM\...\{D88BC069-BFFF-4442-91EC-198EF2B764FE}) (Version: 11.15.1046.10613 - Lavasoft) Hidden
AdAwareProxyEngine (HKLM\...\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C}) (Version: 1.0.0.8 - Lavasoft) Hidden
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.83 - Hulubulu Software)
Advanced SystemCare Ultimate 11 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 11.0.1 - IObit)
AhnLab V3 Internet Security 8.0 (HKLM\...\{AF8267C6_8886_4cfd_AAC7_48BCB879743F}) (Version: 8.0.1.488 - AhnLab, Inc.)
AIDA64 Engineer v5.95 (HKLM-x32\...\AIDA64 Engineer_is1) (Version: 5.95 - FinalWire Ltd.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Air Command (HKLM-x32\...\{5493FC89-21E8-4D88-BCA1-4D33F1410968}) (Version: 1.0.38 - Samsung Electronics Co., Ltd.)
AKVIS MakeUp (HKLM\...\{8F830B99-D142-4EC5-B122-EA0D95101290}) (Version: 5.0.651.15806 - AKVIS)
Allavsoft 3.14.8.6417 (HKLM-x32\...\{6EBED4D8-13D9-4270-8D44-B57DDB7A787C}_is1) (Version: - Allavsoft Corporation)
Amazing GIF to Video Converter (1.4.0.0) (HKLM-x32\...\Amazing GIF to Video Converter_is1) (Version: 1.4.0.0 - Amazing Studio)
AMCap (HKLM-x32\...\AMCap) (Version: 9.22 - Noël Danjou)
Ant Renamer (HKLM-x32\...\Ant Renamer 2_is1) (Version: 2.12.0 - Ant Software)
Anti-Locky (HKLM-x32\...\Anti-Locky_is1) (Version: 1.1.0 - AxBx)
AntiRansomware 2018 (HKLM-x32\...\AbAppId-82_is1) (Version: 18.1 - Abelssoft)
AntispamEngine (HKLM\...\{2CAC4882-997E-4F61-8D5F-5E11E3FC7177}) (Version: 2.5.0.320 - Lavasoft) Hidden
Anvi AD Blocker 2.2 (HKLM-x32\...\Anvi AD Blocker) (Version: 2.2 - Anvisoft)
Anyzip (remove only) (HKLM-x32\...\Anyzip) (Version: - )
AOMEI OneKey Recovery 1.6 (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF553690FD}_is1) (Version: - AOMEI Technology Co., Ltd.)
A-PDF to Video (HKLM-x32\...\A-PDF to Video_is1) (Version: - A-PDF Solution)
Apple Application Support (32 bits) (HKLM-x32\...\{6CF0CAEE-54B6-4D84-A055-3AF110F189D3}) (Version: 8.4 - Apple Inc.)
ArcSoft Perfect365 (HKLM-x32\...\{5B5E949E-3924-45E3-9229-84E8270BED68}) (Version: 1.8.0.3 - ArcSoft, Inc.)
Ashampoo Anti-Virus (HKLM\...\{0A11EA01-5F52-C043-54D3-062D160066F1}_is1) (Version: 2020.1.0 - Ashampoo GmbH & Co. KG)
Ashampoo Backup 2016 (HKLM\...\{DF972766-57F8-6DCD-940E-885B7FB1CE43}_is1) (Version: 10.08 - Ashampoo GmbH & Co. KG)
Ashampoo Backup 2018 (HKLM\...\{DF972766-B496-3EA3-F7E5-919810CE21A5}_is1) (Version: 11.10 - Ashampoo GmbH & Co. KG)
Ashampoo Backup Pro 10 (HKLM\...\{FDAE1FAD-F9D8-4215-E9A3-24B2088C0FA7}_is1) (Version: 10.10 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 7 v.7.0.10 (HKLM-x32\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.10 - Ashampoo GmbH & Co. KG)
Astroburn Pro (HKLM\...\Astroburn Pro) (Version: 4.0.0.0233 - Disc Soft Ltd)
Avant Browser (remove only) (HKLM-x32\...\AvantBrowser) (Version: 12.5.0.0 - Avant Force)
Avira (HKLM-x32\...\{CAB70370-888E-4D62-B5D5-DA7982585C46}) (Version: 1.2.145.25926 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{e636e084-c7ab-4246-8ad2-aa1bb1cbedfd}) (Version: 1.2.145.25926 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2004.1828 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.32.2.34115 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.27.9291 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{6BAE2CD1-EFB3-48A0-9DC4-7720086B4B65}) (Version: 2.0.6.31130 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.4.1.10871 - Avira Operations GmbH & Co. KG)
BCUninstaller (HKLM\...\{f4fef76c-1aa9-441c-af7e-d27f58d898d1}_is1) (Version: 4.16.0.38993 - Marcin Szeniak)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Check Point SBA (HKLM\...\{AB3AFDA5-C5FD-4F09-854E-09A9B32D1583}) (Version: 86.6.511 - Check Point Software Technologies Ltd.) Hidden
COMODO Antivirus (HKLM\...\{E6B0FD8D-8799-441B-8734-B8A266C0C303}) (Version: 12.0.0.6818 - COMODO Security Solutions Inc.)
COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628}) (Version: 1.3.151.0 - COMODO) Hidden
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
CyberLink Application Manager (HKLM-x32\...\{D25D3E15-CABD-420c-B62C-70C1C5EE63FD}) (Version: 1.1.0905.0 - CyberLink Corp.)
EaseUS Todo PCTrans 9.10 (HKLM-x32\...\EaseUS Todo PCTrans_is1) (Version: - EaseUS)
Ext2Fsd 0.69 (HKLM\...\Ext2Fsd_is1) (Version: 0.69 - Matt Wu)
