Random Crashes with striped screen

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Malnutrition
    PCHF Moderator
    • Jul 2016
    • 7041

    #16
    ZHP Diag Scan

    Download ZHP Diag to your desktop.
    1. Right Click Run as Admin.
    2. Click the Options button.

    Click on Check All
    Then Click Validate
    Then click close.




    2. Click the Scanner button.



    When complete please push the report button.
    A notepad will open… copy and paste the report in your next reply.

    Comment

    • Tristen_Clark
      PCHF Member
      • Jul 2017
      • 11

      #17
      Here you go! Thanks a ton for helping me.
      ~ ZHPDiag v2017.7.25.127 By Nicolas Coolman (2017/07/25)
      ~ Run by Tristen (Administrator) (2017/07/27 03:00:44)
      ~ Web: https://www.nicolascoolman.com
      ~ Blog: https://nicolascoolman.eu/
      ~ Facebook: ZHP
      ~ Certificate ZHPDiag: Legal
      ~ State version: Version KO
      ~ Mode: Scan
      ~ Report: C:\Users\Tristen\Desktop\ZHPDiag.txt
      ~ Report: C:\Users\Tristen\AppData\Roaming\ZHP\ZHPDiag.txt
      ~ UAC: Activate
      ~ System startup: Normal (Normal boot)
      Windows 10 Home, 64-bit (Build 15063) =>.Microsoft Corporation

      —\ Internet Browsers (4) - 0s
      ~ GCIE: Google Chrome v59.0.3071.115
      ~ MFIE: Mozilla Firefox 54.0.1 (x86 en-US)
      ~ MSIE: Microsoft Edge v40
      ~ MSIE: Internet Explorer v11.483.15063.0

      —\ Windows Product Information (3) - 3s
      ~ Windows Server License Manager Script : OK
      ~ Licence Script File Génération : OK
      Windows Automatic Updates : OK

      —\ System protection software (1) - 2s
      Windows Defender (Activate) (Protection)

      —\ Surveillance software (2) - 2s
      ~ Adobe Flash Player 26 PPAPI (Surveillance)
      ~ Adobe Reader XI MUI (Surveillance)

      —\ Information on the system (6) - 0s
      ~ Operating System: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
      ~ Operating System: 64-bit
      ~ Boot mode: Normal (Normal boot)
      Total RAM: 8328.764 MB (57% free) : OK =>.RAM Value
      System Restore: Activé (Enable)
      System drive C: has 246 GB (25%) free of 953 GB : OK =>.Disk Space

      —\ Connection to the system mode (3) - 0s
      ~ Computer Name: DESKTOP-3O7QO0I
      ~ User Name: Tristen
      ~ Logged in as Administrator

      —\ Enumeration of the disk units (2) - 0s
      ~ Drive C: has 246 GB free of 953 GB (System)
      ~ Drive D: has GB free of 0 GB

      —\ State of the Windows Security Center (7) - 0s
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\Explorer] NoActiveDesktopChanges: Modified
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\system] EnableLUA: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Associations] Application: OK
      [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
      [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

      —\ Search Generic System Files (24) - 2s
      [MD5.CA3BF0F15BA4F24D511BFEE725CC89BD] - 20/06/2017 - (.Microsoft Corporation - Windows Explorer.) – C:\WINDOWS\Explorer.exe [4847424] =>.Microsoft Windows®
      [MD5.ECB702B8C5650381C0784F1EEABB97BC] - 18/03/2017 - (.Microsoft Corporation - Windows host process (Rundll32).) – C:\WINDOWS\System32\rundll32.exe [68608] =>.Microsoft Corporation
      [MD5.B2DB5876B6F68D32E470F691C7088F3F] - 07/07/2017 - (.Microsoft Corporation - Windows Start-Up Application.) – C:\WINDOWS\System32\Wininit.exe [318232] =>.Microsoft Windows Publisher®
      [MD5.BC776B6B434641AF71ED0CC00BC859AA] - 07/07/2017 - (.Microsoft Corporation - Internet Extensions for Win32.) – C:\WINDOWS\System32\wininet.dll [3307008] =>.Microsoft Corporation
      [MD5.31E3287EF6D97C5864A301CEA75BBBA1] - 07/07/2017 - (.Microsoft Corporation - Windows Logon Application.) – C:\WINDOWS\System32\Winlogon.exe [706560] =>.Microsoft Corporation
      [MD5.50CDF68A8EA8A2A9165CD573FA6C42D8] - 18/03/2017 - (.Microsoft Corporation - Software Licensing Library.) – C:\WINDOWS\System32\sppcomapi.dll [414208] =>.Microsoft Corporation
      [MD5.0F9FA6A2D4EAE50393DCE473759A9845] - 18/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) – C:\WINDOWS\System32\dnsapi.dll [661224] =>.Microsoft Windows®
      [MD5.3F969D5ADEAB3284ABD500B37D74A8F8] - 18/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) – C:\WINDOWS\Syswow64\dnsapi.dll [508344] =>.Microsoft Windows®
      [MD5.AC1928C2F7505BD556C552F153B062AB] - 18/03/2017 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\WINDOWS\System32\drivers\AFD.sys [610712] =>.Microsoft Windows®
      [MD5.01733BEEE02E51F712330D5909BD701C] - 18/03/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\WINDOWS\System32\drivers\atapi.sys [29088] =>.Microsoft Windows®
      [MD5.B6E5AD7C83A5254DEE9D86023C0E5A81] - 18/03/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\WINDOWS\System32\drivers\Cdfs.sys [93184] =>.Microsoft Corporation
      [MD5.ABE77AD954BC3D72F559CF0C381E50BC] - 18/03/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\WINDOWS\System32\drivers\Cdrom.sys [160256] =>.Microsoft Corporation
      [MD5.185A4519B7764F4DEF714D890A7A9FD2] - 18/03/2017 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\WINDOWS\System32\drivers\DfsC.sys [150528] =>.Microsoft Corporation
      [MD5.02B9639D9997E95CDF2F4C4F3BDCC73D] - 20/06/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\WINDOWS\System32\drivers\HDAudBus.sys [86528] =>.Microsoft Corporation
      [MD5.C6C8315E3262FAE460529C6DA2951682] - 18/03/2017 - (.Microsoft Corporation - i8042 Port Driver.) – C:\WINDOWS\System32\drivers\i8042prt.sys [115200] =>.Microsoft Corporation
      [MD5.DCC05E5EAA580C97F13B434FAFACED85] - 18/03/2017 - (.Microsoft Corporation - IP Network Address Translator.) – C:\WINDOWS\System32\drivers\IpNat.sys [214528] =>.Microsoft Corporation
      [MD5.F2AD1B72C5A6475FB5FF332E1980DF88] - 18/03/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\WINDOWS\System32\drivers\MRxSmb.sys [467352] =>.Microsoft Windows®
      [MD5.30C2F67EC84EB11B22011620107E0325] - 18/03/2017 - (.Microsoft Corporation - MBT Transport driver.) – C:\WINDOWS\System32\drivers\netBT.sys [305152] =>.Microsoft Corporation
      [MD5.8D72D5038C5F91AFEF1B160FE524C2D9] - 20/06/2017 - (.Microsoft Corporation - NT File System Driver.) – C:\WINDOWS\System32\drivers\ntfs.sys [2327456] =>.Microsoft Windows®
      [MD5.2CC6C325B271C7CA60F374F8F868CB45] - 18/03/2017 - (.Microsoft Corporation - Parallel Port Driver.) – C:\WINDOWS\System32\drivers\Parport.sys [97792] =>.Microsoft Corporation
      [MD5.5279EC98F6218D29EADDFECCC0D80E9A] - 18/03/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\Rasl2tp.sys [107008] =>.Microsoft Corporation
      [MD5.53A01D3FDB701AC5D9DDE4140227E3D9] - 18/03/2017 - (.Microsoft Corporation - Microsoft RDP Device redirector.) – C:\WINDOWS\System32\drivers\rdpdr.sys [183296] =>.Microsoft Corporation
      [MD5.892AB2637603A5E9507C39E61101C3C3] - 03/06/2017 - (.Microsoft Corporation - TDI Translation Driver.) – C:\WINDOWS\System32\drivers\tdx.sys [119712] =>.Microsoft Windows®
      [MD5.E3429DBBEA3965BB96E24B16EF4A2551] - 18/03/2017 - (.Microsoft Corporation - Volume Shadow Copy driver.) – C:\WINDOWS\System32\drivers\volsnap.sys [397216] =>.Microsoft Windows®

      —\ Non Microsoft non disabled Windows Services (21) - 2s
      O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
      O23 - Service: Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated®
      O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\WINDOWS\system32\atiesrxx.exe =>.AMD
      O23 - Service: ASRock IO Monitor Service (ASRockIOMon) . (…) - C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
      O23 - Service: cFosSpeed System Service (cFosSpeedS) . (.cFos Software GmbH - cFosSpeed Service.) - C:\Program Files\ASRock\XFast LAN\spd.exe =>.cFos Software GmbH®
      O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) . (.Dropbox, Inc. - Dropbox Update.) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe =>.Dropbox, Inc®
      O23 - Service: DbxSvc (DbxSvc) . (.Dropbox, Inc. - Dropbox Service.) - C:\WINDOWS\system32\DbxSvc.exe =>.Dropbox, Inc.
      O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
      O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) . (…) - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe (.not file.)
      O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) . (.Hi-Rez Studios - HiPatchService.) - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe =>.Hi-Rez Studios
      O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe =>.Intel Corporation - Intel® Rapid Storage Technology®
      O23 - Service: Intel® ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe =>.Intel Corporation - Intel® Management Engine Firmware®
      O23 - Service: Intel(R) PROSet Monitoring Service (Intel(R) PROSet Monitoring Service) . (.Intel Corporation - Intel® PROSet Monitoring Service.) - C:\Windows\system32\IProsetMonitor.exe =>.Intel Corporation
      O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware®
      O23 - Service: LMIGuardianSvc (LMIGuardianSvc) . (…) - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe (.not file.) =>PUP.Optional.Youndoo
      O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Intel® Management Engine Firmware®
      O23 - Service: Origin Web Helper Service (Origin Web Helper Service) . (…) - C:\Program Files (x86)\Origin\OriginWebHelperService.exe (.not file.)
      O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp®
      O23 - Service: Skype Updater (SkypeUpdate) . (…) - C:\Program Files (x86)\Skype\Updater\Updater.exe (.not file.)
      O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe =>.Samsung Electronics CO., LTD.®
      O23 - Service: WSWNA3100 (WSWNA3100) . (.Copyright (C) 2008-2009 - Wifi Service.) - C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe =>.NETGEAR®

      —\ Services not Microsoft (SR=Run, SS=Stop) (25) - 17s
      SR - Auto [23/09/2012] [ 65192] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
      SR - Auto [18/05/2017] [ 2246256] Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated®
      SR - Auto [24/07/2017] [ 560552] (AMD External Events Utility) . (.AMD.) - C:\WINDOWS\system32\atiesrxx.exe =>.Advanced Micro Devices, Inc.®
      SR - Auto [25/07/2013] [ 454656] ASRock IO Monitor Service (ASRockIOMon) . (…) - C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
      SS - Demand [10/04/2017] [ 1522184] BattlEye Service (BEService) . (…) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe =>.BattlEye Innovations e.K.®
      SR - Auto [31/05/2013] [ 652640] cFosSpeed System Service (cFosSpeedS) . (.cFos Software GmbH.) - C:\Program Files\ASRock\XFast LAN\spd.exe =>.cFos Software GmbH®
      SS - Auto [31/05/2013] [ 652640] Dropbox Update Service (dbupdate) (dbupdate) . (.Dropbox, Inc..) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe =>.Dropbox, Inc®
      SS - Demand [31/05/2013] [ 652640] Dropbox Update Service (dbupdatem) (dbupdatem) . (.Dropbox, Inc..) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe =>.Dropbox, Inc®
      SR - Auto [31/05/2013] [ 652640] DbxSvc (DbxSvc) . (.Dropbox, Inc..) - C:\WINDOWS\system32\DbxSvc.exe =>.Dropbox, Inc®
      SS - Auto [31/05/2013] [ 652640] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
      SS - Demand [31/05/2013] [ 652640] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
      SS - Demand [31/05/2013] [ 652640] Google Software Updater (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe =>.Google Inc®
      SS - Auto [31/05/2013] [ 652640] Hi-Rez Studios Authenticate and Update Service (HiPatchService) . (.Hi-Rez Studios.) - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe =>.Hi-Rez Studios
      SR - Auto [31/05/2013] [ 652640] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe =>.Intel Corporation - Intel® Rapid Storage Technology®
      SS - Demand [31/05/2013] [ 652640] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe =>.Intel Corporation - Intel® Management Engine Firmware®
      SS - Demand [31/05/2013] [ 652640] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel® Trusted Connect Service®
      SR - Auto [31/05/2013] [ 652640] Intel® ME Service (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe =>.Intel Corporation - Intel® Management Engine Firmware®
      SR - Auto [31/05/2013] [ 652640] Intel(R) PROSet Monitoring Service (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe =>.Intel Corporation®
      SR - Auto [31/05/2013] [ 652640] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware®
      SR - Auto [31/05/2013] [ 652640] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Intel® Management Engine Firmware®
      SS - Demand [31/05/2013] [ 652640] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
      SR - Auto [31/05/2013] [ 652640] Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp®
      SR - Auto [31/05/2013] [ 652640] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe =>.Samsung Electronics CO., LTD.®
      SR - Demand [31/05/2013] [ 652640] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve®
      SR - Auto [31/05/2013] [ 652640] WSWNA3100 (WSWNA3100) . (.Copyright (C) 2008-2009.) - C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe =>.NETGEAR®

      —\ Task Planned Automatically (23) - 11s
      [MD5.EED3F2404A03199A62FDC3D6A13C14FE] [APT] [Adobe Flash Player PPAPI Notifier] (.Adobe Systems Incorporated.) – C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_ 0_0_137_pepper.exe [1281024] (.Activate.) =>.Adobe Systems Incorporated®
      [MD5.C58A2B0A6C05AA317DF808FF56B0F24B] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) – C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [272384] (.Activate.) =>.Adobe Systems Incorporated®
      [MD5.60D05F375378CD63AD03C0CD42B872CD] [APT] [AdobeAAMUpdater-1.0-MicrosoftAccount...k628@gmail.com] (.Adobe Systems Incorporated.) – C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe [508128] (.Activate.) =>.Adobe Systems Incorporated®
      [MD5.A1F58FFF448E4099297D6EE0641D4D0E] [APT] [DropboxUpdateTaskMachineCore] (.Dropbox, Inc..) – C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144] (.Activate.) =>.Dropbox, Inc®
      [MD5.88FBBB1C601A6BC42054E57C2897FA45] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc®
      [MD5.88FBBB1C601A6BC42054E57C2897FA45] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc®
      [MD5.00000000000000000000000000000000] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473] (…) – C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
      [MD5.00000000000000000000000000000000] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon] (…) – C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
      [MD5.40E8A53B0D89127D08C27F0115682A8B] [APT] [StartCN] (.Advanced Micro Devices, Inc..) – C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104] (.Activate.) =>.Advanced Micro Devices, Inc.®
      O39 - APT: Unknown - (.Legitimate.) – C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask .job [214]
      O39 - APT: DropboxUpdateTaskMachineCore - (.Dropbox, Inc..) – C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job [938] =>.Dropbox, Inc®
      O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) – C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier [4556] =>.Adobe Systems Incorporated®
      O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) – C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [4386] =>.Adobe Systems Incorporated®
      O39 - APT: AdobeAAMUpdater-1.0-MicrosoftAccount...k628@gmail.com - (.Adobe Systems Incorporated.) – C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount...k628@gmail.com [2818] =>.Adobe Systems Incorporated®
      O39 - APT: Unknown - (…) – C:\WINDOWS\System32\Tasks\AsrSP.exe [3038]
      O39 - APT: DropboxUpdateTaskMachineCore - (.Dropbox, Inc..) – C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachine Core [3232] =>.Dropbox, Inc®
      O39 - APT: Unknown - (…) – C:\WINDOWS\System32\Tasks\fupdate [2636]
      O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) – C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineC ore [3120] =>.Google Inc®
      O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) – C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineU A [3344] =>.Google Inc®
      O39 - APT: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - (…) – C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 [3042] (.Orphan.) =>.Superfluous.Orphan
      O39 - APT: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon - (…) – C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon [2680] (.Orphan.) =>.Superfluous.Orphan
      O39 - APT: Unknown - (.Microsoft Corporation.) – C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 [3294] =>.Microsoft Corporation
      O39 - APT: StartCN - (.Advanced Micro Devices, Inc..) – C:\WINDOWS\System32\Tasks\StartCN [3160] =>.Advanced Micro Devices, Inc.®

      —\ Auto loading programs from Registry and folders (13) - 1s
      O4 - HKLM..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Defender notification icon.) – C:\Program Files\Windows Defender\MSASCuiL.exe =>.Microsoft Windows®
      O4 - HKLM..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio Manager.) – C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp®
      O4 - HKLM..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) – C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe =>.Intel Corporation
      O4 - HKLM..\Run: [XFast LAN] . (.cFos Software GmbH - cFosSpeed Window.) – C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe =>.cFos Software GmbH®
      O4 - HKLM..\Run: [Cm108BSound] . (.Copyright (C) 2014 - Xear Audio Center.) – C:\Program Files\Sades 7.1CH Gaming Headset\CPL\FaceLift_x64.exe
      O4 - HKCU..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) – C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
      O4 - HKCU..\Run: [Discord] . (.Hammer & Chisel, Inc. - Discord.) – C:\Users\Tristen\AppData\Local\Discord\app-0.0.297\Discord.exe =>.Hammer & Chisel Inc.®
      O4 - HKLM..\Wow6432Node\Run: [Raptr] . (.Raptr, Inc - Raptr Desktop App.) – C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe =>.Raptr, Inc®
      O4 - HKLM..\Wow6432Node\Run: [LogMeIn Hamachi Ui] – C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (.not file.)
      O4 - HKUS\S-1-5-19..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows®
      O4 - HKUS\S-1-5-20..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows®
      O4 - HKUS\S-1-5-21-1804258755-1314807169-2186987872-1001..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) – C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
      O4 - HKUS\S-1-5-21-1804258755-1314807169-2186987872-1001..\Run: [Discord] . (.Hammer & Chisel, Inc. - Discord.) – C:\Users\Tristen\AppData\Local\Discord\app-0.0.297\Discord.exe =>.Hammer & Chisel Inc.®

      —\ Process running (40) - 4s
      [MD5.00000000000000000000000000000000] - (.AMD - AMD External Events Service Module.) – C:\WINDOWS\system32\atiesrxx.exe [0] [PID.1460] =>.AMD
      [MD5.00000000000000000000000000000000] - (.AMD - AMD External Events Client Module.) – C:\WINDOWS\system32\atieclxx.exe [0] [PID.1216] =>.AMD
      [MD5.DDF3EFB4AD226C61D0ADA6E779E3D968] - (.Realtek Semiconductor - Realtek Audio Service.) – C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488] [PID.2128] =>.Realtek Semiconductor Corp®
      [MD5.C9C552CE10985B889DC476F6C015F85D] - (.Realtek Semiconductor - HD Audio Background Process.) – C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688] [PID.2164] =>.Realtek Semiconductor Corp®
      [MD5.49C58338E9572E2570E2C636A3CDAA42] - (.cFos Software GmbH - cFosSpeed Service.) – C:\Program Files\ASRock\XFast LAN\spd.exe [652640] [PID.2844] =>.cFos Software GmbH®
      [MD5.078B785A7533B7059A236017B3B060A4] - (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) – C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256] [PID.2860] =>.Adobe Systems Incorporated®
      [MD5.D208B82330EB0CA9E1285520630183F1] - (…) – C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [454656] [PID.2868]
      [MD5.00000000000000000000000000000000] - (.Dropbox, Inc. - Dropbox Service.) – C:\WINDOWS\system32\DbxSvc.exe [0] [PID.2876] =>.Dropbox, Inc.
      [MD5.B1EA9681502EE57F87DB71D726288A5B] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.2884] =>.Adobe Systems, Incorporated®
      [MD5.00000000000000000000000000000000] - (.Intel Corporation - Intel® PROSet Monitoring Service.) – C:\Windows\system32\IProsetMonitor.exe [0] [PID.3052] =>.Intel Corporation
      [MD5.7DB9E612A2742ACEAB080B882E83141C] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) – C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784] [PID.3112] =>.Samsung Electronics CO., LTD.®
      [MD5.727D9A2400F499672D1F74761B98CC1C] - (.Copyright (C) 2008-2009 - Wifi Service.) – C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [316120] [PID.3244] =>.NETGEAR®
      [MD5.A1F58FFF448E4099297D6EE0641D4D0E] - (.Dropbox, Inc. - Dropbox Update.) – C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144] [PID.5192] =>.Dropbox, Inc®
      [MD5.324B8DDDF70D28B7A767E0608256DF36] - (.Realtek Semiconductor - Realtek HD Audio Manager.) – C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824] [PID.1252] =>.Realtek Semiconductor Corp®
      [MD5.9DFE8B0B6C982C31144CED1795304A60] - (.cFos Software GmbH - cFosSpeed Window.) – C:\Program Files\ASRock\XFast LAN\cfosspeed.exe [2009952] [PID.6780] =>.cFos Software GmbH®
      [MD5.B5955C4E31B759F748D06040250D0C21] - (.Copyright (C) 2014 - Xear Audio Center.) – C:\Program Files\Sades 7.1CH Gaming Headset\CPL\FaceLift_x64.exe [2341376] [PID.5720]
      [MD5.8B0190D44561ACB695CF2D53B168C51B] - (.Copyright (C) 2009 - Netgear.) – C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe [8274648] [PID.7252] =>.NETGEAR®
      [MD5.2545A3C12E99CAA24F9367D7F5A80D83] - (.Intel Corporation - IAStorIcon.) – C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592] [PID.504] =>.Intel Corporation - Intel® Rapid Storage Technology®
      [MD5.827100945C5A66C008E7CE68BD8682B2] - (.Advanced Micro Devices, Inc. - Radeon Settings: Host Application.) – C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8735624] [PID.7944] =>.Advanced Micro Devices, Inc.®
      [MD5.D524B034148F14C60F1CA66D267EE56A] - (.Intel Corporation - IAStorDataSvc.) – C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232] [PID.272] =>.Intel Corporation - Intel® Rapid Storage Technology®
      [MD5.9417DBC88A3A80F6177BCA204B16A016] - (.Intel Corporation - Intel(R) ME Service.) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544] [PID.1372] =>.Intel Corporation - Intel® Management Engine Firmware®
      [MD5.0B93A01F786F37A4B1EDE84E639FFF10] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584] [PID.5004] =>.Intel Corporation - Intel® Management Engine Firmware®
      [MD5.C31139E0907170E2A3FA8D19DCC23D35] - (.Intel Corporation - Intel(R) Local Management Service.) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [398296] [PID.1856] =>.Intel Corporation - Intel® Management Engine Firmware®
      [MD5.DBE440017ADEF623761D55B58FBEDE35] - (…) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x 64__kzf8qxf38zg5c\SkypeHost.exe [74752] [PID.5320] =>.Skype Technologies
      [MD5.54EA8A3DCBF0AD3E968063A0E5451B3D] - (.Hammer & Chisel, Inc. - Discord.) – C:\Users\Tristen\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304] [PID.2308] =>.Hammer & Chisel Inc.®
      [MD5.54EA8A3DCBF0AD3E968063A0E5451B3D] - (.Hammer & Chisel, Inc. - Discord.) – C:\Users\Tristen\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304] [PID.32] =>.Hammer & Chisel Inc.®
      [MD5.54EA8A3DCBF0AD3E968063A0E5451B3D] - (.Hammer & Chisel, Inc. - Discord.) – C:\Users\Tristen\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304] [PID.1704] =>.Hammer & Chisel Inc.®
      [MD5.5614A72C29D1BBEAD78FE507013B2488] - (.Valve Corporation - Steam Client Bootstrapper.) – C:\Program Files (x86)\Steam\Steam.exe [3062560] [PID.6336] =>.Valve®
      [MD5.61B1A52289316351CFC9984B51058F30] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [3470112] [PID.1472] =>.Valve®
      [MD5.03404CCE10E4A207953E954C2AF8D41E] - (.Valve Corporation - Steam Client Service.) – C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1608480] [PID.2504] =>.Valve®
      [MD5.9CA1B743C03BACFA1C709B3083346721] - (.Blizzard Entertainment - Blizzard Update Agent.) – C:\ProgramData\Battle.net\Agent\Agent.5725\Agent.e xe [3545064] [PID.7644] =>.Blizzard Entertainment, Inc.®
      [MD5.D78A1B6B23B2ABB98CFBA856585DB3D8] - (.Blizzard Entertainment - Blizzard App.) – C:\Program Files (x86)\Battle.net\Battle.net.9093\Battle.net.exe [15485416] [PID.8156] =>.Blizzard Entertainment, Inc.®
      [MD5.603DF45AB5CE2FECE51B212752C235D3] - (…) – C:\Program Files (x86)\Battle.net\Battle.net.9093\Battle.net Helper.exe [1528296] [PID.392] =>.Blizzard Entertainment, Inc.®
      [MD5.603DF45AB5CE2FECE51B212752C235D3] - (…) – C:\Program Files (x86)\Battle.net\Battle.net.9093\Battle.net Helper.exe [1528296] [PID.6580] =>.Blizzard Entertainment, Inc.®
      [MD5.9582938ED74B21574364646C1A9BC07D] - (.Adobe Systems Incorporated - AAM Updates Notifier Application.) – C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe [1026240] [PID.9468] =>.Adobe Systems Incorporated®
      [MD5.61B1A52289316351CFC9984B51058F30] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [3470112] [PID.1212] =>.Valve®
      [MD5.61B1A52289316351CFC9984B51058F30] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [3470112] [PID.6616] =>.Valve®
      [MD5.61B1A52289316351CFC9984B51058F30] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [3470112] [PID.5824] =>.Valve®
      [MD5.594F91C5985AC402ECD2D7F1376AFFFD] - (.Mozilla Corporation - Firefox.) – C:\Program Files (x86)\Mozilla Firefox\firefox.exe [521160] [PID.9396] =>.Mozilla Corporation®
      [MD5.C404FD56CAD0E71017D0F4D285A88C65] - (.Nicolas Coolman - ZHPDiag.) – C:\Users\Tristen\Downloads\ZHPDiag3.exe [2791808] [PID.9096] =>.Nicolas Coolman

