• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Solved How to remove rundll32.exe virus.

Status
Not open for further replies.
#41
upload_2017-3-11_14-24-3.png
 
#43
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" "" "08/9/2015 8:23 AM" ""
+ "rdpclip" "" "" "File not found: rdpclip" "" ""
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "28/2/2017 7:58 PM" ""
+ "CCleaner" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe" "08/2/2017 6:17 AM" ""
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" "" "21/8/2016 1:01 PM" ""
+ "Google Chrome" "Google Chrome Installer" "Google Inc." "c:\program files\google\chrome\application\56.0.2924.87\installer\chrmstp.exe" "01/2/2017 11:48 AM" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe" "14/7/2009 3:42 AM" ""
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" "" "23/4/2012 4:47 AM" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office15\msoxmlmf.dll" "18/12/2013 12:15 AM" ""
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" "" "25/2/2017 12:07 PM" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll" "07/11/2012 2:30 PM" ""
+ "osf" "Microsoft Office 2013 component" "Microsoft Corporation" "c:\program files\microsoft office\office15\msosb.dll" "20/4/2016 2:34 AM" ""
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll" "10/11/2010 2:56 PM" ""
+ "wlpg" "Windows Live Album Download Protocol Handler" "Microsoft Corporation" "c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll" "10/11/2010 2:21 PM" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" "" "16/4/2012 3:31 AM" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "21/11/2016 7:12 PM" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "15/11/2016 7:58 AM" ""
+ "PismoFileMountAuditPackage" "Shell Extension - Pismo File Mount Audit Package" "Pismo Technic Inc." "c:\windows\system32\pfmshx_178.dll" "01/7/2015 1:57 AM" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers" "" "" "" "21/11/2016 7:12 PM" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "15/11/2016 7:58 AM" ""
+ "PismoFileMountAuditPackage" "Shell Extension - Pismo File Mount Audit Package" "Pismo Technic Inc." "c:\windows\system32\pfmshx_178.dll" "01/7/2015 1:57 AM" ""
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" "" "07/9/2015 10:31 AM" ""
+ "WDBackupPropSheetHandler" "WD ContextMenu Handler" "Western Digital Technologies, Inc." "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll" "23/7/2014 2:19 AM" ""
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "30/10/2016 4:23 AM" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "21/11/2016 7:12 PM" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "15/11/2016 7:58 AM" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" "" "27/2/2012 9:53 AM" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll" "12/12/2009 2:11 PM" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll" "29/10/2010 10:23 PM" ""
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "16/4/2012 3:31 AM" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll" "14/7/2009 5:09 AM" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll" "20/3/2012 2:12 AM" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" "" "14/3/2015 2:25 PM" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll" "11/5/2013 1:34 PM" ""
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "30/10/2016 4:23 AM" ""
+ "PismoFileMountAuditPackage" "Shell Extension - Pismo File Mount Audit Package" "Pismo Technic Inc." "c:\windows\system32\pfmshx_178.dll" "01/7/2015 1:57 AM" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" "" "27/2/2012 9:53 AM" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll" "12/12/2009 2:11 PM" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll" "29/10/2010 10:23 PM" ""
"HKLM\Software\Classes\Folder\ShellEx\PropertySheetHandlers" "" "" "" "07/9/2015 10:31 AM" ""
+ "WDBackupPropSheetHandler" "WD ContextMenu Handler" "Western Digital Technologies, Inc." "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll" "23/7/2014 2:19 AM" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "23/7/2016 8:02 PM" ""
+ " SkyDrivePro1 (ErrorConflict)" "Microsoft OneDrive for Business Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office15\grooveex.dll" "01/11/2016 11:14 AM" ""
+ " SkyDrivePro2 (SyncInProgress)" "Microsoft OneDrive for Business Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office15\grooveex.dll" "01/11/2016 11:14 AM" ""
+ " SkyDrivePro3 (InSync)" "Microsoft OneDrive for Business Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office15\grooveex.dll" "01/11/2016 11:14 AM" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "05/2/2017 12:41 PM" ""
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
+ "Java(tm) Plug-In 2 SSV Helper" "Java(TM) Platform SE binary" "Oracle Corporation" "c:\program files\java\jre1.8.0_121\bin\jp2ssv.dll" "13/12/2016 7:00 AM" ""
+ "Java(tm) Plug-In SSV Helper" "Java(TM) Platform SE binary" "Oracle Corporation" "c:\program files\java\jre1.8.0_121\bin\ssv.dll" "13/12/2016 7:00 AM" ""
+ "Microsoft SkyDrive Pro Browser Helper" "Microsoft OneDrive for Business Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office15\grooveex.dll" "01/11/2016 11:14 AM" ""
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office15\urlredir.dll" "18/12/2013 12:06 AM" ""
+ "Skype for Business Browser Helper" "Skype for Business" "Microsoft Corporation" "c:\program files\microsoft office\office15\ochelper.dll" "13/12/2016 10:42 AM" ""
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll" "22/9/2010 1:01 AM" ""
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files\windows live\companion\companioncore.dll" "10/11/2010 2:02 PM" ""
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" "" "09/9/2015 11:58 AM" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files\windows live\writer\writerbrowserextension.dll" "10/11/2010 2:03 PM" ""
+ "Messenger Companion (Ctrl+Shift+C)" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files\windows live\companion\companioncore.dll" "10/11/2010 2:02 PM" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office15\onbttnielinkednotes.dll" "01/11/2016 11:18 AM" ""
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office15\onbttnie.dll" "01/11/2016 11:28 AM" ""
+ "Skype for Business Click to Call" "Skype for Business" "Microsoft Corporation" "c:\program files\microsoft office\office15\ochelper.dll" "13/12/2016 10:42 AM" ""
"Task Scheduler" "" "" "" "" ""
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe" "08/2/2017 6:17 AM" ""
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe" "15/11/2016 7:57 AM" ""
+ "\Microsoft\Office\Office 15 Subscription Heartbeat" "Office Subscription Licensing Heartbeat" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office15\olicenseheartbeat.exe" "18/12/2013 12:08 AM" ""
+ "\Microsoft\Office\OfficeTelemetryAgentFallBack" "Office Telemetry Agent" "Microsoft Corporation" "c:\program files\microsoft office\office15\msoia.exe" "18/12/2013 12:13 AM" ""
+ "\Microsoft\Office\OfficeTelemetryAgentLogOn" "Office Telemetry Agent" "Microsoft Corporation" "c:\program files\microsoft office\office15\msoia.exe" "18/12/2013 12:13 AM" ""
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll" "10/11/2010 2:02 PM" ""
+ "\Microsoft\Windows\Autochk\Proxy" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs" "11/6/2009 1:19 AM" ""
+ "\Microsoft\Windows\SystemRestore\SR" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
+ "\Microsoft\Windows\Tcpip\IpAddressConflict1" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
+ "\Microsoft\Windows\Tcpip\IpAddressConflict2" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
+ "\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe" "14/7/2009 4:09 AM" ""
+ "\Microsoft\Windows\WindowsBackup\AutomaticBackup" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
+ "\WPD\SqmUpload_S-1-5-21-590680974-46065942-2644484873-1000" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
"HKLM\System\CurrentControlSet\Services" "" "" "" "11/3/2017 10:33 AM" ""
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\virtualization handler\cvhsvc.exe" "18/3/2015 11:48 PM" ""
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files\windows live\family safety\fsssvc.exe" "23/9/2010 11:16 AM" ""
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files\microsoft office\office14\groove.exe" "19/12/2013 4:34 AM" ""
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe" "15/11/2016 7:57 AM" ""
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe" "15/11/2016 7:57 AM" ""
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe" "07/11/2012 2:37 PM" ""
+ "osppsvc" "Enables the download, installation, and enforcement of digital licenses for Microsoft Office applications. These applications require this service for proper operation. It is strongly recommended that you keep this service enabled." "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe" "06/7/2012 3:41 AM" ""
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files\microsoft application virtualization client\sftlist.exe" "25/6/2013 11:04 PM" ""
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files\microsoft application virtualization client\sftvsa.exe" "25/6/2013 11:02 PM" ""
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll" "27/5/2013 8:57 AM" ""
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe" "22/9/2010 1:00 AM" ""
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe" "20/11/2010 2:36 PM" ""
"HKLM\System\CurrentControlSet\Services" "" "" "" "11/3/2017 10:33 AM" ""
+ "acsock" "Cisco AnyConnect Kernel Driver Framework Socket Layer Interceptor" "Cisco Systems, Inc." "c:\windows\system32\drivers\acsock.sys" "07/11/2012 6:27 AM" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys" "06/12/2008 3:59 AM" ""
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys" "01/5/2007 9:29 PM" ""
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys" "28/2/2007 4:03 AM" ""
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys" "12/4/2006 4:20 AM" ""
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys" "14/7/2009 3:11 AM" ""
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys" "19/3/2010 5:08 AM" ""
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys" "20/3/2009 10:35 PM" ""
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys" "19/3/2010 8:19 PM" ""
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys" "25/5/2007 1:31 AM" ""
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys" "14/1/2009 11:26 PM" ""
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athr.sys" "21/6/2011 12:00 PM" ""
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys" "14/2/2009 2:10 AM" ""
