BSOD

Sysnative Tool.

1. Download the Sysnative BSOD Dump + System File Collection App - save to Documents folder -
2. Run the app - Double-click on the downloaded EXE file
Output = new folder created in Documents + a zipped version – SysnativeFileCollectionApp + SysnativeFileCollectionApp.zip

ZHP Diag Scan

Download ZHP Diag to your desktop.

1. Right Click Run as Admin.
2. Click the Options button.

Click on Check All
Then Click Validate
Then click close.

Forums - PC Help Forum

https://pchelpforum.net/attachments/upload_2017-4-26_17-16-39-png.2074

PCHF Forums

2. Click the Scanner button.

Forums - PC Help Forum

https://pchelpforum.net/attachments/upload_2017-2-23_3-32-26-png.1647

PCHF Forums

When complete please push the report button.
A notepad will open… copy and paste the report in your next reply.

HijackThis.

1- Please Click HERE to download HijackThis. – Unzip to your desktop.
2- Right click run as admin.
3- Click on the Main Menu button if not already there.
4- Select Do a system scan and save a logfile.
5- Copy paste the log here.

Thanks. Won’t be in a position to do that until mid week. Seems you suspect an infection ? I’ll try the above, but would be sceptical of an infection.

Ok i’ll mark this thread as pending.

No, I can just see a whole lot of what is going on with your machine, the information that these tools provide will allow me to see if there are any conflicting drivers etc… Also, the Sysnative Tool. will grab all of your dump files not just one, will be easier to help.

Right; run the three things.
First issue is that the SysnativeFileCollectionApp.zip file is too large to upload, at 4,126 kb.

ZHPDIAG 2017 is a strange item. Was asked to agree to a blank window ! But pressed on regardless.
Dash it, I ran all three executables first, now can not find this ZHPDIAG report to include ! I’d suspect missing off the report button press but it doesn’t seem to react now. I do find a ZHPBrowser window open with loads of French in it, Ah one moment, I find a new file on the desktop and will assume that is it.

And finally the Hijack info.

~ ZHPDiag v2017.6.17.100 By Nicolas Coolman (2017/06/17)
~ Run by Gary (Administrator) (2017/06/20 10:31:27)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: ZHP
~ Certificate ZHPDiag: Legal
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\Gary\Desktop\ZHPDiag.txt
~ Report: C:\Users\Gary\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 14393) =>.Microsoft Corporation

—\ Internet Browsers (4) - 0s
~ GCIE: Google Chrome v59.0.3071.104
~ MFIE: Mozilla Firefox 54.0 (x86 en-US)
~ MSIE: Microsoft Edge v40
~ MSIE: Internet Explorer v11.1358.14393.0

—\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK

—\ System protection software (3) - 4s
Kaspersky Total Security v17.0.0.611 (Protection)
Malwarebytes Anti-Malware version 2.2.1.1043 (Protection)
Windows Defender (Deactivate)

—\ Surveillance software (1) - 5s
~ Adobe Flash Player 26 NPAPI (Surveillance)

—\ Sharing software PeerToPeer (1) - 5s
~ µTorrent v3.4.9.42606 (P2P)

—\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 26 Stepping 5, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 25156.72 MB (70% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 425 GB (44%) free of 953 GB : OK =>.Disk Space

—\ Connection to the system mode (3) - 0s
~ Computer Name: HOME_PC
~ User Name: Gary
~ Logged in as Administrator

—\ Enumeration of the disk units (14) - 0s
~ Drive C: has 425 GB free of 953 GB (System)
~ Drive D: has GB free of 0 GB
~ Drive E: has 79 GB free of 249 GB
~ Drive F: has 27 GB free of 249 GB
~ Drive H: has 245 GB free of 249 GB
~ Drive I: has 2 GB free of 249 GB
~ Drive J: has 46 GB free of 180 GB
~ Drive K: has 13 GB free of 14 GB
~ Drive L: has 0 GB free of 0 GB
~ Drive N: has 249 GB free of 249 GB
~ Drive O: has 0 GB free of 0 GB
~ Drive X: has GB free of 3 GB
~ Drive Y: has GB free of 2 GB
~ Drive Z: has GB free of 6 GB

—\ State of the Windows Security Center (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

—\ Search Generic System Files (24) - 1s
[MD5.679D17F8CDB938C7100D7A647953677E] - 28/04/2017 - (.Microsoft Corporation - Windows Explorer.) – C:\WINDOWS\Explorer.exe [4674360] =>.Microsoft Windows®
[MD5.C7645D43451C6D94D87F4D07BDE59C89] - 16/07/2016 - (.Microsoft Corporation - Windows host process (Rundll32).) – C:\WINDOWS\System32\rundll32.exe [69632] =>.Microsoft Corporation
[MD5.99A19C9A74E2F9820E501DCE77F84F70] - 16/07/2016 - (.Microsoft Corporation - Windows Start-Up Application.) – C:\WINDOWS\System32\Wininit.exe [304240] =>.Microsoft Windows Publisher®
[MD5.B9727FA7889DD6FCE4F7C27F8879A7F4] - 28/04/2017 - (.Microsoft Corporation - Internet Extensions for Win32.) – C:\WINDOWS\System32\wininet.dll [2895872] =>.Microsoft Corporation
[MD5.B2151FE002A8D3F41E2DF935F260E3A8] - 28/04/2017 - (.Microsoft Corporation - Windows Logon Application.) – C:\WINDOWS\System32\Winlogon.exe [673792] =>.Microsoft Corporation
[MD5.9600B7F2F89DE60A80D13DE42F672834] - 16/07/2016 - (.Microsoft Corporation - Software Licensing Library.) – C:\WINDOWS\System32\sppcomapi.dll [402432] =>.Microsoft Corporation
[MD5.2813C62F5BE7FAF0A1C5CC37E5C2F25D] - 04/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) – C:\WINDOWS\System32\dnsapi.dll [646688] =>.Microsoft Windows®
[MD5.AA86DC342B4ED1C1F839C3BC8AEA64B1] - 04/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) – C:\WINDOWS\Syswow64\dnsapi.dll [497416] =>.Microsoft Windows®
[MD5.323AA1953ED9C01E23F740FA891FE064] - 15/10/2016 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\WINDOWS\System32\drivers\AFD.sys [584032] =>.Microsoft Windows®
[MD5.A10F989A812B57B9695F6C305907C9C6] - 16/07/2016 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows®
[MD5.F8FB51B9EF6372610E9B31A1D86B62FC] - 16/07/2016 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\WINDOWS\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
[MD5.613D0137C269187FA298A157E3D14A18] - 16/07/2016 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\WINDOWS\System32\drivers\Cdrom.sys [173056] =>.Microsoft Corporation
[MD5.4BC21E937E9F9F408672D2C2CBE4A153] - 04/03/2017 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\WINDOWS\System32\drivers\DfsC.sys [145408] =>.Microsoft Corporation
[MD5.10E3515FE5DBA6656FA62C29342EC4A1] - 16/07/2016 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\WINDOWS\System32\drivers\HDAudBus.sys [83456] =>.Microsoft Corporation
[MD5.B54B30992620C97230013A74461C8517] - 16/07/2016 - (.Microsoft Corporation - i8042 Port Driver.) – C:\WINDOWS\System32\drivers\i8042prt.sys [114176] =>.Microsoft Corporation
[MD5.F1DAECC3B3D6399875D4F10529D6A77C] - 16/07/2016 - (.Microsoft Corporation - IP Network Address Translator.) – C:\WINDOWS\System32\drivers\IpNat.sys [212480] =>.Microsoft Corporation
[MD5.D559FF28B1AD9B1E15A4186E785E61F6] - 04/03/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\WINDOWS\System32\drivers\MRxSmb.sys [450400] =>.Microsoft Windows®
[MD5.6FEBB0A847FFD5F057B9AC8889F1B9A7] - 16/07/2016 - (.Microsoft Corporation - MBT Transport driver.) – C:\WINDOWS\System32\drivers\netBT.sys [279040] =>.Microsoft Corporation
[MD5.8DB6A6B731CEC9046CD8CA0267EC5679] - 28/04/2017 - (.Microsoft Corporation - NT File System Driver.) – C:\WINDOWS\System32\drivers\ntfs.sys [2255712] =>.Microsoft Windows®
[MD5.6B81BF7853D161DB8AC62CD8B9C2DE6B] - 16/07/2016 - (.Microsoft Corporation - Parallel Port Driver.) – C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation
[MD5.17E565710172ED71B8531D8822E1C5D1] - 16/07/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation
[MD5.7135785C21CA79D270D11037C43D3F19] - 16/07/2016 - (.Microsoft Corporation - Microsoft RDP Device redirector.) – C:\WINDOWS\System32\drivers\rdpdr.sys [177152] =>.Microsoft Corporation
[MD5.A7C267671EDDF066E8CFBF897BC4B626] - 03/06/2017 - (.Microsoft Corporation - TDI Translation Driver.) – C:\WINDOWS\System32\drivers\tdx.sys [118112] =>.Microsoft Windows®
[MD5.BF2546583BB75F01DDA60A7921DFB230] - 16/07/2016 - (.Microsoft Corporation - Volume Shadow Copy driver.) – C:\WINDOWS\System32\drivers\volsnap.sys [391520] =>.Microsoft Windows®

—\ Non Microsoft non disabled Windows Services (18) - 4s
O23 - Service: SAS Core Service (!SASCORE) . (.SUPERAntiSpyware.com - Core Service.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE =>.SUPERAntiSpyware.com®
O23 - Service: Kaspersky Anti-Virus Service 17.0.0 (AVP17.0.0) . (.AO Kaspersky Lab - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe =>.Kaspersky Lab®
O23 - Service: BitMeter Capture Service (BitMeterCaptureService) . (…) - C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.ex e
O23 - Service: BitMeter Web Service (BitMeterWebService) . (…) - C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe
O23 - Service: CSR OBEX Service (CsrBtOBEXService) . (.Cambridge Silicon Radio Limited - Bluetooth OBEX Service.) - C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe {759231295D01C6089DE93FE4C3559535} =>.Cambridge Silicon Radio Limited
O23 - Service: CSR Bluetooth Service (CsrBtService) . (.Cambridge Silicon Radio Limited - Csr Bluetooth Service.) - C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe {759231295D01C6089DE93FE4C3559535} =>.Cambridge Silicon Radio Limited
O23 - Service: EaseUS Agent Service (EaseUS Agent) . (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Agent Application.) - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O23 - Service: Foxit Reader Service (FoxitReaderService) . (.Foxit Software Inc. - Foxit Reader ConnectedPDF Windows Service..) - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe =>.Foxit Software Incorporated®
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Kaspersky Secure Connection Service 1.0.0 (KSDE1.0.0) . (.AO Kaspersky Lab - Kaspersky Secure Connection.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe =>.Kaspersky Lab®
O23 - Service: Logitech Solar Keyboard Service (L4301_Solar) . (.Logitech, Inc. - Logitech Solar Service (UNICODE).) - C:\Program Files\Logitech\SolarApp\L4301_Solar.exe =>.Logitech®
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe =>.NVIDIA Corporation®
O23 - Service: Origin Web Helper Service (Origin Web Helper Service) . (.Electronic Arts - OriginWebHelperService.) - C:\Program Files (x86)\Inquisition\OriginWebHelperService.exe =>.Electronic Arts, Inc.®
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe =>.DEVGURU CO LTD®
O23 - Service: TeamViewer 12 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 12.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe =>.TeamViewer GmbH®
O23 - Service: Unchecky (Unchecky) . (.RaMMicHaeL - Unchecky Service.) - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe =>.Reason Software Company Inc.®
O23 - Service: WSWNA3100M (WSWNA3100M) . (.Copyright (C) 2008-2009 - Wifi Service.) - C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe =>.NETGEAR®

—\ Services not Microsoft (SR=Run, SS=Stop) (25) - 40s
SR - Auto [14/02/2017] [ 173472] SAS Core Service (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE =>.SUPERAntiSpyware.com®
SS - Demand [18/06/2017] [ 272384] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe =>.Adobe Systems Incorporated®
SR - Auto [28/06/2016] [ 241544] Kaspersky Anti-Virus Service 17.0.0 (AVP17.0.0) . (.AO Kaspersky Lab.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe =>.Kaspersky Lab®
SR - Auto [03/08/2014] [ 180970] BitMeter Capture Service (BitMeterCaptureService) . (…) - C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.ex e
SR - Auto [03/08/2014] [ 245962] BitMeter Web Service (BitMeterWebService) . (…) - C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe
SR - Auto [26/05/2011] [ 581248] CSR OBEX Service (CsrBtOBEXService) . (.Cambridge Silicon Radio Limited.) - C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe {759231295D01C6089DE93FE4C3559535} =>.Cambridge Silicon Radio Limited
SR - Auto [26/05/2011] [ 548472] CSR Bluetooth Service (CsrBtService) . (.Cambridge Silicon Radio Limited.) - C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe {759231295D01C6089DE93FE4C3559535} =>.Cambridge Silicon Radio Limited
SS - Demand [15/12/2009] [ 25832] Dragon Age: Origins - Content Updater (DAUpdaterSvc) . (.BioWare.) - C:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe =>.BioWare®
SR - Auto [03/06/2016] [ 39616] EaseUS Agent Service (EaseUS Agent) . (.CHENGDU YIWO Tech Development Co., Ltd.) - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
SR - Auto [13/04/2017] [ 1659592] Foxit Reader Service (FoxitReaderService) . (.Foxit Software Inc..) - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe =>.Foxit Software Incorporated®
SS - Auto [28/08/2015] [ 144200] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [28/08/2015] [ 144200] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [19/12/2013] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe =>.Google Inc®
SS - Demand [28/06/2016] [ 77328] klvssbrigde64 (klvssbrigde64) . (.AO Kaspersky Lab.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe =>.Kaspersky Lab®
SR - Auto [28/06/2016] [ 241544] Kaspersky Secure Connection Service 1.0.0 (KSDE1.0.0) . (.AO Kaspersky Lab.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe =>.Kaspersky Lab®
SR - Auto [30/01/2013] [ 405744] Logitech Solar Keyboard Service (L4301_Solar) . (.Logitech, Inc..) - C:\Program Files\Logitech\SolarApp\L4301_Solar.exe =>.Logitech®
SS - Demand [14/06/2017] [ 175560] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SR - Auto [16/02/2017] [ 462784] NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe =>.NVIDIA Corporation®
SS - Demand [15/06/2017] [ 2157456] Origin Client Service (Origin Client Service) . (.Electronic Arts.) - C:\Program Files (x86)\Inquisition\OriginClientService.exe =>.Electronic Arts, Inc.®
SS - Auto [15/06/2017] [ 3127192] Origin Web Helper Service (Origin Web Helper Service) . (.Electronic Arts.) - C:\Program Files (x86)\Inquisition\OriginWebHelperService.exe =>.Electronic Arts, Inc.®
SS - Auto [11/12/2014] [ 315496] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SR - Auto [11/12/2014] [ 315496] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe =>.DEVGURU CO LTD®
SR - Auto [11/12/2014] [ 315496] TeamViewer 12 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe =>.TeamViewer GmbH®
SR - Auto [11/12/2014] [ 315496] Unchecky (Unchecky) . (.RaMMicHaeL.) - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe =>.Reason Software Company Inc.®
SR - Auto [11/12/2014] [ 315496] WSWNA3100M (WSWNA3100M) . (.Copyright (C) 2008-2009.) - C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe =>.NETGEAR®

—\ Task Planned Automatically (28) - 7s
[MD5.7DE8B8AC559E16AEB388E7D098E7C288] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) – C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [272384] (.Activate.) =>.Adobe Systems Incorporated®
[MD5.8025F05E5A51FD499584AFD7A688423C] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) – C:\Program Files\CCleaner\CCleaner.exe [6602152] (.Activate.) =>.Piriform Ltd®
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc®
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc®
[MD5.D1A5F3292D9E356CCEC2D8FD6DA8DC3E] [APT] [Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}] (.AO Kaspersky Lab.) – C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [516416] (.Activate.) =>.Kaspersky Lab®
[MD5.00000000000000000000000000000000] [APT] [Microsoft_Hardware_Launch_ipoint_exe] (…) – c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Microsoft_Hardware_Launch_itype_exe] (…) – c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Microsoft_Hardware_Launch_mousekeyboardcenter_exe] (…) – c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Microsoft_MKC_Logon_Task_ipoint.exe] (…) – c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Microsoft_MKC_Logon_Task_itype.exe] (…) – c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [OneDrive Standalone Update Task] (…) – C:\Users\Gary\AppData\Local\Microsoft\OneDrive\17. 3.6517.0809\OneDriveStandaloneUpdater.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.3FFEDFE473AB7887D82A9D35D0DE3956] [APT] [{44F8EF0D-6116-4556-A439-59B34298EAE1}] (.XL Consulting GmbH.) – E:\copy of duff disk after it became recognisable\Program Files\Synkronizer XL 8.0\syxl80_install.exe [24576] (.Activate.)
[MD5.CA306A49F5E33DC242DA618AA150FBAF] [APT] [{93F15C11-7E15-4726-AE8C-21F927221F09}] (…) – C:\Users\Gary\Downloads\planmaker.exe [1223351] (.Activate.)
[MD5.00000000000000000000000000000000] [APT] [{A28D6E9F-11D1-4B79-A0D8-7CCB20F69972}] (…) – C:\Program Files\Microsoft Mouse and Keyboard Center\setup.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.12E8719D8D6E6F31C1B8DB8F4C1D0EA1] [APT] [{F3DE1933-B73E-4AD8-83BB-B8886240C951}] (.InstallShield Software Corporation.) – E:\copy of duff disk after it became recognisable\Download\xdate.exe [177784] (.Activate.) {7253} =>.InstallShield Software Corporation
O39 - APT: Unknown - (.Legitimate.) – C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask .job [214]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) – C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [4374] =>.Adobe Systems Incorporated®
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) – C:\WINDOWS\System32\Tasks\CCleanerSkipUAC [2214] =>.Piriform Ltd®
O39 - APT: Unknown - (.Legitimate.) – C:\WINDOWS\System32\Tasks\CreateExplorerShellUnele vatedTask [3638]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) – C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineC ore [3292] =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) – C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineU A [3416] =>.Google Inc®
O39 - APT: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - (.AO Kaspersky Lab.) – C:\WINDOWS\System32\Tasks\Kaspersky_Upgrade_Launch er_{278ADC42-419D-4547-A6CA-5B74BE0AD901} [3240] =>.Kaspersky Lab®
O39 - APT: OneDrive Standalone Update Task - (…) – C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task [2816] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: OneDrive Standalone Update Task - (…) – C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 [2766] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: {44F8EF0D-6116-4556-A439-59B34298EAE1} - (.XL Consulting GmbH.) – C:\WINDOWS\System32\Tasks{44F8EF0D-6116-4556-A439-59B34298EAE1} [2520]
O39 - APT: {93F15C11-7E15-4726-AE8C-21F927221F09} - (…) – C:\WINDOWS\System32\Tasks{93F15C11-7E15-4726-AE8C-21F927221F09} [2266]
O39 - APT: {A28D6E9F-11D1-4B79-A0D8-7CCB20F69972} - (…) – C:\WINDOWS\System32\Tasks{A28D6E9F-11D1-4B79-A0D8-7CCB20F69972} [2354] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: {F3DE1933-B73E-4AD8-83BB-B8886240C951} - (.InstallShield Software Corporation.) – C:\WINDOWS\System32\Tasks{F3DE1933-B73E-4AD8-83BB-B8886240C951} [2406] {7253} =>.InstallShield Software Corporation

—\ Auto loading programs from Registry and folders (29) - 2s
O4 - HKLM..\Run: [Logitech Download Assistant] . (.Logitech, Inc. - Logitech Download Assistant.) – C:\Windows\System32\LogiLDA.dll =>.Logitech, Inc.
O4 - HKLM..\Run: [vksts] . (.Cambridge Silicon Radio Limited - Csr Bluetooth OSD Settings.) – C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe {759231295D01C6089DE93FE4C3559535} =>.Cambridge Silicon Radio Limited
O4 - HKLM..\Run: [HarmonyUserStartup] . (.Cambridge Silicon Radio Limited - Csr Harmony User Startup Application.) – C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe {759231295D01C6089DE93FE4C3559535} =>.Cambridge Silicon Radio Limited
O4 - HKLM..\Run: [HarmonyHFPSkypePlugin] . (.Cambridge Silicon Radio Limited - HFP Skype Application.) – C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\HarmonyHFPSkypePlugin.exe {759231295D01C6089DE93FE4C3559535} =>.Cambridge Silicon Radio Limited
O4 - HKLM..\Run: [TrayApplication] . (.Cambridge Silicon Radio Limited - Csr Bluetooth TrayApplication.) – C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe {759231295D01C6089DE93FE4C3559535} =>.Cambridge Silicon Radio Limited
O4 - HKLM..\Run: [Speedfan] . (…) – C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.®
O4 - HKCU..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) – C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.Disc Soft Ltd®
O4 - HKCU..\Run: [KiesPreload] . (.Samsung - Kies.) – C:\Program Files (x86)\Samsung\Kies\Kies.exe =>.Samsung Electronics CO., LTD.®
O4 - HKCU..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) – C:\Users\Gary\AppData\Local\Microsoft\OneDrive\One Drive.exe =>.Microsoft Corporation®
O4 - HKCU..\Run: [Visual Subst] . (.NTWind Software - Visual Subst.) – C:\Program Files (x86)\Visual Subst\VSubst.exe {3E5ABF29BA6BBDFBC0CB1793FE97875A} =>.NTWind Software
O4 - HKCU..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) – C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - HKCU..\Run: [Chromium] . (.The Chromium Authors - Chromium.) – c:\Users\Gary\AppData\Local\Chromium\application\c hrome.exe =>.The Chromium Authors
O4 - HKLM..\Wow6432Node\Run: [KeePass 2 PreLoad] . (.Dominik Reichl - KeePass.) – C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe =>.Dominik Reichl
O4 - HKLM..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) – C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - HKLM..\Wow6432Node\Run: [NUSB3MON] . (.NEC Electronics Corporation - USB 3.0 Monitor.) – C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe =>.NEC Electronics Corporation
O4 - HKLM..\Wow6432Node\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (.not file.)
O4 - HKLM..\Wow6432Node\Run: [LWS] . (.Logitech Inc. - Logitech Webcam Software.) – C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe =>.Logitech, Inc.®
O4 - HKLM..\Wow6432Node\Run: [EaseUS EPM tray] . (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Partition Master Free Edition Applic.) – C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.9\bin\EpmNews.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - HKLM..\Wow6432Node\Run: [EaseUS Cleanup] . (.CHENGDU Yiwo Tech Development Co., Ltd. - CleanUpUI Application.) – C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.9\bin\CleanUpUI.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - HKLM..\Wow6432Node\Run: [EaseUS EPM Tray Agent] . (…) – C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.9\bin\TrayPopupE\TrayTipAgentE.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - HKLM..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) – C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.®
O4 - HKUS\S-1-5-19..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-3536061241-6043831-2542719734-1001..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) – C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.Disc Soft Ltd®
O4 - HKUS\S-1-5-21-3536061241-6043831-2542719734-1001..\Run: [KiesPreload] . (.Samsung - Kies.) – C:\Program Files (x86)\Samsung\Kies\Kies.exe =>.Samsung Electronics CO., LTD.®
O4 - HKUS\S-1-5-21-3536061241-6043831-2542719734-1001..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) – C:\Users\Gary\AppData\Local\Microsoft\OneDrive\One Drive.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-3536061241-6043831-2542719734-1001..\Run: [Visual Subst] . (.NTWind Software - Visual Subst.) – C:\Program Files (x86)\Visual Subst\VSubst.exe {3E5ABF29BA6BBDFBC0CB1793FE97875A} =>.NTWind Software
O4 - HKUS\S-1-5-21-3536061241-6043831-2542719734-1001..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) – C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - HKUS\S-1-5-21-3536061241-6043831-2542719734-1001..\Run: [Chromium] . (.The Chromium Authors - Chromium.) – c:\Users\Gary\AppData\Local\Chromium\application\c hrome.exe =>.The Chromium Authors

