Speeding up my P.C?

Collapse
X
Collapse
 
  • Page of 2
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
  • Allan.T
    PCHF Member
    • Jun 2017
    • 131
    #1

    Speeding up my P.C?

    Hi,

    Some may know I’m looking into getting new parts for my PC, whilst I’m waiting for that to happen, I’m wondering if there is anyway to speed up my PC on the software side of things, and I don’t mean putting it on wheels and pushing it down the hill haha.

    I enjoy my games, and my games list is full of games I can’t play due to the lack of speed on my computer. My processor is lagging behind, as is my GPU (If im honest, I’d like to just replace everything, but beggars can’t be choosers huh?). So is there much I can do? I know there’s over-clocking etc. but it’s all beyond me, and too much pc tech info just scrambles my brain!

    Thank you in advanced,

    Regards,
    Allan
    Tags: None
    • Malnutrition
      PCHF Moderator
      • Jul 2016
      • 7045
      #2
      ZHP Diag Scan


      Download ZHP Diag to your desktop.

      1. Right Click Run as Admin.
      2. Click the Options button.

      Click on Check All
      Then Click Validate
      Then click close.

      Forums - PC Help Forum
      https://pchelpforum.net/attachments/upload_2017-4-26_17-16-39-png.2074
      PCHF Forums



      3. Click the Scanner button.

      Forums - PC Help Forum
      https://pchelpforum.net/attachments/upload_2017-2-23_3-32-26-png.1647
      PCHF Forums


      When complete please push the report button.
      A notepad will open… copy and paste the report in your next reply.

      HijackThis.

      1- Please Click HERE to download HijackThis. – Unzip to your desktop.
      2- Right click run as admin.
      3- Click on the Main Menu button if not already there.
      4- Select Do a system scan and save a logfile.
      5- Copy paste the log here.

        Comment

        • Allan.T
          PCHF Member
          • Jun 2017
          • 131
          #3
          Hey there, I’ve done what you asked of me,

          ZHPDiag
          ~ ZHPDiag v2017.6.17.100 By Nicolas Coolman (2017/06/17)
          ~ Run by Allan (Administrator) (2017/06/18 02:28:57)
          ~ Web: https://www.nicolascoolman.com
          ~ Blog: https://nicolascoolman.eu/
          ~ Facebook: ZHP
          ~ Certificate ZHPDiag: Legal
          ~ State version: Version OK
          ~ Mode: Scan
          ~ Report: C:\Users\Allan\Desktop\ZHPDiag.txt
          ~ Report: C:\Users\Allan\AppData\Roaming\ZHP\ZHPDiag.txt
          ~ UAC: Activate
          ~ System startup: Normal (Normal boot)
          Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) =>.Microsoft Corporation

          —\ Internet Browsers (2) - 0s
          ~ MFIE: Mozilla Firefox 53.0.3 (x86 en-US)
          ~ MSIE: Internet Explorer v11.0.9600.18697

          —\ Windows Product Information (4) - 3s
          ~ Windows Server License Manager Script : OK
          ~ Licence Script File Génération : OK
          Windows Automatic Updates : OK
          Windows Activation Technologies : OK

          —\ System protection software (2) - 2s
          Avast Free Antivirus v17.4.2294 (Protection)
          Malwarebytes Anti-Malware version 2.2.0.1024 (Protection)

          —\ Surveillance software (1) - 2s
          ~ Adobe Flash Player 26 NPAPI (Surveillance)

          —\ Sharing software PeerToPeer (1) - 3s
          ~ µTorrent v3.4.3.40298 (P2P)

          —\ Information on the system (6) - 0s
          ~ Operating System: AMD64 Family 21 Model 1 Stepping 2, AuthenticAMD
          ~ Operating System: 64-bit
          ~ Boot mode: Normal (Normal boot)
          Total RAM: 8371.448 MB (70% free) : OK =>.RAM Value
          System Restore: Activé (Enable)
          System drive C: has 537 GB (56%) free of 953 GB : OK =>.Disk Space

          —\ Connection to the system mode (3) - 0s
          ~ Computer Name: PROTOTYPE
          ~ User Name: Allan
          ~ Logged in as Administrator

          —\ Enumeration of the disk units (2) - 0s
          ~ Drive C: has 537 GB free of 953 GB (System)
          ~ Drive E: has 379 GB free of 476 GB

          —\ State of the Windows Security Center (11) - 0s
          [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
          [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
          [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
          [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\Explorer] NoActiveDesktopChanges: Modified
          [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\system] EnableLUA: OK
          [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
          [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
          [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Associations] Application: OK
          [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
          [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
          [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Win dowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

          —\ Search Generic System Files (24) - 1s
          [MD5.38AE1B3C38FAEF56FE4907922F0385BA] - 29/08/2016 - (.Microsoft Corporation - Windows Explorer.) – C:\Windows\Explorer.exe [3229696] =>.Microsoft Corporation
          [MD5.C36BB659F08F046B139C8D1B980BF1AC] - 30/03/2017 - (.Microsoft Corporation - Windows host process (Rundll32).) – C:\Windows\System32\rundll32.exe [46080] =>.Microsoft Corporation
          [MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) – C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation
          [MD5.1AAE329190ED545F5FB02941F3644094] - 14/05/2017 - (.Microsoft Corporation - Internet Extensions for Win32.) – C:\Windows\System32\wininet.dll [3240960] =>.Microsoft Corporation
          [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - 17/07/2014 - (.Microsoft Corporation - Windows Logon Application.) – C:\Windows\System32\Winlogon.exe [455168] =>.Microsoft Corporation
          [MD5.067FA52BFB59A56110A12312EF9AF243] - 21/11/2010 - (.Microsoft Corporation - Software Licensing Library.) – C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation
          [MD5.492D07D79E7024CA310867B526D9636D] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) – C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation
          [MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) – C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation
          [MD5.0DC2A9882540DEA4A55B08785E09D8FC] - 04/04/2017 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\Windows\System32\drivers\AFD.sys [496128] =>.Microsoft Corporation
          [MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows®
          [MD5.B8BD2BB284668C84865658C77574381A] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
          [MD5.F036CE71586E93D94DAB220D7BDF4416] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation
          [MD5.9B38580063D281A99E68EF5813022A5F] - 08/09/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\Windows\System32\drivers\DfsC.sys [106496] =>.Microsoft Corporation
          [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation
          [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 14/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) – C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation
          [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) – C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation
          [MD5.9B08FBED1849FB5A6E0BA1D44396191D] - 21/05/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\Windows\System32\drivers\MRxSmb.sys [159744] =>.Microsoft Corporation
          [MD5.E47D571FEC2C76E867935109AB2A770C] - 11/05/2016 - (.Microsoft Corporation - MBT Transport driver.) – C:\Windows\System32\drivers\netBT.sys [262144] =>.Microsoft Corporation
          [MD5.47B2D0B31BDC3EBE6090228E2BA3764D] - 11/01/2016 - (.Microsoft Corporation - NT File System Driver.) – C:\Windows\System32\drivers\ntfs.sys [1684416] =>.Microsoft Windows®
          [MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) – C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation
          [MD5.471815800AE33E6F1C32FB1B97C490CA] - 21/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation
          [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) – C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation
          [MD5.028D61D9803FBEFB7426696A7840BB48] - 10/05/2017 - (.Microsoft Corporation - TDI Translation Driver.) – C:\Windows\System32\drivers\tdx.sys [117248] =>.Microsoft Corporation
          [MD5.0D08D2F3B3FF84E433346669B5E0F639] - 21/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) – C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Windows®

          —\ Non Microsoft non disabled Windows Services (11) - 3s
          O23 - Service: (AdobeUpdateService) . (.Adobe Systems Incorporated - Adobe Update Service.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated®
          O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - Avast Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
          O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc. - BlueStacks Service.) - C:\Program Files (x86)\BlueStacks\HD-Service.exe =>.Bluestack Systems, Inc.®
          O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe =>.Bluestack Systems, Inc.®
          O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc. - BlueStacks Updater Service.) - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe =>.Bluestack Systems, Inc.®
          O23 - Service: (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
          O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
          O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 342.0.) - C:\Windows\system32\nvvsvc.exe =>.NVIDIA Corporation
          O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe =>.NVIDIA Corporation®
          O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe =>.NVIDIA Corporation®
          O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) . (.VIA Technologies, Inc. - Service binary.) - C:\Windows\system32\viakaraokesrv.exe =>.VIA Technologies, Inc.

          —\ Services not Microsoft (SR=Run, SS=Stop) (18) - 24s
          SS - Demand [17/06/2017] [ 272384] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe =>.Adobe Systems Incorporated®
          SR - Auto [09/06/2015] [ 680112] (AdobeUpdateService) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated®
          SS - Demand [14/06/2017] [ 7346208] aswbIDSAgent (aswbIDSAgent) . (.AVAST Software s.r.o..) - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe =>.AVAST Software s.r.o.®
          SR - Auto [14/06/2017] [ 263304] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
          SS - Demand [17/06/2017] [ 1404936] BattlEye Service (BEService) . (…) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe =>.BattlEye Innovations e.K.®
          SS - Auto [24/03/2015] [ 433880] BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-Service.exe =>.Bluestack Systems, Inc.®
          SR - Auto [24/03/2015] [ 388824] BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe =>.Bluestack Systems, Inc.®
          SR - Auto [24/03/2015] [ 798424] BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe =>.Bluestack Systems, Inc.®
          SS - Auto [05/10/2015] [ 1135416] (MBAMService) . (.Malwarebytes.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
          SS - Demand [16/06/2017] [ 173512] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
          SR - Auto [03/05/2017] [ 495040] NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
          SS - Demand [03/05/2017] [ 495040] NVIDIA NetworkService Container (NvContainerNetworkService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
          SR - Auto [14/11/2016] [ 932728] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe =>.NVIDIA Corporation®
          SR - Auto [03/05/2017] [ 449984] NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe =>.NVIDIA Corporation®
          SS - Demand [29/04/2015] [ 1931632] Origin Client Service (Origin Client Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginClientService.exe =>.Electronic Arts, Inc.®
          SR - Demand [08/06/2017] [ 1607968] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve®
          SR - Auto [14/11/2016] [ 426040] NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe =>.NVIDIA Corporation®
          SR - Auto [22/10/2012] [ 27768] VIA Karaoke digital mixer Service (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\system32\viakaraokesrv.exe =>.VIA Technologies Inc.®

          —\ Task Planned Automatically (25) - 8s
          [MD5.7DE8B8AC559E16AEB388E7D098E7C288] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) – C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [272384] (.Activate.) =>.Adobe Systems Incorporated®
          [MD5.866FF7A49542CDBBF7EE0FD4FD0ADC02] [APT] [Avast Emergency Update] (.AVAST Software.) – C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2326672] (.Activate.) =>.AVAST Software s.r.o.®
          [MD5.934BF1FB1BE4A5BAE408EE860D82AEF0] [APT] [NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040] (.Activate.) =>.NVIDIA Corporation®
          [MD5.920B28E89B82FD1BEB28F710C23C2B08] [APT] [NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1693632] (.Activate.) =>.NVIDIA Corporation®
          [MD5.EA7CA45E1634F0E362C8954249223599] [APT] [NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946112] (.Activate.) =>.NVIDIA Corporation®
          [MD5.DD2097DB22ADE924A5224F9223595764] [APT] [NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649152] (.Activate.) =>.NVIDIA Corporation®
          [MD5.DD2097DB22ADE924A5224F9223595764] [APT] [NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649152] (.Activate.) =>.NVIDIA Corporation®
          [MD5.1194C29F3D59D17268DB7DBE69A5D8E3] [APT] [NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436672] (.Activate.) =>.NVIDIA Corporation®
          [MD5.4B870A77F09529EABB6F7C83A5D99152] [APT] [NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000] (.Activate.) =>.NVIDIA Corporation®
          [MD5.4B870A77F09529EABB6F7C83A5D99152] [APT] [NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000] (.Activate.) =>.NVIDIA Corporation®
          [MD5.41559E85DBA8DF3E7C197C5514B6025D] [APT] [SafeZone scheduled Autoupdate 1497547532] (.Avast Software.) – C:\Program Files\AVAST Software\SZBrowser\launcher.exe [927264] (.Activate.) =>.AVAST Software s.r.o.®
          [MD5.80E8A9D877445CD90EC72B630704AF0A] [APT] [{93E3722E-7795-4E87-87B3-5C42114B32F0}] (…) – C:\Windows\UniFish3.exe [45568] (.Activate.)
          [MD5.C72865DE00C0B7E4B4C3DEBCB347FC36] [APT] [AVAST Software\Avast settings backup] (.AVAST Software.) – C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [797264] (.Activate.) =>.AVAST Software s.r.o.®
          O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) – C:\Windows\System32\Tasks\Adobe Flash Player Updater [4312] =>.Adobe Systems Incorporated®
          O39 - APT: Avast Emergency Update - (.AVAST Software.) – C:\Windows\System32\Tasks\Avast Emergency Update [4172] =>.AVAST Software s.r.o.®
          O39 - APT: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily _{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [4146] =>.NVIDIA Corporation®
          O39 - APT: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3814] =>.NVIDIA Corporation®
          O39 - APT: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3852] =>.NVIDIA Corporation®
          O39 - APT: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B 2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3738] =>.NVIDIA Corporation®
          O39 - APT: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3494] =>.NVIDIA Corporation®
          O39 - APT: NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3730] =>.NVIDIA Corporation®
          O39 - APT: NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3554] =>.NVIDIA Corporation®
          O39 - APT: NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3738] =>.NVIDIA Corporation®
          O39 - APT: SafeZone scheduled Autoupdate 1497547532 - (.Avast Software.) – C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1497547532 [3894] =>.AVAST Software s.r.o.®
          O39 - APT: {93E3722E-7795-4E87-87B3-5C42114B32F0} - (…) – C:\Windows\System32\Tasks{93E3722E-7795-4E87-87B3-5C42114B32F0} [3224]

          —\ Auto loading programs from Registry and folders (17) - 1s
          O4 - HKLM..\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) – C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe =>.VIA Technologies Inc.®
          O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) – C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe =>.Adobe Systems Incorporated®
          O4 - HKLM..\Run: [Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) – C:\Windows\PixArt\Pac207\Monitor.exe =>.PixArt Imaging Incorporation
          O4 - HKLM..\Run: [Logitech Download Assistant] . (.Logitech, Inc. - Logitech Download Assistant.) – C:\Windows\System32\LogiLDA.dll =>.Logitech, Inc.
          O4 - HKLM..\Run: [AvastUI.exe] . (.AVAST Software - AvLaunch component.) – C:\Program Files\AVAST Software\Avast\AvLaunch.exe =>.AVAST Software s.r.o.®
          O4 - HKLM..\Run: [ShadowPlay] . (.Microsoft Corporation - Windows host process (Rundll32).) – C:\Windows\System32\rundll32.exe =>.Microsoft Corporation
          O4 - HKCU..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) – C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
          O4 - HKCU..\Run: [Gaijin.Net Agent] C:\Users\Allan\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (.not file.)
          O4 - HKLM..\Wow6432Node\Run: [BlueStacks Agent] . (.BlueStack Systems, Inc. - BlueStacks Agent.) – C:\Program Files (x86)\BlueStacks\HD-Agent.exe =>.Bluestack Systems, Inc.®
          O4 - HKLM..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) – C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated®
          O4 - HKLM..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) – C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.®
          O4 - HKUS\S-1-5-19..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) – C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
          O4 - HKUS\S-1-5-20..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) – C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
          O4 - HKUS\S-1-5-19..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) – C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
          O4 - HKUS\S-1-5-20..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) – C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
          O4 - HKUS\S-1-5-21-2771956393-836798383-2307004672-1000..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) – C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
          O4 - HKUS\S-1-5-21-2771956393-836798383-2307004672-1000..\Run: [Gaijin.Net Agent] C:\Users\Allan\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (.not file.)

          —\ Process running (32) - 3s
          [MD5.00000000000000000000000000000000] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 342.0.) – C:\Windows\system32\nvvsvc.exe [0] [PID.808] =>.NVIDIA Corporation
          [MD5.843F16D234D03756B9EB6054B5C62FAA] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) – C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [426040] [PID.832] =>.NVIDIA Corporation®
          [MD5.C66BCE13DB7C119824839C63FEA226FA] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) – C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [1208256] [PID.1232] =>.NVIDIA Corporation®
          [MD5.D961A7C05A76302E782B1B0CF6546BA7] - (.AVAST Software - Avast Service.) – C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304] [PID.1240] =>.AVAST Software s.r.o.®
          [MD5.00000000000000000000000000000000] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 342.0.) – C:\Windows\system32\nvvsvc.exe [0] [PID.1248] =>.NVIDIA Corporation
          [MD5.E1E457F60C294A55455856ABCE91B476] - (.VIA - VIA HD Audio CPL.) – C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320] [PID.1644] =>.VIA Technologies Inc.®
          [MD5.72334F906C2E2B002CDD2FF9022FD957] - (.PixArt Imaging Incorporation - Registry Monitor.) – C:\Windows\PixArt\Pac207\Monitor.exe [319488] [PID.1728] =>.PixArt Imaging Incorporation
          [MD5.2EDBCFD497891D49C17B5158DE698021] - (.NVIDIA Corporation - NVIDIA Settings.) – C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [2453952] [PID.1852] =>.NVIDIA Corporation®
          [MD5.8FE697AB8A4C28D79C1CDB97C6FB1A17] - (.AVAST Software - Avast Antivirus.) – C:\Program Files\AVAST Software\Avast\AvastUI.exe [8470464] [PID.1724] =>.AVAST Software s.r.o.®
          [MD5.86067F0EBA4A2C98B51D62452BBF3552] - (.Adobe Systems Incorporated - Adobe Update Service.) – C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112] [PID.1960] =>.Adobe Systems Incorporated®
          [MD5.3E2658D4F51D68512E45A4D764C39C14] - (.BlueStack Systems, Inc. - BlueStacks Agent.) – C:\Program Files (x86)\BlueStacks\HD-Agent.exe [863960] [PID.1668] =>.Bluestack Systems, Inc.®
          [MD5.FB3E302A7C189113F208CB0BF5FC8B37] - (.Adobe Systems Incorporated - Adobe Creative Cloud.) – C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152] [PID.2044] =>.Adobe Systems Incorporated®
          [MD5.A443A7C05ABF0FCD16E89593F63B633B] - (.Oracle Corporation - Java Update Scheduler.) – C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288] [PID.1712] =>.Oracle America, Inc.®
          [MD5.DED9C438796B43D153DEF0658A220C58] - (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) – C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824] [PID.2012] =>.Bluestack Systems, Inc.®
          [MD5.F6AED4B054657DCF9DE6D7717AAFA227] - (.BlueStack Systems, Inc. - BlueStacks Updater Service.) – C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [798424] [PID.2224] =>.Bluestack Systems, Inc.®
          [MD5.41437022B1CEFD388471B7D1F72EAE7C] - (.Adobe Systems Incorporated - Adobe IPC Broker.) – C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe [1011360] [PID.2264] =>.Adobe Systems Incorporated®
          [MD5.934BF1FB1BE4A5BAE408EE860D82AEF0] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040] [PID.2592] =>.NVIDIA Corporation®
          [MD5.0B7BD772ED45111574E2736A5F358D79] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984] [PID.2660] =>.NVIDIA Corporation®
          [MD5.00000000000000000000000000000000] - (.VIA Technologies, Inc. - Service binary.) – C:\Windows\system32\viakaraokesrv.exe [0] [PID.2436] =>.VIA Technologies, Inc.
          [MD5.D717B0C761162A5D6D1A10289A77C309] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [449984] [PID.3484] =>.NVIDIA Corporation®
          [MD5.A69BC7203E0BFFEE8215C0913D02CB55] - (.Valve Corporation - Steam Client Bootstrapper.) – C:\Program Files (x86)\Steam\Steam.exe [3042592] [PID.3952] =>.Valve®
          [MD5.6CA4BBBE6811C0BDC1D1DC2806F56956] - (.Node.js - NVIDIA Web Helper Service.) – C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [15553472] [PID.2536] =>.NVIDIA Corporation®
          [MD5.FF50FC14C9EF527FB7815DDA059D64AF] - (.Adobe Systems Incorporated - Creative Cloud.) – C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2266800] [PID.4716] =>.Adobe Systems Incorporated®
          [MD5.8D1C080C4746E8DFDE72AD0D073652B8] - (.Adobe Systems Incorporated - Adobe CEF Helper.) – C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe [174256] [PID.5052] =>.Adobe Systems Incorporated®
          [MD5.4899A46E0F6522BBCCE2612DBA56E00E] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [2419488] [PID.1828] =>.Valve®
          [MD5.AC5DE2689B571942E08128D0EC771495] - (.Valve Corporation - Steam Client Service.) – C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1607968] [PID.4496] =>.Valve®
          [MD5.3FB6BCB23D287E155DE39A6C2EED6DA0] - (.Copyright © 2013 Adobe Systems, Inc. All rights reser - Core Sync.) – C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe [31404192] [PID.4172] =>.Adobe Systems Incorporated®
          [MD5.8D1C080C4746E8DFDE72AD0D073652B8] - (.Adobe Systems Incorporated - Adobe CEF Helper.) – C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe [174256] [PID.4628] =>.Adobe Systems Incorporated®
          [MD5.4899A46E0F6522BBCCE2612DBA56E00E] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [2419488] [PID.2508] =>.Valve®
          [MD5.9710FABEF9AD37A3AA966AF53BCBDD1A] - (.Mozilla Corporation - Firefox.) – C:\Program Files (x86)\Mozilla Firefox\firefox.exe [517064] [PID.6096] =>.Mozilla Corporation®
          [MD5.2550455C4B37E9B1EE17D1B96B8DF7C5] - (.Nicolas Coolman - ZHPDiag.) – C:\Users\Allan\ZHPDiag3.exe [2751872] [PID.4940] =>.Nicolas Coolman
          [MD5.4899A46E0F6522BBCCE2612DBA56E00E] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [2419488] [PID.4892] =>.Valve®

          —\ Mozilla Firefox,Plugins,Start,Search,Extensions (3) - 1s
          P2 - EXT FILE: (.Avast SafePrice - Avast SafePrice - safe shopping extens.) – C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Pro files\ogyprs22.default\extensions\sp@avast.com.xpi =>.Avast SafePrice
          P2 - EXT FILE: (.Avast Online Security - Avast Browser Security and Web Reputat.) – C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Pro files\ogyprs22.default\extensions\wrc@avast.com.xpi =>.Avast Online Security
          P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) – C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_ 131.dll =>.Adobe Systems Incorporated

          —\ Internet Explorer Extensions, Start, Search (15) - 0s
          R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
          R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
          R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
          R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
          R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
          R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
          R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
          R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
          R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
          R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
          R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
          R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
          R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
          R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
          R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer

          —\ Internet Explorer, Proxy Management (5) - 0s
          R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyEnable = 0
          R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,MigrateProxy = 1
          R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,EnableHttp1_1 = 1
          R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigProxy = wininet.dll
          R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Para meters\Internet\ManualProxies =>.Microsoft

          —\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
          F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
          F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
          F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerfo rmance.exe (.Microsoft Corporation.) =>.Microsoft Corporation

          —\ Hosts file redirection (1) - 0s
          ~ Le fichier hôte est sain (The hosts file is clean) (21)

          —\ Browser Helper Object (BHO) (1) - 1s
          O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) – C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll =>.AVAST Software s.r.o.®

          —\ Internet Explorer Toolbars (1) - 0s
          O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (…) – (.not file.)