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys" "26/4/2009 3:15 PM" ""
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys" "07/8/2006 1:33 AM" ""
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys" "07/8/2006 1:33 AM" ""
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys" "07/8/2006 1:33 AM" ""
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys" "07/8/2006 1:33 AM" ""
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys" "07/8/2006 1:33 AM" ""
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys" "09/8/2006 4:02 PM" ""
+ "clwvd" "CyberLink WebCam Virtual Driver" "CyberLink Corporation" "c:\windows\system32\drivers\clwvd.sys" "28/7/2010 5:13 AM" ""
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys" "14/7/2009 3:11 AM" ""
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys" "31/12/2008 8:06 PM" ""
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys" "04/2/2009 2:09 AM" ""
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys" "11/5/2009 11:22 AM" ""
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys" "19/5/2009 3:42 AM" ""
+ "htcnprot" "HTC NDIS Protocol Driver" "Windows (R) Win 7 DDK provider" "c:\windows\system32\drivers\htcnprot.sys" "23/6/2010 6:24 AM" ""
+ "HtcVCom32" "USB Modem/Serial Device Driver" "QUALCOMM Incorporated" "c:\windows\system32\drivers\htcvcomv32.sys" "26/10/2009 4:01 PM" ""
+ "HWiNFO32" "HWiNFO x86 Kernel Driver" "REALiX(tm)" "c:\windows\system32\drivers\hwinfo32.sys" "23/11/2014 8:24 PM" ""
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys" "11/6/2010 4:45 AM" ""
+ "IDMWFP" "Internet Download Manager WFP Driver" "Tonec Inc." "c:\windows\system32\drivers\idmwfp.sys" "26/1/2012 5:47 PM" ""
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys" "20/3/2012 3:26 AM" ""
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys" "14/12/2005 1:48 AM" ""
+ "IntcDAud" "Intel(R) Display Audio Driver" "Intel(R) Corporation" "c:\windows\system32\drivers\intcdaud.sys" "15/10/2010 12:27 PM" ""
+ "ivusb" "Initio Default Vendor Specific Device Driver" "Initio Corporation" "c:\windows\system32\drivers\ivusb.sys" "14/5/2010 6:41 AM" ""
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x86.sys" "27/9/2010 10:36 AM" ""
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys" "10/12/2008 2:28 AM" ""
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys" "19/5/2009 4:19 AM" ""
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys" "19/5/2009 4:31 AM" ""
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys" "17/4/2009 2:14 AM" ""
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys" "19/5/2009 5:09 AM" ""
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys" "19/5/2009 5:25 AM" ""
+ "MEI" "Intel(R) Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\heci.sys" "20/10/2010 3:33 AM" ""
+ "netr28u" "Ralink 802.11n Wireless Adapter Driver" "Ralink Technology Corp." "c:\windows\system32\drivers\netr28u.sys" "13/11/2009 1:44 PM" ""
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys" "07/6/2006 1:12 AM" ""
+ "nvraid" "NVIDIA® nForce(TM) RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys" "20/3/2010 1:00 AM" ""
+ "nvstor" "NVIDIA® nForce(TM) Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys" "20/3/2010 12:51 AM" ""
+ "pfmfs_178" "System Extension - Pismo File Mount" "Pismo Technic Inc." "c:\windows\system32\drivers\pfmfs_178.sys" "01/7/2015 1:56 AM" ""
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys" "23/1/2009 3:28 AM" ""
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys" "19/5/2009 5:17 AM" ""
+ "rbtnfd_srv" "Riverbed Steelhead Mobile NDIS6 filter driver" "Riverbed Technology, Inc" "c:\windows\system32\drivers\rbtnfd.sys" "05/10/2013 3:34 AM" ""
+ "RSUSBVSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsuvstor.sys" "15/3/2011 1:57 PM" ""
+ "RTL8167" "Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver " "Realtek " "c:\windows\system32\drivers\rt86win7.sys" "10/6/2011 10:31 AM" ""
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys" "24/9/2008 10:19 PM" ""
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys" "02/10/2008 1:52 AM" ""
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys" "18/2/2009 3:03 AM" ""
+ "TrueSight" "" "" "c:\windows\system32\drivers\truesight.sys" "16/1/2016 12:17 AM" ""
+ "ujiyodk3" "AVZGuard Driver" "Zaitsev Oleg, 2006" "c:\windows\system32\drivers\ujiyodk3.sys" "31/3/2011 7:04 PM" ""
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys" "28/11/2012 3:37 AM" ""
+ "utiyodk3" "AVZ Driver" "" "c:\windows\system32\drivers\utiyodk3.sys" "12/1/2008 6:51 PM" ""
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys" "14/7/2009 3:11 AM" ""
+ "vncmirror" "VNC Mirror Miniport" "RealVNC Ltd." "c:\windows\system32\drivers\vncmirror.sys" "14/3/2008 9:42 PM" ""
+ "vpnva" "Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows" "Cisco Systems, Inc." "c:\windows\system32\drivers\vpnva-6.sys" "15/6/2013 12:18 AM" ""
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys" "31/1/2009 5:13 AM" ""
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam.sys" "16/4/2008 12:27 PM" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers" "" "" "" "14/7/2009 8:41 AM" ""
+ "Adobe Type Manager" "Windows NT OpenType/Type 1 Font Driver" "Adobe Systems Incorporated" "c:\windows\system32\atmfd.dll" "02/11/2016 6:53 PM" ""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "23/5/2015 12:37 PM" ""
+ "msacm.aacacm" "AAC ACM Codec" "fccHandler" "c:\windows\system32\aacacm.acm" "01/10/2011 5:03 AM" ""
+ "msacm.ac3acm" "AC-3 ACM Codec" "fccHandler" "c:\windows\system32\ac3acm.acm" "22/12/2011 4:14 AM" ""
+ "msacm.ac3filter" "" "" "c:\windows\system32\ac3filter.acm" "11/8/2009 9:18 PM" ""
+ "msacm.avis" "ffdshow ACM codec" "" "c:\windows\system32\ff_acm.acm" "28/1/2012 2:10 PM" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm" "14/7/2009 5:06 AM" ""
+ "msacm.l3pacm" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecp.acm" "14/7/2009 5:06 AM" ""
+ "msacm.lameacm" "Lame MP3 codec engine" "http://www.mp3dev.org/" "c:\windows\system32\lameacm.acm" "24/9/2008 11:41 PM" ""
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll" "20/11/2010 3:59 PM" ""
+ "VIDC.FFDS" "ffdshow VFW" "" "c:\windows\system32\ff_vfw.dll" "28/1/2012 2:54 AM" ""
+ "VIDC.LAGS" "Lagarith" " " "c:\windows\system32\lagarith.dll" "08/12/2011 4:32 AM" ""
+ "VIDC.X264" "" "" "c:\windows\system32\x264vfw.dll" "19/1/2012 1:29 PM" ""
+ "VIDC.XVID" "" "" "c:\windows\system32\xvidvfw.dll" "24/6/2011 6:44 PM" ""
+ "VIDC.YV12" "" "" "c:\windows\system32\xvidvfw.dll" "24/6/2011 6:44 PM" ""
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "28/8/2016 1:55 PM" ""
+ "AC3File" "" "" "c:\program files\k-lite codec pack\filters\ac3file.ax" "04/8/2009 9:09 AM" ""
+ "Audio Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmprevu.dll" "12/12/2002 5:34 AM" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll" "10/11/2010 2:21 PM" ""
+ "DC-Bass Source" "DirectShow™ Audio Decoder" "http://www.dsp-worx.de" "c:\program files\k-lite codec pack\filters\dcbasssource.ax" "20/6/1992 2:22 AM" ""
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files\k-lite codec pack\filters\vsfilter.dll" "06/2/2012 2:36 AM" ""
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files\k-lite codec pack\filters\vsfilter.dll" "06/2/2012 2:36 AM" ""
+ "DXVA Filter" "MPEG-1/2 Decoder Filter for DirectShow" "Gabest" "c:\program files\gretech\gomplayer\codecs\mpeg2decfilter.ax" "05/6/2004 12:09 PM" ""
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax" "06/2/2012 10:13 PM" ""
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax" "06/2/2012 10:13 PM" ""
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax" "06/2/2012 10:13 PM" ""
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax" "06/2/2012 10:13 PM" ""
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax" "06/2/2012 10:13 PM" ""
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax" "06/2/2012 10:13 PM" ""
+ "File Source (Monkey Audio)" "" "" "c:\program files\k-lite codec pack\filters\monkeysource.ax" "20/6/1992 2:22 AM" ""
+ "Gretech AAC Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech ASF Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech AsfEx Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech Audio Filter" "Gretech Audio Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gaf.ax" "09/6/2016 2:20 PM" ""
+ "Gretech AVI Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech FLV Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech MKV Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech MP3 Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech MP4 Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech MPEG Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech MPEG Source Filter2" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech Network(AVI) Filter" "Gretech Corp." "Gretech Corp." "c:\program files\gretech\gomplayer\gnf.ax" "03/3/2014 1:27 PM" ""
+ "Gretech Network(FLV) Filter" "Gretech Corp." "Gretech Corp." "c:\program files\gretech\gomplayer\gnf.ax" "03/3/2014 1:27 PM" ""
+ "Gretech Network(GOM) Filter" "Gretech Corp." "Gretech Corp." "c:\program files\gretech\gomplayer\gnf.ax" "03/3/2014 1:27 PM" ""
+ "Gretech Network(MP4) Filter" "Gretech Corp." "Gretech Corp." "c:\program files\gretech\gomplayer\gnf.ax" "03/3/2014 1:27 PM" ""
+ "Gretech Network(OGG) Filter" "Gretech Corp." "Gretech Corp." "c:\program files\gretech\gomplayer\gnf.ax" "03/3/2014 1:27 PM" ""
+ "Gretech Network(SHOUTcast) Filter" "Gretech Corp." "Gretech Corp." "c:\program files\gretech\gomplayer\gnf.ax" "03/3/2014 1:27 PM" ""
+ "Gretech OGG Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech OGG Source Filter2" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech Source Filter" "Gretech Media Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\mediasource.ax" "22/7/2016 11:20 AM" ""
+ "Gretech Video Filter" "Gretech Video Filter" "Gretech" "c:\program files\gretech\gomplayer\gvf.ax" "08/8/2016 10:41 AM" ""
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax" "08/9/2011 6:01 PM" ""
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax" "08/9/2011 6:01 PM" ""
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax" "08/9/2011 6:01 PM" ""
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax" "08/9/2011 6:01 PM" ""
+ "Haali Video Renderer" "" "" "c:\program files\k-lite codec pack\filters\haali\dxr.dll" "08/9/2011 6:00 PM" ""
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax" "08/9/2011 6:01 PM" ""
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack\filters\lav\lavaudio.ax" "06/2/2012 10:27 PM" ""