—\ Process running (43) - 5s
[MD5.C8697EE224FFF6C27A9EDC7D1C5A80DB] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe [462784] [PID.1504] =>.NVIDIA Corporation®
[MD5.8D64AEE6E77B19F382CB4D273DD7BD4D] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) – C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [1286592] [PID.1656] =>.NVIDIA Corporation®
[MD5.28A4BB5CCFA252FC1D9460E5FB22AB08] - (.Logitech, Inc. - Logitech Solar Service (UNICODE).) – C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744] [PID.1944] =>.Logitech®
[MD5.98E06CAC2C508118450095E581202230] - (.SUPERAntiSpyware.com - Core Service.) – C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472] [PID.2720] =>.SUPERAntiSpyware.com®
[MD5.13D8E1A4CF49683D0EF51434FF0C9BA1] - (.Cambridge Silicon Radio Limited - Bluetooth OBEX Service.) – C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [581248] [PID.2728] {759231295D01C6089DE93FE4C3559535} =>.Cambridge Silicon Radio Limited
[MD5.A3DA37CE15A9B91E9F9C41333CA2AC16] - (.Cambridge Silicon Radio Limited - Csr Bluetooth Service.) – C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [548472] [PID.2804] {759231295D01C6089DE93FE4C3559535} =>.Cambridge Silicon Radio Limited
[MD5.4A834CA00AF34D012E08EA4A10EE1327] - (…) – C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.ex e [180970] [PID.2972]
[MD5.97E0A6C61554927D0EF3E081FF510353] - (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Agent Application.) – C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [39616] [PID.2976] =>.CHENGDU YIWO Tech Development Co., Ltd.®
[MD5.03B45C52179E8DAE51A0F685C30D06D6] - (.AO Kaspersky Lab - Kaspersky Anti-Virus.) – C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544] [PID.2988] =>.Kaspersky Lab®
[MD5.60FF7093F0DEA7A551C861F2E032E63A] - (…) – C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [245962] [PID.2996]
[MD5.D9FF7543BBB0D6F173C1D948615E80BD] - (.Foxit Software Inc. - Foxit Reader ConnectedPDF Windows Service..) – C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592] [PID.3028] =>.Foxit Software Incorporated®
[MD5.C8E2119AF16AFD29569F391FB802897A] - (.TeamViewer GmbH - TeamViewer 12.) – C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848] [PID.3052] =>.TeamViewer GmbH®
[MD5.9DA3B55B17B54789AFB8C657D4ACE4D7] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) – C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688] [PID.3040] =>.DEVGURU CO LTD®
[MD5.20A45C0EBFABDCAF6FB3BCF6867EB145] - (.RaMMicHaeL - Unchecky Service.) – C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [304408] [PID.3092] =>.Reason Software Company Inc.®
[MD5.E1C281225E6ECB16BC675D0687077E40] - (.Copyright (C) 2008-2009 - Wifi Service.) – C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe [307928] [PID.3188] =>.NETGEAR®
[MD5.E7F33DF7D8679D6B489CE698AFAF0166] - (…) – C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe [278720] [PID.4860] =>.CHENGDU YIWO Tech Development Co., Ltd.®
[MD5.27D476161ED70E5AB5FD98BE0110D2CB] - (.TeamViewer GmbH - TeamViewer 12.) – C:\Program Files (x86)\TeamViewer\TeamViewer.exe [39787160] [PID.6356] =>.TeamViewer GmbH®
[MD5.D3590D0F65BBD8A61C814360B5E8AF48] - (.RaMMicHaeL - Unchecky Background Process.) – C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe [624920] [PID.6564] =>.Reason Software Company Inc.®
[MD5.397053B8ADBC078AFC7A77155E727F58] - (.TeamViewer GmbH - TeamViewer 12.) – C:\Program Files (x86)\TeamViewer\tv_w32.exe [252656] [PID.6864] =>.TeamViewer GmbH®
[MD5.020D4CD7339674DE00BBA75D24F58175] - (.TeamViewer GmbH - TeamViewer 12.) – C:\Program Files (x86)\TeamViewer\tv_x64.exe [290544] [PID.6876] =>.TeamViewer GmbH®
[MD5.E14F3C1C1833A0BB3B639D1BD5F55BF5] - (.AO Kaspersky Lab - Kaspersky Anti-Virus.) – C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe [223704] [PID.7448] =>.Kaspersky Lab®
[MD5.66909C14F925AFEF2FD0DC8B441E12B9] - (.Cambridge Silicon Radio Limited - Csr Bluetooth OSD Settings.) – C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [168552] [PID.7016] {759231295D01C6089DE93FE4C3559535} =>.Cambridge Silicon Radio Limited
[MD5.27FE188E7EB55ABC24B91C2797EAFA33] - (.Cambridge Silicon Radio Limited - Csr Harmony User Startup Application.) – C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [37504] [PID.6816] {759231295D01C6089DE93FE4C3559535} =>.Cambridge Silicon Radio Limited
[MD5.F7CC10EA622C66CEDDEB3A8B0B9A3B21] - (.Cambridge Silicon Radio Limited - HFP Skype Application.) – C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\HarmonyHFPSkypePlugin.exe [147080] [PID.6892] {759231295D01C6089DE93FE4C3559535} =>.Cambridge Silicon Radio Limited
[MD5.816A0BC221F0F1FE2893ED43ADE5353C] - (.Cambridge Silicon Radio Limited - Csr Bluetooth TrayApplication.) – C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [619136] [PID.6988] {759231295D01C6089DE93FE4C3559535} =>.Cambridge Silicon Radio Limited
[MD5.19EEC1FF5821DAE8D5309B43A9820579] - (.Copyright (C) 2009 - Netgear.) – C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe [8266456] [PID.7368] =>.NETGEAR®
[MD5.80204C93471A6A74FA1E382127F89099] - (.freefilesync.sourceforge.net - Real-time Command Line Launcher.) – C:\Program Files\FreeFileSync\Bin\RealtimeSync_x64.exe [5198016] [PID.6920] {16E668A771535C03FB8E38917D8F02D0}
[MD5.358C81ADA09E0B6906DB82EA75B836D5] - (.NEC Electronics Corporation - USB 3.0 Monitor.) – C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496] [PID.8124] =>.NEC Electronics Corporation
[MD5.8FFDB89A0FB7C8ABC3A8825E38047341] - (.Logitech Inc. - Logitech Webcam Software.) – C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136] [PID.6164] =>.Logitech, Inc.®
[MD5.6B0EF3912BE93F6B17AA5B3831830B17] - (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Partition Master Free Edition Applic.) – C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.9\bin\EpmNews.exe [2090176] [PID.4932] =>.CHENGDU YIWO Tech Development Co., Ltd.®
[MD5.E4C53CE8409DCFF708C790A0AC76398D] - (…) – C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe [264040] [PID.7584] =>.Logitech, Inc.®
[MD5.ED94AFD1E9AE25C8413CB32034160F0B] - (…) – C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.9\bin\TrayPopupE\TrayTipAgentE.exe [255072] [PID.8244] =>.CHENGDU YIWO Tech Development Co., Ltd.®
[MD5.C0000DD4778C6DC0102D95510179B19B] - (.Mozilla Corporation - Firefox.) – C:\Program Files (x86)\Mozilla Firefox\firefox.exe [521160] [PID.8572] =>.Mozilla Corporation®
[MD5.EFF5EA6088DB81C6EF6EDCDA5EE79909] - (.AO Kaspersky Lab - Kaspersky Secure Connection.) – C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544] [PID.7328] =>.Kaspersky Lab®
[MD5.33E6E5822E22A5E1DEA523C06155FD07] - (.Google Inc. - Google Crash Handler.) – C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.ex e [288848] [PID.7760] =>.Google Inc®
[MD5.27BEAF3F308ED2276F3863C2F2597556] - (.Google Inc. - Google Crash Handler.) – C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64. exe [366672] [PID.8368] =>.Google Inc®
[MD5.BDB3D8437752EBCD11DB04082B1FE8A5] - (.AO Kaspersky Lab - Kaspersky Secure Connection.) – C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe [480216] [PID.6884] =>.Kaspersky Lab®
[MD5.B6981395E531DF5E8270D8CD97B348AD] - (…) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x 64__kzf8qxf38zg5c\SkypeHost.exe [74752] [PID.7056] =>.Skype Technologies
[MD5.49F97C7F1ED82E73909A269619A98CD8] - (…) – C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1 705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe [3918848] [PID.8328] =>.Microsoft Corporation
[MD5.EEFE354A36A690A0D1EDA8490A0A9C69] - (…) – C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18 062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.ex e [20480] [PID.8376] =>.Microsoft Corporation
[MD5.FE70A676C0BE2E0AAEE62E569D4E6F1B] - (.Helios Software Solutions - TextPad.) – C:\Program Files\TextPad 7\TextPad.exe [7133312] [PID.10572] {1CA83CBDD723B986} =>.Helios Software Solutions
[MD5.167B0C13576CE31C32D1C53F1190DBB2] - (.Alexander Roshal - WinRAR archiver.) – C:\Program Files\WinRAR\WinRAR.exe [1315928] [PID.13848] =>.win.rar GmbH®
[MD5.2550455C4B37E9B1EE17D1B96B8DF7C5] - (.Nicolas Coolman - ZHPDiag.) – C:\Users\Gary\Desktop\ZHPDiag3.exe [2751872] [PID.13216] =>.Nicolas Coolman

—\ Google Chrome, Start,Search,Extensions (23) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://edge.addthis.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://gc.kis.v2.scr.kaspersky-labs.com =>.Kaspersky Labs
G0 - GCSP: Preferences [User Data\Default][HomePage] http://m.addthisedge.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://s7.addthis.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://stats.g.doubleclick.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.winiso.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://a.config.skype.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://a.lw.skype.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://browser.pipe.aria.microsoft.com =>.Microsoft Corporation
G0 - GCSP: Preferences [User Data\Default][HomePage] http://images-na.ssl-images-amazon.com
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb] Google Chrome manifest =>.Google Inc. =>.Adblock
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [dkpejdfnpdkhifgbancbammdijojoffk] Logitech Smooth Scrolling =>.Logitech Inc.
G2 - GCE: Preference [User Data\Default] [fhoibnponjcgjgcnfacekaijdbbplhib] MSG_ExtensionName =>.Kaspersky Labs
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc. =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype =>.Skype Technologies
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [nopoafngjcbddhhbepebefngiioncigi] Kaspersky Password Manager plugin
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.

—\ Mozilla Firefox,Plugins,Start,Search,Extensions (9) - 5s
M0 - MFSP: prefs.js [Gary - vc6qe3r0.default] http://www.google.co.uk/ =>.Google Inc.
P2 - EXT FILE: (.Flash Control - Controls as and when to display the Fl.) – C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Prof iles\vc6qe3r0.default\extensions\jid1-sNL73VCI4UB0Fw@jetpack.xpi =>.Flash Control
P2 - EXT FILE: (.YouTube Video Player Preview - YouTube Video Player Preview lets you .) – C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Prof iles\vc6qe3r0.default\extensions{53152e75-fd90-472f-9d30-5cba3679eab9}.xpi
P2 - EXT FILE: (.YouTube High Definition - .) – C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Prof iles\vc6qe3r0.default\extensions{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi =>.YouTube High Definition
P2 - EXT FILE: (.Adblock Plus - Ads were yesterday!.) – C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Prof iles\vc6qe3r0.default\extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus
P2 - EXT FILE: (.YouTube Flash Video Player - .) – C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Prof iles\vc6qe3r0.default\extensions{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi =>Adware.Sambreel
P2 - EXT FILE: (…) – C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Prof iles\vc6qe3r0.default\searchplugins\dragon-age-wiki-en.xml
P2 - EXT: (. - British English Dictionary (Updated).) – C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Prof iles\vc6qe3r0.default\extensions\en-gb@flyingtophat.co.uk
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) – C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_ 131.dll =>.Adobe Systems Incorporated

—\ Internet Explorer Extensions, Start, Search (15) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk =>.Google Inc.
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer

—\ Internet Explorer, Proxy Management (5) - 1s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Para meters\Internet\ManualProxies =>.Microsoft

—\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

—\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (60)

—\ Browser Helper Object (BHO) (3) - 0s
O2 - BHO: ScriptInjectionPluginBrowserHelperObject [64Bits] - {2E38825B-8815-42CF-9126-C58BC28D4591} . (.AO Kaspersky Lab - Kaspersky Protection plugins.) – C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll =>.Kaspersky Lab®
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) – C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>.Google Inc®
O2 - BHO: Adblock Plus for IE Browser Helper Object [64Bits] - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Eyeo GmbH - Adblock Plus BHO for Internet Explorer.) – C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll =>.Eyeo GmbH®

