Script ZHPFix
EmptyFlash
EmptyTemp
EmptyCLSID
EmptyPrefetch
CreateRestorePoint
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7}
HKLM\Software\Wow6432Node\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7}
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glary Utilities
HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\Glary Utilities
C:\Users\pwiss\AppData\Local\Google\Chrome\User Data\Default\File System\000
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\pwiss\AppData\Roaming\Memeo\AutoBackup\temp\8001_me_ib_en-US_setup.exe.FriendlyAppName
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\pwiss\AppData\Roaming\Memeo\AutoBackup\temp\8001_me_ib_en-US_setup.exe.ApplicationCompany
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\pwiss\AppData\Local\Temp\~nsu.tmp\Au_.exe.FriendlyAppName
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\pwiss\AppData\Local\Temp\~nsu.tmp\Au_.exe.ApplicationCompany
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\pwiss\AppData\Local\Temp\autoupdate{66efbb0c-165b-476c-b7a4-de7af34cdc7f}\AutoUpdate.exe.FriendlyAppName
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\pwiss\AppData\Local\Temp\~nsuA.tmp\Au_.exe.FriendlyAppName
[HKU\S-1-5-21-3819167023-2253776317-1136116018-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\pwiss\AppData\Roaming\Memeo\AutoBackup\temp\8001_me_ib_en-US_setup.exe.FriendlyAppName
[HKU\S-1-5-21-3819167023-2253776317-1136116018-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\pwiss\AppData\Roaming\Memeo\AutoBackup\temp\8001_me_ib_en-US_setup.exe.ApplicationCompany
[HKU\S-1-5-21-3819167023-2253776317-1136116018-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\pwiss\AppData\Local\Temp\~nsu.tmp\Au_.exe.FriendlyAppName
[HKU\S-1-5-21-3819167023-2253776317-1136116018-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\pwiss\AppData\Local\Temp\~nsu.tmp\Au_.exe.ApplicationCompany
[HKU\S-1-5-21-3819167023-2253776317-1136116018-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\pwiss\AppData\Local\Temp\autoupdate{66efbb0c-165b-476c-b7a4-de7af34cdc7f}\AutoUpdate.exe.FriendlyAppName
[HKU\S-1-5-21-3819167023-2253776317-1136116018-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\pwiss\AppData\Local\Temp\~nsuA.tmp\Au_.exe.FriendlyAppName
O42 - Logiciel: Malware Hunter 1.142.0.759 - (.Glarysoft Ltd.) [HKLM][64Bits] -- Malware Hunter  =>.Glarysoft LTD®
O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1  =>.Safer-Networking Ltd.®
O23 - Service: GUBootService (GUBootService) . (.Glarysoft Ltd - Glary Startup Manager Boot Service.) - C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe  =>.Glarysoft LTD®
SR - Auto   [21/01/2022] [  875392]  GUBootService (GUBootService) . (.Glarysoft Ltd.) - C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe  =>.Glarysoft LTD®
SR - System [10/02/2022] [   30720]  GUBootStartup (GUBootStartup) . (.Glarysoft Ltd.) - C:\WINDOWS\System32\drivers\GUBootStartup.sys  =>.Microsoft®
SR - Demand [26/07/2021] [   42976]  GUMHFilters (GUMHFilters) . (.Glarysoft Ltd.) - C:\Program Files (x86)\Glarysoft\Malware Hunter\Native\winxp_x64\GUMHFilter.sys  =>.Microsoft®
SR - System [10/02/2022] [   28424]  GUSBootStartup (GUSBootStartup) . (.Glarysoft Ltd.) - C:\WINDOWS\System32\drivers\GUSBootStartup.sys  =>.Glarysoft LTD®
[MD5.BEBE4F68C1C5816C8302BCDD54E54164] - (.Glarysoft Ltd - Glary Startup Manager Boot Service.) -- C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [875392] [PID.3888]  =>.Glarysoft LTD®
O4 - GS\Quicklaunch [pwiss]: Malware Hunter.lnk . (.Glarysoft Ltd - Glarysoft Malware Hunter.) C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe    =>.Glarysoft LTD®