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack\filters\lav\lavsplitter.ax" "06/2/2012 10:27 PM" ""
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack\filters\lav\lavsplitter.ax" "06/2/2012 10:27 PM" ""
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack\filters\lav\lavvideo.ax" "06/2/2012 10:27 PM" ""
+ "madFlac Decoder" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files\k-lite codec pack\filters\madflac.ax" "20/6/1992 2:22 AM" ""
+ "madFlac Source" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files\k-lite codec pack\filters\madflac.ax" "20/6/1992 2:22 AM" ""
+ "madVR" "madshi's D3D9 based video renderer" "madshi.net" "c:\program files\k-lite codec pack\filters\madvr\madvr.ax" "19/12/2011 12:25 AM" ""
+ "MONOGRAM AMR Decoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax" "16/3/2008 5:30 PM" ""
+ "MONOGRAM AMR Encoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax" "16/3/2008 5:30 PM" ""
+ "MONOGRAM AMR Mux" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax" "16/3/2008 5:30 PM" ""
+ "MONOGRAM AMR Splitter" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax" "16/3/2008 5:30 PM" ""
+ "MONOGRAM Musepack Decoder" "mmmpcdec" "" "c:\program files\k-lite codec pack\filters\mmmpcdec.ax" "18/1/2009 3:03 PM" ""
+ "MONOGRAM Musepack Splitter" "mmmpcdmx" "" "c:\program files\k-lite codec pack\filters\mmmpcdmx.ax" "18/1/2009 8:15 PM" ""
+ "MPC - DTS/AC3/DD+ Source" "DTS/AC3 Source Filter" "MPC-HC Team" "c:\program files\win7codecs\filters\dtsac3source.ax" "09/2/2012 3:55 PM" ""
+ "MPC Matroska Source" "Matroska Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\matroskasplitter.ax" "09/2/2012 3:54 PM" ""
+ "MPC Matroska Splitter" "Matroska Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\matroskasplitter.ax" "09/2/2012 3:54 PM" ""
+ "MPC Ogg Source" "Ogg Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\oggsplitter.ax" "09/2/2012 3:54 PM" ""
+ "MPC Ogg Splitter" "Ogg Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\oggsplitter.ax" "09/2/2012 3:54 PM" ""
+ "MPC RealAudio Decoder" "RealMedia Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\realmediasplitter.ax" "06/2/2012 1:45 AM" ""
+ "MPC RealMedia Source" "RealMedia Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\realmediasplitter.ax" "06/2/2012 1:45 AM" ""
+ "MPC RealMedia Splitter" "RealMedia Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\realmediasplitter.ax" "06/2/2012 1:45 AM" ""
+ "MPC RealVideo Decoder" "RealMedia Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\realmediasplitter.ax" "06/2/2012 1:45 AM" ""
+ "MPEG Audio Decoder (MAD)" "Mpeg Audio Decoder for DirectShow, based on libmad" "Gabest" "c:\program files\gretech\gomplayer\codecs\mpadecfilter.ax" "18/5/2004 8:06 AM" ""
+ "Mpeg2Dec Filter" "MPEG-1/2 Decoder Filter for DirectShow" "Gabest" "c:\program files\gretech\gomplayer\codecs\mpeg2decfilter.ax" "05/6/2004 12:09 PM" ""
+ "Nero Digital Parser" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\win7codecs\filters\ndparser.ax" "26/1/2006 8:29 PM" ""
+ "Nero ES Video Reader" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\win7codecs\filters\ndparser.ax" "26/1/2006 8:29 PM" ""
+ "RadLight OptimFROG DirectShow Filter" "RLOFRDec" "RadLight" "c:\program files\win7codecs\filters\rlofrdec.ax" "27/4/2004 7:03 PM" ""
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll" "10/11/2010 2:21 PM" ""
+ "Record Queue" "WME Record Queue" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmedque.dll" "12/12/2002 5:34 AM" ""
+ "T" "VP7 Decompression Filter" "On2.com Inc." "c:\program files\k-lite codec pack\filters\vp7dec.ax" "25/3/2006 2:09 AM" ""
+ "Video Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmprevu.dll" "12/12/2002 5:34 AM" ""
+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files\k-lite codec pack\filters\wavpackdsdecoder.ax" "04/3/2007 1:50 PM" ""
+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files\k-lite codec pack\filters\wavpackdssplitter.ax" "03/10/2007 2:09 AM" ""
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll" "10/11/2010 2:21 PM" ""
+ "WMEnc Screen Capture Filter" "WMESrcWp Module" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmesrcwp.dll" "12/12/2002 5:34 AM" ""
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll" "10/11/2010 2:21 PM" ""
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll" "10/11/2010 2:21 PM" ""
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll" "10/11/2010 2:21 PM" ""
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll" "10/11/2010 2:21 PM" ""
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll" "10/11/2010 2:21 PM" ""
"HKLM\SOFTWARE\Classes\Htmlfile\Shell\Open\Command\(Default)" "" "" "" "21/5/2013 11:38 PM" ""
+ "C:\Program Files\Internet Explorer\iexplore.exe" "Internet Explorer" "Microsoft Corporation" "c:\program files\internet explorer\iexplore.exe" "12/11/2016 8:56 PM" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" "" "28/2/2012 12:32 AM" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll" "22/9/2010 1:01 AM" ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" "" "05/6/2015 6:56 PM" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "22/9/2010 1:00 AM" ""
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "22/9/2010 1:00 AM" ""
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" "" "17/10/2016 6:33 PM" ""
+ "Canon BJ FAX Language Monitor MX420 series" "Canon Inkjet Fax Driver" "CANON INC." "c:\windows\system32\cncalam.dll" "21/10/2010 4:22 AM" ""
+ "Canon BJ Language Monitor MX420 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlmam.dll" "13/3/2012 10:15 AM" ""
+ "Canon BJNP Port" "Canon IJ Network 32bit comm Module" "CANON INC." "c:\windows\system32\cnmnppm.dll" "14/6/2012 12:18 PM" ""
+ "MONVNC" "Port Monitor DLL" "" "c:\windows\system32\vncpm.dll" "24/2/2009 8:26 PM" ""
+ "PDF Converter Elite 3.0 Monitor" "" "" "File not found: pc3PCR2PortMon.dll" "" ""
+ "PDFill Writer Monitor" "DDK Local Monitor DLL" "Windows (R) Codename Longhorn DDK provider" "c:\program files\plotsoft\pdfill\pdfwriter\driver\pdfillwritermon.dll" "21/6/2008 5:24 PM" ""
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" "" "08/9/2015 1:42 PM" ""
+ "pfmunc" "Pismo File Mount" "Pismo Technic Inc." "c:\windows\system32\pfmapi_178.dll" "01/7/2015 1:56 AM" ""
"WMI Database Entries - run as Administrator for complete scan" "" "" "" "" ""
+ "BVTConsumer" "" "" "File not found: KernCap.vbs" "" ""
"HKLM\Software\Microsoft\Office\Outlook\Addins" "" "" "" "20/10/2015 10:17 PM" ""
X "BCSAddin Connect class" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files\microsoft office\office14\addins\bcsaddin.dll" "05/11/2012 7:24 PM" ""
+ "Connect Class" "Outlook Social Connector 2013" "Microsoft Corporation" "c:\program files\microsoft office\office15\socialconnector.dll" "12/5/2015 7:22 PM" ""
+ "FormRegionAddin Class" "" "" "c:\program files\microsoft office\office15\addins\umoutlookaddin.dll" "13/10/2015 12:52 PM" ""
+ "Groove OutlookProxyAddIn" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
+ "LyncAddin Class" "Skype for Business" "Microsoft Corporation" "c:\program files\microsoft office\office15\ucaddin.dll" "13/12/2016 10:32 AM" ""
+ "Microsoft VBA for Outlook Addin" "Outlook VBA Integration Add-In" "Microsoft Corporation" "c:\program files\microsoft office\office15\addins\outlvba.dll" "13/12/2016 10:41 AM" ""
+ "OneNote Notes about Outlook Items" "Microsoft OneNote Outlook Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office15\onbttnol.dll" "01/11/2016 11:28 AM" ""
+ "TeamViewerMeetingAddIn.AddIn" "FileDescription" "CompanyName" "c:\program files\teamviewer\outlook\teamviewermeetingaddinshim.dll" "11/9/2015 7:34 PM" ""
"HKCU\Software\Microsoft\Office\Outlook\Addins" "" "" "" "18/9/2015 7:02 AM" ""
+ "Access COM Addin for Outlook" "Access Outlook Data Collection Addin" "Microsoft Corporation" "c:\program files\microsoft office\office14\addins\accolk.dll" "13/10/2015 3:40 PM" ""
+ "ColleagueImportAddIn Class" "Microsoft Office 2013 component" "Microsoft Corporation" "c:\program files\microsoft office\office15\addins\colleagueimport.dll" "15/8/2013 4:14 AM" ""
+ "OcForms Class" "Skype for Business" "Microsoft Corporation" "c:\program files\microsoft office\office15\ocoffice.dll" "12/7/2016 5:17 PM" ""
"HKLM\Software\Microsoft\Office\Excel\Addins" "" "" "" "09/9/2015 11:58 AM" ""
+ "ExcelAddin Class" "PDFillPDFButton Module for Excel" "PlotSoft LLC" "c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_excel.dll" "12/9/2010 1:06 AM" ""
+ "NativeShim.InquireConnector Class" "" "" "c:\program files\microsoft office\office15\dcf\nativeshim.dll" "07/11/2012 2:39 PM" ""
"HKCU\Software\Microsoft\Office\Excel\Addins" "" "" "" "09/9/2015 12:46 PM" ""
+ "Ad Hoc Reporting Excel Client Add-In" "Power View for Excel module" "Microsoft Corporation" "c:\program files\microsoft office\office15\addins\power view excel add-in\adhocreportingexcelclient.dll" "26/3/2015 3:55 AM" ""
+ "ExcelAddin Class" "PDFillPDFButton Module for Excel" "PlotSoft LLC" "c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_excel.dll" "12/9/2010 1:06 AM" ""
+ "NativeEntry Class" "Power Pivot for Excel" "Microsoft Corporation" "c:\program files\microsoft office\office15\addins\powerpivot excel add-in\powerpivotexcelclientaddin.dll" "16/10/2014 4:12 AM" ""
"HKLM\Software\Microsoft\Office\PowerPoint\Addins" "" "" "" "14/11/2014 6:19 PM" ""
+ "PowerpointAddin Class" "PDFillPDFButton Module for PowerPoint" "PlotSoft LLC" "c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_powerpoint.dll" "12/9/2010 1:03 AM" ""
"HKCU\Software\Microsoft\Office\PowerPoint\Addins" "" "" "" "14/11/2014 6:19 PM" ""
X "OneNote PowerPoint Add-In Take Notes Content Service Class" "Microsoft OneNote PowerPoint Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office15\onpptaddin.dll" "01/11/2016 11:07 AM" ""
+ "PowerpointAddin Class" "PDFillPDFButton Module for PowerPoint" "PlotSoft LLC" "c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_powerpoint.dll" "12/9/2010 1:03 AM" ""
"HKLM\Software\Microsoft\Office\Word\Addins" "" "" "" "14/11/2014 6:19 PM" ""
+ "WordAddin Class" "PDFillPDFButton Module for Word" "PlotSoft LLC" "c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_word.dll" "12/9/2010 12:56 AM" ""
"HKCU\Software\Microsoft\Office\Word\Addins" "" "" "" "14/11/2014 6:19 PM" ""
X "OneNote Word Add-In Take Notes Content Service Class" "Microsoft OneNote Word Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office15\onwordaddin.dll" "01/11/2016 11:24 AM" ""
+ "WordAddin Class" "PDFillPDFButton Module for Word" "PlotSoft LLC" "c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_word.dll" "12/9/2010 12:56 AM" ""
Click to expand...
 