—\ Global shortcuts Startup (364) - 44s
O4 - GS\Desktop [Administrator]: 347.88 - Shortcut.lnk . (…) C:\NVIDIA\DisplayDriver\347.88
O4 - GS\Desktop [Administrator]: 347.88-desktop-win8-win7-winvista-64bit-international-whql.exe - Shortcut.lnk . (.NVIDIA Corporation - NVIDIA Package Launcher.) C:\Users\Gary\Downloads\347.88-desktop-win8-win7-winvista-64bit-international-whql.exe =>.NVIDIA Corporation®
O4 - GS\Desktop [Administrator]: Auslogics DiskDefrag.lnk . (.Auslogics - Disk Defrag.) C:\Program Files (x86)\Auslogics\DiskDefrag\DiskDefrag.exe =>.Auslogics Software Pty Ltd®
O4 - GS\Desktop [Administrator]: Auto Clicker.lnk . (.Copyright (C) 2009 - AutoClicker MFC Application.) C:\Program Files (x86)\Auto Clicker\AutoClicker.exe
O4 - GS\Desktop [Administrator]: Axialis IconWorkshop.lnk . (.Axialis Software - Axialis IconWorkshop.) C:\Program Files (x86)\Axialis\IconWorkshop\IconWorkshop.exe {00D1B7BB33745D35DB71866CB2288521B8}
O4 - GS\Desktop [Administrator]: BioWare - Shortcut.lnk . (…) C:\Users\Gary\Documents\BioWare
O4 - GS\Desktop [Administrator]: BlueScreenView.exe - Shortcut.lnk . (.NirSoft - BlueScreenView.) C:\Program Files (x86)\NirSoft\BlueScreenView\BlueScreenView.exe =>.Nir Sofer®
O4 - GS\Desktop [Administrator]: Cheat Engine.lnk . (…) C:\Program Files (x86)\Cheat Engine 6.4\Cheat Engine.exe =>.Cheat Engine®
O4 - GS\Desktop [Administrator]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Gary\AppData\Local\Chromium\Application\c hrome.exe =>.The Chromium Authors
O4 - GS\Desktop [Administrator]: Crash Dump Files.lnk . (…) C:\Windows\Minidump
O4 - GS\Desktop [Administrator]: DigiGuide TV Guide.lnk . (.GipsyMedia Limited - DigiGuide Loader Program.) C:\Program Files (x86)\DigiGuide TV Guide\Client.exe
O4 - GS\Desktop [Administrator]: Disk Images.lnk . (…) C:\Users\Public\Documents\DAEMON Tools Images
O4 - GS\Desktop [Administrator]: Display Driver Uninstaller.exe - Shortcut.lnk . (.Copyright © 2014 - Display Driver Uninstaller.) C:\Users\Gary\Downloads\DDU\Display Driver Uninstaller.exe
O4 - GS\Desktop [Administrator]: Dragon Age Console Active.lnk . (.BioWare - Dragon Age: Origins.) C:\Games\Dragon Age\bin_ship\daorigins.exe -enabledeveloperconsole =>.Electronic Arts®
O4 - GS\Desktop [Administrator]: Dragon Age II config.lnk . (…) C:\Users\Gary\Documents\BioWare\Dragon Age 2\Settings\DragonAge.ini
O4 - GS\Desktop [Administrator]: Dragon Age II failed2fix.lnk . (.BioWare - Dragon Age II.) C:\Games\Dragon Age 2\bin_ship\DragonAge2.exe =>.Electronic Arts®
O4 - GS\Desktop [Administrator]: DragonAge2 Console.lnk . (.BioWare - Dragon Age II.) C:\Games\Dragon Age 2\bin_ship\DragonAge2.exe -enabledeveloperconsole =>.Electronic Arts®
O4 - GS\Desktop [Administrator]: dxDiag.lnk . (.Microsoft Corporation - Microsoft DirectX Diagnostic Tool.) C:\Windows\System32\dxdiag.exe =>.Microsoft Corporation
O4 - GS\Desktop [Administrator]: Elevated Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - GS\Desktop [Administrator]: Event Viewer.lnk . (…) C:\WINDOWS\system32\eventvwr.msc /s
O4 - GS\Desktop [Administrator]: FurMark.lnk . (.Geeks3D (www.geeks3d.com) - FurMark - GPU stress test and OpenGL benchm.) C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark.exe =>.Geeks3D (www.geeks3d.com)
O4 - GS\Desktop [Administrator]: GeForce_Experience_v2.4.5.57.exe - Shortcut.lnk . (.NVIDIA Corporation - NVIDIA Package Launcher.) C:\Users\Gary\Downloads\GeForce_Experience_v2.4.5. 57.exe =>.NVIDIA Corporation®
O4 - GS\Desktop [Administrator]: Minidump.lnk . (…) C:\Windows\Minidump
O4 - GS\Desktop [Administrator]: MSI Afterburner.lnk . (.Copyright © 2009-2015 Alexey Nicolaychuk aka Unwinder - MSIAfterburner.) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe =>.MICRO-STAR INTERNATIONAL CO., LTD.®
O4 - GS\Desktop [Administrator]: OCCT.lnk . (.OCCT - Ocbase - Adrien Mercier - OCCT.) C:\Program Files (x86)\OCCTPT\OCCT.exe =>.OCCT - Ocbase - Adrien Mercier
O4 - GS\Desktop [Administrator]: OpenOffice Calc.lnk . (.Apache Software Foundation - OpenOffice Calc.) C:\Program Files (x86)\OpenOffice 4\program\scalc.exe =>.Apache Software Foundation
O4 - GS\Desktop [Administrator]: OpenOffice Impress.lnk . (.Apache Software Foundation - OpenOffice Impress.) C:\Program Files (x86)\OpenOffice 4\program\simpress.exe =>.Apache Software Foundation
O4 - GS\Desktop [Administrator]: OpenOffice Writer.lnk . (.Apache Software Foundation - OpenOffice Writer.) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe =>.Apache Software Foundation
O4 - GS\Desktop [Administrator]: PhysX-9.14.0702-SystemSoftware.msi - Shortcut.lnk . (.NVIDIA Corporation - .) C:\Users\Gary\Downloads\PhysX-9.14.0702-SystemSoftware.msi =>.NVIDIA Corporation®
O4 - GS\Desktop [Administrator]: RadioSure.lnk . (.TheBestWare Studio - RadioSure.) C:\Users\Gary\AppData\Local\RadioSure\RadioSure.ex e =>.TheBestWare Studio
O4 - GS\Desktop [Administrator]: RarmaRadio.lnk . (.Raimersoft - RarmaRadio.) C:\Program Files (x86)\RarmaRadio\RarmaRadio.exe =>.Raimersoft
O4 - GS\Desktop [Administrator]: regedit.lnk . (.Microsoft Corporation - Registry Editor.) C:\Windows\regedit.exe =>.Microsoft Corporation
O4 - GS\Desktop [Administrator]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Desktop [Administrator]: Safe Flash Drive Removal.lnk . (.Microsoft Corporation - Windows host process (Rundll32).) C:\Windows\System32\rundll32.exe shell32.dll,Control_RunDLL hotplug.dll =>.Microsoft Corporation
O4 - GS\Desktop [Administrator]: scalc.exe - Shortcut.lnk . (.The Document Foundation - LibreOffice Calc.) C:\Program Files (x86)\LibreOffice 5\program\scalc.exe =>.The Document Foundation®
O4 - GS\Desktop [Administrator]: simpress.exe - Shortcut.lnk . (.The Document Foundation - LibreOffice Impress.) C:\Program Files (x86)\LibreOffice 5\program\simpress.exe =>.The Document Foundation®
O4 - GS\Desktop [Administrator]: SMAC.lnk . (…) E:\copy of duff disk after it became recognisable\Program Files\Firaxis Games\Sid Meier’s Alpha Centauri\terran.exe
O4 - GS\Desktop [Administrator]: SpeedFan.lnk . (…) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.®
O4 - GS\Desktop [Administrator]: Startup.lnk . (…) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O4 - GS\Desktop [Administrator]: swriter.exe - Shortcut.lnk . (.The Document Foundation - LibreOffice Writer.) C:\Program Files (x86)\LibreOffice 5\program\swriter.exe =>.The Document Foundation®
O4 - GS\Desktop [Administrator]: WhoCrashed.lnk . (.Resplendence Software Projects - WhoCrashed.) C:\Program Files\WhoCrashed\WhoCrashedEx.exe =>.Daniel Terhell®
O4 - GS\Desktop [Administrator]: Windows 10 Upgrade Assistant.lnk . (.Microsoft Corporation - Windows 10 Upgrade Assistant.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Administrator]: Windows.old BioWare.lnk . (…) C:\Windows.old\Users\Gary\Documents\BioWare
O4 - GS\Desktop [Administrator]: Windows.old Program Files (x86).lnk . (…) C:\Windows.old\Program Files (x86)
O4 - GS\Desktop [Administrator]: Windows.old Program Files.lnk . (…) C:\Windows.old\Program Files
O4 - GS\Desktop [Administrator]: Windows.old.lnk . (…) C:\Windows.old
O4 - GS\Desktop [Administrator]: WinISO.lnk . (.WinISO Computing Inc. - WinISO.) C:\Program Files (x86)\WinISO\bin\winiso.exe =>.WinISO Computing Inc.
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Gary\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: Zotac Win 10 drivers 378.92.lnk . (…) C:\NVIDIA\DisplayDriver\Zotac\378.92\Win10_64\Inte rnational
O4 - GS\Desktop [Administrator]: Zotacs Win 10 drivers 378.92.lnk . (…) C:\NVIDIA\DisplayDriver\378.92\Win10_64\Internatio nal
O4 - GS\Quicklaunch [Administrator]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe =>.Belarc, Inc.®
O4 - GS\Quicklaunch [Administrator]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Gary\AppData\Local\Chromium\Application\c hrome.exe =>.The Chromium Authors
O4 - GS\Quicklaunch [Administrator]: CleanGenius 3.lnk . (.Amigabit - Amigabit Powerbooster.) C:\Program Files (x86)\CleanGenius 3\CleanGenius.exe {30A0C6D10C607499E2E779B78E80992B}
O4 - GS\Quicklaunch [Administrator]: Dragon Age II.lnk . (…) C:\Games\Dragon Age 2\DragonAge2Launcher.exe
O4 - GS\Quicklaunch [Administrator]: Dragon Age Origins.lnk . (.BioWare - Launcher Application.) C:\Games\Dragon Age\DAOriginsLauncher.exe =>.BioWare®
O4 - GS\Quicklaunch [Administrator]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 8.3.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: HexEdit.lnk . (.Expert Commercial Software Pty Ltd - HexEdit Application.) C:\Program Files (x86)\HexEdit\HexEdit.exe =>.Expert Commercial Software Pty Ltd
O4 - GS\Quicklaunch [Administrator]: KeePass 2.lnk . (.Dominik Reichl - KeePass.) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe =>.Dominik Reichl
O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Administrator]: Launch Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Administrator]: Samsung Kies (Lite).lnk . (…) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Administrator]: Samsung Kies.lnk . (…) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Administrator]: Visual Subst.lnk . (.NTWind Software - Visual Subst.) C:\Program Files (x86)\Visual Subst\VSubst.exe {3E5ABF29BA6BBDFBC0CB1793FE97875A} =>.NTWind Software
O4 - GS\Quicklaunch [Administrator]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Gary\AppData\Roaming\uTorrent\uTorrent.ex e =>.BitTorrent Inc®
O4 - GS\sendTo [Administrator]: Bluetooth Device.lnk . (.Cambridge Silicon Radio Limited - .) C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRFileTransferWizard.exe =>.Cambridge Silicon Radio Limited
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\sendTo [Administrator]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 12.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer GmbH®
O4 - GS\sendTo [Administrator]: TextPad.lnk . (.Helios Software Solutions - .) C:\Program Files (x86)\TextPad 7\TextPad.exe =>.Helios Software Solutions
O4 - GS\sendTo [Administrator]: WinCmp3.lnk . (…) W:\Program Files (x86)\Compare It!\wincmp3.exe
O4 - GS\TaskBar [Administrator]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: Cheat Engine 6.4 (64-bit).lnk . (.Cheat Engine - Cheat Engine.) C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-x86_64.exe =>.Cheat Engine®
O4 - GS\TaskBar [Administrator]: DOSBox 0.74.lnk . (.DOSBox Team - DOSBox DOS Emulator.) C:\Program Files (x86)\DOSBox-0.74\DOSBox.exe -userconf =>.DOSBox Team
O4 - GS\TaskBar [Administrator]: Dragon Age Inquisition.lnk . (.Electronic Arts - Dragon Age™: Inquisition.) C:\Program Files (x86)\Inquisition\Dragon Age Inquisition\DragonAgeInquisition.exe =>.Electronic Arts®
O4 - GS\TaskBar [Administrator]: Dragon Age Origins.lnk . (.BioWare - Launcher Application.) C:\Games\Dragon Age\DAOriginsLauncher.exe =>.BioWare®
O4 - GS\TaskBar [Administrator]: DragonAge2 Console - Copy.lnk . (.BioWare - Dragon Age II.) C:\Games\Dragon Age 2\bin_ship\DragonAge2.exe -enabledeveloperconsole =>.Electronic Arts®
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Administrator]: Microsoft Office Excel 2003.lnk . (…) C:\Windows\Installer{91110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: Microsoft Office Outlook 2003.lnk . (…) C:\Windows\Installer{91110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
O4 - GS\TaskBar [Administrator]: Microsoft Office Word 2003.lnk . (…) C:\Windows\Installer{91110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Administrator]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: SpeedFan.lnk . (…) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.®
O4 - GS\TaskBar [Administrator]: TextPad.lnk . (.Helios Software Solutions - .) C:\Program Files (x86)\TextPad 7\TextPad.exe =>.Helios Software Solutions
O4 - GS\Startup [Administrator]: RealtimeSync.lnk . (.freefilesync.sourceforge.net - Real-time Command Line Launcher.) C:\Program Files\FreeFileSync\RealtimeSync.exe {16E668A771535C03FB8E38917D8F02D0}
O4 - GS\Startup [Administrator]: SpeedFan.lnk . (…) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.®
O4 - GS\Programs [Administrator]: Ableton Live 9 Lite.lnk . (.Ableton - .) C:\ProgramData\Ableton\Live 9 Lite\Program\Ableton Live 9 Lite.exe =>.Ableton AG®
O4 - GS\Programs [Administrator]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Gary\AppData\Local\Chromium\Application\c hrome.exe =>.The Chromium Authors
O4 - GS\Programs [Administrator]: DigiGuide TV Guide.lnk . (.GipsyMedia Limited - DigiGuide Loader Program.) C:\Program Files (x86)\DigiGuide TV Guide\Client.exe
O4 - GS\Programs [Administrator]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Gary\AppData\Local\Microsoft\OneDrive\One Drive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrator]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [Administrator]: TextPad.lnk . (.Helios Software Solutions - .) C:\Program Files (x86)\TextPad 7\TextPad.exe =>.Helios Software Solutions
O4 - GS\Desktop [Gary]: 347.88 - Shortcut.lnk . (…) C:\NVIDIA\DisplayDriver\347.88
O4 - GS\Desktop [Gary]: 347.88-desktop-win8-win7-winvista-64bit-international-whql.exe - Shortcut.lnk . (.NVIDIA Corporation - NVIDIA Package Launcher.) C:\Users\Gary\Downloads\347.88-desktop-win8-win7-winvista-64bit-international-whql.exe =>.NVIDIA Corporation®
O4 - GS\Desktop [Gary]: Auslogics DiskDefrag.lnk . (.Auslogics - Disk Defrag.) C:\Program Files (x86)\Auslogics\DiskDefrag\DiskDefrag.exe =>.Auslogics Software Pty Ltd®
O4 - GS\Desktop [Gary]: Auto Clicker.lnk . (.Copyright (C) 2009 - AutoClicker MFC Application.) C:\Program Files (x86)\Auto Clicker\AutoClicker.exe
O4 - GS\Desktop [Gary]: Axialis IconWorkshop.lnk . (.Axialis Software - Axialis IconWorkshop.) C:\Program Files (x86)\Axialis\IconWorkshop\IconWorkshop.exe {00D1B7BB33745D35DB71866CB2288521B8}
O4 - GS\Desktop [Gary]: BioWare - Shortcut.lnk . (…) C:\Users\Gary\Documents\BioWare
O4 - GS\Desktop [Gary]: BlueScreenView.exe - Shortcut.lnk . (.NirSoft - BlueScreenView.) C:\Program Files (x86)\NirSoft\BlueScreenView\BlueScreenView.exe =>.Nir Sofer®
O4 - GS\Desktop [Gary]: Cheat Engine.lnk . (…) C:\Program Files (x86)\Cheat Engine 6.4\Cheat Engine.exe =>.Cheat Engine®
O4 - GS\Desktop [Gary]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Gary\AppData\Local\Chromium\Application\c hrome.exe =>.The Chromium Authors
O4 - GS\Desktop [Gary]: Crash Dump Files.lnk . (…) C:\Windows\Minidump
O4 - GS\Desktop [Gary]: DigiGuide TV Guide.lnk . (.GipsyMedia Limited - DigiGuide Loader Program.) C:\Program Files (x86)\DigiGuide TV Guide\Client.exe
O4 - GS\Desktop [Gary]: Disk Images.lnk . (…) C:\Users\Public\Documents\DAEMON Tools Images
O4 - GS\Desktop [Gary]: Display Driver Uninstaller.exe - Shortcut.lnk . (.Copyright © 2014 - Display Driver Uninstaller.) C:\Users\Gary\Downloads\DDU\Display Driver Uninstaller.exe
O4 - GS\Desktop [Gary]: Dragon Age Console Active.lnk . (.BioWare - Dragon Age: Origins.) C:\Games\Dragon Age\bin_ship\daorigins.exe -enabledeveloperconsole =>.Electronic Arts®
O4 - GS\Desktop [Gary]: Dragon Age II config.lnk . (…) C:\Users\Gary\Documents\BioWare\Dragon Age 2\Settings\DragonAge.ini
O4 - GS\Desktop [Gary]: Dragon Age II failed2fix.lnk . (.BioWare - Dragon Age II.) C:\Games\Dragon Age 2\bin_ship\DragonAge2.exe =>.Electronic Arts®
O4 - GS\Desktop [Gary]: DragonAge2 Console.lnk . (.BioWare - Dragon Age II.) C:\Games\Dragon Age 2\bin_ship\DragonAge2.exe -enabledeveloperconsole =>.Electronic Arts®
O4 - GS\Desktop [Gary]: dxDiag.lnk . (.Microsoft Corporation - Microsoft DirectX Diagnostic Tool.) C:\Windows\System32\dxdiag.exe =>.Microsoft Corporation
O4 - GS\Desktop [Gary]: Elevated Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - GS\Desktop [Gary]: Event Viewer.lnk . (…) C:\WINDOWS\system32\eventvwr.msc /s
O4 - GS\Desktop [Gary]: FurMark.lnk . (.Geeks3D (www.geeks3d.com) - FurMark - GPU stress test and OpenGL benchm.) C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark.exe =>.Geeks3D (www.geeks3d.com)
O4 - GS\Desktop [Gary]: GeForce_Experience_v2.4.5.57.exe - Shortcut.lnk . (.NVIDIA Corporation - NVIDIA Package Launcher.) C:\Users\Gary\Downloads\GeForce_Experience_v2.4.5. 57.exe =>.NVIDIA Corporation®
O4 - GS\Desktop [Gary]: Minidump.lnk . (…) C:\Windows\Minidump
O4 - GS\Desktop [Gary]: MSI Afterburner.lnk . (.Copyright © 2009-2015 Alexey Nicolaychuk aka Unwinder - MSIAfterburner.) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe =>.MICRO-STAR INTERNATIONAL CO., LTD.®
O4 - GS\Desktop [Gary]: OCCT.lnk . (.OCCT - Ocbase - Adrien Mercier - OCCT.) C:\Program Files (x86)\OCCTPT\OCCT.exe =>.OCCT - Ocbase - Adrien Mercier
O4 - GS\Desktop [Gary]: OpenOffice Calc.lnk . (.Apache Software Foundation - OpenOffice Calc.) C:\Program Files (x86)\OpenOffice 4\program\scalc.exe =>.Apache Software Foundation
O4 - GS\Desktop [Gary]: OpenOffice Impress.lnk . (.Apache Software Foundation - OpenOffice Impress.) C:\Program Files (x86)\OpenOffice 4\program\simpress.exe =>.Apache Software Foundation
O4 - GS\Desktop [Gary]: OpenOffice Writer.lnk . (.Apache Software Foundation - OpenOffice Writer.) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe =>.Apache Software Foundation
O4 - GS\Desktop [Gary]: PhysX-9.14.0702-SystemSoftware.msi - Shortcut.lnk . (.NVIDIA Corporation - .) C:\Users\Gary\Downloads\PhysX-9.14.0702-SystemSoftware.msi =>.NVIDIA Corporation®
O4 - GS\Desktop [Gary]: RadioSure.lnk . (.TheBestWare Studio - RadioSure.) C:\Users\Gary\AppData\Local\RadioSure\RadioSure.ex e =>.TheBestWare Studio
O4 - GS\Desktop [Gary]: RarmaRadio.lnk . (.Raimersoft - RarmaRadio.) C:\Program Files (x86)\RarmaRadio\RarmaRadio.exe =>.Raimersoft
O4 - GS\Desktop [Gary]: regedit.lnk . (.Microsoft Corporation - Registry Editor.) C:\Windows\regedit.exe =>.Microsoft Corporation
O4 - GS\Desktop [Gary]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Desktop [Gary]: Safe Flash Drive Removal.lnk . (.Microsoft Corporation - Windows host process (Rundll32).) C:\Windows\System32\rundll32.exe shell32.dll,Control_RunDLL hotplug.dll =>.Microsoft Corporation
O4 - GS\Desktop [Gary]: scalc.exe - Shortcut.lnk . (.The Document Foundation - LibreOffice Calc.) C:\Program Files (x86)\LibreOffice 5\program\scalc.exe =>.The Document Foundation®
O4 - GS\Desktop [Gary]: simpress.exe - Shortcut.lnk . (.The Document Foundation - LibreOffice Impress.) C:\Program Files (x86)\LibreOffice 5\program\simpress.exe =>.The Document Foundation®
O4 - GS\Desktop [Gary]: SMAC.lnk . (…) E:\copy of duff disk after it became recognisable\Program Files\Firaxis Games\Sid Meier’s Alpha Centauri\terran.exe
O4 - GS\Desktop [Gary]: SpeedFan.lnk . (…) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.®
O4 - GS\Desktop [Gary]: Startup.lnk . (…) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O4 - GS\Desktop [Gary]: swriter.exe - Shortcut.lnk . (.The Document Foundation - LibreOffice Writer.) C:\Program Files (x86)\LibreOffice 5\program\swriter.exe =>.The Document Foundation®
O4 - GS\Desktop [Gary]: WhoCrashed.lnk . (.Resplendence Software Projects - WhoCrashed.) C:\Program Files\WhoCrashed\WhoCrashedEx.exe =>.Daniel Terhell®
O4 - GS\Desktop [Gary]: Windows 10 Upgrade Assistant.lnk . (.Microsoft Corporation - Windows 10 Upgrade Assistant.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Gary]: Windows.old BioWare.lnk . (…) C:\Windows.old\Users\Gary\Documents\BioWare
O4 - GS\Desktop [Gary]: Windows.old Program Files (x86).lnk . (…) C:\Windows.old\Program Files (x86)
O4 - GS\Desktop [Gary]: Windows.old Program Files.lnk . (…) C:\Windows.old\Program Files
O4 - GS\Desktop [Gary]: Windows.old.lnk . (…) C:\Windows.old
O4 - GS\Desktop [Gary]: WinISO.lnk . (.WinISO Computing Inc. - WinISO.) C:\Program Files (x86)\WinISO\bin\winiso.exe =>.WinISO Computing Inc.
O4 - GS\Desktop [Gary]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Gary\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Gary]: Zotac Win 10 drivers 378.92.lnk . (…) C:\NVIDIA\DisplayDriver\Zotac\378.92\Win10_64\Inte rnational
O4 - GS\Desktop [Gary]: Zotacs Win 10 drivers 378.92.lnk . (…) C:\NVIDIA\DisplayDriver\378.92\Win10_64\Internatio nal
O4 - GS\Quicklaunch [Gary]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe =>.Belarc, Inc.®
O4 - GS\Quicklaunch [Gary]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Gary\AppData\Local\Chromium\Application\c hrome.exe =>.The Chromium Authors
O4 - GS\Quicklaunch [Gary]: CleanGenius 3.lnk . (.Amigabit - Amigabit Powerbooster.) C:\Program Files (x86)\CleanGenius 3\CleanGenius.exe {30A0C6D10C607499E2E779B78E80992B}
O4 - GS\Quicklaunch [Gary]: Dragon Age II.lnk . (…) C:\Games\Dragon Age 2\DragonAge2Launcher.exe
O4 - GS\Quicklaunch [Gary]: Dragon Age Origins.lnk . (.BioWare - Launcher Application.) C:\Games\Dragon Age\DAOriginsLauncher.exe =>.BioWare®
O4 - GS\Quicklaunch [Gary]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 8.3.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Gary]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Gary]: HexEdit.lnk . (.Expert Commercial Software Pty Ltd - HexEdit Application.) C:\Program Files (x86)\HexEdit\HexEdit.exe =>.Expert Commercial Software Pty Ltd
O4 - GS\Quicklaunch [Gary]: KeePass 2.lnk . (.Dominik Reichl - KeePass.) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe =>.Dominik Reichl
O4 - GS\Quicklaunch [Gary]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Gary]: Launch Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Gary]: Samsung Kies (Lite).lnk . (…) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Gary]: Samsung Kies.lnk . (…) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Gary]: Visual Subst.lnk . (.NTWind Software - Visual Subst.) C:\Program Files (x86)\Visual Subst\VSubst.exe {3E5ABF29BA6BBDFBC0CB1793FE97875A} =>.NTWind Software
O4 - GS\Quicklaunch [Gary]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Gary\AppData\Roaming\uTorrent\uTorrent.ex e =>.BitTorrent Inc®
O4 - GS\sendTo [Gary]: Bluetooth Device.lnk . (.Cambridge Silicon Radio Limited - .) C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRFileTransferWizard.exe =>.Cambridge Silicon Radio Limited
O4 - GS\sendTo [Gary]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Gary]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Gary]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\sendTo [Gary]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 12.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer GmbH®
O4 - GS\sendTo [Gary]: TextPad.lnk . (.Helios Software Solutions - .) C:\Program Files (x86)\TextPad 7\TextPad.exe =>.Helios Software Solutions
O4 - GS\sendTo [Gary]: WinCmp3.lnk . (…) W:\Program Files (x86)\Compare It!\wincmp3.exe
O4 - GS\TaskBar [Gary]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Gary]: Cheat Engine 6.4 (64-bit).lnk . (.Cheat Engine - Cheat Engine.) C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-x86_64.exe =>.Cheat Engine®
O4 - GS\TaskBar [Gary]: DOSBox 0.74.lnk . (.DOSBox Team - DOSBox DOS Emulator.) C:\Program Files (x86)\DOSBox-0.74\DOSBox.exe -userconf =>.DOSBox Team
O4 - GS\TaskBar [Gary]: Dragon Age Inquisition.lnk . (.Electronic Arts - Dragon Age™: Inquisition.) C:\Program Files (x86)\Inquisition\Dragon Age Inquisition\DragonAgeInquisition.exe =>.Electronic Arts®
O4 - GS\TaskBar [Gary]: Dragon Age Origins.lnk . (.BioWare - Launcher Application.) C:\Games\Dragon Age\DAOriginsLauncher.exe =>.BioWare®
O4 - GS\TaskBar [Gary]: DragonAge2 Console - Copy.lnk . (.BioWare - Dragon Age II.) C:\Games\Dragon Age 2\bin_ship\DragonAge2.exe -enabledeveloperconsole =>.Electronic Arts®
O4 - GS\TaskBar [Gary]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Gary]: Microsoft Office Excel 2003.lnk . (…) C:\Windows\Installer{91110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Gary]: Microsoft Office Outlook 2003.lnk . (…) C:\Windows\Installer{91110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