          —\ Global shortcuts Startup (70) - 6s
          O4 - GS\Desktop [Administrator]: Documents.lnk . (…) C:\Users\Allan\AppData\Roaming\Microsoft\Windows\L ibraries\Documents.library-ms
          O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Allan\ZHPDiag3.exe =>.Nicolas Coolman
          O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
          O4 - GS\Quicklaunch [Administrator]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Allan\AppData\Roaming\uTorrent\uTorrent.e xe =>.BitTorrent Inc®
          O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
          O4 - GS\TaskBar [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
          O4 - GS\TaskBar [Administrator]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
          O4 - GS\Programs [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
          O4 - GS\Desktop [Allan]: Documents.lnk . (…) C:\Users\Allan\AppData\Roaming\Microsoft\Windows\L ibraries\Documents.library-ms
          O4 - GS\Desktop [Allan]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Allan\ZHPDiag3.exe =>.Nicolas Coolman
          O4 - GS\Quicklaunch [Allan]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
          O4 - GS\Quicklaunch [Allan]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Allan\AppData\Roaming\uTorrent\uTorrent.e xe =>.BitTorrent Inc®
          O4 - GS\sendTo [Allan]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
          O4 - GS\TaskBar [Allan]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
          O4 - GS\TaskBar [Allan]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
          O4 - GS\Programs [Allan]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
          O4 - GS\Desktop [ASPNET]: Documents.lnk . (…) C:\Users\Allan\AppData\Roaming\Microsoft\Windows\L ibraries\Documents.library-ms
          O4 - GS\Desktop [ASPNET]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Allan\ZHPDiag3.exe =>.Nicolas Coolman
          O4 - GS\Quicklaunch [ASPNET]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
          O4 - GS\Quicklaunch [ASPNET]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Allan\AppData\Roaming\uTorrent\uTorrent.e xe =>.BitTorrent Inc®
          O4 - GS\sendTo [ASPNET]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
          O4 - GS\TaskBar [ASPNET]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
          O4 - GS\TaskBar [ASPNET]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
          O4 - GS\Programs [ASPNET]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
          O4 - GS\Desktop [Guest]: Documents.lnk . (…) C:\Users\Allan\AppData\Roaming\Microsoft\Windows\L ibraries\Documents.library-ms
          O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Allan\ZHPDiag3.exe =>.Nicolas Coolman
          O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
          O4 - GS\Quicklaunch [Guest]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Allan\AppData\Roaming\uTorrent\uTorrent.e xe =>.BitTorrent Inc®
          O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
          O4 - GS\TaskBar [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
          O4 - GS\TaskBar [Guest]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
          O4 - GS\Programs [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
          O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
          O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\system32\cmd.exe =>.Microsoft Corporation
          O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\Windows\system32\notepad.exe =>.Microsoft Corporation
          O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
          O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff =>.Microsoft Corporation®
          O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation
          O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\Windows\system32\calc.exe =>.Microsoft Corporation
          O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Display Switch.) C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation
          O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Math Input Panel Accessory.) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
          O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Windows Mobility Center.) C:\Windows\system32\mblctr.exe /open =>.Microsoft Corporation
          O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
          O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
          O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
          O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
          O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
          O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
          O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows host process (Rundll32).) C:\Windows\system32\rundll32.exe %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCent er LaunchedBy_StartMenuShortcut =>.Microsoft Corporation
          O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
          O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\Windows\system32\charmap.exe =>.Microsoft Corporation
          O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Microsoft® Disk Defragmenter.) C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation
          O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Disk Space Cleanup Manager for Windows.) C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation
          O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Resource and Performance Monitor.) C:\Windows\system32\perfmon.exe /res =>.Microsoft Corporation
          O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - System Information.) C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation
          O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Microsoft® Windows System Restore.) C:\Windows\system32\rstrui.exe =>.Microsoft Corporation
          O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (…) C:\Windows\system32\taskschd.msc /s =>..Microsoft Corporation
          O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Windows Easy Transfer Post Migration Applic.) C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
          O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Windows Easy Transfer Application.) C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
          O4 - GS\ProgramsCommon [Public]: Adobe Creative Cloud.lnk . (.Adobe Systems Incorporated - Adobe Creative Cloud.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated®
          O4 - GS\ProgramsCommon [Public]: Adobe Photoshop CC 2015.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CC 2015.) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe =>.Adobe Systems Incorporated®
          O4 - GS\ProgramsCommon [Public]: Avast SafeZone Browser.lnk . (.Avast Software - Avast SafeZone Browser.) C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software s.r.o.®
          O4 - GS\ProgramsCommon [Public]: GIMP 2.lnk . (.Spencer Kimball, Peter Mattis and the GIMP Developmen - GNU Image Manipulation Program.) C:\Program Files\GIMP 2\bin\gimp-2.8.exe =>.Jernej Simoncic®
          O4 - GS\ProgramsCommon [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
          O4 - GS\ProgramsCommon [Public]: Sidebar.lnk . (.Microsoft Corporation - Windows Desktop Gadgets.) C:\Program Files (x86)\Windows Sidebar\sidebar.exe /showgadgets =>.Microsoft Corporation
          O4 - GS\ProgramsCommon [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Windows Anytime Upgrade User Interface.) C:\Windows\system32\WindowsAnytimeUpgradeUI.exe =>.Microsoft Corporation
          O4 - GS\ProgramsCommon [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\DVD Maker\DVDMaker.exe =>.Microsoft Corporation
          O4 - GS\ProgramsCommon [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe =>.Microsoft Corporation
          O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
          O4 - GS\ProgramsCommon [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation

          —\ Lop.com/Domain Hijackers (6) - 0s
          O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = default
          O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
          O17 - HKLM\System\CCS\Services\Tcpip..{0C5D3712-B4D6-4552-9145-29D1C9023246}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
          O17 - HKLM\System\CCS\Services\Tcpip..{7C522FF4-BDFB-476F-ADB6-A2FDA8D78087}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
          O17 - HKLM\System\CCS\Services\Tcpip..{0C5D3712-B4D6-4552-9145-29D1C9023246}: DhcpDomain = default
          O17 - HKLM\System\CCS\Services\Tcpip..{7C522FF4-BDFB-476F-ADB6-A2FDA8D78087}: DhcpDomain = dlink.com

          —\ Extra protocols (20) - 1s
          O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
          O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
          O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
          O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
          O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
          O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
          O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
          O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation
          O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
          O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
          O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
          O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
          O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
          O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation
          O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
          O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
          O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
          O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
          O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
          O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®

          —\ Software installed (84) - 11s
          O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] – uTorrent =>.BitTorrent Inc®
          O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe Creative Cloud =>.Adobe Systems Incorporated®
          O42 - Logiciel: Adobe Flash Player 26 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
          O42 - Logiciel: Adobe Flash Player 26 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
          O42 - Logiciel: Adobe Photoshop CC 2015 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {793C2BF7-A4FE-4608-91C9-9282C5801C21} =>.Adobe Systems Incorporated®
          O42 - Logiciel: AirMech - (.Carbon Games.) [HKLM][64Bits] – Steam App 206500 =>.Valve®
          O42 - Logiciel: Arma 2 - (.Bohemia Interactive.) [HKLM][64Bits] – Steam App 33910 =>.Valve®
          O42 - Logiciel: Arma 2: DayZ Mod - (.Bohemia Interactive.) [HKLM][64Bits] – Steam App 224580 =>.Valve®
          O42 - Logiciel: Arma 2: Operation Arrowhead - (.Bohemia Interactive.) [HKLM][64Bits] – Steam App 33930 =>.Valve®
          O42 - Logiciel: Arma 2: Operation Arrowhead Beta (Obsolete) - (.Valve.) [HKLM][64Bits] – Steam App 219540 =>.Valve®
          O42 - Logiciel: Arma: Cold War Assault - (.Bohemia Interactive.) [HKLM][64Bits] – Steam App 65790 =>.Valve®
          O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] – Avast Antivirus =>.AVAST Software s.r.o.®
          O42 - Logiciel: BattlEye Uninstall - (.Bohemia Interactive Studio.) [HKLM][64Bits] – BattlEye for A2
          O42 - Logiciel: BlueStacks App Player - (.BlueStack Systems, Inc..) [HKLM][64Bits] – BlueStacks App Player =>.Bluestack Systems, Inc.®
          O42 - Logiciel: BlueStacks Notification Center - (.BlueStack Systems, Inc..) [HKLM][64Bits] – {011580CB-3D7F-47A6-A5D2-1287A4E43C73} =>.BlueStack Systems, Inc.
          O42 - Logiciel: Counter-Strike - (.Valve.) [HKLM][64Bits] – Steam App 10 =>.Valve®
          O42 - Logiciel: Counter-Strike: Condition Zero - (.Valve.) [HKLM][64Bits] – Steam App 80 =>.Valve®
          O42 - Logiciel: Counter-Strike: Condition Zero Deleted Scenes - (.Valve.) [HKLM][64Bits] – Steam App 100 =>.Valve®
          O42 - Logiciel: Counter-Strike: Global Offensive - (.Valve.) [HKLM][64Bits] – Steam App 730 =>.Valve®
          O42 - Logiciel: Counter-Strike: Source - (.Valve.) [HKLM][64Bits] – Steam App 240 =>.Valve®
          O42 - Logiciel: Elite Dangerous Launcher version 0.4.2854.0 - (.Frontier Developments.) [HKLM][64Bits] – {696F8871-C91D-4CB1-825D-36BE18065575}_is1 =>.Frontier Developments Plc®
          O42 - Logiciel: GIMP 2.8.14 - (.The GIMP Team.) [HKLM][64Bits] – GIMP-2_is1 =>.Jernej Simoncic®
          O42 - Logiciel: Java 8 Update 131 - (.Oracle Corporation.) [HKLM][64Bits] – {26A24AE4-039D-4CA4-87B4-2F32180131F0} =>.Oracle Corporation
          O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] – {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
          O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM][64Bits] – Malwarebytes Anti-Malware_is1 =>.Malwarebytes
          O42 - Logiciel: MechWarrior Online - (.Piranha Games Inc..) [HKLM][64Bits] – Steam App 342200 =>.Valve®
          O42 - Logiciel: Medieval II Total War - (.SEGA.) [HKLM][64Bits] – {C0698BDA-0D29-40EE-8570-A31106DF9AB1} =>.Macrovision Corporation®
          O42 - Logiciel: Medieval II Total War : Kingdoms : Americas - (.SEGA.) [HKLM][64Bits] – {75983B66-804C-40D1-BA13-64DAF652A6F1} =>.Macrovision Corporation®
          O42 - Logiciel: Medieval II Total War : Kingdoms : Britannia - (.SEGA.) [HKLM][64Bits] – {CEDDEE73-3D36-41C2-AA40-29355D9FBD63} =>.Macrovision Corporation®
          O42 - Logiciel: Medieval II Total War : Kingdoms : Crusades - (.SEGA.) [HKLM][64Bits] – {02A10468-2F1C-447C-AD8E-4DEDDEA25AE2} =>.Macrovision Corporation®
          O42 - Logiciel: Medieval II Total War : Kingdoms : Teutonic - (.SEGA.) [HKLM][64Bits] – {7AEE1963-7001-4C37-BC20-2FAEB74AA41C} =>.Macrovision Corporation®
          O42 - Logiciel: Microsoft Mouse and Keyboard Center - (.Microsoft Corporation.) [HKLM][64Bits] – {23D2AFC7-C01E-4413-9D9A-0BABF52569BF} =>.Microsoft Corporation
          O42 - Logiciel: Microsoft Mouse and Keyboard Center - (.Microsoft Corporation.) [HKLM][64Bits] – Microsoft Mouse and Keyboard Center =>.Microsoft Corporation®
          O42 - Logiciel: Microsoft Zoo Tycoon - (..) [HKLM][64Bits] – Zoo Tycoon 1.0
          O42 - Logiciel: Mozilla Firefox 53.0.3 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] – Mozilla Firefox 53.0.3 (x86 en-US) =>.Mozilla Corporation®
          O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] – MozillaMaintenanceService =>.Mozilla
          O42 - Logiciel: NVIDIA 3D Vision Controller Driver 340.50 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA 3D Vision Driver 342.01 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA Backend - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA Control Panel 342.01 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA GeForce Experience 3.6.0.74 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA Graphics Driver 342.01 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA LocalSystem Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA Message Bus for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA NetworkService Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] – {80407BA7-7763-4395-AB98-5233F1B34E65} =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA PhysX System Software 9.13.1220 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA ShadowPlay 3.6.0.74 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay =>.NVIDIA Corporation
          O42 - Logiciel: Nvidia Share - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] – NVIDIAStereo =>.NVIDIA Corporation®
          O42 - Logiciel: NVIDIA Telemetry Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA Update 25.0.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA User Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA Virtual Audio 3.70.2 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver =>.NVIDIA Corporation
          O42 - Logiciel: NVIDIA Watchdog Plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog =>.NVIDIA Corporation
          O42 - Logiciel: NvNodejs - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs =>.NVIDIA Corporation
          O42 - Logiciel: NvTelemetry - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry =>.NVIDIA Corporation
          O42 - Logiciel: NvvHci - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci =>.NVIDIA Corporation
          O42 - Logiciel: OpenAL - (.Open Audio Library.) [HKLM][64Bits] – OpenAL =>.Creative Labs Inc®
          O42 - Logiciel: OpenOffice 4.1.1 - (.Apache Software Foundation.) [HKLM][64Bits] – {9395F41D-0F80-432E-9A59-B8E477E7E163} =>.Apache Software Foundation
          O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] – Origin =>.Electronic Arts, Inc.
          O42 - Logiciel: PLAYERUNKNOWN’S BATTLEGROUNDS - (.Bluehole, Inc..) [HKLM][64Bits] – Steam App 578080 =>.Valve®
          O42 - Logiciel: PLAYERUNKNOWN’S BATTLEGROUNDS (Test Server) - (..) [HKLM][64Bits] – Steam App 622590 =>.Valve®
          O42 - Logiciel: Plus500 - (..) [HKLM][64Bits] – Plus500 {031183F8BA44C6DB1F7305BE0C6A6689}
          O42 - Logiciel: Ralink RT2870 Wireless LAN Card - (.Ralink.) [HKLM][64Bits] – {28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D} =>.Ralink Technology Corporation®
          O42 - Logiciel: Roll - (..) [HKLM][64Bits] – RollerCoaster Tycoon Setup
          O42 - Logiciel: S.T.A.L.K.E.R.: Call of Pripyat - (.GSC Game World.) [HKLM][64Bits] – Steam App 41700 =>.Valve®
          O42 - Logiciel: S.T.A.L.K.E.R.: Shadow of Chernobyl - (.GSC Game World.) [HKLM][64Bits] – Steam App 4500 =>.Valve®
          O42 - Logiciel: SafeZone Stable 3.55.2393.607 - (.Avast Software.) [HKLM][64Bits] – SafeZone 3.55.2393.607 =>.AVAST Software s.r.o.®
          O42 - Logiciel: SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv =>.NVIDIA Corporation
          O42 - Logiciel: SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController =>.NVIDIA Corporation
          O42 - Logiciel: Sid Meier’s Pirates! - (.Firaxis Games.) [HKLM][64Bits] – Steam App 3920 =>.Valve®
          O42 - Logiciel: Steam - (.Valve.) [HKLM][64Bits] – {048298C9-A4D3-490B-9FF9-AB023A9238F3} =>.Valve
          O42 - Logiciel: The Pirate: Caribbean Hunt - (.Home Net Games.) [HKLM][64Bits] – Steam App 512470 =>.Valve®
          O42 - Logiciel: The Sims 2 - (..) [HKLM][64Bits] – {6E7DD182-9FC6-4651-0095-2E666CC6AF35}
          O42 - Logiciel: The Sims 2 Nightlife - (..) [HKLM][64Bits] – {F7529650-B9DB-481B-0089-A2AC3C2821C1}
          O42 - Logiciel: Ultima 8 - (.Electronic Arts.) [HKLM][64Bits] – {428C6B01-D292-46F9-9321-75668ED17DA2} =>.Electronic Arts®
          O42 - Logiciel: War Thunder - (.Gaijin Entertainment.) [HKLM][64Bits] – Steam App 236390 =>.Valve®
          O42 - Logiciel: WinZip 19.0 - (.WinZip Computing, S.L..) [HKLM][64Bits] – {CD95F661-A5C4-44F5-A6AA-ECDD91C240E7} =>.WinZip Computing, S.L.
          O42 - Logiciel: X2 - The Threat - (.EGOSOFT.) [HKLM][64Bits] – {7DCB3E4A-E5EA-4324-ADB2-75BBFEFB44FB} =>.EGOSOFT

          —\ HKCU & HKLM Software Keys (74) - 11s
          HKLM\SOFTWARE\Wow6432Node\685D6D1C-D73A-4F37-B7E5E53660311DDB =>.Pixart Imaging Inc
          HKLM\SOFTWARE\Wow6432Node\Adobe =>.Adobe
          HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies =>.AGEIA Technologies
          HKLM\SOFTWARE\Wow6432Node\AVAST Software =>.AVAST Software
          HKLM\SOFTWARE\Wow6432Node\BlueStacks =>.BlueStack Systems, Inc.
          HKLM\SOFTWARE\Wow6432Node\Bohemia Interactive =>.Bohemia Interactive
          HKLM\SOFTWARE\Wow6432Node\bohemia interactive studio =>.Bohemia Interactive Studio
          HKLM\SOFTWARE\Wow6432Node\EA GAMES =>.EA Games
          HKLM\SOFTWARE\Wow6432Node\EgoSoftware
          HKLM\SOFTWARE\Wow6432Node\Electronic Arts =>.Electronic Arts
          HKLM\SOFTWARE\Wow6432Node\Fish Technology Group
          HKLM\SOFTWARE\Wow6432Node\Google =>.Google
          HKLM\SOFTWARE\Wow6432Node\GSC Game World =>.GSC Game World
          HKLM\SOFTWARE\Wow6432Node\InstallShield =>.InstallShield
          HKLM\SOFTWARE\Wow6432Node\Intel =>.Intel
          HKLM\SOFTWARE\Wow6432Node\JavaSoft =>.JavaSoft
          HKLM\SOFTWARE\Wow6432Node\JreMetrics =>.JreMetrics
          HKLM\SOFTWARE\Wow6432Node\Khronos =>.Khronos
          HKLM\SOFTWARE\Wow6432Node\Macromedia =>.Macromedia
          HKLM\SOFTWARE\Wow6432Node\Mozilla =>.Mozilla
          HKLM\SOFTWARE\Wow6432Node\mozilla.org =>.mozilla.org
          HKLM\SOFTWARE\Wow6432Node\MozillaPlugins =>.MozillaPlugins
          HKLM\SOFTWARE\Wow6432Node\MSPG32
          HKLM\SOFTWARE\Wow6432Node\Nico Mak Computing =>.Nico Mak Computing
          HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation =>.nVidia Corporation
          HKLM\SOFTWARE\Wow6432Node\ODBC =>.DB Connectivity Solutions
          HKLM\SOFTWARE\Wow6432Node\OpenAL =>.Open Audio Library
          HKLM\SOFTWARE\Wow6432Node\OpenOffice =>.SourceForge
          HKLM\SOFTWARE\Wow6432Node\Origin =>.Electronic Arts, Inc.
          HKLM\SOFTWARE\Wow6432Node\Origin Games =>.Electronic Arts, Inc.
          HKLM\SOFTWARE\Wow6432Node\Origin Systems
          HKLM\SOFTWARE\Wow6432Node\PixArt =>.Pixart Imaging Inc
          HKLM\SOFTWARE\Wow6432Node\Ralink =>.Ralink
          HKLM\SOFTWARE\Wow6432Node\SEGA =>.SEGA
          HKLM\SOFTWARE\Wow6432Node\Valve =>.Valve
          HKLM\SOFTWARE\Wow6432Node\VIA Technologies, Inc =>.VIA Technologies, Inc
          HKLM\SOFTWARE\Wow6432Node\Volatile =>.Microsoft Corporation
          HKLM\SOFTWARE\Wow6432Node\RegisteredApplications =>.Microsoft Corporation
          HKCU\SOFTWARE\Adobe =>.Adobe
          HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
          HKCU\SOFTWARE\AVAST Software =>.AVAST Software
          HKCU\SOFTWARE\BitTorrent
          HKCU\SOFTWARE\Bohemia Interactive Studio =>.Bohemia Interactive Studio
          HKCU\SOFTWARE\CarbonGames
          HKCU\SOFTWARE\CheeseSoft
          HKCU\SOFTWARE\Chromium =>.Chromium
          HKCU\SOFTWARE\Electronic Arts =>.Electronic Arts
          HKCU\SOFTWARE\Emulators =>.Open Source
          HKCU\SOFTWARE\Epic Games =>.Epic Games
          HKCU\SOFTWARE\epsxe =>.ePSXe
          HKCU\SOFTWARE\Frontier Developments =>.Frontier Developments
          HKCU\SOFTWARE\Gaijin =>.Gaijin Entertainment
          HKCU\SOFTWARE\Google =>.Google
          HKCU\SOFTWARE\Home Net Games
          HKCU\SOFTWARE\Intel =>.Intel
          HKCU\SOFTWARE\JavaSoft =>.JavaSoft
          HKCU\SOFTWARE\LogiShrd =>.LogiShrd
          HKCU\SOFTWARE\Macromedia =>.Macromedia
          HKCU\SOFTWARE\Mozilla =>.Mozilla
          HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins
          HKCU\SOFTWARE\MSPG32
          HKCU\SOFTWARE\Nico Mak Computing =>.Nico Mak Computing
          HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
          HKCU\SOFTWARE\OpenOffice =>.SourceForge
          HKCU\SOFTWARE\Plus500
          HKCU\SOFTWARE\SecuROM =>.SecuROM
          HKCU\SOFTWARE\Trolltech =>.Trolltech
          HKCU\SOFTWARE\Unity =>.Unity
          HKCU\SOFTWARE\Valve =>.Valve
          HKCU\SOFTWARE\VIA =>.VIA
          HKCU\SOFTWARE\WinZip Computing =>.WinZip Computing
          HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
          HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
          HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation

          —\ Contents of the Common Files folders (209) - 6s
          O43 - CFD: 28/06/2015 - D – C:\Program Files\Adobe =>.Adobe Systems Incorporated®
          O43 - CFD: 14/06/2017 - D – C:\Program Files\AVAST Software =>.AVAST Software s.r.o.®
          O43 - CFD: 03/12/2015 - D – C:\Program Files\Common Files =>.Microsoft Corporation
          O43 - CFD: 15/06/2017 - D – C:\Program Files\DVD Maker =>.Aone Software
          O43 - CFD: 26/07/2015 - D – C:\Program Files\GIMP 2 =>.Jernej Simoncic®
          O43 - CFD: 15/04/2015 - [0] D – C:\Program Files\Google =>.Google
          O43 - CFD: 15/06/2017 - D – C:\Program Files\Internet Explorer =>.Microsoft Corporation
          O43 - CFD: 12/04/2011 - D – C:\Program Files\Microsoft Games =>.Microsoft Corporation
          O43 - CFD: 16/04/2015 - D – C:\Program Files\Microsoft Mouse and Keyboard Center =>.Microsoft Corporation
          O43 - CFD: 27/04/2015 - D – C:\Program Files\Microsoft Office =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - D – C:\Program Files\MSBuild =>.Microsoft Corporation
          O43 - CFD: 15/06/2017 - D – C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
          O43 - CFD: 14/07/2009 - D – C:\Program Files\Reference Assemblies =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - [0] HD – C:\Program Files\Uninstall Information =>.Microsoft Corporation
          O43 - CFD: 15/04/2015 - D – C:\Program Files\VIA =>.VIA Technologies Inc.®
          O43 - CFD: 17/04/2015 - D – C:\Program Files\Windows Defender =>.Microsoft Corporation
          O43 - CFD: 12/04/2011 - D – C:\Program Files\Windows Mail =>.Microsoft Corporation
          O43 - CFD: 15/06/2017 - D – C:\Program Files\Windows Media Player =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - D – C:\Program Files\Windows NT =>.Microsoft Corporation
          O43 - CFD: 12/04/2011 - D – C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
          O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
          O43 - CFD: 12/04/2011 - D – C:\Program Files\Windows Sidebar =>.Microsoft Corporation
          O43 - CFD: 17/04/2015 - D – C:\Program Files\WinZip =>.WinZip Computing®
          O43 - CFD: 28/06/2015 - D – C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated®
          O43 - CFD: 15/06/2017 - [0] D – C:\Program Files (x86)\AGEIA Technologies =>.AGEIA Technologies
          O43 - CFD: 15/04/2015 - D – C:\Program Files (x86)\BlueStacks =>.BlueStack Systems, Inc.
          O43 - CFD: 14/06/2017 - D – C:\Program Files (x86)\Common Files =>.Microsoft Corporation
          O43 - CFD: 15/04/2015 - [0] D – C:\Program Files (x86)\Driver Downloader
          O43 - CFD: 13/04/2015 - D – C:\Program Files (x86)\EA GAMES =>.EA Games
          O43 - CFD: 11/04/2015 - D – C:\Program Files (x86)\EGOSOFT =>.EGOSOFT
          O43 - CFD: 15/04/2015 - D – C:\Program Files (x86)\Frontier =>.Frontier Developments Plc®
          O43 - CFD: 15/04/2015 - D – C:\Program Files (x86)\Google =>.Google
          O43 - CFD: 11/04/2015 - D – C:\Program Files (x86)\Hasbro Interactive =>.Hasbro Interactive
          O43 - CFD: 17/04/2015 - HD – C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield Software
          O43 - CFD: 15/06/2017 - D – C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
          O43 - CFD: 14/06/2017 - D – C:\Program Files (x86)\Java =>.Oracle
          O43 - CFD: 26/10/2015 - D – C:\Program Files (x86)\Malwarebytes Anti-Malware =>.Malwarebytes
          O43 - CFD: 27/04/2015 - D – C:\Program Files (x86)\Microsoft Application Virtualization Client =>.Microsoft Corporation
          O43 - CFD: 12/04/2015 - D – C:\Program Files (x86)\Microsoft Games =>.Microsoft Corporation
          O43 - CFD: 27/04/2015 - D – C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation
          O43 - CFD: 16/04/2015 - D – C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
          O43 - CFD: 17/06/2017 - D – C:\Program Files (x86)\Mozilla Firefox =>.Mozilla
          O43 - CFD: 17/06/2017 - D – C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla
          O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
          O43 - CFD: 15/06/2017 - D – C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation
          O43 - CFD: 17/06/2017 - D – C:\Program Files (x86)\OpenAL =>.Open Audio Library
          O43 - CFD: 27/04/2015 - D – C:\Program Files (x86)\OpenOffice 4 =>.OpenOffice.org
          O43 - CFD: 29/04/2015 - D – C:\Program Files (x86)\Origin =>.Electronic Arts, Inc.
          O43 - CFD: 29/04/2015 - D – C:\Program Files (x86)\Origin Games =>.Electronic Arts, Inc.
          O43 - CFD: 30/07/2015 - D – C:\Program Files (x86)\Plus500 {031183F8BA44C6DB1F7305BE0C6A6689}
          O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
          O43 - CFD: 12/04/2015 - D – C:\Program Files (x86)\SEGA =>.SEGA
          O43 - CFD: 17/06/2017 - D – C:\Program Files (x86)\Steam =>.Steam Games
          O43 - CFD: 14/07/2009 - [0] HD – C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation
          O43 - CFD: 15/04/2015 - D – C:\Program Files (x86)\VIA =>.US Waves inc®
          O43 - CFD: 17/04/2015 - D – C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
          O43 - CFD: 12/04/2011 - D – C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
          O43 - CFD: 15/06/2017 - D – C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
          O43 - CFD: 12/04/2011 - D – C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
          O43 - CFD: 21/11/2010 - D – C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
          O43 - CFD: 12/04/2011 - D – C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
          O43 - CFD: 11/04/2015 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
          O43 - CFD: 12/04/2015 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
          O43 - CFD: 15/04/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software =>.AVAST Software
          O43 - CFD: 15/04/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks =>.BlueStack Systems, Inc.
          O43 - CFD: 17/06/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive =>.Bohemia Interactive
          O43 - CFD: 13/04/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES =>.EA Games
          O43 - CFD: 15/04/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frontier =>.Frontier
          O43 - CFD: 29/04/2015 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
          O43 - CFD: 11/04/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive =>.Hasbro Interactive
          O43 - CFD: 14/06/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
          O43 - CFD: 14/07/2009 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
          O43 - CFD: 26/10/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware =>.Malwarebytes
          O43 - CFD: 12/04/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games =>.Microsoft Corporation
          O43 - CFD: 16/04/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center =>.Microsoft Corporation
          O43 - CFD: 27/04/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English) =>.Microsoft Corporation
          O43 - CFD: 15/06/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation =>.nVidia Corporation
          O43 - CFD: 27/04/2015 - SD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 =>.SourceForge
          O43 - CFD: 29/04/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin =>.Electronic Arts, Inc.
          O43 - CFD: 30/07/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plus500
          O43 - CFD: 12/04/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA =>.SEGA
          O43 - CFD: 17/04/2015 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
          O43 - CFD: 12/04/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games
          O43 - CFD: 29/04/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultima 8
          O43 - CFD: 15/04/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIA =>.VIA
          O43 - CFD: 17/04/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip =>.WinZip
          O43 - CFD: 28/06/2015 - D – C:\ProgramData\Adobe =>.Adobe
          O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Application Data =>.Microsoft Corporation
          O43 - CFD: 15/06/2017 - D – C:\ProgramData\AVAST Software =>.AVAST Software
          O43 - CFD: 15/04/2015 - D – C:\ProgramData\BlueStacks =>.BlueStack Systems, Inc.
          O43 - CFD: 15/04/2015 - D – C:\ProgramData\BlueStacksSetup =>.BlueStack Systems, Inc.
          O43 - CFD: 17/06/2017 - D – C:\ProgramData\Bohemia Interactive Studio =>.Bohemia Interactive Studio
          O43 - CFD: 17/06/2017 - D – C:\ProgramData\boost_interprocess =>.boost.org
          O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Desktop =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Documents =>.Microsoft Corporation
          O43 - CFD: 29/04/2015 - D – C:\ProgramData\Electronic Arts =>.Electronic Arts
          O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Favorites =>.Microsoft Corporation
          O43 - CFD: 16/06/2017 - D – C:\ProgramData\Gaijin =>.Gaijin Entertainment
          O43 - CFD: 25/07/2015 - D – C:\ProgramData\Malwarebytes =>.Malwarebytes
          O43 - CFD: 18/12/2015 - SD – C:\ProgramData\Microsoft =>.Microsoft Corporation
          O43 - CFD: 15/04/2015 - D – C:\ProgramData\Mozilla =>.Mozilla Corporation
          O43 - CFD: 17/06/2017 - D – C:\ProgramData\NVIDIA =>.nVidia Corporation
          O43 - CFD: 14/06/2017 - D – C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation
          O43 - CFD: 14/06/2017 - D – C:\ProgramData\Oracle =>.Oracle
          O43 - CFD: 27/05/2015 - D – C:\ProgramData\Origin =>.Electronic Arts, Inc.
          O43 - CFD: 14/06/2017 - D – C:\ProgramData\Package Cache =>.Microsoft Corporation
          O43 - CFD: 17/04/2015 - D – C:\ProgramData\Ralink Driver =>.Ralink
          O43 - CFD: 29/06/2015 - D – C:\ProgramData\regid.1986-12.com.adobe =>.Adobe Inc.
          O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Start Menu =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Templates =>.Microsoft Corporation
          O43 - CFD: 13/05/2015 - D – C:\ProgramData\VirtualizedApplications =>.Microsoft Corporation
          O43 - CFD: 17/04/2015 - D – C:\ProgramData\WinZip =>.WinZip
          O43 - CFD: 28/06/2015 - D – C:\Program Files (x86)\Common Files\Adobe =>.Adobe
          O43 - CFD: 03/12/2015 - D – C:\Program Files (x86)\Common Files\AV =>.Avast
          O43 - CFD: 17/06/2017 - D – C:\Program Files (x86)\Common Files\BattlEye =>.BattlEye
          O43 - CFD: 27/04/2015 - D – C:\Program Files (x86)\Common Files\DESIGNER =>.Designer
          O43 - CFD: 29/04/2015 - HD – C:\Program Files (x86)\Common Files\EAInstaller =>.Electronic Arts, Inc.
          O43 - CFD: 15/04/2015 - D – C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield
          O43 - CFD: 14/06/2017 - D – C:\Program Files (x86)\Common Files\Java =>.Oracle
          O43 - CFD: 27/05/2015 - D – C:\Program Files (x86)\Common Files\microsoft shared =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Common Files\SpeechEngines =>.Microsoft Corporation
          O43 - CFD: 15/06/2017 - D – C:\Program Files (x86)\Common Files\Steam =>.Steam Games
          O43 - CFD: 17/04/2015 - D – C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
          O43 - CFD: 29/06/2015 - D – C:\Users\Allan\AppData\Roaming\Adobe =>.Adobe
          O43 - CFD: 15/04/2015 - D – C:\Users\Allan\AppData\Roaming\AVAST Software =>.AVAST Software
          O43 - CFD: 12/05/2015 - D – C:\Users\Allan\AppData\Roaming\Carbon =>.Carbon
          O43 - CFD: 16/04/2015 - D – C:\Users\Allan\AppData\Roaming\Frontier Developments =>.Frontier Developments
          O43 - CFD: 11/04/2015 - D – C:\Users\Allan\AppData\Roaming\Identities =>.Microsoft Corporation
          O43 - CFD: 12/04/2015 - D – C:\Users\Allan\AppData\Roaming\InstallShield =>.InstallShield
          O43 - CFD: 17/04/2015 - D – C:\Users\Allan\AppData\Roaming\Macromedia =>.Macromedia
          O43 - CFD: 12/04/2011 - [0] D – C:\Users\Allan\AppData\Roaming\Media Center Programs =>.Microsoft Corporation
          O43 - CFD: 29/09/2015 - SD – C:\Users\Allan\AppData\Roaming\Microsoft =>.Microsoft Corporation
          O43 - CFD: 15/04/2015 - D – C:\Users\Allan\AppData\Roaming\Mozilla =>.Mozilla Corporation
          O43 - CFD: 29/06/2015 - D – C:\Users\Allan\AppData\Roaming\NVIDIA =>.nVidia Corporation
          O43 - CFD: 27/04/2015 - D – C:\Users\Allan\AppData\Roaming\OpenOffice =>.SourceForge
          O43 - CFD: 30/04/2015 - D – C:\Users\Allan\AppData\Roaming\Origin =>.Electronic Arts, Inc.
          O43 - CFD: 05/06/2015 - D – C:\Users\Allan\AppData\Roaming\SoftGrid Client =>.Microsoft Corporation
          O43 - CFD: 14/06/2017 - D – C:\Users\Allan\AppData\Roaming\Sun =>.Oracle
          O43 - CFD: 27/04/2015 - [0] D – C:\Users\Allan\AppData\Roaming\TP =>.TP
          O43 - CFD: 12/05/2015 - D – C:\Users\Allan\AppData\Roaming\uTorrent
          O43 - CFD: 18/06/2017 - D – C:\Users\Allan\AppData\Roaming\ZHP =>.Nicolas Coolman
          O43 - CFD: 16/06/2017 - D – C:\Users\Allan\AppData\Local\Adobe =>.Adobe
          O43 - CFD: 11/04/2015 - [0] SHD – C:\Users\Allan\AppData\Local\Application Data =>.Microsoft Corporation
          O43 - CFD: 12/04/2015 - D – C:\Users\Allan\AppData\Local\ApplicationHistory =>.Microsoft Corporation
          O43 - CFD: 17/06/2017 - D – C:\Users\Allan\AppData\Local\ArmA 2 =>.Bohemia Interactive Studio
          O43 - CFD: 17/06/2017 - [0] D – C:\Users\Allan\AppData\Local\ArmA 2 OA =>.Bohemia Interactive Studio
          O43 - CFD: 15/04/2015 - D – C:\Users\Allan\AppData\Local\Bluestacks =>.BlueStack Systems, Inc.
          O43 - CFD: 31/07/2015 - D – C:\Users\Allan\AppData\Local\CEF =>.CEF
          O43 - CFD: 18/06/2017 - D – C:\Users\Allan\AppData\Local\CrashDumps =>.Microsoft Corporation
          O43 - CFD: 15/06/2017 - D – C:\Users\Allan\AppData\Local\CrashRpt =>.Superfluous.CrashReports
          O43 - CFD: 16/06/2017 - [0] D – C:\Users\Allan\AppData\Local\Diagnostics =>.Microsoft Corporation
          O43 - CFD: 06/11/2015 - [0] D – C:\Users\Allan\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
          O43 - CFD: 29/09/2015 - [0] SHD – C:\Users\Allan\AppData\Local\EmieBrowserModeList =>.Enterprise mode Site List Mgr
          O43 - CFD: 29/09/2015 - [0] SHD – C:\Users\Allan\AppData\Local\EmieSiteList =>.Enterprise mode Site List Mgr
          O43 - CFD: 29/09/2015 - [0] SHD – C:\Users\Allan\AppData\Local\EmieUserList =>.Enterprise mode Site List Mgr
          O43 - CFD: 26/07/2015 - D – C:\Users\Allan\AppData\Local\fontconfig =>.Portable Apps
          O43 - CFD: 16/04/2015 - D – C:\Users\Allan\AppData\Local\Frontier Developments =>.Frontier Developments
          O43 - CFD: 15/04/2015 - D – C:\Users\Allan\AppData\Local\Frontier_Developments
          O43 - CFD: 16/06/2017 - D – C:\Users\Allan\AppData\Local\Gaijin =>.Gaijin Entertainment
          O43 - CFD: 26/07/2015 - D – C:\Users\Allan\AppData\Local\gegl-0.2 =>.Portable Apps
          O43 - CFD: 15/04/2015 - D – C:\Users\Allan\AppData\Local\Google =>.Google
          O43 - CFD: 12/06/2015 - D – C:\Users\Allan\AppData\Local\GWX =>.GWX
          O43 - CFD: 11/04/2015 - [0] SHD – C:\Users\Allan\AppData\Local\History =>.Microsoft Corporation
          O43 - CFD: 19/04/2015 - D – C:\Users\Allan\AppData\Local\Macromedia =>.Macromedia
          O43 - CFD: 26/10/2015 - D – C:\Users\Allan\AppData\Local\Microsoft =>.Microsoft Corporation
          O43 - CFD: 17/04/2015 - D – C:\Users\Allan\AppData\Local\Microsoft Games =>.Microsoft Corporation
          O43 - CFD: 15/04/2015 - D – C:\Users\Allan\AppData\Local\Mozilla =>.Mozilla Corporation
          O43 - CFD: 14/06/2017 - D – C:\Users\Allan\AppData\Local\NVIDIA =>.nVidia Corporation
          O43 - CFD: 15/06/2017 - D – C:\Users\Allan\AppData\Local\NVIDIA Corporation =>.nVidia Corporation
          O43 - CFD: 30/04/2015 - D – C:\Users\Allan\AppData\Local\Origin =>.Electronic Arts, Inc.
          O43 - CFD: 30/07/2015 - D – C:\Users\Allan\AppData\Local\Plus500
          O43 - CFD: 15/04/2015 - D – C:\Users\Allan\AppData\Local\Programs =>.Microsoft Corporation
          O43 - CFD: 27/04/2015 - D – C:\Users\Allan\AppData\Local\SoftGrid Client =>.Microsoft Corporation
          O43 - CFD: 14/06/2017 - D – C:\Users\Allan\AppData\Local\Steam =>.Steam Games
          O43 - CFD: 18/06/2017 - D – C:\Users\Allan\AppData\Local\Temp =>.Microsoft Corporation
          O43 - CFD: 11/04/2015 - [0] SHD – C:\Users\Allan\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
          O43 - CFD: 14/06/2017 - D – C:\Users\Allan\AppData\Local\TslGame
          O43 - CFD: 14/06/2017 - D – C:\Users\Allan\AppData\Local\UnrealEngine =>.Unreal Software
          O43 - CFD: 12/04/2015 - D – C:\Users\Allan\AppData\Local\VirtualStore =>.Microsoft Corporation
          O43 - CFD: 17/04/2015 - D – C:\Users\Allan\AppData\Local\WinZip =>.WinZip
          O43 - CFD: 18/06/2017 - D – C:\Users\Allan\AppData\Local\ZHP =>.Nicolas Coolman
          O43 - CFD: 15/04/2015 - [0] D – C:\Users\Allan\AppData\Local\Programs\Common =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - RD – C:\Users\Allan\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Accessories =>.Microsoft Corporation
          O43 - CFD: 15/06/2017 - RD – C:\Users\Allan\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Administrative Tools =>.Administrative Tools
          O43 - CFD: 17/06/2017 - D – C:\Users\Allan\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Bohemia Interactive =>.Bohemia Interactive
          O43 - CFD: 11/04/2015 - D – C:\Users\Allan\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\egosoft =>.EGOSOFT
          O43 - CFD: 16/06/2017 - D – C:\Users\Allan\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Games =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - RD – C:\Users\Allan\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Maintenance =>.Microsoft Corporation
          O43 - CFD: 30/07/2015 - [0] D – C:\Users\Allan\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Plus500
          O43 - CFD: 15/06/2017 - RD – C:\Users\Allan\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - D – C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - [0] D – C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - D – C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - [0] D – C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
          O43 - CFD: 16/06/2017 - – C:\Windows\System32\Config\systemprofile\AppData\L ocal\CrashDumps =>.Microsoft Corporation
          O43 - CFD: 14/07/2009 - D – C:\Windows\System32\Config\systemprofile\AppData\L ocal\Microsoft =>.Microsoft Corporation
          O43 - CFD: 15/04/2015 - – C:\Windows\System32\Config\systemprofile\AppData\L ocal\NVIDIA =>.nVidia Corporation
          O43 - CFD: 27/04/2015 - [0] D – C:\Windows\System32\Config\systemprofile\AppData\L ocal\SoftGrid Client =>.Microsoft Corporation
          O43 - CFD: 15/06/2017 - SD – C:\Windows\System32\Config\systemprofile\AppData\R oaming\Microsoft =>.Microsoft Corporation
          O43 - CFD: 17/06/2017 - D – C:\Windows\System32\Config\systemprofile\AppData\R oaming\SoftGrid Client =>.Microsoft Corporation
          O43 - CFD: 27/04/2015 - – C:\Windows\System32\Config\systemprofile\AppData\R oaming{90140011-0066-0409-0000-0000000FF1CE} =>Heuristic.Suspect

          —\ ShellIconOverlayIdentifiers (SIOI) (4) - 0s
          O106 - SIOI: avast [00asw] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - Avast Shell Extension.) – C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software s.r.o.®
          O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - Avast Shell Extension.) – C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software s.r.o.®
          O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) – C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
          O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation

          —\ Image File Execution Options (4) - 0s
          O50 - IFEO:C:\Windows\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialization Utility.) [MitigationOptions\256] =>.Microsoft Corporation
          O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\256] =>.Microsoft Corporation
          O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\256] =>.Microsoft Corporation
          O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\256] =>.Microsoft Corporation

          —\ System Drivers List (66) - 29s
          O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) – C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows®
          O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) – C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows®
          O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) – C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows®
          O58 - SDL:2009/07/14 02:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) – C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows®
          O58 - SDL:2011/03/11 07:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) – C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows®
          O58 - SDL:2009/07/14 02:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) – C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows®
          O58 - SDL:2011/03/11 07:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) – C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows®
          O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) – C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows®
          O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows®
          O58 - SDL:2017/06/14 21:27:31 A . (.AVAST Software s.r.o. - IDS Application Activity Monitor Driver..) – C:\Windows\System32\drivers\aswbidsdrivera.sys [311808] =>.AVAST Software s.r.o.®
          O58 - SDL:2017/06/14 21:27:32 A . (.AVAST Software s.r.o. - Application Activity Monitor Helper Driver.) – C:\Windows\System32\drivers\aswbidsha.sys [190256] =>.AVAST Software s.r.o.®
          O58 - SDL:2017/06/14 21:27:33 A . (.AVAST Software s.r.o. - Logging Driver.) – C:\Windows\System32\drivers\aswbloga.sys [334576] =>.AVAST Software s.r.o.®
          O58 - SDL:2017/06/14 21:27:34 A . (.AVAST Software s.r.o. - Universal Driver.) – C:\Windows\System32\drivers\aswbuniva.sys [49016] =>.AVAST Software s.r.o.®
          O58 - SDL:2017/06/14 21:31:59 A . (.AVAST Software - Avast HWID.) – C:\Windows\System32\drivers\aswHwid.sys [38296] =>.AVAST Software s.r.o.® (.AVAST Software)
          O58 - SDL:2017/06/14 21:28:20 A . (.AVAST Software - Avast Keyboard Filter Driver.) – C:\Windows\System32\drivers\aswKbd.sys [32600] =>.AVAST Software s.r.o.®
          O58 - SDL:2017/06/14 21:31:59 A . (.AVAST Software - Avast File System Minifilter for Windows 20.) – C:\Windows\System32\drivers\aswMonFlt.sys [128648] =>.AVAST Software s.r.o.®
          O58 - SDL:2017/06/14 21:31:56 A . (.AVAST Software - Avast WFP Redirect Driver.) – C:\Windows\System32\drivers\aswRdr2.sys [101152] =>.AVAST Software s.r.o.®
          O58 - SDL:2017/06/14 21:31:59 A . (.AVAST Software - Avast Revert.) – C:\Windows\System32\drivers\aswRvrt.sys [75704] =>.AVAST Software s.r.o.® (.AVAST Software)
          O58 - SDL:2017/06/14 21:28:22 A . (.AVAST Software - Avast Virtualization Driver.) – C:\Windows\System32\drivers\aswSnx.sys [1007160] =>.AVAST Software s.r.o.®
          O58 - SDL:2017/06/14 21:32:00 A . (.AVAST Software - Avast self protection module.) – C:\Windows\System32\drivers\aswSP.sys [569192] =>.AVAST Software s.r.o.®
          O58 - SDL:2017/06/14 21:34:52 A . (.AVAST Software - Stream Filter.) – C:\Windows\System32\drivers\aswstm.sys [158880] =>.AVAST Software s.r.o.®
          O58 - SDL:2017/06/14 21:32:01 A . (.AVAST Software - Avast VM Monitor.) – C:\Windows\System32\drivers\aswVmm.sys [339696] =>.AVAST Software s.r.o.® (.AVAST Software)
          O58 - SDL:2009/06/10 21:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) – C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation
          O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) – C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd.
          O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) – C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd.
          O58 - SDL:2009/07/14 02:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) – C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd.
          O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) – C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd.
          O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) – C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd.
          O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) – C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd.
          O58 - SDL:2009/06/10 21:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) – C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation
          O58 - SDL:2009/07/14 02:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) – C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows®
          O58 - SDL:2009/07/14 02:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) – C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows®
          O58 - SDL:2009/06/10 21:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) – C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation
          O58 - SDL:2009/06/10 21:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) – C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc.
          O58 - SDL:2010/11/21 04:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) – C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows®
          O58 - SDL:2011/03/11 07:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) – C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows®
          O58 - SDL:2009/07/14 02:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) – C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows®
          O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) – C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows®
          O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows®
          O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows®
          O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) – C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows®
          O58 - SDL:2015/10/05 10:50:06 A . (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\Windows\System32\drivers\mbam.sys [25816] =>.Malwarebytes Corporation®
          O58 - SDL:2015/10/05 10:50:10 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) – C:\Windows\System32\drivers\mbamchameleon.sys [109272] =>.Malwarebytes Corporation®
          O58 - SDL:2015/10/26 21:07:32 A . (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\Windows\System32\drivers\MBAMSwissArmy.sys [192216] =>.Malwarebytes Corporation®
          O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) – C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows®
          O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows®
          O58 - SDL:2015/10/05 10:50:18 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) – C:\Windows\System32\drivers\mwac.sys [63704] =>.Malwarebytes Corporation®
          O58 - SDL:2011/04/28 14:20:30 A . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) – C:\Windows\System32\drivers\netr28ux.sys [1617472] =>.Ralink Technology Corporation®
          O58 - SDL:2009/07/14 02:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) – C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows®
          O58 - SDL:2016/11/14 13:30:58 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) – C:\Windows\System32\drivers\nvlddmkm.sys [12905016] =>.NVIDIA Corporation®
          O58 - SDL:2009/06/10 21:35:35 A . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) – C:\Windows\System32\drivers\nvm62x64.sys [408960] =>.NVIDIA Corporation
          O58 - SDL:2011/03/11 07:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows®
          O58 - SDL:2011/03/11 07:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows®
          O58 - SDL:2017/05/03 21:16:38 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) – C:\Windows\System32\drivers\nvvad64v.sys [48064] =>.NVIDIA Corporation®
          O58 - SDL:2017/05/03 21:16:38 A . (.NVIDIA Corporation - Virtual USB Host Controller driver.) – C:\Windows\System32\drivers\nvvhci.sys [57792] =>.NVIDIA Corporation®
          O58 - SDL:2006/12/05 11:34:26 A . (.PixArt Imaging Inc. - PFC027.) – C:\Windows\System32\drivers\PFC027.SYS [572416] =>.PixArt Imaging Inc.
          O58 - SDL:2009/07/14 02:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) – C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows®
          O58 - SDL:2009/07/14 02:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) – C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows®
          O58 - SDL:2009/06/10 21:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) – C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited,
          O58 - SDL:2009/07/14 02:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows®
          O58 - SDL:2009/07/14 02:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows®
          O58 - SDL:2009/07/14 02:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) – C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows®
          O58 - SDL:2012/10/22 18:09:58 A . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) – C:\Windows\System32\drivers\viahduaa.sys [2206864] =>.VIA Technologies Inc.®
          O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) – C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows®
          O58 - SDL:2009/07/31 11:40:34 A . (.Creative Technology Ltd. - Creative Audio Driver.) – C:\Windows\System32\drivers\VMfilt64.sys [25600] =>.Creative Technology Ltd.
          O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows®

          —\ Last modified or created user files (1) - 26s
          O61 - LFC: 2017/06/15 23:08:05 A . (..) – C:\Users\Allan\Saved Games\MechWarrior Online\Shaders\Cache\D3D9\lookupdata.bin [7944]

          —\ File Associations Shell Spawning (11) - 1s
          O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – “%1” %*
          O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) – C:\Windows\System32\control.exe =>.Microsoft Corporation
          O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – “%1” %*
          O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – “%1” %*
          O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) – C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
          O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – “%1” %*
          O67 - Shell Spawning: <.html> [HKLM..\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
          O67 - Shell Spawning: <.js> [HKLM..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) – C:\Windows\System32\wscript.exe =>.Microsoft Corporation
          O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Registry Editor.) – C:\Windows\regedit.exe =>.Microsoft Corporation
          O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – “%1” /S
          O67 - Shell Spawning: <.html> [HKCU..\open\Command] (.Mozilla Corporation - Firefox.) – C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®

          —\ Start Menu Internet (12) - 0s
          O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\Shell\open\Command] (.Mozilla Corporation - Firefox.) – C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
          O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
          O68 - StartMenuInternet: [HKLM..\Shell\open\Command] (.Avast Software - Avast SafeZone Browser.) – C:\Program Files\AVAST Software\SZBrowser\Launcher.exe =>.AVAST Software s.r.o.®
          O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
          O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
          O68 - StartMenuInternet: [HKLM..\InstallInfo\ShowIconsCommand] (.Avast Software - Avast SafeZone Browser.) – C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
          O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
          O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
          O68 - StartMenuInternet: [HKLM..\InstallInfo\ReinstallCommand] (.Avast Software - Avast SafeZone Browser.) – C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
          O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
          O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
          O68 - StartMenuInternet: [HKLM..\InstallInfo\HideIconsCommand] (.Avast Software - Avast SafeZone Browser.) – C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software

          —\ Search Browser Infection (2) - 9s
          O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
          O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com

          —\ Search Svchost Services (32) - 1s
          O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) – C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation
          O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
          O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
          O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) – C:\Windows\system32\srvsvc.dll [236032] =>.Microsoft Corporation
          O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) – C:\Windows\System32\gpsvc.dll [794624] =>.Microsoft Corporation
          O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) – C:\Windows\System32\ikeext.dll [859648] =>.Microsoft Corporation
          O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) – C:\Windows\System32\Audiosrv.dll [680448] =>.Microsoft Corporation
          O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) – C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation
          O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) – C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation
          O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) – C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation
          O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) – C:\Windows\System32\Sens.dll [64512] =>.Microsoft Corporation
          O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) – C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation
          O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows™ Telephony Server.) – C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation
          O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) – C:\Windows\System32\termsrv.dll [683520] =>.Microsoft Corporation
          O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) – C:\Windows\system32\wuaueng.dll [2651136] =>.Microsoft Corporation
          O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) – C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation
          O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) – C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation
          O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) – C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation
          O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) – C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation
          O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) – C:\Windows\System32\appinfo.dll [70144] =>.Microsoft Corporation
          O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) – C:\Windows\system32\iscsiexe.dll [156672] =>.Microsoft Corporation
          O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) – C:\Windows\system32\mmcss.dll [67584] =>.Microsoft Corporation
          O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\Windows\system32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation
          O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) – C:\Windows\System32\SessEnv.dll [121856] =>.Microsoft Corporation
          O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) – C:\Windows\System32\browser.dll [136704] =>.Microsoft Corporation
          O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) – C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation
          O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) – C:\Windows\system32\schedsvc.dll [1110016] =>.Microsoft Corporation
          O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) – C:\Windows\system32\kmsvc.dll [90624] =>.Microsoft Corporation
          O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) – C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation
          O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) – C:\Windows\system32\profsvc.dll [210432] =>.Microsoft Corporation
          O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) – C:\Windows\system32\themeservice.dll [44544] =>.Microsoft Corporation
          O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) – C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation

          —\ Firewall Active Exception List (18) - 10s
          O87 - FAEL: “{82C77AB4-2B8F-4956-9DBF-6F3807D92D99}” [In-None-P6-TRUE] .(…) – C:\Users\Allan\AppData\Local\Temp\nsnE38B.tmp\Cnet Installer-186857.exe (.not file.) =>.Temporary file not necessary
          O87 - FAEL: “{1C779C57-AB6E-4F08-AEEE-2941C63D4850}” [Out-None-P6-TRUE] .(…) – C:\Users\Allan\AppData\Local\Temp\nsnE38B.tmp\Cnet Installer-186857.exe (.not file.) =>.Temporary file not necessary
          O87 - FAEL: “{E581B28A-CC46-4010-9F2C-AC89ABE22DDB}” [In-None-P6-TRUE] .(…) – C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe (.not file.)
          O87 - FAEL: “{CBC8ACB4-981B-4C48-96DA-823C5915E136}” [In-None-P17-TRUE] .(…) – C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe (.not file.)
          O87 - FAEL: “{323F265C-033D-4E3B-B983-9673AA7FD262}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (.not file.)
          O87 - FAEL: “{4A890ECD-128A-4B3D-9710-84789C6056DE}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (.not file.)
          O87 - FAEL: “{383DFFA6-898D-4921-A3E5-D9D1C2E52AAF}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\SteamApps\common\AirMech\AirMech.exe {00E8B84DB1CFF63269} =>.Steam Games
          O87 - FAEL: “{BEA8C877-7D70-45E0-870D-2C33633DC157}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\SteamApps\common\AirMech\AirMech.exe {00E8B84DB1CFF63269} =>.Steam Games
          O87 - FAEL: “TCP Query User{294D9D9A-ACE3-49E4-9606-B1EF488EE206}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries \win64\tslgame.exe” [In-None-P6-TRUE] .(.Bluehole GinnoGames, Inc. - TslGame.) – C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries \win64\tslgame.exe {1DB53A04F3FE510FE386FACDFCAB1C76}
          O87 - FAEL: “UDP Query User{25A49C35-A9E2-4D4C-89FB-99351F595D63}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries \win64\tslgame.exe” [In-None-P17-TRUE] .(.Bluehole GinnoGames, Inc. - TslGame.) – C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries \win64\tslgame.exe {1DB53A04F3FE510FE386FACDFCAB1C76}
          O87 - FAEL: “TCP Query User{7ADE218C-97C7-4869-ACB2-B4CD125BE235}C:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\bin aries\win64\tslgame.exe” [In-None-P6-TRUE] .(.Bluehole GinnoGames, Inc. - TslGame.) – C:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\bin aries\win64\tslgame.exe {1DB53A04F3FE510FE386FACDFCAB1C76}
          O87 - FAEL: “UDP Query User{0870F85A-E748-401D-9598-CD73A8CC7D11}C:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\bin aries\win64\tslgame.exe” [In-None-P17-TRUE] .(.Bluehole GinnoGames, Inc. - TslGame.) – C:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\bin aries\win64\tslgame.exe {1DB53A04F3FE510FE386FACDFCAB1C76}
          O87 - FAEL: “{111A0642-CB05-4DEA-B749-D4157A7805B2}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\SteamApps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe {4BA0D219E39C3B8C593F253918172027} =>.Steam Games
          O87 - FAEL: “{FEE19554-6D67-463D-9862-55EBE5E24CDC}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\SteamApps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe {4BA0D219E39C3B8C593F253918172027} =>.Steam Games
          O87 - FAEL: “{34A9291E-F031-41D9-B1B1-2EC7E06664AF}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\SteamApps\common\MechWarrior Online\Bin64\MWOClient.exe
          O87 - FAEL: “{13BE6242-6A0D-48F7-A15F-AD64B5211F7E}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\SteamApps\common\MechWarrior Online\Bin64\MWOClient.exe
          O87 - FAEL: “{D3BC8E22-A02B-4917-BC17-1F0296A5F778}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\SteamApps\common\The Pirate Caribbean Hunt\ThePirate.exe =>.Steam Games
          O87 - FAEL: “{FDD23B6E-6161-4D27-830A-D65F48092487}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\SteamApps\common\The Pirate Caribbean Hunt\ThePirate.exe =>.Steam Games

          —\ List of CD/DVD Emulators (MBR Hook) (2) - 1s
          HKLM\SOFTWARE\Microsoft\Tracing\DriverSupport_RASA PI32 =>PUP.Optional.DriverSupport
          HKLM\SOFTWARE\Microsoft\Tracing\DriverSupport_RASM ANCS =>PUP.Optional.DriverSupport

          —\ Additional Scan (O88) (3) - 0s
          C:\Users\Allan\AppData\Local\CrashRpt =>.Superfluous.CrashReports
          HKLM64\SOFTWARE\Microsoft\Tracing\DriverSupport_RA SAPI32 =>PUP.Optional.DriverSupport
          HKLM64\SOFTWARE\Microsoft\Tracing\DriverSupport_RA SMANCS =>PUP.Optional.DriverSupport

          —\ Summary of the elements found (3) - 0s
          Logiciels Potentiellement Superflus (LPS). - ZAM =>.Superfluous.CrashReports
          Heuristic Suspect, 1 Logiciel Indésirable. - ZAM =>Heuristic.Suspect
          Le repaquetage ou l'empaquetage logiciel peut représenter un risque de sécurité - ZAM =>PUP.Optional.DriverSupport

          ~ Unselected Options:
          ~ End of the scan, 27503 items in 02mn46s (905)(0)

          Anddddd HiJack This
          Logfile of HiJackThis Fork (Alpha) by Alex Dragokas v.2.6.4.24

          Platform: x64 Windows 7 (Home Premium), 6.1.7601, Service Pack: 1
          Time: 18.06.2017 - 02:40
          Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0x809)
          Elevated: Yes
          Ran by: Allan (group: Administrator) on PROTOTYPE

          Firefox: 53.0.3.6347
          Internet Explorer: 11.0.9600.18698

          Boot mode: Normal

          Running processes:
          Number | Path
          1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
          1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
          1 C:\Program Files (x86)\BlueStacks\HD-Agent.exe
          1 C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
          1 C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
          1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
          1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
          2 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
          1 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
          1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
          1 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
          1 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
          1 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
          1 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
          1 C:\Program Files (x86)\Mozilla Firefox\updated\firefox.exe
          1 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
          1 C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
          1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
          1 C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
          1 C:\Program Files (x86)\Steam\Steam.exe
          3 C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
          1 C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
          1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
          1 C:\Program Files\AVAST Software\Avast\AvastUI.exe
          1 C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
          1 C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
          1 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
          1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
          1 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
          1 C:\Users\Allan\HiJackThis.exe
          1 C:\Users\Allan\ZHPDiag3.exe
          1 C:\Windows\PixArt\Pac207\Monitor.exe
          1 C:\Windows\SysWOW64\notepad.exe
          1 C:\Windows\System32\SearchFilterHost.exe
          1 C:\Windows\System32\SearchIndexer.exe
          1 C:\Windows\System32\SearchProtocolHost.exe
          1 C:\Windows\System32\ViakaraokeSrv.exe
          1 C:\Windows\System32\audiodg.exe
          1 C:\Windows\System32\conhost.exe
          2 C:\Windows\System32\csrss.exe
          1 C:\Windows\System32\dwm.exe
          1 C:\Windows\System32\lsass.exe
          1 C:\Windows\System32\lsm.exe
          2 C:\Windows\System32\nvvsvc.exe
          1 C:\Windows\System32\services.exe
          1 C:\Windows\System32\smss.exe
          1 C:\Windows\System32\spoolsv.exe
          11 C:\Windows\System32\svchost.exe
          1 C:\Windows\System32\taskeng.exe
          2 C:\Windows\System32\taskhost.exe
          1 C:\Windows\System32\wininit.exe
          1 C:\Windows\System32\winlogon.exe
          1 C:\Windows\explorer.exe

          O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
          O2-32 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
          O2-32 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
          O2-32 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
          O4 - HKCU..\Run: [Gaijin.Net Agent] C:\Users\Allan\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (file missing)
          O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe -silent
          O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe
          O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui
          O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
          O4 - HKLM..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
          O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
          O4 - HKLM..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSyst emStart
          O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun
          O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
          O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun
          O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
          O4-32 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true
          O4-32 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
          O4-32 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
          O15 - Trusted Zone: http://apps.driversupport.com
          O17 - DHCP DNS - 1: 192.168.1.1
          O21 - ShellIconOverlayIdentifiers: AccExtIco1 - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
          O21 - ShellIconOverlayIdentifiers: AccExtIco2 - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
          O21 - ShellIconOverlayIdentifiers: AccExtIco3 - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
          O21 - ShellIconOverlayIdentifiers: 00asw - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShA64.dll
          O21 - ShellIconOverlayIdentifiers: 00avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShA64.dll
          O22 - Task (Disabled): \OfficeSoftwareProtectionPlatform\SvcRestartTask - C:\Windows\system32\sc.exe start osppsvc
          O22 - Task (Queued): NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
          O22 - Task (Queued): NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
          O22 - Task (Queued): \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance
          O22 - Task (Ready): Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
          O22 - Task (Ready): Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
          O22 - Task (Ready): Microsoft_Hardware_Launch_ipoint_exe - c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
          O22 - Task (Ready): Microsoft_Hardware_Launch_itype_exe - c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
          O22 - Task (Ready): Microsoft_Hardware_Launch_mousekeyboardcenter_exe - c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
          O22 - Task (Ready): NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
          O22 - Task (Ready): NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d “C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck” -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck .log
          O22 - Task (Ready): NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
          O22 - Task (Ready): NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
          O22 - Task (Ready): NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
          O22 - Task (Ready): NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
          O22 - Task (Ready): SafeZone scheduled Autoupdate 1497547532 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
          O22 - Task (Ready): \AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
          O22 - Task (Ready): \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe
          O22 - Task (Ready): \Microsoft\Windows\Windows Activation Technologies\ValidationTask - C:\Windows\system32\Wat\WatAdminSvc.exe /run
          O22 - Task (Ready): \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - C:\Windows\system32\schtasks.exe /run /I /TN “\Microsoft\Windows\Windows Activation Technologies\ValidationTask”
          O22 - Task (Ready): {93E3722E-7795-4E87-87B3-5C42114B32F0} - C:\Windows\system32\pcalua.exe -a C:\Windows\UniFish3.exe -c C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\RollerCoaster Tycoon.log
          O22 - Task (Running): Microsoft_MKC_Logon_Task_ipoint.exe - c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
          O22 - Task (Running): Microsoft_MKC_Logon_Task_itype.exe - c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
          O23 - Service R2: AdobeUpdateService - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
          O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
          O23 - Service R2: BlueStacks Log Rotator Service - (BstHdLogRotatorSvc) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
          O23 - Service R2: BlueStacks Updater Service - (BstHdUpdaterSvc) - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
          O23 - Service R2: NVIDIA Display Driver Service - (nvsvc) - C:\Windows\system32\nvvsvc.exe
          O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
          O23 - Service R2: NVIDIA Stereoscopic 3D Driver Service - (Stereo Service) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
          O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
          O23 - Service R2: VIA Karaoke digital mixer Service - (VIAKaraokeService) - C:\Windows\system32\viakaraokesrv.exe
          O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
          O23 - Service S2: BlueStacks Android Service - (BstHdAndroidSvc) - C:\Program Files (x86)\BlueStacks\HD-Service.exe
          O23 - Service S2: MBAMService - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
          O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
          O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
          O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
          O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
          O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
          O23 - Service S3: Windows Defender - (WinDefend) - C:\Windows\System32\svchost.exe; “ServiceDll” = C:\Program Files\Windows Defender\mpsvc.dll
          O23 - Service S3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe


          End of file - Time spent: 9 sec. - 24778 bytes, CRC32: FFFFFFFF. Sign: 桭䫁

            Comment

            • Malnutrition
              PCHF Moderator
              • Jul 2016
              • 7045
              #4
              ZHP Diag Fix.

              ZHP Fix               [MEDIA=imgur]4bd9Ugb[/MEDIA]
              [ul]
              [li]Disable your antivirus prior to this fix![/li]
              [li]Download ZHP-Fix from here.[/li][li]UnZip it to your desktop – Tool Here if needed… 7-Zip[/li]
              [li]Install it.[/li][li]Click Suivant 5 Times.[/li][li]Then Installer.[/li][li]Then Terminer.[/li][li]Then right clcick the ZHP Fix icon Run as admin.[/li][li]Copy the entire content of the code box below, the next step will grab it from your clipboard.[/li]
              [li]Then click on import.[/li][li]Then click GO.[/li][li]If you see any Prompts like the one below, select Oui. = Yes in French. [/li]
              [li]https://pchelpforum.net/attachments/...7-40-png.2248/ [/li]
              [li]Allow completion.[/li][li]A log file will appear on your desktop. [/li]
              [li]Post it here in your next reply.[/li][/ul]

              [ICODE]Script Zhpfix SysRestore EmptyFlash ProxyFix EmptyCLSID HKLM\SOFTWARE\Microsoft\Tracing\DriverSupport_RASA PI32 =>PUP.Optional.DriverSupport HKLM\SOFTWARE\Microsoft\Tracing\DriverSupport_RASM ANCS =>PUP.Optional.DriverSupport C:\Users\Allan\AppData\Local\CrashRpt =>.Superfluous.CrashReports HKLM64\SOFTWARE\Microsoft\Tracing\DriverSupport_RA SAPI32 =>PUP.Optional.DriverSupport HKLM64\SOFTWARE\Microsoft\Tracing\DriverSupport_RA SMANCS =>PUP.Optional.DriverSupport O23 - Service: (AdobeUpdateService) . (.Adobe Systems Incorporated - Adobe Update Service.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated® O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe =>.NVIDIA Corporation® SS - Demand [17/06/2017] [ 272384] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe =>.Adobe Systems Incorporated® SR - Auto [09/06/2015] [ 680112] (AdobeUpdateService) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated® SS - Demand [16/06/2017] [ 173512] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SR - Auto [03/05/2017] [ 449984] NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe =>.NVIDIA Corporation® [MD5.7DE8B8AC559E16AEB388E7D098E7C288] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [272384] (.Activate.) =>.Adobe Systems Incorporated® O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [4312] =>.Adobe Systems Incorporated® O39 - APT: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily _{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [4146] =>.NVIDIA Corporation® O39 - APT: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3814] =>.NVIDIA Corporation® O39 - APT: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3852] =>.NVIDIA Corporation® O39 - APT: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B 2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3738] =>.NVIDIA Corporation® O39 - APT: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3494] =>.NVIDIA Corporation® O39 - APT: NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3730] =>.NVIDIA Corporation® O39 - APT: NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3554] =>.NVIDIA Corporation® O39 - APT: NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [3738] =>.NVIDIA Corporation® O39 - APT: {93E3722E-7795-4E87-87B3-5C42114B32F0} - (...) -- C:\Windows\System32\Tasks\{93E3722E-7795-4E87-87B3-5C42114B32F0} [3224] O4 - HKCU\..\Run: [Gaijin.Net Agent] C:\Users\Allan\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (.not file.) O4 - HKUS\S-1-5-21-2771956393-836798383-2307004672-1000\..\Run: [Gaijin.Net Agent] C:\Users\Allan\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (.not file.) P2 - EXT FILE: (.Avast SafePrice - Avast SafePrice - safe shopping extens.) -- C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Pro files\ogyprs22.default\extensions\sp@avast.com.xpi =>.Avast SafePrice O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) -- (.not file.) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla O42 - Logiciel: NVIDIA Telemetry Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer =>.NVIDIA Corporation O42 - Logiciel: NvTelemetry - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry =>.NVIDIA Corporation O42 - Logiciel: SafeZone Stable 3.55.2393.607 - (.Avast Software.) [HKLM][64Bits] -- SafeZone 3.55.2393.607 =>.AVAST Software s.r.o.® HKLM\SOFTWARE\Wow6432Node\MSPG32 HKCU\SOFTWARE\Chromium =>.Chromium HKCU\SOFTWARE\MSPG32 C:\Program Files\Windows Defender O43 - CFD: 15/04/2015 - [0] D -- C:\Program Files (x86)\Driver Downloader O43 - CFD: 17/06/2017 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla O43 - CFD: 15/06/2017 - [] D -- C:\Users\Allan\AppData\Local\CrashRpt =>.Superfluous.CrashReports O43 - CFD: 12/06/2015 - [] D -- C:\Users\Allan\AppData\Local\GWX =>.GWX O43 - CFD: 27/04/2015 - [] -- C:\Windows\System32\Config\systemprofile\AppData\R oaming\{90140011-0066-0409-0000-0000000FF1CE} =>Heuristic.Suspect O68 - StartMenuInternet: <SafeZoneStable> <SafeZone Stable>[HKLM\..\Shell\open\Command] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\Launcher.exe =>.AVAST Software s.r.o.® EmptyPrefetch ShortcutFix EmptyTemp [/ICODE]

              Hijack This Fix.

              Start HijackThis , Right Click Run as Admin.
              Close all other open programs prior to running this tool!!
              Click System Scan Only.
              Then check mark the items listed below.

              O4 - HKCU..\Run: [Gaijin.Net Agent] C:\Users\Allan\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (file missing)
              O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe
              O4 - HKLM..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
              O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
              O4 - HKLM..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSyst emStart
              O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun
              O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun
              O4-32 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true
              O4-32 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
              O4-32 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
              O4 - HKLM..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSyst emStart
              O15 - Trusted Zone: http://apps.driversupport.com
              O22 - Task (Disabled): \OfficeSoftwareProtectionPlatform\SvcRestartTask - C:\Windows\system32\sc.exe start osppsvc
              O22 - Task (Queued): NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
              O22 - Task (Queued): NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
              O22 - Task (Queued): \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance
              O22 - Task (Ready): Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
              O22 - Task (Ready): NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
              O22 - Task (Ready): NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d “C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck” -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck .log
              O22 - Task (Ready): NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
              O22 - Task (Ready): NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
              O22 - Task (Ready): NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
              O22 - Task (Ready): NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
              O22 - Task (Ready): SafeZone scheduled Autoupdate 1497547532 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
              O22 - Task (Ready): \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe
              O22 - Task (Ready): \Microsoft\Windows\Windows Activation Technologies\ValidationTask - C:\Windows\system32\Wat\WatAdminSvc.exe /run
              O22 - Task (Ready): \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - C:\Windows\system32\schtasks.exe /run /I /TN “\Microsoft\Windows\Windows Activation Technologies\ValidationTask”
              O22 - Task (Ready): {93E3722E-7795-4E87-87B3-5C42114B32F0} - C:\Windows\system32\pcalua.exe -a C:\Windows\UniFish3.exe -c C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\RollerCoaster Tycoon.log
              O23 - Service R2: AdobeUpdateService - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
              O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
              O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
              O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
              O23 - Service S3: Windows Defender - (WinDefend) - C:\Windows\System32\svchost.exe; “ServiceDll” = C:\Program Files\Windows Defender\mpsvc.dll

              Now click on fix checked.
              After the fix is complete, then reboot your machine.

              Rogue Killer Scan.

              Download RogueKiller – (Portable) – from one of the following links and save it to your Desktop:

              Link 1
              Link 2

              [ul]
              [li]Close all other the running programs[/li][li]Disable ALL Antivirus – Antimalware – Applications.[/li][li]Right Click Rogue Killer and Run as Administrator.[/li][li]Click the Start Scan button.[/li][li]Allow the scan to run – it can take ten minutes or more.[/li][li]Once the scan is complete check All items for removal.[/li][li]https://pchelpforum.net/attachments/...5-54-png.1658/ [/li]
              [li]After All items are checked then press Remove Selected.[/li]
              [li]Wait until the Status box shows Deleting Finished.[/li][li]Click on open report – then open txt[/li]
              [li]Copy the content of the report and paste it here in your next reply.[/li][/ul]

              JRT Scan.

              Please download Junkware Removal Tool and save it on your desktop.

              [ul]
              [li]Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.[/li][li]Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.[/li][li]The tool will open and start scanning your system.[/li][li]Please be patient as this can take a while to complete depending on your system’s specifications.[/li][li]On completion, a log is saved to your desktop and will automatically open.[/li][li]Please post the JRT log.[/li][/ul]
              Adware Cleaner Scan.

              Please download AdwCleaner by Xplode onto your desktop.

              [ul]
              [li]Close all open programs and internet browsers.[/li][li]Double click on adwcleaner.exe to run the tool.[/li][li]Click on Scan button.[/li][li]When the scan has finished click on Clean button.[/li][li]Your computer will be rebooted automatically. A text file will open after the restart.[/li][li]Please post the contents of that logfile with your next reply.[/li][li]You can find the logfile at C:\AdwCleaner[S1].txt as well.[/li][/ul]

                Comment

                • system
                  PCHF Owner
                  • Jan 2015
                  • 7634
                  #5
                  V-Sync (Vertical Synchronisation) is a feature you can switch on in an individual game to limit its framerate so that it doesn’t exceed your monitor’s refresh rate. Most standard monitors have a refresh rate of 60 hz or 75 hz (check this by going to the Display section of AMD Catalyst Control Center or Nvidia Control Panel). If you have a game that’s running at a much higher frame-rate than your monitor’s refresh rate, then the graphics card sends frames too fast for the monitor to respond, causing tearing.

                  If you’re suffering from this badly, then turn V-Sync on. Plenty of gamers – particularly those into online shooters – are happy to suffer the occasional screen tear and leave v-sync off because it causes slight input lag on the mouse. While this is barely noticeable in most cases, in the realm of online shooters in can cost you your life. V-Sync also limits your frame-rate to factors of your monitor’s refresh rate, so if your frame-rate is 57 fps and your monitor refresh rate is 60 hz, then v-sync will knock your frame-rate down to 30 fps. For that reason, it’s best to leave v-sync off unless you get noticeable tearing.

                  For example, enabling anti-aliasing within some games can cause the framerate to slow down drastically, while using one of the anti-aliasing methods in AMD Catalyst works much more effectively.

                    Comment

                    • Allan.T
                      PCHF Member
                      • Jun 2017
                      • 131
                      #6
                      @Malnutrition I’ve performed the tasks you’ve asked, there have been some anomalies however. Nevertheless here are the results.