#45
~ ZHPDiag v2017.3.11.43 By Nicolas Coolman (2017/03/09)
~ Run by MSI CR-460 (Administrator) (2017/03/11 15:05:34)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\MSI CR-460\Desktop\ZHPDiag.txt
~ Report: C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601) =>.Microsoft Corporation

---\\ Internet Browsers (2) - 0s
~ GCIE: Google Chrome v56.0.2924.87
~ MSIE: Internet Explorer v11.0.9600.18537

---\\ Windows Product Information (4) - 3s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Automatic Updates : OK
Windows Activation Technologies : KO

---\\ System protection software (1) - 2s
Malwarebytes Anti-Malware version 2.2.1.1043 (Protection)

---\\ System optimization software (1) - 3s
~ CCleaner v5.27 (Optimize)

---\\ Surveillance software (2) - 3s
~ Adobe Flash Player 22 NPAPI (Surveillance)
~ Adobe Reader XI (Surveillance)

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 2097.152 MB (57% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 49 GB (16%) free of 305 GB : OK =>.Disk Space

---\\ Connection to the system mode (3) - 0s
~ Computer Name: MSICR-460-PC
~ User Name: MSI CR-460
~ Logged in as Administrator

---\\ Enumeration of the disk units (1) - 0s
~ Drive C: has 49 GB free of 305 GB (System)

---\\ State of the Windows Security Center (23) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (22) - 6s
[MD5.6DDCA324434FFA506CF7DC4E51DB7935] - 29/08/2016 - (.Microsoft Corporation - Windows Explorer.) -- C:\windows\Explorer.exe [2972672] =>.Microsoft Corporation
[MD5.B5C5DCAD3899512020D135600129D665] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\windows\System32\Wininit.exe [96256] =>.Microsoft Corporation
[MD5.F4F5123B45BFCFD2F035280FDCB5BBBE] - 12/11/2016 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\windows\System32\wininet.dll [2444800] =>.Microsoft Corporation
[MD5.52449FD429D6053B78AE564DEF303870] - 17/07/2014 - (.Microsoft Corporation - Windows Logon Application.) -- C:\windows\System32\Winlogon.exe [304128] =>.Microsoft Corporation
[MD5.E3AE23569749DE12D45BA3B489A036AE] - 21/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\windows\System32\sppcomapi.dll [193536] =>.Microsoft Corporation
[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\windows\System32\dnsapi.dll [270336] =>.Microsoft Corporation
[MD5.93B49FA857F7036A4EFF32371F6E7391] - 13/10/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\windows\System32\drivers\AFD.sys [338944] =>.Microsoft Corporation
[MD5.338C86357871C167A96AB976519BF59E] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\windows\System32\drivers\atapi.sys [21584] =>.Microsoft Windows®
[MD5.77EA11B065E0A8AB902D78145CA51E10] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\windows\System32\drivers\Cdfs.sys [70656] =>.Microsoft Corporation
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\windows\System32\drivers\Cdrom.sys [108544] =>.Microsoft Corporation
[MD5.EA9DBD76CE9254C77BAAB4339DD4C4FB] - 08/09/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\windows\System32\drivers\DfsC.sys [81408] =>.Microsoft Corporation
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\windows\System32\drivers\HDAudBus.sys [108544] =>.Microsoft Corporation
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - 14/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\windows\System32\drivers\i8042prt.sys [80896] =>.Microsoft Corporation
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\windows\System32\drivers\IpNat.sys [101888] =>.Microsoft Corporation
[MD5.6284D46BAA301BEDB9AB7FA7672B2410] - 05/01/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\windows\System32\drivers\MRxSmb.sys [124416] =>.Microsoft Corporation
[MD5.A00996C9BFEF29A93B9F21DBE1DC502D] - 11/05/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\windows\System32\drivers\netBT.sys [188928] =>.Microsoft Corporation
[MD5.978E7A2E4BF4E8E70D0776EF0D9E97FB] - 11/01/2016 - (.Microsoft Corporation - NT File System Driver.) -- C:\windows\System32\drivers\ntfs.sys [1212352] =>.Microsoft Windows®
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\windows\System32\drivers\Parport.sys [79360] =>.Microsoft Corporation
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - 14/07/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\windows\System32\drivers\Rasl2tp.sys [78848] =>.Microsoft Corporation
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\windows\System32\drivers\smb.sys [71168] =>.Microsoft Corporation
[MD5.BB8817D0508DD5EA69C770C8DEF5AB67] - 13/10/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\windows\System32\drivers\tdx.sys [74752] =>.Microsoft Corporation
[MD5.F497F67932C6FA693D7DE2780631CFE7] - 21/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\windows\System32\drivers\volsnap.sys [245632] =>.Microsoft Windows®

---\\ Task Planned Automatically (3) - 19s
[MD5.3B2336A8281ABE998D156B580D6FAC4F] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [7347928] (.Activate.) =>.Piriform Ltd®
[MD5.00000000000000000000000000000000] [APT] [Microsoft\Windows\Autochk\Proxy] (...) -- C:\windows\system32\rundll32.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\windows\System32\Tasks\CCleanerSkipUAC [2782] =>.Piriform Ltd®

---\\ Auto loading programs from Registry and folders (4) - 1s
O4 - HKCU\..\Run: [CCleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-590680974-46065942-2644484873-1000\..\Run: [CCleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®

---\\ Process running (3) - 1s
[MD5.0A70F4022EC2E14C159EFC4F69AA2477] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1710464] [PID.1140] =>.Microsoft Corporation®
[MD5.9C879E1C3B27085FB46EFECCD7120D51] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [193408] [PID.1576] =>.Microsoft Corporation®
[MD5.8E250FADD558485AF6AD0DC33F40C09D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag3.exe [2708480] [PID.3604] =>.Nicolas Coolman

---\\ Google Chrome, Start,Search,Extensions (3) - 1s
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (6) - 5s
P2 - EXT: (.Microsoft Corporation - The plugin allows you to have a better expe.) -- C:\Program Files\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll =>.Microsoft Corporation®
P2 - EXT FILE: (.Test Pilot - Help make Firefox better by running us.) -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4hyy.default\extensions\testpilot@labs.mozilla.com.xpi =>.Test Pilot
P2 - EXT FILE: (.Google - Default Search.) -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4hyy.default\searchplugins\Google.xml =>.Google
P2 - EXT: (...) -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4hyy.default\extensions\staged
P2 - EXT: (.Riverbed Technology, Inc. - Steelhead Mobile Certificate Manager.) -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4hyy.default\extensions\SteelheadMobileCertificateManager@riverbed.com =>.Riverbed Technology, Inc.
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_22_0_0_209.dll =>.Adobe Systems Incorporated

---\\ Internet Explorer Extensions, Start, Search (14) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/ =>.Bing.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/ =>.Bing.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/ =>.Bing.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://www.bing.com/ =>.Bing.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (7) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (1)

---\\ Browser Helper Object (BHO) (8) - 2s
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files\Microsoft Office\Office15\OCHelper.dll =>.Microsoft Corporation®
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll =>.Microsoft Corporation®
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll =>.Microsoft Corporation®
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL =>.Microsoft Corporation®
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll =>.Oracle America, Inc.®

---\\ Global shortcuts Startup (102) - 33s
O4 - GS\Desktop [Administrator]: Documents - Shortcut.lnk . (...) C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
O4 - GS\Desktop [Administrator]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Desktop [Administrator]: PDF Password Remover.lnk . (.Tenorshare - PDF Password Remover.) C:\Program Files\PDF Password Remover\PDF Password Remover.exe =>.Tenorshare
O4 - GS\Desktop [Administrator]: Telegram.lnk . (.Telegram Messenger LLP - .) C:\Users\MSI CR-460\AppData\Roaming\Telegram Desktop\Telegram.exe {0084CF3F73EDB10D86} =>.Telegram Messenger LLP
O4 - GS\Desktop [Administrator]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.exe =>.GRETECH®
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Administrator]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer®
O4 - GS\TaskBar [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [Administrator]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\TaskBar [Administrator]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Programs [Administrator]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Programs [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrator]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Guest]: Documents - Shortcut.lnk . (...) C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
O4 - GS\Desktop [Guest]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Desktop [Guest]: PDF Password Remover.lnk . (.Tenorshare - PDF Password Remover.) C:\Program Files\PDF Password Remover\PDF Password Remover.exe =>.Tenorshare
O4 - GS\Desktop [Guest]: Telegram.lnk . (.Telegram Messenger LLP - .) C:\Users\MSI CR-460\AppData\Roaming\Telegram Desktop\Telegram.exe {0084CF3F73EDB10D86} =>.Telegram Messenger LLP
O4 - GS\Desktop [Guest]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.exe =>.GRETECH®
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Guest]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer®
O4 - GS\TaskBar [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [Guest]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\TaskBar [Guest]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Programs [Guest]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Programs [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Guest]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Desktop [MSI CR-460]: Documents - Shortcut.lnk . (...) C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
O4 - GS\Desktop [MSI CR-460]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Desktop [MSI CR-460]: PDF Password Remover.lnk . (.Tenorshare - PDF Password Remover.) C:\Program Files\PDF Password Remover\PDF Password Remover.exe =>.Tenorshare
O4 - GS\Desktop [MSI CR-460]: Telegram.lnk . (.Telegram Messenger LLP - .) C:\Users\MSI CR-460\AppData\Roaming\Telegram Desktop\Telegram.exe {0084CF3F73EDB10D86} =>.Telegram Messenger LLP
O4 - GS\Desktop [MSI CR-460]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [MSI CR-460]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [MSI CR-460]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.exe =>.GRETECH®
O4 - GS\Quicklaunch [MSI CR-460]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [MSI CR-460]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [MSI CR-460]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [MSI CR-460]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [MSI CR-460]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [MSI CR-460]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer®
O4 - GS\TaskBar [MSI CR-460]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [MSI CR-460]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\TaskBar [MSI CR-460]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Programs [MSI CR-460]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Programs [MSI CR-460]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [MSI CR-460]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\CommonDesktop [Public]: Canon IJ Network Tool.lnk . (.CANON INC. - Canon IJ Network Tool.) C:\Program Files\Canon\Canon IJ Network Tool\CNMNPUT.EXE =>.Canon Inc.®
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Family Tree Maker 2012.lnk . (.Ancestry.com - Family Tree Maker 2012.) C:\Program Files\Family Tree Maker 2012\FTM.exe
O4 - GS\CommonDesktop [Public]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.exe =>.GRETECH®
O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes - Malwarebytes Anti-Malware.) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: PIXAJOY Editor.lnk . (.Pixajoy - Pixajoy.) C:\Program Files\PIXAJOY Editor\PIXAJOY Editor.exe
O4 - GS\CommonDesktop [Public]: RogueKiller.lnk . (...) C:\Program Files\RogueKiller\RogueKiller.exe =>.Adlice®
O4 - GS\CommonDesktop [Public]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) C:\Program Files\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Programs [Public]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\windows\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe -extoff =>.Microsoft Corporation®
O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) C:\windows\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Bluetooth File Transfer Wizard.lnk . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Display Switch.) C:\windows\system32\displayswitch.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) C:\windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Microsoft® Disk Defragmenter.) C:\windows\system32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Disk Space Cleanup Manager for Windows.) C:\windows\system32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Resource and Performance Monitor.) C:\windows\system32\perfmon.exe /res =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - System Information.) C:\windows\system32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Microsoft® Windows System Restore.) C:\windows\system32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\windows\system32\taskschd.msc /s =>..Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Windows Easy Transfer Post Migration Applic.) C:\windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Windows Easy Transfer Application.) C:\windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Adobe Reader XI.lnk . (...) C:\windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico =>.Adobe Inc.
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Microsoft Security Essentials.lnk . (.Microsoft Corporation - Microsoft Security Client User Interface.) C:\Program Files\Microsoft Security Client\msseces.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Sidebar.lnk . (.Microsoft Corporation - Windows Desktop Gadgets.) C:\Program Files\Windows Sidebar\sidebar.exe /showgadgets =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\ProgramsCommon [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Windows Anytime Upgrade User Interface.) C:\windows\system32\WindowsAnytimeUpgradeUI.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) C:\Program Files\Windows Live\Mail\wlmail.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.) C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.) C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\windows\system32\xpsrchvw.exe =>.Microsoft Corporation