      —\ Google Chrome, Start,Search,Extensions (15) - 0s
      G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com =>.Google Inc.
      G0 - GCSP: Preferences [User Data\Default][HomePage] http://ping.getadblock.com
      G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
      G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com =>.Google Inc.
      G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com =>.Google Inc.
      G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] =>.Google Inc. {Slides}
      G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] =>.Google Inc. {Docs}
      G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] http://drive.google.com/ =>.Google Inc. {Drive}
      G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] http://www.youtube.com =>.Youtube {Youtube}
      G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] =>.Google Inc. {Sheets}
      G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
      G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] Eyeo GmbH =>.Wladimir Palant {AdBlock}
      G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
      G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] http://mail.google.com/ =>.Google Inc. {Gmail}
      G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.

      —\ Mozilla Firefox,Plugins,Start,Search,Extensions (12) - 3s
      P2 - EXT FILE: (.No Resource URI Leak - Deny resource:// access to Web content.) – C:\Users\Tristen\AppData\Roaming\Mozilla\Firefox\P rofiles\v20atxx0.default\extensions@no-resource-uri-leak.xpi
      P2 - EXT FILE: (.AdBlock Ultimate - Free and improved AdBlocker. Completel.) – C:\Users\Tristen\AppData\Roaming\Mozilla\Firefox\P rofiles\v20atxx0.default\extensions\adblockultimate@adblockultimate.net.xpi =>.AdBlock Ultimate
      P2 - EXT FILE: (.MEGA - Secure Cloud Storage.) – C:\Users\Tristen\AppData\Roaming\Mozilla\Firefox\P rofiles\v20atxx0.default\extensions\firefox@mega.co.nz.xpi =>.MEGA
      P2 - EXT FILE: (.Translate This! - Translate the whole entire page or jus.) – C:\Users\Tristen\AppData\Roaming\Mozilla\Firefox\P rofiles\v20atxx0.default\extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi
      P2 - EXT FILE: (.Smart HTTPS - Automatically changes HTTP addresses t.) – C:\Users\Tristen\AppData\Roaming\Mozilla\Firefox\P rofiles\v20atxx0.default\extensions\jid0-oFwt2ZcakHhkFl7Kp4lJn@jetpack.xpi
      P2 - EXT FILE: (.YouTube Control Center - YouTube Control Center provides a set .) – C:\Users\Tristen\AppData\Roaming\Mozilla\Firefox\P rofiles\v20atxx0.default\extensions\jid1-CikLKKPVkw6ipw@jetpack.xpi
      P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi =>.Mozilla Corporation
      P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi =>.Mozilla Corporation
      P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi =>.Mozilla Corporation
      P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files (x86)\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi =>.Mozilla Corporation
      P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi =>.Mozilla Corporation
      P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) – C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_ 137.dll =>.Adobe Systems Incorporated

      —\ Internet Explorer Extensions, Start, Search (15) - 0s
      R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com =>.Google Inc.
      R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
      R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
      R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
      R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
      R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
      R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
      R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
      R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
      R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
      R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
      R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
      R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
      R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
      R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer

      —\ Internet Explorer, Proxy Management (3) - 0s
      R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyEnable = 0
      R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,MigrateProxy = 1
      R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Para meters\Internet\ManualProxies =>.Microsoft

      —\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
      F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
      F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
      F2 - REG:system.ini: VMApplet=

      —\ Hosts file redirection (1) - 0s
      ~ Le fichier hôte est sain (The hosts file is clean) (23)

      —\ Global shortcuts Startup (98) - 4s
      O4 - GS\Desktop [Administrator]: Overwatch.lnk . (.Blizzard Entertainment - Overwatch Setup.) C:\Program Files (x86)\Overwatch\Overwatch Launcher.exe =>.Blizzard Entertainment, Inc.®
      O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Tristen\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
      O4 - GS\Quicklaunch [Administrator]: Bandicam.lnk . (.www.Bandisoft.com - Bandisoft - bdcam.exe.) C:\bandi\Bandicam\bdcam.exe =>.Bandisoft®
      O4 - GS\Quicklaunch [Administrator]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe =>.Belarc, Inc.®
      O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
      O4 - GS\Quicklaunch [Administrator]: HxD.lnk . (.Maël Hörz - HxD Hex Editor.) C:\Program Files (x86)\HxD\HxD.exe =>.Maël Hörz
      O4 - GS\Quicklaunch [Administrator]: Nexus Mod Manager.lnk . (.Black Tree Gaming - Nexus Mod Manager.) C:\Program Files\Nexus Mod Manager\NexusClient.exe =>.Black Tree Gaming Ltd.®
      O4 - GS\Quicklaunch [Administrator]: Oracle VM VirtualBox.lnk . (…) C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe
      O4 - GS\Quicklaunch [Administrator]: Samsung Kies (Lite).lnk . (…) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite =>.Samsung Electronics CO., LTD.®
      O4 - GS\Quicklaunch [Administrator]: Samsung Kies.lnk . (…) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
      O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
      O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
      O4 - GS\sendTo [Administrator]: Skype.lnk . (…) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto:
      O4 - GS\TaskBar [Administrator]: AMD Software.lnk . (.Advanced Micro Devices, Inc. - AMD Software.) C:\AMD\Radeon-Crimson-ReLive-17.7.1-MinimalSetup-170714_web\Bin64\RadeonInstaller.exe =>.Advanced Micro Devices, Inc.®
      O4 - GS\TaskBar [Administrator]: Discord.lnk . (.GitHub - Update.) C:\Users\Tristen\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Hammer & Chisel Inc.®
      O4 - GS\TaskBar [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
      O4 - GS\TaskBar [Administrator]: Notepad++.lnk . (.Don HO don.h@free.fr - Notepad++ : a free (GNU) source code editor.) C:\Program Files (x86)\Notepad++\notepad++.exe =>.Notepad++®
      O4 - GS\TaskBar [Administrator]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
      O4 - GS\TaskBar [Administrator]: Task Manager.lnk . (.Microsoft Corporation - Task Manager.) C:\WINDOWS\system32\taskmgr.exe /7 =>.Microsoft Windows®
      O4 - GS\Programs [Administrator]: AMD Radeon Settings.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\CNext\CNext\RadeonSettings.exe =>.Advanced Micro Devices, Inc.
      O4 - GS\Programs [Administrator]: Curse.lnk . (…) C:\Users\Tristen\AppData\Roaming\Curse Client\Bin\Curse.exe
      O4 - GS\Programs [Administrator]: Minecraft.lnk . (.Mojang - Minecraft launcher.) C:\Users\Tristen\Desktop\Apps\Minecraft.exe =>.Mojang AB®
      O4 - GS\Programs [Administrator]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Tristen\AppData\Local\Microsoft\OneDrive\ OneDrive.exe =>.Microsoft Corporation®
      O4 - GS\Desktop [Guest]: Overwatch.lnk . (.Blizzard Entertainment - Overwatch Setup.) C:\Program Files (x86)\Overwatch\Overwatch Launcher.exe =>.Blizzard Entertainment, Inc.®
      O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Tristen\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
      O4 - GS\Quicklaunch [Guest]: Bandicam.lnk . (.www.Bandisoft.com - Bandisoft - bdcam.exe.) C:\bandi\Bandicam\bdcam.exe =>.Bandisoft®
      O4 - GS\Quicklaunch [Guest]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe =>.Belarc, Inc.®
      O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
      O4 - GS\Quicklaunch [Guest]: HxD.lnk . (.Maël Hörz - HxD Hex Editor.) C:\Program Files (x86)\HxD\HxD.exe =>.Maël Hörz
      O4 - GS\Quicklaunch [Guest]: Nexus Mod Manager.lnk . (.Black Tree Gaming - Nexus Mod Manager.) C:\Program Files\Nexus Mod Manager\NexusClient.exe =>.Black Tree Gaming Ltd.®
      O4 - GS\Quicklaunch [Guest]: Oracle VM VirtualBox.lnk . (…) C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe
      O4 - GS\Quicklaunch [Guest]: Samsung Kies (Lite).lnk . (…) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite =>.Samsung Electronics CO., LTD.®
      O4 - GS\Quicklaunch [Guest]: Samsung Kies.lnk . (…) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
      O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
      O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
      O4 - GS\sendTo [Guest]: Skype.lnk . (…) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto:
      O4 - GS\TaskBar [Guest]: AMD Software.lnk . (.Advanced Micro Devices, Inc. - AMD Software.) C:\AMD\Radeon-Crimson-ReLive-17.7.1-MinimalSetup-170714_web\Bin64\RadeonInstaller.exe =>.Advanced Micro Devices, Inc.®
      O4 - GS\TaskBar [Guest]: Discord.lnk . (.GitHub - Update.) C:\Users\Tristen\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Hammer & Chisel Inc.®
      O4 - GS\TaskBar [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
      O4 - GS\TaskBar [Guest]: Notepad++.lnk . (.Don HO don.h@free.fr - Notepad++ : a free (GNU) source code editor.) C:\Program Files (x86)\Notepad++\notepad++.exe =>.Notepad++®
      O4 - GS\TaskBar [Guest]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
      O4 - GS\TaskBar [Guest]: Task Manager.lnk . (.Microsoft Corporation - Task Manager.) C:\WINDOWS\system32\taskmgr.exe /7 =>.Microsoft Windows®
      O4 - GS\Programs [Guest]: AMD Radeon Settings.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\CNext\CNext\RadeonSettings.exe =>.Advanced Micro Devices, Inc.
      O4 - GS\Programs [Guest]: Curse.lnk . (…) C:\Users\Tristen\AppData\Roaming\Curse Client\Bin\Curse.exe
      O4 - GS\Programs [Guest]: Minecraft.lnk . (.Mojang - Minecraft launcher.) C:\Users\Tristen\Desktop\Apps\Minecraft.exe =>.Mojang AB®
      O4 - GS\Programs [Guest]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Tristen\AppData\Local\Microsoft\OneDrive\ OneDrive.exe =>.Microsoft Corporation®
      O4 - GS\Desktop [Tristen]: Overwatch.lnk . (.Blizzard Entertainment - Overwatch Setup.) C:\Program Files (x86)\Overwatch\Overwatch Launcher.exe =>.Blizzard Entertainment, Inc.®
      O4 - GS\Desktop [Tristen]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Tristen\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
      O4 - GS\Quicklaunch [Tristen]: Bandicam.lnk . (.www.Bandisoft.com - Bandisoft - bdcam.exe.) C:\bandi\Bandicam\bdcam.exe =>.Bandisoft®
      O4 - GS\Quicklaunch [Tristen]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe =>.Belarc, Inc.®
      O4 - GS\Quicklaunch [Tristen]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
      O4 - GS\Quicklaunch [Tristen]: HxD.lnk . (.Maël Hörz - HxD Hex Editor.) C:\Program Files (x86)\HxD\HxD.exe =>.Maël Hörz
      O4 - GS\Quicklaunch [Tristen]: Nexus Mod Manager.lnk . (.Black Tree Gaming - Nexus Mod Manager.) C:\Program Files\Nexus Mod Manager\NexusClient.exe =>.Black Tree Gaming Ltd.®
      O4 - GS\Quicklaunch [Tristen]: Oracle VM VirtualBox.lnk . (…) C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe
      O4 - GS\Quicklaunch [Tristen]: Samsung Kies (Lite).lnk . (…) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite =>.Samsung Electronics CO., LTD.®
      O4 - GS\Quicklaunch [Tristen]: Samsung Kies.lnk . (…) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
      O4 - GS\sendTo [Tristen]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
      O4 - GS\sendTo [Tristen]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
      O4 - GS\sendTo [Tristen]: Skype.lnk . (…) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto:
      O4 - GS\TaskBar [Tristen]: AMD Software.lnk . (.Advanced Micro Devices, Inc. - AMD Software.) C:\AMD\Radeon-Crimson-ReLive-17.7.1-MinimalSetup-170714_web\Bin64\RadeonInstaller.exe =>.Advanced Micro Devices, Inc.®
      O4 - GS\TaskBar [Tristen]: Discord.lnk . (.GitHub - Update.) C:\Users\Tristen\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Hammer & Chisel Inc.®
      O4 - GS\TaskBar [Tristen]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
      O4 - GS\TaskBar [Tristen]: Notepad++.lnk . (.Don HO don.h@free.fr - Notepad++ : a free (GNU) source code editor.) C:\Program Files (x86)\Notepad++\notepad++.exe =>.Notepad++®
      O4 - GS\TaskBar [Tristen]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
      O4 - GS\TaskBar [Tristen]: Task Manager.lnk . (.Microsoft Corporation - Task Manager.) C:\WINDOWS\system32\taskmgr.exe /7 =>.Microsoft Windows®
      O4 - GS\Programs [Tristen]: AMD Radeon Settings.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\CNext\CNext\RadeonSettings.exe =>.Advanced Micro Devices, Inc.
      O4 - GS\Programs [Tristen]: Curse.lnk . (…) C:\Users\Tristen\AppData\Roaming\Curse Client\Bin\Curse.exe
      O4 - GS\Programs [Tristen]: Minecraft.lnk . (.Mojang - Minecraft launcher.) C:\Users\Tristen\Desktop\Apps\Minecraft.exe =>.Mojang AB®
      O4 - GS\Programs [Tristen]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Tristen\AppData\Local\Microsoft\OneDrive\ OneDrive.exe =>.Microsoft Corporation®
      O4 - GS\Programs [Public]: AMD Radeon Settings.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\CNext\CNext\RadeonSettings.exe =>.Advanced Micro Devices, Inc.
      O4 - GS\Programs [Public]: Curse.lnk . (…) C:\Users\Tristen\AppData\Roaming\Curse Client\Bin\Curse.exe
      O4 - GS\Programs [Public]: Minecraft.lnk . (.Mojang - Minecraft launcher.) C:\Users\Tristen\Desktop\Apps\Minecraft.exe =>.Mojang AB®
      O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Tristen\AppData\Local\Microsoft\OneDrive\ OneDrive.exe =>.Microsoft Corporation®
      O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
      O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
      O4 - GS\Startup [Public]: NETGEAR WNA3100 Genie.lnk . (.Copyright (C) 2009 - Netgear.) C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe =>.NETGEAR®
      O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
      O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe =>.Microsoft Corporation
      O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe =>.Microsoft Corporation
      O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation
      O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation
      O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Steps Recorder.) C:\WINDOWS\system32\psr.exe =>.Microsoft Corporation
      O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe =>.Microsoft Corporation
      O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
      O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
      O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\WINDOWS\system32\xpsrchvw.exe =>.Microsoft Corporation
      O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation
      O4 - GS\ProgramsCommon [Public]: Adobe Photoshop CC 2015.lnk . (…) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
      O4 - GS\ProgramsCommon [Public]: Adobe Reader XI.lnk . (…) C:\WINDOWS\Installer{AC76BA86-7AD7-FFFF-7B44-AB0000000001}\SC_Reader.ico =>.Adobe Inc.
      O4 - GS\ProgramsCommon [Public]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe =>.Belarc, Inc.®
      O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
      O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe =>.Microsoft Corporation
      O4 - GS\ProgramsCommon [Public]: MiracastView.lnk . (.Microsoft Corporation - MiracastView.) C:\WINDOWS\MiracastView\MiracastView.exe =>.Microsoft Windows®
      O4 - GS\ProgramsCommon [Public]: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation®
      O4 - GS\ProgramsCommon [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
      O4 - GS\ProgramsCommon [Public]: Photo Gallery.lnk . (.Microsoft Corporation - Photo Gallery.) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation®
      O4 - GS\ProgramsCommon [Public]: PrintDialog.lnk . (.Microsoft Corporation - Print Dialog.) C:\WINDOWS\PrintDialog\PrintDialog.exe =>.Microsoft Windows®
      O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation

      —\ Lop.com/Domain Hijackers (4) - 0s
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = attlocal.net =>.Local Domain
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 =>.Local IP Adress
      O17 - HKLM\System\CCS\Services\Tcpip..{3aeaf050-ed9c-4c39-9679-79bcd165be3f}: DhcpNameServer = 192.168.1.254 =>.Local IP Adress
      O17 - HKLM\System\CCS\Services\Tcpip..{3aeaf050-ed9c-4c39-9679-79bcd165be3f}: DhcpDomain = attlocal.net =>.Local Domain

      —\ Extra protocols (24) - 0s
      O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
      O18 - Handler: belarc [64Bits] - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} . (.Belarc, Inc. - Belarc VoilaX Control.) – C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll =>.Belarc, Inc.®
      O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
      O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
      O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
      O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
      O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
      O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
      O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
      O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
      O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
      O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
      O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
      O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
      O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
      O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
      O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
      O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
      O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
      O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
      O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) – C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation®
      O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
      O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
      O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation

      —\ Software installed (153) - 18s
      O42 - Logiciel: 7 Days to Die - (.The Fun Pimps.) [HKLM][64Bits] – Steam App 251570 =>.Valve®
      O42 - Logiciel: Adobe Flash Player 26 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
      O42 - Logiciel: Adobe Flash Player 26 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe Flash Player PPAPI =>.Adobe Systems Incorporated®
      O42 - Logiciel: Adobe Photoshop CC 2015 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {793C2BF7-A4FE-4608-91C9-9282C5801C21} =>.Adobe Systems Incorporated®
      O42 - Logiciel: Adobe Reader XI MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {AC76BA86-7AD7-FFFF-7B44-AB0000000001} =>.Adobe Systems Incorporated
      O42 - Logiciel: AdVenture Capitalist - (.Hyper Hippo Games.) [HKLM][64Bits] – Steam App 346900 =>.Valve®
      O42 - Logiciel: APP Shop v1.0.13 - (.ASRock Inc..) [HKLM][64Bits] – {90242E9B-BC60-46E3-8EE7-8E953F702280}_is1 =>.ASROCK Incorporation®
      O42 - Logiciel: ASRock App Charger v1.0.6 - (.ASRock Inc..) [HKLM][64Bits] – ASRock App Charger_is1 =>.ASROCK Incorporation®
      O42 - Logiciel: ASRock Restart to UEFI v1.0.3 - (..) [HKLM][64Bits] – ASRock Restart to UEFI_is1 =>.ASROCK Incorporation®
      O42 - Logiciel: ASRock SmartConnect v1.0.6 - (.ASRock Inc..) [HKLM][64Bits] – ASRock SmartConnect_is1 =>.ASROCK Incorporation®
      O42 - Logiciel: ASRock XFast RAM v3.0.3 - (.ASRock Inc..) [HKLM][64Bits] – ASRock XFast RAM_is1 =>.ASROCK Incorporation®
      O42 - Logiciel: A-Tuning v2.0.119.5 - (..) [HKLM][64Bits] – A-Tuning_is1 =>.ASROCK Incorporation®
      O42 - Logiciel: Bandicam - (.Bandisoft.com.) [HKLM][64Bits] – Bandicam =>.Bandisoft.com
      O42 - Logiciel: Bandisoft MPEG-1 Decoder - (.Bandisoft.com.) [HKLM][64Bits] – BandiMPEG1 =>.Bandisoft.com
      O42 - Logiciel: Battle.net - (.Blizzard Entertainment.) [HKLM][64Bits] – Battle.net =>.Blizzard Entertainment, Inc.®
      O42 - Logiciel: BattleBlock Theater - (.The Behemoth.) [HKLM][64Bits] – Steam App 238460 =>.Valve®
      O42 - Logiciel: Battlefield 4™ - (.Electronic Arts.) [HKLM][64Bits] – {ABADE36E-EC37-413B-8179-B432AD3FACE7} =>.Electronic Arts, Inc.®
      O42 - Logiciel: Battlelog Web Plugins - (.EA Digital Illusions CE AB.) [HKLM][64Bits] – Battlelog Web Plugins =>.EA Digital Illusions CE AB
      O42 - Logiciel: Belarc Advisor 8.5c - (.Belarc Inc..) [HKLM][64Bits] – Belarc Advisor =>.Belarc Inc.
      O42 - Logiciel: Bethesda.net Launcher - (.Bethesda Softworks.) [HKLM][64Bits] – {3448917E-E4FE-4E30-9502-9FD52EABB6F5}is1 =>.Bethesda Softworks
      O42 - Logiciel: Borderlands 2 - (.Gearbox Software.) [HKLM][64Bits] – Steam App 49520 =>.Valve®
      O42 - Logiciel: Brawlhalla - (.Blue Mammoth Games.) [HKLM][64Bits] – Steam App 291550 =>.Valve®
      O42 - Logiciel: Castle Crashers - (.The Behemoth.) [HKLM][64Bits] – Steam App 204360 =>.Valve®
      O42 - Logiciel: Cheat Engine 6.5 - (.Cheat Engine.) [HKLM][64Bits] – Cheat Engine 6.5_is1 =>.Cheat Engine®
      O42 - Logiciel: Clownfish Voice Changer - (..) [HKLM][64Bits] – ClownfishVoiceChanger
      O42 - Logiciel: Counter-Strike: Global Offensive - (.Valve.) [HKLM][64Bits] – Steam App 730 =>.Valve®
      O42 - Logiciel: Counter-Strike: Global Offensive - SDK - (..) [HKLM][64Bits] – Steam App 745 =>.Valve®
      O42 - Logiciel: Counter-Strike: Source - (.Valve.) [HKLM][64Bits] – Steam App 240 =>.Valve®
      O42 - Logiciel: Creativerse - (.Playful Corporation.) [HKLM][64Bits] – Steam App 280790 =>.Valve®
      O42 - Logiciel: Curse - (.Curse.) [HKLM][64Bits] – {DEE70742-F4E9-44CA-B2B9-EE95DCF37295} =>.Curse
      O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] – {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft
      O42 - Logiciel: Deep Space Waifu - (.Neko Climax Studios.) [HKLM][64Bits] – Steam App 639790 =>.Valve®
      O42 - Logiciel: Dev-C++ - (.Bloodshed Software.) [HKLM][64Bits] – Dev-C++ =>.Bloodshed Software
      O42 - Logiciel: Discord - (.Hammer & Chisel, Inc..) [HKCU][64Bits] – Discord =>.Hammer & Chisel Inc.®
      O42 - Logiciel: Dishonored - (.Arkane Studios.) [HKLM][64Bits] – Steam App 205100 =>.Valve®
      O42 - Logiciel: Don’t Starve - (.Klei Entertainment.) [HKLM][64Bits] – Steam App 219740 =>.Valve®
      O42 - Logiciel: Don’t Starve Mod Tools - (..) [HKLM][64Bits] – Steam App 245850 =>.Valve®
      O42 - Logiciel: Don’t Starve Together - (.Klei Entertainment.) [HKLM][64Bits] – Steam App 322330 =>.Valve®
      O42 - Logiciel: Don’t Starve Together Dedicated Server - (..) [HKLM][64Bits] – Steam App 343050 =>.Valve®
      O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKLM][64Bits] – Dropbox =>.Dropbox, Inc®
      O42 - Logiciel: Dropbox Update Helper - (.Dropbox, Inc..) [HKLM][64Bits] – {099218A5-A723-43DC-8DB5-6173656A1E94} =>.Dropbox, Inc.
      O42 - Logiciel: Dual-Core Optimizer - (.AMD.) [HKLM][64Bits] – {9FD6F1A8-5550-46AF-8509-271DF0E768B5} =>.AMD
      O42 - Logiciel: Emily is Away - (.Kyle Seeley.) [HKLM][64Bits] – Steam App 417860 =>.Valve®
      O42 - Logiciel: ESN Sonar - (.ESN Social Software AB.) [HKLM][64Bits] – ESN Sonar-0.70.4 =>.ESN Social Software AB
      O42 - Logiciel: Fallout Shelter - (.Bethesda Game Studios.) [HKLM][64Bits] – Steam App 588430 =>.Valve®
      O42 - Logiciel: Fallout: New Vegas - (.Obsidian Entertainment.) [HKLM][64Bits] – Steam App 22380 =>.Valve®
      O42 - Logiciel: Far Cry 4 - (.Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev.) [HKLM][64Bits] – Steam App 298110 =>.Valve®
      O42 - Logiciel: FileZilla Client 3.24.1 - (.Tim Kosse.) [HKLM][64Bits] – FileZilla Client =>.Tim Kosse
      O42 - Logiciel: Firewatch - (.Campo Santo.) [HKLM][64Bits] – Steam App 383870 =>.Valve®
      O42 - Logiciel: GCFScape 1.8.5 - (.Ryan Gregg.) [HKLM][64Bits] – GCFScape_is1 =>.Ryan Gregg
      O42 - Logiciel: Genital Jousting - (.Free Lives.) [HKLM][64Bits] – Steam App 469820 =>.Valve®
      O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] – Google Chrome =>.Google Inc®
      O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] – {18455581-E099-4BA8-BC6B-F34B2F06600C} =>.Google Inc.
      O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] – {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
      O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] – {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>.Google Inc.
      O42 - Logiciel: Half-Life 2: Episode One - (.Valve.) [HKLM][64Bits] – Steam App 380 =>.Valve®
      O42 - Logiciel: Heroes of the Storm - (.Blizzard Entertainment.) [HKLM][64Bits] – Heroes of the Storm =>.Blizzard Entertainment, Inc.®
      O42 - Logiciel: Hi-Rez Studios Authenticate and Update Service - (.Hi-Rez Studios.) [HKLM][64Bits] – {3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC} =>.Hi-Rez Studios
      O42 - Logiciel: Hook - (.Maciej Targoni.) [HKLM][64Bits] – Steam App 367580 =>.Valve®
      O42 - Logiciel: HxD Hex Editor version 1.7.7.0 - (.Maël Hörz.) [HKLM][64Bits] – HxD Hex Editor_is1 =>.Maël Hörz
      O42 - Logiciel: Intel(R) Biometric and Context Agent - (.Intel Corporation.) [HKLM][64Bits] – {C1424923-74F7-4399-B9D9-5F72FB1B9481} =>.Intel Corporation
      O42 - Logiciel: Intel(R) Biometric and Context Agent Redistributables - (.Intel Corporation.) [HKLM][64Bits] – {C3F24413-3E29-4979-A195-DEEB56F29B2A} =>.Intel Corporation
      O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] – {AB53F997-71C5-45B8-9AE8-D8DF74858DC8} =>.Intel Corporation
      O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel(R) Corporation.) [HKLM][64Bits] – {da2de8c3-61b9-4b3b-916d-6b2fb2b1a90c} =>.Intel Corporation - Software and Firmware Products®
      O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] – {1CEAC85D-2590-4760-800F-8DE5E91F3700} =>.Intel Corporation
      O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] – {5282A61E-0333-4D18-9F8F-3C6101C0DCD2} =>.Intel Corporation
      O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] – {62C59ABA-8CEE-440F-9117-AED4DC5036D6} =>.Intel Corporation
      O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] – {D33CB107-E697-4CAD-8511-3B7C543743D7} =>.Intel Corporation
      O42 - Logiciel: Intel(R) Network Connections 19.0.27.0 - (.Intel.) [HKLM][64Bits] – {72ADDE97-1718-4A4B-954B-3AEA286BF58A} =>.Intel
      O42 - Logiciel: Intel(R) Network Connections 19.0.27.0 - (.Intel.) [HKLM][64Bits] – PROSetDX =>.Intel
      O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] – {409CB30E-E457-4008-9B1A-ED1B9EA21140} =>.Intel Corporation
      O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] – {EAF826C0-245E-4D02-9D51-BA4C98717EAE} =>.Intel Corporation
      O42 - Logiciel: Intel(R) Smart Connect Technology - (.Intel Corporation.) [HKLM][64Bits] – {3CC1CC76-AB3A-4360-AB6F-1355D05A2A17} =>.Intel Corporation
      O42 - Logiciel: Intel® RealSense™ SDK 2014 Runtime (x64): Core - (.Intel Corporation.) [HKLM][64Bits] – {37D41A97-6B02-4C30-8753-85107BE1D674} =>.Intel Corporation
      O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] – {3DE97849-544D-4D68-9255-11DF6F9F10D8} =>.Intel Corporation
      O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] – {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
      O42 - Logiciel: Katawa Shoujo - (..) [HKLM][64Bits] – Katawa Shoujo
      O42 - Logiciel: Killing Room - (.Alda Games.) [HKLM][64Bits] – Steam App 407560 =>.Valve®
      O42 - Logiciel: Learn to Fly 3 - (.Light Bringer Games inc..) [HKLM][64Bits] – Steam App 589870 =>.Valve®
      O42 - Logiciel: Left 4 Dead 2 Authoring Tools - (.Valve.) [HKLM][64Bits] – Steam App 563 =>.Valve®
      O42 - Logiciel: LogMeIn Hamachi - (.LogMeIn, Inc..) [HKLM][64Bits] – {BE82D2D7-6CA2-43B3-8C22-CCF6405806E7} =>.LogMeIn, Inc.
      O42 - Logiciel: LogMeIn Hamachi - (.LogMeIn, Inc..) [HKLM][64Bits] – LogMeIn Hamachi =>.LogMeIn, Inc.
      O42 - Logiciel: Magic Duels - (.Stainless Games Ltd..) [HKLM][64Bits] – Steam App 316010 =>.Valve®
      O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] – {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation
      O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] – {832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F} =>.Microsoft Corporation
      O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] – OneDriveSetup.exe =>.Microsoft Corporation®
      O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 Refresh - (.Microsoft Corporation.) [HKLM][64Bits] – {D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F} =>.Microsoft Corporation
      O42 - Logiciel: Middle-earth: Shadow of Mordor - (.Monolith Productions, Inc..) [HKLM][64Bits] – Steam App 241930 =>.Valve®
      O42 - Logiciel: Minecraft - (.Mojang.) [HKLM][64Bits] – {1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872} =>.Mojang
      O42 - Logiciel: Mortal Kombat Komplete Edition - (.NetherRealm Studios.) [HKLM][64Bits] – Steam App 237110 =>.Valve®
      O42 - Logiciel: Mozilla Firefox 54.0.1 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] – Mozilla Firefox 54.0.1 (x86 en-US) =>.Mozilla Corporation®
      O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] – MozillaMaintenanceService =>.Mozilla
      O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] – {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft
      O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] – {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} =>.Microsoft
      O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] – {E9FA781F-3E80-4399-825A-AD3E11C28C77} =>.Microsoft
      O42 - Logiciel: Murder Miners - (.JForce Games.) [HKLM][64Bits] – Steam App 274900 =>.Valve®
      O42 - Logiciel: NETGEAR WNA3100 wireless USB 2.0 adapter - (.NETGEAR.) [HKLM][64Bits] – {C2425F91-1F7B-4037-9A05-9F290184798D} =>.Netgear
      O42 - Logiciel: Nexus Mod Manager - (.Black Tree Gaming.) [HKLM][64Bits] – 6af12c54-643b-4752-87d0-8335503010de_is1 =>.Black Tree Gaming Ltd.®
      O42 - Logiciel: Notepad++ (32-bit x86) - (.Notepad++ Team.) [HKLM][64Bits] – Notepad++ =>.Notepad++ Team
      O42 - Logiciel: Nuclear Throne - (.Vlambeer.) [HKLM][64Bits] – Steam App 242680 =>.Valve®
      O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] – {8B922CF8-8A6C-41CE-A858-F1755D7F5D29} =>.NVIDIA Corporation
      O42 - Logiciel: OBS Studio - (.OBS Project.) [HKLM][64Bits] – OBS Studio =>.OBS Project
      O42 - Logiciel: OpenAL - (.Open Audio Library.) [HKLM][64Bits] – OpenAL =>.Open Audio Library
      O42 - Logiciel: Oracle VM VirtualBox 5.0.20 - (.Oracle Corporation.) [HKLM][64Bits] – {8209969B-9A31-4021-B0D8-E6F719F7F995} =>.Oracle Corporation
      O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] – Origin =>.Electronic Arts, Inc.
      O42 - Logiciel: Overwatch - (.Blizzard Entertainment.) [HKLM][64Bits] – Overwatch =>.Blizzard Entertainment, Inc.®
      O42 - Logiciel: Overwatch Test - (.Blizzard Entertainment.) [HKLM][64Bits] – Overwatch Test =>.Blizzard Entertainment, Inc.®
      O42 - Logiciel: Overwolf - (.Overwolf Ltd..) [HKLM][64Bits] – Overwolf =>.Overwolf Ltd.
      O42 - Logiciel: PAYDAY 2 - (.OVERKILL - a Starbreeze Studio..) [HKLM][64Bits] – Steam App 218620 =>.Valve®
      O42 - Logiciel: Pivot Animator version 4.2.6 - (.Motus Software Ltd.) [HKLM][64Bits] – Pivot Animator_is1 =>.Motus Software Ltd
      O42 - Logiciel: PlanetSide 2 - (.Daybreak Game Company.) [HKLM][64Bits] – Steam App 218230 =>.Valve®
      O42 - Logiciel: PlanetSide 2 - (.Sony Online Entertainment.) [HKCU][64Bits] – DG0-PlanetSide 2 =>.Sony Online Entertainment
      O42 - Logiciel: PLAYERUNKNOWN’S BATTLEGROUNDS - (.Bluehole, Inc..) [HKLM][64Bits] – Steam App 578080 =>.Valve®
      O42 - Logiciel: PlaysTV - (.Plays.tv, LLC.) [HKLM][64Bits] – PlaysTV =>.Plays.tv, LLC
      O42 - Logiciel: QuikDate - (..) [HKCU][64Bits] – QuikDate
      O42 - Logiciel: Radiator 2 - (.Robert Yang.) [HKLM][64Bits] – Steam App 385370 =>.Valve®
      O42 - Logiciel: Raptr - (.Raptr, Inc.) [HKLM][64Bits] – Raptr =>.Raptr, Inc
      O42 - Logiciel: Razer Synapse - (.Razer Inc..) [HKLM][64Bits] – {0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6} =>.Razer Inc.
      O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] – {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp®
      O42 - Logiciel: ROBLOX Player for Tristen - (.ROBLOX Corporation.) [HKCU][64Bits] – {373B1718-8CC5-4567-8EE2-9033AD08A680} =>.Roblox Corporation®
      O42 - Logiciel: Rockstar Games Social Club - (.Rockstar Games.) [HKLM][64Bits] – Rockstar Games Social Club =>.Rockstar Games
      O42 - Logiciel: RWBY: Grimm Eclipse - (.Rooster Teeth Games.) [HKLM][64Bits] – Steam App 418340 =>.Valve®
      O42 - Logiciel: Sades 7.1CH Gaming Headset - (.SHENZHEN SADES DIGITAL TECHNOLOGY CO.,LTD.) [HKLM][64Bits] – {71B53BA8-4BE3-49AF-BC3E-07F392006620}
      O42 - Logiciel: Sakura Clicker - (.Winged Cloud.) [HKLM][64Bits] – Steam App 383080 =>.Valve®
      O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] – {758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd.
      O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] – InstallShield
      {758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd.
      O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] – {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} =>.Samsung Electronics CO., LTD.®
      O42 - Logiciel: Skype™ 7.29 - (.Skype Technologies S.A..) [HKLM][64Bits] – {FC965A47-4839-40CA-B618-18F486F042C6} =>.Skype Technologies S.A.
      O42 - Logiciel: Soda Dungeon - (.AN Productions.) [HKLM][64Bits] – Steam App 564710 =>.Valve®
      O42 - Logiciel: Source SDK - (.Valve.) [HKLM][64Bits] – Steam App 211 =>.Valve®
      O42 - Logiciel: South Park™: The Stick of Truth™ - (.Obsidian Entertainment.) [HKLM][64Bits] – Steam App 213670 =>.Valve®
      O42 - Logiciel: Splashtop Software Updater - (.Splashtop Inc..) [HKLM][64Bits] – Splashtop Software Updater =>.Splashtop Inc.
      O42 - Logiciel: Splashtop Streamer - (.Splashtop Inc..) [HKLM][64Bits] – {B7C5EA94-B96A-41F5-BE95-25D78B486678} =>.Splashtop Inc.
      O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] – Steam =>.Valve®
      O42 - Logiciel: Steamworks SDK Redist - (..) [HKLM][64Bits] – Steam App 1007 =>.Valve®
      O42 - Logiciel: Tabletop Simulator - (.Berserk Games.) [HKLM][64Bits] – Steam App 286160 =>.Valve®
      O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKCU][64Bits] – TeamSpeak 3 Client =>.TeamSpeak Systems GmbH
      O42 - Logiciel: Terraria - (.Re-Logic.) [HKLM][64Bits] – Steam App 105600 =>.Valve®
      O42 - Logiciel: The Binding of Isaac: Rebirth - (.Nicalis, Inc..) [HKLM][64Bits] – Steam App 250900 =>.Valve®
      O42 - Logiciel: The Deed - (.Pilgrim Adventures.) [HKLM][64Bits] – Steam App 420740 =>.Valve®
      O42 - Logiciel: Thief - (.Eidos-Montréal.) [HKLM][64Bits] – Steam App 239160 =>.Valve®
      O42 - Logiciel: Tixati - (..) [HKLM][64Bits] – tixati
      O42 - Logiciel: Town of Salem - (.BlankMediaGames.) [HKLM][64Bits] – Steam App 334230 =>.Valve®
      O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] – UnityWebPlayer =>.Unity Technologies ApS
      O42 - Logiciel: Unturned - (.Smartly Dressed Games.) [HKLM][64Bits] – Steam App 304930 =>.Valve®
      O42 - Logiciel: Uplay - (.Ubisoft.) [HKLM][64Bits] – Uplay =>.Ubisoft Entertainment Sweden AB®
      O42 - Logiciel: VTFEdit 1.2.5 - (.Neil Jedrzejewski & Ryan Gregg.) [HKLM][64Bits] – VTFEdit_is1 =>.Neil Jedrzejewski & Ryan Gregg
      O42 - Logiciel: Vulkan Run Time Libraries 1.0.39.1 - (.LunarG, Inc..) [HKLM][64Bits] – VulkanRT1.0.39.1 =>.LunarG, Inc.®
      O42 - Logiciel: Vulkan Run Time Libraries 1.0.51.0 - (.LunarG, Inc..) [HKLM][64Bits] – VulkanRT1.0.51.0 {02E17C176AE552051DD78F0214E647AE} =>.LunarG, Inc.
      O42 - Logiciel: War Thunder - (.Gaijin Entertainment.) [HKLM][64Bits] – Steam App 236390 =>.Valve®
      O42 - Logiciel: Windows 10 Update and Privacy Settings - (.Microsoft Corporation.) [HKLM][64Bits] – {293F2009-0145-450B-B4AA-063D43FB368C} =>.Microsoft Corporation
      O42 - Logiciel: WinRAR 5.31 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] – WinRAR archiver =>.win.rar GmbH®
      O42 - Logiciel: XFast LAN v9.05 - (.cFos Software GmbH, Bonn.) [HKLM][64Bits] – XFast LAN =>.cFos Software GmbH®