                      ZHPFix
                      Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015
                      Fichier d’export Registre :
                      Run by Allan at 18/06/2017 03:30:58
                      High Elevated Privileges : OK
                      Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

                      Recycle Bin emptied (00mn 06s)
                      Prefetcher emptied
                      Repair of browser shortcuts

                      ========== Software ==========
                      ABSENT Uninstall Process: c:\program files (x86)\mozilla maintenance service\uninstall.exe
                      ABSENT Uninstall Process: c:\program files\avast software\szbrowser\launcher.exe

                      ========== Registry keys ==========
                      REMOVES Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\MozillaMaintenanceService]
                      REMOVES Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\SafeZone 3.55.2393.607]
                      REMOVES:* HKLM\SOFTWARE\Microsoft\Tracing\DriverSupport_RASA PI32
                      REMOVES:* HKLM\SOFTWARE\Microsoft\Tracing\DriverSupport_RASM ANCS
                      REMOVES: Service: NvTelemetryContainer
                      REMOVES: HKLM\SOFTWARE\Wow6432Node\MSPG32
                      REMOVES: HKCU\SOFTWARE\Chromium
                      REMOVES: HKCU\SOFTWARE\MSPG32

                      ========== Registry values ==========
                      ProxyFix : Proxy configuration successfully removed
                      REMOVES ProxyServer Value
                      REMOVES ProxyEnable Value
                      REMOVES EnableHttp1_1 Value
                      REMOVES ProxyHttp1.1 Value
                      REMOVES ProxyOverride Value
                      REMOVES RunValue: Gaijin.Net Agent

                      ========== Folders ==========
                      No folders empty CLSID Local user
                      REMOVES: c:\users\allan\appdata\local\crashrpt
                      REMOVES Reboot:** c:\program files\windows defender
                      REMOVES: C:\Program Files (x86)\Driver Downloader
                      REMOVES: C:\Program Files (x86)\Mozilla Maintenance Service
                      REMOVES: C:\Users\Allan\AppData\Local\GWX
                      REMOVES: C:\Windows\System32\Config\systemprofile\AppData\R oaming{90140011-0066-0409-0000-0000000FF1CE}
                      Deletes temporary Windows (1004)

                      ========== Files ==========
                      REMOVES Flash Cookies (0) (0 octets)
                      REMOVES: c:\program files (x86)\common files\adobe\adobe desktop common\elevationmanager\adobeupdateservice.exe
                      REMOVES Reboot: c:\windows\system32\tasks\nvdriverupdatecheckdaily _{b2fe1952-0186-46c3-baec-a80aa35ac5b8}
                      REMOVES Reboot: c:\windows\system32\tasks\nvidia geforce experience selfupdate_{b2fe1952-0186-46c3-baec-a80aa35ac5b8}
                      REMOVES Reboot: c:\windows\system32\tasks\nvnodelauncher_{b2fe1952-0186-46c3-baec-a80aa35ac5b8}
                      REMOVES Reboot: c:\windows\system32\tasks\nvprofileupdaterdaily_{b 2fe1952-0186-46c3-baec-a80aa35ac5b8}
                      REMOVES Reboot: c:\windows\system32\tasks\nvprofileupdateronlogon_ {b2fe1952-0186-46c3-baec-a80aa35ac5b8}
                      REMOVES Reboot: c:\windows\system32\tasks\nvtmmon_{b2fe1952-0186-46c3-baec-a80aa35ac5b8}
                      REMOVES Reboot: c:\windows\system32\tasks\nvtmreponlogon_{b2fe1952-0186-46c3-baec-a80aa35ac5b8}
                      REMOVES Reboot: c:\windows\system32\tasks\nvtmrep_{b2fe1952-0186-46c3-baec-a80aa35ac5b8}
                      REMOVES Reboot: c:\windows\system32\tasks{93e3722e-7795-4e87-87b3-5c42114b32f0}
                      Deletes temporary Windows (2287) (1,073,197,698 octets)

                      ========== Scheduled task ==========
                      REMOVES: Adobe Flash Player Updater

                      ========== System restore ==========
                      The system successfully created restore point

                      ========== Other ==========
                      NON-TREATY [HKLM64\SOFTWARE\Microsoft\Tracing\DriverSupport_RA SAPI32]
                      NON-TREATY [HKLM64\SOFTWARE\Microsoft\Tracing\DriverSupport_RA SMANCS]

                      ========== Summary ==========
                      8 : Registry keys
                      7 : Registry values
                      8 : Folders
                      12 : Files
                      2 : Software
                      1 : Scheduled task
                      1 : System restore
                      2 : Other

                      End of clean in 06mn 36s

                      ========== Path to file report ==========
                      C:\Users\Allan\AppData\Roaming\ZHP\ZHPFix[R1].txt - 18/06/2017 03:31:05 [3528]

                      HijackThis
                      I’d like to mention that the there were 4 items which wasn’t on the list for checking they were;
                      O4 - HKCU..\Run: [Gaijin.Net Agent] C:\Users\Allan\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (file missing)
                      O22 - Task (Ready): SafeZone scheduled Autoupdate 1497547532 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
                      O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
                      O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
                      RogueKiller Results
                      RogueKiller V12.11.2.0 (x64) [Jun 12 2017] (Free) by Adlice Software
                      mail : Support Form | Contact • Adlice Software
                      Feedback : https://forum.adlice.com
                      Website : Free Virus Cleaner | RogueKiller AntiMalware • Adlice Software
                      Blog : http://www.adlice.com

                      Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
                      Started in : Normal mode
                      User : Allan [Administrator]
                      Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
                      Mode : Delete – Date : 06/18/2017 03:47:04 (Duration : 00:50:33)

                      ¤¤¤ Processes : 0 ¤¤¤

                      ¤¤¤ Registry : 14 ¤¤¤
                      [PUP.Gen1] (X64) HKEY_USERS\RK_Sean_ON_E_CA50\Software\APN PIP → Deleted
                      [PUP.Gen1] (X64) HKEY_USERS\RK_Sean_ON_E_CA50\Software\Myfree Codec → Deleted
                      [PUP.Gen1] (X86) HKEY_USERS\RK_Sean_ON_E_CA50\Software\APN PIP → Deleted
                      [PUP.Gen1] (X86) HKEY_USERS\RK_Sean_ON_E_CA50\Software\Myfree Codec → Deleted
                      [PUP.Gen1] (X64) HKEY_USERS\RK_UpdatusUser_ON_E_04A6\Software\APN PIP → Deleted
                      [PUP.Gen1] (X64) HKEY_USERS\RK_UpdatusUser_ON_E_04A6\Software\Myfre e Codec → Deleted
                      [PUP.Gen1] (X86) HKEY_USERS\RK_UpdatusUser_ON_E_04A6\Software\APN PIP → Deleted
                      [PUP.Gen1] (X86) HKEY_USERS\RK_UpdatusUser_ON_E_04A6\Software\Myfre e Codec → Deleted
                      [PUP.Gen1] (X64) HKEY_USERS\RK_Sean_ON_E_CA50\Software\Microsoft\Wi ndows\CurrentVersion\Uninstall\MyFreeCodec → Deleted
                      [PUP.Gen1] (X86) HKEY_USERS\RK_Sean_ON_E_CA50\Software\Microsoft\Wi ndows\CurrentVersion\Uninstall\MyFreeCodec → Deleted
                      [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {82C77AB4-2B8F-4956-9DBF-6F3807D92D99} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users \Allan\AppData\Local\Temp\nsnE38B.tmp\CnetInstalle r-186857.exe|Name=proinstaller344824144| → Deleted
                      [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {1C779C57-AB6E-4F08-AEEE-2941C63D4850} : v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\User s\Allan\AppData\Local\Temp\nsnE38B.tmp\CnetInstall er-186857.exe|Name=proinstaller344824144| → Deleted
                      [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {82C77AB4-2B8F-4956-9DBF-6F3807D92D99} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users \Allan\AppData\Local\Temp\nsnE38B.tmp\CnetInstalle r-186857.exe|Name=proinstaller344824144| → Deleted
                      [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {1C779C57-AB6E-4F08-AEEE-2941C63D4850} : v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\User s\Allan\AppData\Local\Temp\nsnE38B.tmp\CnetInstall er-186857.exe|Name=proinstaller344824144| → Deleted

                      ¤¤¤ Tasks : 0 ¤¤¤

                      ¤¤¤ Files : 0 ¤¤¤

                      ¤¤¤ WMI : 0 ¤¤¤

                      ¤¤¤ Hosts File : 0 ¤¤¤

                      ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

                      ¤¤¤ Web browsers : 0 ¤¤¤

                      ¤¤¤ MBR Check : ¤¤¤
                      +++++ PhysicalDrive0: MD10000- NSDW-RO SCSI Disk Device +++++
                      — User —
                      [MBR] 50d48109cfff44fa93bc1ba7b51027d8
                      [BSP] 103a0687227a91af8d1df4ae6744416a : Windows Vista/7/8|VT.Unknown MBR Code
                      Partition table:
                      0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
                      1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
                      User = LL1 … OK
                      Error reading LL2 MBR! ([1] Incorrect function. )

                      +++++ PhysicalDrive1: Hitachi HDS721050CLA SCSI Disk Device +++++
                      — User —
                      [MBR] 08fc5354d7625dccd936db32566267f1
                      [BSP] 53e54b1e1a258e5377092410b7343565 : HP|VT.Unknown MBR Code
                      Partition table:
                      0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476938 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
                      User = LL1 … OK
                      Error reading LL2 MBR! ([1] Incorrect function. )

                      JRT Results
                      Code:
                      Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 7 Home Premium x64
Ran by Allan (Administrator) on 18/06/2017 at  4:45:21.50
                      File System: 16

                      Successfully deleted: C:\Users\Allan\AppData\Local\Microsoft\Windows\Tem porary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
                      Successfully deleted: C:\Users\Allan\AppData\Local\Microsoft\Windows\Tem porary Internet Files\Content.IE5\0WYQJIGB (Temporary Internet Files Folder)
                      Successfully deleted: C:\Users\Allan\AppData\Local\Microsoft\Windows\Tem porary Internet Files\Content.IE5\3D0JG2O1 (Temporary Internet Files Folder)
                      Successfully deleted: C:\Users\Allan\AppData\Local\Microsoft\Windows\Tem porary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
                      Successfully deleted: C:\Users\Allan\AppData\Local\Microsoft\Windows\Tem porary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
                      Successfully deleted: C:\Users\Allan\AppData\Local\Microsoft\Windows\Tem porary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
                      Successfully deleted: C:\Users\Allan\AppData\Local\Microsoft\Windows\Tem porary Internet Files\Content.IE5\PCRWIA4C (Temporary Internet Files Folder)
                      Successfully deleted: C:\Users\Allan\AppData\Local\Microsoft\Windows\Tem porary Internet Files\Content.IE5\VM65RX3B (Temporary Internet Files Folder)
                      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
                      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\0WYQJIGB (Temporary Internet Files Folder)
                      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\3D0JG2O1 (Temporary Internet Files Folder)
                      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
                      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
                      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
                      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\PCRWIA4C (Temporary Internet Files Folder)
                      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\VM65RX3B (Temporary Internet Files Folder)

                      Registry: 0
                      Code:
                      Scan was completed on 18/06/2017 at  4:47:30.63
End of JRT log
                      Adware Cleaner

                      I can say now that the scan yielded 0 items, though when the computer went to re-boot after the scan the boot up loaded in windows 10, which I’m sure I cancelled the installation earlier this evening whilst I ran these scans etc. However, when it started it wanted to install it, so I’m now actually running windows 10. I hope this doesn’t cause any complications.

                      Also when searching for the log, the computer doesn’t want find it.

                      @FreeBooter I’ll give it a try when I’m next booting up a game, I generally don’t have too many problems when playing my older games. Like you said though, I do notice bad “lag” and “tearing” whilst playing online FPS. So I’ll give it a bash next time I’m on, thanks for the info!

                        Comment

                        • Malnutrition
                          PCHF Moderator
                          • Jul 2016
                          • 7045
                          #7
                          Originally posted by Allan.T
                          though when the computer went to re-boot after the scan the boot up loaded in windows 10, which I’m sure I cancelled the installation earlier this evening whilst I ran these scans etc. However, when it started it wanted to install it, so I’m now actually running windows 10. I hope this doesn’t cause any complications.
                          Terrible how MS forces that crap onto people.

                          Eliminate restrictive settings with this tool.
                          [ul]
                          [li]Temporarily disable your antivirus — Your antivirus may flag this tool as malware, it is safe to run I assure you.[/li]
                          [li]Download SupRestric.exe save to your desktop.[/li][li]Close all running programs.[/li][li]Double click the file to launch it.[/li][li]Windows: 7/8/10 Vista and run as administrator[/li][li]Click Yes at any prompt.[/li]
                          [li]The analysis takes only a few moments.[/li][li]The report is on the desktop ( CTR.txt )[/li][li]Copy paste report in next reply.[/li][li]A reboot is needed to complete the repairs.[/li][/ul]
                          Zoek Scan

                          Disable your antivirus prior to this scan.
                          Download Zoek
                          Save the file to your desktop.
                          Right click Zoek.exe and run as administrator. (XP Users double click)
                          Copy and paste the items in red below and paste them into Zoek.

                          createsrpoint;
                          emptyfolderscheck;delete
                          emptyclsid;
                          emptyalltemp;
                          ipconfig /flushdns;b
                          ResetHosts;
                          autoclean;

                          Now hit the run script button.
                          The log will appear after a reboot, also you can find it on the C: drive.
                          Post the log in your next reply.

                          Clean up temp files and reduce startup load with CCleaner.


                          Note: This tool will clean your browsing history as well.
                          [ul]
                          [li]Download CCleaner from here.[/li][li]After install Click Options.[/li][li]Go to monitoring.[/li][li]Uncheck All Monitoring items.[/li][li]Go to advanced – Click close program after cleaning.[/li][li]Go to settings – click run ccleaner when the computer starts.[/li][li]Now that you have ccleaner installed and set-up:[/li][li]Open the program.[/li][li]Go to Tools[/li][li]Go to Startup[/li][li]Now double click each item. To Disable.[/li][li]Leave only your antivirus enabled.[/li][li]Then disable All items in your scheduled task as well.[/li][li]Unless they are related to windows defender.Or your antivirus.[/li][li]Reboot the machine.[/li][/ul]

                          ZHP Scan.

                          Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
                          1. Once you have started the program, you will need to click the scanner button.

                          [IMG alt="EgsT69u" width="602px" height="129px"]https://windowsinstructed.com/wp-content/uploads/2015/06/EgsT69u.png[/IMG]

                          The program will close all open browsers!
                          3. Once the scan is completed, the you will want to click the Repair button.
                          [URL unfurl="true"]http://windowsinstructed.com/wp-content/uploads/2015/06/6QJjV50.png[/URL]

                          At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

                          Copy and paste the report here in your next reply.

                            Comment

                            • Allan.T
                              PCHF Member
                              • Jun 2017
                              • 131
                              #8
                              Hey again, had a problem with z o e k, the link wouldn’t take me to the DL, I did try googling it as well but I had exactly the same problem, the sites couldn’t be found. Do you have another link for Z o e k?

                              restrictive settings
                              Rapport de Contrôle restrictions Pierre13 (CTR version 2.5.0.0 ) du 18\06\2017 à 11:23:10
                              PC de Allan
                              Microsoft Windows 10 Home (64 bits) [10.0.15063]

                              Réparation erreur 2203 effectuée.

                              Contrôle présence restrictions

                              [TROJ_POWELIKS.B] clé feature_browser_emulation supprimée.
                              [BKDR_BLACKEN.A] clé WarnOnClose corrigée.
                              Autorisation installation sponsor Java(x86) supprimée.
                              Autorisation installation sponsor Java(x64) supprimée.
                              Restriction Affichage Documents récents supprimée.
                              Restriction Affichage Documents supprimée.
                              Restriction synchronisation en arrière-plan des flux d’informations et des Web Slices supprimée.
                              Restriction découverte des flux RSS et des Web Slices supprimée.
                              Pavé numérique activé.
                              Restriction utilisateur pour Windows Installer supprimée.
                              Recherche Windows Update rétablie.
                              Configuration Windows Update rétablie.
                              Service Pare feu Windows activé.
                              Paramètres Pare feu Windows rétablis par défaut et activés.

                              240 restrictions contrôlées.

                              13 restriction(s) réparée(s).
                              Re démarrer le PC pour prendre en compte la ou les réparations.

                              Le rapport est sur le bureau (C:\Users\Allan\Desktop\CTR.txt)

                              CCleaner

                              I set-up the CCleaner like you asked.

                              ZHP Scan
                              ~ ZHPCleaner v2017.6.15.99 by Nicolas Coolman (2017/06/15)
                              ~ Run by Allan (Administrator) (18/06/2017 11:48:19)
                              ~ Web: https://www.nicolascoolman.com
                              ~ Blog: https://nicolascoolman.eu/
                              ~ Facebook : ZHP
                              ~ State version : Version OK
                              ~ Certificate: Legal
                              ~ Type : Repair
                              ~ Report : C:\Users\Allan\Desktop\ZHPCleaner.txt
                              ~ Quarantine : C:\Users\Allan\AppData\Roaming\ZHP\ZHPCleaner_Reg. txt
                              ~ UAC : Activate
                              ~ Boot Mode : Normal (Normal boot)
                              Windows 10 Home, 64-bit (Build 15063)

                              —\ Services (0)
                              ~ No malicious or unnecessary items found.

                              —\ Browser internet (0)
                              ~ No malicious or unnecessary items found.

                              —\ Hosts file (1)
                              ~ The hosts file is legitimate (21)

                              —\ Scheduled automatic tasks. (0)
                              ~ No malicious or unnecessary items found.

                              —\ Explorer ( File, Folder) (65)
                              MOVED file: C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Pro files\ogyprs22.default\storage\temporary\https+++z dnwoz0-a.akamaihd.net.metadata =>.Superfluous.AkamaiHD
                              MOVED file: C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Pro files\ogyprs22.default\storage\temporary\https+++z dnwoz0-a.akamaihd.net.metadata-v2 =>.Superfluous.AkamaiHD
                              MOVED file: C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Pro files\ogyprs22.default\storage\temporary\https+++z dnwoz0-a.akamaihd.net\asmjs\metadata =>.Superfluous.AkamaiHD
                              MOVED file: C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Pro files\ogyprs22.default\storage\temporary\https+++z dnwoz0-a.akamaihd.net\asmjs\module14 =>.Superfluous.AkamaiHD
                              MOVED file: C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Pro files\ogyprs22.default\storage\temporary\https+++z dnwoz0-a.akamaihd.net\asmjs\module15 =>.Superfluous.AkamaiHD
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\IconePierre13.ic o =>.Superfluous.Temporary.Empty
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20170618_065133088-MSI_vc_red.msi.txt =>.Superfluous.Temporary.Empty
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20170618_065133088.html =>.Superfluous.Temporary.Empty
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.00D57B0F-01FA-B79F-08D6-878ED20C4C9B_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.0116DC02-781B-D1D1-FC1C-C80195511E17_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.0251D65D-E887-28BD-A226-3ECD72FB59C6_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.0862A72D-A96C-83E5-AD0F-78B6AA06F9C6_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.0C8CF327-9D17-CCDE-18AF-DFF4F20070E5_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.18DDC675-D472-0DB4-9563-7DF7C34F512C_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.1FE89C0B-9BED-CC5D-7426-9E4025D6BDD9_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.3BFD26C9-8DA9-B940-F638-55890012AAB4_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.49F33C48-B2DE-F82A-56F2-64425F298B84_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.50611331-FE19-D366-B049-694B8AC9D758_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.557EA3BB-623E-ADD9-4DFB-629A8648A038_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.558F5D32-0827-EB7B-6AD6-D5DB4138B3AA_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.62B49C0A-499E-A02D-EBCB-EB168E148E52_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.664AA17A-2D25-0823-3315-3708FE16147A_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.674C4C14-7BAA-F782-E214-956DC3BEDF39_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.68BC3251-2D8B-A604-92BA-893638CA72EA_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.68E019EB-0B92-5E08-5D86-9BFE6DBA8517_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.69F3BCAB-8975-C526-30F5-39FA70C77AD9_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.6D151227-6BD9-726D-B30E-A8A018DCC82B_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.6EA6FC2E-9305-586B-3411-02826D151533_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.70BC17F8-0AA7-CB35-CEE0-EF1B47A0FD3E_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.97612282-D1E8-1D6A-9E92-C271E7F177EF_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.9D4DED89-CABC-F4FB-8133-BC5EDB1C7EDA_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.9NBLGGH1ZRPV_ 0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.9NBLGGH1ZRPV_ 0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.9NBLGGH33ZDV_ 0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.9NBLGGH33ZDV_ 0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.9WZDNCRCWFTB_ 0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.9WZDNCRCWFTB_ 0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.9WZDNCRDMPT6_ 0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.9WZDNCRDMPT6_ 0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.9WZDNCRFHVFW_ 0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.9WZDNCRFHVFW_ 0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.9WZDNCRFJ140_ 0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.9WZDNCRFJ140_ 0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.A715D489-C343-F20B-B22E-F8D749061B0C_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.A90B8400-D36D-8235-8BF2-A21A53D3FB65_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.DFBE09D0-1F22-A9C0-2D3D-3F4C6351E58F_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.E336BB8F-16ED-7CBE-AFEE-971DD3041585_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.E6658C19-4221-2EBE-763A-F0493FBA2BB0_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.E6D3B497-80AF-7F14-F9E6-9606EE369FC3_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\sa.FACF9DDE-1FF1-B57D-4D1D-CE479FDD42AF_5__.Public.AppUpdate.dat =>.Superfluous.Temporary
                              MOVED file: C:\Users\Allan\AppData\Local\Temp\wmsetup.log =>.Superfluous.Temporary.Empty
                              MOVED folder: C:\WINDOWS\Installer\MSI1665.tmp- =>.Superfluous.Empty
                              MOVED folder: C:\WINDOWS\Installer\MSI17FD.tmp- =>.Superfluous.Empty
                              MOVED folder: C:\WINDOWS\Installer\MSI1DDA.tmp- =>.Superfluous.Empty
                              MOVED folder: C:\WINDOWS\Installer\MSI2B29.tmp- =>.Superfluous.Empty
                              MOVED folder: C:\WINDOWS\Installer\MSI2DE9.tmp- =>.Superfluous.Empty
                              MOVED folder: C:\WINDOWS\Installer\MSI2F87.tmp- =>.Superfluous.Empty
                              MOVED folder: C:\WINDOWS\Installer\MSI301C.tmp- =>.Superfluous.Empty
                              MOVED folder: C:\WINDOWS\Installer\MSI3248.tmp- =>.Superfluous.Empty
                              MOVED folder: C:\WINDOWS\Installer\MSI37EE.tmp- =>.Superfluous.Empty
                              MOVED folder: C:\WINDOWS\Installer\MSI3F27.tmp- =>.Superfluous.Empty
                              MOVED folder: C:\WINDOWS\Installer\MSI4831.tmp- =>.Superfluous.Empty
                              MOVED folder: C:\WINDOWS\Installer\MSI7D8A.tmp- =>.Superfluous.Empty
                              MOVED folder: C:\WINDOWS\Installer\MSIE9A6.tmp- =>.Superfluous.Empty
                              MOVED folder: C:\WINDOWS\Installer\MSIEE4B.tmp- =>.Superfluous.Empty

                              —\ Registry ( Key, Value, Data) (2)
                              DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\atwola.com =>.Superfluous.Atwola
                              DELETED key*: [X64] HKLM\SOFTWARE\Classes\S =>Toolbar.Agent

                              —\ Summary of the elements found (6)
                              Logiciels Potentiellement Superflus (LPS). - ZAM =>.Superfluous.AkamaiHD
                              Logiciels Potentiellement Superflus (LPS). - ZAM =>.Superfluous.Temporary.Empty
                              Logiciels Potentiellement Superflus (LPS). - ZAM =>.Superfluous.Temporary
                              Logiciels Potentiellement Superflus (LPS). - ZAM =>.Superfluous.Empty
                              Atwola, Traceur de cookies. - ZAM =>.Superfluous.Atwola
                              FRST 2025 Télécharger - Nicolas Coolman =>Toolbar.Agent

                              —\ Other deletions. (6)
                              ~ Registry Keys Tracing deleted (6)
                              ~ Remove the old reports ZHPCleaner. (0)

                              —\ Result of repair
                              ~ Repair carried out successfully
                              ~ Browser not found (Google Chrome)
                              ~ Browser not found (Opera Software)

                              —\ Statistics
                              ~ Items scanned : 904
                              ~ Items found : 0
                              ~ Items cancelled : 0
                              ~ Items repaired : 67

                              ~ End of clean in 00h00mn16s
                              ~====================
                              ZHPCleaner-[R]-18062017-11_48_35.txt
                              ZHPCleaner--18062017-11_46_28.txt

                              End line has the strike out code before the digits so its ZHPCleaner -[ s ] (with no spaces of course).

                                Comment

                                • Malnutrition
                                  PCHF Moderator
                                  • Jul 2016
                                  • 7045
                                  #9
                                  Originally posted by Allan.T
                                  Do you have another link for Z o e k?
                                  Here is the link.

                                  After you run the Zoek tool.


                                  Please run Farbar Recovery Scan Tool to give me a fresh look at your system.

                                  Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.

                                  If you are unsure if your operating system is 32 or 64 Bit please go HERE.

                                  [ul]
                                  [li]Right-click on FRST icon and select Run as Administrator to start the tool.[/li](XP users click run after receipt of Windows Security Warning - Open File).
                                  [li]Make sure that Addition option is checked, as well as Shortcut.txt[/li][li]Press Scan button and wait.[/li][li]The tool will produce three logfiles on your desktop: FRST.txt, and Addition.txt – & Shortcut.txt[/li][/ul]
                                  Please Copy & Paste them into your next reply. But attach Shortcut.txt

                                    Comment

                                    • Malnutrition
                                      PCHF Moderator
                                      • Jul 2016
                                      • 7045
                                      #10
                                      After you have completed the Zoek scan and posted the FRST logs, please let me know how the machine is performing.

                                        Comment

                                        • Allan.T
                                          PCHF Member
                                          • Jun 2017
                                          • 131
                                          #11
                                          Hey there, sorry for the late reply, I was out visiting family yesterday afternoon, by the time I got back I was mentally exhausted (my family is a bunch of nut-jobs, anybody would be mentally drained after going there haha).

                                          Z o e k
                                          Zoek.exe v5.0.0.1 Updated 27-09-2015
                                          Tool run by Allan on Mon 06/19/2017 at 19:44:07.00.
                                          Microsoft Windows 10 Home 10.0.15063 x64
                                          Running in: Normal Mode No Internet Access Detected
                                          Launched: C:\Users\Allan\Desktop\zoek.exe [Scan all users] [Script inserted]

                                          ==== System Restore Info ======================

                                          6/19/2017 7:45:15 PM Zoek.exe System Restore Point Created Successfully.