---\\ Lop.com/Domain Hijackers (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = domain.name
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{50C8F833-76C7-43D8-93AB-4E6D4052CA40}: DhcpNameServer = 192.168.0.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{50C8F833-76C7-43D8-93AB-4E6D4052CA40}: DhcpDomain = domain.name

---\\ Extra protocols (25) - 1s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files\Microsoft Office\Office15\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation®
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation®
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL =>.Microsoft Corporation®

---\\ Software installed (113) - 43s
O42 - Logiciel: Adobe Flash Player 22 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 24 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader XI (11.0.13) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824157129} =>.Adobe Systems Incorporated
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM] -- {4555BB9E-E715-4260-A178-E8EFD2B653E3} =>.Alcor Micro Corp.
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM] -- {AB398DDB-0E7B-400B-A940-7E61FB91A531} =>.Alcor Micro Corp.
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM] -- AmUStor =>.Alcor Micro Corp.
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} =>.Macrovision Corporation®
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {D3694B69-6F8C-42D3-8A0A-EB2AB528C02C} =>.Macrovision Corporation®
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} =>.Atheros Communications Inc.®
O42 - Logiciel: AVG PC TuneUp 2015 (en-US) - (.AVG Technologies.) [HKLM] -- {4AC74ED1-719B-46DA-8B8A-340FBF892291} =>.AVG Technologies
O42 - Logiciel: Broadcom 802.11 Network Adapter - (.Broadcom Corporation.) [HKLM] -- Broadcom 802.11 Network Adapter =>.Broadcom Corporation®
O42 - Logiciel: Canon IJ Network Scanner Selector EX - (..) [HKLM] -- Canon_IJ_Network_Scanner_Selector_EX =>.Canon Inc.®
O42 - Logiciel: Canon IJ Network Tool - (.Canon Inc..) [HKLM] -- Canon_IJ_Network_UTILITY =>.Canon Inc.®
O42 - Logiciel: Canon MX420 series MP Drivers - (.Canon Inc..) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX420_series =>.Canon Inc.®
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: Cisco AnyConnect Secure Mobility Client - (.Cisco Systems, Inc..) [HKLM] -- Cisco AnyConnect Secure Mobility Client =>.Cisco Systems, Inc.®
O42 - Logiciel: Cisco AnyConnect Secure Mobility Client - (.Cisco Systems, Inc..) [HKLM] -- {F63E747C-5B51-4A6E-9413-BF258F4653F3} =>.Cisco Systems, Inc.
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} =>.Cisco Systems, Inc.
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE} =>.Cisco Systems, Inc.
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640} =>.Cisco Systems, Inc.
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D} =>.CyberLink®
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} =>.CyberLink®
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft
O42 - Logiciel: Family Tree Maker 2012 - (.Ancestry.com, Inc..) [HKLM] -- {1CB0993B-1CD4-4A18-9C85-9732AFD9843F}
O42 - Logiciel: Family Tree Maker 2012 - (.Ancestry.com, Inc..) [HKLM] -- Family Tree Maker 2012
O42 - Logiciel: FileHippo App Manager - (.FileHippo.com.) [HKLM] -- FileHippo.com =>.FileHippo.com
O42 - Logiciel: FlashGet3.7 - (.http://www.FlashGet.com.) [HKLM] -- FlashGet3.7 =>.http://www.FlashGet.com
O42 - Logiciel: FormatFactory 2.20 - (.Free Time.) [HKLM] -- FormatFactory =>.Free Time
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM] -- GOM Player =>.Gretech Corporation
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Photos Backup - (.Google, Inc..) [HKCU] -- Google Photos Backup =>.Google, Inc.
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>.Google Inc.
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: HTC Driver Installer - (.HTC Corporation.) [HKLM] -- {4CEEE5D0-F905-4688-B9F9-ECC710507796} =>.HTC Corporation
O42 - Logiciel: HTC Sync Manager - (.HTC.) [HKLM] -- {231D0C79-98A6-4693-A366-36DE7D7346EC} =>.HTC
O42 - Logiciel: ImagXpress - (.Nero AG.) [HKLM] -- {A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D} =>.Nero AG
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation®
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation®
O42 - Logiciel: IPTInstaller - (.HTC.) [HKLM] -- {08208143-777D-4A06-BB54-71BF0AD1BB70} =>.HTC
O42 - Logiciel: Java 8 Update 121 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F32180121F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} =>.Microsoft Corporation
O42 - Logiciel: K-Lite Codec Pack 8.3.2 (Full) - (.KLite Inc.) [HKLM] -- KLiteCodecPack_is1 =>.KLite Inc
O42 - Logiciel: Lenovo_Wireless_Driver - (.Lenovo.) [HKLM] -- {28ABE740-47F3-441B-9437-852F6A64EFF8} =>.Macrovision Corporation®
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.1.1043 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: Master PDF Editor 2.1.65 - (.Code Industry Ltd..) [HKLM] -- Master PDF Editor 2.1.65_is1
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} =>.Microsoft Corporation
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM] -- {50816F92-1652-4A7C-B9BC-48F682742C4B} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Access MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0015-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Access Setup Metadata MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0117-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM] -- {95120000-00B9-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft DCF MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0090-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Excel MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0016-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Groove MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00BA-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft InfoPath MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0044-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Lync MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-012B-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneNote MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00A1-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001A-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft PowerPoint MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0018-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Publisher MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0019-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visio MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0054-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visio Professional 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0051-0000-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visio Professional 2013 - (.Microsoft Corporation.) [HKLM] -- Office15.VISPRO =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Word MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001B-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} =>.Microsoft Corporation
O42 - Logiciel: My Photo Creations (Photobookmart Edition) - (.Digilabs.) [HKLM] -- {111FC0F4-F93D-4FB1-A91D-B0258A8A1BA5}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} =>.Nero AG
O42 - Logiciel: PDF Password Remover - (.Tenorshare, Inc..) [HKLM] -- PDF Password Remover =>.Tenorshare, Inc.
O42 - Logiciel: PDFill PDF Editor with FREE Writer and FREE Tools - (.PlotSoft LLC.) [HKLM] -- {D1399216-81B2-457C-A0F7-73B9A2EF6902} =>.PlotSoft LLC
O42 - Logiciel: Photobook Designer - (.Photobook Malaysia.) [HKCU] -- Photobook Designer
O42 - Logiciel: Pismo File Mount Audit Package - (..) [HKLM] -- PismoFileMountAuditPackage =>.Pismo Technic Inc.®
O42 - Logiciel: PIXAJOY Editor - (.Pixajoy.) [HKCU] -- PIXAJOY Editor
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek USB 2.0 Reader Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {62BBB2F0-E220-4821-A564-730807D2C34D} =>.Realtek Semiconductor Corp®
O42 - Logiciel: REALTEK Wireless LAN Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {9D3D8C60-A55F-4123-B2B9-173F09590E16} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Riverbed Steelhead Mobile - (.Riverbed Technology, Inc..) [HKLM] -- {09D86FD5-EA7E-4072-997F-4E88AE25ACA2} =>.Riverbed Technology, Inc.
O42 - Logiciel: RogueKiller version 12.9.8.0 - (.Adlice Software.) [HKLM] -- 8B3D7924-ED89-486B-8322-E8594065D5CB_is1 =>.Adlice®
O42 - Logiciel: S-Bar - (.MSI.) [HKLM] -- {4E18A842-A084-46E0-81BA-31C7EB96B26C} =>.MSI
O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM] -- TeamViewer =>.TeamViewer®
O42 - Logiciel: Telegram Desktop version 0.10.19 - (.Telegram Messenger LLP.) [HKCU] -- {53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1 =>.Telegram Messenger LLP
O42 - Logiciel: TuneUp Utilities 2014 (en-US) - (.TuneUp Software.) [HKLM] -- {14C8CE46-C68C-461B-BCA9-E276A85851C6} =>.TuneUp Software
O42 - Logiciel: Update for Skype for Business 2015 (KB3039776) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{9F6B3627-AF9E-40A5-AAD5-3497C4327616} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB3161988) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{245EB15F-A90C-422B-9D3F-3AEEDF028CCC} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB3161988) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{245EB15F-A90C-422B-9D3F-3AEEDF028CCC} =>.Microsoft Corporation®
O42 - Logiciel: Uplayer - (.D-LINK CORPORATION.) [HKLM] -- {246F5A8A-ADB1-4ED9-BE01-C4118E7DB3A5} =>.D-Link Corporation
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} =>.AVG Technologies CZ, s.r.o.
O42 - Logiciel: VNC Enterprise Edition E4.5.1 - (.RealVNC Ltd..) [HKLM] -- RealVNC_is1 =>.RealVNC Ltd.
O42 - Logiciel: VNC Mirror Driver 1.8.0 - (.RealVNC Ltd..) [HKLM] -- VNCMirror_is1 =>.RealVNC Ltd.
O42 - Logiciel: VNC Printer Driver 1.6.0 - (.RealVNC Ltd..) [HKLM] -- VNCPrinter_is1 =>.RealVNC Ltd.
O42 - Logiciel: WD Drive Utilities - (.Western Digital Technologies, Inc..) [HKLM] -- {E61CFDDA-40DD-4400-95CA-12819C50B5C2} =>.Western Digital Technologies, Inc.
O42 - Logiciel: WD Security - (.Western Digital Technologies, Inc..) [HKLM] -- {429a42d7-4c55-44d4-b38a-5872a0d70495} =>.Western Digital Technologies, Inc.®
O42 - Logiciel: WD Security - (.Western Digital Technologies, Inc..) [HKLM] -- {F1D5FC88-4EE0-4D0B-917B-60E930142FB9} =>.Western Digital Technologies, Inc.
O42 - Logiciel: WD SES Driver Setup - (.Western Digital.) [HKLM] -- {924A274D-38B6-4930-8859-F3F51CFA8DDD} =>.Western Digital
O42 - Logiciel: WD SmartWare - (.Western Digital Technologies, Inc..) [HKLM] -- {6EE644CD-FC7F-424C-83EA-9C0285C4FB7F} =>.Western Digital Technologies, Inc.
O42 - Logiciel: Win7codecs - (.Shark007.) [HKLM] -- {8C0CAA7A-3272-4991-A808-2C7559DE3409} =>.Shark007
O42 - Logiciel: Windows 7 USB/DVD Download Tool - (.Microsoft Corporation.) [HKLM] -- {CCF298AF-9CE1-4B26-B251-486E98A34789} =>.Microsoft Corporation
O42 - Logiciel: Windows Driver Package - ENE (EUCR) USB (12/04/2009 5.89.0.64) - (.ENE.) [HKLM] -- 7F523D4F8E191139525DC0260B06BF68E4E581EE =>.ENE Technology Inc.®
O42 - Logiciel: Windows Driver Package - Intel (NETw5s32) net (03/18/2010 13.2.0.30) - (.Intel.) [HKLM] -- 5B1D8E9CE6F89F5466353F3E5A7084A126505FEA =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Intel (NETw5s32) net (09/15/2009 13.0.0.107) - (.Intel.) [HKLM] -- 261F972493946CC8B32688E5247ADD2EE612DEB9 =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Intel (NETw5v32) net (03/18/2010 13.2.0.30) - (.Intel.) [HKLM] -- DA556C9045FE4065F487AF1C9B3992A6AD4C8A66 =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Intel (NETw5v32) net (09/15/2009 13.0.0.107) - (.Intel.) [HKLM] -- FB8C5A1BB9B0EB1DBE21E5BBBF6942439C4FB2F9 =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Ralink (netr28u) Net (11/13/2009 3.00.09.0000) - (.Ralink.) [HKLM] -- AB8CA567F16EA6E1DF917E5D13C2A15AD9BB4B14 =>.Microsoft Windows Component Publisher®
O42 - Logiciel: Windows Driver Package - Ralink Technology, Corp. (netr28) Net (02/09/2010 - (.Ralink Technology, Corp..) [HKLM] -- DA9E83E3434B0A377F6C3573D30A3E6E692E31F2 =>.Microsoft Windows Component Publisher®
O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM] -- {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} =>.Microsoft Corporation
O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM] -- Windows Media Encoder 9 =>.Microsoft Corporation
O42 - Logiciel: WinRAR archiver - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH
O42 - Logiciel: WinZip 15.0 - (.WinZip Computing, S.L..) [HKLM] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240BE} =>.WinZip Computing, S.L.
O42 - Logiciel: ZHPFix 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1 =>.Nicolas Coolman