File Identifier (HKLM-x32\...\{C257E434-E8F1-4E06-A616-598E4933553E}_is1) (Version: 1.0.9 - Sharpened Productions)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
FirewallEngine (HKLM\...\{AAF4B2C1-2E27-46EF-9B9E-2B2130F056F3}) (Version: 2.0.0.20 - Lavasoft) Hidden
Folderico 4.0 RC12 (HKLM-x32\...\Folderico) (Version: 4.0 RC12 - Shedko ( www.softq.org ))
Foxit PhantomPDF (HKLM-x32\...\{3D05374C-C1DE-11E8-854C-000C296BF2A5}) (Version: 9.3.0.10826 - Foxit Software Inc.)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free Video Converter V 2.3 (HKLM-x32\...\Free Video Converter_is1) (Version: 2.3.0.0 - Kastor Soft)
GiliSoft Add Watermark to Video 7.1.0 (HKLM-x32\...\{8615b0f5-2d65-46f2-be89-80c88b99d52e}_is1) (Version: 7.1.0 - GiliSoft International LLC.)
GridinSoft Anti-Ransomware 0.9.4 (HKLM\...\{F008F551-A58D-4257-9FB6-2F750860A0DE}_is1) (Version: 0.9.4 - GridinSoft, LLC.)
iMazing 2.11.4.0 (HKLM\...\iMazing_is1) (Version: 2.11.4.0 - DigiDNA)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1052 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4599 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.3.1031 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.1.22 - Intel Corporation)
IObit Software Updater (HKLM-x32\...\IObit Software Updater_is1) (Version: 3.0.1.1398 - IObit)
iPhone Backup Extractor (HKLM-x32\...\{138BEAA1-EA90-4447-BCFE-84A525810DA0}) (Version: 7.7.20.2859 - Reincubate Ltd) Hidden
iPhone Backup Extractor (HKU\S-1-5-21-4136713201-357479433-3490252857-1001\...\iPhone Backup Extractor) (Version: 7.7.20.2859 - Reincubate Ltd)
Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation)
Kastor - All Video Downloader V 6.0.0 (HKLM-x32\...\{CB84FEF5-C573-4328-B9AF-B28568A4E10E}_is1) (Version: 6.0.0.0 - KastorSoft)
Kastor - Tube To Mp3 V 2.99 (HKLM-x32\...\{87C334CF-063A-4AEA-B523-1DE04014BA19}_is1) (Version: 2.99.95.0 - KastorSoft)
KeyFinder Plus 1.9 (HKLM-x32\...\KeyFinder Plus_is1) (Version: - Top Password Software, Inc.)
Le Petit Robert 2017 (HKLM-x32\...\PR1CD2017) (Version: - Le Robert)
macOS Transformation Pack (HKLM-x32\...\UX Pack) (Version: 5.0 - Windows X's Live)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.12 - Magical Jelly Bean)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Moo0 Couper la Vidéo 1.17 (HKLM-x32\...\Moo0 VideoCutter) (Version: - )
Moo0 Destructeur de Fichier 1.21 (HKLM-x32\...\Moo0 FileShredder) (Version: - )
Moo0 Enregistreur audio 1.49 (HKLM-x32\...\Moo0 VoiceRecorder) (Version: - )
Moo0 Info Video 1.10 (HKLM-x32\...\Moo0 VideoInfo) (Version: - )
Moo0 Moniteur Système 1.83 (HKLM-x32\...\Moo0 SystemMonitor) (Version: - )
Moo0 Visionneuse d'Image SP 1.80 (HKLM-x32\...\Moo0 ImageViewer) (Version: - )
Movavi Video Suite 18 (HKU\S-1-5-21-4136713201-357479433-3490252857-1001\...\Movavi Video Suite 18) (Version: 18.2.0 - Movavi)
Mp3tag v3.01 (HKLM-x32\...\Mp3tag) (Version: 3.01 - Florian Heidenreich)
muCommander (remove only) (HKLM-x32\...\muCommander) (Version: - )
MultiCommander (x64) (HKLM\...\MultiCommander x64) (Version: 7.0.0.2340 - Mathias Svensson)
NiceCopier (HKLM-x32\...\NiceCopier_is1) (Version: 15.02.27 - )
OnlineThreatsEngine (HKLM\...\{26F31E12-3722-45FD-903B-49012286BB4C}) (Version: 3.0.1.23 - Lavasoft) Hidden
PC Benchmark (HKLM\...\PC Benchmark) (Version: 1.1.0.2 - Corel Corporation)
PC Clean Maestro (HKLM-x32\...\PC Clean Maestro) (Version: 4.4.3.171 - CompuClever Systems Inc.)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
PortraitPro 19.7 Trial (HKLM\...\com.anthropics.portraitprotrial19_is1) (Version: 19.7 - Anthropics Technology Ltd.)
PortraitPro Body 3.5 Trial (HKLM\...\com.anthropics.portraitprobodystdtrial3_is1) (Version: 3.5 - Anthropics Technology Ltd)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 200317 - Kakao Corp.)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10454 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.448 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8261 - Realtek Semiconductor Corp.)
Reason Core Security (HKLM-x32\...\Reason Core Security) (Version: 1.2.0.1 - Reason Software Company Inc.)
Rebit Pro (64-bit) (HKLM\...\{5612203A-2B40-437D-9C98-A3C7652AD786}) (Version: 6.1.14979.3001 - Rebit, Inc.)
Recover Keys (HKLM-x32\...\Recover Keys_is1) (Version: 9.0.3.168 - Recover Keys)