                                          ==== Reset Hosts File ======================
                                          [HEADING=1]Copyright (c) 1993-2006 Microsoft Corp.[/HEADING]
                                          [HEADING=1]This is a sample HOSTS file used by Microsoft TCP/IP for Windows.[/HEADING]
                                          [HEADING=1]This file contains the mappings of IP addresses to host names. Each[/HEADING]
                                          [HEADING=1]entry should be kept on an individual line. The IP address should[/HEADING]
                                          [HEADING=1]be placed in the first column followed by the corresponding host name.[/HEADING]
                                          [HEADING=1]The IP address and the host name should be separated by at least one[/HEADING]
                                          [HEADING=1]space.[/HEADING]
                                          [HEADING=1]Additionally, comments (such as these) may be inserted on individual[/HEADING]
                                          [HEADING=1]lines or following the machine name denoted by a ‘#’ symbol.[/HEADING]
                                          [HEADING=1]For example:[/HEADING]
                                          [HEADING=1]102.54.94.97 rhino.acme.com # source server[/HEADING]
                                          [HEADING=1]38.25.63.10 x.acme.com # x client host[/HEADING]
                                          127.0.0.1 localhost

                                          ==== Empty Folders Check ======================

                                          C:\PROGRA~2\AGEIA Technologies deleted successfully
                                          C:\PROGRA~2\Belarc deleted successfully
                                          C:\Program Files\Google deleted successfully
                                          C:\PROGRA~3\SoftwareDistribution deleted successfully
                                          C:\WINDOWS\serviceprofiles\Localservice\AppData\Lo calLow deleted successfully
                                          C:\Users\Allan\AppData\Local\ArmA 2 OA deleted successfully
                                          C:\Users\Allan\AppData\Local\DBG deleted successfully
                                          C:\Users\Allan\AppData\Local\EmieBrowserModeList deleted successfully
                                          C:\Users\Allan\AppData\Local\EmieSiteList deleted successfully
                                          C:\Users\Allan\AppData\Local\EmieUserList deleted successfully

                                          ==== Deleting CLSID Registry Keys ======================

                                          HKEY_USERS\S-1-5-21-2771956393-836798383-2307004672-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{3B6A4AD4-D6EE-47dd-B308-0E0930A43853} deleted successfully

                                          ==== Deleting CLSID Registry Values ======================

                                          HKEY_USERS\S-1-5-21-2771956393-836798383-2307004672-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

                                          ==== Deleting Services ======================

                                          ==== Batch Command(s) Run By Tool======================

                                          ==== Deleting Files \ Folders ======================

                                          C:\PROGRA~2\AGEIA Technologies not found
                                          C:\PROGRA~2\Belarc not found
                                          C:\PROGRA~3\Package Cache deleted
                                          C:\Users\Allan\ZHPDiag3.exe deleted

                                          ==== Firefox Extensions ======================

                                          ProfilePath: C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Pro files\ogyprs22.default
                                          AppDir: C:\Program Files (x86)\Mozilla Firefox
                                          • Undetermined - %AppDir%\browser\extensions{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

                                          ==== Firefox Plugins ======================

                                          Profilepath: C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Pro files\ogyprs22.default
                                          9BF98236C009EB0A5571E9CA96847269 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_ 131.dll - Shockwave Flash

                                          ==== Chromium Look ======================

                                          HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensio ns
                                          eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
                                          gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

                                          ==== Set IE to Default ======================

                                          Old Values:
                                          [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
                                          “Start Page”=" MSN "

                                          New Values:
                                          [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
                                          “Start Page”=" MSN "

                                          ==== All HKCU SearchScopes ======================

                                          HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
                                          “DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”
                                          {012E1000-F331-11DB-8314-0800200C9A66} Google Url=" Google {searchTerms}"
                                          {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=" Search - Microsoft Bing {searchTerms}&src=IE-SearchBox&FORM=IESR02"

                                          ==== Deleting Registry Keys ======================

                                          HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chr ome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
                                          HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chr ome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully

                                          ==== Empty IE Cache ======================

                                          C:\WINDOWS\system32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
                                          C:\Users\Allan\AppData\Local\Microsoft\Windows\INe tCache\Content.IE5 emptied successfully
                                          C:\WINDOWS\SysNative\config\systemprofile\AppData\ Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
                                          C:\Users\Allan\AppData\Local\Microsoft\Windows\INe tCache\IE emptied successfully
                                          C:\WINDOWS\SysNative\config\systemprofile\AppData\ Local\Microsoft\Windows\INetCache\IE emptied successfully

                                          ==== Empty FireFox Cache ======================

                                          C:\Users\Allan\AppData\Local\Mozilla\Firefox\Profi les\ogyprs22.default\cache2 emptied successfully

                                          ==== Empty Chrome Cache ======================

                                          No Chrome User Data found

                                          ==== Empty All Flash Cache ======================

                                          No Flash Cache Found

                                          ==== Empty All Java Cache ======================

                                          No Java Cache Found

                                          ==== C:\zoek_backup content ======================

                                          C:\zoek_backup (files=38 folders=43 46993683 bytes)

                                          ==== Empty Temp Folders ======================

                                          C:\WINDOWS\Temp will be emptied at reboot

                                          Farbar Recovery Scan Tool

                                          FRST.txt
                                          Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-06-2017 01
                                          Ran by Allan (administrator) on PROTOTYPE (19-06-2017 20:21:17)
                                          Running from C:\Users\Allan\Downloads
                                          Loaded Profiles: Allan (Available Profiles: Allan)
                                          Platform: Windows 10 Home Version 1703 (X64) Language: English (United States)
                                          Internet Explorer Version 11 (Default browser: FF)
                                          Boot Mode: Normal
                                          Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

                                          ==================== Processes (Whitelisted) =================

                                          (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

                                          (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
                                          (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
                                          (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
                                          (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
                                          (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
                                          (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
                                          (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
                                          (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
                                          (Microsoft Corporation) C:\Windows\System32\mqsvc.exe
                                          (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
                                          (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
                                          (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
                                          (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
                                          (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
                                          (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
                                          (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
                                          (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
                                          () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x 64__kzf8qxf38zg5c\SkypeHost.exe
                                          (Microsoft Corporation) C:\Windows\System32\dllhost.exe
                                          (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
                                          (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
                                          (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
                                          (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
                                          (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
                                          (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthU I_cw5n1h2txyewy\SecHealthUI.exe
                                          (Microsoft Corporation) C:\Windows\System32\dllhost.exe

                                          ==================== Registry (Whitelisted) ====================

                                          (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

                                          HKLM...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
                                          HKLM...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
                                          HKLM...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2012-10-25] (VIA)
                                          HKLM...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-06-14] (AVAST Software)
                                          HKU\S-1-5-21-2771956393-836798383-2307004672-1000...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3042592 2017-06-08] (Valve Corporation)
                                          HKU\S-1-5-21-2771956393-836798383-2307004672-1000...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
                                          ShellIconOverlayIdentifiers: [ AccExtIco1] → {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
                                          ShellIconOverlayIdentifiers: [ AccExtIco2] → {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
                                          ShellIconOverlayIdentifiers: [ AccExtIco3] → {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
                                          ShellIconOverlayIdentifiers: [00asw] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-06-14] (AVAST Software)
                                          ShellIconOverlayIdentifiers: [00avast] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-06-14] (AVAST Software)

                                          ==================== Internet (Whitelisted) ====================

                                          (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

                                          Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
                                          Tcpip..\Interfaces{0c5d3712-b4d6-4552-9145-29d1c9023246}: [DhcpNameServer] 192.168.1.1
                                          Tcpip..\Interfaces{7c522ff4-bdfb-476f-adb6-a2fda8d78087}: [DhcpNameServer] 192.168.1.1
                                          [HEADING=1]Internet Explorer:[/HEADING]
                                          HKU\S-1-5-21-2771956393-836798383-2307004672-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
                                          HKU\S-1-5-21-2771956393-836798383-2307004672-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-gb/?ocid=iehp
                                          SearchScopes: HKU\S-1-5-21-2771956393-836798383-2307004672-1000 → {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
                                          BHO: avast! Online Security → {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} → C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-06-14] (AVAST Software)
                                          BHO-x32: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-14] (Oracle Corporation)
                                          BHO-x32: avast! Online Security → {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} → C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-06-14] (AVAST Software)
                                          BHO-x32: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-14] (Oracle Corporation)
                                          [HEADING=1]FireFox:[/HEADING]
                                          FF ProfilePath: C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Pro files\ogyprs22.default [2017-06-19]
                                          FF Extension: (Avast SafePrice) - C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Pro files\ogyprs22.default\Extensions\sp@avast.com.xpi [2017-06-19]
                                          FF Extension: (Avast Online Security) - C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Pro files\ogyprs22.default\Extensions\wrc@avast.com.xpi [2017-06-19]
                                          FF Plugin: @adobe.com/FlashPlayer → C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_ 131.dll [2017-06-17] ()
                                          FF Plugin: adobe.com/AdobeAAMDetect → C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-06-19] (Adobe Systems)
                                          FF Plugin-x32: @adobe.com/FlashPlayer → C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_ 131.dll [2017-06-17] ()
                                          FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 → C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1 .dll [2017-06-14] (Oracle Corporation)
                                          FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 → C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-14] (Oracle Corporation)
                                          FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
                                          FF Plugin-x32: adobe.com/AdobeAAMDetect → C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-06-19] (Adobe Systems)

                                          ==================== Services (Whitelisted) ====================

                                          (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

                                          R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-06-09] (Adobe Systems Incorporated)
                                          R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-06-14] (AVAST Software s.r.o.)
                                          R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-06-14] (AVAST Software)
                                          S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2017-06-17] ()
                                          S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [116224 2017-05-14] (Microsoft Corporation) [File not signed]
                                          S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
                                          R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation)
                                          S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation)
                                          S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-29] (Electronic Arts)
                                          R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
                                          S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
                                          S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

                                          ===================== Drivers (Whitelisted) ======================

                                          (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

                                          R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-06-14] (AVAST Software s.r.o.)
                                          R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-06-14] (AVAST Software s.r.o.)
                                          R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-06-14] (AVAST Software s.r.o.)
                                          R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-06-14] (AVAST Software s.r.o.)
                                          S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-06-14] (AVAST Software)
                                          R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-06-14] (AVAST Software)
                                          R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-06-14] (AVAST Software)
                                          R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-06-14] (AVAST Software)
                                          R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-06-14] (AVAST Software)
                                          R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-06-14] (AVAST Software)
                                          R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-06-14] (AVAST Software)
                                          R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-06-14] (AVAST Software)
                                          R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-06-14] (AVAST Software)
                                          R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
                                          S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
                                          S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-05-03] (NVIDIA Corporation)
                                          R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-05-03] (NVIDIA Corporation)
                                          R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-05-03] (NVIDIA Corporation)
                                          S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
                                          R3 Sftfs; C:\WINDOWS\System32\DRIVERS\Sftfswin7.sys [765288 2011-10-01] (Microsoft Corporation)
                                          R3 Sftplay; C:\WINDOWS\System32\DRIVERS\Sftplaywin7.sys [268648 2011-10-01] (Microsoft Corporation)
                                          R3 Sftredir; C:\WINDOWS\System32\DRIVERS\Sftredirwin7.sys [25960 2011-10-01] (Microsoft Corporation)
                                          R3 Sftvol; C:\WINDOWS\System32\DRIVERS\Sftvolwin7.sys [22376 2011-10-01] (Microsoft Corporation)
                                          R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
                                          S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
                                          S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
                                          S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
                                          U3 idsvc; no ImagePath
                                          U3 wpcsvc; no ImagePath

                                          ==================== NetSvcs (Whitelisted) ===================

                                          (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

                                          ==================== One Month Created files and folders ========

                                          (If an entry is included in the fixlist, the file/folder will be moved.)

                                          2017-06-19 20:21 - 2017-06-19 20:21 - 00012271 _____ C:\Users\Allan\Downloads\FRST.txt
                                          2017-06-19 20:20 - 2017-06-19 20:21 - 00000000 ____D C:\FRST
                                          2017-06-19 20:17 - 2017-06-19 20:18 - 02439680 _____ (Farbar) C:\Users\Allan\Downloads\FRST64.exe
                                          2017-06-19 20:06 - 2017-06-19 20:06 - 00000000 ___HD C:$AV_ASW
                                          2017-06-19 19:59 - 2017-06-19 19:59 - 00000000 ____D C:\zoek
                                          2017-06-19 19:41 - 2017-06-19 20:00 - 00000000 ____D C:\zoek_backup
                                          2017-06-18 14:13 - 2017-06-18 14:13 - 00000000 ____D C:\Windows.old
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayR eady.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayR eady.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFl owUI.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.Cura tedTileCollections.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store .dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.oneco re.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store .dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.deskt op.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker. dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dl l
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dl l
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions .dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dl l
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authenticatio n.Identity.Provider.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authenticatio n.Identity.Provider.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManage r.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
                                          2017-06-18 14:05 - 2017-06-18 14:05 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
                                          2017-06-18 14:02 - 2017-06-18 14:02 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
                                          2017-06-18 14:02 - 2017-06-18 14:02 - 00000000 ____D C:\WINDOWS\system32\msmq
                                          2017-06-18 14:02 - 2017-06-18 14:02 - 00000000 ____D C:\WINDOWS\system32\BestPractices
                                          2017-06-18 14:02 - 2017-06-18 14:02 - 00000000 ____D C:\Program Files\Reference Assemblies
                                          2017-06-18 14:02 - 2017-06-18 14:02 - 00000000 ____D C:\Program Files\MSBuild
                                          2017-06-18 14:02 - 2017-06-18 14:02 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
                                          2017-06-18 14:02 - 2017-06-18 14:02 - 00000000 ____D C:\Program Files (x86)\MSBuild
                                          2017-06-18 14:02 - 2017-06-18 14:02 - 00000000 ____D C:\inetpub
                                          2017-06-18 14:01 - 2017-02-10 20:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
                                          2017-06-18 14:01 - 2017-02-10 20:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNativ e_v0300.dll
                                          2017-06-18 14:01 - 2017-02-10 20:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
                                          2017-06-18 14:01 - 2017-02-10 20:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
                                          2017-06-18 14:01 - 2017-02-10 20:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNativ e_v0300.dll
                                          2017-06-18 14:01 - 2017-02-10 20:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
                                          2017-06-18 14:00 - 2017-06-18 14:00 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
                                          2017-06-18 11:57 - 2017-06-18 11:57 - 00000000 ____D C:\ProgramData\SWCUTemp
                                          2017-06-18 11:50 - 2017-06-18 11:52 - 00002278 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
                                          2017-06-18 11:50 - 2017-06-18 11:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
                                          2017-06-18 11:50 - 2017-06-18 11:50 - 00000000 ____D C:\Program Files\CCleaner
                                          2017-06-18 11:49 - 2017-06-18 11:49 - 09598376 _____ (Piriform Ltd) C:\Users\Allan\Downloads\ccsetup531.exe
                                          2017-06-18 11:40 - 2017-06-18 11:40 - 02794880 _____ C:\Users\Allan\Downloads\ZHPCleaner.exe
                                          2017-06-18 11:13 - 2017-06-18 11:13 - 01181184 _____ C:\Users\Allan\Downloads\SupRestric.exe
                                          2017-06-18 07:52 - 2017-06-18 07:54 - 00000000 ____D C:\WINDOWS\system32\MRT
                                          2017-06-18 07:51 - 2017-06-18 07:51 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
                                          2017-06-18 06:54 - 2017-06-18 06:54 - 00000000 ____D C:\Games
                                          2017-06-18 06:46 - 2017-06-18 06:52 - 00000000 ____D C:\Users\Allan\AppData\Local\Skyrim
                                          2017-06-18 06:39 - 2017-06-18 06:54 - 00000000 ____D C:\Program Files\Nexus Mod Manager
                                          2017-06-18 06:39 - 2017-06-18 06:46 - 00000000 ____D C:\Users\Allan\Documents\Nexus Mod Manager
                                          2017-06-18 06:39 - 2017-06-18 06:39 - 00000000 ____D C:\Users\Allan\AppData\Local\Black_Tree_Gaming
                                          2017-06-18 06:39 - 2017-06-18 06:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
                                          2017-06-18 06:37 - 2017-06-18 06:37 - 06441096 _____ (Black Tree Gaming ) C:\Users\Allan\Downloads\Nexus Mod Manager-0.63.14.exe
                                          2017-06-18 06:13 - 2017-06-18 06:13 - 00000000 ____D C:\Users\Allan\AppData\Local\MicrosoftEdge
                                          2017-06-18 06:08 - 2017-06-18 08:52 - 00000000 ____D C:\Users\Allan\AppData\Local\Comms
                                          2017-06-18 05:58 - 2017-06-18 11:52 - 00002830 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
                                          2017-06-18 05:58 - 2017-06-18 11:52 - 00000000 ___RD C:\Users\Allan\OneDrive
                                          2017-06-18 05:58 - 2017-06-18 05:59 - 00002363 _____ C:\Users\Allan\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\OneDrive.lnk
                                          2017-06-18 05:58 - 2017-06-18 05:58 - 00000000 ____D C:\Users\Allan\AppData\Roaming\Skype
                                          2017-06-18 05:53 - 2017-06-18 05:53 - 00001047 _____ C:\Users\Allan\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Optional Features.lnk
                                          2017-06-18 05:53 - 2017-06-18 05:53 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
                                          2017-06-18 05:51 - 2017-06-18 05:51 - 00000000 ____D C:\Users\Allan\AppData\Local\Publishers
                                          2017-06-18 05:50 - 2017-06-18 06:58 - 00000000 ____D C:\Users\Allan\AppData\Local\Packages
                                          2017-06-18 05:50 - 2017-06-18 05:50 - 00000000 __RHD C:\Users\Public\AccountPictures
                                          2017-06-18 05:49 - 2017-06-19 19:34 - 00000000 ____D C:\Users\Allan\AppData\Local\ConnectedDevicesPlatf orm
                                          2017-06-18 05:49 - 2017-06-18 05:49 - 00000020 ___SH C:\Users\Allan\ntuser.ini
                                          2017-06-18 05:49 - 2017-06-18 05:49 - 00000000 ____D C:\Users\Allan\AppData\Local\TileDataLayer
                                          2017-06-18 05:46 - 2017-06-18 05:46 - 00000000 _SHDL C:\Users\Default\My Documents
                                          2017-06-18 05:44 - 2017-06-18 05:45 - 00007623 _____ C:\WINDOWS\diagwrn.xml
                                          2017-06-18 05:44 - 2017-06-18 05:45 - 00007623 _____ C:\WINDOWS\diagerr.xml
                                          2017-06-18 05:43 - 2017-06-19 20:10 - 00000006 ___H C:\WINDOWS\Tasks\SA.DAT
                                          2017-06-18 05:43 - 2017-06-19 19:36 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
                                          2017-06-18 05:43 - 2017-06-18 11:52 - 00002998 _____ C:\WINDOWS\System32\Tasks\NvTmRep                                          {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00023356 _____ C:\WINDOWS\system32\emptyregdb.dat
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00003270 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launc h_mousekeyboardcenter_exe
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00003244 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launc h_ipoint_exe
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00003242 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launc h_itype_exe
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00003214 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task _ipoint.exe
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00003212 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task _itype.exe
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtection Platform
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
                                          2017-06-18 05:32 - 2017-06-18 05:32 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
                                          2017-06-18 05:29 - 2017-06-18 05:29 - 00000000 ____D C:\ProgramData\USOShared
                                          2017-06-18 05:29 - 2017-06-18 05:29 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
                                          2017-06-18 05:27 - 2017-06-19 20:00 - 00000000 ____D C:\Users\Allan
                                          2017-06-18 05:27 - 2017-06-18 05:27 - 00000000 _SHDL C:\Users\Allan\My Documents
                                          2017-06-18 05:27 - 2017-06-18 05:27 - 00000000 _SHDL C:\Users\Allan\Documents\My Videos
                                          2017-06-18 05:27 - 2017-06-18 05:27 - 00000000 _SHDL C:\Users\Allan\Documents\My Pictures
                                          2017-06-18 05:27 - 2017-06-18 05:27 - 00000000 _SHDL C:\Users\Allan\Documents\My Music
                                          2017-06-18 05:26 - 2017-06-19 20:17 - 01030624 _____ C:\WINDOWS\system32\PerfStringBackup.INI
                                          2017-06-18 05:26 - 2017-06-18 05:26 - 00939752 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
                                          2017-06-18 05:22 - 2017-06-19 20:12 - 00000000 ____D C:\ProgramData\NVIDIA
                                          2017-06-18 05:22 - 2016-11-14 12:15 - 06789056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
                                          2017-06-18 05:22 - 2016-11-14 12:15 - 03528128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
                                          2017-06-18 05:22 - 2016-11-14 12:15 - 02558512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
                                          2017-06-18 05:22 - 2016-11-14 12:15 - 00932728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
                                          2017-06-18 05:22 - 2016-11-14 12:15 - 00384888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
                                          2017-06-18 05:22 - 2016-11-14 12:15 - 00062328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
                                          2017-06-18 05:22 - 2016-11-14 10:09 - 07513855 _____ C:\WINDOWS\system32\nvcoproc.bin
                                          2017-06-18 05:21 - 2017-06-18 06:01 - 00000000 ____D C:\Program Files\NVIDIA Corporation
                                          2017-06-18 05:21 - 2017-06-18 05:29 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
                                          2017-06-18 05:21 - 2017-03-18 21:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
                                          2017-06-18 05:20 - 2017-06-18 05:20 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
                                          2017-06-18 05:20 - 2017-06-18 05:20 - 00000000 ____D C:\Program Files\VIA
                                          2017-06-18 05:18 - 2017-06-18 11:27 - 00247712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
                                          2017-06-18 05:18 - 2017-06-18 05:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
                                          2017-06-18 05:18 - 2017-06-18 05:18 - 00000000 ____D C:\WINDOWS\ServiceProfiles
                                          2017-06-18 04:48 - 2017-06-18 04:50 - 00000000 ____D C:\AdwCleaner
                                          2017-06-18 04:48 - 2017-06-18 04:48 - 04110280 _____ C:\Users\Allan\Downloads\adwcleaner_6.047.exe
                                          2017-06-18 04:44 - 2017-06-18 04:44 - 01663672 _____ (Malwarebytes) C:\Users\Allan\Downloads\JRT.exe
                                          2017-06-18 03:47 - 2017-06-18 03:47 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
                                          2017-06-18 03:46 - 2017-06-18 04:44 - 00000000 ____D C:\ProgramData\RogueKiller
                                          2017-06-18 03:45 - 2017-06-18 05:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
                                          2017-06-18 03:44 - 2017-06-18 03:45 - 00000000 ____D C:\Program Files\RogueKiller
                                          2017-06-18 03:43 - 2017-06-18 03:43 - 35421992 _____ (Adlice Software ) C:\Users\Allan\Downloads\setup.exe
                                          2017-06-18 03:42 - 2017-06-18 05:49 - 00000000 ___DC C:\WINDOWS\Panther
                                          2017-06-18 03:42 - 2017-06-18 04:07 - 00000000 ___HD C:$WINDOWS.~BT
                                          2017-06-18 03:40 - 2017-06-18 03:40 - 00000000 ____D C:\Users\Allan\Documents\backups
                                          2017-06-18 03:37 - 2017-06-18 03:42 - 00000036 _____ C:\WINDOWS\progress.ini
                                          2017-06-18 03:22 - 2017-06-19 20:01 - 00000000 ____D C:\Users\Allan\Desktop\System Tools
                                          2017-06-18 03:22 - 2017-06-18 05:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
                                          2017-06-18 03:22 - 2017-06-18 03:23 - 00000000 ____D C:\Program Files (x86)\ZHPFix
                                          2017-06-18 03:14 - 2017-06-18 05:50 - 00000000 ____D C:\Windows10Upgrade
                                          2017-06-18 03:14 - 2017-06-18 05:48 - 00000000 ___HD C:$GetCurrent
                                          2017-06-18 03:14 - 2017-06-18 03:14 - 00000694 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Upgrade Assistant.lnk
                                          2017-06-18 03:13 - 2017-06-18 03:14 - 06394488 _____ (Microsoft Corporation) C:\Users\Allan\Downloads\Windows10Upgrade24074.exe
                                          2017-06-18 03:02 - 2017-06-18 03:03 - 03615504 _____ C:\Users\Allan\Downloads\advisorinstaller.exe
                                          2017-06-18 02:56 - 2017-06-18 02:56 - 00000221 _____ C:\Users\Allan\Desktop\The Elder Scrolls V Skyrim.url
                                          2017-06-18 02:36 - 2017-06-18 05:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
                                          2017-06-18 02:36 - 2017-06-18 02:36 - 01110564 _____ (Igor Pavlov) C:\Users\Allan\Downloads\7z1604.exe
                                          2017-06-18 02:36 - 2017-06-18 02:36 - 00000000 ____D C:\Program Files (x86)\7-Zip
                                          2017-06-18 02:27 - 2017-06-18 11:48 - 00000000 ____D C:\Users\Allan\AppData\Roaming\ZHP
                                          2017-06-18 02:27 - 2017-06-18 11:40 - 00000000 ____D C:\Users\Allan\AppData\Local\ZHP
                                          2017-06-18 02:26 - 2017-06-18 02:26 - 02750848 _____ C:\Users\Allan\Downloads\ZHPDiag3.exe
                                          2017-06-17 22:10 - 2017-06-18 05:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
                                          2017-06-17 22:10 - 2017-06-18 05:28 - 00000000 ____D C:\Users\Allan\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Bohemia Interactive
                                          2017-06-17 22:10 - 2017-06-17 22:11 - 00000000 ____D C:\Users\Allan\AppData\Local\ArmA 2
                                          2017-06-17 22:00 - 2017-06-17 22:11 - 00000000 ____D C:\Users\Allan\Documents\ArmA 2
                                          2017-06-17 22:00 - 2017-06-17 22:00 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
                                          2017-06-17 20:36 - 2017-06-17 20:36 - 00466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
                                          2017-06-17 20:36 - 2017-06-17 20:36 - 00445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
                                          2017-06-17 20:36 - 2017-06-17 20:36 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
                                          2017-06-17 20:36 - 2017-06-17 20:36 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
                                          2017-06-17 20:36 - 2017-06-17 20:36 - 00000000 ____D C:\Program Files (x86)\OpenAL
                                          2017-06-17 20:34 - 2017-06-19 20:15 - 00000000 ____D C:\Users\Allan\AppData\LocalLow\Mozilla
                                          2017-06-16 23:48 - 2017-06-17 20:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
                                          2017-06-16 00:58 - 2017-06-16 00:58 - 00000000 ____D C:\Users\Allan\AppData\Local\Gaijin
                                          2017-06-16 00:58 - 2017-06-16 00:58 - 00000000 ____D C:\ProgramData\Gaijin
                                          2017-06-16 00:19 - 2017-06-18 03:21 - 00000000 ____D C:\Users\Allan\Documents\My Games
                                          2017-06-15 23:36 - 2017-06-18 01:56 - 00000000 ____D C:\Users\Allan\AppData\Local\CrashDumps
                                          2017-06-15 20:05 - 2017-06-15 20:52 - 00000000 ____D C:\Users\Public\Documents\stalker-shoc
                                          2017-06-15 00:22 - 2017-06-15 00:22 - 00000000 ____D C:\NVIDIA
                                          2017-06-14 23:54 - 2017-06-15 18:45 - 00000000 ____D C:\Users\Allan\AppData\Local\NVIDIA Corporation
                                          2017-06-14 23:54 - 2017-05-03 21:16 - 01893312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
                                          2017-06-14 23:54 - 2017-05-03 21:16 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
                                          2017-06-14 23:54 - 2017-05-03 21:16 - 01477056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
                                          2017-06-14 23:54 - 2017-05-03 21:16 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
                                          2017-06-14 23:54 - 2017-05-03 21:16 - 00121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
                                          2017-06-14 23:53 - 2017-05-03 21:16 - 00175552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
                                          2017-06-14 23:53 - 2017-05-03 21:16 - 00143296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
                                          2017-06-14 23:53 - 2017-05-03 21:16 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
                                          2017-06-14 23:53 - 2017-05-03 21:16 - 00048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
                                          2017-06-14 23:53 - 2017-05-03 20:28 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
                                          2017-06-14 23:53 - 2017-05-03 16:41 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
                                          2017-06-14 23:45 - 2017-06-14 23:45 - 00000000 ____D C:\Users\Allan\AppData\LocalLow\Sun
                                          2017-06-14 23:44 - 2017-06-18 05:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
                                          2017-06-14 23:44 - 2017-06-14 23:47 - 00000000 ____D C:\ProgramData\Oracle
                                          2017-06-14 23:44 - 2017-06-14 23:44 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
                                          2017-06-14 23:44 - 2017-06-14 23:44 - 00000000 ____D C:\Users\Allan\AppData\Roaming\Sun
                                          2017-06-14 23:44 - 2017-06-14 23:44 - 00000000 ____D C:\Program Files (x86)\Java
                                          2017-06-14 23:42 - 2017-06-14 23:43 - 00738880 _____ (Oracle Corporation) C:\Users\Allan\Downloads\jxpiinstall.exe
                                          2017-06-14 22:25 - 2017-05-14 21:46 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
                                          2017-06-14 22:25 - 2017-05-14 21:27 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
                                          2017-06-14 22:25 - 2017-05-14 21:10 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
                                          2017-06-14 22:25 - 2017-05-14 21:01 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
                                          2017-06-14 22:25 - 2017-05-14 20:18 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
                                          2017-06-14 22:25 - 2017-05-14 19:38 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-localization-l1-2-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-synch-l1-2-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-processthreads-l1-1-1.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-xstate-l2-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-timezone-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l2-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00011608 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l1-2-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l2-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l1-2-0.dll
                                          2017-06-14 22:25 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
                                          2017-06-14 22:24 - 2017-05-14 20:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
                                          2017-06-14 22:24 - 2017-05-10 16:13 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
                                          2017-06-14 22:21 - 2017-06-14 22:21 - 00000000 ____D C:\Users\Allan\AppData\Local\UnrealEngine
                                          2017-06-14 22:21 - 2017-06-14 22:21 - 00000000 ____D C:\Users\Allan\AppData\Local\TslGame
                                          2017-06-14 22:12 - 2016-12-31 16:36 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
                                          2017-06-14 21:33 - 2017-06-14 21:28 - 00032600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
                                          2017-06-14 21:33 - 2017-06-14 21:27 - 00334576 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
                                          2017-06-14 21:33 - 2017-06-14 21:27 - 00311808 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
                                          2017-06-14 21:33 - 2017-06-14 21:27 - 00190256 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
                                          2017-06-14 21:33 - 2017-06-14 21:27 - 00049016 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
                                          2017-06-14 21:32 - 2017-06-14 21:31 - 00400456 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
                                          2017-05-25 03:12 - 2017-05-25 03:12 - 00000000 ____D C:\Users\Allan\ZHPFix

                                          ==================== One Month Modified files and folders ========

                                          (If an entry is included in the fixlist, the file/folder will be moved.)