O4 - GS\TaskBar [Gary]: Microsoft Office Word 2003.lnk . (…) C:\Windows\Installer{91110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Gary]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Gary]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Gary]: SpeedFan.lnk . (…) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.®
O4 - GS\TaskBar [Gary]: TextPad.lnk . (.Helios Software Solutions - .) C:\Program Files (x86)\TextPad 7\TextPad.exe =>.Helios Software Solutions
O4 - GS\Startup [Gary]: RealtimeSync.lnk . (.freefilesync.sourceforge.net - Real-time Command Line Launcher.) C:\Program Files\FreeFileSync\RealtimeSync.exe {16E668A771535C03FB8E38917D8F02D0}
O4 - GS\Startup [Gary]: SpeedFan.lnk . (…) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.®
O4 - GS\Programs [Gary]: Ableton Live 9 Lite.lnk . (.Ableton - .) C:\ProgramData\Ableton\Live 9 Lite\Program\Ableton Live 9 Lite.exe =>.Ableton AG®
O4 - GS\Programs [Gary]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Gary\AppData\Local\Chromium\Application\c hrome.exe =>.The Chromium Authors
O4 - GS\Programs [Gary]: DigiGuide TV Guide.lnk . (.GipsyMedia Limited - DigiGuide Loader Program.) C:\Program Files (x86)\DigiGuide TV Guide\Client.exe
O4 - GS\Programs [Gary]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Gary\AppData\Local\Microsoft\OneDrive\One Drive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Gary]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [Gary]: TextPad.lnk . (.Helios Software Solutions - .) C:\Program Files (x86)\TextPad 7\TextPad.exe =>.Helios Software Solutions
O4 - GS\Desktop [Guest]: 347.88 - Shortcut.lnk . (…) C:\NVIDIA\DisplayDriver\347.88
O4 - GS\Desktop [Guest]: 347.88-desktop-win8-win7-winvista-64bit-international-whql.exe - Shortcut.lnk . (.NVIDIA Corporation - NVIDIA Package Launcher.) C:\Users\Gary\Downloads\347.88-desktop-win8-win7-winvista-64bit-international-whql.exe =>.NVIDIA Corporation®
O4 - GS\Desktop [Guest]: Auslogics DiskDefrag.lnk . (.Auslogics - Disk Defrag.) C:\Program Files (x86)\Auslogics\DiskDefrag\DiskDefrag.exe =>.Auslogics Software Pty Ltd®
O4 - GS\Desktop [Guest]: Auto Clicker.lnk . (.Copyright (C) 2009 - AutoClicker MFC Application.) C:\Program Files (x86)\Auto Clicker\AutoClicker.exe
O4 - GS\Desktop [Guest]: Axialis IconWorkshop.lnk . (.Axialis Software - Axialis IconWorkshop.) C:\Program Files (x86)\Axialis\IconWorkshop\IconWorkshop.exe {00D1B7BB33745D35DB71866CB2288521B8}
O4 - GS\Desktop [Guest]: BioWare - Shortcut.lnk . (…) C:\Users\Gary\Documents\BioWare
O4 - GS\Desktop [Guest]: BlueScreenView.exe - Shortcut.lnk . (.NirSoft - BlueScreenView.) C:\Program Files (x86)\NirSoft\BlueScreenView\BlueScreenView.exe =>.Nir Sofer®
O4 - GS\Desktop [Guest]: Cheat Engine.lnk . (…) C:\Program Files (x86)\Cheat Engine 6.4\Cheat Engine.exe =>.Cheat Engine®
O4 - GS\Desktop [Guest]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Gary\AppData\Local\Chromium\Application\c hrome.exe =>.The Chromium Authors
O4 - GS\Desktop [Guest]: Crash Dump Files.lnk . (…) C:\Windows\Minidump
O4 - GS\Desktop [Guest]: DigiGuide TV Guide.lnk . (.GipsyMedia Limited - DigiGuide Loader Program.) C:\Program Files (x86)\DigiGuide TV Guide\Client.exe
O4 - GS\Desktop [Guest]: Disk Images.lnk . (…) C:\Users\Public\Documents\DAEMON Tools Images
O4 - GS\Desktop [Guest]: Display Driver Uninstaller.exe - Shortcut.lnk . (.Copyright © 2014 - Display Driver Uninstaller.) C:\Users\Gary\Downloads\DDU\Display Driver Uninstaller.exe
O4 - GS\Desktop [Guest]: Dragon Age Console Active.lnk . (.BioWare - Dragon Age: Origins.) C:\Games\Dragon Age\bin_ship\daorigins.exe -enabledeveloperconsole =>.Electronic Arts®
O4 - GS\Desktop [Guest]: Dragon Age II config.lnk . (…) C:\Users\Gary\Documents\BioWare\Dragon Age 2\Settings\DragonAge.ini
O4 - GS\Desktop [Guest]: Dragon Age II failed2fix.lnk . (.BioWare - Dragon Age II.) C:\Games\Dragon Age 2\bin_ship\DragonAge2.exe =>.Electronic Arts®
O4 - GS\Desktop [Guest]: DragonAge2 Console.lnk . (.BioWare - Dragon Age II.) C:\Games\Dragon Age 2\bin_ship\DragonAge2.exe -enabledeveloperconsole =>.Electronic Arts®
O4 - GS\Desktop [Guest]: dxDiag.lnk . (.Microsoft Corporation - Microsoft DirectX Diagnostic Tool.) C:\Windows\System32\dxdiag.exe =>.Microsoft Corporation
O4 - GS\Desktop [Guest]: Elevated Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - GS\Desktop [Guest]: Event Viewer.lnk . (…) C:\WINDOWS\system32\eventvwr.msc /s
O4 - GS\Desktop [Guest]: FurMark.lnk . (.Geeks3D (www.geeks3d.com) - FurMark - GPU stress test and OpenGL benchm.) C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark.exe =>.Geeks3D (www.geeks3d.com)
O4 - GS\Desktop [Guest]: GeForce_Experience_v2.4.5.57.exe - Shortcut.lnk . (.NVIDIA Corporation - NVIDIA Package Launcher.) C:\Users\Gary\Downloads\GeForce_Experience_v2.4.5. 57.exe =>.NVIDIA Corporation®
O4 - GS\Desktop [Guest]: Minidump.lnk . (…) C:\Windows\Minidump
O4 - GS\Desktop [Guest]: MSI Afterburner.lnk . (.Copyright © 2009-2015 Alexey Nicolaychuk aka Unwinder - MSIAfterburner.) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe =>.MICRO-STAR INTERNATIONAL CO., LTD.®
O4 - GS\Desktop [Guest]: OCCT.lnk . (.OCCT - Ocbase - Adrien Mercier - OCCT.) C:\Program Files (x86)\OCCTPT\OCCT.exe =>.OCCT - Ocbase - Adrien Mercier
O4 - GS\Desktop [Guest]: OpenOffice Calc.lnk . (.Apache Software Foundation - OpenOffice Calc.) C:\Program Files (x86)\OpenOffice 4\program\scalc.exe =>.Apache Software Foundation
O4 - GS\Desktop [Guest]: OpenOffice Impress.lnk . (.Apache Software Foundation - OpenOffice Impress.) C:\Program Files (x86)\OpenOffice 4\program\simpress.exe =>.Apache Software Foundation
O4 - GS\Desktop [Guest]: OpenOffice Writer.lnk . (.Apache Software Foundation - OpenOffice Writer.) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe =>.Apache Software Foundation
O4 - GS\Desktop [Guest]: PhysX-9.14.0702-SystemSoftware.msi - Shortcut.lnk . (.NVIDIA Corporation - .) C:\Users\Gary\Downloads\PhysX-9.14.0702-SystemSoftware.msi =>.NVIDIA Corporation®
O4 - GS\Desktop [Guest]: RadioSure.lnk . (.TheBestWare Studio - RadioSure.) C:\Users\Gary\AppData\Local\RadioSure\RadioSure.ex e =>.TheBestWare Studio
O4 - GS\Desktop [Guest]: RarmaRadio.lnk . (.Raimersoft - RarmaRadio.) C:\Program Files (x86)\RarmaRadio\RarmaRadio.exe =>.Raimersoft
O4 - GS\Desktop [Guest]: regedit.lnk . (.Microsoft Corporation - Registry Editor.) C:\Windows\regedit.exe =>.Microsoft Corporation
O4 - GS\Desktop [Guest]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Desktop [Guest]: Safe Flash Drive Removal.lnk . (.Microsoft Corporation - Windows host process (Rundll32).) C:\Windows\System32\rundll32.exe shell32.dll,Control_RunDLL hotplug.dll =>.Microsoft Corporation
O4 - GS\Desktop [Guest]: scalc.exe - Shortcut.lnk . (.The Document Foundation - LibreOffice Calc.) C:\Program Files (x86)\LibreOffice 5\program\scalc.exe =>.The Document Foundation®
O4 - GS\Desktop [Guest]: simpress.exe - Shortcut.lnk . (.The Document Foundation - LibreOffice Impress.) C:\Program Files (x86)\LibreOffice 5\program\simpress.exe =>.The Document Foundation®
O4 - GS\Desktop [Guest]: SMAC.lnk . (…) E:\copy of duff disk after it became recognisable\Program Files\Firaxis Games\Sid Meier’s Alpha Centauri\terran.exe
O4 - GS\Desktop [Guest]: SpeedFan.lnk . (…) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.®
O4 - GS\Desktop [Guest]: Startup.lnk . (…) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O4 - GS\Desktop [Guest]: swriter.exe - Shortcut.lnk . (.The Document Foundation - LibreOffice Writer.) C:\Program Files (x86)\LibreOffice 5\program\swriter.exe =>.The Document Foundation®
O4 - GS\Desktop [Guest]: WhoCrashed.lnk . (.Resplendence Software Projects - WhoCrashed.) C:\Program Files\WhoCrashed\WhoCrashedEx.exe =>.Daniel Terhell®
O4 - GS\Desktop [Guest]: Windows 10 Upgrade Assistant.lnk . (.Microsoft Corporation - Windows 10 Upgrade Assistant.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Guest]: Windows.old BioWare.lnk . (…) C:\Windows.old\Users\Gary\Documents\BioWare
O4 - GS\Desktop [Guest]: Windows.old Program Files (x86).lnk . (…) C:\Windows.old\Program Files (x86)
O4 - GS\Desktop [Guest]: Windows.old Program Files.lnk . (…) C:\Windows.old\Program Files
O4 - GS\Desktop [Guest]: Windows.old.lnk . (…) C:\Windows.old
O4 - GS\Desktop [Guest]: WinISO.lnk . (.WinISO Computing Inc. - WinISO.) C:\Program Files (x86)\WinISO\bin\winiso.exe =>.WinISO Computing Inc.
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Gary\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: Zotac Win 10 drivers 378.92.lnk . (…) C:\NVIDIA\DisplayDriver\Zotac\378.92\Win10_64\Inte rnational
O4 - GS\Desktop [Guest]: Zotacs Win 10 drivers 378.92.lnk . (…) C:\NVIDIA\DisplayDriver\378.92\Win10_64\Internatio nal
O4 - GS\Quicklaunch [Guest]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe =>.Belarc, Inc.®
O4 - GS\Quicklaunch [Guest]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Gary\AppData\Local\Chromium\Application\c hrome.exe =>.The Chromium Authors
O4 - GS\Quicklaunch [Guest]: CleanGenius 3.lnk . (.Amigabit - Amigabit Powerbooster.) C:\Program Files (x86)\CleanGenius 3\CleanGenius.exe {30A0C6D10C607499E2E779B78E80992B}
O4 - GS\Quicklaunch [Guest]: Dragon Age II.lnk . (…) C:\Games\Dragon Age 2\DragonAge2Launcher.exe
O4 - GS\Quicklaunch [Guest]: Dragon Age Origins.lnk . (.BioWare - Launcher Application.) C:\Games\Dragon Age\DAOriginsLauncher.exe =>.BioWare®
O4 - GS\Quicklaunch [Guest]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 8.3.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: HexEdit.lnk . (.Expert Commercial Software Pty Ltd - HexEdit Application.) C:\Program Files (x86)\HexEdit\HexEdit.exe =>.Expert Commercial Software Pty Ltd
O4 - GS\Quicklaunch [Guest]: KeePass 2.lnk . (.Dominik Reichl - KeePass.) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe =>.Dominik Reichl
O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Guest]: Launch Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Guest]: Samsung Kies (Lite).lnk . (…) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Guest]: Samsung Kies.lnk . (…) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Guest]: Visual Subst.lnk . (.NTWind Software - Visual Subst.) C:\Program Files (x86)\Visual Subst\VSubst.exe {3E5ABF29BA6BBDFBC0CB1793FE97875A} =>.NTWind Software
O4 - GS\Quicklaunch [Guest]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Gary\AppData\Roaming\uTorrent\uTorrent.ex e =>.BitTorrent Inc®
O4 - GS\sendTo [Guest]: Bluetooth Device.lnk . (.Cambridge Silicon Radio Limited - .) C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRFileTransferWizard.exe =>.Cambridge Silicon Radio Limited
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\sendTo [Guest]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 12.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer GmbH®
O4 - GS\sendTo [Guest]: TextPad.lnk . (.Helios Software Solutions - .) C:\Program Files (x86)\TextPad 7\TextPad.exe =>.Helios Software Solutions
O4 - GS\sendTo [Guest]: WinCmp3.lnk . (…) W:\Program Files (x86)\Compare It!\wincmp3.exe
O4 - GS\TaskBar [Guest]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: Cheat Engine 6.4 (64-bit).lnk . (.Cheat Engine - Cheat Engine.) C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-x86_64.exe =>.Cheat Engine®
O4 - GS\TaskBar [Guest]: DOSBox 0.74.lnk . (.DOSBox Team - DOSBox DOS Emulator.) C:\Program Files (x86)\DOSBox-0.74\DOSBox.exe -userconf =>.DOSBox Team
O4 - GS\TaskBar [Guest]: Dragon Age Inquisition.lnk . (.Electronic Arts - Dragon Age™: Inquisition.) C:\Program Files (x86)\Inquisition\Dragon Age Inquisition\DragonAgeInquisition.exe =>.Electronic Arts®
O4 - GS\TaskBar [Guest]: Dragon Age Origins.lnk . (.BioWare - Launcher Application.) C:\Games\Dragon Age\DAOriginsLauncher.exe =>.BioWare®
O4 - GS\TaskBar [Guest]: DragonAge2 Console - Copy.lnk . (.BioWare - Dragon Age II.) C:\Games\Dragon Age 2\bin_ship\DragonAge2.exe -enabledeveloperconsole =>.Electronic Arts®
O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Guest]: Microsoft Office Excel 2003.lnk . (…) C:\Windows\Installer{91110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: Microsoft Office Outlook 2003.lnk . (…) C:\Windows\Installer{91110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
O4 - GS\TaskBar [Guest]: Microsoft Office Word 2003.lnk . (…) C:\Windows\Installer{91110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Guest]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: SpeedFan.lnk . (…) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.®
O4 - GS\TaskBar [Guest]: TextPad.lnk . (.Helios Software Solutions - .) C:\Program Files (x86)\TextPad 7\TextPad.exe =>.Helios Software Solutions
O4 - GS\Startup [Guest]: RealtimeSync.lnk . (.freefilesync.sourceforge.net - Real-time Command Line Launcher.) C:\Program Files\FreeFileSync\RealtimeSync.exe {16E668A771535C03FB8E38917D8F02D0}
O4 - GS\Startup [Guest]: SpeedFan.lnk . (…) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.®
O4 - GS\Programs [Guest]: Ableton Live 9 Lite.lnk . (.Ableton - .) C:\ProgramData\Ableton\Live 9 Lite\Program\Ableton Live 9 Lite.exe =>.Ableton AG®
O4 - GS\Programs [Guest]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Gary\AppData\Local\Chromium\Application\c hrome.exe =>.The Chromium Authors
O4 - GS\Programs [Guest]: DigiGuide TV Guide.lnk . (.GipsyMedia Limited - DigiGuide Loader Program.) C:\Program Files (x86)\DigiGuide TV Guide\Client.exe
O4 - GS\Programs [Guest]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Gary\AppData\Local\Microsoft\OneDrive\One Drive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Guest]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [Guest]: TextPad.lnk . (.Helios Software Solutions - .) C:\Program Files (x86)\TextPad 7\TextPad.exe =>.Helios Software Solutions
O4 - GS\CommonDesktop [Public]: Ancestral Quest 14.lnk . (.Incline Software, LC - Ancestral Quest.) C:\Program Files (x86)\Incline Software\Ancestral Quest 14\ancquest.exe {0C8269700941E072496B561BDF023BE6}
O4 - GS\CommonDesktop [Public]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files (x86)\Audacity\audacity.exe =>.The Audacity Team
O4 - GS\CommonDesktop [Public]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe =>.Belarc, Inc.®
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: DAEMON Tools Lite.lnk . (.Disc Soft Ltd - DAEMON Tools Lite.) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.Disc Soft Ltd®
O4 - GS\CommonDesktop [Public]: Defraggler.lnk . (.Piriform Ltd - Defraggler.) C:\Program Files\Defraggler\Defraggler64.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: DOSBox 0.74.lnk . (.DOSBox Team - DOSBox DOS Emulator.) C:\Program Files (x86)\DOSBox-0.74\DOSBox.exe -userconf =>.DOSBox Team
O4 - GS\CommonDesktop [Public]: Dragon Age Inquisition.lnk . (.Electronic Arts - Dragon Age™: Inquisition.) C:\Program Files (x86)\Inquisition\Dragon Age Inquisition\DragonAgeInquisition.exe =>.Electronic Arts®
O4 - GS\CommonDesktop [Public]: EaseUS Partition Master 11.9.lnk . (…) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.9\bin\EPMStartLoader.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\CommonDesktop [Public]: EaseUS Todo Backup Free 9.2.lnk . (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Application.) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Loader.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\CommonDesktop [Public]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 8.3.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\CommonDesktop [Public]: FreeInternetRadio.lnk . (…) C:\Windows\Installer{32FD738E-D5C6-4F8A-9C93-278859948DD6}_D08FC387F2846A8A91E811.exe
O4 - GS\CommonDesktop [Public]: GIMP 2.lnk . (.Spencer Kimball, Peter Mattis and the GIMP Developmen - GNU Image Manipulation Program.) C:\Program Files\GIMP 2\bin\gimp-2.8.exe =>.Jernej Simončič®
O4 - GS\CommonDesktop [Public]: Google Earth.lnk . (.Google - Google Earth.) C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Kaspersky Secure Connection.lnk . (.AO Kaspersky Lab - Kaspersky Secure Connection.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe -navigate ksde://mainwindow =>.Kaspersky Lab®
O4 - GS\CommonDesktop [Public]: Kaspersky Total Security.lnk . (.AO Kaspersky Lab - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe =>.Kaspersky Lab®
O4 - GS\CommonDesktop [Public]: LibreOffice 5.3.lnk . (.The Document Foundation - LibreOffice.) C:\Program Files (x86)\LibreOffice 5\program\soffice.exe =>.The Document Foundation®
O4 - GS\CommonDesktop [Public]: Logitech Webcam Software .lnk . (…) C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\HelpMain\lau nchershortcut.exe =>.Logitech, Inc.®
O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes - Malwarebytes Anti-Malware.) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: NETGEAR WNA3100M Genie.lnk . (.Copyright (C) 2009 - Netgear.) C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe =>.NETGEAR®
O4 - GS\CommonDesktop [Public]: OpenOffice 4.1.2.lnk . (.Apache Software Foundation - OpenOffice 4.1.2.) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe =>.Apache Software Foundation
O4 - GS\CommonDesktop [Public]: PAF 5.lnk . (.The Church of Jesus Christ of Latter-day Saints - Personal Ancestral File.) C:\Program Files (x86)\FamilySearch\Paf5\pstart.exe
O4 - GS\CommonDesktop [Public]: Paint 98.lnk . (.Microsoft Corporation - Microsoft Paint.) C:\Program Files (x86)\Paint XP\mspaint98.exe =>.Microsoft Corporation
O4 - GS\CommonDesktop [Public]: Paint XP.lnk . (.Microsoft Corporation - Paint.) C:\Program Files (x86)\Paint XP\mspaint.exe =>.Microsoft Corporation
O4 - GS\CommonDesktop [Public]: Recuva.lnk . (.Piriform Ltd - Recuva.) C:\Program Files\Recuva\recuva64.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe =>.VS Revo Group®
O4 - GS\CommonDesktop [Public]: Safe Money.lnk . (.AO Kaspersky Lab - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe -safebanking =>.Kaspersky Lab®
O4 - GS\CommonDesktop [Public]: Samsung Kies (Lite).lnk . (…) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite =>.Samsung Electronics CO., LTD.®
O4 - GS\CommonDesktop [Public]: Samsung Kies.lnk . (…) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\CommonDesktop [Public]: Skype.lnk . (…) C:\Windows\Installer{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe =>.Skype Technologies
O4 - GS\CommonDesktop [Public]: SlimDrivers.lnk . (…) C:\WINDOWS\Installer{746AB259-6474-4111-8966-1C62F9A6E063}\Icon.exe /byUser
O4 - GS\CommonDesktop [Public]: Speccy.lnk . (.Piriform Ltd - Speccy.) C:\Program Files\Speccy\Speccy64.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: SQLite Forensic Explorer.lnk . (.Acquire Forensics - SQLiteForensicExplorer.) C:\Program Files (x86)\SQLite Forensic Explorer\SQLiteForensicExplorer.exe
O4 - GS\CommonDesktop [Public]: SUPERAntiSpyware Free Edition.lnk . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe =>.SUPERAntiSpyware.com®
O4 - GS\CommonDesktop [Public]: TeamViewer 12.lnk . (.TeamViewer GmbH - TeamViewer 12.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer GmbH®
O4 - GS\CommonDesktop [Public]: TomTom MyDrive Connect.lnk . (.TomTom - TomTom MyDrive Connect.) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe “-startda” =>.TomTom International BV®
O4 - GS\CommonDesktop [Public]: Unchecky.lnk . (.RaMMicHaeL - Unchecky.) C:\Program Files (x86)\Unchecky\Unchecky.exe =>.Reason Software Company Inc.®
O4 - GS\CommonDesktop [Public]: Valley Benchmark 1.0.lnk . (…) C:\Program Files (x86)\Unigine\Valley Benchmark 1.0\valley.bat
O4 - GS\CommonDesktop [Public]: Visual Subst.lnk . (.NTWind Software - Visual Subst.) C:\Program Files (x86)\Visual Subst\VSubst.exe {3E5ABF29BA6BBDFBC0CB1793FE97875A} =>.NTWind Software
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\CommonDesktop [Public]: WebRadio.lnk . (…) C:\Windows\Installer{32FD738E-D5C6-4F8A-9C93-278859948DD6}_E98D08ABE546EEEE43BCE8.exe
O4 - GS\CommonDesktop [Public]: WebTV.lnk . (…) C:\Windows\Installer{32FD738E-D5C6-4F8A-9C93-278859948DD6}_01F7B6D663CDF59B0E2CBA.exe
O4 - GS\Programs [Public]: Ableton Live 9 Lite.lnk . (.Ableton - .) C:\ProgramData\Ableton\Live 9 Lite\Program\Ableton Live 9 Lite.exe =>.Ableton AG®
O4 - GS\Programs [Public]: Chromium.lnk . (.The Chromium Authors - Chromium.) C:\Users\Gary\AppData\Local\Chromium\Application\c hrome.exe =>.The Chromium Authors
O4 - GS\Programs [Public]: DigiGuide TV Guide.lnk . (.GipsyMedia Limited - DigiGuide Loader Program.) C:\Program Files (x86)\DigiGuide TV Guide\Client.exe
O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Gary\AppData\Local\Microsoft\OneDrive\One Drive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: Optional Features.lnk . (.Microsoft Corporation - Features On Demand Helper.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Programs [Public]: TextPad.lnk . (.Helios Software Solutions - .) C:\Program Files (x86)\TextPad 7\TextPad.exe =>.Helios Software Solutions
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) C:\WINDOWS\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\Startup [Public]: NETGEAR WNA3100M Genie.lnk . (.Copyright (C) 2009 - Netgear.) C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe =>.NETGEAR®
O4 - GS\Startup [Public]: SpeedFan.lnk . (…) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.®
O4 - GS\Accessories [Public]: Bluetooth File Transfer Wizard.lnk . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Windows Mobility Center.) C:\WINDOWS\system32\mblctr.exe /open =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Steps Recorder.) C:\WINDOWS\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\WINDOWS\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files (x86)\Audacity\audacity.exe =>.The Audacity Team
O4 - GS\ProgramsCommon [Public]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe =>.Belarc, Inc.®
O4 - GS\ProgramsCommon [Public]: FreeFileSync.lnk . (.freefilesync.sourceforge.net - Folder Comparison and Synchronization.) C:\Program Files\FreeFileSync\FreeFileSync.exe {16E668A771535C03FB8E38917D8F02D0}
O4 - GS\ProgramsCommon [Public]: FreeInternetRadio.lnk . (…) C:\Windows\Installer{32FD738E-D5C6-4F8A-9C93-278859948DD6}_20563E1FC8F8EF7288CE50.exe
O4 - GS\ProgramsCommon [Public]: GIMP 2.lnk . (.Spencer Kimball, Peter Mattis and the GIMP Developmen - GNU Image Manipulation Program.) C:\Program Files\GIMP 2\bin\gimp-2.8.exe =>.Jernej Simončič®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: KeePass 2.lnk . (.Dominik Reichl - KeePass.) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe =>.Dominik Reichl
O4 - GS\ProgramsCommon [Public]: MiracastView.lnk . (.Microsoft Corporation - MiracastView.) C:\WINDOWS\MiracastView\MiracastView.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\ProgramsCommon [Public]: PrintDialog.lnk . (.Microsoft Corporation - Print Dialog.) C:\WINDOWS\PrintDialog\PrintDialog.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: RealtimeSync.lnk . (.freefilesync.sourceforge.net - Real-time Command Line Launcher.) C:\Program Files\FreeFileSync\RealtimeSync.exe {16E668A771535C03FB8E38917D8F02D0}
O4 - GS\ProgramsCommon [Public]: TeamViewer 12.lnk . (.TeamViewer GmbH - TeamViewer 12.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer GmbH®
O4 - GS\ProgramsCommon [Public]: WebRadio.lnk . (…) C:\Windows\Installer{32FD738E-D5C6-4F8A-9C93-278859948DD6}_7C38172814A5BA58741EDC.exe
O4 - GS\ProgramsCommon [Public]: Windows 10 Upgrade Assistant.lnk . (.Microsoft Corporation - Windows 10 Upgrade Assistant.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation

—\ Lop.com/Domain Hijackers (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip..{30c0c4af-68ad-4472-8b83-95a959c3032c}: DhcpNameServer = 192.168.0.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip..{bf1d8b8b-74d2-44aa-864c-69921be5c862}: DhcpNameServer = 192.168.0.1 =>.Local IP Adress

—\ Extra protocols (27) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: belarc [64Bits] - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} . (.Belarc, Inc. - Belarc VoilaX Control.) – C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll =>.Belarc, Inc.®
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL =>.Microsoft Corporation
O18 - Handler: mso-offdap [64Bits] - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) – C:\Program Files (x86)\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL =>.Microsoft Corporation®
O18 - Handler: mso-offdap11 [64Bits] - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) – C:\Program Files (x86)\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL =>.Microsoft Corporation®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) – C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL =>.Microsoft Corporation®

—\ Software installed (148) - 18s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] – uTorrent =>.BitTorrent Inc®
O42 - Logiciel: Ableton Live 9 Lite - (.Ableton.) [HKLM][64Bits] – {9130C3A8-3BEA-4A24-88F9-50EFB036F999} =>.Ableton
O42 - Logiciel: Adblock Plus for IE - (..) [HKLM][64Bits] – {fd97d1e2-368a-4cd9-af63-8eeff938044a}
O42 - Logiciel: Adblock Plus for IE (32-bit and 64-bit) - (.Eyeo GmbH.) [HKLM][64Bits] – {0F347A49-E36C-4639-8D2E-003AD408B8B2} =>.Eyeo GmbH
O42 - Logiciel: Adobe Flash Player 26 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Ancestral Quest 14 - (.Incline Software, LC.) [HKLM][64Bits] – {F5A3D0C9-DAE3-4FA0-935B-F02678079FCC}
O42 - Logiciel: Ancestral Quest 14 - (.Incline Software, LC.) [HKLM][64Bits] – InstallShield_{F5A3D0C9-DAE3-4FA0-935B-F02678079FCC}
O42 - Logiciel: Ancestral Quest Collaboration Support - (.Incline Software.) [HKLM][64Bits] – {4E2CCBC7-6BBF-4907-9A33-C3BB77366863}
O42 - Logiciel: Ancestral Quest Collaboration Support - (.Incline Software.) [HKLM][64Bits] – InstallShield_{4E2CCBC7-6BBF-4907-9A33-C3BB77366863}
O42 - Logiciel: Ansel - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel =>.NVIDIA Corporation
O42 - Logiciel: Audacity 2.0.5 - (.Audacity Team.) [HKLM][64Bits] – Audacity_is1 =>.Audacity Team
O42 - Logiciel: Audacity 2.1.2 - (.Audacity Team.) [HKLM][64Bits] – Audacity®_is1 =>.Audacity Team
O42 - Logiciel: AutoHotkey 1.1.24.05 - (.Lexikos.) [HKLM][64Bits] – AutoHotkey =>.Lexikos
O42 - Logiciel: Axialis IconWorkshop 6.90 - (.Axialis Software.) [HKLM][64Bits] – IconWorkshop {00C8BDB2ECF2F60919A89930D9030A5DC4}
O42 - Logiciel: BadCopy Pro - (..) [HKLM][64Bits] – BadCopy Pro
O42 - Logiciel: Belarc Advisor 8.4 - (.Belarc Inc..) [HKLM][64Bits] – Belarc Advisor =>.Belarc Inc.
O42 - Logiciel: BitMeter OS - (..) [HKLM][64Bits] – BitMeterOS
O42 - Logiciel: CameraHelperMsi - (.Logitech.) [HKLM][64Bits] – {15634701-BACE-4449-8B25-1567DA8C9FD3} =>.Logitech
O42 - Logiciel: Canon Inkjet Printer Driver Add-On Module - (..) [HKLM][64Bits] – CANONIJINBOXADDON100 =>.Canon Inc.®
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] – CCleaner =>.Piriform Ltd®
O42 - Logiciel: Cheat Engine 6.4 - (.Cheat Engine.) [HKLM][64Bits] – Cheat Engine 6.4_is1 =>.Cheat Engine®
O42 - Logiciel: Chromium - (.Chromium.) [HKCU][64Bits] – Chromium =>.Chromium
O42 - Logiciel: CleanGenius 3.2.2 - (.Amigabit, Inc..) [HKLM][64Bits] – {47C1AE40-7ED8-4743-83C3-C76F76C754A9}_is1
O42 - Logiciel: Compatibility Pack for the 2007 Office system - (.Microsoft Corporation.) [HKLM][64Bits] – {90120000-0020-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Compiled Driver Disk (Nokia) 1.0 - (.COMPELSON Labs.) [HKLM][64Bits] – {3DCF00F5-04A5-4543-A088-705480811205}_is1 =>.COMPELSON Labs
O42 - Logiciel: Compiled Driver Disk (Samsung) 1.0 - (.COMPELSON Labs.) [HKLM][64Bits] – {3DCF00F5-04A5-4543-A088-705480811206}_is1 =>.COMPELSON Labs
O42 - Logiciel: Cool & Quiet - (..) [HKLM][64Bits] – {1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}
O42 - Logiciel: CSR Harmony Wireless Software Stack - (.Cambridge Silicon Radio Limited..) [HKLM][64Bits] – {CAF754D7-AD99-409B-A594-C63DB5A51BC2}
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] – DAEMON Tools Lite =>.Disc Soft Ltd
O42 - Logiciel: Defraggler - (.Piriform.) [HKLM][64Bits] – Defraggler =>.Piriform Ltd®
O42 - Logiciel: Desktop Icon Position Saver (64-bit) - (..) [HKLM][64Bits] – dips64
O42 - Logiciel: DigiGuide TV Guide - (.GipsyMedia Limited.) [HKLM][64Bits] – DigiGuide TV Guide
O42 - Logiciel: Dragon Age 2 - LEGACY 1.03 - (..) [HKLM][64Bits] – Dragon Age 2 - LEGACY 1.03
O42 - Logiciel: Dragon Age II - (.Electronic Arts, Inc..) [HKLM][64Bits] – {F2E23139-3404-4E3C-9855-7724415D62A5} =>.BioWare®
O42 - Logiciel: Dragon Age Redesigned© - (..) [HKCU][64Bits] – Dragon Age Redesigned©
O42 - Logiciel: Dragon Age: Origins - (.Electronic Arts, Inc..) [HKLM][64Bits] – {AEC81925-9C76-4707-84A9-40696C613ED3} =>.BioWare®
O42 - Logiciel: Dragon Age™ II - (.Electronic Arts.) [HKLM][64Bits] – {4D565319-8B91-41CB-961C-0DDC86101AC5} =>.Electronic Arts®
O42 - Logiciel: Dragon Age™: Inquisition - (.Electronic Arts.) [HKLM][64Bits] – {DC4C36DC-4E5B-4262-B0C7-157DF534B969} =>.Electronic Arts®
O42 - Logiciel: EaseUS Data Recovery Wizard 7.0 - (.EaseUS.) [HKLM][64Bits] – EaseUS Data Recovery Wizard 7.0_is1 =>.EaseUS
O42 - Logiciel: EaseUS Partition Master 11.9 - (.EaseUS.) [HKLM][64Bits] – EaseUS Partition Master_is1 =>.CHENGDU YIWO Tech Development Co., Ltd.®
O42 - Logiciel: EaseUS Todo Backup Free 9.2 - (.CHENGDU YIWO Tech Development Co., Ltd.) [HKLM][64Bits] – EaseUS Todo Backup_is1 =>.CHENGDU YIWO Tech Development Co., Ltd.®
O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM][64Bits] – {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} =>.Logitech, Inc.
O42 - Logiciel: Focusrite Scarlett Family Audio Driver 3.1.10 - (.Focusrite Audio Engineering Limited..) [HKLM][64Bits] – Focusrite Scarlett Family Audio Driver_is1 {0BD57694357C70834D593B6379A4997D} =>.Focusrite Audio Engineering Limited.
O42 - Logiciel: Foxit Reader - (.Foxit Software Inc..) [HKLM][64Bits] – Foxit Reader_is1 =>.Foxit Software Incorporated®
O42 - Logiciel: FreeCAD 0.16 - A free open source CAD system - (.Juergen Riegel.) [HKLM][64Bits] – FreeCAD 0.16 =>.Juergen Riegel
O42 - Logiciel: FreeFileSync 6.1 - (.Zenju.) [HKLM][64Bits] – FreeFileSync =>.ZenJu
O42 - Logiciel: Geeks3D FurMark 1.19.0.0 - (.Geeks3D.) [HKLM][64Bits] – {2397CAD4-2263-4CD0-96BE-E43A980B9C9A}is1 =>.Geeks3D
O42 - Logiciel: GIMP 2.8.20 - (.The GIMP Team.) [HKLM][64Bits] – GIMP-2_is1 =>.Jernej Simončič®
O42 - Logiciel: GoldWave v6.19 - (.GoldWave Inc..) [HKLM][64Bits] – GoldWave v6.19 =>.GoldWave Inc.
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] – Google Chrome =>.Google Inc®
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] – {F6430171-B86B-4639-839E-374913E7911D} =>.Google
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] – {18455581-E099-4BA8-BC6B-F34B2F06600C} =>.Google Inc.
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] – {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] – {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] – {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
O42 - Logiciel: Grey Olltwit’s Plan Maker - (..) [HKLM][64Bits] – Grey Olltwit’s Plan Maker
O42 - Logiciel: Heaven Benchmark version 4.0 - (.Unigine Corp..) [HKLM][64Bits] – Unigine Heaven Benchmark (Basic Edition)is1 =>.Unigine Corp.
O42 - Logiciel: HexEdit - (.Expert Commercial Software Pty Ltd.) [HKLM][64Bits] – {083EF76E-0760-4D7A-9508-0B88A3AF1889} =>.Expert Commercial Software Pty Ltd
O42 - Logiciel: Java 8 Update 121 - (.Oracle Corporation.) [HKLM][64Bits] – {26A24AE4-039D-4CA4-87B4-2F32180121F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] – {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Kaspersky Secure Connection - (.Kaspersky Lab.) [HKLM][64Bits] – {1CF84962-50F8-48CA-9082-B70F3A02C686} =>.Kaspersky Lab
O42 - Logiciel: Kaspersky Secure Connection - (.Kaspersky Lab.) [HKLM][64Bits] – InstallWIX{1CF84962-50F8-48CA-9082-B70F3A02C686} =>.Kaspersky Lab
O42 - Logiciel: Kaspersky Total Security - (.Kaspersky Lab.) [HKLM][64Bits] – {E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2} =>.Kaspersky Lab
O42 - Logiciel: Kaspersky Total Security - (.Kaspersky Lab.) [HKLM][64Bits] – InstallWIX{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2} =>.Kaspersky Lab
O42 - Logiciel: KeePass Password Safe 2.24 - (.Dominik Reichl.) [HKLM][64Bits] – KeePassPasswordSafe2_is1 =>.Dominik Reichl
O42 - Logiciel: LibreOffice 5.3.3.2 - (.The Document Foundation.) [HKLM][64Bits] – {C7C4A0C6-8483-4065-851D-CBE5DC17D046} =>.The Document Foundation
O42 - Logiciel: Logitech Solar App 1.10 - (.Logitech.) [HKLM][64Bits] – SolarApp =>.Logitech®
O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM][64Bits] – {D40EB009-0499-459c-A8AF-C9C110766215} =>.Logitech®
O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM][64Bits] – {FF167195-9EE4-46C0-8CD7-FBA3457E88AB} =>.Logitech
O42 - Logiciel: LWS Gallery - (.Logitech.) [HKLM][64Bits] – {6F76EC3C-34B1-436E-97FB-48C58D7BEDCD} =>.Logitech
O42 - Logiciel: LWS Help_main - (.Logitech.) [HKLM][64Bits] – {1651216E-E7AD-4250-92A1-FB8ED61391C9} =>.Logitech
O42 - Logiciel: LWS Launcher - (.Logitech.) [HKLM][64Bits] – {83C8FA3C-F4EA-46C4-8392-D3CE353738D6} =>.Logitech
O42 - Logiciel: LWS Motion Detection - (.Logitech.) [HKLM][64Bits] – {71E66D3F-A009-44AB-8784-75E2819BA4BA} =>.Logitech
O42 - Logiciel: LWS Pictures And Video - (.Logitech.) [HKLM][64Bits] – {08610298-29AE-445B-B37D-EFBE05802967} =>.Logitech
O42 - Logiciel: LWS Twitter - (.Logitech.) [HKLM][64Bits] – {174A3B31-4C43-43DD-866F-73C9DB887B48} =>.Logitech
O42 - Logiciel: LWS Webcam Software - (.Logitech.) [HKLM][64Bits] – {8937D274-C281-42E4-8CDB-A0B2DF979189} =>.Logitech
O42 - Logiciel: LWS WLM Plugin - (.Logitech.) [HKLM][64Bits] – {9DAEA76B-E50F-4272-A595-0124E826553D} =>.Logitech
O42 - Logiciel: LWS YouTube Plugin - (.Logitech.) [HKLM][64Bits] – {21DF0294-6B9D-4741-AB6F-B2ABFBD2387E} =>.Logitech
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.1.1043 - (.Malwarebytes.) [HKLM][64Bits] – Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291. - (.Microsoft Corporation.) [HKLM][64Bits] – {25E80DAA-FD87-DCE5-202C-CC02F6673002} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] – OneDriveSetup.exe =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] – {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: MOBILedit! Support Libraries - (.COMPELSON Labs.) [HKLM][64Bits] – {1A834332-A9EE-440C-9505-2D07F445F05A} =>.COMPELSON Labs
O42 - Logiciel: MOBILedit! ver. 7.5.3.4200 - (.COMPELSON Labs.) [HKLM][64Bits] – {47DA7D2E-408C-4050-B75F-95F6D2E6A332}_is1 =>.COMPELSON Trade®
O42 - Logiciel: Mozilla Firefox 54.0 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] – Mozilla Firefox 54.0 (x86 en-US) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] – MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: MSI Afterburner 4.2.0 - (.MSI Co., LTD.) [HKLM][64Bits] – Afterburner =>.MSI Co., LTD
O42 - Logiciel: MSI Kombustor 3.5.1 - (.MSI Co., LTD.) [HKLM][64Bits] – {9598DA62-2AE8-426D-9C86-BEA96AC6721E}is1 =>.MSI Co., LTD
O42 - Logiciel: MyDefrag v4.3.1 - (.J.C. Kessels.) [HKLM][64Bits] – MyDefrag v4.3.1_is1 =>.J.C. Kessels
O42 - Logiciel: MyFreeCodec - (.Samsung Electronics.) [HKCU][64Bits] – MyFreeCodec =>.SAMSUNG Electronics
O42 - Logiciel: NEC Electronics USB 3.0 Host Controller Driver - (.NEC Electronics Corporation.) [HKLM][64Bits] – {D7BF9739-8A68-4335-BBEE-37752AD9E86B} =>.NEC Electronics Corporation
O42 - Logiciel: NEC Electronics USB 3.0 Host Controller Driver - (.NEC Electronics Corporation.) [HKLM][64Bits] – InstallShield{D7BF9739-8A68-4335-BBEE-37752AD9E86B} =>.NEC Electronics Corporation
O42 - Logiciel: NETGEAR WNA3100M N300 Wireless USB Adapter - (.NETGEAR.) [HKLM][64Bits] – {D3580358-0F78-402A-BE53-2E9D06383E04} =>.Netgear
O42 - Logiciel: NirSoft BlueScreenView - (.NirSoft.) [HKLM][64Bits] – NirSoft BlueScreenView =>.NirSoft
O42 - Logiciel: Nokia Connectivity Cable Driver - (..) [HKLM][64Bits] – {BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] – Notepad++ =>.Notepad++ Team
O42 - Logiciel: NVIDIA Control Panel 378.72 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Display Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Display Container LS - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Graphics Driver 378.72 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA PhysX System Software 9.16.0318 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation
O42 - Logiciel: OCCT 4.5.0 - (.Ocbase.com.) [HKLM][64Bits] – OCCT =>.Ocbase.com
O42 - Logiciel: OpenOffice 4.1.2 - (.Apache Software Foundation.) [HKLM][64Bits] – {4E96CB8B-444E-4EA3-8EF4-26060B0B411F} =>.Apache Software Foundation
O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] – Origin =>.Electronic Arts, Inc.®
O42 - Logiciel: Paint XP version 1.5 - (.MSPAINTXP.COM.) [HKLM][64Bits] – {2367FAB6-055A-4923-835F-F57F7BBBA363}_is1 =>.MSPAINTXP.COM
O42 - Logiciel: PDF-XChange 3 - (.Tracker Software.) [HKLM][64Bits] – PDF-XChange 3_is1 =>.Tracker Software
O42 - Logiciel: Personal Ancestral File 5 - (.Legitimate.) [HKLM][64Bits] – {D94A8E22-DF2B-4107-9E51-608A60A7671D}
O42 - Logiciel: Phone Drivers Downloader 1.1 - (.COMPELSON Labs.) [HKLM][64Bits] – {BDDB58A5-F98E-4D3C-B554-4A4D31C6D405}_is1 =>.COMPELSON Trade®
O42 - Logiciel: RadioSure - (.RadioSure.) [HKCU][64Bits] – RadioSure
O42 - Logiciel: RarmaRadio 2.69.1 - (.RaimerSoft.) [HKLM][64Bits] – RarmaRadio_is1 =>.Raimersoft
O42 - Logiciel: Recuva - (.Piriform.) [HKLM][64Bits] – Recuva =>.Piriform Ltd®
O42 - Logiciel: Revo Uninstaller 2.0.1 - (.VS Revo Group, Ltd..) [HKLM][64Bits] – {A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1 =>.VS Revo Group, Ltd.
O42 - Logiciel: RivaTuner Statistics Server 6.4.1 - (.Unwinder.) [HKLM][64Bits] – RTSS =>.Unwinder
O42 - Logiciel: Roadkil’s Unstoppable Copier Version 5.2 - (.Roadkil.Net.) [HKLM][64Bits] – {A306FD29-7D3A-4287-91AC-9A0180931395}is1
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] – {758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] – InstallShield{758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM][64Bits] – {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} =>.DEVGURU CO LTD®
O42 - Logiciel: Singing Tutor - (..) [HKLM][64Bits] – Singing Tutor
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] – {873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B} =>.Microsoft Corporation
O42 - Logiciel: Skype™ 7.0 - (.Skype Technologies S.A..) [HKLM][64Bits] – {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} =>.Skype Technologies S.A.
O42 - Logiciel: SlimDrivers - (.SlimWare Utilities, Inc..) [HKLM][64Bits] – {746AB259-6474-4111-8966-1C62F9A6E063} =>.Superfluous.SlimWareUtilities
O42 - Logiciel: Speccy - (.Piriform.) [HKLM][64Bits] – Speccy =>.Piriform Ltd®
O42 - Logiciel: SpeedFan (remove only) - (.Almico Software.) [HKLM][64Bits] – SpeedFan =>.Almico Software
O42 - Logiciel: SQLite Forensic Explorer version 2.0 - (.Acquire Forensic.) [HKLM][64Bits] – {70828B2E-C97B-4107-BE35-1273211919B5}_is1
O42 - Logiciel: SteelSoft Radio(Free Internet Radio) - (.SteelSoft.) [HKLM][64Bits] – {32FD738E-D5C6-4F8A-9C93-278859948DD6}
O42 - Logiciel: streamWriter - (..) [HKLM][64Bits] – streamWriter_is1
O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM][64Bits] – {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} =>.SUPERAntiSpyware.com®
O42 - Logiciel: SysInfoTools PST Merge x32(Demo) v3.0 - (.SysInfoTools.) [HKLM][64Bits] – {278318E2-89F5-43A0-BC54-20E9302244F8}_is1 =>.SysInfoTools
O42 - Logiciel: System Requirements Lab Detection - (.Husdawg, LLC.) [HKLM][64Bits] – {1F13D8B2-94E1-4502-A922-737548AEEABB} =>.Husdawg, LLC
O42 - Logiciel: TeamViewer 12 - (.TeamViewer.) [HKLM][64Bits] – TeamViewer =>.TeamViewer GmbH®
O42 - Logiciel: TechPowerUp GPU-Z - (.TechPowerUp.) [HKLM][64Bits] – TechPowerUp GPU-Z =>.TechPowerUp
O42 - Logiciel: TextPad 7 - (.Helios.) [HKLM][64Bits] – {BD290B7C-E023-4364-87D4-2B00DE2ED5A7} =>.Helios
O42 - Logiciel: TomTom MyDrive Connect 4.1.5.3181 - (.TomTom.) [HKLM][64Bits] – MyDriveConnect =>.TomTom International BV®
O42 - Logiciel: Unchecky v1.0.2 - (.RaMMicHaeL.) [HKLM][64Bits] – Unchecky =>.Reason Software Company Inc.®
O42 - Logiciel: Unigine Valley Benchmark version 1.0 - (.Unigine Corp..) [HKLM][64Bits] – Unigine Valley Benchmark_is1 =>.Unigine Corp.
O42 - Logiciel: USB 3G Super GSM Reader II v2.8.10 - (..) [HKLM][64Bits] – ST6UNST #1
O42 - Logiciel: Visual Studio C++ 10.0 Runtime - (.TomTom International B.V..) [HKLM][64Bits] – {4412F224-3849-4461-A3E9-DEEF8D252790} =>.TomTom International B.V.
O42 - Logiciel: Visual Subst - (.NTWind Software.) [HKLM][64Bits] – Visual Subst =>.NTWind Software
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] – VLC media player =>.VideoLAN
O42 - Logiciel: Vulkan Run Time Libraries 1.0.39.1 - (.LunarG, Inc..) [HKLM][64Bits] – VulkanRT1.0.39.1 =>.LunarG, Inc.®
O42 - Logiciel: WhoCrashed 5.53 - (.Resplendence Software Projects Sp..) [HKLM][64Bits] – WhoCrashed_is1 =>.Resplendence Software Projects Sp.
O42 - Logiciel: Windows 10 Update and Privacy Settings - (.Microsoft Corporation.) [HKLM][64Bits] – {293F2009-0145-450B-B4AA-063D43FB368C} =>.Microsoft Corporation
O42 - Logiciel: Windows 10 Upgrade Assistant - (.Microsoft Corporation.) [HKLM][64Bits] – {D5C69738-B486-402E-85AC-2456D98A64E4} =>.Microsoft Corporation®
O42 - Logiciel: WinImage - (..) [HKLM][64Bits] – WinImage {1121B67965C65167D78D3BE54B40DA42DF21}
O42 - Logiciel: WinISO - (.WinISO Computing Inc..) [HKLM][64Bits] – WinISO =>.WinISO Computing Inc.
O42 - Logiciel: WinRAR 5.01 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] – WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: Yahoo! Powered - (..) [HKLM][64Bits] – YahooPowered =>Adware.YahooPowered

—\ HKCU & HKLM Software Keys (155) - 18s
HKLM\SOFTWARE\Wow6432Node\Adguard =>.Adguard
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\Alexander Avdonin =>.Alexander Avdonin
HKLM\SOFTWARE\Wow6432Node\Amigabit
HKLM\SOFTWARE\Wow6432Node\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\Wow6432Node\ASIO =>.Steinberg Media Technologies
HKLM\SOFTWARE\Wow6432Node\ASUS =>.ASUS
HKLM\SOFTWARE\Wow6432Node\Auslogics =>.Auslogics
HKLM\SOFTWARE\Wow6432Node\Axialis
HKLM\SOFTWARE\Wow6432Node\Belarc =>.Belarc
HKLM\SOFTWARE\Wow6432Node\BioWare =>.BioWare
HKLM\SOFTWARE\Wow6432Node\BitMeterOS
HKLM\SOFTWARE\Wow6432Node\Compelson
HKLM\SOFTWARE\Wow6432Node\Disc Soft =>.Disc Soft
HKLM\SOFTWARE\Wow6432Node\EASEUS =>.EaseUS Software
HKLM\SOFTWARE\Wow6432Node\EaseUS Todo Backup =>.EaseUS Software
HKLM\SOFTWARE\Wow6432Node\ECSoftware
HKLM\SOFTWARE\Wow6432Node\Electronic Arts =>.Electronic Arts
HKLM\SOFTWARE\Wow6432Node\Foxit Software =>.Foxit Software
HKLM\SOFTWARE\Wow6432Node\FreeFileSync =>.ZenJu Software
HKLM\SOFTWARE\Wow6432Node\Google =>.Google
HKLM\SOFTWARE\Wow6432Node\Helios =>.Helios
HKLM\SOFTWARE\Wow6432Node\IM Providers =>.IM Providers
HKLM\SOFTWARE\Wow6432Node\InstallShield =>.InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel =>.Intel
HKLM\SOFTWARE\Wow6432Node\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\Wow6432Node\KasperskyLab =>.Kaspersky Labs
HKLM\SOFTWARE\Wow6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\Wow6432Node\Kingsoft =>.Kingosoft Technology Ltd
HKLM\SOFTWARE\Wow6432Node\L&H
HKLM\SOFTWARE\Wow6432Node\LibreOffice =>.LibreOffice
HKLM\SOFTWARE\Wow6432Node\logishrd =>.LogiShrd
HKLM\SOFTWARE\Wow6432Node\Logitech =>.Logitech
HKLM\SOFTWARE\Wow6432Node\Macromedia =>.Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes Anti-Exploit =>.Malwarebytes
HKLM\SOFTWARE\Wow6432Node\Malwarebytes’ Anti-Malware =>.Malwarebytes’ Anti-Malware
HKLM\SOFTWARE\Wow6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\MSI =>.MSI
HKLM\SOFTWARE\Wow6432Node\Mutator
HKLM\SOFTWARE\Wow6432Node\Myfree Codec =>.Samsung Electronics
HKLM\SOFTWARE\Wow6432Node\NETGEAR =>.Netgear Inc
HKLM\SOFTWARE\Wow6432Node\Notepad++ =>.Don Ho
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Wow6432Node\OpenOffice =>.SourceForge
HKLM\SOFTWARE\Wow6432Node\Origin =>.Electronic Arts, Inc.
HKLM\SOFTWARE\Wow6432Node\Origin Games =>.Electronic Arts, Inc.
HKLM\SOFTWARE\Wow6432Node\RecordDISCXXX =>.Propellerhead Reason
HKLM\SOFTWARE\Wow6432Node\RtWLan =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\SERCOMM =>.Sercomm
HKLM\SOFTWARE\Wow6432Node\Skype =>.Skype
HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities Inc =>.Superfluous.SlimWareUtilities
HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities, Inc. =>.Superfluous.SlimWareUtilities
HKLM\SOFTWARE\Wow6432Node\Softgogo =>.YNET Technology Co.,Ltd
HKLM\SOFTWARE\Wow6432Node\SpeedFan =>.Almico Software
HKLM\SOFTWARE\Wow6432Node\TeamViewer =>.TeamViewer
HKLM\SOFTWARE\Wow6432Node\The Church of Jesus Christ of Latter-day Saints
HKLM\SOFTWARE\Wow6432Node\The Document Foundation =>.The Document Foundation
HKLM\SOFTWARE\Wow6432Node\TomTom =>.TomTom
HKLM\SOFTWARE\Wow6432Node\TVInstallTemp =>.TeamViewer GmbH
HKLM\SOFTWARE\Wow6432Node\Unchecky =>.RaMMicHaeL
HKLM\SOFTWARE\Wow6432Node\Unwinder =>.Unwinder
HKLM\SOFTWARE\Wow6432Node\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\Wow6432Node\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\Wow6432Node\WinISO =>.WinISO Computing Inc
HKLM\SOFTWARE\Wow6432Node\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\Wow6432Node\WSWNA3100M =>.Netgear Inc
HKLM\SOFTWARE\Wow6432Node\Yahoo =>.Yahoo! Inc.
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\Ableton =>.Ableton
HKCU\SOFTWARE\AdblockPlus =>.Wladimir Palant
HKCU\SOFTWARE\Amigabit
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Audacity =>.Audacity
HKCU\SOFTWARE\Axialis
HKCU\SOFTWARE\Belarc =>.Belarc
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Cambridge Silicon Radio
HKCU\SOFTWARE\Cheat Engine =>.Dark Byte
HKCU\SOFTWARE\Chromium =>.Chromium
HKCU\SOFTWARE\CodeGear =>.CodeGear
HKCU\SOFTWARE\Compelson
HKCU\SOFTWARE\Disc Soft =>.Disc Soft
HKCU\SOFTWARE\EaseUS =>.EaseUS Software
HKCU\SOFTWARE\ECSoftware
HKCU\SOFTWARE\Electronic Arts =>.Electronic Arts
HKCU\SOFTWARE\EpmNewsInfo =>.EaseUS Software
HKCU\SOFTWARE\Foxit Software =>.Foxit Software
HKCU\SOFTWARE\FreeCAD
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\Hewlett-Packard =>.Hewlett-Packard
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\Incline Software
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\JufSoft
HKCU\SOFTWARE\KasperskyLab =>.Kaspersky Labs
HKCU\SOFTWARE\Kingsoft =>.Kingosoft Technology Ltd
HKCU\SOFTWARE\KLive =>.Games Software
HKCU\SOFTWARE\LDS Church
HKCU\SOFTWARE\Leadertech =>.Leadertech Systems
HKCU\SOFTWARE\LogiShrd =>.LogiShrd
HKCU\SOFTWARE\Logitech =>.Logitech
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\Malwarebytes’ Anti-Malware =>.Malwarebytes’ Anti-Malware
HKCU\SOFTWARE\McAfee =>.McAfee Inc.
HKCU\SOFTWARE\mistake.ws
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKCU\SOFTWARE\MSI =>.MSI
HKCU\SOFTWARE\MurGee.com =>.MurGee.com
HKCU\SOFTWARE\MyDefrag =>.Jeroen Kessels
HKCU\SOFTWARE\Myfree Codec =>.Samsung Electronics
HKCU\SOFTWARE\NEC Electronics =>.NEC Electronics
HKCU\SOFTWARE\NETGEAR =>.Netgear Inc
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKCU\SOFTWARE\OCS
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\OpenOffice =>.SourceForge
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\RadioSure =>.RadioSure
HKCU\SOFTWARE\Raimasoft
HKCU\SOFTWARE\Redemption =>.Legitimate
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\Resplendence Sp =>.Resplendence Software
HKCU\SOFTWARE\Richter
HKCU\SOFTWARE\Roadkil
HKCU\SOFTWARE\roamingdevice =>.Unknown
HKCU\SOFTWARE\Samsung =>.Samsung Electronics
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\SlimWare Utilities Inc =>.Superfluous.SlimWareUtilities
HKCU\SOFTWARE\SpeedFan =>.Almico Software
HKCU\SOFTWARE\SUPERAntiSpyware.com =>.SUPERAntiSpyware.com
HKCU\SOFTWARE\Sysinternals =>.Sysinternals
HKCU\SOFTWARE\TeamViewer =>.TeamViewer
HKCU\SOFTWARE\techPowerUp =>.TechPowerUp
HKCU\SOFTWARE\The Document Foundation =>.The Document Foundation
HKCU\SOFTWARE\TomTom =>.TomTom
HKCU\SOFTWARE\Tracker Software =>.Tracker Software
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\Unchecky =>.RaMMicHaeL
HKCU\SOFTWARE\Unwinder =>.Unwinder
HKCU\SOFTWARE\VB and VBA Program Settings =>.Microsoft Corporation
HKCU\SOFTWARE\VideoLAN =>.VideoLAN
HKCU\SOFTWARE\VS Revo Group =>.VS Revo Group
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft =>.JavaSoft