---\\ HKCU & HKLM Software Keys (129) - 43s
HKLM\SOFTWARE\<company>
HKLM\SOFTWARE\Adobe =>.Adobe
HKLM\SOFTWARE\Adware Removal Tool by TSA =>.TSA Softwares
HKLM\SOFTWARE\Ancestry.com
HKLM\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\Atheros =>.Qualcomm Atheros
HKLM\SOFTWARE\ATI Technologies =>.ATI Technologies
HKLM\SOFTWARE\Avg =>.AVG Software
HKLM\SOFTWARE\BCL Technologies =>.BCL Technologies
HKLM\SOFTWARE\Broadcom =>.Broadcom
HKLM\SOFTWARE\Canon =>.Canon
HKLM\SOFTWARE\Caphyon =>.Caphyon
HKLM\SOFTWARE\CBSTEST =>.CBS Test
HKLM\SOFTWARE\Cisco =>.Cisco Systems, Inc.
HKLM\SOFTWARE\CyberLink =>.CyberLink Corporation
HKLM\SOFTWARE\DivXNetworks =>.DivXNetworks
HKLM\SOFTWARE\FlashGet Network
HKLM\SOFTWARE\g3n-h@ckm@n =>.g3n-h@ckm@n
HKLM\SOFTWARE\Gabest =>.Gabest
HKLM\SOFTWARE\GEAR Software =>.GEAR Software
HKLM\SOFTWARE\GNU =>.GNU
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\GRETECH =>.Gretech
HKLM\SOFTWARE\HaaliMkx =>.Haali Media
HKLM\SOFTWARE\HTC =>.HTC
HKLM\SOFTWARE\IM Providers =>.IM Providers
HKLM\SOFTWARE\inKline Global
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\Internet Download Manager =>.Tonec Inc
HKLM\SOFTWARE\InterVideo =>.InterVideo
HKLM\SOFTWARE\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\KLCodecPack =>.KLite Inc
HKLM\SOFTWARE\LAV =>.LAV Inc
HKLM\SOFTWARE\Macromedia =>.Macromedia
HKLM\SOFTWARE\MimarSinan =>.Mimar Sinan
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\MSI =>.MSI
HKLM\SOFTWARE\Nero =>.Ahead Corporation
HKLM\SOFTWARE\Nico Mak Computing =>.Nico Mak Computing
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Piriform =>.Piriform
HKLM\SOFTWARE\PlotSoft =>.PlotSoft
HKLM\SOFTWARE\PocketSoft
HKLM\SOFTWARE\PS
HKLM\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\RealVNC =>.RealVNC
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\Riverbed
HKLM\SOFTWARE\RTLSetup =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Skype =>.Skype
HKLM\SOFTWARE\StarterBackgroundChanger
HKLM\SOFTWARE\sysinternals =>.Sysinternals
HKLM\SOFTWARE\TeamViewer =>.TeamViewer
HKLM\SOFTWARE\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\WDPA =>.WDPA
HKLM\SOFTWARE\Western Digital =>.Western Digital
HKLM\SOFTWARE\WinRAR =>.WinRAR
HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\3rd Eye Solutions
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\Ancestry.com
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc. =>.Apple Inc.
HKCU\SOFTWARE\ASProtect =>.ASPack Software
HKCU\SOFTWARE\Avg =>.AVG Software
HKCU\SOFTWARE\BugSplat =>.Bugsplat Game
HKCU\SOFTWARE\Canon =>.Canon
HKCU\SOFTWARE\CanonBJ =>.Canon Inc.
HKCU\SOFTWARE\Caphyon =>.Caphyon
HKCU\SOFTWARE\CDDB =>.Cddb Software
HKCU\SOFTWARE\Cisco =>.Cisco Systems, Inc.
HKCU\SOFTWARE\Code Industry
HKCU\SOFTWARE\CyberLink =>.CyberLink Corporation
HKCU\SOFTWARE\dlink
HKCU\SOFTWARE\DownloadManager =>.DownloadManager
HKCU\SOFTWARE\FileHippo.com =>.FileHippo.com
HKCU\SOFTWARE\FileOpen =>.FileOpen Systems Inc.
HKCU\SOFTWARE\FreeTime =>.FreeTime Inc
HKCU\SOFTWARE\g3n-h@ckm@n =>.g3n-h@ckm@n
HKCU\SOFTWARE\Gabest =>.Gabest
HKCU\SOFTWARE\GNU =>.GNU
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\GRETECH =>.Gretech
HKCU\SOFTWARE\HTC =>.HTC
HKCU\SOFTWARE\ihelper =>.Legitimate
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\InstallPath =>.Legitimate
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\Lake =>.Lake Sofware
HKCU\SOFTWARE\LAV =>.LAV Inc
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\MediaInfo =>.Jérôme Martinez
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKCU\SOFTWARE\MSI =>.MSI
HKCU\SOFTWARE\Nero =>.Ahead Corporation
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\Nitro =>.Nitro
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\Opera Software =>.Opera Software
HKCU\SOFTWARE\pdfconverter.com =>.pdfconverter.com
HKCU\SOFTWARE\Photobook Designer
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\PIXAJOY Editor
HKCU\SOFTWARE\PlotSoft =>.PlotSoft
HKCU\SOFTWARE\pocketsoft
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\RealVNC =>.RealVNC
HKCU\SOFTWARE\Riverbed
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\Sysinternals =>.Sysinternals
HKCU\SOFTWARE\TeamViewer =>.TeamViewer
HKCU\SOFTWARE\Teiron =>.Teiron
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\TuneUp =>.TuneUp
HKCU\SOFTWARE\Western Digital =>.Western Digital
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\ZebHelpProcess Helper =>.Nicolas Coolman
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft =>.JavaSoft