O4 - GS\ProgramsCommon [Public]: Malware Hunter.lnk . (.Glarysoft Ltd - Glarysoft Malware Hunter.) C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe    =>.Glarysoft LTD®
HKLM\SOFTWARE\WOW6432Node\GlarySoft  =>.GlarySoft
HKCU\SOFTWARE\Glarysoft  =>.GlarySoft
HKCU\SOFTWARE\AvastAdSDK  =>.Avast Software s.r.o
HKU\S-1-5-21-3819167023-2253776317-1136116018-1001\SOFTWARE\Glarysoft  =>.GlarySoft
O43 - CFD: 10/02/2022 - [] D -- C:\Program Files (x86)\Glarysoft  =>.GlarySoft
O43 - CFD: 10/02/2022 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft  =>.GlarySoft
O43 - CFD: 11/02/2022 - [] D -- C:\ProgramData\GlarySoft  =>.GlarySoft
O43 - CFD: 11/02/2022 - [] D -- C:\ProgramData\IObit  =>.IObit
O43 - CFD: 11/02/2022 - [] D -- C:\ProgramData\Kaspersky Lab  =>.Kaspersky Lab
O43 - CFD: 10/02/2022 - [] D -- C:\ProgramData\Kaspersky Lab Setup Files  =>.Kaspersky Lab
O43 - CFD: 10/02/2022 - [] D -- C:\ProgramData\McAfee  =>.McAfee
O43 - CFD: 10/02/2022 - [] D -- C:\Program Files (x86)\Common Files\Glarysoft  =>.GlarySoft
O43 - CFD: 11/02/2022 - [] D -- C:\Users\pwiss\AppData\Roaming\GlarySoft  =>.GlarySoft
O108 - CMH1: Glary Utilities [64Bits] - {B3C418F8-922B-4faf-915E-59BC14448CF7} . (...) -- C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll (.not file.)
O108 - CMH1: Glarysoft MalwareHunter [64Bits] - {EA847F47-97F1-4D78-AB99-C63CA1C327F0} . (.Glarysoft Ltd - MHContextHandler.dll.) -- C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll  =>.Glarysoft LTD®
O108 - CMH6: Glary Utilities [64Bits] - {B3C418F8-922B-4faf-915E-59BC14448CF7} . (...) -- C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll (.not file.)
O108 - CMH6: Glarysoft MalwareHunter [64Bits] - {EA847F47-97F1-4D78-AB99-C63CA1C327F0} . (.Glarysoft Ltd - MHContextHandler.dll.) -- C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll  =>.Glarysoft LTD®
O108 - CMH7: Glary Utilities [64Bits] - {B3C418F8-922B-4faf-915E-59BC14448CF7} . (...) -- C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll (.not file.)
O108 - CMH7: Glarysoft MalwareHunter [64Bits] - {EA847F47-97F1-4D78-AB99-C63CA1C327F0} . (.Glarysoft Ltd - MHContextHandler.dll.) -- C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll  =>.Glarysoft LTD®
O58 - SDL:2022/02/10 11:26:44 A . (.Glarysoft Ltd - The driver for the Startup Manager tool.) -- C:\WINDOWS\System32\drivers\GUBootStartup.sys   [30720]  =>.Microsoft®
O58 - SDL:2022/02/10 11:13:20 A . (.Glarysoft Ltd - The driver for the Startup Manager tool.) -- C:\WINDOWS\System32\drivers\GUSBootStartup.sys   [28424]  =>.Glarysoft LTD®
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities  =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glary Utilities  =>.SUP.Orphan
HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\Glary Utilities  =>.SUP.Orphan
[0F05AE21CDC17B9F3CF09D7BFC659BA3] [19/01/2022] (.Glarysoft LTD.) - C:\Program Files (x86)\Glarysoft\Malware Hunter\uninst.exe  =>.Glarysoft LTD
[0F05AE21CDC17B9F3CF09D7BFC659BA3] [21/01/2022] (.Glarysoft LTD.) - C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe  =>.Glarysoft LTD
[0F05AE21CDC17B9F3CF09D7BFC659BA3] [21/01/2022] (.Glarysoft LTD.) - C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe  =>.Glarysoft LTD
[374BA1D99C479178F804B0300834EAF6] [26/07/2021] (.Glarysoft LTD.) - C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll  =>.Glarysoft LTD
[6D9B7FD9A35FF6D4A9BAEDA62F24BBFE] [10/02/2022] (.Glarysoft LTD.) - C:\WINDOWS\System32\drivers\GUSBootStartup.sys  =>.Glarysoft LTD
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe  =>.Safer-Networking Ltd.®
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe  =>.Safer-Networking Ltd.®