      —\ HKCU & HKLM Software Keys (187) - 18s
      HKLM\SOFTWARE\Wow6432Node\Adobe =>.Adobe
      HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies =>.AGEIA Technologies
      HKLM\SOFTWARE\Wow6432Node\AMD =>.AMD
      HKLM\SOFTWARE\Wow6432Node\arkane
      HKLM\SOFTWARE\Wow6432Node\ASRock =>.ASRock
      HKLM\SOFTWARE\Wow6432Node\ATI =>.ATI
      HKLM\SOFTWARE\Wow6432Node\ATI Technologies =>.ATI Technologies
      HKLM\SOFTWARE\Wow6432Node\BandiMPEG1 =>.Bandisoft
      HKLM\SOFTWARE\Wow6432Node\BANDISOFT =>.Bandisoft
      HKLM\SOFTWARE\Wow6432Node\Belarc =>.Belarc
      HKLM\SOFTWARE\Wow6432Node\bethesda softworks =>.Bethesda Softworks
      HKLM\SOFTWARE\Wow6432Node\Blizzard Entertainment =>.Blizzard Entertainment
      HKLM\SOFTWARE\Wow6432Node\Codemasters =>.Codemasters
      HKLM\SOFTWARE\Wow6432Node\Dropbox =>.Dropbox
      HKLM\SOFTWARE\Wow6432Node\DropboxUpdate =>.Dropbox Inc.
      HKLM\SOFTWARE\Wow6432Node\EA Games =>.EA Games
      HKLM\SOFTWARE\Wow6432Node\EasyAntiCheat =>.EasyAntiCheat
      HKLM\SOFTWARE\Wow6432Node\Electronic Arts =>.Electronic Arts
      HKLM\SOFTWARE\Wow6432Node\ESN Launcher =>.Electronic Arts, Inc.
      HKLM\SOFTWARE\Wow6432Node\ESN Sonar-0.70.4 =>.Electronic Arts, Inc.
      HKLM\SOFTWARE\Wow6432Node\FileSystemDriver
      HKLM\SOFTWARE\Wow6432Node\FileZilla 3 =>.FileZilla
      HKLM\SOFTWARE\Wow6432Node\FileZilla Client =>.Tim Kosse
      HKLM\SOFTWARE\Wow6432Node\Google =>.Google
      HKLM\SOFTWARE\Wow6432Node\Hi-Rez Studios =>.Hi-Rez Studios
      HKLM\SOFTWARE\Wow6432Node\HiRez Studios =>.Hirez Studios
      HKLM\SOFTWARE\Wow6432Node\IM Providers =>.IM Providers
      HKLM\SOFTWARE\Wow6432Node\Intel =>.Intel
      HKLM\SOFTWARE\Wow6432Node\Intel Security =>.Intel Security
      HKLM\SOFTWARE\Wow6432Node\JavaSoft =>.JavaSoft
      HKLM\SOFTWARE\Wow6432Node\JreMetrics =>.JreMetrics
      HKLM\SOFTWARE\Wow6432Node\Katawa Shoujo
      HKLM\SOFTWARE\Wow6432Node\Khronos =>.Khronos
      HKLM\SOFTWARE\Wow6432Node\LastPass =>.LastPass
      HKLM\SOFTWARE\Wow6432Node\LogMeIn Hamachi =>.LogMeIn Entreprise
      HKLM\SOFTWARE\Wow6432Node\LogMeIn Rescue =>.LogMeIn Entreprise
      HKLM\SOFTWARE\Wow6432Node\Macromedia =>.Macromedia
      HKLM\SOFTWARE\Wow6432Node\Malwarebytes’ Anti-Malware =>.Malwarebytes’ Anti-Malware
      HKLM\SOFTWARE\Wow6432Node\mcafeeupdater =>.McAfee Inc.
      HKLM\SOFTWARE\Wow6432Node\Mojang =>.Mojang
      HKLM\SOFTWARE\Wow6432Node\Mozilla =>.Mozilla
      HKLM\SOFTWARE\Wow6432Node\mozilla.org =>.mozilla.org
      HKLM\SOFTWARE\Wow6432Node\MozillaPlugins =>.MozillaPlugins
      HKLM\SOFTWARE\Wow6432Node\NETGEAR =>.Netgear Inc
      HKLM\SOFTWARE\Wow6432Node\Norton =>.Symantec Corporation
      HKLM\SOFTWARE\Wow6432Node\Notepad++ =>.Don Ho
      HKLM\SOFTWARE\Wow6432Node\Nuance =>.Nuance
      HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation =>.nVidia Corporation
      HKLM\SOFTWARE\Wow6432Node\OBS Studio =>.OBS Studio
      HKLM\SOFTWARE\Wow6432Node\ODBC =>.DB Connectivity Solutions
      HKLM\SOFTWARE\Wow6432Node\OpenAL =>.Open Audio Library
      HKLM\SOFTWARE\Wow6432Node\Origin =>.Electronic Arts, Inc.
      HKLM\SOFTWARE\Wow6432Node\Origin Games =>.Electronic Arts, Inc.
      HKLM\SOFTWARE\Wow6432Node\Overwolf =>.Overwolf
      HKLM\SOFTWARE\Wow6432Node\PlaysTV =>.PlaysTV
      HKLM\SOFTWARE\Wow6432Node\Raptr =>.Raptr
      HKLM\SOFTWARE\Wow6432Node\Razer =>.Razer
      HKLM\SOFTWARE\Wow6432Node\re-logic =>.Re-Logic
      HKLM\SOFTWARE\Wow6432Node\Realtek =>.Realtek Semiconductor Corp.
      HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
      HKLM\SOFTWARE\Wow6432Node\Rockstar Games =>.Rockstar Games
      HKLM\SOFTWARE\Wow6432Node\Sades 7.1CH Gaming Headset
      HKLM\SOFTWARE\Wow6432Node\SERCOMM =>.Sercomm
      HKLM\SOFTWARE\Wow6432Node\setsearchm
      HKLM\SOFTWARE\Wow6432Node\Skype =>.Skype
      HKLM\SOFTWARE\Wow6432Node\Splashtop Inc. =>.Splashtop Inc.
      HKLM\SOFTWARE\Wow6432Node\Symantec =>.Symantec
      HKLM\SOFTWARE\Wow6432Node\syslog
      HKLM\SOFTWARE\Wow6432Node\techland =>.Techland
      HKLM\SOFTWARE\Wow6432Node\TrendMicro =>.TrendMicro
      HKLM\SOFTWARE\Wow6432Node\Ubisoft =>.Ubisoft
      HKLM\SOFTWARE\Wow6432Node\Valve =>.Valve
      HKLM\SOFTWARE\Wow6432Node\Wizards of the Coast =>.Wizards of the Coast
      HKLM\SOFTWARE\Wow6432Node\WOW6432Node =>.Microsoft Corporation
      HKLM\SOFTWARE\Wow6432Node\WSWNA3100
      HKLM\SOFTWARE\Wow6432Node\RegisteredApplications =>.Microsoft Corporation
      HKCU\SOFTWARE\Adobe =>.Adobe
      HKCU\SOFTWARE\Alda Games =>.Alda Games
      HKCU\SOFTWARE\AMD =>.AMD
      HKCU\SOFTWARE\Amistech
      HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
      HKCU\SOFTWARE\Arkane
      HKCU\SOFTWARE\ASRock =>.ASRock
      HKCU\SOFTWARE\ATI =>.ATI
      HKCU\SOFTWARE\BandiMPEG1 =>.Bandisoft
      HKCU\SOFTWARE\BANDISOFT =>.Bandisoft
      HKCU\SOFTWARE\Belarc =>.Belarc
      HKCU\SOFTWARE\Berserk Games =>.Berserk Games
      HKCU\SOFTWARE\Bethesda =>.Bethesda
      HKCU\SOFTWARE\Bethesda Softworks =>.Bethesda Softworks
      HKCU\SOFTWARE\Blizzard Entertainment =>.Blizzard Entertainment
      HKCU\SOFTWARE\BrashMonkey
      HKCU\SOFTWARE\C-Media =>.C-MEDIA
      HKCU\SOFTWARE\CampoSanto
      HKCU\SOFTWARE\Caphyon =>.Caphyon
      HKCU\SOFTWARE\Cheat Engine =>.Dark Byte
      HKCU\SOFTWARE\Chromium =>.Chromium
      HKCU\SOFTWARE\Curse =>.Curse
      HKCU\SOFTWARE\DefaultCompany =>.Unity
      HKCU\SOFTWARE\Digital Extremes =>.Digital Extremes
      HKCU\SOFTWARE\Dropbox =>.Dropbox
      HKCU\SOFTWARE\DropboxUpdate =>.Dropbox Inc.
      HKCU\SOFTWARE\Eidos Montreal =>.Eidos Montreal
      HKCU\SOFTWARE\ej-technologies =>.ej-technologies
      HKCU\SOFTWARE\Electronic Arts =>.Electronic Arts
      HKCU\SOFTWARE\Enterbrain =>.Enterbrain
      HKCU\SOFTWARE\Epic Games =>.Epic Games
      HKCU\SOFTWARE\Free Lives =>.Free Lives
      HKCU\SOFTWARE\Geek Uninstaller =>.Geek Uninstaller
      HKCU\SOFTWARE\Global Game Jam - Honolulu 2016
      HKCU\SOFTWARE\Google =>.Google
      HKCU\SOFTWARE\graebor
      HKCU\SOFTWARE\Hammerfist
      HKCU\SOFTWARE\HngSync =>.Reto-Moto Aps
      HKCU\SOFTWARE\HuniePot
      HKCU\SOFTWARE\Hyper Hippo Productions Ltd. =>.Hyper Hippo Productions Ltd.
      HKCU\SOFTWARE\idumpling.com
      HKCU\SOFTWARE\IGA =>.Legitimate
      HKCU\SOFTWARE\IM Providers =>.IM Providers
      HKCU\SOFTWARE\Imagination Technologies =>.Imagination Technologies
      HKCU\SOFTWARE\InstallPath =>.Legitimate
      HKCU\SOFTWARE\Intel =>.Intel
      HKCU\SOFTWARE\Intel Security =>.Intel Security
      HKCU\SOFTWARE\IP Webcam
      HKCU\SOFTWARE\JavaSoft =>.JavaSoft
      HKCU\SOFTWARE\Kinda Sweet Studios
      HKCU\SOFTWARE\Klei
      HKCU\SOFTWARE\Kyle Seeley =>.Kyle Seeley
      HKCU\SOFTWARE\LastPass =>.LastPass
      HKCU\SOFTWARE\Macromedia =>.Macromedia
      HKCU\SOFTWARE\Mike Inel
      HKCU\SOFTWARE\Mojang =>.Mojang
      HKCU\SOFTWARE\Mozilla =>.Mozilla
      HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins
      HKCU\SOFTWARE\Netscape =>.Netscape
      HKCU\SOFTWARE\Noble Empire
      HKCU\SOFTWARE\Oracle =>.Oracle
      HKCU\SOFTWARE\Overwolf =>.Overwolf
      HKCU\SOFTWARE\PlayfulCorp
      HKCU\SOFTWARE\PlaysTV =>.PlaysTV
      HKCU\SOFTWARE\Portal-chan
      HKCU\SOFTWARE\Proton Studio Inc =>.Pinnacle Systems, Inc.
      HKCU\SOFTWARE\Psiphon3
      HKCU\SOFTWARE\QtProject =>.QtProject
      HKCU\SOFTWARE\RainbowTrain
      HKCU\SOFTWARE\Raptr =>.Raptr
      HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
      HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
      HKCU\SOFTWARE\Robert Yang
      HKCU\SOFTWARE\ROBLOX Corporation =>.Roblox Corporation
      HKCU\SOFTWARE\RobloxReg =>.Roblox Corporation
      HKCU\SOFTWARE\Rockstar Games =>.Rockstar Games
      HKCU\SOFTWARE\Rooster Teeth Productions LLC.
      HKCU\SOFTWARE\RW-Everything =>.RW-Everything
      HKCU\SOFTWARE\Sad Panda Studios
      HKCU\SOFTWARE\Samsung =>.Samsung Electronics
      HKCU\SOFTWARE\Secret Exit Ltd.
      HKCU\SOFTWARE\SKS =>.SKS Software
      HKCU\SOFTWARE\Skype =>.Skype
      HKCU\SOFTWARE\SlimeRancher
      HKCU\SOFTWARE\Smartly Dressed Games =>.Smartly Dressed Games
      HKCU\SOFTWARE\Spiderling Games
      HKCU\SOFTWARE\Splashtop Inc. =>.Splashtop Inc.
      HKCU\SOFTWARE\Square Enix =>.Square Enix
      HKCU\SOFTWARE\StudioQTRobloxReg =>.Roblox Corporation
      HKCU\SOFTWARE\Sven Co-op Team
      HKCU\SOFTWARE\Sysinternals =>.Sysinternals
      HKCU\SOFTWARE\TeamSpeak 3 Client =>.TeamSpeak
      HKCU\SOFTWARE\Terraria
      HKCU\SOFTWARE\The Fun Pimps =>.The Fun Pimps
      HKCU\SOFTWARE\TheMeatly Games
      HKCU\SOFTWARE\Trion =>.Trion Worlds
      HKCU\SOFTWARE\Trolltech =>.Trolltech
      HKCU\SOFTWARE\Ubisoft =>.Ubisoft
      HKCU\SOFTWARE\Unity =>.Unity
      HKCU\SOFTWARE\Valve =>.Valve
      HKCU\SOFTWARE\Volition =>.Volition
      HKCU\SOFTWARE\WinRAR =>.WinRAR
      HKCU\SOFTWARE\WinRAR SFX =>.RarLab
      HKCU\SOFTWARE\Wizards of the Coast =>.Wizards of the Coast
      HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
      HKCU\SOFTWARE\Xpom =>.Mail.Ru
      HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
      HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
      HKCU\SOFTWARE\AppDataLow\Software\JavaSoft =>.JavaSoft
      HKCU\SOFTWARE\AppDataLow\Software\PasswordBox =>.PasswordBox Inc
      HKCU\SOFTWARE\AppDataLow\Software\Unity =>.Unity