---\\ Contents of the Common Files folders (293) - 31s
O43 - CFD: 14/03/2015 - [] D -- C:\Program Files\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 11/03/2017 - [] D -- C:\Program Files\Adware Removal Tool by TSA =>.TSA Softwares
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\AmIcoSingLun =>.Alcor Micro Corporation
O43 - CFD: 22/08/2015 - [] D -- C:\Program Files\Atheros =>.Qualcomm Atheros
O43 - CFD: 07/07/2015 - [] D -- C:\Program Files\AVG =>.AVG Software
O43 - CFD: 18/09/2015 - [] D -- C:\Program Files\BCL Technologies =>.BCL Technologies
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Broadcom =>.Broadcom Corporation®
O43 - CFD: 28/10/2016 - [] D -- C:\Program Files\Canon =>.Canon Inc.®
O43 - CFD: 28/10/2016 - [] HD -- C:\Program Files\CanonBJ =>.Canon Inc.
O43 - CFD: 04/02/2017 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd
O43 - CFD: 22/06/2014 - [] D -- C:\Program Files\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 14/11/2014 - [] D -- C:\Program Files\Code Industry
O43 - CFD: 11/03/2017 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 13/04/2012 - [] D -- C:\Program Files\CyberLink =>.CyberLink Corporation
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\DIFX =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\DVD Maker =>.Aone Software
O43 - CFD: 18/09/2015 - [] D -- C:\Program Files\Family Tree Maker 2012 {0617082F262673EB00DF1F193DE22525}
O43 - CFD: 09/10/2016 - [] D -- C:\Program Files\FileHippo.com =>.Well Known Media Ltd®
O43 - CFD: 28/02/2012 - [] D -- C:\Program Files\FlashGet Network =>.FlashGet
O43 - CFD: 21/08/2012 - [] D -- C:\Program Files\FreeTime =>.FreeTime
O43 - CFD: 09/10/2016 - [] D -- C:\Program Files\Google =>.Google Inc®
O43 - CFD: 28/02/2012 - [] D -- C:\Program Files\GRETECH =>.GRETECH®
O43 - CFD: 07/02/2015 - [] D -- C:\Program Files\HTC =>.HTC
O43 - CFD: 12/09/2015 - [] D -- C:\Program Files\inKline Global
O43 - CFD: 12/09/2015 - [] HD -- C:\Program Files\InstallShield Installation Information =>.InstallShield Software
O43 - CFD: 13/04/2012 - [] D -- C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 24/07/2016 - [] D -- C:\Program Files\Internet Download Manager =>.Tonec Inc
O43 - CFD: 17/12/2016 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 04/02/2017 - [] D -- C:\Program Files\Java =>.Oracle
O43 - CFD: 28/02/2012 - [] D -- C:\Program Files\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Lenovo =>.Lenovo
O43 - CFD: 30/10/2016 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes
O43 - CFD: 16/04/2012 - [] D -- C:\Program Files\Microsoft Analysis Services =>.Microsoft Corporation
O43 - CFD: 21/09/2013 - [] D -- C:\Program Files\Microsoft Application Virtualization Client =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Microsoft Games =>.Microsoft Corporation
O43 - CFD: 09/09/2015 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 05/02/2017 - [] D -- C:\Program Files\Microsoft Security Client =>.Microsoft Corporation
O43 - CFD: 24/11/2016 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 09/09/2015 - [] D -- C:\Program Files\Microsoft SQL Server =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\Program Files\Microsoft Sync Framework =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\Program Files\Microsoft Synchronization Services =>.Microsoft Corporation
O43 - CFD: 16/09/2015 - [] D -- C:\Program Files\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 24/11/2016 - [] D -- C:\Program Files\Mozilla Firefox =>.Mozilla
O43 - CFD: 09/09/2015 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 22/08/2015 - [] D -- C:\Program Files\MSECache =>.Microsoft Corporation
O43 - CFD: 02/09/2012 - [0] D -- C:\Program Files\MSXML 4.0 =>.Microsoft Corporation
O43 - CFD: 03/02/2014 - [] D -- C:\Program Files\My Photo Creations (Photobookmart Edition) {00B0948F9E29EED75E31BAF47F5061A0D3}
O43 - CFD: 31/01/2014 - [] D -- C:\Program Files\Nero =>.Ahead Corporation
O43 - CFD: 31/01/2014 - [] D -- C:\Program Files\OpenOffice.org 3 =>.SourceForge
O43 - CFD: 22/08/2015 - [] D -- C:\Program Files\Opera =>.Opera Software
O43 - CFD: 03/09/2016 - [] D -- C:\Program Files\PDF Password Remover
O43 - CFD: 25/12/2013 - [] D -- C:\Program Files\Photobook Designer
O43 - CFD: 08/09/2015 - [] D -- C:\Program Files\Pismo File Mount Audit Package =>.Pismo Technic Inc.®
O43 - CFD: 11/10/2014 - [] D -- C:\Program Files\PIXAJOY Editor
O43 - CFD: 14/11/2014 - [] D -- C:\Program Files\PlotSoft =>.PlotSoft
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Realtek =>.Realtek
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\REALTEK PCIE Wireless LAN Driver =>.Realtek Semiconductor Corp.
O43 - CFD: 22/06/2014 - [] D -- C:\Program Files\RealVNC =>.RealVNC
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 02/11/2014 - [] D -- C:\Program Files\Riverbed
O43 - CFD: 26/02/2017 - [] D -- C:\Program Files\RogueKiller =>.Adlice
O43 - CFD: 13/04/2012 - [] D -- C:\Program Files\S-Bar
O43 - CFD: 24/05/2015 - [] D -- C:\Program Files\Save my Tabs
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Sidewise Tree Style Tabs
O43 - CFD: 07/02/2015 - [] D -- C:\Program Files\Spirent Communications =>.Spirent Communications
O43 - CFD: 31/01/2014 - [] D -- C:\Program Files\StarterBackgroundChanger
O43 - CFD: 20/10/2015 - [] D -- C:\Program Files\TeamViewer =>.TeamViewer®
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 07/09/2015 - [] D -- C:\Program Files\Western Digital =>.Western Digital Technologies, Inc.®
O43 - CFD: 28/02/2012 - [] D -- C:\Program Files\Win7codecs =>.Shark007
O43 - CFD: 14/07/2013 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Windows Live =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 18/09/2015 - [] D -- C:\Program Files\Windows Media Components =>.Microsoft Corporation®
O43 - CFD: 07/12/2016 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\Program Files\WinRAR =>.WinRAR
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\WinZip =>.WinZip Computing®
O43 - CFD: 11/03/2017 - [] D -- C:\Program Files\ZHPFix =>.Nicolas Coolman
O43 - CFD: 08/09/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 09/07/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 28/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX420 series
O43 - CFD: 28/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities =>.Canon Inc.
O43 - CFD: 21/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd
O43 - CFD: 22/06/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 28/02/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam =>.CyberLink Corporation
O43 - CFD: 18/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Family Tree Maker 2012
O43 - CFD: 28/02/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashGet3.7
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 12/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player =>.Gretech Corporation
O43 - CFD: 07/02/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC =>.HTC
O43 - CFD: 28/07/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 04/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
O43 - CFD: 28/02/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 30/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware =>.Malwarebytes
O43 - CFD: 14/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Master PDF Editor =>.CAD-KAS Software
O43 - CFD: 09/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 26/02/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 =>.Microsoft Corporation
O43 - CFD: 13/04/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English) =>.Microsoft Corporation
O43 - CFD: 24/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 03/02/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Photo Creations (Photobookmart Edition)
O43 - CFD: 31/01/2014 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.1 =>.SourceForge
O43 - CFD: 14/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill =>.PlotSoft L.L.C.
O43 - CFD: 25/12/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photobook Designer
O43 - CFD: 08/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pismo File Mount Audit Package
O43 - CFD: 12/10/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PIXAJOY Editor
O43 - CFD: 22/06/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealVNC =>.RealVNC
O43 - CFD: 26/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller =>.Adlice
O43 - CFD: 13/04/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S-Bar
O43 - CFD: 16/04/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint =>.Microsoft Corporation
O43 - CFD: 28/02/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs =>.Shark007
O43 - CFD: 21/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 02/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steelhead Mobile
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital =>.Western Digital
O43 - CFD: 28/02/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live =>.Microsoft Corporation
O43 - CFD: 18/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip =>.WinZip
O43 - CFD: 11/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 31/01/2014 - [] D -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 =>.GEAR Software, Inc.
O43 - CFD: 14/03/2015 - [] D -- C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\AmUStor =>.Alocr Micro
O43 - CFD: 01/07/2012 - [] D -- C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 01/07/2012 - [] D -- C:\ProgramData\Apple Computer =>.Apple Inc.
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\ashampoo =>.Ashampoo GmbH
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\Atheros =>.Qualcomm Atheros
O43 - CFD: 30/06/2012 - [] D -- C:\ProgramData\boost_interprocess =>.boost.org
O43 - CFD: 28/10/2016 - [0] D -- C:\ProgramData\Canon IJ Network Tool =>.Canon Inc.
O43 - CFD: 28/10/2016 - [] HD -- C:\ProgramData\CanonBJ =>.Canon Inc.
O43 - CFD: 28/10/2016 - [] HD -- C:\ProgramData\CanonIJFAX =>.Canon Inc.
O43 - CFD: 28/10/2016 - [] D -- C:\ProgramData\CanonIJWSpt =>.Canon Inc.
O43 - CFD: 22/06/2014 - [] D -- C:\ProgramData\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 04/03/2013 - [] HD -- C:\ProgramData\Common Files =>.Microsoft Corporation
O43 - CFD: 19/05/2012 - [] D -- C:\ProgramData\CyberLink =>.CyberLink Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites =>.Microsoft Corporation
O43 - CFD: 05/10/2013 - [] D -- C:\ProgramData\FileOpen =>.FileOpen Systems Inc.
O43 - CFD: 09/10/2016 - [] D -- C:\ProgramData\Google =>.Google
O43 - CFD: 06/10/2014 - [] D -- C:\ProgramData\GRETECH =>.Gretech
O43 - CFD: 07/02/2015 - [] D -- C:\ProgramData\HTC =>.HTC
O43 - CFD: 21/03/2015 - [] D -- C:\ProgramData\IsolatedStorage =>.id Software
O43 - CFD: 12/09/2015 - [] D -- C:\ProgramData\Malwarebytes =>.Malwarebytes
O43 - CFD: 21/11/2016 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 26/02/2017 - [] D -- C:\ProgramData\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 31/01/2014 - [] D -- C:\ProgramData\Nero =>.Ahead Corporation
O43 - CFD: 25/05/2013 - [] D -- C:\ProgramData\Nitro =>.Nitro
O43 - CFD: 04/02/2017 - [] D -- C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\PDVD =>.PDVD
O43 - CFD: 14/11/2014 - [0] D -- C:\ProgramData\PlotSoft =>.PlotSoft
O43 - CFD: 21/08/2016 - [] D -- C:\ProgramData\ProductData =>.Microsoft Corporation
O43 - CFD: 09/09/2015 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 02/11/2014 - [] D -- C:\ProgramData\Riverbed
O43 - CFD: 26/02/2017 - [] D -- C:\ProgramData\RogueKiller =>.Adlice
O43 - CFD: 09/10/2016 - [] D -- C:\ProgramData\Skype =>.Skype
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 09/07/2015 - [0] D -- C:\ProgramData\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 04/05/2012 - [] D -- C:\ProgramData\VirtualizedApplications =>.Microsoft Corporation
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\Western Digital =>.Western Digital
O43 - CFD: 28/02/2012 - [] D -- C:\ProgramData\Win7codecs =>.Shark007
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\WinZip =>.WinZip
O43 - CFD: 07/10/2015 - [] HD -- C:\ProgramData\{484395D8-1F9B-4C71-9DA9-A64CBD0E8DE2}
O43 - CFD: 14/03/2015 - [] D -- C:\Program Files\Common Files\Adobe =>.Adobe
O43 - CFD: 09/09/2015 - [] D -- C:\Program Files\Common Files\DESIGNER =>.Designer
O43 - CFD: 12/09/2015 - [] D -- C:\Program Files\Common Files\InstallShield =>.InstallShield
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Common Files\Intel =>.Intel Corporation
O43 - CFD: 04/02/2017 - [] D -- C:\Program Files\Common Files\Java =>.Oracle
O43 - CFD: 16/09/2015 - [] D -- C:\Program Files\Common Files\microsoft shared =>.Microsoft Corporation
O43 - CFD: 07/02/2015 - [] D -- C:\Program Files\Common Files\Nero =>.Ahead Corporation
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Common Files\postureAgent =>.Microsoft Corporation
O43 - CFD: 30/10/2014 - [] D -- C:\Program Files\Common Files\PS
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\SpeechEngines =>.Microsoft Corporation
O43 - CFD: 16/09/2015 - [] D -- C:\Program Files\Common Files\System =>.Microsoft Corporation
O43 - CFD: 07/09/2015 - [] D -- C:\Program Files\Common Files\Western Digital =>.Western Digital
O43 - CFD: 28/02/2012 - [] D -- C:\Program Files\Common Files\Windows Live =>.Microsoft Corporation
O43 - CFD: 25/02/2014 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 08/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Apple Computer =>.Apple Inc.
O43 - CFD: 01/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\BITS =>.BITS
O43 - CFD: 21/11/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\BitTorrent
O43 - CFD: 28/10/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Canon =>.Canon
O43 - CFD: 19/05/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\CyberLink =>.CyberLink Corporation
O43 - CFD: 14/10/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\dlink
O43 - CFD: 23/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\DMCache =>.DMCache
O43 - CFD: 27/11/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 08/08/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\FamilyTreeMaker
O43 - CFD: 05/10/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\FileOpen =>.FileOpen Systems Inc.
O43 - CFD: 01/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\FlashGet =>.FlashGet
O43 - CFD: 08/07/2014 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Google =>.Google
O43 - CFD: 01/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\GRETECH =>.Gretech
O43 - CFD: 07/02/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\HTC =>.HTC
O43 - CFD: 13/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Identities =>.Microsoft Corporation
O43 - CFD: 28/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\IDM =>.IDM
O43 - CFD: 25/08/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\ihelper
O43 - CFD: 06/10/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\ILOVEPHOTOBOOK v2.5.4
O43 - CFD: 23/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 21/03/2015 - [0] D -- C:\Users\MSI CR-460\AppData\Roaming\Media Player Classic =>.Microsoft Corporation
O43 - CFD: 28/08/2016 - [] SD -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 01/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Nero =>.Ahead Corporation
O43 - CFD: 05/10/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Nitro =>.Nitro
O43 - CFD: 27/11/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Nitro PDF =>.Nitro PDF
O43 - CFD: 22/08/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Opera Software =>.Opera Software
O43 - CFD: 11/10/2014 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Oracle =>.Oracle
O43 - CFD: 01/01/2014 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Photobook Designer
O43 - CFD: 12/10/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\PIXAJOY Editor
O43 - CFD: 08/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\ProductData =>.Microsoft Corporation
O43 - CFD: 22/06/2014 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\RealVNC =>.RealVNC
O43 - CFD: 13/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\RGE
O43 - CFD: 18/09/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Skype =>.Skype
O43 - CFD: 28/10/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\SoftGrid Client =>.Microsoft Corporation
O43 - CFD: 08/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Sun =>.Oracle
O43 - CFD: 21/06/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\TeamViewer =>.TeamViewer
O43 - CFD: 04/02/2017 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Telegram Desktop =>.Telegram Messenger LLP
O43 - CFD: 13/04/2012 - [0] D -- C:\Users\MSI CR-460\AppData\Roaming\TP =>.TP
O43 - CFD: 16/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 11/03/2017 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 04/02/2017 - [] D -- C:\Users\MSI CR-460\AppData\Local\Adobe =>.Adobe
O43 - CFD: 18/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Ancestry.com
O43 - CFD: 13/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\Apple =>.Apple Inc.
O43 - CFD: 07/02/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Apple Computer =>.Apple Inc.
O43 - CFD: 13/04/2012 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 03/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\Apps =>.Microsoft Corporation
O43 - CFD: 24/12/2013 - [] D -- C:\Users\MSI CR-460\AppData\Local\cache =>.Legitimate
O43 - CFD: 22/06/2014 - [] D -- C:\Users\MSI CR-460\AppData\Local\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 19/05/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\CyberLink =>.CyberLink Corporation
O43 - CFD: 26/02/2017 - [0] D -- C:\Users\MSI CR-460\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 28/06/2015 - [0] D -- C:\Users\MSI CR-460\AppData\Local\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 26/02/2017 - [0] D -- C:\Users\MSI CR-460\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 07/07/2015 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\EmieBrowserModeList =>.Enterprise mode Site List Mgr
O43 - CFD: 07/07/2015 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\EmieSiteList =>.Enterprise mode Site List Mgr
O43 - CFD: 07/07/2015 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\EmieUserList =>.Enterprise mode Site List Mgr
O43 - CFD: 23/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Local\Google =>.Google
O43 - CFD: 13/04/2012 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 08/08/2016 - [] D -- C:\Users\MSI CR-460\AppData\Local\HTC MediaHub =>.HTC MediaHub
O43 - CFD: 18/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\IsolatedStorage =>.id Software
O43 - CFD: 11/08/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\Macromedia =>.Macromedia
O43 - CFD: 14/11/2014 - [0] D -- C:\Users\MSI CR-460\AppData\Local\Master PDF Editor =>.CAD-KAS Software
O43 - CFD: 13/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\MediaServer =>.MediaServer
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\MFAData =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 21/08/2016 - [] D -- C:\Users\MSI CR-460\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 01/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 13/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\MSI =>.MSI
O43 - CFD: 22/08/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Opera Software =>.Opera Software
O43 - CFD: 23/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 21/03/2015 - [0] D -- C:\Users\MSI CR-460\AppData\Local\RealVNC =>.RealVNC
O43 - CFD: 01/05/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\SoftGrid Client =>.Microsoft Corporation
O43 - CFD: 11/03/2017 - [] D -- C:\Users\MSI CR-460\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 13/04/2012 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 20/08/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 07/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Western Digital =>.Western Digital
O43 - CFD: 07/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Western_Digital_Technolog =>.Western Digital Technologies
O43 - CFD: 30/10/2014 - [0] D -- C:\Users\MSI CR-460\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 23/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Local\Programs\Google =>.Google
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 24/11/2016 - [] RD -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 21/08/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory =>.FormatFactory
O43 - CFD: 23/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Photos Backup =>.Google Inc.
O43 - CFD: 28/07/2016 - [0] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 03/09/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Password Remover
O43 - CFD: 24/11/2016 - [] RD -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 28/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop =>.Telegram Messenger LLP
O43 - CFD: 03/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 02/05/2012 - [0] D -- C:\Users\Default\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 02/05/2012 - [0] D -- C:\Users\Default User\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 25/02/2013 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\Google =>.Google
O43 - CFD: 27/02/2012 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\MediaServer =>.MediaServer
O43 - CFD: 23/05/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 24/05/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\SoftGrid Client =>.Microsoft Corporation
O43 - CFD: 01/07/2012 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\Apple Computer =>.Apple Inc.
O43 - CFD: 28/02/2012 - [] SD -- C:\windows\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 11/03/2017 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\SoftGrid Client =>.Microsoft Corporation