                                          2017-06-19 20:09 - 2017-03-18 12:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
                                          2017-06-19 19:42 - 2017-03-18 22:03 - 00000000 ___HD C:\Program Files\WindowsApps
                                          2017-06-19 19:42 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\AppReadiness
                                          2017-06-19 19:38 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\appcompat
                                          2017-06-18 14:17 - 2017-03-18 22:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
                                          2017-06-18 14:13 - 2017-03-18 22:06 - 00000000 ____D C:\WINDOWS\Setup
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ___SD C:\WINDOWS\system32\F12
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ___RD C:\Program Files\Windows Defender
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\oobe
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\Provisioning
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
                                          2017-06-18 14:13 - 2017-03-18 12:40 - 00000000 ____D C:\WINDOWS\system32\Dism
                                          2017-06-18 14:02 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
                                          2017-06-18 14:02 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
                                          2017-06-18 14:02 - 2017-03-18 21:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
                                          2017-06-18 14:02 - 2017-03-18 21:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
                                          2017-06-18 14:02 - 2017-03-18 21:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
                                          2017-06-18 14:02 - 2017-03-18 21:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
                                          2017-06-18 14:01 - 2017-03-18 21:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
                                          2017-06-18 14:01 - 2017-03-18 21:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
                                          2017-06-18 12:48 - 2017-03-18 22:03 - 00000000 __RHD C:\Users\Public\Libraries
                                          2017-06-18 12:38 - 2015-06-28 15:00 - 00000000 ____D C:\Program Files\Common Files\Adobe
                                          2017-06-18 12:38 - 2015-06-28 14:48 - 00000000 ____D C:\ProgramData\Adobe
                                          2017-06-18 11:31 - 2015-04-12 13:40 - 00000000 ____D C:\Program Files (x86)\Steam
                                          2017-06-18 07:51 - 2017-03-18 21:51 - 00000000 ____D C:\WINDOWS\CbsTemp
                                          2017-06-18 06:03 - 2017-03-18 22:01 - 00000000 ____D C:\WINDOWS\INF
                                          2017-06-18 06:02 - 2015-04-15 15:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
                                          2017-06-18 05:57 - 2017-03-19 03:30 - 00000000 ____D C:\WINDOWS\OCR
                                          2017-06-18 05:56 - 2015-05-27 18:04 - 00000000 ____D C:\Users\Allan\Documents\Leigh
                                          2017-06-18 05:47 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\rescache
                                          2017-06-18 05:46 - 2017-03-18 12:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
                                          2017-06-18 05:45 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
                                          2017-06-18 05:44 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\Registration
                                          2017-06-18 05:44 - 2009-07-14 04:20 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
                                          2017-06-18 05:42 - 2017-03-18 22:03 - 00000000 __RSD C:\WINDOWS\Media
                                          2017-06-18 05:39 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\spool
                                          2017-06-18 05:34 - 2015-07-25 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
                                          2017-06-18 05:34 - 2015-04-29 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultima 8
                                          2017-06-18 05:34 - 2015-04-29 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
                                          2017-06-18 05:34 - 2015-04-27 22:24 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
                                          2017-06-18 05:34 - 2015-04-17 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
                                          2017-06-18 05:34 - 2015-04-16 01:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
                                          2017-06-18 05:34 - 2015-04-15 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIA
                                          2017-06-18 05:34 - 2015-04-15 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
                                          2017-06-18 05:34 - 2015-04-15 16:37 - 00000000 ____D C:\WINDOWS\system32\vbox
                                          2017-06-18 05:34 - 2015-04-15 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
                                          2017-06-18 05:34 - 2015-04-12 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
                                          2017-06-18 05:34 - 2015-04-11 23:35 - 00000000 ____D C:\Users\Allan\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Games
                                          2017-06-18 05:34 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
                                          2017-06-18 05:31 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
                                          2017-06-18 05:31 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
                                          2017-06-18 05:31 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\NDF
                                          2017-06-18 05:31 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
                                          2017-06-18 05:31 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\IME
                                          2017-06-18 05:30 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\schemas
                                          2017-06-18 05:30 - 2015-09-20 00:34 - 00000000 ____D C:\WINDOWS\PixArt
                                          2017-06-18 05:29 - 2017-03-18 22:03 - 00000000 __SHD C:\Program Files\Windows Sidebar
                                          2017-06-18 05:29 - 2017-03-18 22:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
                                          2017-06-18 05:29 - 2017-03-18 22:03 - 00000000 ____D C:\ProgramData\USOPrivate
                                          2017-06-18 05:29 - 2017-03-18 22:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
                                          2017-06-18 05:29 - 2017-03-18 22:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
                                          2017-06-18 05:29 - 2015-04-27 23:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
                                          2017-06-18 05:29 - 2015-04-15 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frontier
                                          2017-06-18 05:29 - 2015-04-13 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
                                          2017-06-18 05:29 - 2015-04-12 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
                                          2017-06-18 05:29 - 2015-04-12 00:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
                                          2017-06-18 05:29 - 2015-04-11 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive
                                          2017-06-18 05:29 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
                                          2017-06-18 05:29 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
                                          2017-06-18 05:26 - 2017-03-18 12:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
                                          2017-06-18 05:23 - 2017-03-18 22:03 - 00000000 ___RD C:\WINDOWS\PrintDialog
                                          2017-06-18 05:23 - 2017-03-18 22:03 - 00000000 ___RD C:\WINDOWS\MiracastView
                                          2017-06-18 05:23 - 2017-03-18 22:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
                                          2017-06-18 05:22 - 2017-03-19 03:31 - 00000000 ____D C:\WINDOWS\HoloShell
                                          2017-06-18 05:22 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\Help
                                          2017-06-18 04:10 - 2009-07-14 05:45 - 00028928 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
                                          2017-06-18 04:10 - 2009-07-14 05:45 - 00028928 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
                                          2017-06-18 02:35 - 2015-04-17 17:49 - 00000000 ____D C:\Users\Allan\AppData\Local\WinZip
                                          2017-06-17 19:43 - 2015-06-28 14:48 - 00000000 ____D C:\ProgramData\boost_interprocess
                                          2017-06-16 19:38 - 2015-04-17 03:28 - 00000000 ____D C:\Users\Allan\AppData\Local\Adobe
                                          2017-06-15 19:00 - 2015-04-15 16:30 - 00000000 ____D C:\ProgramData\AVAST Software
                                          2017-06-15 00:04 - 2015-04-15 15:41 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
                                          2017-06-14 23:54 - 2015-04-15 15:43 - 00000000 ____D C:\Users\Allan\AppData\Local\NVIDIA
                                          2017-06-14 21:34 - 2015-04-15 16:35 - 00158880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
                                          2017-06-14 21:32 - 2015-04-15 16:35 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
                                          2017-06-14 21:32 - 2015-04-15 16:35 - 00158368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys.14974724925 9302
                                          2017-06-14 21:32 - 2015-04-15 16:34 - 00569192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
                                          2017-06-14 21:31 - 2015-04-15 16:34 - 00128648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
                                          2017-06-14 21:31 - 2015-04-15 16:34 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
                                          2017-06-14 21:31 - 2015-04-15 16:34 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
                                          2017-06-14 21:31 - 2015-04-15 16:34 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
                                          2017-06-14 21:28 - 2015-04-15 16:34 - 01007160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
                                          2017-06-14 21:28 - 2015-04-15 16:32 - 00000000 ____D C:\Program Files\AVAST Software
                                          2017-06-14 20:40 - 2015-04-15 16:36 - 00000000 ____D C:\Users\Allan\AppData\Local\Steam

                                          ==================== Files in the root of some directories =======

                                          2015-04-12 13:40 - 2015-04-12 13:40 - 0007602 _____ () C:\Users\Allan\AppData\Local\Resmon.ResmonCfg

                                          ==================== Bamital & volsnap ======================

                                          (There is no automatic fix for files that do not pass verification.)

                                          C:\WINDOWS\system32\winlogon.exe => File is digitally signed
                                          C:\WINDOWS\system32\wininit.exe => File is digitally signed
                                          C:\WINDOWS\explorer.exe => File is digitally signed
                                          C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
                                          C:\WINDOWS\system32\svchost.exe => File is digitally signed
                                          C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
                                          C:\WINDOWS\system32\services.exe => File is digitally signed
                                          C:\WINDOWS\system32\User32.dll => File is digitally signed
                                          C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
                                          C:\WINDOWS\system32\userinit.exe => File is digitally signed
                                          C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
                                          C:\WINDOWS\system32\rpcss.dll => File is digitally signed
                                          C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
                                          C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
                                          C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

                                          LastRegBack: 2017-06-18 05:18

                                          ==================== End of FRST.txt ============================

                                          addition.txt
                                          Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-06-2017 01
                                          Ran by Allan (administrator) on PROTOTYPE (19-06-2017 20:21:17)
                                          Running from C:\Users\Allan\Downloads
                                          Loaded Profiles: Allan (Available Profiles: Allan)
                                          Platform: Windows 10 Home Version 1703 (X64) Language: English (United States)
                                          Internet Explorer Version 11 (Default browser: FF)
                                          Boot Mode: Normal
                                          Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

                                          ==================== Processes (Whitelisted) =================

                                          (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

                                          (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
                                          (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
                                          (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
                                          (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
                                          (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
                                          (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
                                          (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
                                          (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
                                          (Microsoft Corporation) C:\Windows\System32\mqsvc.exe
                                          (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
                                          (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
                                          (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
                                          (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
                                          (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
                                          (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
                                          (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
                                          (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
                                          () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x 64__kzf8qxf38zg5c\SkypeHost.exe
                                          (Microsoft Corporation) C:\Windows\System32\dllhost.exe
                                          (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
                                          (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
                                          (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
                                          (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
                                          (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
                                          (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthU I_cw5n1h2txyewy\SecHealthUI.exe
                                          (Microsoft Corporation) C:\Windows\System32\dllhost.exe

                                          ==================== Registry (Whitelisted) ====================

                                          (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

                                          HKLM...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
                                          HKLM...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
                                          HKLM...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2012-10-25] (VIA)
                                          HKLM...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-06-14] (AVAST Software)
                                          HKU\S-1-5-21-2771956393-836798383-2307004672-1000...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3042592 2017-06-08] (Valve Corporation)
                                          HKU\S-1-5-21-2771956393-836798383-2307004672-1000...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
                                          ShellIconOverlayIdentifiers: [ AccExtIco1] → {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
                                          ShellIconOverlayIdentifiers: [ AccExtIco2] → {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
                                          ShellIconOverlayIdentifiers: [ AccExtIco3] → {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
                                          ShellIconOverlayIdentifiers: [00asw] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-06-14] (AVAST Software)
                                          ShellIconOverlayIdentifiers: [00avast] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-06-14] (AVAST Software)

                                          ==================== Internet (Whitelisted) ====================

                                          (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

                                          Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
                                          Tcpip..\Interfaces{0c5d3712-b4d6-4552-9145-29d1c9023246}: [DhcpNameServer] 192.168.1.1
                                          Tcpip..\Interfaces{7c522ff4-bdfb-476f-adb6-a2fda8d78087}: [DhcpNameServer] 192.168.1.1
                                          [HEADING=1]Internet Explorer:[/HEADING]
                                          HKU\S-1-5-21-2771956393-836798383-2307004672-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
                                          HKU\S-1-5-21-2771956393-836798383-2307004672-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-gb/?ocid=iehp
                                          SearchScopes: HKU\S-1-5-21-2771956393-836798383-2307004672-1000 → {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
                                          BHO: avast! Online Security → {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} → C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-06-14] (AVAST Software)
                                          BHO-x32: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-14] (Oracle Corporation)
                                          BHO-x32: avast! Online Security → {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} → C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-06-14] (AVAST Software)
                                          BHO-x32: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-14] (Oracle Corporation)
                                          [HEADING=1]FireFox:[/HEADING]
                                          FF ProfilePath: C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Pro files\ogyprs22.default [2017-06-19]
                                          FF Extension: (Avast SafePrice) - C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Pro files\ogyprs22.default\Extensions\sp@avast.com.xpi [2017-06-19]
                                          FF Extension: (Avast Online Security) - C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Pro files\ogyprs22.default\Extensions\wrc@avast.com.xpi [2017-06-19]
                                          FF Plugin: @adobe.com/FlashPlayer → C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_ 131.dll [2017-06-17] ()
                                          FF Plugin: adobe.com/AdobeAAMDetect → C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-06-19] (Adobe Systems)
                                          FF Plugin-x32: @adobe.com/FlashPlayer → C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_ 131.dll [2017-06-17] ()
                                          FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 → C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1 .dll [2017-06-14] (Oracle Corporation)
                                          FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 → C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-14] (Oracle Corporation)
                                          FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
                                          FF Plugin-x32: adobe.com/AdobeAAMDetect → C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-06-19] (Adobe Systems)

                                          ==================== Services (Whitelisted) ====================

                                          (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

                                          R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-06-09] (Adobe Systems Incorporated)
                                          R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-06-14] (AVAST Software s.r.o.)
                                          R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-06-14] (AVAST Software)
                                          S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2017-06-17] ()
                                          S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [116224 2017-05-14] (Microsoft Corporation) [File not signed]
                                          S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
                                          R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation)
                                          S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation)
                                          S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-29] (Electronic Arts)
                                          R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
                                          S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
                                          S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

                                          ===================== Drivers (Whitelisted) ======================

                                          (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

                                          R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-06-14] (AVAST Software s.r.o.)
                                          R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-06-14] (AVAST Software s.r.o.)
                                          R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-06-14] (AVAST Software s.r.o.)
                                          R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-06-14] (AVAST Software s.r.o.)
                                          S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-06-14] (AVAST Software)
                                          R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-06-14] (AVAST Software)
                                          R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-06-14] (AVAST Software)
                                          R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-06-14] (AVAST Software)
                                          R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-06-14] (AVAST Software)
                                          R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-06-14] (AVAST Software)
                                          R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-06-14] (AVAST Software)
                                          R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-06-14] (AVAST Software)
                                          R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-06-14] (AVAST Software)
                                          R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
                                          S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
                                          S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-05-03] (NVIDIA Corporation)
                                          R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-05-03] (NVIDIA Corporation)
                                          R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-05-03] (NVIDIA Corporation)
                                          S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
                                          R3 Sftfs; C:\WINDOWS\System32\DRIVERS\Sftfswin7.sys [765288 2011-10-01] (Microsoft Corporation)
                                          R3 Sftplay; C:\WINDOWS\System32\DRIVERS\Sftplaywin7.sys [268648 2011-10-01] (Microsoft Corporation)
                                          R3 Sftredir; C:\WINDOWS\System32\DRIVERS\Sftredirwin7.sys [25960 2011-10-01] (Microsoft Corporation)
                                          R3 Sftvol; C:\WINDOWS\System32\DRIVERS\Sftvolwin7.sys [22376 2011-10-01] (Microsoft Corporation)
                                          R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
                                          S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
                                          S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
                                          S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
                                          U3 idsvc; no ImagePath
                                          U3 wpcsvc; no ImagePath

                                          ==================== NetSvcs (Whitelisted) ===================

                                          (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

                                          ==================== One Month Created files and folders ========

                                          (If an entry is included in the fixlist, the file/folder will be moved.)