      —\ Contents of the Common Files folders (343) - 10s
      O43 - CFD: 26/07/2017 - AD – C:\Program Files\AMD =>.Advanced Micro Devices, Inc.®
      O43 - CFD: 17/01/2016 - D – C:\Program Files\ASRock =>.cFos Software GmbH®
      O43 - CFD: 17/01/2016 - D – C:\Program Files\ASRock Utility =>.ASRock Inc
      O43 - CFD: 26/07/2017 - D – C:\Program Files\Common Files =>.Microsoft Corporation
      O43 - CFD: 24/02/2017 - AD – C:\Program Files\FileZilla FTP Client =>.Tim Kosse
      O43 - CFD: 17/01/2016 - D – C:\Program Files\Google =>.Google
      O43 - CFD: 28/05/2017 - D – C:\Program Files\Intel =>.Intel Corporation
      O43 - CFD: 26/07/2017 - [0] D – C:\Program Files\Intel Security =>.Intel Corporation
      O43 - CFD: 08/06/2017 - D – C:\Program Files\Internet Explorer =>.Microsoft Corporation
      O43 - CFD: 26/07/2017 - [0] D – C:\Program Files\Java =>.Oracle
      O43 - CFD: 28/05/2017 - D – C:\Program Files\MSBuild =>.Microsoft Corporation
      O43 - CFD: 09/07/2017 - AD – C:\Program Files\Nexus Mod Manager =>.Winstep Software Technologies
      O43 - CFD: 28/05/2017 - D – C:\Program Files\Realtek =>.Realtek
      O43 - CFD: 28/05/2017 - D – C:\Program Files\Reference Assemblies =>.Microsoft Corporation
      O43 - CFD: 25/12/2016 - D – C:\Program Files\Sades 7.1CH Gaming Headset
      O43 - CFD: 16/01/2016 - [0] HD – C:\Program Files\Uninstall Information =>.Microsoft Corporation
      O43 - CFD: 08/05/2017 - AD – C:\Program Files\UNP =>.Microsoft Corporation
      O43 - CFD: 12/07/2017 - RD – C:\Program Files\Windows Defender =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - D – C:\Program Files\Windows Mail =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - D – C:\Program Files\Windows Media Player =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - D – C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - D – C:\Program Files\Windows NT =>.Microsoft Corporation
      O43 - CFD: 12/07/2017 - D – C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - D – C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - D – C:\Program Files\Windows Security =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - SHD – C:\Program Files\Windows Sidebar =>.Microsoft Corporation
      O43 - CFD: 26/07/2017 - HD – C:\Program Files\WindowsApps =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - D – C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
      O43 - CFD: 08/02/2016 - AD – C:\Program Files\WinRAR =>.win.rar GmbH®
      O43 - CFD: 26/07/2017 - D – C:\Program Files (x86)\Adobe =>.Adobe Systems, Incorporated®
      O43 - CFD: 17/01/2016 - [0] D – C:\Program Files (x86)\AGEIA Technologies =>.AGEIA Technologies
      O43 - CFD: 26/07/2017 - AD – C:\Program Files (x86)\AMD =>.AMD
      O43 - CFD: 17/01/2016 - D – C:\Program Files (x86)\ASRock Utility =>.ASRock Inc
      O43 - CFD: 21/03/2016 - D – C:\Program Files (x86)\BandiMPEG1 =>.Bandisoft
      O43 - CFD: 27/07/2017 - AD – C:\Program Files (x86)\Battle.net =>.Games Software
      O43 - CFD: 22/06/2016 - AD – C:\Program Files (x86)\Battlelog Web Plugins =>.EA Digital Illusions CE AB®
      O43 - CFD: 01/10/2016 - D – C:\Program Files (x86)\Belarc =>.Belarc, Inc.
      O43 - CFD: 12/06/2017 - AD – C:\Program Files (x86)\Bethesda.net Launcher =>.Bethesda Softworks
      O43 - CFD: 24/05/2016 - AD – C:\Program Files (x86)\Cheat Engine 6.5 =>.Dark Byte
      O43 - CFD: 06/07/2017 - D – C:\Program Files (x86)\ClownfishVoiceChanger =>.Bogdan Sharkov®
      O43 - CFD: 26/07/2017 - D – C:\Program Files (x86)\Common Files =>.Microsoft Corporation
      O43 - CFD: 15/03/2016 - D – C:\Program Files (x86)\Dev-Cpp =>.Dev-Cpp
      O43 - CFD: 13/07/2017 - D – C:\Program Files (x86)\Dropbox =>.Dropbox, Inc®
      O43 - CFD: 26/07/2017 - D – C:\Program Files (x86)\Google =>.Google Inc®
      O43 - CFD: 14/10/2016 - AD – C:\Program Files (x86)\Hi-Rez Studios =>.Hi-Rez Studios
      O43 - CFD: 03/02/2016 - AD – C:\Program Files (x86)\HxD
      O43 - CFD: 25/12/2016 - HD – C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield
      O43 - CFD: 26/07/2017 - D – C:\Program Files (x86)\Intel =>.Intel Corporation
      O43 - CFD: 08/06/2017 - D – C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
      O43 - CFD: 23/01/2017 - D – C:\Program Files (x86)\Katawa Shoujo
      O43 - CFD: 28/01/2016 - D – C:\Program Files (x86)\Microsoft Games for Windows - LIVE =>.Microsoft Corporation
      O43 - CFD: 21/03/2016 - AD – C:\Program Files (x86)\Microsoft SQL Server Compact Edition =>.Microsoft Corporation
      O43 - CFD: 17/01/2016 - D – C:\Program Files (x86)\Microsoft XNA =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - D – C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
      O43 - CFD: 06/07/2017 - AD – C:\Program Files (x86)\Mozilla Firefox =>.Mozilla
      O43 - CFD: 06/07/2017 - D – C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla
      O43 - CFD: 28/05/2017 - D – C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
      O43 - CFD: 17/01/2016 - D – C:\Program Files (x86)\NETGEAR =>.Netgear Inc
      O43 - CFD: 16/12/2016 - D – C:\Program Files (x86)\Notepad++ =>.Don Ho
      O43 - CFD: 17/01/2016 - D – C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation
      O43 - CFD: 12/07/2017 - D – C:\Program Files (x86)\obs-studio =>.OBS-Studio
      O43 - CFD: 19/11/2016 - D – C:\Program Files (x86)\OpenAL =>.Open Audio Library
      O43 - CFD: 10/07/2017 - AD – C:\Program Files (x86)\Overwatch =>.Blizzard Entertainment
      O43 - CFD: 18/07/2017 - AD – C:\Program Files (x86)\Overwatch Test =>.Blizzard Entertainment
      O43 - CFD: 04/03/2016 - D – C:\Program Files (x86)\Raptr Inc =>.Raptr Inc.
      O43 - CFD: 16/01/2016 - D – C:\Program Files (x86)\Realtek =>.Realtek
      O43 - CFD: 28/05/2017 - D – C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
      O43 - CFD: 08/08/2016 - D – C:\Program Files (x86)\Samsung =>.Samsung Electronics
      O43 - CFD: 27/07/2017 - D – C:\Program Files (x86)\Steam =>.Steam Games
      O43 - CFD: 17/01/2016 - [0] HD – C:\Program Files (x86)\Temp =>.Microsoft Corporation
      O43 - CFD: 26/06/2017 - D – C:\Program Files (x86)\Ubisoft =>.Ubisoft
      O43 - CFD: 28/05/2017 - [0] HD – C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation
      O43 - CFD: 26/07/2017 - D – C:\Program Files (x86)\VulkanRT =>.LunarG, Inc
      O43 - CFD: 12/07/2017 - D – C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
      O43 - CFD: 21/03/2016 - AD – C:\Program Files (x86)\Windows Live =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - D – C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - D – C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - D – C:\Program Files (x86)\Windows Multimedia Platform =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - D – C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
      O43 - CFD: 12/07/2017 - D – C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - D – C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - SHD – C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - D – C:\Program Files (x86)\WindowsPowerShell =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
      O43 - CFD: 12/07/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
      O43 - CFD: 12/07/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved =>.AMD Gaming Evolved
      O43 - CFD: 23/07/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
      O43 - CFD: 26/07/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings =>.Advanced Micro Devices Inc
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility =>.ASRock Inc
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam =>.Bandisoft
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net =>.Games Software
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4 =>.Electronic Arts, Inc.
      O43 - CFD: 12/06/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher =>.Bethesda Softworks
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++ =>.Bloodshed Software
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5 =>.Dark Byte
      O43 - CFD: 06/07/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClownfishVoiceChanger
      O43 - CFD: 13/07/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox =>.Dropbox
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client =>.Tim Kosse
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm =>.Games Software
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios =>.Hi-Rez Studios
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor
      O43 - CFD: 26/07/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel =>.Intel Corporation
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IP Camera Adapter =>.DeskShare Inc
      O43 - CFD: 12/07/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi =>.LogMeIn Entreprise
      O43 - CFD: 18/03/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nem’s Tools
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100 Genie =>.Netgear Inc
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager =>.Winstep Software Technologies
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ =>.Don Ho
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio =>.OBS Studio
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox =>.Oracle
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin =>.Electronic Arts, Inc.
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch =>.Blizzard Entertainment
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch Test =>.Blizzard Entertainment
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pivot Animator
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer =>.Razer
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sades 7.1CH Gaming Headset
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung =>.Samsung Electronics
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype =>.Skype
      O43 - CFD: 17/08/2016 - [0] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote =>.Splashtop
      O43 - CFD: 28/05/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games
      O43 - CFD: 18/03/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
      O43 - CFD: 30/10/2015 - [0] RHD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC =>.Wacom Technology
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VTFEdit
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1 =>.Kronos Group
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast LAN
      O43 - CFD: 22/06/2016 - D – C:\ProgramData.mono =>.Legitimate
      O43 - CFD: 02/03/2017 - D – C:\ProgramData\Adobe =>.Adobe
      O43 - CFD: 28/05/2017 - [0] SHD – C:\ProgramData\Application Data =>.Microsoft Corporation
      O43 - CFD: 26/07/2017 - D – C:\ProgramData\ATI =>.ATI
      O43 - CFD: 18/11/2016 - D – C:\ProgramData\Battle.net =>.Games Software
      O43 - CFD: 27/04/2017 - D – C:\ProgramData\Blizzard Entertainment =>.Blizzard Entertainment
      O43 - CFD: 08/12/2016 - D – C:\ProgramData\boost_interprocess =>.boost.org
      O43 - CFD: 17/01/2016 - D – C:\ProgramData\cFos =>.CFos Software
      O43 - CFD: 23/12/2016 - D – C:\ProgramData\Codemasters =>.Codemasters
      O43 - CFD: 16/07/2016 - [0] D – C:\ProgramData\Comms =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - [0] SHD – C:\ProgramData\Desktop =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - [0] SHD – C:\ProgramData\Documents =>.Microsoft Corporation
      O43 - CFD: 20/08/2016 - D – C:\ProgramData\Dropbox =>.Dropbox
      O43 - CFD: 22/06/2016 - D – C:\ProgramData\Electronic Arts =>.Electronic Arts
      O43 - CFD: 25/12/2016 - D – C:\ProgramData\FaceLift
      O43 - CFD: 26/07/2017 - D – C:\ProgramData\Google =>.Google
      O43 - CFD: 27/09/2016 - D – C:\ProgramData\Hi-Rez Studios =>.Hi-Rez Studios
      O43 - CFD: 02/07/2016 - D – C:\ProgramData\Intel =>.Intel Corporation
      O43 - CFD: 07/02/2016 - D – C:\ProgramData\LogMeIn =>.LogMeIn
      O43 - CFD: 28/05/2017 - SD – C:\ProgramData\Microsoft =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation
      O43 - CFD: 17/08/2016 - D – C:\ProgramData\Norton =>.Symantec Corporation
      O43 - CFD: 08/02/2016 - D – C:\ProgramData\Oracle =>.Oracle
      O43 - CFD: 19/05/2017 - D – C:\ProgramData\Origin =>.Electronic Arts, Inc.
      O43 - CFD: 29/04/2016 - D – C:\ProgramData\Overwolf =>.Overwolf
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\Package Cache =>.Microsoft Corporation
      O43 - CFD: 12/07/2016 - D – C:\ProgramData\Razer =>.Razer
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\regid.1986-12.com.adobe =>.Adobe Inc.
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
      O43 - CFD: 27/07/2017 - D – C:\ProgramData\RogueKiller =>.Adlice Software
      O43 - CFD: 08/08/2016 - D – C:\ProgramData\Samsung =>.Samsung Electronics
      O43 - CFD: 24/11/2016 - D – C:\ProgramData\Skype =>.Skype
      O43 - CFD: 18/03/2017 - [0] D – C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation
      O43 - CFD: 13/04/2016 - D – C:\ProgramData\Splashtop =>.Splashtop
      O43 - CFD: 28/05/2017 - [0] SHD – C:\ProgramData\Start Menu =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - [0] SHD – C:\ProgramData\Templates =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\USOPrivate =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - D – C:\ProgramData\USOShared =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - D – C:\ProgramData\WindowsHolographicDevices =>.Microsoft Corporation
      O43 - CFD: 27/05/2017 - AD – C:\Program Files (x86)\Common Files\Adobe =>.Adobe
      O43 - CFD: 26/07/2017 - D – C:\Program Files (x86)\Common Files\BattlEye =>.BattlEye
      O43 - CFD: 22/06/2016 - HD – C:\Program Files (x86)\Common Files\EAInstaller =>.Electronic Arts, Inc.
      O43 - CFD: 16/01/2016 - D – C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield
      O43 - CFD: 17/01/2016 - D – C:\Program Files (x86)\Common Files\Intel Corporation =>.Intel Corporation
      O43 - CFD: 08/02/2016 - D – C:\Program Files (x86)\Common Files\Java =>.Oracle
      O43 - CFD: 28/05/2017 - D – C:\Program Files (x86)\Common Files\Microsoft Shared =>.Microsoft Corporation
      O43 - CFD: 22/06/2017 - D – C:\Program Files (x86)\Common Files\Overwolf =>.Overwolf
      O43 - CFD: 17/01/2016 - D – C:\Program Files (x86)\Common Files\PostureAgent =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - D – C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
      O43 - CFD: 24/11/2016 - AD – C:\Program Files (x86)\Common Files\Skype =>.Skype
      O43 - CFD: 21/07/2017 - D – C:\Program Files (x86)\Common Files\Steam =>.Steam Games
      O43 - CFD: 18/03/2017 - D – C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
      O43 - CFD: 21/03/2016 - D – C:\Program Files (x86)\Common Files\Windows Live =>.Microsoft Corporation
      O43 - CFD: 15/02/2016 - D – C:\Program Files (x86)\Common Files\Wise Installation Wizard =>.Seagate
      O43 - CFD: 22/06/2016 - D – C:\Users\Tristen\AppData\Roaming.mono =>.Legitimate
      O43 - CFD: 15/07/2017 - D – C:\Users\Tristen\AppData\Roaming\7DaysToDie =>.Games Software
      O43 - CFD: 02/03/2017 - D – C:\Users\Tristen\AppData\Roaming\Adobe =>.Adobe
      O43 - CFD: 14/11/2016 - D – C:\Users\Tristen\AppData\Roaming\AMD =>.AMD
      O43 - CFD: 26/07/2017 - D – C:\Users\Tristen\AppData\Roaming\ATI =>.ATI
      O43 - CFD: 21/03/2016 - D – C:\Users\Tristen\AppData\Roaming\BANDISOFT =>.Bandisoft
      O43 - CFD: 18/11/2016 - D – C:\Users\Tristen\AppData\Roaming\Battle.net =>.Games Software
      O43 - CFD: 25/07/2017 - D – C:\Users\Tristen\AppData\Roaming\BetterDiscord
      O43 - CFD: 20/11/2016 - D – C:\Users\Tristen\AppData\Roaming\Blender Foundation =>.Blender Foundation
      O43 - CFD: 18/01/2016 - D – C:\Users\Tristen\AppData\Roaming\BrawlhallaAir =>.Games Software
      O43 - CFD: 04/06/2016 - D – C:\Users\Tristen\AppData\Roaming\Dev-Cpp =>.Dev-Cpp
      O43 - CFD: 26/07/2017 - D – C:\Users\Tristen\AppData\Roaming\discord =>.GitHub
      O43 - CFD: 19/07/2017 - D – C:\Users\Tristen\AppData\Roaming\dungeon
      O43 - CFD: 26/07/2017 - D – C:\Users\Tristen\AppData\Roaming\Geek Uninstaller =>.Geek Uninstaller
      O43 - CFD: 17/01/2016 - D – C:\Users\Tristen\AppData\Roaming\Intel Corporation =>.Intel Corporation
      O43 - CFD: 17/01/2016 - D – C:\Users\Tristen\AppData\Roaming\java =>.Oracle
      O43 - CFD: 18/08/2016 - D – C:\Users\Tristen\AppData\Roaming\library_dir =>.library_dir
      O43 - CFD: 30/01/2016 - D – C:\Users\Tristen\AppData\Roaming\Macromedia =>.Macromedia
      O43 - CFD: 28/05/2017 - SD – C:\Users\Tristen\AppData\Roaming\Microsoft =>.Microsoft Corporation
      O43 - CFD: 18/06/2016 - [0] D – C:\Users\Tristen\AppData\Roaming\MMFApplications =>.MultiMedia Fusion
      O43 - CFD: 25/06/2016 - D – C:\Users\Tristen\AppData\Roaming\Mozilla =>.Mozilla Corporation
      O43 - CFD: 09/03/2016 - D – C:\Users\Tristen\AppData\Roaming\Notepad++ =>.Don Ho
      O43 - CFD: 21/03/2016 - D – C:\Users\Tristen\AppData\Roaming\PDAppFlex
      O43 - CFD: 02/05/2016 - D – C:\Users\Tristen\AppData\Roaming\PlaysTV =>.PlaysTV
      O43 - CFD: 15/07/2017 - D – C:\Users\Tristen\AppData\Roaming\Psiphon3
      O43 - CFD: 17/07/2017 - D – C:\Users\Tristen\AppData\Roaming\Raptr =>.Raptr
      O43 - CFD: 23/01/2017 - D – C:\Users\Tristen\AppData\Roaming\RenPy =>.RenPy Games
      O43 - CFD: 08/08/2016 - D – C:\Users\Tristen\AppData\Roaming\Samsung =>.Samsung Electronics
      O43 - CFD: 03/06/2017 - D – C:\Users\Tristen\AppData\Roaming\Shooter =>.Marcel Pol
      O43 - CFD: 20/09/2016 - D – C:\Users\Tristen\AppData\Roaming\Spore
      O43 - CFD: 03/07/2016 - D – C:\Users\Tristen\AppData\Roaming\Subversion =>.Games Software
      O43 - CFD: 30/01/2016 - D – C:\Users\Tristen\AppData\Roaming\Sun =>.Oracle
      O43 - CFD: 12/03/2017 - D – C:\Users\Tristen\AppData\Roaming\Tap_Dungeon
      O43 - CFD: 16/08/2016 - D – C:\Users\Tristen\AppData\Roaming\TS3Client =>.TeamSpeak
      O43 - CFD: 08/02/2016 - D – C:\Users\Tristen\AppData\Roaming\WinRAR =>.WinRAR
      O43 - CFD: 27/07/2017 - D – C:\Users\Tristen\AppData\Roaming\ZHP =>.Nicolas Coolman
      O43 - CFD: 16/01/2016 - [0] D – C:\Users\Tristen\AppData\Local\ActiveSync =>.Microsoft Corporation
      O43 - CFD: 27/07/2017 - D – C:\Users\Tristen\AppData\Local\Adobe =>.Adobe
      O43 - CFD: 24/07/2017 - D – C:\Users\Tristen\AppData\Local\AMD =>.AMD
      O43 - CFD: 26/07/2017 - D – C:\Users\Tristen\AppData\Local\AMDDriverProfiles
      O43 - CFD: 28/05/2017 - [0] SHD – C:\Users\Tristen\AppData\Local\Application Data =>.Microsoft Corporation
      O43 - CFD: 26/07/2017 - D – C:\Users\Tristen\AppData\Local\ATI =>.ATI
      O43 - CFD: 27/07/2017 - D – C:\Users\Tristen\AppData\Local\Battle.net =>.Games Software
      O43 - CFD: 12/06/2017 - D – C:\Users\Tristen\AppData\Local\Bethesda.net Launcher =>.Bethesda Softworks
      O43 - CFD: 17/01/2016 - D – C:\Users\Tristen\AppData\Local\Black_Tree_Gaming =>.Black Tree Gaming Ltd
      O43 - CFD: 06/07/2017 - D – C:\Users\Tristen\AppData\Local\Blizzard Entertainment =>.Blizzard Entertainment
      O43 - CFD: 15/04/2017 - D – C:\Users\Tristen\AppData\Local\BoringManGame
      O43 - CFD: 17/01/2016 - D – C:\Users\Tristen\AppData\Local\CEF =>.CEF
      O43 - CFD: 17/01/2016 - D – C:\Users\Tristen\AppData\Local\cFos =>.CFos Software
      O43 - CFD: 20/10/2016 - D – C:\Users\Tristen\AppData\Local\Chromium =>.Chromium
      O43 - CFD: 17/01/2016 - D – C:\Users\Tristen\AppData\Local\Comms =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - D – C:\Users\Tristen\AppData\Local\ConnectedDevicesPla tform =>.Microsoft Corporation
      O43 - CFD: 27/05/2017 - D – C:\Users\Tristen\AppData\Local\CrashDumps =>.Microsoft Corporation
      O43 - CFD: 07/02/2016 - D – C:\Users\Tristen\AppData\Local\Daybreak Game Company =>.Daybreak Game Company
      O43 - CFD: 29/05/2017 - [0] D – C:\Users\Tristen\AppData\Local\DBG =>.DBG
      O43 - CFD: 28/07/2016 - [0] D – C:\Users\Tristen\AppData\Local\Diagnostics =>.Microsoft Corporation
      O43 - CFD: 11/01/2017 - D – C:\Users\Tristen\AppData\Local\Discord =>.GitHub
      O43 - CFD: 02/07/2016 - D – C:\Users\Tristen\AppData\Local\Don’t Starve Mod Uploader
      O43 - CFD: 08/08/2016 - D – C:\Users\Tristen\AppData\Local\Downloaded Installations =>.Microsoft Corporation
      O43 - CFD: 20/08/2016 - D – C:\Users\Tristen\AppData\Local\Dropbox =>.Dropbox
      O43 - CFD: 26/07/2017 - D – C:\Users\Tristen\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
      O43 - CFD: 09/10/2016 - D – C:\Users\Tristen\AppData\Local\FallenDoll
      O43 - CFD: 18/02/2016 - D – C:\Users\Tristen\AppData\Local\Fallout3 =>.Black Isle Studios
      O43 - CFD: 19/03/2016 - D – C:\Users\Tristen\AppData\Local\Fallout4 =>.Black Isle Studios
      O43 - CFD: 09/07/2017 - D – C:\Users\Tristen\AppData\Local\FalloutNV =>.Games Software
      O43 - CFD: 05/04/2017 - D – C:\Users\Tristen\AppData\Local\FalloutShelter =>.Black Isle Studios
      O43 - CFD: 11/02/2017 - D – C:\Users\Tristen\AppData\Local\FileZilla =>.FileZilla
      O43 - CFD: 10/01/2017 - D – C:\Users\Tristen\AppData\Local\Foxhole
      O43 - CFD: 26/02/2016 - D – C:\Users\Tristen\AppData\Local\GeometryDash
      O43 - CFD: 16/01/2016 - D – C:\Users\Tristen\AppData\Local\Google =>.Google
      O43 - CFD: 27/09/2016 - D – C:\Users\Tristen\AppData\Local\HirezLauncherUI =>.Hi-Rez Studios
      O43 - CFD: 28/05/2017 - [0] SHD – C:\Users\Tristen\AppData\Local\History =>.Microsoft Corporation
      O43 - CFD: 27/06/2017 - D – C:\Users\Tristen\AppData\Local\id Software =>.id Software
      O43 - CFD: 28/06/2016 - D – C:\Users\Tristen\AppData\Local\IsolatedStorage =>.id Software
      O43 - CFD: 07/02/2016 - D – C:\Users\Tristen\AppData\Local\LogMeIn =>.LogMeIn
      O43 - CFD: 26/05/2017 - D – C:\Users\Tristen\AppData\Local\LogMeIn Hamachi =>.LogMeIn Entreprise
      O43 - CFD: 01/10/2016 - [0] D – C:\Users\Tristen\AppData\Local\LogMeIn Rescue Applet =>.LogMeIn
      O43 - CFD: 25/07/2016 - [0] D – C:\Users\Tristen\AppData\Local\lptmp
      O43 - CFD: 02/07/2016 - D – C:\Users\Tristen\AppData\Local\Macromedia =>.Macromedia
      O43 - CFD: 28/05/2017 - D – C:\Users\Tristen\AppData\Local\Microsoft =>.Microsoft Corporation
      O43 - CFD: 02/03/2017 - D – C:\Users\Tristen\AppData\Local\MicrosoftEdge =>.Microsoft Corporation
      O43 - CFD: 04/06/2016 - D – C:\Users\Tristen\AppData\Local\MONO development team =>.MONO development team
      O43 - CFD: 25/06/2016 - D – C:\Users\Tristen\AppData\Local\Mozilla =>.Mozilla Corporation
      O43 - CFD: 07/07/2016 - D – C:\Users\Tristen\AppData\Local\mslug3
      O43 - CFD: 03/02/2016 - D – C:\Users\Tristen\AppData\Local\Nem’s Tools
      O43 - CFD: 09/01/2017 - D – C:\Users\Tristen\AppData\Local\nuclearthrone
      O43 - CFD: 30/05/2017 - D – C:\Users\Tristen\AppData\Local\NuclearThroneUltraM od
      O43 - CFD: 20/10/2016 - D – C:\Users\Tristen\AppData\Local\Octodad Dadliest Catch
      O43 - CFD: 16/05/2017 - D – C:\Users\Tristen\AppData\Local\Origin =>.Electronic Arts, Inc.
      O43 - CFD: 06/07/2017 - D – C:\Users\Tristen\AppData\Local\Overwolf =>.Overwolf
      O43 - CFD: 28/05/2017 - D – C:\Users\Tristen\AppData\Local\Packages =>.Microsoft Corporation
      O43 - CFD: 06/02/2016 - D – C:\Users\Tristen\AppData\Local\PAYDAY 2
      O43 - CFD: 27/05/2017 - D – C:\Users\Tristen\AppData\Local\Pivot Animator
      O43 - CFD: 17/01/2016 - D – C:\Users\Tristen\AppData\Local\Programs =>.Microsoft Corporation
      O43 - CFD: 16/01/2016 - D – C:\Users\Tristen\AppData\Local\Publishers =>.Microsoft Corporation
      O43 - CFD: 02/05/2016 - D – C:\Users\Tristen\AppData\Local\Razer =>.Razer
      O43 - CFD: 02/05/2016 - D – C:\Users\Tristen\AppData\Local\Razer_Inc =>.Razer Inc
      O43 - CFD: 19/12/2016 - D – C:\Users\Tristen\AppData\Local\Roblox =>.ROBLOX
      O43 - CFD: 30/12/2016 - D – C:\Users\Tristen\AppData\Local\Rockstar Games =>.Rockstar Games
      O43 - CFD: 08/08/2016 - D – C:\Users\Tristen\AppData\Local\Samsung =>.Samsung Electronics
      O43 - CFD: 07/02/2016 - D – C:\Users\Tristen\AppData\Local\SCE =>.SCE
      O43 - CFD: 17/01/2016 - D – C:\Users\Tristen\AppData\Local\Skyrim =>.Skyrim Games
      O43 - CFD: 03/12/2016 - D – C:\Users\Tristen\AppData\Local\Skyrim Special Edition =>.Nogenious Skyrim Game
      O43 - CFD: 28/04/2016 - D – C:\Users\Tristen\AppData\Local\SLAM =>.Games Software
      O43 - CFD: 15/01/2017 - D – C:\Users\Tristen\AppData\Local\speech =>.Microsoft Corporation
      O43 - CFD: 13/04/2016 - D – C:\Users\Tristen\AppData\Local\Splashtop =>.Splashtop
      O43 - CFD: 03/06/2016 - D – C:\Users\Tristen\AppData\Local\SquirrelTemp =>.Squirrels
      O43 - CFD: 12/12/2016 - D – C:\Users\Tristen\AppData\Local\Steam =>.Steam Games
      O43 - CFD: 22/06/2016 - D – C:\Users\Tristen\AppData\Local\TeamSpeak 3 Client =>.TeamSpeak
      O43 - CFD: 27/07/2017 - D – C:\Users\Tristen\AppData\Local\Temp =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - [0] SHD – C:\Users\Tristen\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
      O43 - CFD: 16/01/2016 - D – C:\Users\Tristen\AppData\Local\TileDataLayer =>.Microsoft Corporation
      O43 - CFD: 20/05/2016 - D – C:\Users\Tristen\AppData\Local\TJoC_R
      O43 - CFD: 02/07/2016 - D – C:\Users\Tristen\AppData\Local\tkdata =>.TK-Data
      O43 - CFD: 10/04/2017 - D – C:\Users\Tristen\AppData\Local\TslGame
      O43 - CFD: 15/07/2017 - D – C:\Users\Tristen\AppData\Local\Ubisoft Game Launcher =>.Ubisoft
      O43 - CFD: 17/06/2016 - D – C:\Users\Tristen\AppData\Local\UNDERTALE =>.Games Software
      O43 - CFD: 11/05/2017 - D – C:\Users\Tristen\AppData\Local\UNP =>.Microsoft Corporation
      O43 - CFD: 19/01/2017 - D – C:\Users\Tristen\AppData\Local\UnrealEngine =>.Unreal Software
      O43 - CFD: 01/07/2016 - D – C:\Users\Tristen\AppData\Local\VirtualStore =>.Microsoft Corporation
      O43 - CFD: 28/01/2016 - D – C:\Users\Tristen\AppData\Local\Warframe =>.Digital Extremes
      O43 - CFD: 04/08/2016 - D – C:\Users\Tristen\AppData\Local\Windows Live =>.Microsoft Corporation
      O43 - CFD: 19/10/2016 - D – C:\Users\Tristen\AppData\Local\You_Have_10_Seconds _2_Steam_Release
      O43 - CFD: 27/07/2017 - D – C:\Users\Tristen\AppData\Local\ZHP =>.Nicolas Coolman
      O43 - CFD: 17/01/2016 - [0] D – C:\Users\Tristen\AppData\Local\Programs\Common =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - RD – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Accessibility =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - RD – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Accessories =>.Microsoft Corporation
      O43 - CFD: 12/07/2017 - RD – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Administrative Tools =>.Administrative Tools
      O43 - CFD: 28/05/2017 - D – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Hammer & Chisel, Inc =>.Hammer & Chisel, Inc
      O43 - CFD: 28/05/2017 - D – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Katawa Shoujo
      O43 - CFD: 18/03/2017 - D – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Maintenance =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - D – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Overwolf =>.Overwolf
      O43 - CFD: 20/05/2016 - [0] D – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\QuikDate
      O43 - CFD: 26/07/2017 - D – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Roblox =>.ROBLOX
      O43 - CFD: 26/07/2017 - RD – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Startup =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - D – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Steam =>.Steam Games
      O43 - CFD: 18/03/2017 - RD – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\System Tools =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - D – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\TeamSpeak 3 Client =>.TeamSpeak
      O43 - CFD: 28/05/2017 - D – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Tixati
      O43 - CFD: 26/06/2017 - D – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Ubisoft =>.Ubisoft
      O43 - CFD: 18/03/2017 - RD – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - D – C:\Users\Tristen\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\WinRAR =>.WinRAR
      O43 - CFD: 28/05/2017 - [0] SHD – C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - [0] SHD – C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
      O43 - CFD: 12/07/2017 - D – C:\Users\Default\AppData\Local\LogMeIn Hamachi =>.LogMeIn Entreprise
      O43 - CFD: 18/03/2017 - D – C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - [0] D – C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - [0] SHD – C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - [0] SHD – C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - [0] SHD – C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
      O43 - CFD: 12/07/2017 - D – C:\Users\Default User\AppData\Local\LogMeIn Hamachi =>.LogMeIn Entreprise
      O43 - CFD: 18/03/2017 - D – C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
      O43 - CFD: 18/03/2017 - [0] D – C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
      O43 - CFD: 28/05/2017 - [0] SHD – C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
      O43 - CFD: 13/06/2017 - – C:\WINDOWS\System32\Config\systemprofile\AppData\L ocal\Dropbox =>.Dropbox
      O43 - CFD: 28/05/2017 - D – C:\WINDOWS\System32\Config\systemprofile\AppData\L ocal\Microsoft =>.Microsoft Corporation
      O43 - CFD: 12/06/2017 - [0] – C:\WINDOWS\System32\Config\systemprofile\AppData\L ocal\Overwolf =>.Overwolf
      O43 - CFD: 31/05/2017 - – C:\WINDOWS\System32\Config\systemprofile\AppData\R oaming\Dropbox =>.Dropbox
      O43 - CFD: 21/06/2017 - D – C:\WINDOWS\System32\Config\systemprofile\AppData\R oaming\Microsoft =>.Microsoft Corporation

      —\ ShellIconOverlayIdentifiers (SIOI) (16) - 0s
      O106 - SIOI: DropboxExt1 Class [ DropboxExt01] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll =>.Dropbox, Inc®
      O106 - SIOI: DropboxExt7 Class [ DropboxExt02] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll =>.Dropbox, Inc®
      O106 - SIOI: DropboxExt9 Class [ DropboxExt03] - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll =>.Dropbox, Inc®
      O106 - SIOI: DropboxExt3 Class [ DropboxExt04] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll =>.Dropbox, Inc®
      O106 - SIOI: DropboxExt2 Class [ DropboxExt05] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll =>.Dropbox, Inc®
      O106 - SIOI: DropboxExt4 Class [ DropboxExt06] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll =>.Dropbox, Inc®
      O106 - SIOI: DropboxExt5 Class [ DropboxExt07] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll =>.Dropbox, Inc®
      O106 - SIOI: DropboxExt8 Class [ DropboxExt08] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll =>.Dropbox, Inc®
      O106 - SIOI: DropboxExt10 Class [ DropboxExt09] - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll =>.Dropbox, Inc®
      O106 - SIOI: DropboxExt6 Class [ DropboxExt10] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) – C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll =>.Dropbox, Inc®
      O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) – C:\Users\Tristen\AppData\Local\Microsoft\OneDrive\ 17.3.6917.0607\FileSyncShell.dll =>.Microsoft Corporation®
      O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) – C:\Users\Tristen\AppData\Local\Microsoft\OneDrive\ 17.3.6917.0607\FileSyncShell.dll =>.Microsoft Corporation®
      O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) – C:\Users\Tristen\AppData\Local\Microsoft\OneDrive\ 17.3.6917.0607\FileSyncShell.dll =>.Microsoft Corporation®
      O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) – C:\Users\Tristen\AppData\Local\Microsoft\OneDrive\ 17.3.6917.0607\FileSyncShell.dll =>.Microsoft Corporation®
      O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) – C:\Users\Tristen\AppData\Local\Microsoft\OneDrive\ 17.3.6917.0607\FileSyncShell.dll =>.Microsoft Corporation®
      O106 - SIOI: ReadOnlyOverlayHandler Class [ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) – C:\Users\Tristen\AppData\Local\Microsoft\OneDrive\ 17.3.6917.0607\FileSyncShell.dll =>.Microsoft Corporation®