Remo Recover 5.0 (HKLM\...\{A573D759-F894-448D-A420-3A9C31879F88}_is1) (Version: 5.0.0.42 - Remo Software)
Restore Point Creator version 7.1 (HKLM\...\{CC48DE1C-8EC2-43BC-9201-29701CD9AE13}_is1) (Version: 7.1 - )
RogueKillerPE version 2.0.3.0 (HKLM\...\BEC55C5D-D6D0-4A41-B82C-264EC5EE8052_is1) (Version: 2.0.3.0 - Adlice Software)
S Agent (HKLM\...\{0052BF58-5307-4F7D-A379-8F4EC9212FA8}) (Version: 1.1.58 - Samsung Electronics Co., Ltd.) Hidden
Samsung Recovery (HKLM\...\{D21EED26-59C0-4315-BDCC-D682496465E9}) (Version: 7.3.0 - Samsung Electronics Co., Ltd.)
Samsung System Agent (HKLM-x32\...\{CDB4F12C-2E9E-48CC-8591-663964C1BAE3}) (Version: 1.0.48 - Samsung Electronics Co., Ltd.) Hidden
Sandboxie 5.30 (64-bit) (HKLM\...\Sandboxie) (Version: 5.30 - Sandboxie Holdings, LLC)
Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia)
Show Window (HKLM-x32\...\{87A08690-781E-4A8E-8300-775A2EA02932}) (Version: 1.0.0.30 - Samsung Electronics Co., Ltd.)
simpliclean (HKLM-x32\...\simplitec POWER SUITE_is1) (Version: 2.6.0.89 - simplitec GmbH)
Slim Toolbar 1.4 (HKLM-x32\...\Slim Toolbar) (Version: 1.4 - Anvisoft)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Speed Install 2.0.2.1738 (HKLM-x32\...\Speed Install_is1) (Version: - Almeza Company)
Start Menu Reviver (HKLM-x32\...\Start Menu Reviver) (Version: 3.0.0.16 - ReviverSoft)
Sticky Previews (HKLM-x32\...\Sticky Previews) (Version: 1.8 - NTWind Software)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1244 - SUPERAntiSpyware.com)
Symlink helper version 1.0.1.0 (HKLM-x32\...\{09170A3C-022B-42DF-BD63-D5FDD326133F}_is1) (Version: 1.0.1.0 - Marcin Szeniak)
SysTools AD Console v1.0 (HKLM-x32\...\{D65FBA37-03B9-436A-803D-5FCD6698A0F7}_is1) (Version: - SysTools Software Pvt. Ltd.)
SysTools CDR Recovery v3.0 (HKLM-x32\...\{570435A3-5A61-4D2B-8B0F-D7E86F51FD28}_is1) (Version: 3.0 - SysTools Software)
SysTools Excel Recovery v4.0 (HKLM-x32\...\{2750D8A3-B747-449A-8740-BA5B195C9080}}_is1) (Version: - SysTools Software Pvt. Ltd.)
SysTools Open Office Writer Recovery (HKLM-x32\...\{24CC83CD-741C-4A4A-989E-C6F81FA84110}_is1) (Version: - SysTools Software Pvt. Ltd.)
ToolbarTerminator (HKLM-x32\...\{3A279122-A3ED-485A-86A0-0FAC674FE519}_is1) (Version: 4.2 - Abelssoft)
trolCommander (remove only) (HKLM-x32\...\trolCommander) (Version: - )
Turbo View & Convert (HKLM-x32\...\{55B464FA-16DE-4127-A7B8-D49CD2768E63}_is1) (Version: 2.0.0 - IMSI/Design, LLC)
TweakBit PCRepairKit (HKLM-x32\...\{5AEA8CFE-B238-4D0A-9362-D55F38ECB795}_is1) (Version: 1.8.4.19 - Tweakbit Pty Ltd)
Ultracopier 2.2.4.0 (HKLM-x32\...\Ultracopier) (Version: 2.2.4.0 - Ultracopier)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
USB Disk Storage Format Tool 5.3 (HKLM\...\USB Disk Storage Format Tool_is1) (Version: - Authorsoft Corporation)
UTILILAB NitroBROWSER (HKU\S-1-5-21-4136713201-357479433-3490252857-1001\...\NitroBROWSER) (Version: 1.2.11.1903 - UTILILAB NitroBROWSER)
UVK - Ultra Virus Killer (HKLM\...\UVK - Ultra virus killer) (Version: 10.8.2.0 - Carifred)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
Windows 10 Codec Pack 2.0.8 (HKLM-x32\...\Windows 10 - Codec Pack) (Version: 2.0.8 - Windows 10 Codec Pack)
Winja version 3.0.3 (HKLM-x32\...\Winja_is1) (Version: 3.0.3 - Phrozen SAS)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
WinSnap (HKLM-x32\...\WinSnap) (Version: 4.5.9 - NTWind Software)
WinZip Self-Extractor (HKLM-x32\...\{E3B8562D-C9D5-4D90-A2DF-1C66C1FDB932}) (Version: 4.0.12218.0 - WinZip Computing, S.L.)
WlSarService (HKLM\...\{C0C78593-1CF0-4CD8-A80C-191FE561F5A5}) (Version: 1.0.0.7 - Samsung Electronics Co., Ltd.) Hidden
Xilisoft Convertisseur Vidéo Ultimate (HKLM-x32\...\Xilisoft Convertisseur Vidéo Ultimate) (Version: 7.8.23.20180925 - Xilisoft)
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.001.1283 - Check Point Software) Hidden
ZoneAlarm Extreme Security (HKLM-x32\...\ZoneAlarm Extreme Security) (Version: 15.8.038.18284 - Check Point)
ZoneAlarm Firewall (HKLM-x32\...\{2F77A309-CAB9-4C8A-8ED0-8C8DA3FF0744}) (Version: 15.8.038.18284 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (HKLM-x32\...\{DA17D180-7193-4070-B085-9827DB80C2F8}) (Version: 15.8.038.18284 - Check Point Software Technologies Ltd.) Hidden