O23 - Service: Spybot Security Center Integration Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center Integration.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe  =>.Safer-Networking Ltd.®
SR - Auto   [19/03/2019] [ 3892080]  Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe  =>.Safer-Networking Ltd.®
SR - Auto   [04/03/2020] [ 4741680]  Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe  =>.Safer-Networking Ltd.®
SR - Auto   [04/09/2019] [  940976]  Spybot Security Center Integration Service (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe  =>.Safer-Networking Ltd.®
SR - Boot   [21/06/2019] [   19904]   (Spybot3ELAM) . (.Microsoft.) - C:\WINDOWS\System32\drivers\Spybot3ELAM.sys  =>.Microsoft®
O4 - HKLM\..\Wow6432Node\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe  =>.Safer-Networking Ltd.®
[MD5.D4D13911639EC79A1F9BB75FA3B9C6E3] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892080] [PID.3564]  =>.Safer-Networking Ltd.®
[MD5.902A075E48F98F607CE8F06830280CF2] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4741680] [PID.4152]  =>.Safer-Networking Ltd.®
O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1  =>.Safer-Networking Ltd.®
O43 - CFD: 11/02/2022 - [] D -- C:\Program Files (x86)\Spybot - Search & Destroy 2  =>.SaferNetworking
O43 - CFD: 11/02/2022 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2  =>.SaferNetworking
O43 - CFD: 11/02/2022 - [] D -- C:\ProgramData\Spybot - Search & Destroy  =>.SaferNetworking
O108 - CMH1: SDECon32 [64Bits] - {44176360-2BBF-4EC1-93CE-384B8681A0BC} . (.Safer-Networking Ltd. - Windows Explorer context menu integration.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll  =>.Safer-Networking Ltd.®
O108 - CMH1: SDECon64 [64Bits] - {44176360-2BBF-4EC1-93CE-384B8681A0BC} . (.Safer-Networking Ltd. - Windows Explorer context menu integration.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll  =>.Safer-Networking Ltd.®
O108 - CMH2: SDECon32 [64Bits] - {44176360-2BBF-4EC1-93CE-384B8681A0BC} . (.Safer-Networking Ltd. - Windows Explorer context menu integration.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll  =>.Safer-Networking Ltd.®
O108 - CMH2: SDECon64 [64Bits] - {44176360-2BBF-4EC1-93CE-384B8681A0BC} . (.Safer-Networking Ltd. - Windows Explorer context menu integration.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll  =>.Safer-Networking Ltd.®
O108 - CMH6: SDECon32 [64Bits] - {44176360-2BBF-4EC1-93CE-384B8681A0BC} . (.Safer-Networking Ltd. - Windows Explorer context menu integration.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll  =>.Safer-Networking Ltd.®
O108 - CMH6: SDECon64 [64Bits] - {44176360-2BBF-4EC1-93CE-384B8681A0BC} . (.Safer-Networking Ltd. - Windows Explorer context menu integration.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll  =>.Safer-Networking Ltd.®
O58 - SDL:2019/06/21 07:34:36 A . (. - Spybot Early Launch Anti-Malware Driver.) -- C:\WINDOWS\System32\drivers\Spybot3ELAM.sys   [19904]  =>.Microsoft®
[0B3FD32E39B247B09C8040571D6AD2F3] [04/03/2020] (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe  =>.Safer-Networking Ltd.
[0B3FD32E39B247B09C8040571D6AD2F3] [04/09/2019] (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe  =>.Safer-Networking Ltd.
[0B3FD32E39B247B09C8040571D6AD2F3] [10/02/2022] (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe  =>.Safer-Networking Ltd.
[0B3FD32E39B247B09C8040571D6AD2F3] [15/04/2019] (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll  =>.Safer-Networking Ltd.
[0B3FD32E39B247B09C8040571D6AD2F3] [19/03/2019] (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe  =>.Safer-Networking Ltd.
[0B3FD32E39B247B09C8040571D6AD2F3] [19/03/2019] (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe  =>.Safer-Networking Ltd.