      —\ Image File Execution Options (18) - 1s
      O50 - IFEO:C:\Windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
      O50 - IFEO:C:\Windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\3] =>.Microsoft Windows®
      O50 - IFEO:C:\WINDOWS\System32\drvinst.exe - (.Microsoft Corporation - Driver Installation Module.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
      O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialization Utility.) [MitigationOptions\256] =>.Microsoft Corporation
      O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\256] =>.Microsoft Corporation
      O50 - IFEO:C:\Windows\System32\mmc.exe - (.Microsoft Corporation - Microsoft Management Console.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
      O50 - IFEO:C:\WINDOWS\System32\MRT.exe - (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) [CFGOptions\1] =>.Microsoft Corporation
      O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\256] =>.Microsoft Corporation
      O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\256] =>.Microsoft Corporation
      O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\1118481] =>.Microsoft Corporation
      O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\2097152] =>.Microsoft Corporation
      O50 - IFEO:C:\Windows\System32\rundll32.exe - (.Microsoft Corporation - Windows host process (Rundll32).) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
      O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\4294967296] =>.Microsoft Corporation
      O50 - IFEO:C:\Windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
      O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
      O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\2097152] =>.Microsoft Corporation
      O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Host Process for Windows Services.) [MinimumStackCommitInBytes\32768] =>.Microsoft Windows Publisher®
      O50 - IFEO:C:\Windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation

      —\ System Drivers List (84) - 13s
      O58 - SDL:2017/03/18 16:56:25 A . (.LSI - LSI 3ware SCSI Storport Driver.) – C:\WINDOWS\System32\drivers\3ware.sys [107424] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) – C:\WINDOWS\System32\drivers\adp80xx.sys [1135512] =>.Microsoft Windows®
      O58 - SDL:2016/08/18 08:41:28 A . (.Advanced Micro Devices, Inc. - AMD Audio Bus Lower Filter.) – C:\WINDOWS\System32\drivers\amdkmafd.sys [49448] =>.Advanced Micro Devices, Inc.®
      O58 - SDL:2017/03/18 16:56:25 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) – C:\WINDOWS\System32\drivers\amdsata.sys [83352] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) – C:\WINDOWS\System32\drivers\amdsbs.sys [259488] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.Advanced Micro Devices - Storage Filter Driver.) – C:\WINDOWS\System32\drivers\amdxata.sys [27040] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\WINDOWS\System32\drivers\arcsas.sys [132000] =>.Microsoft Windows®
      O58 - SDL:2011/11/07 14:13:06 A . (.Windows (R) Win 7 DDK provider - ASRock App Charger Driver.) – C:\WINDOWS\System32\drivers\AsrAppCharger.sys [17192] =>.ASROCK Incorporation®
      O58 - SDL:2013/08/02 20:39:14 A . (.ASRock Inc. - ASRock RAM Disk Driver.) – C:\WINDOWS\System32\drivers\AsrRamDisk.sys [40200] =>.ASROCK Incorporation®
      O58 - SDL:2017/04/26 03:09:04 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) – C:\WINDOWS\System32\drivers\AtihdWT6.sys [110088] =>.Microsoft Windows Hardware Compatibility Publisher®
      O58 - SDL:2017/03/18 16:56:25 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) – C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider
      O58 - SDL:2015/02/11 02:04:56 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) – C:\WINDOWS\System32\drivers\bcmwlhigh664.sys [1255672] =>.Broadcom Corporation®
      O58 - SDL:2017/03/18 16:56:23 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) – C:\WINDOWS\System32\drivers\bxvbda.sys [533920] =>.Microsoft Windows®
      O58 - SDL:2013/05/31 16:23:40 A . (.cFos Software GmbH - cFosSpeed Driver.) – C:\WINDOWS\System32\drivers\cfosspeed6.sys [1814880] =>.cFos Software GmbH®
      O58 - SDL:2017/03/18 16:56:25 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) – C:\WINDOWS\System32\drivers\cht4dx64.sys [102816] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) – C:\WINDOWS\System32\drivers\cht4sx64.sys [347032] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T4 Chipset.) – C:\WINDOWS\System32\drivers\cht4vx64.sys [2104224] =>.Microsoft Windows®
      O58 - SDL:2014/10/09 02:22:26 A . (.C-MEDIA - C-MEDIA USB Audio Class 1.0 and 2.0 Device.) – C:\WINDOWS\System32\drivers\CMUAC.SYS [613888] =>.C-MEDIA
      O58 - SDL:2017/07/12 15:58:40 A . (.Dropbox, Inc. - Dropbox Filter Driver.) – C:\WINDOWS\System32\drivers\dbx-canary.sys [45640] =>.Microsoft Windows Hardware Compatibility Publisher®
      O58 - SDL:2017/07/12 15:58:40 A . (.Dropbox, Inc. - Dropbox Filter Driver.) – C:\WINDOWS\System32\drivers\dbx-dev.sys [45640] =>.Microsoft Windows Hardware Compatibility Publisher®
      O58 - SDL:2017/07/12 15:58:40 A . (.Dropbox, Inc. - Dropbox Filter Driver.) – C:\WINDOWS\System32\drivers\dbx-stable.sys [45640] =>.Microsoft Windows Hardware Compatibility Publisher®
      O58 - SDL:2017/03/18 16:56:34 A . (.Microsoft Corp. - KMDF driver for DC1 Controller.) – C:\WINDOWS\System32\drivers\dc1-controller.sys [61440] =>.Microsoft Corp.
      O58 - SDL:2017/03/18 16:56:28 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) – C:\WINDOWS\System32\drivers\e1i63x64.sys [524800] =>.Intel Corporation
      O58 - SDL:2017/07/15 19:58:29 A . (.Authors - .) – C:\WINDOWS\System32\drivers\EasyAntiCheat.sys [752680] =>.EasyAntiCheat Oy®
      O58 - SDL:2017/03/18 16:56:23 A . (.QLogic Corporation - QLogic 10 GigE VBD.) – C:\WINDOWS\System32\drivers\evbda.sys [3419040] =>.Microsoft Windows®
      O58 - SDL:2015/11/12 12:47:06 A . (.LogMeIn Inc. - LogMeIn Hamachi Virtual Miniport Driver.) – C:\WINDOWS\System32\drivers\Hamdrv.sys [45680] =>.Microsoft Windows Hardware Compatibility Publisher®
      O58 - SDL:2017/03/18 16:56:25 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) – C:\WINDOWS\System32\drivers\HpSAMD.sys [64416] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:28 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iagpio.sys [33280] =>.Intel(R) Corporation
      O58 - SDL:2017/03/18 16:56:28 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) – C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation
      O58 - SDL:2017/03/18 16:56:28 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [70656] =>.Intel Corporation
      O58 - SDL:2017/03/18 16:56:28 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.s ys [85504] =>.Intel Corporation
      O58 - SDL:2017/03/18 16:56:28 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [165376] =>.Intel Corporation
      O58 - SDL:2017/03/18 16:56:28 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448] =>.Intel Corporation
      O58 - SDL:2017/03/18 16:56:23 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
      O58 - SDL:2017/03/18 16:56:19 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
      O58 - SDL:2013/07/18 16:55:54 A . (.Intel Corporation - NDIS 6.30 Advanced Networking Services..) – C:\WINDOWS\System32\drivers\iANSW60e.sys [153400] =>.Intel Corporation®
      O58 - SDL:2014/05/28 14:10:20 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver -.) – C:\WINDOWS\System32\drivers\iaStorA.sys [672104] =>.Intel Corporation - Intel® Rapid Storage Technology®
      O58 - SDL:2017/03/18 16:56:26 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) – C:\WINDOWS\System32\drivers\iaStorAV.sys [673184] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) – C:\WINDOWS\System32\drivers\iaStorV.sys [412064] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.Mellanox - InfiniBand Fabric Bus Driver.) – C:\WINDOWS\System32\drivers\ibbus.sys [526240] =>.Microsoft Windows®
      O58 - SDL:2014/05/27 15:21:04 A . (.Authors - .) – C:\WINDOWS\System32\drivers\ikbevent.sys [22216] =>.Intel CASE®
      O58 - SDL:2014/05/27 15:21:08 A . (.Authors - .) – C:\WINDOWS\System32\drivers\imsevent.sys [22728] =>.Intel CASE®
      O58 - SDL:2014/01/08 10:20:28 A . (.Intel Corporation - Intel(R) Network Adapter Diagnostic Driver.) – C:\WINDOWS\System32\drivers\iqvw64e.sys [34568] =>.Intel Corporation®
      O58 - SDL:2014/05/27 15:21:08 A . (.Authors - Intel(R) Smart Connect Technology Device Dr.) – C:\WINDOWS\System32\drivers\ISCTD.sys [44744] =>.Intel CASE®
      O58 - SDL:2017/03/18 16:56:25 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas.sys [108960] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas2i.sys [123808] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas3i.sys [103328] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sss.sys [82848] =>.Microsoft Windows®
      O58 - SDL:2016/03/10 14:08:54 A . (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\WINDOWS\System32\drivers\mbam.sys [27008] =>.Malwarebytes Corporation®
      O58 - SDL:2016/03/10 14:08:58 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) – C:\WINDOWS\System32\drivers\mbamchameleon.sys [140672] =>.Malwarebytes Corporation®
      O58 - SDL:2017/07/23 01:51:01 A . (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [192216] =>.Malwarebytes Corporation®
      O58 - SDL:2017/03/18 16:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\megasas.sys [59808] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\MegaSas2i.sys [64416] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\WINDOWS\System32\drivers\megasr.sys [575904] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.Mellanox - MLX4 Bus Driver.) – C:\WINDOWS\System32\drivers\mlx4_bus.sys [842656] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) – C:\WINDOWS\System32\drivers\mvumis.sys [63904] =>.Microsoft Windows®
      O58 - SDL:2016/03/10 14:09:10 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) – C:\WINDOWS\System32\drivers\mwac.sys [65408] =>.Malwarebytes Corporation®
      O58 - SDL:2017/03/18 16:56:25 A . (.Mellanox - NetworkDirect Support Filter Driver.) – C:\WINDOWS\System32\drivers\ndfltr.sys [108960] =>.Microsoft Windows®
      O58 - SDL:2010/02/03 15:21:56 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) – C:\WINDOWS\System32\drivers\npf.sys [47632] =>.CACE Technologies, Inc.®
      O58 - SDL:2017/03/18 16:56:25 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\WINDOWS\System32\drivers\nvraid.sys [150432] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\WINDOWS\System32\drivers\nvstor.sys [166304] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas2i.sys [58784] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas3i.sys [61848] =>.Microsoft Windows®
      O58 - SDL:2013/07/30 08:16:46 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) – C:\WINDOWS\System32\drivers\RTKVHD64.sys [3564376] =>.Realtek Semiconductor Corp®
      O58 - SDL:2016/09/16 20:12:20 A . (.Razer, Inc. - Razer Overlay Support.) – C:\WINDOWS\System32\drivers\rzpmgrk.sys [44144] =>.Razer Inc.®
      O58 - SDL:2016/09/07 16:27:07 A . (.Razer, Inc. - Razer Overlay Support.) – C:\WINDOWS\System32\drivers\rzpnk.sys [137840] =>.Razer Inc.®
      O58 - SDL:2012/09/05 14:37:02 A . (.SerComm Corporation - Customize NDIS User mode I/O Driver.) – C:\WINDOWS\System32\drivers\SCMNdisP.sys [29472] =>.NETGEAR®
      O58 - SDL:2017/03/18 16:56:26 A . (.Authors - .) – C:\WINDOWS\System32\drivers\SDFRd.sys [31128] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid2.sys [44960] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid4.sys [81824] =>.Microsoft Windows®
      O58 - SDL:2016/09/05 05:47:06 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver.) – C:\WINDOWS\System32\drivers\ssudbus.sys [131712] =>.Samsung Electronics CO., LTD.®
      O58 - SDL:2016/09/05 05:47:12 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver.) – C:\WINDOWS\System32\drivers\ssudmdm.sys [165504] =>.Samsung Electronics CO., LTD.®
      O58 - SDL:2017/03/18 16:56:25 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) – C:\WINDOWS\System32\drivers\stexstor.sys [31136] =>.Microsoft Windows®
      O58 - SDL:2016/01/17 01:36:46 A . (.Symantec Corporation - Symantec Event Library.) – C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS [177752] =>.Symantec Corporation®
      O58 - SDL:2014/09/30 17:47:28 A . (.Intel Corporation - Intel(R) Management Engine Interface.) – C:\WINDOWS\System32\drivers\TeeDriverx64.sys [129312] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
      O58 - SDL:2017/07/26 23:15:04 A . (.Authors - .) – C:\WINDOWS\System32\drivers\TrueSight.sys [28272] =>.Adlice®
      O58 - SDL:2016/04/28 15:05:56 A . (.Oracle Corporation - VirtualBox Support Driver.) – C:\WINDOWS\System32\drivers\VBoxDrv.sys [916520] =>.Oracle Corporation®
      O58 - SDL:2016/04/28 15:05:50 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Host-Only Network Adapt.) – C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [119712] =>.Oracle Corporation®
      O58 - SDL:2016/04/28 15:05:50 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Lightweight Filter Driv.) – C:\WINDOWS\System32\drivers\VBoxNetLwf.sys [192352] =>.Oracle Corporation®
      O58 - SDL:2016/04/28 15:05:50 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) – C:\WINDOWS\System32\drivers\VBoxUSBMon.sys [143568] =>.Oracle Corporation®
      O58 - SDL:2017/03/18 16:56:25 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\WINDOWS\System32\drivers\vsmraid.sys [166816] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) – C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305568] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.Mellanox - Kernel WinMad.) – C:\WINDOWS\System32\drivers\winmad.sys [32160] =>.Microsoft Windows®
      O58 - SDL:2017/03/18 16:56:25 A . (.Mellanox - Kernel WinVerbs.) – C:\WINDOWS\System32\drivers\winverbs.sys [64920] =>.Microsoft Windows®

      —\ Last modified or created user files (33) - 115s
      O61 - LFC: 2017/07/26 23:26:54 A . (..) – C:\Users\Tristen\AppData\Local\AMD\DxCache\090a225 c77837d0249eeeb89966575c9ea6e0fdcb633633b.bin [131072] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/26 21:52:50 A . (..) – C:\Users\Tristen\AppData\Local\AMD\DxCache\13ca33e 6af0a563e363be17a7ee82120eadd520bf1631773.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/26 21:26:44 A . (..) – C:\Users\Tristen\AppData\Local\AMD\DxCache\1a9c053 ea780a60a1b1f12040962730ac6811481b6d942d1.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/23 22:43:41 A . (..) – C:\Users\Tristen\AppData\Local\AMD\DxCache\1a9c053 ea780a60abea61eff3fda05fec6811481b6d942d1.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/26 21:48:29 A . (..) – C:\Users\Tristen\AppData\Local\AMD\DxCache\252ea17 5654e78bee0af1bdf8d339353f7d896f461d6dc39.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/27 00:30:50 A . (..) – C:\Users\Tristen\AppData\Local\AMD\DxCache\6369090 b3c3116c2ae0167124f56045fc80d3048b275dfac.bin [33554432] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/26 22:18:37 A . (..) – C:\Users\Tristen\AppData\Local\AMD\DxCache\7817ab3 6f7dc930c5290df5c23471fc0d0df1ee5710a6f1c.bin [2097152] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/27 00:30:21 A . (..) – C:\Users\Tristen\AppData\Local\AMD\DxCache\9c6680f f8f213b16a81ea8350cf0eb702abb26fe8fbf087a.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/26 21:28:40 A . (..) – C:\Users\Tristen\AppData\Local\AMD\DxCache\a3e6d1a 26fe691c0ad18d84d36bf9beed7c5682eaf1be4fa.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/23 22:42:28 A . (..) – C:\Users\Tristen\AppData\Local\AMD\DxCache\a3e6d1a 26fe691c0f7435eea485a585fd7c5682eaf1be4fa.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/26 23:14:54 A . (..) – C:\Users\Tristen\AppData\Local\AMD\DxCache\c0d387b 6e5f5ffd3b68da7b5ef114ce87df2abbc9079f19b.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/26 21:31:03 A . (..) – C:\Users\Tristen\AppData\Local\AMD\DxCache\c27b7a4 6c2344609b68da7b5ef114ce88239a04ca389005a.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/25 14:54:39 A . (..) – C:\Users\Tristen\AppData\Local\AMD\DxCache\c27b7a4 6c2344609cd651d03d1c1d26c8239a04ca389005a.bin [131072] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/26 21:36:54 A . (..) – C:\Users\Tristen\AppData\Local\AMD\DxCache\cd229d1 014b63c81e18fe9ed49d26989f21c739d6d009b6a.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/26 01:08:03 A . (..) – C:\Users\Tristen\AppData\Local\AMDDriverProfiles\2 2.19.162.4(17.10.1731-170424a2-313745C-CrimsonReLive)\AMD\DxCache\090a225c77837d02d2b28db 789eecda1ea6e0fdcb633633b.bin [131072] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/24 02:03:17 A . (..) – C:\Users\Tristen\AppData\Local\AMDDriverProfiles\2 2.19.162.4(17.10.1731-170424a2-313745C-CrimsonReLive)\AMD\DxCache\13ca33e6af0a563e72c3828 deae75f51eadd520bf1631773.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/23 22:43:41 A . (..) – C:\Users\Tristen\AppData\Local\AMDDriverProfiles\2 2.19.162.4(17.10.1731-170424a2-313745C-CrimsonReLive)\AMD\DxCache\1a9c053ea780a60abea61ef f3fda05fec6811481b6d942d1.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/24 14:51:15 A . (..) – C:\Users\Tristen\AppData\Local\AMDDriverProfiles\2 2.19.162.4(17.10.1731-170424a2-313745C-CrimsonReLive)\AMD\DxCache\6369090b3c3116c289c2207 19bc18352c80d3048b275dfac.bin [33554432] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/24 10:43:03 A . (..) – C:\Users\Tristen\AppData\Local\AMDDriverProfiles\2 2.19.162.4(17.10.1731-170424a2-313745C-CrimsonReLive)\AMD\DxCache\74d94c20b3f05b5219f3e2f b989a62e5380fd81227f2a582.bin [1048576] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/26 01:10:48 A . (..) – C:\Users\Tristen\AppData\Local\AMDDriverProfiles\2 2.19.162.4(17.10.1731-170424a2-313745C-CrimsonReLive)\AMD\DxCache\7817ab36f7dc930ccff1793 57fb38e1cd0df1ee5710a6f1c.bin [2097152] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/23 23:48:25 A . (..) – C:\Users\Tristen\AppData\Local\AMDDriverProfiles\2 2.19.162.4(17.10.1731-170424a2-313745C-CrimsonReLive)\AMD\DxCache\79b1794d6e7ec2feb4090ba 969c0f65634b7b83dbc270190.bin [131072] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/24 14:49:25 A . (..) – C:\Users\Tristen\AppData\Local\AMDDriverProfiles\2 2.19.162.4(17.10.1731-170424a2-313745C-CrimsonReLive)\AMD\DxCache\9c6680ff8f213b16bdc46d9 ac0ec43952abb26fe8fbf087a.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/23 22:42:28 A . (..) – C:\Users\Tristen\AppData\Local\AMDDriverProfiles\2 2.19.162.4(17.10.1731-170424a2-313745C-CrimsonReLive)\AMD\DxCache\a3e6d1a26fe691c0f7435ee a485a585fd7c5682eaf1be4fa.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/23 22:46:42 A . (..) – C:\Users\Tristen\AppData\Local\AMDDriverProfiles\2 2.19.162.4(17.10.1731-170424a2-313745C-CrimsonReLive)\AMD\DxCache\c0d387b6e5f5ffd3cd651d0 3d1c1d26c7df2abbc9079f19b.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/25 14:54:39 A . (..) – C:\Users\Tristen\AppData\Local\AMDDriverProfiles\2 2.19.162.4(17.10.1731-170424a2-313745C-CrimsonReLive)\AMD\DxCache\c27b7a46c2344609cd651d0 3d1c1d26c8239a04ca389005a.bin [131072] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/23 22:51:26 A . (..) – C:\Users\Tristen\AppData\Local\AMDDriverProfiles\2 2.19.162.4(17.10.1731-170424a2-313745C-CrimsonReLive)\AMD\DxCache\cd229d1014b63c81a5778a1 adddd17f8f21c739d6d009b6a.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/24 21:41:35 A . (..) – C:\Users\Tristen\AppData\Local\AMDDriverProfiles\2 2.19.162.4(17.10.1731-170424a2-313745C-CrimsonReLive)\AMD\DxCache\d16dc86220c6261219f3e2f b989a62e5822e5b1e8e7181b0.bin [1048576] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/24 21:45:06 A . (..) – C:\Users\Tristen\AppData\Local\AMDDriverProfiles\2 2.19.162.4(17.10.1731-170424a2-313745C-CrimsonReLive)\AMD\DxCache\dbb9292d0a2a8fd0342581c 35dad645582a78a8d1e2a786e.bin [65536] =>.Advanced Micro Devices Inc
      O61 - LFC: 2017/07/26 21:45:49 A . (.Trend Micro Inc. & Stanislav Polshyn.) – C:\Users\Tristen\Desktop\HiJackThis.exe [1147984]
      O61 - LFC: 2017/07/26 21:48:04 A . (.Sysnative.) – C:\Users\Tristen\Desktop\SysnativeBSODCollectionAp p.exe [158720]
      O61 - LFC: 2017/07/21 11:22:09 A . (.Wagnardsoft.) – C:\Users\Tristen\Downloads\Display Driver Uninstaller.exe [1508392] {009853DBD49A88A5273798CAF4924B1389}
      O61 - LFC: 2017/07/23 20:58:51 A . (..) – C:\Users\Tristen\Downloads\dllinjector.exe [319488]
      O61 - LFC: 2017/07/26 21:46:56 A . (.Sysnative.) – C:\Users\Tristen\Downloads\SysnativeBSODCollection App\SysnativeBSODCollectionApp.exe [158720]

      —\ File Associations Shell Spawning (11) - 1s
      O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – “%1” %*
      O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) – C:\Windows\System32\control.exe =>.Microsoft Corporation
      O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – “%1” %*
      O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – “%1” %*
      O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) – C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
      O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – “%1” %*
      O67 - Shell Spawning: <.html> [HKLM..\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
      O67 - Shell Spawning: <.js> [HKLM..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) – C:\Windows\System32\wscript.exe =>.Microsoft Corporation
      O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Registry Editor.) – C:\Windows\regedit.exe =>.Microsoft Corporation
      O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – “%1” /S
      O67 - Shell Spawning: <.html> [HKCU..\open\Command] (.Mozilla Corporation - Firefox.) – C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®

      —\ Start Menu Internet (12) - 0s
      O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\Shell\open\Command] (.Mozilla Corporation - Firefox.) – C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
      O68 - StartMenuInternet: [HKLM..\Shell\open\Command] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
      O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
      O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
      O68 - StartMenuInternet: [HKLM..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
      O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
      O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
      O68 - StartMenuInternet: [HKLM..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
      O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
      O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
      O68 - StartMenuInternet: [HKLM..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
      O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

      —\ Search Browser Infection (3) - 5s
      O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
      O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
      O69 - SBI: SearchScopes [HKLM] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com/ =>.Google Inc.