Packages:
=========
Book Paramètres -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.GalaxySetting_1.0.60.0_x64__wyx1vj98g3asy [2020-04-29] (Samsung Electronics Co, Ltd.)
Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-04-29] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-29] (Microsoft Corporation) [MS Ad]
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-29] (Microsoft Corporation) [MS Ad]
Samsung Flow -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.5.17.0_x64__wyx1vj98g3asy [2020-04-29] (Samsung Electronics Co, Ltd.)
Samsung Notes -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungNotes_3.10.342.0_x64__wyx1vj98g3asy [2020-04-29] (Samsung Electronics Co, Ltd.)




==================== Custom CLSID (Whitelisted): ==============




(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)




CustomCLSID: HKU\S-1-5-21-4136713201-357479433-3490252857-1001_Classes\CLSID\{68D44A27-FFB6-4B89-A3E5-7B0E50A7AB33}\InprocServer32 -> C:\Program Files\Ultracopier\PluginLoader\catchcopy-v0002\catchcopy32.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-4136713201-357479433-3490252857-1001_Classes\CLSID\{68FF37C4-51BC-4C2A-A992-7E39BC0E706F}\InprocServer32 -> C:\Program Files\Ultracopier\PluginLoader\catchcopy-v0002\catchcopy64.dll () [File not signed]
ContextMenuHandlers1: [$PowerDVD20] -> {0C8565E4-F4B9-4D3D-87C0-C4B2E367B2C0} => C:\ProgramData\CyberLink\PowerDVD20\OpenWith\PDVD_Shell64.dll [2020-03-19] (CyberLink Corp. -> CyberLink Corp.)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => D:\Applications installées\Advanced\ASCExtMenu_64.dll [2017-11-06] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-05-04] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1-x32: [AnyZip] -> {B008F698-A489-4A61-989C-3DE5ECD65A6E} => C:\Program Files (x86)\AnyZip\azext.dll [2006-03-26] (TurboSoft, Inc.) [File not signed]
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => -> No File
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Users\3REM APUB3AMFUW 4REM\Desktop\LFS Hyper-Anti-JJAD-UEFM Suite Edition Anti-TFM 600\alternatives 2_3rem_widen21_managemyb7w4uefmumtwiden5&21_cmu-z_gegeek\mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => -> No File
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => D:\Applications installées\Advanced\ASCExtMenu_64.dll [2017-11-06] (IObit Information Technology -> IObit)
ContextMenuHandlers2-x32: [AnyZip] -> {B008F698-A489-4A61-989C-3DE5ECD65A6E} => C:\Program Files (x86)\AnyZip\azext.dll [2006-03-26] (TurboSoft, Inc.) [File not signed]
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => -> No File
ContextMenuHandlers2-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Ashampoo\Ashampoo Anti-Virus\A2CONTMENU.DLL [2020-04-07] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers2: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Ashampoo\Ashampoo Anti-Virus\A2CONTMENU64.DLL [2020-04-07] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Users\3REM APUB3AMFUW 4REM\Desktop\LFS Hyper-Anti-JJAD-UEFM Suite Edition Anti-TFM 600\alternatives 2_3rem_widen21_managemyb7w4uefmumtwiden5&21_cmu-z_gegeek\mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [File not signed]
ContextMenuHandlers3: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => -> No File
ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Ashampoo\Ashampoo Anti-Virus\A2CONTMENU.DLL [2020-04-07] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Ashampoo\Ashampoo Anti-Virus\A2CONTMENU64.DLL [2020-04-07] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Applications installées\Malwarebytes\mbshlext.dll [2017-05-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => D:\Applications installées\Advanced\ASCExtMenu_64.dll [2017-11-06] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-05-04] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4-x32: [AnyZip] -> {B008F698-A489-4A61-989C-3DE5ECD65A6E} => C:\Program Files (x86)\AnyZip\azext.dll [2006-03-26] (TurboSoft, Inc.) [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Users\3REM APUB3AMFUW 4REM\Desktop\LFS Hyper-Anti-JJAD-UEFM Suite Edition Anti-TFM 600\alternatives 2_3rem_widen21_managemyb7w4uefmumtwiden5&21_cmu-z_gegeek\mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\System32\DriverStore\FileRepository\ki120832.inf_amd64_2ded2fe16badb11a\igfxDTCM.dll [2017-02-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6-x32: [AnyZip] -> {B008F698-A489-4A61-989C-3DE5ECD65A6E} => C:\Program Files (x86)\AnyZip\azext.dll [2006-03-26] (TurboSoft, Inc.) [File not signed]
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => -> No File
ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Ashampoo\Ashampoo Anti-Virus\A2CONTMENU.DLL [2020-04-07] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Ashampoo\Ashampoo Anti-Virus\A2CONTMENU64.DLL [2020-04-07] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Applications installées\Malwarebytes\mbshlext.dll [2017-05-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\Program Files (x86)\UX Pack\OldNewExplorer\OldNewExplorer64.dll [2015-09-13] (www.startisback.com) [File not signed]




==================== Codecs (Whitelisted) ====================




(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)




HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [249536 2016-09-21] (Cole Williams Software Limited -> )
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3635904 2016-10-03] (Cole Williams Software Limited -> x264vfw project)
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [230080 2016-09-21] (Cole Williams Software Limited -> )
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]




==================== Shortcuts & WMI ========================




==================== Loaded Modules (Whitelisted) =============




2020-05-04 09:10 - 2015-09-13 22:02 - 000253440 _____ (www.startisback.com) [File not signed] C:\Program Files (x86)\UX Pack\OldNewExplorer\OldNewExplorer32.dll
2020-05-04 09:10 - 2015-09-13 22:02 - 000258560 _____ (www.startisback.com) [File not signed] C:\Program Files (x86)\UX Pack\OldNewExplorer\OldNewExplorer64.dll




==================== Alternate Data Streams (Whitelisted) ========

 

[BoucherDeFrance3]

==================== Safe Mode (Whitelisted) ==================




(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)




HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amdrv.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LavasoftAdAwareService11 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UnsignedThemes => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amdrv.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ASCAntivirusSrv => "@"="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LavasoftAdAwareService11 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UnsignedThemes => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"




==================== Association (Whitelisted) =================




(If an entry is included in the fixlist, the registry item will be restored to default or removed.)




HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <==== ATTENTION




==================== Internet Explorer trusted/restricted ==========




==================== Hosts content: =========================




(If needed Hosts: directive could be included in the fixlist to reset Hosts.)




2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts




==================== Other Areas ===========================




(Currently there is no automatic fix for this section.)




HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\DefaultUser\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4136713201-357479433-3490252857-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Yosemite\mojave_dynamic_7.jpg
HKU\S-1-5-21-4136713201-357479433-3490252857-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4136713201-357479433-3490252857-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.




==================== MSCONFIG/TASK MANAGER disabled items ==




==================== FirewallRules (Whitelisted) ================




(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)




FirewallRules: [{DDF6792C-3BC4-4AC0-8BB4-1BD7F4CB2557}] => (Allow) C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemAgent.exe (SAMSUNG ELECTRONICS CO,.LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{3F9E4144-0DC6-4C54-8031-E8B2338D3199}] => (Allow) LPort=31300
FirewallRules: [{D5294F99-597B-44C6-BB77-D36D46AEA374}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.5.17.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> )
FirewallRules: [{11C0B177-E6E6-46EC-BCDB-1353FF14B352}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.5.17.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> )
FirewallRules: [{4225A2BE-60C8-4D45-8501-BE411928F074}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.5.17.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> )
FirewallRules: [{018D8581-497A-4430-9A16-CD1BB19B388A}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.5.17.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (SAMSUNG ELECTRONICS CO,.LTD. -> )
FirewallRules: [{81E795B6-5136-4AB7-A7EE-9207558F4DB3}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{C214931E-01B4-4588-8290-7C5A4C6F6578}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{63905DB5-D877-4F3F-9918-E9C78C8CACC0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5E0E9F13-4A20-4243-B3D0-92ACF7BBD6E5}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{DCD25222-57C2-49C3-AB70-80F546693BBB}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{612B88DD-6B7B-44BE-9067-B6D8CCCA8D6B}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{2CC637BF-708D-4292-A336-568F1EEB37FD}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{6DF8788E-D672-4D85-A0AA-A2A68E56AFDD}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{039719FD-5612-4A5A-B34E-18F069059F01}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{9169A7D1-7926-4C20-84B6-7658A74ED16F}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{9C8C6117-F62F-4D88-83AB-1F3C146BFDF6}] => (Allow) LPort=31300
FirewallRules: [{6710CFA2-82F4-4AFB-AB86-239218C9E067}] => (Allow) C:\Users\3REM APUB3AMFUW 4REM\Documents\Speed Install\speedinstall.exe (Almeza Company) [File not signed]
FirewallRules: [{405CA1A8-F47B-4E94-B0B1-8BDFE286CAF1}] => (Allow) C:\Users\3REM APUB3AMFUW 4REM\Documents\Speed Install\speedinstall.exe (Almeza Company) [File not signed]
FirewallRules: [{5E19E9F3-772E-4A69-8F26-D1BC4D1E2EC6}] => (Allow) D:\Applications installées\Advanced\Surfing Protection\FFNativeMessage.exe No File
FirewallRules: [{7FC0E160-2619-4BD6-976E-E1D13829294F}] => (Allow) D:\Applications installées\Advanced\Surfing Protection\FFNativeMessage.exe No File
FirewallRules: [{A2E4E4BC-CD64-4DF8-AB80-874EA6120954}] => (Allow) D:\Applications installées\Advanced\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{7571F339-73E7-458B-A4F7-703D5199F4D5}] => (Allow) D:\Applications installées\Advanced\AutoUpdate.exe (IObit Information Technology -> IObit)




==================== Restore Points =========================





==================== Faulty Device Manager Devices ============




Name: Qualcomm Atheros QCA61x4A Wireless Network Adapter
Description: Qualcomm Atheros QCA61x4A Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: Qcamain10x64
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.




Name: Dispositif de stockage de masse USB
Description: Dispositif de stockage de masse USB
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Dispositif de stockage USB compatible
Service: USBSTOR
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.




Name: Samsung System Agent Device
Description: Samsung System Agent Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Samsung Electronics Co., Ltd.
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver




Name: Samsung OSD Device
Description: Samsung OSD Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Samsung Electronics Co., Ltd.
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver





==================== Event log errors: ========================




Application errors:
==================
Error: (05/04/2020 02:11:56 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\PCTShellExMenu64.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\Microsoft.VC90.ATL.MANIFEST » à la ligne 4.
L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.
La référence est Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
La définition est Microsoft.VC90.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1".
Utilisez sxstrace.exe pour un diagnostic détaillé.




Error: (05/04/2020 02:10:56 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = \\?\I:\efm hors lfs hyper-applications-réparation internet\kc_rename.UltraAdwareKiller64.exe hors lfs hyper-applications-réparation internet\kc_rename.UltraAdwareKiller64.exe" ; Description = Ultra Adware Killer adware removal ; Erreur = 0x8007043c).




Error: (05/04/2020 01:58:51 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: La création du contexte d’activation a échoué pour « I:\efm hors lfs hyper-applications-réparation internet\rkill.exe ». Erreur dans le fichier de manifeste ou de stratégie « I:\efm hors lfs hyper-applications-réparation internet\rkill.exe » à la ligne 0.
Syntaxe XML non valide.




Error: (05/04/2020 10:21:17 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\Windows\system32\msiexec.exe /V ; Description = Installé AKVIS MakeUp. ; Erreur = 0x8007043c).




Error: (05/04/2020 10:21:16 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\Windows\system32\msiexec.exe /V ; Description = Installed AKVIS MakeUp. ; Erreur = 0x8007043c).




Error: (05/04/2020 09:58:27 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\Windows\system32\msiexec.exe /V ; Description = Adblock Plus for IE (32-bit and 64-bit) installé ; Erreur = 0x8007043c).




Error: (05/04/2020 09:58:27 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\Windows\system32\msiexec.exe /V ; Description = Installed Adblock Plus for IE (32-bit and 64-bit) ; Erreur = 0x8007043c).




Error: (05/04/2020 09:23:20 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: La création du contexte d’activation a échoué pour « I:\efm hors lfs hyper-applications-réparation internet\rkill.exe ». Erreur dans le fichier de manifeste ou de stratégie « I:\efm hors lfs hyper-applications-réparation internet\rkill.exe » à la ligne 0.
Syntaxe XML non valide.