                                          2017-06-19 20:21 - 2017-06-19 20:21 - 00012271 _____ C:\Users\Allan\Downloads\FRST.txt
                                          2017-06-19 20:20 - 2017-06-19 20:21 - 00000000 ____D C:\FRST
                                          2017-06-19 20:17 - 2017-06-19 20:18 - 02439680 _____ (Farbar) C:\Users\Allan\Downloads\FRST64.exe
                                          2017-06-19 20:06 - 2017-06-19 20:06 - 00000000 ___HD C:$AV_ASW
                                          2017-06-19 19:59 - 2017-06-19 19:59 - 00000000 ____D C:\zoek
                                          2017-06-19 19:41 - 2017-06-19 20:00 - 00000000 ____D C:\zoek_backup
                                          2017-06-18 14:13 - 2017-06-18 14:13 - 00000000 ____D C:\Windows.old
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayR eady.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayR eady.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFl owUI.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.Cura tedTileCollections.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store .dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.oneco re.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store .dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.deskt op.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker. dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dl l
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dl l
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions .dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dl l
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authenticatio n.Identity.Provider.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authenticatio n.Identity.Provider.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManage r.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
                                          2017-06-18 14:11 - 2017-06-18 14:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
                                          2017-06-18 14:05 - 2017-06-18 14:05 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
                                          2017-06-18 14:02 - 2017-06-18 14:02 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
                                          2017-06-18 14:02 - 2017-06-18 14:02 - 00000000 ____D C:\WINDOWS\system32\msmq
                                          2017-06-18 14:02 - 2017-06-18 14:02 - 00000000 ____D C:\WINDOWS\system32\BestPractices
                                          2017-06-18 14:02 - 2017-06-18 14:02 - 00000000 ____D C:\Program Files\Reference Assemblies
                                          2017-06-18 14:02 - 2017-06-18 14:02 - 00000000 ____D C:\Program Files\MSBuild
                                          2017-06-18 14:02 - 2017-06-18 14:02 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
                                          2017-06-18 14:02 - 2017-06-18 14:02 - 00000000 ____D C:\Program Files (x86)\MSBuild
                                          2017-06-18 14:02 - 2017-06-18 14:02 - 00000000 ____D C:\inetpub
                                          2017-06-18 14:01 - 2017-02-10 20:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
                                          2017-06-18 14:01 - 2017-02-10 20:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNativ e_v0300.dll
                                          2017-06-18 14:01 - 2017-02-10 20:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
                                          2017-06-18 14:01 - 2017-02-10 20:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
                                          2017-06-18 14:01 - 2017-02-10 20:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNativ e_v0300.dll
                                          2017-06-18 14:01 - 2017-02-10 20:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
                                          2017-06-18 14:00 - 2017-06-18 14:00 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
                                          2017-06-18 11:57 - 2017-06-18 11:57 - 00000000 ____D C:\ProgramData\SWCUTemp
                                          2017-06-18 11:50 - 2017-06-18 11:52 - 00002278 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
                                          2017-06-18 11:50 - 2017-06-18 11:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
                                          2017-06-18 11:50 - 2017-06-18 11:50 - 00000000 ____D C:\Program Files\CCleaner
                                          2017-06-18 11:49 - 2017-06-18 11:49 - 09598376 _____ (Piriform Ltd) C:\Users\Allan\Downloads\ccsetup531.exe
                                          2017-06-18 11:40 - 2017-06-18 11:40 - 02794880 _____ C:\Users\Allan\Downloads\ZHPCleaner.exe
                                          2017-06-18 11:13 - 2017-06-18 11:13 - 01181184 _____ C:\Users\Allan\Downloads\SupRestric.exe
                                          2017-06-18 07:52 - 2017-06-18 07:54 - 00000000 ____D C:\WINDOWS\system32\MRT
                                          2017-06-18 07:51 - 2017-06-18 07:51 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
                                          2017-06-18 06:54 - 2017-06-18 06:54 - 00000000 ____D C:\Games
                                          2017-06-18 06:46 - 2017-06-18 06:52 - 00000000 ____D C:\Users\Allan\AppData\Local\Skyrim
                                          2017-06-18 06:39 - 2017-06-18 06:54 - 00000000 ____D C:\Program Files\Nexus Mod Manager
                                          2017-06-18 06:39 - 2017-06-18 06:46 - 00000000 ____D C:\Users\Allan\Documents\Nexus Mod Manager
                                          2017-06-18 06:39 - 2017-06-18 06:39 - 00000000 ____D C:\Users\Allan\AppData\Local\Black_Tree_Gaming
                                          2017-06-18 06:39 - 2017-06-18 06:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
                                          2017-06-18 06:37 - 2017-06-18 06:37 - 06441096 _____ (Black Tree Gaming ) C:\Users\Allan\Downloads\Nexus Mod Manager-0.63.14.exe
                                          2017-06-18 06:13 - 2017-06-18 06:13 - 00000000 ____D C:\Users\Allan\AppData\Local\MicrosoftEdge
                                          2017-06-18 06:08 - 2017-06-18 08:52 - 00000000 ____D C:\Users\Allan\AppData\Local\Comms
                                          2017-06-18 05:58 - 2017-06-18 11:52 - 00002830 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
                                          2017-06-18 05:58 - 2017-06-18 11:52 - 00000000 ___RD C:\Users\Allan\OneDrive
                                          2017-06-18 05:58 - 2017-06-18 05:59 - 00002363 _____ C:\Users\Allan\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\OneDrive.lnk
                                          2017-06-18 05:58 - 2017-06-18 05:58 - 00000000 ____D C:\Users\Allan\AppData\Roaming\Skype
                                          2017-06-18 05:53 - 2017-06-18 05:53 - 00001047 _____ C:\Users\Allan\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Optional Features.lnk
                                          2017-06-18 05:53 - 2017-06-18 05:53 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
                                          2017-06-18 05:51 - 2017-06-18 05:51 - 00000000 ____D C:\Users\Allan\AppData\Local\Publishers
                                          2017-06-18 05:50 - 2017-06-18 06:58 - 00000000 ____D C:\Users\Allan\AppData\Local\Packages
                                          2017-06-18 05:50 - 2017-06-18 05:50 - 00000000 __RHD C:\Users\Public\AccountPictures
                                          2017-06-18 05:49 - 2017-06-19 19:34 - 00000000 ____D C:\Users\Allan\AppData\Local\ConnectedDevicesPlatf orm
                                          2017-06-18 05:49 - 2017-06-18 05:49 - 00000020 ___SH C:\Users\Allan\ntuser.ini
                                          2017-06-18 05:49 - 2017-06-18 05:49 - 00000000 ____D C:\Users\Allan\AppData\Local\TileDataLayer
                                          2017-06-18 05:46 - 2017-06-18 05:46 - 00000000 _SHDL C:\Users\Default\My Documents
                                          2017-06-18 05:44 - 2017-06-18 05:45 - 00007623 _____ C:\WINDOWS\diagwrn.xml
                                          2017-06-18 05:44 - 2017-06-18 05:45 - 00007623 _____ C:\WINDOWS\diagerr.xml
                                          2017-06-18 05:43 - 2017-06-19 20:10 - 00000006 ___H C:\WINDOWS\Tasks\SA.DAT
                                          2017-06-18 05:43 - 2017-06-19 19:36 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
                                          2017-06-18 05:43 - 2017-06-18 11:52 - 00002998 _____ C:\WINDOWS\System32\Tasks\NvTmRep                                          {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00023356 _____ C:\WINDOWS\system32\emptyregdb.dat
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00003270 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launc h_mousekeyboardcenter_exe
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00003244 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launc h_ipoint_exe
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00003242 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launc h_itype_exe
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00003214 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task _ipoint.exe
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00003212 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task _itype.exe
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtection Platform
                                          2017-06-18 05:43 - 2017-06-18 05:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
                                          2017-06-18 05:32 - 2017-06-18 05:32 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
                                          2017-06-18 05:29 - 2017-06-18 05:29 - 00000000 ____D C:\ProgramData\USOShared
                                          2017-06-18 05:29 - 2017-06-18 05:29 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
                                          2017-06-18 05:27 - 2017-06-19 20:00 - 00000000 ____D C:\Users\Allan
                                          2017-06-18 05:27 - 2017-06-18 05:27 - 00000000 _SHDL C:\Users\Allan\My Documents
                                          2017-06-18 05:27 - 2017-06-18 05:27 - 00000000 _SHDL C:\Users\Allan\Documents\My Videos
                                          2017-06-18 05:27 - 2017-06-18 05:27 - 00000000 _SHDL C:\Users\Allan\Documents\My Pictures
                                          2017-06-18 05:27 - 2017-06-18 05:27 - 00000000 _SHDL C:\Users\Allan\Documents\My Music
                                          2017-06-18 05:26 - 2017-06-19 20:17 - 01030624 _____ C:\WINDOWS\system32\PerfStringBackup.INI
                                          2017-06-18 05:26 - 2017-06-18 05:26 - 00939752 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
                                          2017-06-18 05:22 - 2017-06-19 20:12 - 00000000 ____D C:\ProgramData\NVIDIA
                                          2017-06-18 05:22 - 2016-11-14 12:15 - 06789056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
                                          2017-06-18 05:22 - 2016-11-14 12:15 - 03528128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
                                          2017-06-18 05:22 - 2016-11-14 12:15 - 02558512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
                                          2017-06-18 05:22 - 2016-11-14 12:15 - 00932728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
                                          2017-06-18 05:22 - 2016-11-14 12:15 - 00384888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
                                          2017-06-18 05:22 - 2016-11-14 12:15 - 00062328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
                                          2017-06-18 05:22 - 2016-11-14 10:09 - 07513855 _____ C:\WINDOWS\system32\nvcoproc.bin
                                          2017-06-18 05:21 - 2017-06-18 06:01 - 00000000 ____D C:\Program Files\NVIDIA Corporation
                                          2017-06-18 05:21 - 2017-06-18 05:29 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
                                          2017-06-18 05:21 - 2017-03-18 21:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
                                          2017-06-18 05:20 - 2017-06-18 05:20 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
                                          2017-06-18 05:20 - 2017-06-18 05:20 - 00000000 ____D C:\Program Files\VIA
                                          2017-06-18 05:18 - 2017-06-18 11:27 - 00247712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
                                          2017-06-18 05:18 - 2017-06-18 05:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
                                          2017-06-18 05:18 - 2017-06-18 05:18 - 00000000 ____D C:\WINDOWS\ServiceProfiles
                                          2017-06-18 04:48 - 2017-06-18 04:50 - 00000000 ____D C:\AdwCleaner
                                          2017-06-18 04:48 - 2017-06-18 04:48 - 04110280 _____ C:\Users\Allan\Downloads\adwcleaner_6.047.exe
                                          2017-06-18 04:44 - 2017-06-18 04:44 - 01663672 _____ (Malwarebytes) C:\Users\Allan\Downloads\JRT.exe
                                          2017-06-18 03:47 - 2017-06-18 03:47 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
                                          2017-06-18 03:46 - 2017-06-18 04:44 - 00000000 ____D C:\ProgramData\RogueKiller
                                          2017-06-18 03:45 - 2017-06-18 05:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
                                          2017-06-18 03:44 - 2017-06-18 03:45 - 00000000 ____D C:\Program Files\RogueKiller
                                          2017-06-18 03:43 - 2017-06-18 03:43 - 35421992 _____ (Adlice Software ) C:\Users\Allan\Downloads\setup.exe
                                          2017-06-18 03:42 - 2017-06-18 05:49 - 00000000 ___DC C:\WINDOWS\Panther
                                          2017-06-18 03:42 - 2017-06-18 04:07 - 00000000 ___HD C:$WINDOWS.~BT
                                          2017-06-18 03:40 - 2017-06-18 03:40 - 00000000 ____D C:\Users\Allan\Documents\backups
                                          2017-06-18 03:37 - 2017-06-18 03:42 - 00000036 _____ C:\WINDOWS\progress.ini
                                          2017-06-18 03:22 - 2017-06-19 20:01 - 00000000 ____D C:\Users\Allan\Desktop\System Tools
                                          2017-06-18 03:22 - 2017-06-18 05:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
                                          2017-06-18 03:22 - 2017-06-18 03:23 - 00000000 ____D C:\Program Files (x86)\ZHPFix
                                          2017-06-18 03:14 - 2017-06-18 05:50 - 00000000 ____D C:\Windows10Upgrade
                                          2017-06-18 03:14 - 2017-06-18 05:48 - 00000000 ___HD C:$GetCurrent
                                          2017-06-18 03:14 - 2017-06-18 03:14 - 00000694 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Upgrade Assistant.lnk
                                          2017-06-18 03:13 - 2017-06-18 03:14 - 06394488 _____ (Microsoft Corporation) C:\Users\Allan\Downloads\Windows10Upgrade24074.exe
                                          2017-06-18 03:02 - 2017-06-18 03:03 - 03615504 _____ C:\Users\Allan\Downloads\advisorinstaller.exe
                                          2017-06-18 02:56 - 2017-06-18 02:56 - 00000221 _____ C:\Users\Allan\Desktop\The Elder Scrolls V Skyrim.url
                                          2017-06-18 02:36 - 2017-06-18 05:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
                                          2017-06-18 02:36 - 2017-06-18 02:36 - 01110564 _____ (Igor Pavlov) C:\Users\Allan\Downloads\7z1604.exe
                                          2017-06-18 02:36 - 2017-06-18 02:36 - 00000000 ____D C:\Program Files (x86)\7-Zip
                                          2017-06-18 02:27 - 2017-06-18 11:48 - 00000000 ____D C:\Users\Allan\AppData\Roaming\ZHP
                                          2017-06-18 02:27 - 2017-06-18 11:40 - 00000000 ____D C:\Users\Allan\AppData\Local\ZHP
                                          2017-06-18 02:26 - 2017-06-18 02:26 - 02750848 _____ C:\Users\Allan\Downloads\ZHPDiag3.exe
                                          2017-06-17 22:10 - 2017-06-18 05:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
                                          2017-06-17 22:10 - 2017-06-18 05:28 - 00000000 ____D C:\Users\Allan\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Bohemia Interactive
                                          2017-06-17 22:10 - 2017-06-17 22:11 - 00000000 ____D C:\Users\Allan\AppData\Local\ArmA 2
                                          2017-06-17 22:00 - 2017-06-17 22:11 - 00000000 ____D C:\Users\Allan\Documents\ArmA 2
                                          2017-06-17 22:00 - 2017-06-17 22:00 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
                                          2017-06-17 20:36 - 2017-06-17 20:36 - 00466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
                                          2017-06-17 20:36 - 2017-06-17 20:36 - 00445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
                                          2017-06-17 20:36 - 2017-06-17 20:36 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
                                          2017-06-17 20:36 - 2017-06-17 20:36 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
                                          2017-06-17 20:36 - 2017-06-17 20:36 - 00000000 ____D C:\Program Files (x86)\OpenAL
                                          2017-06-17 20:34 - 2017-06-19 20:15 - 00000000 ____D C:\Users\Allan\AppData\LocalLow\Mozilla
                                          2017-06-16 23:48 - 2017-06-17 20:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
                                          2017-06-16 00:58 - 2017-06-16 00:58 - 00000000 ____D C:\Users\Allan\AppData\Local\Gaijin
                                          2017-06-16 00:58 - 2017-06-16 00:58 - 00000000 ____D C:\ProgramData\Gaijin
                                          2017-06-16 00:19 - 2017-06-18 03:21 - 00000000 ____D C:\Users\Allan\Documents\My Games
                                          2017-06-15 23:36 - 2017-06-18 01:56 - 00000000 ____D C:\Users\Allan\AppData\Local\CrashDumps
                                          2017-06-15 20:05 - 2017-06-15 20:52 - 00000000 ____D C:\Users\Public\Documents\stalker-shoc
                                          2017-06-15 00:22 - 2017-06-15 00:22 - 00000000 ____D C:\NVIDIA
                                          2017-06-14 23:54 - 2017-06-15 18:45 - 00000000 ____D C:\Users\Allan\AppData\Local\NVIDIA Corporation
                                          2017-06-14 23:54 - 2017-05-03 21:16 - 01893312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
                                          2017-06-14 23:54 - 2017-05-03 21:16 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
                                          2017-06-14 23:54 - 2017-05-03 21:16 - 01477056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
                                          2017-06-14 23:54 - 2017-05-03 21:16 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
                                          2017-06-14 23:54 - 2017-05-03 21:16 - 00121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
                                          2017-06-14 23:53 - 2017-05-03 21:16 - 00175552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
                                          2017-06-14 23:53 - 2017-05-03 21:16 - 00143296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
                                          2017-06-14 23:53 - 2017-05-03 21:16 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
                                          2017-06-14 23:53 - 2017-05-03 21:16 - 00048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
                                          2017-06-14 23:53 - 2017-05-03 20:28 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
                                          2017-06-14 23:53 - 2017-05-03 16:41 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
                                          2017-06-14 23:45 - 2017-06-14 23:45 - 00000000 ____D C:\Users\Allan\AppData\LocalLow\Sun
                                          2017-06-14 23:44 - 2017-06-18 05:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
                                          2017-06-14 23:44 - 2017-06-14 23:47 - 00000000 ____D C:\ProgramData\Oracle
                                          2017-06-14 23:44 - 2017-06-14 23:44 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
                                          2017-06-14 23:44 - 2017-06-14 23:44 - 00000000 ____D C:\Users\Allan\AppData\Roaming\Sun
                                          2017-06-14 23:44 - 2017-06-14 23:44 - 00000000 ____D C:\Program Files (x86)\Java
                                          2017-06-14 23:42 - 2017-06-14 23:43 - 00738880 _____ (Oracle Corporation) C:\Users\Allan\Downloads\jxpiinstall.exe
                                          2017-06-14 22:25 - 2017-05-14 21:46 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
                                          2017-06-14 22:25 - 2017-05-14 21:27 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
                                          2017-06-14 22:25 - 2017-05-14 21:10 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
                                          2017-06-14 22:25 - 2017-05-14 21:01 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
                                          2017-06-14 22:25 - 2017-05-14 20:18 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
                                          2017-06-14 22:25 - 2017-05-14 19:38 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-localization-l1-2-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-synch-l1-2-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-processthreads-l1-1-1.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-xstate-l2-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-timezone-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l2-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:36 - 00011608 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l1-2-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l2-1-0.dll
                                          2017-06-14 22:25 - 2017-01-18 16:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l1-2-0.dll
                                          2017-06-14 22:25 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
                                          2017-06-14 22:24 - 2017-05-14 20:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
                                          2017-06-14 22:24 - 2017-05-10 16:13 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
                                          2017-06-14 22:21 - 2017-06-14 22:21 - 00000000 ____D C:\Users\Allan\AppData\Local\UnrealEngine
                                          2017-06-14 22:21 - 2017-06-14 22:21 - 00000000 ____D C:\Users\Allan\AppData\Local\TslGame
                                          2017-06-14 22:12 - 2016-12-31 16:36 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
                                          2017-06-14 21:33 - 2017-06-14 21:28 - 00032600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
                                          2017-06-14 21:33 - 2017-06-14 21:27 - 00334576 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
                                          2017-06-14 21:33 - 2017-06-14 21:27 - 00311808 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
                                          2017-06-14 21:33 - 2017-06-14 21:27 - 00190256 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
                                          2017-06-14 21:33 - 2017-06-14 21:27 - 00049016 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
                                          2017-06-14 21:32 - 2017-06-14 21:31 - 00400456 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
                                          2017-05-25 03:12 - 2017-05-25 03:12 - 00000000 ____D C:\Users\Allan\ZHPFix

                                          ==================== One Month Modified files and folders ========

                                          (If an entry is included in the fixlist, the file/folder will be moved.)

                                          2017-06-19 20:09 - 2017-03-18 12:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
                                          2017-06-19 19:42 - 2017-03-18 22:03 - 00000000 ___HD C:\Program Files\WindowsApps
                                          2017-06-19 19:42 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\AppReadiness
                                          2017-06-19 19:38 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\appcompat
                                          2017-06-18 14:17 - 2017-03-18 22:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
                                          2017-06-18 14:13 - 2017-03-18 22:06 - 00000000 ____D C:\WINDOWS\Setup
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ___SD C:\WINDOWS\system32\F12
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ___RD C:\Program Files\Windows Defender
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\oobe
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\Provisioning
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
                                          2017-06-18 14:13 - 2017-03-18 22:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
                                          2017-06-18 14:13 - 2017-03-18 12:40 - 00000000 ____D C:\WINDOWS\system32\Dism
                                          2017-06-18 14:02 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
                                          2017-06-18 14:02 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
                                          2017-06-18 14:02 - 2017-03-18 21:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
                                          2017-06-18 14:02 - 2017-03-18 21:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
                                          2017-06-18 14:02 - 2017-03-18 21:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
                                          2017-06-18 14:02 - 2017-03-18 21:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
                                          2017-06-18 14:02 - 2017-03-18 21:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
                                          2017-06-18 14:01 - 2017-03-18 21:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
                                          2017-06-18 14:01 - 2017-03-18 21:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
                                          2017-06-18 14:01 - 2017-03-18 21:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
                                          2017-06-18 12:48 - 2017-03-18 22:03 - 00000000 __RHD C:\Users\Public\Libraries
                                          2017-06-18 12:38 - 2015-06-28 15:00 - 00000000 ____D C:\Program Files\Common Files\Adobe
                                          2017-06-18 12:38 - 2015-06-28 14:48 - 00000000 ____D C:\ProgramData\Adobe
                                          2017-06-18 11:31 - 2015-04-12 13:40 - 00000000 ____D C:\Program Files (x86)\Steam
                                          2017-06-18 07:51 - 2017-03-18 21:51 - 00000000 ____D C:\WINDOWS\CbsTemp
                                          2017-06-18 06:03 - 2017-03-18 22:01 - 00000000 ____D C:\WINDOWS\INF
                                          2017-06-18 06:02 - 2015-04-15 15:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
                                          2017-06-18 05:57 - 2017-03-19 03:30 - 00000000 ____D C:\WINDOWS\OCR
                                          2017-06-18 05:56 - 2015-05-27 18:04 - 00000000 ____D C:\Users\Allan\Documents\Leigh
                                          2017-06-18 05:47 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\rescache
                                          2017-06-18 05:46 - 2017-03-18 12:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
                                          2017-06-18 05:45 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
                                          2017-06-18 05:44 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\Registration
                                          2017-06-18 05:44 - 2009-07-14 04:20 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
                                          2017-06-18 05:42 - 2017-03-18 22:03 - 00000000 __RSD C:\WINDOWS\Media
                                          2017-06-18 05:39 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\spool
                                          2017-06-18 05:34 - 2015-07-25 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
                                          2017-06-18 05:34 - 2015-04-29 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultima 8
                                          2017-06-18 05:34 - 2015-04-29 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
                                          2017-06-18 05:34 - 2015-04-27 22:24 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
                                          2017-06-18 05:34 - 2015-04-17 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
                                          2017-06-18 05:34 - 2015-04-16 01:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
                                          2017-06-18 05:34 - 2015-04-15 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIA
                                          2017-06-18 05:34 - 2015-04-15 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
                                          2017-06-18 05:34 - 2015-04-15 16:37 - 00000000 ____D C:\WINDOWS\system32\vbox
                                          2017-06-18 05:34 - 2015-04-15 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
                                          2017-06-18 05:34 - 2015-04-12 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
                                          2017-06-18 05:34 - 2015-04-11 23:35 - 00000000 ____D C:\Users\Allan\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Games
                                          2017-06-18 05:34 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
                                          2017-06-18 05:31 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
                                          2017-06-18 05:31 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
                                          2017-06-18 05:31 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\NDF
                                          2017-06-18 05:31 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
                                          2017-06-18 05:31 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\IME
                                          2017-06-18 05:30 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\schemas
                                          2017-06-18 05:30 - 2015-09-20 00:34 - 00000000 ____D C:\WINDOWS\PixArt
                                          2017-06-18 05:29 - 2017-03-18 22:03 - 00000000 __SHD C:\Program Files\Windows Sidebar
                                          2017-06-18 05:29 - 2017-03-18 22:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
                                          2017-06-18 05:29 - 2017-03-18 22:03 - 00000000 ____D C:\ProgramData\USOPrivate
                                          2017-06-18 05:29 - 2017-03-18 22:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
                                          2017-06-18 05:29 - 2017-03-18 22:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
                                          2017-06-18 05:29 - 2015-04-27 23:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
                                          2017-06-18 05:29 - 2015-04-15 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frontier
                                          2017-06-18 05:29 - 2015-04-13 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
                                          2017-06-18 05:29 - 2015-04-12 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
                                          2017-06-18 05:29 - 2015-04-12 00:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
                                          2017-06-18 05:29 - 2015-04-11 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive
                                          2017-06-18 05:29 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
                                          2017-06-18 05:29 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
                                          2017-06-18 05:26 - 2017-03-18 12:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
                                          2017-06-18 05:23 - 2017-03-18 22:03 - 00000000 ___RD C:\WINDOWS\PrintDialog
                                          2017-06-18 05:23 - 2017-03-18 22:03 - 00000000 ___RD C:\WINDOWS\MiracastView
                                          2017-06-18 05:23 - 2017-03-18 22:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
                                          2017-06-18 05:22 - 2017-03-19 03:31 - 00000000 ____D C:\WINDOWS\HoloShell
                                          2017-06-18 05:22 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\Help
                                          2017-06-18 04:10 - 2009-07-14 05:45 - 00028928 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
                                          2017-06-18 04:10 - 2009-07-14 05:45 - 00028928 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
                                          2017-06-18 02:35 - 2015-04-17 17:49 - 00000000 ____D C:\Users\Allan\AppData\Local\WinZip
                                          2017-06-17 19:43 - 2015-06-28 14:48 - 00000000 ____D C:\ProgramData\boost_interprocess
                                          2017-06-16 19:38 - 2015-04-17 03:28 - 00000000 ____D C:\Users\Allan\AppData\Local\Adobe
                                          2017-06-15 19:00 - 2015-04-15 16:30 - 00000000 ____D C:\ProgramData\AVAST Software
                                          2017-06-15 00:04 - 2015-04-15 15:41 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
                                          2017-06-14 23:54 - 2015-04-15 15:43 - 00000000 ____D C:\Users\Allan\AppData\Local\NVIDIA
                                          2017-06-14 21:34 - 2015-04-15 16:35 - 00158880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
                                          2017-06-14 21:32 - 2015-04-15 16:35 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
                                          2017-06-14 21:32 - 2015-04-15 16:35 - 00158368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys.14974724925 9302
                                          2017-06-14 21:32 - 2015-04-15 16:34 - 00569192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
                                          2017-06-14 21:31 - 2015-04-15 16:34 - 00128648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
                                          2017-06-14 21:31 - 2015-04-15 16:34 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
                                          2017-06-14 21:31 - 2015-04-15 16:34 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
                                          2017-06-14 21:31 - 2015-04-15 16:34 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
                                          2017-06-14 21:28 - 2015-04-15 16:34 - 01007160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
                                          2017-06-14 21:28 - 2015-04-15 16:32 - 00000000 ____D C:\Program Files\AVAST Software
                                          2017-06-14 20:40 - 2015-04-15 16:36 - 00000000 ____D C:\Users\Allan\AppData\Local\Steam

                                          ==================== Files in the root of some directories =======

                                          2015-04-12 13:40 - 2015-04-12 13:40 - 0007602 _____ () C:\Users\Allan\AppData\Local\Resmon.ResmonCfg

                                          ==================== Bamital & volsnap ======================

                                          (There is no automatic fix for files that do not pass verification.)

                                          C:\WINDOWS\system32\winlogon.exe => File is digitally signed
                                          C:\WINDOWS\system32\wininit.exe => File is digitally signed
                                          C:\WINDOWS\explorer.exe => File is digitally signed
                                          C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
                                          C:\WINDOWS\system32\svchost.exe => File is digitally signed
                                          C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
                                          C:\WINDOWS\system32\services.exe => File is digitally signed
                                          C:\WINDOWS\system32\User32.dll => File is digitally signed
                                          C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
                                          C:\WINDOWS\system32\userinit.exe => File is digitally signed
                                          C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
                                          C:\WINDOWS\system32\rpcss.dll => File is digitally signed
                                          C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
                                          C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
                                          C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

                                          LastRegBack: 2017-06-18 05:18

                                          ==================== End of FRST.txt ============================

                                          Also on a little sidenote, when I was running, there was a huge lag spike in my system, and then it popped up saying DAS21 has encountered a problem, and to click okay to terminate the programe, I don’t know if theres a link but I though I should share it.

                                          Also so far so good, I’ve noticed the computer starts quicker, but is a lot less responsive if I want to do something in boot up. otherwise, everything is running smoother, still got to try a game yet, but I shall do later on in the evening and let you know.[/U]

                                            Comment

                                            • Malnutrition
                                              PCHF Moderator
                                              • Jul 2016
                                              • 7045
                                              #12
                                              You have two FRST logs, I need the addition.txt as well please.

                                              Security Check Scan.

                                              [ul]
                                              [li]Download Security Check to your desktop.[/li][li]Right click it run as administrator.[/li][li]When the program completes, the tool will automatically open a log file.[/li][li]Please post that log here in your next post.[/li][/ul]

                                              Adware Removal Tool Scan.

                                              Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

                                              [MEDIA=imgur]LOr0Gd7[/MEDIA]

                                              Hit Ok.

                                              [MEDIA=imgur]sYFsqHx[/MEDIA]

                                              Hit next make sure to leave all items checked, for removal.

                                              [MEDIA=imgur]8NcZjGc[/MEDIA]

                                              The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

                                              9-Lab Scan.

                                              [ul]
                                              [li]Download 9-Lab Removal Tool. [/li][li]CLICK HERE to determine whether you’re running 32-bit or 64-bit for Windows.[/li][li]Disable your antivirus prior to this scan.[/li]
                                              [li]Install the program onto your computer, then right click the icon run as administrator.[/li][li]Update the program and then run a Full scan![/li][li]Make sure the program updates, might be better to install it update reboot and check for updates again.[/li][li]You need to make sure the database updates!!![/li][li]Upon Scan Completion Click on Show Results.[/li][li]Then Click On Clean[/li][li]Then Click on Save Log.[/li][li]Save it to your desktop, copy and paste the contents of the log here in your next reply.[/li][/ul]

                                              Zemana Deep Scan
                                              [ul]
                                              [li]
                                              • [/li][li]Right click on Zemana and run as admin.[/li][/ul]
                                                [ul]
                                                [li]Click the Cog/Sproket Wheel, at the top right of Zemana[/li][/ul]
                                                [ul]
                                                [li]Select Advanced - I have read the warning and wish to proceed.[/li][/ul]
                                                [ul]
                                                [li]Place a tick next to Detect Suspicious (Root CA) Certificates.[/li][/ul]
                                                [ul]
                                                [li]Then click the house icon in Zemana.[/li][/ul]
                                                [ul]
                                                [li]Then hit your start button at the lower left hand corner of your desktop.[/li][/ul]
                                                [ul]
                                                [li]Then left click on Computer.[/li][/ul]
                                                [ul]
                                                [li]Drag Local Disk C: or whichever drive you decide to check first.[/li]
                                                [li]Into the area of Zemana that reads Drag and drop files here to scan them.[/li][/ul]
                                                [ul]
                                                [li]http://i.imgur.com/bOVO6lY.png[/li][/ul]
                                                [ul]
                                                [li]Once the scan has completed click graph icon on the top right of the programs User interface.[/li][/ul]
                                                [ul]
                                                [li]Double click to open the latest log-file.[/li][/ul]
                                                [ul]
                                                [li]Copy it to your clipboard.[/li][/ul]
                                                [ul]
                                                [li]Post the log here in your next reply.[/li][/ul]

                                                Comment

                                                • Malnutrition
                                                  PCHF Moderator
                                                  • Jul 2016
                                                  • 7045
                                                  #13
                                                  Also, would you like to try and downgrade back to windows 7 at all? Or are you liking windows 10?

                                                    Comment

                                                    • Allan.T
                                                      PCHF Member
                                                      • Jun 2017
                                                      • 131
                                                      #14
                                                      Hmm, thats something I’m not sure about to be honest, windows ten helps with my XboxOne streaming, and I kinda like the techy feel to the windows 10, I always moaned about windows 7 lol

                                                        Comment

                                                        • Malnutrition
                                                          PCHF Moderator
                                                          • Jul 2016
                                                          • 7045
                                                          #15
                                                          Ok, post the requested logs so we can finish up here.

                                                            Comment

                                                            Previous 1 2 template Next
                                                            Working...

                                                              We process personal data about users of our site, through the use of cookies and other technologies, to deliver our services, personalize advertising, and to analyze site activity. We may share certain information about our users with our advertising and analytics partners. For additional details, refer to our Privacy Policy.

                                                              By clicking "I AGREE" below, you agree to our Privacy Policy and our personal data processing and cookie practices as described therein. You also acknowledge that this forum may be hosted outside your country and you consent to the collection, storage, and processing of your data in the country where this forum is hosted.

                                                              I Agree