      —\ Search Svchost Services (47) - 1s
      O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\WINDOWS\System32\certprop.dll [189952] =>.Microsoft Corporation
      O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\WINDOWS\System32\certprop.dll [189952] =>.Microsoft Corporation
      O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) – C:\WINDOWS\system32\srvsvc.dll [303616] =>.Microsoft Corporation
      O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) – C:\WINDOWS\System32\gpsvc.dll [1269248] =>.Microsoft Corporation
      O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) – C:\WINDOWS\System32\ikeext.dll [934912] =>.Microsoft Corporation
      O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) – C:\WINDOWS\System32\iphlpsvc.dll [996864] =>.Microsoft Corporation
      O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) – C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation
      O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) – C:\WINDOWS\System32\appinfo.dll [138752] =>.Microsoft Corporation
      O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) – C:\WINDOWS\system32\iscsiexe.dll [150016] =>.Microsoft Corporation
      O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) – C:\WINDOWS\System32\eapsvc.dll [108032] =>.Microsoft Corporation
      O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) – C:\WINDOWS\system32\schedsvc.dll [877568] =>.Microsoft Corporation
      O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\WINDOWS\system32\wbem\WMIsvc.dll [221696] =>.Microsoft Corporation
      O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) – C:\WINDOWS\System32\browser.dll [133120] =>.Microsoft Corporation
      O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) – C:\WINDOWS\system32\profsvc.dll [413696] =>.Microsoft Corporation
      O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) – C:\Windows\System32\SessEnv.dll [385536] =>.Microsoft Corporation
      O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) – C:\WINDOWS\System32\wercplsupport.dll [91648] =>.Microsoft Corporation
      O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) – C:\WINDOWS\system32\Windows.SharedPC.AccountManage r.dll [192512] =>.Microsoft Corporation
      O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) – C:\WINDOWS\System32\XblGameSave.dll [1135104] =>.Microsoft Corporation
      O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Natural Authentication Service.) – C:\WINDOWS\System32\NaturalAuth.dll [723968] =>.Microsoft Corporation
      O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) – C:\WINDOWS\system32\wlidsvc.dll [2155008] =>.Microsoft Corporation
      O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) – C:\WINDOWS\System32\usermgr.dll [877568] =>.Microsoft Corporation
      O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) – C:\WINDOWS\System32\XblAuthManager.dll [1013248] =>.Microsoft Corporation
      O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) – C:\Windows\System32\Windows.Internal.Management.dl l [536064] =>.Microsoft Corporation
      O83 - Search Svchost Services: xbgm (xbgm) . (.Microsoft Corporation - Xbox Game Monitoring Service.) – C:\WINDOWS\System32\xbgmsvc.dll [301216] =>.Microsoft Windows Publisher®
      O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) – C:\WINDOWS\system32\themeservice.dll [69632] =>.Microsoft Corporation
      O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) – C:\Windows\System32\TokenBroker.dll [1054208] =>.Microsoft Corporation
      O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) – C:\WINDOWS\System32\lfsvc.dll [43520] =>.Microsoft Corporation
      O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infrared Monitor.) – C:\WINDOWS\System32\irmon.dll [24576] =>.Microsoft Corporation
      O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) – C:\WINDOWS\System32\rasauto.dll [104448] =>.Microsoft Corporation
      O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) – C:\WINDOWS\System32\rasmans.dll [873472] =>.Microsoft Corporation
      O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) – C:\Windows\System32\mprdim.dll [490496] =>.Microsoft Corporation
      O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) – C:\WINDOWS\System32\sens.dll [69632] =>.Microsoft Corporation
      O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) – C:\WINDOWS\System32\ipnathlp.dll [537600] =>.Microsoft Corporation
      O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows™ Telephony Server.) – C:\Windows\System32\tapisrv.dll [306688] =>.Microsoft Corporation
      O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) – C:\WINDOWS\system32\wuaueng.dll [2444288] =>.Microsoft Corporation
      O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) – C:\WINDOWS\System32\qmgr.dll [1159680] =>.Microsoft Corporation
      O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) – C:\Windows\System32\shsvcs.dll [612864] =>.Microsoft Corporation
      O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) – C:\WINDOWS\system32\dmwappushsvc.dll [55296] =>.Microsoft Corporation
      O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight Settings.) – C:\WINDOWS\system32\flightsettings.dll [699904] =>.Microsoft Corporation
      O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) – C:\WINDOWS\system32\WpnService.dll [276480] =>.Microsoft Corporation
      O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) – C:\WINDOWS\System32\bdesvc.dll [385536] =>.Microsoft Corporation
      O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) – C:\WINDOWS\system32\XboxNetApiSvc.dll [1067008] =>.Microsoft Corporation
      O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) – C:\WINDOWS\system32\usocore.dll [681984] =>.Microsoft Corporation
      O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) – C:\WINDOWS\System32\NetSetupSvc.dll [261632] =>.Microsoft Corporation
      O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) – C:\WINDOWS\System32\DeviceSetupManager.dll [233984] =>.Microsoft Corporation
      O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) – C:\WINDOWS\System32\ncasvc.dll [167424] =>.Microsoft Corporation
      O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) – C:\WINDOWS\System32\XboxGipSvc.dll [18944] =>.Microsoft Corporation

      —\ Firewall Active Exception List (120) - 7s
      O87 - FAEL: “{6235C8CF-6D65-4544-B471-F97F6FD14930}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Learn to Fly 3\Learn to Fly 3.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{DADB7EF1-3DAF-4BC6-9EC7-9A220850C6AA}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Learn to Fly 3\Learn to Fly 3.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{C7BEF760-8754-4D3B-A56F-93803997FAD9}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe (.not file.)
      O87 - FAEL: “{87A0EE7C-AA2A-4CFA-BE1C-BF3DF5B510A2}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe (.not file.)
      O87 - FAEL: “{35280115-76CD-415B-925A-14613B3B3809}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe (.not file.)
      O87 - FAEL: “{FCE1EADC-F2B5-44B3-AD03-E7147D0ECFA1}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe (.not file.)
      O87 - FAEL: “UDP Query User{154571B2-247D-4E67-8180-C4BBDC46A4E6}C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe” [In-None-P17-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe (.not file.) =>.Steam Games
      O87 - FAEL: “TCP Query User{956FEFB9-8019-4105-9816-8039D8189200}C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe” [In-None-P6-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe (.not file.) =>.Steam Games
      O87 - FAEL: “UDP Query User{C905872A-FD03-4331-872A-6533625C88B9}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe” [In-None-P17-TRUE] .(…) – C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe (.not file.)
      O87 - FAEL: “TCP Query User{E3387E82-24F0-4DA2-B9DF-974D765AA78E}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe” [In-None-P6-TRUE] .(…) – C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe (.not file.)
      O87 - FAEL: “UDP Query User{B3C7FAE9-6CAB-459C-9171-AC1153BCBE95}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe” [In-None-P17-TRUE] .(…) – C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe (.not file.)
      O87 - FAEL: “TCP Query User{CD698A57-8BE0-4379-9BC3-A01E4CF75EE4}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe” [In-None-P6-TRUE] .(…) – C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe (.not file.)
      O87 - FAEL: “{318AD80C-4BC7-4AA8-B4EC-7096C685DDB2}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe (.not file.)
      O87 - FAEL: “UDP Query User{42F8F272-9673-446B-8DCB-4079A934BBB6}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries \win64\tslgame.exe” [In-None-P17-TRUE] .(.Bluehole GinnoGames, Inc. - TslGame.) – C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries \win64\tslgame.exe {1DB53A04F3FE510FE386FACDFCAB1C76} =>.Steam SteamApps Games
      O87 - FAEL: “TCP Query User{F7641829-8813-4BF8-A841-33CE3B7533C9}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries \win64\tslgame.exe” [In-None-P6-TRUE] .(.Bluehole GinnoGames, Inc. - TslGame.) – C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries \win64\tslgame.exe {1DB53A04F3FE510FE386FACDFCAB1C76} =>.Steam SteamApps Games
      O87 - FAEL: “{BEBECCDA-2FCD-4773-9D7F-3B346A6891D5}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\MurderMiners\Murder Miners.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{812259F4-CCDD-462F-AAF4-3EDCA63E3F85}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\MurderMiners\Murder Miners.exe (.not file.) =>.Steam Games
      O87 - FAEL: “UDP Query User{F0532DE6-B501-4861-B611-3D2FA0EF7F7E}C:\program files (x86)\battle.net\battle.net.8600\battle.net.exe” [In-None-P17-TRUE] .(…) – C:\program files (x86)\battle.net\battle.net.8600\battle.net.exe (.not file.)
      O87 - FAEL: “TCP Query User{535360D4-2738-435A-BDD7-59B0FAAF6589}C:\program files (x86)\battle.net\battle.net.8600\battle.net.exe” [In-None-P6-TRUE] .(…) – C:\program files (x86)\battle.net\battle.net.8600\battle.net.exe (.not file.)
      O87 - FAEL: “{9FDCC7E4-92D1-42EB-986B-26B8FB4C8784}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{1E158396-9EE8-46BB-B360-014DD5A988AC}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{33CA4ED5-FCCB-448D-B054-39434BF48BB1}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{A01CB47B-C53D-4B21-891D-E2323B947813}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{D705A740-D6E3-4214-AE12-AECA718F0935}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{35237F11-C376-459E-A450-957D11F2EA51}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{3274E1C3-38EC-4E64-B4B7-FB78352EFD2A}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Sakura Clicker\Sakura Clicker.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{E2E3DB7F-3CF0-4060-8D71-02927E66CCE4}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Sakura Clicker\Sakura Clicker.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{67FEC9D0-45BA-49E2-885D-10C3CAAF8555}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Soda Dungeon\dungeon.exe =>.Steam Games
      O87 - FAEL: “{4958EA30-9CD3-473B-B86B-4955671332C9}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Soda Dungeon\dungeon.exe =>.Steam Games
      O87 - FAEL: “{757BC6A1-E250-4F8F-91D6-C38BC862F9F7}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Killing Room\KillingRoom.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{3B6E9615-501E-4872-8A09-8A16FB16F708}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Killing Room\KillingRoom.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{1A7C5251-80C3-48CE-966F-8F20444680E8}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\SourceSDK\bin\SDKLaun cher.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{220EBA0D-AAA3-4707-AAD1-BF435407F599}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\SourceSDK\bin\SDKLaun cher.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{7199CE27-8B18-4598-B77D-A1374A5E14E0}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{54D4F114-9F6F-4AC2-9630-11CA0F9FE561}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{2DAA19BF-E9AD-4008-BAE9-272752D99715}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\RWBY_GE\rwby-ge.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{6813BBC8-1007-4E76-9002-01951D063EB9}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\RWBY_GE\rwby-ge.exe (.not file.) =>.Steam Games
      O87 - FAEL: “UDP Query User{125ED7B6-C6A1-4DC4-8C77-C4A545448E5A}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe” [In-None-P17-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (.not file.) =>.Steam Games
      O87 - FAEL: “TCP Query User{B8CE14FF-2D39-48B0-BCA0-AA6B49EA6040}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe” [In-None-P6-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{4D7C830D-37FA-4756-A3C6-2729E632BA03}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Don’t Starve Mod Tools\mod_tools\Sublime\sublime_text.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{74B37F5A-0416-4E5A-926F-DEB14D77C84A}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Don’t Starve Mod Tools\mod_tools\Sublime\sublime_text.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{D2AC4248-D77D-4505-80C6-30EC1D1474F9}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Don’t Starve Mod Tools\mod_tools\Tiled\tiled.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{F70A4976-C9EE-4F1E-9073-D5C6A43971EF}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Don’t Starve Mod Tools\mod_tools\Tiled\tiled.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{5B38245E-9481-4C11-8C82-4A5D1118C3D1}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Don’t Starve Mod Tools\mod_tools\FMOD_Designer\fmod_designer.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{8B6F2E49-013F-4A51-B427-F29CB7DD87CB}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Don’t Starve Mod Tools\mod_tools\FMOD_Designer\fmod_designer.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{7502BCE6-75AD-4FE9-8869-CD8A8CF04D1E}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Don’t Starve Mod Tools\mod_tools\Spriter\Spriter.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{043FD9B7-21F5-47A1-9252-4E7B0686EE65}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Don’t Starve Mod Tools\mod_tools\Spriter\Spriter.exe (.not file.) =>.Steam Games
      O87 - FAEL: “UDP Query User{7240BB92-47E1-4F89-A7FB-6427E008F037}G:\halo3\eldorado.exe” [In-None-P17-TRUE] .(…) – G:\halo3\eldorado.exe (.not file.)
      O87 - FAEL: “TCP Query User{563C60EB-2CAB-4D6F-980A-7A61B727E417}G:\halo3\eldorado.exe” [In-None-P6-TRUE] .(…) – G:\halo3\eldorado.exe (.not file.)
      O87 - FAEL: “UDP Query User{17801320-B0B3-44F2-94A0-655F54B90437}H:\halo3\eldorado.exe” [In-None-P17-TRUE] .(…) – H:\halo3\eldorado.exe (.not file.)
      O87 - FAEL: “TCP Query User{D0E0A434-E12A-4E42-B4F6-A5ECC5B0A7CD}H:\halo3\eldorado.exe” [In-None-P6-TRUE] .(…) – H:\halo3\eldorado.exe (.not file.)
      O87 - FAEL: “{C827E508-DE89-49F2-A1CD-9B82CA0F132F}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Nuclear Throne\nuclearthrone.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{0BCC5A17-B964-4659-B81C-52D91FDAB653}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Nuclear Throne\nuclearthrone.exe (.not file.) =>.Steam Games
      O87 - FAEL: “UDP Query User{248BB392-87D2-4D42-A968-B2A5854BF0D3}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe” [In-None-P17-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe =>.Steam Games
      O87 - FAEL: “TCP Query User{E94B011E-1EB1-4ECC-B1C0-81AACDF85483}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe” [In-None-P6-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe =>.Steam Games
      O87 - FAEL: “{01043223-DE2B-4906-9096-0371875FDC57}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\editor\Ha mmerEditor.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{1AF21EF5-3815-463D-956B-C6B28FFA3337}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\editor\Ha mmerEditor.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{47BAAE44-DD0C-4B72-8EAA-32E05DF313AB}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{7A047AFC-43B4-4E3A-B3F7-7F4BF2B3A602}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{5487B42A-A6E5-49EC-B55C-795D307634B1}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{B03655E8-5F75-47A5-866C-EFC455CA4D05}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe (.not file.) =>.Steam Games
      O87 - FAEL: “UDP Query User{21A52D14-DA46-456D-A34E-08501DD16E4D}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe” [In-None-P17-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe (.not file.) =>.Steam Games
      O87 - FAEL: “TCP Query User{2A7D2D70-85B7-4023-87A8-7A9EC470C589}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe” [In-None-P6-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe (.not file.) =>.Steam Games
      O87 - FAEL: “UDP Query User{64BCA24C-130B-48E9-9E59-3A4BABDFF951}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win 32\paladins.exe” [In-None-P17-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\paladins\binaries\win 32\paladins.exe (.not file.) =>.Steam Games
      O87 - FAEL: “TCP Query User{3362A9CD-AB48-4A58-ACD3-E8E8110441B4}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win 32\paladins.exe” [In-None-P6-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\paladins\binaries\win 32\paladins.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{9E349A53-BDF0-45CB-BCB8-7CC059358BA5}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\BioShock 2 Remastered\Build\Final\Bioshock2.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{FC4103FD-4FEE-4875-BD46-2EF2DDBEF3C8}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\BioShock 2 Remastered\Build\Final\Bioshock2.exe (.not file.) =>.Steam Games
      O87 - FAEL: “TCP Query User{0A8BBEE0-446C-4566-BD14-C98C53A79642}E:\waffles\haloce.exe” [In-None-P6-TRUE] .(…) – E:\waffles\haloce.exe (.not file.)
      O87 - FAEL: “UDP Query User{472A524D-5387-4324-A8C0-63721EA5D9BF}E:\waffles\haloce.exe” [In-None-P17-TRUE] .(…) – E:\waffles\haloce.exe (.not file.)
      O87 - FAEL: “{FCA8080A-8F44-40F3-897F-42C7CBEA6DA3}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Skype\Phone\Skype.exe (.not file.)
      O87 - FAEL: “{03533C46-52A1-4935-ABFB-3695E8074389}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (.not file.)
      O87 - FAEL: “{E568CA0E-CDCE-4F77-8DC6-95263DCE1AFB}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (.not file.)
      O87 - FAEL: “{3BFD3923-3543-473B-8AFD-58B2F22DE898}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Raptr\raptr.exe (.not file.)
      O87 - FAEL: “{E1643624-28F4-4612-AF86-4BA1BF62996E}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Raptr\raptr.exe (.not file.)
      O87 - FAEL: “{44065AA0-C961-4510-941E-47AE0A8FD1D0}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Raptr\raptr_im.exe (.not file.)
      O87 - FAEL: “{18E70E5E-96DF-466D-BA38-D8A018C6101A}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Raptr\raptr_im.exe (.not file.)
      O87 - FAEL: “{FF660575-DF64-4C5B-83BD-DDA4A1C318F2}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{A168FDA4-4CF7-4817-A5E3-29D09E2E6744}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64 .exe (.not file.) =>.Steam Games
      O87 - FAEL: “{6676E35A-7C83-4A80-97E2-F94018EE0FE9}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{218E1534-18A4-40A6-9CDB-EAA8131AA523}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64 .exe (.not file.) =>.Steam Games
      O87 - FAEL: “{0E3E0A58-CECB-4130-A0AE-585D1B24A89D}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launch er.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{BF98D693-B6A0-4708-A7A5-835720047333}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Remote CrashSender.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{34DD31DF-8061-4EF4-9637-6FE3A6D8864A}” [Out-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{15014686-1623-4826-B053-7C7065009BD5}” [Out-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64 .exe (.not file.) =>.Steam Games
      O87 - FAEL: “{CAD9DF2A-82D3-44B6-94C0-EB482DC63C06}” [Out-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{103B6334-2302-4DE9-8FFA-C124145D7A44}” [Out-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64 .exe (.not file.) =>.Steam Games
      O87 - FAEL: “{49DCFF18-03EC-4651-9E7B-4EFCCE90C4C5}” [Out-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launch er.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{1E93ECCF-C120-4135-B6BE-32D7EBD9D544}” [Out-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Remote CrashSender.exe (.not file.) =>.Steam Games
      O87 - FAEL: “TCP Query User{DC727713-E043-4005-9145-193907744B80}C:\program files\java\jre1.8.0_71\bin\javaw.exe” [In-None-P6-TRUE] .(…) – C:\program files\java\jre1.8.0_71\bin\javaw.exe (.not file.)
      O87 - FAEL: “UDP Query User{D7051177-077A-46E5-896F-C46DC0EF146E}C:\program files\java\jre1.8.0_71\bin\javaw.exe” [In-None-P17-TRUE] .(…) – C:\program files\java\jre1.8.0_71\bin\javaw.exe (.not file.)
      O87 - FAEL: “TCP Query User{01605B16-6148-4C1C-BE58-FF1CCDBE378C}C:\program files\tixati\tixati.exe” [In-None-P6-TRUE] .(…) – C:\program files\tixati\tixati.exe (.not file.)
      O87 - FAEL: “UDP Query User{D9076553-BA7E-4FEF-B18B-F2F5D1094968}C:\program files\tixati\tixati.exe” [In-None-P17-TRUE] .(…) – C:\program files\tixati\tixati.exe (.not file.)
      O87 - FAEL: “TCP Query User{8E2CC847-E17E-407A-9707-06F6CD2F380C}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe” [In-None-P6-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe (.not file.) =>.Steam Games
      O87 - FAEL: “UDP Query User{D3E5BEFD-DF0E-4FAB-BC21-69C9A52B20C4}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe” [In-None-P17-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe (.not file.) =>.Steam Games
      O87 - FAEL: “TCP Query User{6FEAE552-122C-44BB-9BE5-DC490C87ECB4}C:\users\tristen\downloads\runtime\jr e-x64\1.8.0_25\bin\javaw.exe” [In-None-P6-TRUE] .(…) – C:\users\tristen\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe (.not file.)
      O87 - FAEL: “UDP Query User{E8D2090E-5BB5-4E43-94FB-5652A272D5AA}C:\users\tristen\downloads\runtime\jr e-x64\1.8.0_25\bin\javaw.exe” [In-None-P17-TRUE] .(…) – C:\users\tristen\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe (.not file.)
      O87 - FAEL: “{75A428CD-332B-4277-BA99-2305309C81AD}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{62952E84-4B94-4056-8DEC-C83C9A22C0F5}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe (.not file.) =>.Steam Games
      O87 - FAEL: “TCP Query User{40497054-8FBB-4D79-B4F4-B79B922CD797}C:\program files (x86)\steam\steamapps\common\don’t starve together\bin\dontstarve_dedicated_server_nullrende rer.exe” [In-None-P6-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\don’t starve together\bin\dontstarve_dedicated_server_nullrende rer.exe (.not file.) =>.Steam Games
      O87 - FAEL: “UDP Query User{D38EA410-35A8-42E7-9E17-6534BC33FE2D}C:\program files (x86)\steam\steamapps\common\don’t starve together\bin\dontstarve_dedicated_server_nullrende rer.exe” [In-None-P17-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\don’t starve together\bin\dontstarve_dedicated_server_nullrende rer.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{555EBB8B-C475-4188-9173-12309714528A}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{C8714EF7-CFB9-41B6-9974-0BDE764AEA89}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{BDABB459-7192-4988-826B-91E735EA589A}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{CF601CCA-3D22-4324-98BC-249B0E6423EF}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe (.not file.) =>.Steam Games
      O87 - FAEL: “TCP Query User{56663A58-B384-4550-8777-AF85AB0C5416}C:\program files\java\jre1.8.0_73\bin\javaw.exe” [In-None-P6-TRUE] .(…) – C:\program files\java\jre1.8.0_73\bin\javaw.exe (.not file.)
      O87 - FAEL: “UDP Query User{2F20DC1A-9FCA-4453-997B-4DD01ED5498D}C:\program files\java\jre1.8.0_73\bin\javaw.exe” [In-None-P17-TRUE] .(…) – C:\program files\java\jre1.8.0_73\bin\javaw.exe (.not file.)
      O87 - FAEL: “{06A426B7-AF22-4050-BAA5-7F6B26E57164}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\MortalKombat_Komplete Edition\DiscContentPC\MKKE.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{027FA704-C85E-4162-89DB-B979A6B43542}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\MortalKombat_Komplete Edition\DiscContentPC\MKKE.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{3FDEB91E-A883-4454-A11A-CD167E13D508}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\MortalKombat_Komplete Edition\DiscContentPC\MKLauncher.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{848D8227-D45C-4E65-AEF3-A54629B6A876}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\MortalKombat_Komplete Edition\DiscContentPC\MKLauncher.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{3D091DDE-3907-4B34-A054-5F9F5C643E26}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\bin\SDKLauncher.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{E53D1B59-DCF6-414A-87CF-7EB26BD15AAF}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\bin\SDKLauncher.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{4C8D20F2-3421-44F3-84A7-3922A16C29BA}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{2402C166-2BC5-4F2A-9056-6DDF1B39217D}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{6CB208D6-2A4C-435E-BCDB-1B4FE3998F66}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{84C31DFB-6B6B-45EF-A631-53752EE0399F}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{05D6BA26-60C8-45C5-B2E8-A3550D796908}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{69EF3B71-8357-4F78-AF4B-9C754AAAE017}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{A5009187-9387-4012-85B7-A96727E9C941}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\The Deed\Game.exe (.not file.) =>.Steam Games
      O87 - FAEL: “{0F7432B1-65EA-49FC-8940-D2EB183EF4AD}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\The Deed\Game.exe (.not file.) =>.Steam Games

      —\ Additional Scan (O88) (1) - 1s
      [HKLM\SYSTEM\CurrentControlSet\Services\LMIGuardian Svc] =>PUP.Optional.Youndoo

      —\ Summary of the elements found (1) - 0s
      Youndoo, Logiciel Potentiellement Superflu - ZAM =>PUP.Optional.Youndoo

      ~ Unselected Options:
      ~ End of the scan, 47861 items in 04mn54s (1468)(0)

      Comment

      • Tristen_Clark
        PCHF Member
        • Jul 2017
        • 11

        #18
        Quick update, most of the screen jumping has ceased and while it does crash here and there it is rare and is giving solid color screens. Not sure if that is better but it seems like progress

        Comment

        • Malnutrition
          PCHF Moderator
          • Jul 2016
          • 7041

          #19
          Clean up temp files and reduce startup load with CCleaner.