—\ Contents of the Common Files folders (429) - 13s
O43 - CFD: 22/10/2015 - AD – C:\Program Files\Adblock Plus for IE =>.Adblock
O43 - CFD: 04/02/2017 - D – C:\Program Files\AutoHotkey =>.Chicony Multimedia
O43 - CFD: 08/01/2016 - AD – C:\Program Files\CCleaner =>.Piriform Ltd
O43 - CFD: 08/02/2017 - D – C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 22/01/2014 - AD – C:\Program Files\Compiled Driver Disk (Nokia)
O43 - CFD: 22/01/2014 - AD – C:\Program Files\Compiled Driver Disk (Samsung) =>.Samsung Electronics
O43 - CFD: 02/02/2016 - D – C:\Program Files\CSR {759231295D01C6089DE93FE4C3559535}
O43 - CFD: 08/01/2016 - AD – C:\Program Files\Defraggler =>.Piriform Ltd
O43 - CFD: 13/08/2015 - D – C:\Program Files\DIPS64
O43 - CFD: 17/12/2015 - D – C:\Program Files\DVD Maker =>.Aone Software
O43 - CFD: 24/03/2016 - [0] D – C:\Program Files\Easeware =>.Easeware
O43 - CFD: 22/07/2016 - D – C:\Program Files\FreeCAD 0.16
O43 - CFD: 17/01/2014 - D – C:\Program Files\FreeFileSync =>.ZenJu Software
O43 - CFD: 29/05/2015 - AD – C:\Program Files\GIMP 2 =>.Jernej Simončič®
O43 - CFD: 22/01/2016 - D – C:\Program Files\GoldWave =>.GoldWave Inc.
O43 - CFD: 19/12/2013 - D – C:\Program Files\Google =>.Google
O43 - CFD: 21/03/2017 - D – C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 24/03/2015 - D – C:\Program Files\Logitech =>.Logitech®
O43 - CFD: 08/02/2017 - D – C:\Program Files\Microsoft Games =>.Microsoft Corporation
O43 - CFD: 14/02/2017 - AD – C:\Program Files\Microsoft Mouse and Keyboard Center =>.Microsoft Corporation
O43 - CFD: 14/05/2016 - AD – C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 13/03/2015 - D – C:\Program Files\Mod Manager DAII
O43 - CFD: 08/02/2017 - D – C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 28/04/2016 - AD – C:\Program Files\MSI Kombustor 3 =>.Micro-Star International Co
O43 - CFD: 22/02/2014 - AD – C:\Program Files\MyDefrag v4.3.1
O43 - CFD: 27/04/2017 - D – C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 22/01/2014 - AD – C:\Program Files\Phone Drivers Downloader
O43 - CFD: 16/07/2016 - AD – C:\Program Files\Recuva =>.Piriform
O43 - CFD: 08/02/2017 - D – C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 21/01/2016 - D – C:\Program Files\Scarlett
O43 - CFD: 08/01/2016 - AD – C:\Program Files\Speccy =>.Piriform
O43 - CFD: 12/05/2017 - AD – C:\Program Files\SUPERAntiSpyware =>.SUPERAntiSpyware
O43 - CFD: 05/02/2016 - D – C:\Program Files\TextPad 7 {1CA83CBDD723B986}
O43 - CFD: 18/01/2014 - D – C:\Program Files\Tracker Software =>.Tracker Software
O43 - CFD: 14/07/2009 - [0] HD – C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 06/02/2016 - D – C:\Program Files\Unlocker =>.Cedrick Collomb
O43 - CFD: 17/06/2017 - AD – C:\Program Files\UNP =>.Microsoft Corporation
O43 - CFD: 12/11/2016 - D – C:\Program Files\VS Revo Group =>.VS Revo Group
O43 - CFD: 26/04/2017 - AD – C:\Program Files\WhoCrashed =>.Resplendence Software
O43 - CFD: 12/05/2017 - RD – C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - D – C:\Program Files\Windows Defender Advanced Threat Protection =>.Microsoft Corporation
O43 - CFD: 21/03/2017 - D – C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - D – C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - D – C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - D – C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 12/05/2017 - D – C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - D – C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - SHD – C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 19/06/2017 - HD – C:\Program Files\WindowsApps =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - D – C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 18/12/2013 - D – C:\Program Files\WinImage {1121B67965C65167D78D3BE54B40DA42DF21}
O43 - CFD: 18/12/2013 - AD – C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 13/01/2015 - D – C:\Program Files (x86)\AstroGrep
O43 - CFD: 08/07/2014 - D – C:\Program Files (x86)\ASUS =>.ASUS
O43 - CFD: 22/01/2016 - AD – C:\Program Files (x86)\Audacity =>.Audacity
O43 - CFD: 24/02/2014 - D – C:\Program Files (x86)\Auslogics =>.Auslogics
O43 - CFD: 19/12/2013 - D – C:\Program Files (x86)\Auto Clicker
O43 - CFD: 01/07/2016 - D – C:\Program Files (x86)\Axialis =>.Axialis
O43 - CFD: 23/09/2014 - D – C:\Program Files (x86)\Belarc =>.Belarc, Inc.
O43 - CFD: 29/10/2015 - AD – C:\Program Files (x86)\Cheat Engine 6.4 =>.Dark Byte
O43 - CFD: 24/10/2015 - D – C:\Program Files (x86)\ChipGenius_v4_00_1024_0047
O43 - CFD: 06/02/2016 - AD – C:\Program Files (x86)\CleanGenius 3 {30A0C6D10C607499E2E779B78E80992B}
O43 - CFD: 22/11/2016 - D – C:\Program Files (x86)\Codebox
O43 - CFD: 08/03/2017 - D – C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 22/01/2014 - D – C:\Program Files (x86)\COMPELSON Labs =>.COMPELSON Labs
O43 - CFD: 02/02/2016 - D – C:\Program Files (x86)\CSR {759231295D01C6089DE93FE4C3559535}
O43 - CFD: 18/12/2013 - D – C:\Program Files (x86)\DAEMON Tools Lite =>.DAEMON Tools
O43 - CFD: 18/09/2014 - D – C:\Program Files (x86)\DigiGuide TV Guide
O43 - CFD: 19/10/2016 - D – C:\Program Files (x86)\DOSBox-0.74
O43 - CFD: 19/12/2016 - D – C:\Program Files (x86)\EaseUS =>.EaseUS Software
O43 - CFD: 26/05/2015 - D – C:\Program Files (x86)\FamilySearch
O43 - CFD: 09/01/2014 - D – C:\Program Files (x86)\Foxit Software =>.Foxit Software
O43 - CFD: 09/12/2015 - D – C:\Program Files (x86)\Geeks3D =>.Geeks3D
O43 - CFD: 29/01/2017 - D – C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 09/12/2015 - D – C:\Program Files (x86)\GPU-Z =>.TechPowerUp Ltd®
O43 - CFD: 04/02/2014 - AD – C:\Program Files (x86)\HexEdit
O43 - CFD: 18/01/2014 - D – C:\Program Files (x86)\Incline Software {0C8269700941E072496B561BDF023BE6}
O43 - CFD: 15/06/2017 - AD – C:\Program Files (x86)\Inquisition =>.Electronic Arts, Inc.®
O43 - CFD: 26/05/2015 - HD – C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield Software
O43 - CFD: 21/03/2017 - D – C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 20/12/2016 - [0] D – C:\Program Files (x86)\iolo =>.Iolo Technologies
O43 - CFD: 08/03/2017 - D – C:\Program Files (x86)\Java =>.Oracle
O43 - CFD: 08/02/2014 - D – C:\Program Files (x86)\Jufsoft {00B2034DDFD33C4C10A3FA403911E4F24B}
O43 - CFD: 27/04/2017 - D – C:\Program Files (x86)\Kaspersky Lab =>.Kaspersky Lab
O43 - CFD: 18/12/2013 - AD – C:\Program Files (x86)\KeePass Password Safe 2
O43 - CFD: 15/08/2014 - [0] D – C:\Program Files (x86)\Kingsoft =>.Kingosoft Technology Ltd
O43 - CFD: 05/11/2015 - D – C:\Program Files (x86)\Lexars Bootit
O43 - CFD: 25/05/2017 - AD – C:\Program Files (x86)\LibreOffice 5 =>.LibreOffice
O43 - CFD: 12/11/2015 - D – C:\Program Files (x86)\Logitech =>.Logitech, Inc.®
O43 - CFD: 17/04/2016 - AD – C:\Program Files (x86)\Malwarebytes Anti-Malware =>.Malwarebytes
O43 - CFD: 23/05/2014 - D – C:\Program Files (x86)\MarkAny =>.MarkAny
O43 - CFD: 18/12/2013 - AD – C:\Program Files (x86)\Microsoft ActiveSync =>.Microsoft Corporation
O43 - CFD: 16/02/2015 - D – C:\Program Files (x86)\Microsoft ASP.NET =>.Microsoft Corporation
O43 - CFD: 17/02/2015 - AD – C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 14/05/2016 - AD – C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 18/12/2013 - D – C:\Program Files (x86)\Microsoft Visual Studio =>.Microsoft Corporation
O43 - CFD: 16/02/2015 - D – C:\Program Files (x86)\Microsoft Works =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - D – C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 22/01/2014 - AD – C:\Program Files (x86)\MOBILedit! =>.COMPELSON Trade®
O43 - CFD: 17/06/2017 - AD – C:\Program Files (x86)\Mozilla Firefox =>.Mozilla
O43 - CFD: 17/06/2017 - D – C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla
O43 - CFD: 08/02/2017 - D – C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
O43 - CFD: 12/05/2014 - D – C:\Program Files (x86)\MSECache =>.Microsoft Corporation
O43 - CFD: 06/05/2016 - D – C:\Program Files (x86)\MSI Afterburner =>.Micro-Star International Co
O43 - CFD: 05/06/2017 - AD – C:\Program Files (x86)\MyDrive Connect =>.TomTom
O43 - CFD: 23/05/2014 - D – C:\Program Files (x86)\MyFree Codec =>.ENJsoft Inc/Samsung
O43 - CFD: 25/04/2015 - D – C:\Program Files (x86)\NEC Electronics =>.NEC Electronics
O43 - CFD: 31/12/2014 - D – C:\Program Files (x86)\NETGEAR =>.Netgear Inc
O43 - CFD: 17/04/2017 - D – C:\Program Files (x86)\NirSoft =>.NirSoft
O43 - CFD: 27/06/2014 - D – C:\Program Files (x86)\Notepad++ =>.Don Ho
O43 - CFD: 27/04/2017 - D – C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 05/05/2017 - D – C:\Program Files (x86)\OCCTPT =>.Tetedeiench
O43 - CFD: 18/03/2016 - AD – C:\Program Files (x86)\OpenOffice 4 =>.OpenOffice.org
O43 - CFD: 20/10/2015 - D – C:\Program Files (x86)\Origin Games =>.Electronic Arts, Inc.
O43 - CFD: 22/07/2016 - AD – C:\Program Files (x86)\Paint XP
O43 - CFD: 22/07/2016 - D – C:\Program Files (x86)\Plan Maker
O43 - CFD: 24/08/2014 - AD – C:\Program Files (x86)\RarmaRadio
O43 - CFD: 08/02/2017 - D – C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 28/04/2016 - D – C:\Program Files (x86)\RivaTuner Statistics Server =>.RivaTuner
O43 - CFD: 23/05/2014 - D – C:\Program Files (x86)\Samsung =>.Samsung Electronics
O43 - CFD: 23/01/2016 - D – C:\Program Files (x86)\Singing Tutor
O43 - CFD: 24/10/2016 - RD – C:\Program Files (x86)\Skype =>.Skype
O43 - CFD: 14/04/2017 - AD – C:\Program Files (x86)\SlimDrivers =>.Superfluous.SlimWareUtilities
O43 - CFD: 17/06/2017 - D – C:\Program Files (x86)\SpeedFan =>.Almico Software
O43 - CFD: 25/10/2016 - AD – C:\Program Files (x86)\SQLite Forensic Explorer =>.Legitimate
O43 - CFD: 19/12/2013 - D – C:\Program Files (x86)\SteelSoft
O43 - CFD: 24/08/2014 - AD – C:\Program Files (x86)\streamWriter
O43 - CFD: 20/02/2014 - D – C:\Program Files (x86)\Synkronizer 9.1
O43 - CFD: 22/02/2014 - AD – C:\Program Files (x86)\SysInfoTools PST Merge x32(Demo) v3.0
O43 - CFD: 17/06/2015 - AD – C:\Program Files (x86)\SystemRequirementsLab =>.System Requirements Lab
O43 - CFD: 15/06/2017 - AD – C:\Program Files (x86)\TeamViewer =>.TeamViewer GmbH®
O43 - CFD: 22/11/2016 - D – C:\Program Files (x86)\thinkbroadband.com {153ABE42A865DEF78E17F2D9E5BC2E8B}
O43 - CFD: 30/08/2016 - D – C:\Program Files (x86)\TomTom International B.V =>.TomTom
O43 - CFD: 13/10/2015 - AD – C:\Program Files (x86)\Unchecky =>.RaMMicHaeL
O43 - CFD: 19/04/2017 - D – C:\Program Files (x86)\Unigine =>.Unigine
O43 - CFD: 08/02/2017 - [0] HD – C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 16/03/2014 - AD – C:\Program Files (x86)\UnstopCpy
O43 - CFD: 27/05/2014 - D – C:\Program Files (x86)\USB 3G Super GSM Reader II v2.8.10
O43 - CFD: 18/12/2013 - D – C:\Program Files (x86)\VideoLAN =>.VideoLan Team
O43 - CFD: 07/01/2014 - AD – C:\Program Files (x86)\Visual Subst
O43 - CFD: 27/04/2017 - D – C:\Program Files (x86)\VulkanRT =>.LunarG, Inc
O43 - CFD: 12/05/2017 - D – C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 21/03/2017 - D – C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - D – C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - D – C:\Program Files (x86)\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - D – C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 12/05/2017 - D – C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - D – C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - SHD – C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - D – C:\Program Files (x86)\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 31/05/2017 - D – C:\Program Files (x86)\WinISO =>.WinISO Computing Inc
O43 - CFD: 18/12/2013 - D – C:\Program Files (x86)\xdate
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3G Super GSM Reader II v2.8.10
O43 - CFD: 21/03/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 12/05/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 21/03/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ancestral Quest 14
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS =>.ASUS
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics =>.Auslogics
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey =>.Chicony Multimedia
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BadCopy Pro
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitMeter OS
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4 =>.Dark Byte
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanGenius 3
O43 - CFD: 15/08/2015 - [0] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPU-Z =>.CPUID Inc
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite =>.DAEMON Tools
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler =>.Piriform Ltd
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age Inquisition
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age Origins
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 7.0 =>.EaseUS Software
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 11.9 =>.EaseUS Software
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 9.2 =>.EaseUS Software
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FamilySearch
O43 - CFD: 01/06/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader =>.Foxit Corporation
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCAD 0.16
O43 - CFD: 08/02/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D =>.Geeks3D
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth =>.Google Earth
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HexEdit
O43 - CFD: 08/03/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection =>.Kaspersky Lab
O43 - CFD: 27/04/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security =>.Kaspersky Labs
O43 - CFD: 25/05/2017 - SD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.3 =>.LibreOffice
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech =>.Logitech
O43 - CFD: 16/07/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware =>.Malwarebytes
O43 - CFD: 06/04/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILedit!
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 3 =>.Micro-Star International Co
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec =>.ENJsoft Inc/Samsung
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NEC Electronics =>.NEC Electronics
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100M Genie =>.Netgear Inc
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ =>.Don Ho
O43 - CFD: 08/02/2017 - SD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2 =>.SourceForge
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin =>.Electronic Arts, Inc.
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint XP
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange 3
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RarmaRadio
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva =>.Piriform
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller =>.VS Revo Group
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung =>.Samsung Electronics
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scarlett
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype =>.Skype
O43 - CFD: 14/04/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy =>.Piriform
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan =>.Almico Software
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQLite Forensic Explorer =>.Legitimate
O43 - CFD: 08/02/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\streamWriter
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware =>.SUPERAntiSpyware
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysInfoTools PST Merge x32(Demo) v3.0
O43 - CFD: 16/07/2016 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TextPad 7
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom =>.TomTom
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky =>.RaMMicHaeL
O43 - CFD: 19/04/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine =>.Unigine
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnstopCpy
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Subst
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0 =>.Kronos Group
O43 - CFD: 17/04/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed =>.Resplendence Software
O43 - CFD: 22/02/2014 - [0] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinImage
O43 - CFD: 22/02/2014 - [0] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 21/01/2016 - D – C:\ProgramData\Ableton =>.Ableton
O43 - CFD: 22/02/2014 - D – C:\ProgramData\Amigabit
O43 - CFD: 08/02/2017 - [0] SHD – C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 24/02/2014 - D – C:\ProgramData\Auslogics =>.Auslogics
O43 - CFD: 19/12/2013 - D – C:\ProgramData\BioWare =>.BioWare
O43 - CFD: 20/06/2017 - D – C:\ProgramData\BitMeterOS
O43 - CFD: 01/07/2015 - D – C:\ProgramData\boost_interprocess =>.boost.org
O43 - CFD: 06/11/2015 - HD – C:\ProgramData\CanonBJ =>.Canon Inc.
O43 - CFD: 16/07/2016 - [0] D – C:\ProgramData\Comms =>.Microsoft Corporation
O43 - CFD: 18/12/2013 - D – C:\ProgramData\DAEMON Tools Lite =>.DAEMON Tools
O43 - CFD: 08/02/2017 - [0] SHD – C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - [0] SHD – C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 08/05/2014 - D – C:\ProgramData\EA Core =>.Electronic Arts, Inc.
O43 - CFD: 08/05/2014 - D – C:\ProgramData\Electronic Arts =>.Electronic Arts
O43 - CFD: 08/02/2017 - [0] SHD – C:\ProgramData\Favorites =>.Microsoft Corporation
O43 - CFD: 24/09/2016 - D – C:\ProgramData\Foxit ContentPlatform =>.Foxit Corporation
O43 - CFD: 01/06/2017 - D – C:\ProgramData\Foxit Software =>.Foxit Software
O43 - CFD: 19/12/2013 - D – C:\ProgramData\Google =>.Google
O43 - CFD: 11/02/2014 - D – C:\ProgramData\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 22/02/2014 - D – C:\ProgramData\iolo =>.Iolo Technologies
O43 - CFD: 20/06/2017 - D – C:\ProgramData\Kaspersky Lab =>.Kaspersky Lab
O43 - CFD: 06/08/2014 - D – C:\ProgramData\Kingsoft =>.Kingosoft Technology Ltd
O43 - CFD: 04/02/2016 - D – C:\ProgramData\LogiShrd =>.Logitech Inc.
O43 - CFD: 24/03/2015 - D – C:\ProgramData\Logitech =>.Logitech
O43 - CFD: 02/09/2014 - D – C:\ProgramData\Malwarebytes =>.Malwarebytes
O43 - CFD: 27/07/2015 - D – C:\ProgramData\Malwarebytes Anti-Exploit =>.Malwarebytes
O43 - CFD: 18/12/2013 - D – C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 18/12/2013 - D – C:\ProgramData\Media Center Programs =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - SD – C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - D – C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation
O43 - CFD: 18/12/2013 - D – C:\ProgramData\Mozilla =>.Mozilla Corporation
O43 - CFD: 17/06/2017 - D – C:\ProgramData\NVIDIA =>.nVidia Corporation
O43 - CFD: 27/04/2017 - D – C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 08/03/2017 - D – C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 16/06/2017 - D – C:\ProgramData\Origin =>.Electronic Arts, Inc.
O43 - CFD: 22/07/2016 - D – C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - D – C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 23/05/2014 - D – C:\ProgramData\Samsung =>.Samsung Electronics
O43 - CFD: 18/12/2014 - D – C:\ProgramData\Skype =>.Skype
O43 - CFD: 16/07/2016 - [0] D – C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - [0] SHD – C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 19/12/2013 - D – C:\ProgramData\Sun =>.Oracle
O43 - CFD: 18/12/2013 - D – C:\ProgramData\SUPERAntiSpyware.com =>.SUPERAntiSpyware.com
O43 - CFD: 08/02/2017 - [0] SHD – C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 28/03/2017 - D – C:\ProgramData\Unchecky =>.RaMMicHaeL
O43 - CFD: 08/02/2017 - D – C:\ProgramData\USOPrivate =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - D – C:\ProgramData\USOShared =>.Microsoft Corporation
O43 - CFD: 08/05/2014 - D – C:\Program Files (x86)\Common Files\BioWare =>.BioWare
O43 - CFD: 18/12/2013 - AD – C:\Program Files (x86)\Common Files\DESIGNER =>.Designer
O43 - CFD: 01/09/2015 - HD – C:\Program Files (x86)\Common Files\EAInstaller =>.Electronic Arts, Inc.
O43 - CFD: 08/07/2014 - D – C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield
O43 - CFD: 08/03/2017 - D – C:\Program Files (x86)\Common Files\Java =>.Oracle
O43 - CFD: 18/12/2013 - AD – C:\Program Files (x86)\Common Files\L&H
O43 - CFD: 17/12/2015 - AD – C:\Program Files (x86)\Common Files\LogiShrd =>.Logitech Inc.
O43 - CFD: 08/02/2017 - AD – C:\Program Files (x86)\Common Files\Microsoft Shared =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - D – C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 18/12/2014 - AD – C:\Program Files (x86)\Common Files\Skype =>.Skype
O43 - CFD: 08/02/2017 - D – C:\Program Files (x86)\Common Files\SpeechEngines =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - AD – C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 21/01/2016 - D – C:\Users\Gary\AppData\Roaming\Ableton =>.Ableton
O43 - CFD: 18/12/2013 - D – C:\Users\Gary\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 13/01/2015 - D – C:\Users\Gary\AppData\Roaming\AstroGrep
O43 - CFD: 12/03/2016 - D – C:\Users\Gary\AppData\Roaming\Audacity =>.Audacity
O43 - CFD: 01/07/2016 - D – C:\Users\Gary\AppData\Roaming\Axialis =>.Axialis
O43 - CFD: 18/12/2013 - D – C:\Users\Gary\AppData\Roaming\DAEMON Tools Lite =>.DAEMON Tools
O43 - CFD: 02/08/2015 - D – C:\Users\Gary\AppData\Roaming\DesktopIconForAmazon =>PUP.Optional.ADON
O43 - CFD: 12/04/2016 - [0] D – C:\Users\Gary\AppData\Roaming\Easeware =>.Easeware
O43 - CFD: 04/02/2014 - D – C:\Users\Gary\AppData\Roaming\ECSoftware
O43 - CFD: 13/11/2016 - D – C:\Users\Gary\AppData\Roaming\epm =>.Easus
O43 - CFD: 24/09/2016 - D – C:\Users\Gary\AppData\Roaming\Foxit AgentInformation =>.Foxit Corporation
O43 - CFD: 24/01/2017 - D – C:\Users\Gary\AppData\Roaming\Foxit Software =>.Foxit Software
O43 - CFD: 22/07/2016 - D – C:\Users\Gary\AppData\Roaming\FreeCAD =>.FreeCAD
O43 - CFD: 21/01/2014 - D – C:\Users\Gary\AppData\Roaming\FreeFileSync =>.ZenJu Software
O43 - CFD: 22/01/2016 - D – C:\Users\Gary\AppData\Roaming\GoldWave =>.GoldWave Inc.
O43 - CFD: 19/12/2013 - D – C:\Users\Gary\AppData\Roaming\Google =>.Google
O43 - CFD: 18/12/2013 - D – C:\Users\Gary\AppData\Roaming\Helios =>.Helios
O43 - CFD: 08/02/2017 - D – C:\Users\Gary\AppData\Roaming\Identities =>.Microsoft Corporation
O43 - CFD: 18/01/2014 - D – C:\Users\Gary\AppData\Roaming\Incline Software
O43 - CFD: 31/12/2014 - D – C:\Users\Gary\AppData\Roaming\InstallShield =>.InstallShield
O43 - CFD: 25/07/2016 - D – C:\Users\Gary\AppData\Roaming\Kingsoft =>.Kingosoft Technology Ltd
O43 - CFD: 12/11/2015 - D – C:\Users\Gary\AppData\Roaming\Leadertech =>.Leadertech Systems
O43 - CFD: 07/08/2015 - D – C:\Users\Gary\AppData\Roaming\LibreOffice =>.LibreOffice
O43 - CFD: 04/02/2016 - D – C:\Users\Gary\AppData\Roaming\Logishrd =>.Logitech Inc.
O43 - CFD: 24/03/2015 - D – C:\Users\Gary\AppData\Roaming\Logitech =>.Logitech
O43 - CFD: 18/12/2013 - D – C:\Users\Gary\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 02/09/2014 - [0] D – C:\Users\Gary\AppData\Roaming\Malwarebytes =>.Malwarebytes
O43 - CFD: 14/07/2009 - [0] D – C:\Users\Gary\AppData\Roaming\Media Center Programs =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - SD – C:\Users\Gary\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 23/01/2014 - D – C:\Users\Gary\AppData\Roaming\MOBILedit
O43 - CFD: 18/12/2013 - D – C:\Users\Gary\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 02/12/2014 - D – C:\Users\Gary\AppData\Roaming\Notepad++ =>.Don Ho
O43 - CFD: 06/05/2017 - D – C:\Users\Gary\AppData\Roaming\NVIDIA =>.nVidia Corporation
O43 - CFD: 27/01/2015 - D – C:\Users\Gary\AppData\Roaming\OpenOffice =>.SourceForge
O43 - CFD: 15/06/2017 - D – C:\Users\Gary\AppData\Roaming\Origin =>.Electronic Arts, Inc.
O43 - CFD: 24/08/2014 - D – C:\Users\Gary\AppData\Roaming\RaimaRadioPro
O43 - CFD: 23/05/2014 - D – C:\Users\Gary\AppData\Roaming\Samsung =>.Samsung Electronics
O43 - CFD: 31/08/2016 - D – C:\Users\Gary\AppData\Roaming\Skype =>.Skype
O43 - CFD: 24/08/2014 - D – C:\Users\Gary\AppData\Roaming\streamWriter
O43 - CFD: 30/08/2015 - D – C:\Users\Gary\AppData\Roaming\Sun =>.Oracle
O43 - CFD: 18/12/2013 - D – C:\Users\Gary\AppData\Roaming\SUPERAntiSpyware.com =>.SUPERAntiSpyware.com
O43 - CFD: 14/05/2014 - D – C:\Users\Gary\AppData\Roaming\TeamViewer =>.TeamViewer
O43 - CFD: 13/10/2014 - D – C:\Users\Gary\AppData\Roaming\Unified Remote =>.Unified Remote
O43 - CFD: 14/10/2016 - D – C:\Users\Gary\AppData\Roaming\uTorrent
O43 - CFD: 10/05/2016 - D – C:\Users\Gary\AppData\Roaming\vlc =>.VideoLan Team
O43 - CFD: 31/05/2017 - D – C:\Users\Gary\AppData\Roaming\WinISO Computing =>.WinISO Computing Inc
O43 - CFD: 18/12/2013 - D – C:\Users\Gary\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 20/06/2017 - D – C:\Users\Gary\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 17/12/2015 - [0] D – C:\Users\Gary\AppData\Local\ActiveSync =>.Microsoft Corporation
O43 - CFD: 13/07/2015 - [0] D – C:\Users\Gary\AppData\Local\Adobe =>.Adobe
O43 - CFD: 08/02/2017 - [0] SHD – C:\Users\Gary\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 18/12/2013 - D – C:\Users\Gary\AppData\Local\Apps =>.Microsoft Corporation
O43 - CFD: 22/01/2016 - D – C:\Users\Gary\AppData\Local\Audacity =>.Audacity
O43 - CFD: 15/11/2016 - D – C:\Users\Gary\AppData\Local\Axialis =>.Axialis
O43 - CFD: 08/03/2017 - D – C:\Users\Gary\AppData\Local\CEF =>.CEF
O43 - CFD: 04/08/2016 - D – C:\Users\Gary\AppData\Local\Chromium =>.Chromium
O43 - CFD: 17/12/2015 - D – C:\Users\Gary\AppData\Local\Comms =>.Microsoft Corporation
O43 - CFD: 24/09/2016 - D – C:\Users\Gary\AppData\Local\ConnectedDevicesPlatfo rm =>.Microsoft Corporation
O43 - CFD: 04/06/2017 - D – C:\Users\Gary\AppData\Local\CrashDumps =>.Microsoft Corporation
O43 - CFD: 20/10/2015 - D – C:\Users\Gary\AppData\Local\DAI
O43 - CFD: 20/10/2015 - D – C:\Users\Gary\AppData\Local\DAIToolsSuite_Loader =>.ThinkSky Inc
O43 - CFD: 15/04/2017 - [0] D – C:\Users\Gary\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 18/12/2013 - D – C:\Users\Gary\AppData\Local\DOSBox =>.DOSBox Team
O43 - CFD: 22/11/2016 - D – C:\Users\Gary\AppData\Local\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 30/04/2017 - [0] D – C:\Users\Gary\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 31/07/2015 - [0] SHD – C:\Users\Gary\AppData\Local\EmieBrowserModeList =>.Enterprise mode Site List Mgr
O43 - CFD: 31/07/2015 - [0] SHD – C:\Users\Gary\AppData\Local\EmieSiteList =>.Enterprise mode Site List Mgr
O43 - CFD: 31/07/2015 - [0] SHD – C:\Users\Gary\AppData\Local\EmieUserList =>.Enterprise mode Site List Mgr
O43 - CFD: 18/12/2013 - D – C:\Users\Gary\AppData\Local\FLT =>.FLT Software
O43 - CFD: 29/05/2015 - D – C:\Users\Gary\AppData\Local\fontconfig =>.Portable Apps
O43 - CFD: 25/01/2017 - D – C:\Users\Gary\AppData\Local\Foxit Reader =>.Foxit Corporation
O43 - CFD: 29/05/2015 - D – C:\Users\Gary\AppData\Local\gegl-0.2 =>.Portable Apps
O43 - CFD: 08/03/2017 - D – C:\Users\Gary\AppData\Local\Google =>.Google
O43 - CFD: 12/05/2017 - D – C:\Users\Gary\AppData\Local\gtk-2.0 =>.GTK Project
O43 - CFD: 22/06/2015 - D – C:\Users\Gary\AppData\Local\GWX =>.GWX
O43 - CFD: 08/02/2017 - [0] SHD – C:\Users\Gary\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 25/07/2016 - D – C:\Users\Gary\AppData\Local\Kingsoft =>.Kingosoft Technology Ltd
O43 - CFD: 12/11/2015 - D – C:\Users\Gary\AppData\Local\Logitech® Webcam Software =>.Logitech Inc.
O43 - CFD: 18/12/2013 - D – C:\Users\Gary\AppData\Local\Macromedia =>.Macromedia
O43 - CFD: 08/02/2017 - D – C:\Users\Gary\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 19/12/2013 - D – C:\Users\Gary\AppData\Local\Microsoft Games =>.Microsoft Corporation
O43 - CFD: 06/01/2016 - D – C:\Users\Gary\AppData\Local\MicrosoftEdge =>.Microsoft Corporation
O43 - CFD: 13/03/2015 - D – C:\Users\Gary\AppData\Local\Mod_Manager
O43 - CFD: 18/12/2013 - D – C:\Users\Gary\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 05/05/2017 - D – C:\Users\Gary\AppData\Local\OCCT_-Ocbase-_Adrien_Me =>.Tetedeiench
O43 - CFD: 15/03/2017 - D – C:\Users\Gary\AppData\Local\Origin =>.Electronic Arts, Inc.
O43 - CFD: 04/05/2017 - D – C:\Users\Gary\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 19/12/2015 - [0] D – C:\Users\Gary\AppData\Local\PeerDistRepub =>.Microsoft Corporation
O43 - CFD: 18/12/2013 - D – C:\Users\Gary\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 17/12/2015 - D – C:\Users\Gary\AppData\Local\Publishers =>.Microsoft Corporation
O43 - CFD: 18/12/2013 - D – C:\Users\Gary\AppData\Local\RadioSure =>.RadioSure
O43 - CFD: 04/08/2016 - D – C:\Users\Gary\AppData\Local\rote
O43 - CFD: 23/05/2014 - D – C:\Users\Gary\AppData\Local\Samsung =>.Samsung Electronics
O43 - CFD: 04/08/2016 - [0] D – C:\Users\Gary\AppData\Local\Setup458648171
O43 - CFD: 18/12/2014 - D – C:\Users\Gary\AppData\Local\Skype =>.Skype
O43 - CFD: 14/04/2017 - D – C:\Users\Gary\AppData\Local\SlimWare Utilities Inc =>.Superfluous.SlimWareUtilities
O43 - CFD: 10/08/2015 - D – C:\Users\Gary\AppData\Local\TeamViewer =>.TeamViewer
O43 - CFD: 20/06/2017 - D – C:\Users\Gary\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - [0] SHD – C:\Users\Gary\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 17/12/2015 - D – C:\Users\Gary\AppData\Local\TileDataLayer =>.Microsoft Corporation
O43 - CFD: 30/08/2016 - D – C:\Users\Gary\AppData\Local\TomTom =>.TomTom
O43 - CFD: 21/12/2013 - D – C:\Users\Gary\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 23/02/2016 - D – C:\Users\Gary\AppData\Local\webkit =>.webkit
O43 - CFD: 16/02/2015 - D – C:\Users\Gary\AppData\Local\WindowsUpdate =>.Microsoft Corporation
O43 - CFD: 31/05/2017 - D – C:\Users\Gary\AppData\Local\WinISO Computing =>.WinISO Computing Inc
O43 - CFD: 20/06/2017 - D – C:\Users\Gary\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 04/08/2016 - D – C:\Users\Gary\AppData\Local{6AB85CE4-4E10-305C-2388-15B407E0E92C}
O43 - CFD: 18/12/2013 - [0] D – C:\Users\Gary\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - RD – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - RD – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 17/06/2017 - RD – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 08/02/2017 - D – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Axialis Software
O43 - CFD: 08/02/2014 - [0] D – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\BadCopy Pro
O43 - CFD: 08/02/2017 - D – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\GoldWave =>.GoldWave Inc.
O43 - CFD: 08/02/2017 - D – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Grey Olltwit’s Software
O43 - CFD: 16/07/2016 - D – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - D – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\MSI Afterburner =>.Micro-Star International Co
O43 - CFD: 17/04/2017 - D – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\NirSoft BlueScreenView =>.NirSoft
O43 - CFD: 19/12/2013 - [0] D – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Notepad++ =>.Don Ho
O43 - CFD: 05/05/2017 - D – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\OCCT =>.Adrien Mercier
O43 - CFD: 08/02/2017 - D – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\RadioSure =>.RadioSure
O43 - CFD: 08/02/2017 - D – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\RivaTuner Statistics Server =>.RivaTuner
O43 - CFD: 08/02/2017 - D – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Singing Tutor 4.5.1
O43 - CFD: 08/02/2017 - D – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\SpeedFan =>.Almico Software
O43 - CFD: 17/06/2017 - RD – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - RD – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - D – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\TechPowerUp GPU-Z =>.TechPowerUp
O43 - CFD: 16/07/2016 - RD – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 31/05/2017 - D – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\WinISO =>.WinISO Computing Inc
O43 - CFD: 22/02/2014 - [0] D – C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 08/02/2017 - [0] SHD – C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - [0] SHD – C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - D – C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [0] D – C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - [0] SHD – C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - [0] SHD – C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - [0] SHD – C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - D – C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 16/07/2016 - [0] D – C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 08/02/2017 - [0] SHD – C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 10/02/2017 - D – C:\WINDOWS\System32\Config\systemprofile\AppData\L ocal\Microsoft =>.Microsoft Corporation
O43 - CFD: 28/03/2017 - – C:\WINDOWS\System32\Config\systemprofile\AppData\R oaming\Foxit Software =>.Foxit Software
O43 - CFD: 03/03/2017 - D – C:\WINDOWS\System32\Config\systemprofile\AppData\R oaming\Microsoft =>.Microsoft Corporation