System errors:
=============
Error: (05/04/2020 02:31:24 PM) (Source: DCOM) (EventID: 10005) (User: AUTORITE NT)
Description: DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service EventSystem avec les arguments « Non disponible » pour exécuter le serveur :
{1BE1F766-5536-11D1-B726-00C04FB926AF}




Error: (05/04/2020 02:28:46 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-47BQ27M)
Description: DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service ShellHWDetection avec les arguments « Non disponible » pour exécuter le serveur :
{DD522ACC-F821-461A-A407-50B198B896DC}




Error: (05/04/2020 02:23:38 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-47BQ27M)
Description: DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service ShellHWDetection avec les arguments « Non disponible » pour exécuter le serveur :
{DD522ACC-F821-461A-A407-50B198B896DC}




Error: (05/04/2020 02:17:27 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-47BQ27M)
Description: DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service ShellHWDetection avec les arguments « Non disponible » pour exécuter le serveur :
{DD522ACC-F821-461A-A407-50B198B896DC}




Error: (05/04/2020 02:16:25 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-47BQ27M)
Description: DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service WSearch avec les arguments « Non disponible » pour exécuter le serveur :
{9E175B6D-F52A-11D8-B9A5-505054503030}




Error: (05/04/2020 02:16:25 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-47BQ27M)
Description: DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service ShellHWDetection avec les arguments « Non disponible » pour exécuter le serveur :
{DD522ACC-F821-461A-A407-50B198B896DC}




Error: (05/04/2020 02:15:46 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-47BQ27M)
Description: DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service ShellHWDetection avec les arguments « Non disponible » pour exécuter le serveur :
{DD522ACC-F821-461A-A407-50B198B896DC}




Error: (05/04/2020 02:15:45 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-47BQ27M)
Description: DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service VSS avec les arguments « Non disponible » pour exécuter le serveur :
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}





Windows Defender:
===================================
Date: 2020-05-01 22:45:32.550
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {1A35147F-6B44-4DA9-837A-F1FCD3802032}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système




Date: 2020-05-01 22:25:12.262
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {F315541C-50FB-4785-A4F0-CF315113C40A}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système




Date: 2020-05-01 21:58:33.037
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {6570C07F-468A-4D65-9BDB-1F6012715B66}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système




Date: 2020-05-01 20:21:46.545
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {301364A7-ADD8-46F1-A45E-8215B99B2F54}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système




Date: 2020-05-01 20:15:00.903
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {8B1BF586-8121-40F9-89E9-60802FE002A3}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système




Date: 2020-05-02 18:52:53.382
Description:
La fonctionnalité de protection en temps réel Antivirus Windows Defender a rencontré une erreur et échoué.
Fonctionnalité : Analyse du comportement
Code d’erreur : 0x80501002
Description de l’erreur : Le programme ne trouve pas les fichiers de définition qui permettent de détecter les logiciels non désirés. Recherchez des mises à jour de fichiers de définition, puis recommencez. Pour plus d’informations sur l’installation des mises à jour, voir Aide et support.
Raison : La protection contre les logiciels malveillants a cessé de fonctionner pour une raison inconnue. Dans certains cas, le redémarrage du service peut résoudre le problème.




Date: 2020-05-02 18:52:53.382
Description:
La fonctionnalité de protection en temps réel Antivirus Windows Defender a rencontré une erreur et échoué.
Fonctionnalité : Sur accès
Code d’erreur : 0x80501002
Description de l’erreur : Le programme ne trouve pas les fichiers de définition qui permettent de détecter les logiciels non désirés. Recherchez des mises à jour de fichiers de définition, puis recommencez. Pour plus d’informations sur l’installation des mises à jour, voir Aide et support.
Raison : La protection contre les logiciels malveillants a cessé de fonctionner pour une raison inconnue. Dans certains cas, le redémarrage du service peut résoudre le problème.




Date: 2020-05-02 18:29:24.593
Description:
La fonctionnalité de protection en temps réel Antivirus Windows Defender a rencontré une erreur et échoué.
Fonctionnalité : Analyse du comportement
Code d’erreur : 0x80508023
Description de l’erreur : Le programme n’a pas pu trouver de programmes malveillants ni d’autres logiciels potentiellement indésirables sur cet appareil.
Raison : La protection en temps réel a cessé de fonctionner pour une raison inconnue. Redémarrez le service pour effectuer la récupération.




Date: 2020-05-02 18:29:15.692
Description:
La fonctionnalité de protection en temps réel Antivirus Windows Defender a rencontré une erreur et échoué.
Fonctionnalité : Analyse du comportement
Code d’erreur : 0x80508023
Description de l’erreur : Le programme n’a pas pu trouver de programmes malveillants ni d’autres logiciels potentiellement indésirables sur cet appareil.
Raison : La protection contre les logiciels malveillants a cessé de fonctionner pour une raison inconnue. Dans certains cas, le redémarrage du service peut résoudre le problème.




Date: 2020-04-29 08:11:01.539
Description:
La fonctionnalité de protection en temps réel Antivirus Windows Defender a rencontré une erreur et échoué.
Fonctionnalité : Analyse du comportement
Code d’erreur : 0x80501002
Description de l’erreur : Le programme ne trouve pas les fichiers de définition qui permettent de détecter les logiciels non désirés. Recherchez des mises à jour de fichiers de définition, puis recommencez. Pour plus d’informations sur l’installation des mises à jour, voir Aide et support.
Raison : La protection contre les logiciels malveillants a cessé de fonctionner pour une raison inconnue. Dans certains cas, le redémarrage du service peut résoudre le problème.




CodeIntegrity:
===================================




Date: 2020-05-04 14:12:15.001
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Store signing level requirements.




Date: 2020-05-04 08:48:20.598
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.




Date: 2020-05-04 08:48:19.550
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.




Date: 2020-05-04 08:25:25.617
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.




Date: 2020-05-04 08:25:23.954
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.




Date: 2020-05-04 08:25:23.891
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.




Date: 2020-05-04 08:25:19.328
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.