HKLM\SOFTWARE\WOW6432Node\IObit  =>.IObit
O43 - CFD: 11/02/2022 - [] D -- C:\ProgramData\IObit  =>.IObit
O43 - CFD: 10/02/2022 - [] D -- C:\Program Files (x86)\Common Files\IObit  =>.IObit
O43 - CFD: 11/02/2022 - [0] D -- C:\Users\pwiss\AppData\Roaming\IObit  =>.IObit
O43 - CFD: 10/02/2022 - [] D -- C:\Users\pwiss\AppData\LocalLow\IObit  =>.IObit
HKLM\SOFTWARE\WOW6432Node\Lavasoft  =>.Lavasoft
HKCU\SOFTWARE\Lavasoft  =>.Lavasoft
HKU\S-1-5-21-3819167023-2253776317-1136116018-1001\SOFTWARE\Lavasoft  =>.Lavasoft
SR - Demand [00/00/0000] [       0]  klids (klids) . (...) - C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys (.not file.) [Unsigned]
G2 - GCE: Preference [pwiss][User Data\Default\Extensions] [dhnkblpjbkfklfloegejegedcafpliaa]   =>.Kaspersky Labs
O43 - CFD: 11/02/2022 - [] D -- C:\ProgramData\Kaspersky Lab  =>.Kaspersky Lab
O43 - CFD: 10/02/2022 - [] D -- C:\ProgramData\Kaspersky Lab Setup Files  =>.Kaspersky Lab
O43 - CFD: 10/02/2022 - [] D -- C:\ProgramData\McAfee  =>.McAfee
[MD5.C56E98AB2D7799C7FA189DA07AF65204] [WIS][2022/02/10 10:03:50] (.Kaspersky Lab JSC.) -- C:\WINDOWS\Installer\e6770.msp   [9707520]  =>.Kaspersky Lab JSC
[MD5.99DF7A3EEC76203EF11DD08BB916F1C1] [WIS][2022/02/10 10:03:51] (.Kaspersky Lab JSC.) -- C:\WINDOWS\Installer\e677e.msp   [622592]  =>.Kaspersky Lab JSC
[013C6684E0F39030C05FA36B42AF33CA] [10/02/2022] (.Kaspersky Lab JSC.) - C:\Users\pwiss\AppData\Local\Temp\{EA66066A-634F-4850-BF96-3F6176624801}\E127DE0F865105E469C67241184A7DD5.sys  =>.Kaspersky Lab JSC
[067CE8A9F2E02AC7D49304F85E9474E1] [11/02/2022] (.AO Kaspersky Lab.) - C:\Users\pwiss\AppData\Local\Temp\{BB7822D2-0EDE-4C79-B0D3-0AD4FBF8CB14}\{69F58F8D-A9D8-402A-BF60-3FD1AB52001C}.exe  =>.Not verified
[067CE8A9F2E02AC7D49304F85E9474E1] [11/02/2022] (.AO Kaspersky Lab.) - C:\Users\pwiss\AppData\Local\Temp\{BB7822D2-0EDE-4C79-B0D3-0AD4FBF8CB14}\kavremover.exe  =>.Not verified
[0F5C689DC0717374609E20ED097B19D9] [18/03/2021] (.ICEpower a/s.) - C:\WINDOWS\System32\ICEsoundService64.exe  =>.ICEpower a/s
[0F9D91C6ABA86F4E54CBB9EF57E68346] [10/02/2022] (.Kaspersky Lab.) - C:\Users\pwiss\AppData\Local\Temp\{EA66066A-634F-4850-BF96-3F6176624801}\msi_common.dll  =>.Kaspersky Lab
[0F9D91C6ABA86F4E54CBB9EF57E68346] [10/02/2022] (.Kaspersky Lab.) - C:\Users\pwiss\AppData\Local\Temp\{EA66066A-634F-4850-BF96-3F6176624801}\msi_misc.dll  =>.Kaspersky Lab
SR - Disabl [00/00/0000] [       0]  McAfee CSP Service (mccspsvc) . (...) - C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\McCSPServiceHost.exe (.not file.) [Unsigned]  =>.McAfee Inc.
HKLM\SOFTWARE\McAfee  =>.McAfee Inc.
HKU\.DEFAULT\SOFTWARE\McAfee  =>.McAfee Inc.
O43 - CFD: 10/02/2022 - [] D -- C:\Program Files\mcafee  =>.McAfee
HKCU\SOFTWARE\AvastAdSDK  =>.Avast Software s.r.o
HKU\S-1-5-21-3819167023-2253776317-1136116018-1001\SOFTWARE\AvastAdSDK  =>.Avast Software s.r.o