—\ ShellIconOverlayIdentifiers (SIOI) (5) - 0s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) – C:\Users\Gary\AppData\Local\Microsoft\OneDrive\17. 3.6799.0327\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) – C:\Users\Gary\AppData\Local\Microsoft\OneDrive\17. 3.6799.0327\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) – C:\Users\Gary\AppData\Local\Microsoft\OneDrive\17. 3.6799.0327\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) – C:\Users\Gary\AppData\Local\Microsoft\OneDrive\17. 3.6799.0327\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) – C:\Users\Gary\AppData\Local\Microsoft\OneDrive\17. 3.6799.0327\FileSyncShell.dll =>.Microsoft Corporation®

—\ Image File Execution Options (18) - 2s
O50 - IFEO:C:\Windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\3] =>.Microsoft Windows®
O50 - IFEO:C:\WINDOWS\System32\drvinst.exe - (.Microsoft Corporation - Driver Installation Module.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialization Utility.) [MitigationOptions\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mmc.exe - (.Microsoft Corporation - Microsoft Management Console.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\MRT.exe - (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) [CFGOptions\1] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\1118481] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\rundll32.exe - (.Microsoft Corporation - Windows host process (Rundll32).) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\4294967296] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Host Process for Windows Services.) [MinimumStackCommitInBytes\32768] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation

—\ System Drivers List (97) - 20s
O58 - SDL:2016/04/12 10:35:37 A . (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\WINDOWS\System32\drivers\1089229B.sys [192216] =>.Malwarebytes Corporation®
O58 - SDL:2016/04/12 10:40:27 A . (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\WINDOWS\System32\drivers\2076264E.sys [192216] =>.Malwarebytes Corporation®
O58 - SDL:2016/07/16 12:41:53 A . (.LSI - LSI 3ware SCSI Storport Driver.) – C:\WINDOWS\System32\drivers\3ware.sys [107360] =>.Microsoft Windows®
O58 - SDL:2016/04/12 10:39:24 A . (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\WINDOWS\System32\drivers\4B592580.sys [192216] =>.Malwarebytes Corporation®
O58 - SDL:2016/04/12 10:37:26 A . (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\WINDOWS\System32\drivers\710123FF.sys [192216] =>.Malwarebytes Corporation®
O58 - SDL:2016/07/16 12:41:53 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) – C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) – C:\WINDOWS\System32\drivers\amdsata.sys [83296] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) – C:\WINDOWS\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.Advanced Micro Devices - Storage Filter Driver.) – C:\WINDOWS\System32\drivers\amdxata.sys [26976] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\WINDOWS\System32\drivers\arcsas.sys [131936] =>.Microsoft Windows®
O58 - SDL:2013/05/17 12:13:26 A . (.Authors - ATK0110 ACPI Utility.) – C:\WINDOWS\System32\drivers\ASACPI.sys [17280] =>.ASUSTeK Computer Inc.®
O58 - SDL:2016/07/16 12:41:53 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) – C:\WINDOWS\System32\drivers\bcmfn.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2016/07/16 12:41:53 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) – C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2016/07/16 12:41:52 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) – C:\WINDOWS\System32\drivers\bxvbda.sys [533856] =>.Microsoft Windows®
O58 - SDL:2013/07/16 12:33:10 A . (.Nokia - Nokia USB Phone Bus Driver.) – C:\WINDOWS\System32\drivers\ccdcmbox64.sys [27136] =>.Nokia
O58 - SDL:2013/07/16 12:33:10 A . (.Nokia - Nokia USB Phone Bus Driver.) – C:\WINDOWS\System32\drivers\ccdcmbx64.sys [19968] =>.Nokia
O58 - SDL:2016/07/16 12:41:53 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) – C:\WINDOWS\System32\drivers\cht4dx64.sys [102752] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) – C:\WINDOWS\System32\drivers\cht4sx64.sys [346976] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T4 Chipset.) – C:\WINDOWS\System32\drivers\cht4vx64.sys [2104160] =>.Microsoft Windows®
O58 - SDL:2016/06/10 06:41:26 A . (.AO Kaspersky Lab - Cryptographic Module Driver x64 (56 bit).) – C:\WINDOWS\System32\drivers\cm_km.sys [238936] =>.Kaspersky Lab®
O58 - SDL:2011/04/21 21:24:16 A . (.Cambridge Silicon Radio Limited - Csr Bluetooth Port Driver.) – C:\WINDOWS\System32\drivers\CsrBtPort.sys [2060400] {759231295D01C6089DE93FE4C3559535} =>.Cambridge Silicon Radio Limited
O58 - SDL:2011/04/21 21:24:24 A . (.Cambridge Silicon Radio Limited - Csr Bluetooth USB Driver.) – C:\WINDOWS\System32\drivers\csrusb.sys [50792] {759231295D01C6089DE93FE4C3559535} =>.Cambridge Silicon Radio Limited
O58 - SDL:2013/12/18 20:26:18 A . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) – C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064] =>.Disc Soft Ltd®
O58 - SDL:2015/12/10 07:10:58 A . (.CHENGDU YIWO Tech Development Co., Ltd - Disk Backup Driver.) – C:\WINDOWS\System32\drivers\eubakup.sys [60968] =>.CHENGDU YIWO Tech Development Co., Ltd.®
O58 - SDL:2015/12/10 07:10:58 A . (.Authors - .) – C:\WINDOWS\System32\drivers\EUBKMON.sys [48168] =>.CHENGDU YIWO Tech Development Co., Ltd.®
O58 - SDL:2015/12/10 07:10:58 A . (.CHENGDU YIWO Tech Development Co., Ltd - Disk Access Driver.) – C:\WINDOWS\System32\drivers\eudskacs.sys [18472] =>.CHENGDU YIWO Tech Development Co., Ltd.®
O58 - SDL:2015/12/10 07:10:58 A . (.CHENGDU YIWO Tech Development Co., Ltd - Disk Backup Image Preview Driver.) – C:\WINDOWS\System32\drivers\EuFdDisk.sys [192552] =>.CHENGDU YIWO Tech Development Co., Ltd.®
O58 - SDL:2016/07/16 12:41:52 A . (.QLogic Corporation - QLogic 10 GigE VBD.) – C:\WINDOWS\System32\drivers\evbda.sys [3418976] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) – C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:54 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iagpio.sys [33280] =>.Intel(R) Corporation
O58 - SDL:2016/07/16 12:41:54 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) – C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation
O58 - SDL:2016/07/16 12:41:54 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [64512] =>.Intel Corporation
O58 - SDL:2016/07/16 12:41:54 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [176384] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
O58 - SDL:2016/07/16 12:41:52 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2016/07/16 12:41:50 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2016/07/16 12:41:53 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) – C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) – C:\WINDOWS\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.Mellanox - InfiniBand Fabric Bus Driver.) – C:\WINDOWS\System32\drivers\ibbus.sys [526176] =>.Microsoft Windows®
O58 - SDL:2016/06/02 03:43:38 A . (.AO Kaspersky Lab - Kaspersky Unified Driver.) – C:\WINDOWS\System32\drivers\kl1.sys [554416] =>.Kaspersky Lab®
O58 - SDL:2016/06/07 23:33:14 A . (.AO Kaspersky Lab - Backup Disk Filter [fre_wnet_x64].) – C:\WINDOWS\System32\drivers\klbackupdisk.sys [63920] =>.Kaspersky Lab®
O58 - SDL:2016/06/15 00:23:44 A . (.AO Kaspersky Lab - Backup File Filter [fre_win8_x64].) – C:\WINDOWS\System32\drivers\klbackupflt.sys [86352] =>.Kaspersky Lab®
O58 - SDL:2016/05/31 23:24:06 A . (.AO Kaspersky Lab - Virtual Disk [fre_wnet_x64].) – C:\WINDOWS\System32\drivers\kldisk.sys [78216] =>.Kaspersky Lab®
O58 - SDL:2016/03/31 00:09:04 A . (.AO Kaspersky Lab - Early Launch Anti-Malware Filter [fre_win8_.) – C:\WINDOWS\System32\drivers\klelam.sys [28792] =>.Microsoft Windows Early Launch Anti-malware Publisher®
O58 - SDL:2017/04/27 15:13:15 A . (.AO Kaspersky Lab - Filter Core [fre_win8_x64].) – C:\WINDOWS\System32\drivers\klflt.sys [197336] =>.Kaspersky Lab®
O58 - SDL:2017/04/27 15:12:28 A . (.AO Kaspersky Lab - klhk [fre_win8_x64].) – C:\WINDOWS\System32\drivers\klhk.sys [520176] =>.Kaspersky Lab®
O58 - SDL:2017/04/27 15:13:25 A . (.AO Kaspersky Lab - Core System Interceptors [fre_win8_x64].) – C:\WINDOWS\System32\drivers\klif.sys [1018592] =>.Kaspersky Lab®
O58 - SDL:2017/03/29 03:21:00 A . (.AO Kaspersky Lab - Packet Network Filter [fre_win8_x64].) – C:\WINDOWS\System32\drivers\klim6.sys [57424] =>.Kaspersky Lab®
O58 - SDL:2016/05/19 00:57:36 A . (.AO Kaspersky Lab - Keyboard Device Filter [fre_win8_x64].) – C:\WINDOWS\System32\drivers\klkbdflt.sys [52136] =>.Kaspersky Lab®
O58 - SDL:2015/06/07 01:52:56 A . (.Kaspersky Lab ZAO - Mouse Device Filter [fre_win8_x64].) – C:\WINDOWS\System32\drivers\klmouflt.sys [41656] =>.Kaspersky Lab®
O58 - SDL:2016/05/31 23:31:20 A . (.AO Kaspersky Lab - Format Recognizer [fre_wnet_x64].) – C:\WINDOWS\System32\drivers\klpd.sys [45488] =>.Kaspersky Lab®
O58 - SDL:2016/06/07 01:31:06 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) – C:\WINDOWS\System32\drivers\kltap.sys [52152] =>.AnchorFree Inc®
O58 - SDL:2017/04/27 15:14:13 A . (.AO Kaspersky Lab - Kaspersky Lab Anti-Rootkit Monitor.) – C:\WINDOWS\System32\drivers\klupd_klif_arkmon.sys [229288] =>.Kaspersky Lab®
O58 - SDL:2017/04/27 15:09:32 A . (.AO Kaspersky Lab - Kernel heuristics engine.) – C:\WINDOWS\System32\drivers\klupd_klif_kimul.sys [87584] =>.Kaspersky Lab®
O58 - SDL:2017/04/27 15:15:25 A . (.AO Kaspersky Lab - Kaspersky Lab Anti-Rootkit.) – C:\WINDOWS\System32\drivers\klupd_klif_klark.sys [251656] =>.Kaspersky Lab®
O58 - SDL:2017/04/27 15:14:14 A . (.AO Kaspersky Lab - Kaspersky Lab Boot Guard Driver.) – C:\WINDOWS\System32\drivers\klupd_klif_klbg.sys [112912] =>.Kaspersky Lab®
O58 - SDL:2017/04/27 15:14:13 A . (.AO Kaspersky Lab - Kaspersky Lab Anti-Rootkit Engine.) – C:\WINDOWS\System32\drivers\klupd_klif_mark.sys [173144] =>.Kaspersky Lab®
O58 - SDL:2016/06/18 01:36:24 A . (.AO Kaspersky Lab - WFP Network Filter [fre_win8_x64].) – C:\WINDOWS\System32\drivers\klwfp.sys [85320] =>.Kaspersky Lab®
O58 - SDL:2017/03/29 03:21:00 A . (.AO Kaspersky Lab - WFP Network Connection Filter Driver [fre_w.) – C:\WINDOWS\System32\drivers\klwtp.sys [136416] =>.Kaspersky Lab®
O58 - SDL:2017/04/27 15:13:08 A . (.AO Kaspersky Lab - Network Processor [fre_wnet_x64].) – C:\WINDOWS\System32\drivers\kneps.sys [199392] =>.Kaspersky Lab®
O58 - SDL:2016/03/02 17:08:22 A . (.Logitech, Inc. - Logitech Equad USB Driver..) – C:\WINDOWS\System32\drivers\LEqdUsb.sys [87696] =>.Logitech Inc®
O58 - SDL:2014/03/19 01:24:36 A . (.Logitech, Inc. - Logitech HID Filter Driver..) – C:\WINDOWS\System32\drivers\LHidEqd.sys [13080] =>.Logitech®
O58 - SDL:2014/03/19 01:24:38 A . (.Logitech, Inc. - Logitech HID Filter Driver..) – C:\WINDOWS\System32\drivers\LHidFilt.Sys [76568] =>.Logitech®
O58 - SDL:2014/03/19 01:24:40 A . (.Logitech, Inc. - Logitech Mouse Filter Driver..) – C:\WINDOWS\System32\drivers\LMouFilt.Sys [59160] =>.Logitech®
O58 - SDL:2017/02/08 13:13:26 A . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) – C:\WINDOWS\System32\drivers\LNonPnP.sys [18960] =>.Logitech®
O58 - SDL:2016/07/16 12:41:53 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas.sys [108896] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas2i.sys [105824] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas3i.sys [101216] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sss.sys [82776] =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:08:58 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) – C:\WINDOWS\System32\drivers\mbamchameleon.sys [140672] =>.Malwarebytes Corporation®
O58 - SDL:2017/05/24 20:09:33 A . (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [192216] =>.Malwarebytes Corporation®
O58 - SDL:2016/07/16 12:41:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\megasas.sys [59744] =>.Microsoft Windows®
O58 - SDL:2016/10/05 11:09:07 . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\WINDOWS\System32\drivers\megasr.sys [575840] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.Mellanox - MLX4 Bus Driver.) – C:\WINDOWS\System32\drivers\mlx4_bus.sys [842584] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) – C:\WINDOWS\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.Mellanox - NetworkDirect Support Filter Driver.) – C:\WINDOWS\System32\drivers\ndfltr.sys [108896] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:42:03 A . (.Authors - .) – C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624] =>.Microsoft Corporation
O58 - SDL:2016/07/16 12:41:53 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\WINDOWS\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\WINDOWS\System32\drivers\nvstor.sys [166240] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas2i.sys [58720] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas3i.sys [61792] =>.Microsoft Windows®
O58 - SDL:2014/10/02 09:46:28 A . (.Focusrite Audio Engineering Limited. - Focusrite Scarlett Family Audio Driver.) – C:\WINDOWS\System32\drivers\Scarlett_UAC2Audio.sys [93568] {0BD57694357C70834D593B6379A4997D} =>.Focusrite Audio Engineering Limited.
O58 - SDL:2016/07/16 12:41:53 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows®
O58 - SDL:2016/09/05 05:47:06 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver.) – C:\WINDOWS\System32\drivers\ssudbus.sys [131712] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2016/09/05 05:47:12 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver.) – C:\WINDOWS\System32\drivers\ssudmdm.sys [165504] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2016/07/16 12:41:53 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) – C:\WINDOWS\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows®
O58 - SDL:2013/07/16 12:33:10 A . (.Nokia - Filter Driver for Nokia USB Phone Bus Drive.) – C:\WINDOWS\System32\drivers\usbser_lowerfltjx64.sy s [9216] =>.Nokia
O58 - SDL:2013/07/16 12:33:10 A . (.Nokia - Filter Driver for Nokia USB Phone Bus Drive.) – C:\WINDOWS\System32\drivers\usbser_lowerfltx64.sys [9216] =>.Nokia
O58 - SDL:2016/07/16 12:41:53 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\WINDOWS\System32\drivers\vsmraid.sys [166752] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) – C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows®
O58 - SDL:2016/10/20 16:13:34 A . (.WinISO.com - WinISO Virtual CD Drive.) – C:\WINDOWS\System32\drivers\WinisoCDBus.sys [204032] =>.ZJMedia Digital Technology Ltd.®
O58 - SDL:2016/07/16 12:41:53 A . (.Mellanox - Kernel WinMad.) – C:\WINDOWS\System32\drivers\winmad.sys [32096] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.Mellanox - Kernel WinVerbs.) – C:\WINDOWS\System32\drivers\winverbs.sys [64864] =>.Microsoft Windows®
O58 - SDL:2016/07/16 12:41:53 A . (.Marvell - NDIS6.30 Miniport Driver for Marvell Yukon.) – C:\WINDOWS\System32\drivers\yk63x64.sys [288768] =>.Marvell
O58 - SDL:2016/01/14 11:05:18 A . (…) – C:\WINDOWS\System32\epmntdrv.sys [24056] =>.CHENGDU YIWO Tech Development Co., Ltd.®
O58 - SDL:2016/07/11 11:01:24 A . (…) – C:\WINDOWS\System32\EuGdiDrv.sys [10848] =>.CHENGDU YIWO Tech Development Co., Ltd.®