Date: 2020-05-04 08:22:51.029
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.




==================== Memory info ===========================




BIOS: American Megatrends Inc. P04HAC.000.180220.WY.1219 02/20/2018
Motherboard: SAMSUNG ELECTRONICS CO., LTD. SM-W720NZKBXEF
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 85%
Total physical RAM: 3997.93 MB
Available physical RAM: 581.81 MB
Total Virtual: 10179.97 MB
Available Virtual: 5766.09 MB




==================== Drives ================================




Drive c: () (Fixed) (Total:63.21 GB) (Free:14.06 GB) NTFS
Drive d: (widen 5) (Fixed) (Total:44.49 GB) (Free:0.91 GB) NTFS
Drive g: (FTV 96 ELEVATORS 22CASSIGN) (Fixed) (Total:19 GB) (Free:1.72 GB) NTFS
Drive i: (VERBATIM HD) (Fixed) (Total:7369.87 GB) (Free:1910.87 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive j: (FUTURE WDET) (Fixed) (Total:63.04 GB) (Free:5.04 GB) exFAT




\\?\Volume{caffc4e1-fe7e-45cf-9906-e57d9f83cd55}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{ce29ef87-8ee2-4624-a514-2a4806d3b314}\ (SAMSUNG_REC2) (Fixed) (Total:10.31 GB) (Free:1.25 GB) NTFS
\\?\Volume{d48a4231-6c35-4220-4173-636c65706975}\ (SAMSUNG_REC) (Fixed) (Total:1 GB) (Free:0.16 GB) FAT32




==================== MBR & Partition Table ====================




==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 26EA9241)




Partition: GPT.




==========================================================
Disk: 2 (Size: 7452 GB) (Disk ID: C8AA1957)




Partition: GPT.




==================== End of Addition.txt =======================




theAcer R1 Series screen with bug is on the other pc (pc 2 mentionned at beggining of this topic)

future wdet is the volume of 64 GB SD with bugs




thanks...

 

[DR.M]

Hi.

I will give you assistance for the computer with the logs you posted. If you have another infected computer, please open a new thread, providing the logs for it in the new thread.

As for this computer, it is really in a mess.

First of all, your operating system is Windows Vista. Microsoft stopped providing security updates since April 11th 2017! It is important always to keep current with the latest security fixes from Microsoft. This can patch many of the security holes through which attackers can infect your computer. I strongly recommend not to use this computer for making banking transactions or giving sensitive personal data. I will help you to clean it, but have in mind that the operating system is extremely vulnerable right now.

Further more, you have so many antivirus/antimalware/virus removal software in it!

Avira Antivirus
COMODO Antivirus
Ashampoo Anti-Virus
Windows Defender
ZoneAlarm Extreme Security Firewall
AdAwareInstaller
AntiRansomware
AntispamEngine
UVK - Ultra Virus Killer

Have in mind that installing more than one of those programs may conflict with each other and cause the following:

• False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
• Conflicts: Your system may lock up due to both products attempting to access the same file at the same time.
• Performance: More that one antivirus will cause your PC to become slow and it may even crash or blue screen.
• Less protection: Two antivirus trying to scan the same file may interfere with the process and allow a malicious file onto the computer without notice to you.

I recommend you to uninstall all the above programs except Avira and Windows Defender. In case you paid for an antivirus software, keep the paid one product and uninstall Avira (if it's the free version).

Also uninstall this:

TweakBit PCRepairKit

For uninstalling programs in Vista:
Choose Start→Control Panel→Uninstall a Program.
Click each program, one by one, and then click the Uninstall/Change button.
Click the Close button.
Restart.

After uninstalling the above, please come with fresh FRST logs.

• Double-click on the FRST icon to run it, as you did before. When the tool opens click Yes to disclaimer.
• Press Scan button and wait for a while.
• The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
• Please copy and paste the content of these two logs in your next reply.

 

[BoucherDeFrance3]

i uninstalled and reinstalled comodo, because keep comodo because bugs/malwares on virtual desktops, more details here:
bugs & malwares installed on all my comodo virtual desktops: the containment & the secure shopping, which makes impossibility to make online shopping

bugs & malwares in the infected virtual desktop of containment (comodo sandbox)--:
-reimage
-yara editor trial
-diffview trial
-techtoolstore->privazer
-tuneup360
-audio/video to exe
-registry first aid
-smart privacy cleaner
-if/when i try again to reinstall the virtual desktop of comodo sandbox: impossible->error of installation of microsoft siverlight

and the bugs & infections installed in the virtual desktop of comodo secure shopping:
-pchelpsoft pc cleaner
-spyhunter
-radiorage en page d'accueil
-systools pdf bates numberer
-wondershare 1-click pc care

no bootables devices in uefi of that pc recognized, more details below:

the uefi boot devices selection when i press F10 displays that:
USB devices plugged on that galaxy book 12 when I press f10 I discovered something ugly: I did try everything and there is no way to boot from an USB device.

By pressing F10 I can select the Boot order, I get the following screen

Select Boot Device:
- Windows Boot Manager
- Enter Samsung Recovery
- Enter Microsoft Recovery
- Enter Setup (brings you to the BIOS, you can do the same by pressing F2)
- Enter QR Mode

There is no Boot from USB option, I disabled "Secure Boot Control" and "Fast BIOS Mode" but nothing changed. I did try using either MBR or GPT on Rufus for the USB Drive partition scheme.

i used the uninstallation of ashampoo antivirus, zonealarm, adaware & avira
the frst logs comes in next reply

 

[BoucherDeFrance3]

and i have one glitch on my frst logs in win10:
it's displays vista

the pc is not vista is win10

 

[BoucherDeFrance3]

now fresh frst logs

 

[DR.M]

Hi.

I'm reviewing your logs. It will take some time, so be patient.

Please, don't install or uninstall anything, unless I tell you.

 

[DR.M]

Hi.

1. Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

• Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.