          Note: This tool will clean your browsing history as well.
          [ul]
          [li]Download CCleaner from here.[/li][li]After install Click Options.[/li][li]Go to monitoring.[/li][li]Uncheck All Monitoring items.[/li][li]Go to advanced – Click close program after cleaning.[/li][li]Go to settings – click run ccleaner when the computer starts.[/li][li]Now that you have ccleaner installed and set-up:[/li][li]Open the program.[/li][li]Go to Tools[/li][li]Go to Startup[/li][li]Now double click each item. To Disable.[/li][li]Leave only your antivirus enabled.[/li][li]Then disable All items in your scheduled task as well.[/li][li]Unless they are related to windows defender.Or your antivirus.[/li][li]Reboot the machine.[/li][/ul]

          ZHP Scan.

          Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
          1. Once you have started the program, you will need to click the scanner button.

          [IMG alt="EgsT69u" width="602px" height="129px"]https://windowsinstructed.com/wp-content/uploads/2015/06/EgsT69u.png[/IMG]

          The program will close all open browsers!
          3. Once the scan is completed, the you will want to click the Repair button.
          [URL unfurl="true"]http://windowsinstructed.com/wp-content/uploads/2015/06/6QJjV50.png[/URL]

          At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

          Copy and paste the report here in your next reply.

          Comment

          • Malnutrition
            PCHF Moderator
            • Jul 2016
            • 7041

            #20
            Update all old software with Patch My PC


            ZHP Diag Fix.

            ZHP Fix
            [MEDIA=imgur]4bd9Ugb[/MEDIA]
            [ul]
            [li]Disable your antivirus prior to this fix![/li]
            [li]Download ZHP-Fix from here.[/li][li]UnZip it to your desktop – Tool Here if needed… 7-Zip[/li]
            [li]Install it.[/li][li]Click Suivant 5 Times.[/li][li]Then Installer.[/li][li]Then Terminer.[/li][li]Then right clcick the ZHP Fix icon Run as admin.[/li][li]Copy the entire content of the code box below, the next step will grab it from your clipboard.[/li]
            [li]Then click on import.[/li][li]Then click GO.[/li][li]If you see any Prompts like the one below, select Oui. = Yes in French. [/li]
            [li]https://pchelpforum.net/attachments/...7-40-png.2248/ [/li]
            [li]Allow completion.[/li][li]A log file will appear on your desktop. [/li]
            [li]Post it here in your next reply.[/li][/ul]

            [ICODE]Script ZhpFix SysRestore EmptyFlash ProxyFix EmptyCLSID O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: Skype Updater (SkypeUpdate) . (...) - C:\Program Files (x86)\Skype\Updater\Updater.exe (.not file.) SR - Auto [23/09/2012] [ 65192] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® [MD5.EED3F2404A03199A62FDC3D6A13C14FE] [APT] [Adobe Flash Player PPAPI Notifier] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_ 0_0_137_pepper.exe [1281024] (.Activate.) =>.Adobe Systems Incorporated® [MD5.C58A2B0A6C05AA317DF808FF56B0F24B] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [272384] (.Activate.) =>.Adobe Systems Incorporated® [MD5.60D05F375378CD63AD03C0CD42B872CD] [APT] [AdobeAAMUpdater-1.0-MicrosoftAccount-tristen.clark628@gmail.com] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe [508128] (.Activate.) =>.Adobe Systems Incorporated® [MD5.A1F58FFF448E4099297D6EE0641D4D0E] [APT] [DropboxUpdateTaskMachineCore] (.Dropbox, Inc..) -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144] (.Activate.) =>.Dropbox, Inc® [MD5.00000000000000000000000000000000] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473] (...) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon] (...) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty O39 - APT: DropboxUpdateTaskMachineCore - (.Dropbox, Inc..) -- C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job [938] =>.Dropbox, Inc® O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier [4556] =>.Adobe Systems Incorporated® O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [4386] =>.Adobe Systems Incorporated® O39 - APT: AdobeAAMUpdater-1.0-MicrosoftAccount-tristen.clark628@gmail.com - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-tristen.clark628@gmail.com [2818] =>.Adobe Systems Incorporated® O39 - APT: Unknown - (...) -- C:\WINDOWS\System32\Tasks\AsrSP.exe [3038] O39 - APT: DropboxUpdateTaskMachineCore - (.Dropbox, Inc..) -- C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachine Core [3232] =>.Dropbox, Inc® O39 - APT: Unknown - (...) -- C:\WINDOWS\System32\Tasks\fupdate [2636] O39 - APT: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - (...) -- C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 [3042] (.Orphan.) =>.Superfluous.Orphan O39 - APT: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon - (...) -- C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon [2680] (.Orphan.) =>.Superfluous.Orphan O39 - APT: Unknown - (.Microsoft Corporation.) -- C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 [3294] =>.Microsoft Corporation G0 - GCSP: Preferences [User Data\Default][HomePage] http://ping.getadblock.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] http://drive.google.com/ =>.Google Inc. {Drive} G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] http://www.youtube.com =>.Youtube {Youtube} G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc. O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>.Google Inc. O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} =>.Samsung Electronics CO., LTD.® HKLM\SOFTWARE\Wow6432Node\Intel Security =>.Intel Security HKLM\SOFTWARE\Wow6432Node\Norton =>.Symantec Corporation HKLM\SOFTWARE\Wow6432Node\Symantec =>.Symantec HKCU\SOFTWARE\Chromium =>.Chromium HKCU\SOFTWARE\Intel Security =>.Intel Security HKCU\SOFTWARE\Xpom =>.Mail.Ru O43 - CFD: 26/07/2017 - [0] D -- C:\Program Files\Intel Security =>.Intel Corporation C:\ProgramData\FaceLift O43 - CFD: 17/08/2016 - [] D -- C:\ProgramData\Norton =>.Symantec Corporation O43 - CFD: 20/10/2016 - [] D -- C:\Users\Tristen\AppData\Local\Chromium =>.Chromium C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS O58 - SDL:2016/01/17 01:36:46 A . (.Symantec Corporation - Symantec Event Library.) -- C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS [177752] =>.Symantec Corporation® C:\Users\Tristen\Downloads\dllinjector.exe O61 - LFC: 2017/07/23 20:58:51 A . (..) -- C:\Users\Tristen\Downloads\dllinjector.exe [319488] O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [55296] =>.Microsoft Corporation O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com O87 - FAEL: "{C7BEF760-8754-4D3B-A56F-93803997FAD9}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe (.not file.) O87 - FAEL: "{87A0EE7C-AA2A-4CFA-BE1C-BF3DF5B510A2}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe (.not file.) O87 - FAEL: "{35280115-76CD-415B-925A-14613B3B3809}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe (.not file.) O87 - FAEL: "{FCE1EADC-F2B5-44B3-AD03-E7147D0ECFA1}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe (.not file.) O87 - FAEL: "UDP Query User{C905872A-FD03-4331-872A-6533625C88B9}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "TCP Query User{E3387E82-24F0-4DA2-B9DF-974D765AA78E}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "UDP Query User{B3C7FAE9-6CAB-459C-9171-AC1153BCBE95}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "TCP Query User{CD698A57-8BE0-4379-9BC3-A01E4CF75EE4}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "{757BC6A1-E250-4F8F-91D6-C38BC862F9F7}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Killing Room\KillingRoom.exe (.not file.) =>.Steam Games O87 - FAEL: "{3B6E9615-501E-4872-8A09-8A16FB16F708}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Killing Room\KillingRoom.exe (.not file.) =>.Steam Games O87 - FAEL: "{1A7C5251-80C3-48CE-966F-8F20444680E8}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\SourceSDK\bin\SDKLaun cher.exe (.not file.) =>.Steam Games O87 - FAEL: "{220EBA0D-AAA3-4707-AAD1-BF435407F599}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\SourceSDK\bin\SDKLaun cher.exe (.not file.) =>.Steam Games O87 - FAEL: "{2DAA19BF-E9AD-4008-BAE9-272752D99715}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\RWBY_GE\rwby-ge.exe (.not file.) =>.Steam Games O87 - FAEL: "UDP Query User{7240BB92-47E1-4F89-A7FB-6427E008F037}G:\halo3\eldorado.exe" [In-None-P17-TRUE] .(...) -- G:\halo3\eldorado.exe (.not file.) O87 - FAEL: "TCP Query User{563C60EB-2CAB-4D6F-980A-7A61B727E417}G:\halo3\eldorado.exe" [In-None-P6-TRUE] .(...) -- G:\halo3\eldorado.exe (.not file.) O87 - FAEL: "UDP Query User{17801320-B0B3-44F2-94A0-655F54B90437}H:\halo3\eldorado.exe" [In-None-P17-TRUE] .(...) -- H:\halo3\eldorado.exe (.not file.) O87 - FAEL: "TCP Query User{D0E0A434-E12A-4E42-B4F6-A5ECC5B0A7CD}H:\halo3\eldorado.exe" [In-None-P6-TRUE] .(...) -- H:\halo3\eldorado.exe (.not file.) O87 - FAEL: "{C827E508-DE89-49F2-A1CD-9B82CA0F132F}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Nuclear Throne\nuclearthrone.exe (.not file.) =>.Steam Games O87 - FAEL: "{0BCC5A17-B964-4659-B81C-52D91FDAB653}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Nuclear Throne\nuclearthrone.exe (.not file.) =>.Steam Games O87 - FAEL: "{3BFD3923-3543-473B-8AFD-58B2F22DE898}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Raptr\raptr.exe (.not file.) O87 - FAEL: "{E1643624-28F4-4612-AF86-4BA1BF62996E}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Raptr\raptr.exe (.not file.) O87 - FAEL: "{44065AA0-C961-4510-941E-47AE0A8FD1D0}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Raptr\raptr_im.exe (.not file.) O87 - FAEL: "{18E70E5E-96DF-466D-BA38-D8A018C6101A}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Raptr\raptr_im.exe (.not file.) O87 - FAEL: "TCP Query User{DC727713-E043-4005-9145-193907744B80}C:\program files\java\jre1.8.0_71\bin\javaw.exe" [In-None-P6-TRUE] .(...) -- C:\program files\java\jre1.8.0_71\bin\javaw.exe (.not file.) O87 - FAEL: "UDP Query User{D7051177-077A-46E5-896F-C46DC0EF146E}C:\program files\java\jre1.8.0_71\bin\javaw.exe" [In-None-P17-TRUE] .(...) -- C:\program files\java\jre1.8.0_71\bin\javaw.exe (.not file.) O87 - FAEL: "TCP Query User{01605B16-6148-4C1C-BE58-FF1CCDBE378C}C:\program files\tixati\tixati.exe" [In-None-P6-TRUE] .(...) -- C:\program files\tixati\tixati.exe (.not file.) O87 - FAEL: "UDP Query User{D9076553-BA7E-4FEF-B18B-F2F5D1094968}C:\program files\tixati\tixati.exe" [In-None-P17-TRUE] .(...) -- C:\program files\tixati\tixati.exe (.not file.) EmptyTemp[/ICODE]

            Comment

            • Tristen_Clark
              PCHF Member
              • Jul 2017
              • 11

              #21
              Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015
              Fichier d’export Registre :
              Run by Tristen at 7/28/2017 11:58:45 PM
              High Elevated Privileges : OK
              Windows 8 Home Premium Edition, 64-bit Service Pack 1 (15063)

              Recycle Bin emptied (49mn PMs)

              ========== Software ==========
              REMOVES: Google Toolbar for Internet Explorer
              REMOVES: Samsung Kies
              ABSENT Uninstall Process: c:\program files (x86)\installshield installation information{758c8301-2696-4855-af45-534b1200980a}\setup.exe

              ========== Process memory ==========
              REMOVES: Memory Process: C:\Users\Tristen\Downloads\dllinjector.exe

              ========== Registry keys ==========
              REMOVES: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{18455581-E099-4BA8-BC6B-F34B2F06600C}]
              REMOVES: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{758C8301-2696-4855-AF45-534B1200980A}]
              REMOVES Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}]
              REMOVES: Service: AdobeARMservice
              REMOVES: Service: SkypeUpdate
              REMOVES: HKLM\SOFTWARE\Wow6432Node\Intel Security
              REMOVES: HKLM\SOFTWARE\Wow6432Node\Norton
              REMOVES: HKLM\SOFTWARE\Wow6432Node\Symantec
              REMOVES: HKCU\SOFTWARE\Chromium
              REMOVES: HKCU\SOFTWARE\Intel Security
              REMOVES: HKCU\SOFTWARE\Xpom
              REMOVES: Services Svchost: dmwappushservice
              REMOVES: SearchScopes :{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

              ========== Registry values ==========
              ProxyFix : Proxy configuration successfully removed
              REMOVES ProxyServer Value
              REMOVES ProxyEnable Value
              REMOVES EnableHttp1_1 Value
              REMOVES ProxyHttp1.1 Value
              REMOVES ProxyOverride Value
              REMOVES: {C7BEF760-8754-4D3B-A56F-93803997FAD9}
              REMOVES: {87A0EE7C-AA2A-4CFA-BE1C-BF3DF5B510A2}
              REMOVES: {35280115-76CD-415B-925A-14613B3B3809}
              REMOVES: {FCE1EADC-F2B5-44B3-AD03-E7147D0ECFA1}
              REMOVES: UDP Query User{C905872A-FD03-4331-872A-6533625C88B9}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
              REMOVES: TCP Query User{E3387E82-24F0-4DA2-B9DF-974D765AA78E}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
              REMOVES: UDP Query User{B3C7FAE9-6CAB-459C-9171-AC1153BCBE95}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
              REMOVES: TCP Query User{CD698A57-8BE0-4379-9BC3-A01E4CF75EE4}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
              REMOVES: {757BC6A1-E250-4F8F-91D6-C38BC862F9F7}
              REMOVES: {3B6E9615-501E-4872-8A09-8A16FB16F708}
              REMOVES: {1A7C5251-80C3-48CE-966F-8F20444680E8}
              REMOVES: {220EBA0D-AAA3-4707-AAD1-BF435407F599}
              REMOVES: {2DAA19BF-E9AD-4008-BAE9-272752D99715}
              REMOVES: UDP Query User{7240BB92-47E1-4F89-A7FB-6427E008F037}G:\halo3\eldorado.exe
              REMOVES: TCP Query User{563C60EB-2CAB-4D6F-980A-7A61B727E417}G:\halo3\eldorado.exe
              REMOVES: UDP Query User{17801320-B0B3-44F2-94A0-655F54B90437}H:\halo3\eldorado.exe
              REMOVES: TCP Query User{D0E0A434-E12A-4E42-B4F6-A5ECC5B0A7CD}H:\halo3\eldorado.exe
              REMOVES: {C827E508-DE89-49F2-A1CD-9B82CA0F132F}
              REMOVES: {0BCC5A17-B964-4659-B81C-52D91FDAB653}
              REMOVES: {3BFD3923-3543-473B-8AFD-58B2F22DE898}
              REMOVES: {E1643624-28F4-4612-AF86-4BA1BF62996E}
              REMOVES: {44065AA0-C961-4510-941E-47AE0A8FD1D0}
              REMOVES: {18E70E5E-96DF-466D-BA38-D8A018C6101A}
              REMOVES: TCP Query User{DC727713-E043-4005-9145-193907744B80}C:\program files\java\jre1.8.0_71\bin\javaw.exe
              REMOVES: UDP Query User{D7051177-077A-46E5-896F-C46DC0EF146E}C:\program files\java\jre1.8.0_71\bin\javaw.exe
              REMOVES: TCP Query User{01605B16-6148-4C1C-BE58-FF1CCDBE378C}C:\program files\tixati\tixati.exe
              REMOVES: UDP Query User{D9076553-BA7E-4FEF-B18B-F2F5D1094968}C:\program files\tixati\tixati.exe

              ========== Preferences browser ==========
              NOW Chrome File: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Preferences
              ABSENT Chrome Site: http://ping.getadblock.com
              NOW Chrome File: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Preferences
              ABSENT Chrome Site: http://ssl.gstatic.com
              REMOVES Folder Chrome: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf
              REMOVES Folder Chrome: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo
              REMOVES Folder Chrome: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm

              ========== Folders ==========
              No folders empty CLSID Local user
              REMOVES: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf
              REMOVES: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo
              REMOVES: C:\Users\Tristen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm
              REMOVES: C:\Program Files\Intel Security
              REMOVES: c:\programdata\facelift
              REMOVES: C:\ProgramData\Norton
              REMOVES: C:\Users\Tristen\AppData\Local\Chromium
              Deletes temporary Windows (134)

              ========== Files ==========
              REMOVES Flash Cookies (0) (0 octets)
              REMOVES: c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
              REMOVES Reboot: c:\windows\system32\tasks\asrsp.exe
              REMOVES Reboot: c:\windows\system32\tasks\fupdate
              REMOVES: C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS
              Deletes temporary Windows (11593) (1,893,612,821 octets)

              ========== Scheduled task ==========
              REMOVES: Adobe Flash Player PPAPI Notifier
              REMOVES: Adobe Flash Player Updater
              REMOVES: AdobeAAMUpdater-1.0-MicrosoftAccount...k628@gmail.com
              REMOVES: DropboxUpdateTaskMachineCore
              REMOVES: DropboxUpdateTaskMachineCore
              REMOVES: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
              REMOVES: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
              REMOVES: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon

              ========== System restore ==========
              The system successfully created restore point

              ========== Summary ==========
              1 : Process memory
              13 : Registry keys
              33 : Registry values
              9 : Folders
              6 : Files
              3 : Software
              7 : Preferences browser
              8 : Scheduled task
              1 : System restore

              End of clean in 32mn PMs

              ========== Path to file report ==========
              C:\Users\Tristen\AppData\Roaming\ZHP\ZHPFix[R1].txt - 7/29/2017 2:32:55 AM [6257]

              Comment

              • Malnutrition
                PCHF Moderator
                • Jul 2016
                • 7041

                #22
                ZHP Scan.

                Please download Zhp Cleaner to your desktop.

                [ul]
                [li]Right Click the icon and select run as administrator.[/li][li]Once you have started the program, you will need to click the scanner button.[/li][li]The program will close all open browsers![/li][li]Once the scan is completed, the you will want to click the Repair button.[/li][li]At the end of the process you may be asked to reboot your machine.[/li][li]After you reboot a report will open on your desktop.[/li][li]Copy and paste the report here in your next reply.[/li][/ul]

                JRT Scan.

                Please download Junkware Removal Tool and save it on your desktop.

                [ul]
                [li]Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.[/li][li]Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.[/li][li]The tool will open and start scanning your system.[/li][li]Please be patient as this can take a while to complete depending on your system’s specifications.[/li][li]On completion, a log is saved to your desktop and will automatically open.[/li][li]Please post the JRT log.[/li][/ul]

                Adware Cleaner Scan.

                Please download AdwCleaner by Xplode onto your desktop.

                [ul]
                [li]Close all open programs and internet browsers.[/li][li]Double click on adwcleaner.exe to run the tool.[/li][li]Click on Scan button.[/li][li]When the scan has finished click on Clean button.[/li][li]Your computer will be rebooted automatically. A text file will open after the restart.[/li][li]Please post the contents of that logfile with your next reply.[/li][li]You can find the logfile at C:\AdwCleaner[S1].txt as well.[/li][/ul]

                Comment

                • Malnutrition
                  PCHF Moderator
                  • Jul 2016
                  • 7041

                  #23
                  Hello @Tristen Clark

                  How are you moving along with the instructions? Have you got an update for us?

                  Please update this thread within 48 hours, or it will be closed. You can however have it re-opened at any time, by sending a private message to a staff member.

                  Comment

                  • system
                    PCHF Owner
                    • Jan 2015
                    • 7634

                    #24
                    This thread has been closed, if you are the original poster and require more help with this issue please contact a staff member who will rte open it.

                    Comment

                    Working...