—\ Last modified or created user files (1) - 11s
O61 - LFC: 2017/06/20 08:53:55 A . (..) – C:\Users\Gary\AppData\LocalLow\Mozilla\Temp-{07f8baa5-47db-435b-8655-33e0a9289ae7}\NVIDIA Corporation\NV_Cache\db1e2a126562b466dba014b69774b 58b_fce8395e8fd8a86f_15f74c7777689be5_0_0.bin [16384]

—\ File Associations Shell Spawning (11) - 1s
O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) – C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) – C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.html> [HKLM..\open\Command] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O67 - Shell Spawning: <.js> [HKLM..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) – C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Registry Editor.) – C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – “%1” /S
O67 - Shell Spawning: <.html> [HKCU..\open\Command] (.Mozilla Corporation - Firefox.) – C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®

—\ Start Menu Internet (12) - 0s
O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\Shell\open\Command] (.Mozilla Corporation - Firefox.) – C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: [HKLM..\Shell\open\Command] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

—\ Search Browser Infection (5) - 8s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com/ =>.Google Inc.
O69 - SBI: SearchScopes [HKCU] {97D8EAAE-7BF2-44BF-ABDF-69ABCBA14CE0} [DefaultScope] - (Google) - http://www.google.com/ =>.Google Inc.
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com/ =>.Google Inc.

—\ Search Svchost Services (46) - 1s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\WINDOWS\System32\certprop.dll [193536] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\WINDOWS\System32\certprop.dll [193536] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) – C:\WINDOWS\system32\srvsvc.dll [305152] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) – C:\WINDOWS\System32\gpsvc.dll [1227264] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) – C:\WINDOWS\System32\ikeext.dll [932352] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) – C:\WINDOWS\System32\iphlpsvc.dll [945664] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) – C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) – C:\WINDOWS\System32\appinfo.dll [125952] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) – C:\WINDOWS\system32\iscsiexe.dll [151552] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) – C:\WINDOWS\System32\eapsvc.dll [112128] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) – C:\WINDOWS\system32\schedsvc.dll [948224] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\WINDOWS\system32\wbem\WMIsvc.dll [222720] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) – C:\WINDOWS\System32\browser.dll [134656] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) – C:\Windows\System32\SessEnv.dll [387072] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) – C:\WINDOWS\System32\wercplsupport.dll [94208] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) – C:\WINDOWS\system32\Windows.SharedPC.AccountManage r.dll [161792] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) – C:\WINDOWS\system32\themeservice.dll [70656] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) – C:\WINDOWS\System32\lfsvc.dll [37376] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) – C:\Windows\System32\Windows.Internal.Management.dl l [407552] =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infrared Monitor.) – C:\WINDOWS\System32\irmon.dll [25088] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) – C:\WINDOWS\System32\rasauto.dll [105472] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) – C:\WINDOWS\System32\rasmans.dll [657920] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) – C:\Windows\System32\mprdim.dll [496128] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) – C:\WINDOWS\System32\sens.dll [70656] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) – C:\WINDOWS\System32\ipnathlp.dll [541696] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows™ Telephony Server.) – C:\Windows\System32\tapisrv.dll [309248] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) – C:\WINDOWS\system32\wuaueng.dll [2318848] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) – C:\WINDOWS\System32\qmgr.dll [1054208] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) – C:\Windows\System32\shsvcs.dll [617472] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) – C:\WINDOWS\system32\dmwappushsvc.dll [57344] =>.Microsoft Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) – C:\WINDOWS\system32\WpnService.dll [234496] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) – C:\WINDOWS\system32\XboxNetApiSvc.dll [1025536] =>.Microsoft Corporation
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) – C:\WINDOWS\system32\dcpsvc.dll [183808] =>.Microsoft Corporation
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) – C:\WINDOWS\system32\RDXService.dll [650752] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) – C:\WINDOWS\System32\bdesvc.dll [361472] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) – C:\WINDOWS\System32\DeviceSetupManager.dll [197632] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) – C:\WINDOWS\System32\ncasvc.dll [167936] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) – C:\Windows\System32\appmgmts.dll [197632] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) – C:\WINDOWS\system32\profsvc.dll [358400] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) – C:\WINDOWS\system32\usocore.dll [548864] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight Settings.) – C:\WINDOWS\system32\flightsettings.dll [635904] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) – C:\WINDOWS\System32\usermgr.dll [1021440] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) – C:\WINDOWS\system32\wlidsvc.dll [2104320] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) – C:\WINDOWS\System32\XblAuthManager.dll [1016320] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) – C:\WINDOWS\System32\XblGameSave.dll [1159680] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) – C:\WINDOWS\System32\NetSetupSvc.dll [266752] =>.Microsoft Corporation

—\ Firewall Active Exception List (2) - 6s
O87 - FAEL: “{94501EC9-BCDC-4534-9C22-CA351CAA494A}” [In-None-P17-TRUE] .(…) – C:\Games\Dragon Age 2\DragonAge2Launcher.exe
O87 - FAEL: “{D2D8E18A-815B-4542-8583-C497179E642C}” [In-None-P6-TRUE] .(…) – C:\Games\Dragon Age 2\DragonAge2Launcher.exe

—\ Windows Installer Scan (1) - 6s
[MD5.] [WIS][2017/04/14 11:59:38] (.SlimWare Utilities, Inc. - Windows Installer XML Toolset (3.9.1006.0).) – C:\WINDOWS\Installer\1b26aa.msi [30339072] =>.Superfluous.SlimWareUtilities

—\ Additional Scan (O88) (14) - 6s
C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Prof iles\vc6qe3r0.default\extensions{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi =>Adware.Sambreel
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\YahooPowered =>Adware.YahooPowered
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall{746AB259-6474-4111-8966-1C62F9A6E063} =>.Superfluous.SlimWareUtilities
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\YahooPowered =>Adware.YahooPowered
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{746AB259-6474-4111-8966-1C62F9A6E063} =>.Superfluous.SlimWareUtilities
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
C:\Users\Gary\AppData\Roaming\DesktopIconForAmazon =>PUP.Optional.ADON
C:\Users\Gary\AppData\Local\SlimWare Utilities Inc =>.Superfluous.SlimWareUtilities
C:\WINDOWS\Installer\1b26aa.msi =>.Superfluous.SlimWareUtilities
C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.loca lstorage =>.Superfluous.CloudfrontNet
C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage =>PUP.Optional.Generic
C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_uhytajrtpo-a.akamaihd.net_0.localstorage =>.Superfluous.AkamaiHD
C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.broadbandspeedchecker.co.uk_0.localstorage =>PUP.Optional.InternetSpeedChecker

—\ Summary of the elements found (9) - 0s
https://www.nicolascoolman.com/fr/pu...onal-sambreel/ =>Adware.Sambreel
Le repaquetage ou l'empaquetage logiciel peut représenter un risque de sécurité - ZAM =>Adware.YahooPowered
DriverUpdate, Logiciel Potentiellement Superflu. - ZAM =>.Superfluous.SlimWareUtilities
Heuristic Suspect, 1 Logiciel Indésirable. - ZAM =>Heuristic.Suspect
https://www.nicolascoolman.com/fr/adware-adon/ =>PUP.Optional.ADON
CloudFront, Réseau de distribution d'Amazon. - ZAM =>.Superfluous.CloudfrontNet
Le repaquetage ou l'empaquetage logiciel peut représenter un risque de sécurité - ZAM =>PUP.Optional.Generic
Logiciels Potentiellement Superflus (LPS). - ZAM =>.Superfluous.AkamaiHD
Redirecting... =>PUP.Optional.InternetSpeedChecker

~ Unselected Options:
~ End of the scan, 48731 items in 06mn47s (1711)(0)

I need the Sysnative tool logs as well please, this will give me all of your dump files and a wealth of other information.

Sorry for the delay, I did not get an alert for this thread.

Yes, but the file is too large to upload.

You have quite a bit of junk on your machine, it will take me a while to go over your logs. Please start by removing these programs from your machine.’
’
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] – uTorrent =>.BitTorrent Inc®
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] – {18455581-E099-4BA8-BC6B-F34B2F06600C} =>.Google Inc.
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] – {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>.Google Inc®
O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM][64Bits] – {FF167195-9EE4-46C0-8CD7-FBA3457E88AB} =>.Logitech
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.1.1043 - (.Malwarebytes.) [HKLM][64Bits] – Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM][64Bits] – {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} =>.SUPERAntiSpyware.com®
O42 - Logiciel: Yahoo! Powered - (..) [HKLM][64Bits] – YahooPowered =>Adware.YahooPowered

Then Run these tools, as there are signs of infection on your machine. ( Nothing Major just PUPS and a bit of adware)
Use FilerDropper or SendSpace.com


__________________________________________-

Relocated to Malware section

Rogue Killer Scan.

Download RogueKiller – (Portable) – from one of the following links and save it to your Desktop:

Link 1
Link 2

[ul]
[li]Close all other the running programs[/li][li]Disable ALL Antivirus – Antimalware – Applications.[/li][li]Right Click Rogue Killer and Run as Administrator.[/li][li]Click the Start Scan button.[/li][li]Allow the scan to run – it can take ten minutes or more.[/li][li]Once the scan is complete check All items for removal.[/li][li]https://pchelpforum.net/attachments/...5-54-png.1658/ [/li]
[li]After All items are checked then press Remove Selected.[/li]
[li]Wait until the Status box shows Deleting Finished.[/li][li]Click on open report – then open txt[/li]
[li]Copy the content of the report and paste it here in your next reply.[/li][/ul]

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

[ul]
[li]Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.[/li][li]Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.[/li][li]The tool will open and start scanning your system.[/li][li]Please be patient as this can take a while to complete depending on your system’s specifications.[/li][li]On completion, a log is saved to your desktop and will automatically open.[/li][li]Please post the JRT log.[/li][/ul]
Adware Cleaner Scan.

Please download AdwCleaner by Xplode onto your desktop.

[ul]
[li]Close all open programs and internet browsers.[/li][li]Double click on adwcleaner.exe to run the tool.[/li][li]Click on Scan button.[/li][li]When the scan has finished click on Clean button.[/li][li]Your computer will be rebooted automatically. A text file will open after the restart.[/li][li]Please post the contents of that logfile with your next reply.[/li][li]You can find the logfile at C:\AdwCleaner[S1].txt as well.[/li][/ul]
Malwarebytes.
[ul]
[li]Download MalwareBytes Anti-Malware : https://www.malwarebytes.com/mwb-download/ take the free version ( on the left )[/li][li]Perform the installation[/li][li]Uncheck “Enable Free Trial of Malwarebytes Anti-Malware Premium” if it’s asked[/li][li]Malwarebytes will update, let this update,[/li][li]Click on the “Settings” tab and then on the “Detection and Protection” tab, Check the box “Search for Rootkits”[/li][li]Click on the “Analysis” tab and then on “Start analysis”[/li][li]Once the review is complete, check that all detections are checked and then click [Delete Selection][/li][li]If Malwarebytes asks you to restart your PC, click “Yes”[/li][li]When restarting your PC, restarts Malwarebytes[/li][li]Opens the “History” tab and then “Application logs”[/li][li]Double click on the last Scan Log in date (the one above)[/li][li]At the bottom click [Export] → select “Text file (* .txt)”[/li][li]In the explorer selects the desktop, name it mbam.txt, click [Save][/li][/ul]
ZHP Diag Fix.

ZHP Fix [MEDIA=imgur]4bd9Ugb[/MEDIA]
[ul]
[li]Disable your antivirus prior to this fix![/li]
[li]Download ZHP-Fix from here.[/li][li]UnZip it to your desktop – Tool Here if needed… 7-Zip[/li]
[li]Install it.[/li][li]Click Suivant 5 Times.[/li][li]Then Installer.[/li][li]Then Terminer.[/li][li]Then right clcick the ZHP Fix icon Run as admin.[/li][li]Copy the entire content of the code box below, the next step will grab it from your clipboard.[/li]
[li]Then click on import.[/li][li]Then click GO.[/li][li]If you see any Prompts like the one below, select Oui. = Yes in French. [/li]
[li]https://pchelpforum.net/attachments/...7-40-png.2248/ [/li]
[li]Allow completion.[/li][li]A log file will appear on your desktop. [/li]
[li]Post it here in your next reply.[/li][/ul]

[ICODE]Script ZhpFix SysRestore EmptyFlash ProxyFix EmptyCLSID O39 - APT: OneDrive Standalone Update Task - (...) -- C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task [2816] (.Orphan.) O39 - APT: OneDrive Standalone Update Task - (...) -- C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 [2766] (.Orphan.) O39 - APT: {A28D6E9F-11D1-4B79-A0D8-7CCB20F69972} - (...) -- C:\WINDOWS\System32\Tasks\{A28D6E9F-11D1-4B79-A0D8-7CCB20F69972} [2354] (.Orphan.) O42 - Logiciel: SlimDrivers - (.SlimWare Utilities, Inc..) [HKLM][64Bits] -- {746AB259-6474-4111-8966-1C62F9A6E063} HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities Inc HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities, Inc. HKCU\SOFTWARE\SlimWare Utilities Inc O43 - CFD: 14/04/2017 - [] AD -- C:\Program Files (x86)\SlimDrivers O43 - CFD: 22/02/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinImage O43 - CFD: 04/08/2016 - [0] D -- C:\Users\Gary\AppData\Local\Setup458648171 O43 - CFD: 14/04/2017 - [] D -- C:\Users\Gary\AppData\Local\SlimWare Utilities Inc O43 - CFD: 08/02/2014 - [0] D -- C:\Users\Gary\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\BadCopy Pro [MD5.] [WIS][2017/04/14 11:59:38] (.SlimWare Utilities, Inc. - Windows Installer XML Toolset (3.9.1006.0).) -- C:\WINDOWS\Installer\1b26aa.msi [30339072] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{746AB259-6474-4111-8966-1C62F9A6E063} HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\{746AB259-6474-4111-8966-1C62F9A6E063} C:\Users\Gary\AppData\Local\SlimWare Utilities Inc C:\WINDOWS\Installer\1b26aa.msi C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.loca lstorage P2 - EXT FILE: (.YouTube Flash Video Player - .) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Prof iles\vc6qe3r0.default\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi O42 - Logiciel: Yahoo! Powered - (..) [HKLM][64Bits] -- YahooPowered O43 - CFD: 02/08/2015 - [] D -- C:\Users\Gary\AppData\Roaming\DesktopIconForAmazon C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Prof iles\vc6qe3r0.default\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\YahooPowered HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\YahooPowered HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} C:\Users\Gary\AppData\Roaming\DesktopIconForAmazon C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.broadbandspeedchecker.co.uk_0.loc alstorage HKCU\SOFTWARE\roamingdevice O4 - GS\Quicklaunch [Administrator]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Gary\AppData\Roaming\uTorrent\uTorrent.ex e O4 - GS\Quicklaunch [Gary]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Gary\AppData\Roaming\uTorrent\uTorrent.ex e O4 - GS\Quicklaunch [Guest]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Gary\AppData\Roaming\uTorrent\uTorrent.ex e O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent HKCU\SOFTWARE\BitTorrent O43 - CFD: 14/10/2016 - [] D -- C:\Users\Gary\AppData\Roaming\uTorrent EmptyPrefetch ShortcutFix EmptyTemp[/ICODE]

Only one Google toolbar in the uninstall list, just have to hope it removes both.
I can not see any LWS Facebook in the uninstall list. The only Logitech listed there is so;ar App 1.10, which I assume is needed for the solar powered wireless keyboard, and Webcam Software which must be for the webcam which is rarely plugged in.
An error occurred while trying to uninstall Yahoo! Powered (whatever that is) It may have already been uninstalled.
Malwarebytes and SuperAntiSpyware are things I run regularly so will probably reinstall them after the investigation.

Ok, complete the other instructions and I will have a look at this tomorrow,

Ok, not a problem.
Again not a problem. Just having anything that is Facebook related installed on your machine is not a good idea IMO. We will deal with that later…
My script for ZHPDiag will catch this file and all of it’s remnants.
Your version of malwarebytes is outdated, if you notice in my instructions I am having you download the latest version. As well, Superantispyware is Rubbish, it had it’s time when it was good, now it will not detect very much anymore and is not suggested in any security forums, just as spybot is no longer any good…

Another scanner that you can replace SAS with is ZemanaAntimalware Free Version.

Continue with the set of instructions given to you, and post all requested logs.

Permanently disable windows 10 on your machine since you have Kaspersky.

Hijack This Fix.

Start HijackThis , Right Click Run as Admin.
Close all other open programs prior to running this tool!!
Click System Scan Only.
Then check mark the items listed below.

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2-32 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O3-32 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - Global User Startup: SpeedFan.lnk → C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun
O4 - HKCU..\Run: [Visual Subst] C:\Program Files (x86)\Visual Subst\VSubst.exe /startup
O4 - HKCU..\StartupApproved\Run: [CCleaner Monitoring] (2016/03/31)C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKCU..\StartupApproved\Run: [Chromium] (2016/08/19)c:\users\gary\appdata\local\chromium\applicatio n\chrome.exe --auto-launch-at-startup --profile-directory=“Default” --restore-last-session
O4 - HKCU..\StartupApproved\Run: [KiesPreload] (2016/02/05)C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU..\StartupApproved\Run: [OneDrive] (2016/02/05)C:\Users\Gary\AppData\Local\Microsoft\OneDrive\ OneDrive.exe /background
O4 - HKLM..\Run: [Speedfan] C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - HKLM..\Run: [TrayApplication] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
O4 - HKLM..\StartupApproved\Run32: [KeePass 2 PreLoad] (2016/02/05)C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe --preload
O4 - HKLM..\StartupApproved\Run32: [KiesTrayAgent] (2016/02/05)C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM..\StartupApproved\Run32: [SunJavaUpdateSched] (2016/02/05)C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM..\StartupApproved\Run: [Logitech Download Assistant] (2016/02/05)C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - User Startup: RealtimeSync.lnk → C:\Program Files\FreeFileSync\RealtimeSync.exe
O4 - User Startup: SpeedFan.lnk → C:\Program Files (x86)\SpeedFan\speedfan.exe
O4-32 - HKLM..\Run: [EaseUS Cleanup] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.9\bin\CleanUpUI.exe 10 300
O4-32 - HKLM..\Run: [EaseUS EPM Tray Agent] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.9\bin\TrayPopupE\TrayTipAgentE.exe
O4-32 - HKLM..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.9\bin\EpmNews.exe
O4-32 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4-32 - HKLM..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (file missing)
O4-32 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
O16-32 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/pcpitstop.cab
O22 - Task (Ready): Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
O22 - Task (Ready): OneDrive Standalone Update Task - C:\Users\Gary\AppData\Local\Microsoft\OneDrive\17. 3.6517.0809\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task (Ready): \Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
O22 - Task (Ready): \Microsoft\Windows\Media Center\ActivateWindowsSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\ConfigureInternetTimeService - C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\DispatchRecoveryTasks - C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\InstallPlayReady - C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\MediaCenterRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe - (no file) -MediaCenterRecoveryTask (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\OCURActivate - C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\OCURDiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe - (no file) -ObjectStoreRecoveryTask (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\PBDADiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\PBDADiscoveryW1 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\PBDADiscoveryW2 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\PvrRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe - (no file) -PvrRecoveryTask (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\PvrScheduleTask - C:\WINDOWS\ehome\mcupdate.exe - (no file) -PvrSchedule (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\RegisterSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\ReindexSearchRoot - C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\SqlLiteRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe - (no file) -SqlLiteRecoveryTask (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\StartRecording - C:\WINDOWS\ehome\ehrec /StartRecording (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\UpdateRecordPath - C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\ehDRMInit - C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\mcupdate - C:\WINDOWS\ehome\mcupdate $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\mcupdate_scheduled - C:\WINDOWS\ehome\mcupdate -crl -hms -pscn 15 (file missing)
O22 - Task (Ready): {44F8EF0D-6116-4556-A439-59B34298EAE1} - C:\WINDOWS\system32\pcalua.exe -a “E:\copy of duff disk after it became recognisable\Program Files\Synkronizer XL 8.0\syxl80_install.exe” -d “E:\copy of duff disk after it became recognisable\Program Files\Synkronizer XL 8.0”
O22 - Task (Ready): {93F15C11-7E15-4726-AE8C-21F927221F09} - C:\WINDOWS\system32\pcalua.exe -a C:\Users\Gary\Downloads\planmaker.exe -d C:\Users\Gary\Downloads
O22 - Task (Ready): {F3DE1933-B73E-4AD8-83BB-B8886240C951} - C:\Windows\system32\pcalua.exe -a “E:\copy of duff disk after it became recognisable\Download\xdate.exe” -d “E:\copy of duff disk after it became recognisable\Download”
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Windows Defender Advanced Threat Protection Service - (Sense) - C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
O23 - Service S3: Windows Defender Network Inspection Service - (WdNisSvc) - C:\Program Files\Windows Defender\NisSrv.exe
O23 - Service S3: Windows Defender Service - (WinDefend) - C:\Program Files\Windows Defender\MsMpEng.exe

Now click on fix checked.
After the fix is complete, then reboot your machine.

Thanks for the info. The estimated ten minutes for the scan is a massive underestimate. Still running. And particularly annoying is

SOMETHING WEIRD HAS OCCURRED. THE LINE ABOVE IS THE START OF SOMETHING I’VE ALREADY POSTED, AND CAN NO LONGER SEE, AND SOMETHING HAS ADDED LOADS OF STUFF TO MY POST ON THE PREVIOUS PAGE ???

Not to mention adding to a post and it mystically turning up in a new one below it.

I had asked about slimware which was used to help sort my Nvidea driver issue. And how annoying it was that windows defender popped up during the scan when no one had asked it to run after I paused Kaspersky.

Oh and mentioning that I’ll be away again this weekend but will see how far I get before I need to go.