Start::
CreateRestorePoint:
CloseProcesses:
OnlineThreatsEngine (HKLM\...\{26F31E12-3722-45FD-903B-49012286BB4C}) (Version: 3.0.1.23 - Lavasoft) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{2F77A309-CAB9-4C8A-8ED0-8C8DA3FF0744}) (Version: 15.8.038.18284 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (HKLM-x32\...\{DA17D180-7193-4070-B085-9827DB80C2F8}) (Version: 15.8.038.18284 - Check Point Software Technologies Ltd.) Hidden
AV: Ashampoo Anti-Virus (Disabled - Up to date) {5FD8BF8F-F242-6153-61B5-8FF333E8736B}
AS: Ashampoo Anti-Virus (Disabled - Up to date) {E4B95E6B-D478-6EDD-5B05-B481486F39D6}
HKU\S-1-5-21-4136713201-357479433-3490252857-1001\...\Run: [TweakBit\PCRepairKit\Start PCRepairKit оn logon] => "C:\Program Files (x86)\TweakBit\PCRepairKit\PCRepairKit.exe" /UseTray
SubSystems: [Windows] => "%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16" <==== ATTENTION
EmptyTemp:
End::

• Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
• Press the Fix button once and wait.
• FRST will process fixlist.txt
• When finished, it will produce a log fixlog.txt on your Desktop.
• Please post the log in your next reply.

2. Uninstall programs

• Press the Windows key together with the R key on the keyboard at the same time, to open the Control Panel.
• Type appwiz.cpl in the window open and click OK.
• In the list of programs look for the programs listed below, right-click the entry and click Uninstall.
  

  OnlineThreatsEngine
  ZoneAlarm Firewall
  ZoneAlarm Security
  GridinSoft Anti-Ransomware 0.9.4
  Smart Privacy Cleaner v3.0
  SUPERAntiSpyware
  Wise Disk Cleaner 10.2.8
  AdAwareInstaller
  Avira

  • If any of the programs do not appear in the Control Panel list, just go further.
  • If you get any warnings that the program is already removed, accept uninstalling it from Program and Features.
• Restart the computer.

3. Run Malwarebytes

• Download the latest version of Malwarebytes and save it to your Desktop.
• Once downloaded, close all programs and Windows on your computer.
• Double-click on the icon on your desktop named MBSetup.exe. This will start the installation of MBAM onto your computer.
• Follow the instructions to install the program.
• When finished, double click the program's icon created on your Desktop.
• Click the little gear on the top right (Settings) and when it opens, click the Security tab and make sure about the following:

Under the title Scan Options, all the options are checked.
Under the title Windows Security Center (Premium only) is unchecked.
Under the title Potentially unwanted items are set to Always.

• Click on the little gear to return to the main menu and select Scan. The program will start scanning your computer. This may take about 10 minutes, but in some cases it may be take longer.
• When finished, you will see the Thread Scan Summary window open.
• If threads are not found, click View Report and proceed to the two last steps below.
• If threats are found, make sure that all threats are not selected, close the program and proceed to the next steps below.
• Open Malwarebytes again, click on the Scanner, and then on the Reports tab.
• Find the report with the most recent date and double click on it.
• Click on Export and then Copy to Clipboard.
• Paste its content here, in your next reply.

4. Run AdwCleaner

Download AdwCleaner and save it to your desktop.

• Double click AdwCleaner.exe to run it.
• Click Scan Now.
  • When the scan has finished, a Scan Results window will open.
  • Click Cancel (at this point do not attempt to Quarantine anything that is found)
• Now click the Log Filestab.
  • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number. The latest scan will have the largest number)
  • A Notepad file will open containing the results of the scan.
  • Please post the contents of the file in your next reply.

In your next reply, please make sure to post:

1. The Fixlog.txt content
2. The MBAM report
3. AdwCleaner[S0*].txt

 

[BoucherDeFrance3]

bugs & malwares installed on all my comodo virtual desktops: the containment & the secure shopping, which makes impossibility to make online shopping

bugs & malwares & apps in the infected virtual desktop of containment (comodo sandbox)--:
-reimage
-yara editor trial
-diffview trial
-techtoolstore->privazer
-tuneup360
-audio/video to exe
-televisionfanatic
-registry first aid
-smart privacy cleaner
-if/when i try again to reinstall the virtual desktop of comodo sandbox: impossible->error of installation of microsoft siverlight

and the bugs & apps & infections installed in the virtual desktop of comodo secure shopping:
-pchelpsoft pc cleaner
-spyhunter
-radiorage in homepage
-emailfanatic
-gegeek tech toolkit
-cyberlink powerdvd 20
-systools pdf bates numberer
-wondershare 1-click pc care

no bootables devices in uefi of that pc recognized, more details below:

the uefi boot devices selection when i press F10 displays that:
USB devices plugged on that galaxy book 12 when I press f10 I discovered something ugly: I did try everything and ​

there is no way to boot from an USB device.​

By pressing F10 I can select the Boot order, I get the following screen

​

Select Boot Device:​

- Windows Boot Manager
- Enter ​

Samsung​

Recovery
- Enter Microsoft Recovery
- Enter Setup (brings you to the BIOS, you can do the same by pressing F2)
- Enter QR Mode

There is no Boot from USB option, I disabled "Secure Boot Control" and "Fast BIOS Mode" but nothing changed. I did try using either MBR or GPT on Rufus for the USB Drive partition scheme.
​

but for bugs, malwares & issues on my android, please refer to my first message of this topic & in the topic title
for the acer r1 series monitor & others pc/computers please refer to https://forums.techguy.org/threads/pc-2-acer-r1-series-monitor-problem.1244332/
for the other hardware: the 64 GB Card please refer in actual topic because 64 Gb sdxc are plugged on galaxy book pc:

the 64 GB sd infected it's impossible to take with sony cybershot camera my important video the october10Th:
"database error"
​

i tried to uninstall superantispyware & install malwarebytes & launch mbamclean in safe mode & normal mode , the issues persists,
result: no MBAM
but infected 8TB Hard Disk (store'n'go 7,19 Tb partition)