---\\ ShellIconOverlayIdentifiers (SIOI) (10) - 0s
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation

---\\ ShareTools MSconfig StartupReg (1) - 0s
O53 - SMSR:HKLM\...\startupreg\MSC [Key] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe =>.Microsoft Corporation

---\\ System Drivers List (88) - 18s
O58 - SDL:2013/08/31 01:51:25 RA . (.Cisco Systems, Inc. - Cisco AnyConnect Kernel Driver Framework So.) -- C:\windows\System32\drivers\acsock.sys [92112] =>.Cisco Systems, Inc.®
O58 - SDL:2009/07/14 05:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\windows\System32\drivers\adp94xx.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\windows\System32\drivers\adpahci.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\windows\System32\drivers\adpu320.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\windows\System32\drivers\aliide.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/11 09:38:37 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\windows\System32\drivers\amdsata.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\windows\System32\drivers\amdsbs.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/11 09:38:37 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\windows\System32\drivers\amdxata.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\windows\System32\drivers\arc.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\windows\System32\drivers\arcsas.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/06/26 21:37:12 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\windows\System32\drivers\athr.sys [92112] =>.Atheros Communications, Inc.
O58 - SDL:2009/07/14 02:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\windows\System32\drivers\b57nd60x.sys [92112] =>.Broadcom Corporation
O58 - SDL:2009/07/14 02:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\windows\System32\drivers\BrFiltLo.sys [92112] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 02:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\windows\System32\drivers\BrFiltUp.sys [92112] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 04:57:25 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\windows\System32\drivers\BrSerId.sys [92112] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\windows\System32\drivers\BrSerWdm.sys [92112] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\windows\System32\drivers\BrUsbMdm.sys [92112] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\windows\System32\drivers\BrUsbSer.sys [92112] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\windows\System32\drivers\bxvbdx.sys [92112] =>.Broadcom Corporation
O58 - SDL:2010/08/20 22:49:06 A . (.CyberLink Corporation - CyberLink WebCam Virtual Driver.) -- C:\windows\System32\drivers\clwvd.sys [92112] =>.CyberLink®
O58 - SDL:2009/07/14 05:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\windows\System32\drivers\cmdide.sys [92112] =>.Microsoft Windows®
O58 - SDL:2010/11/11 10:11:08 A . (.Realtek Semiconductor Corp. - Realtek Turbo Mode Filter Driver for 39.) -- C:\windows\System32\drivers\diskperf.sys [92112] =>.Realtek Semiconductor Corp®
O58 - SDL:2009/07/14 05:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\windows\System32\drivers\djsvs.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\windows\System32\drivers\elxstor.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\windows\System32\drivers\evbdx.sys [92112] =>.Broadcom Corporation
O58 - SDL:2009/07/14 02:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\windows\System32\drivers\hcw85cir.sys [92112] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2010/10/20 04:33:40 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\windows\System32\drivers\HECI.sys [92112] =>.Intel Corporation
O58 - SDL:2009/07/14 05:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\windows\System32\drivers\HpSAMD.sys [92112] =>.Microsoft Windows®
O58 - SDL:2013/10/17 11:27:02 A . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\windows\System32\drivers\htcnprot.sys [92112] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2009/10/27 07:01:06 A . (.QUALCOMM Incorporated - USB Modem/Serial Device Driver.) -- C:\windows\System32\drivers\HtcVComV32.sys [92112] =>.QUALCOMM Incorporated
O58 - SDL:2015/09/08 08:52:09 A . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\windows\System32\drivers\HWiNFO32.SYS [92112] =>.Martin Malik - REALiX®
O58 - SDL:2011/03/11 09:38:51 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\windows\System32\drivers\iaStorV.sys [92112] =>.Microsoft Windows®
O58 - SDL:2012/01/27 04:48:06 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\windows\System32\drivers\idmwfp.sys [92112] =>.Tonec Inc.®
O58 - SDL:2012/03/19 19:27:04 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\windows\System32\drivers\igdkmd32.sys [92112] =>.Intel Corporation
O58 - SDL:2009/07/14 05:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\windows\System32\drivers\iirsp.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/30 12:11:38 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\windows\System32\drivers\IntcDAud.sys [92112] =>.Intel(R) Corporation
O58 - SDL:2010/07/28 20:25:02 A . (.Initio Corporation - Initio Default Vendor Specific Device Drive.) -- C:\windows\System32\drivers\ivusb.sys [92112] =>.Initio Corporation®
O58 - SDL:2010/10/21 10:57:18 A . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controll.) -- C:\windows\System32\drivers\L1C62x86.sys [92112] =>.Atheros Communications Inc.®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\windows\System32\drivers\lsi_fc.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\windows\System32\drivers\lsi_sas.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\windows\System32\drivers\lsi_sas2.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\windows\System32\drivers\lsi_scsi.sys [92112] =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:08:52 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\windows\System32\drivers\mbam.sys [92112] =>.Malwarebytes Corporation®
O58 - SDL:2016/03/10 14:08:56 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\windows\System32\drivers\mbamchameleon.sys [92112] =>.Malwarebytes Corporation®
O58 - SDL:2017/02/04 07:54:26 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\windows\System32\drivers\MBAMSwissArmy.sys [92112] =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\windows\System32\drivers\megasas.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\windows\System32\drivers\MegaSR.sys [92112] =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:09:04 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\windows\System32\drivers\mwac.sys [92112] =>.Malwarebytes Corporation®
O58 - SDL:2009/11/14 05:44:34 A . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) -- C:\windows\System32\drivers\netr28u.sys [92112] =>.Ralink Technology Corp.
O58 - SDL:2009/07/14 05:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\windows\System32\drivers\nfrd960.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/11 09:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\windows\System32\drivers\nvraid.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/11 09:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\windows\System32\drivers\nvstor.sys [92112] =>.Microsoft Windows®
O58 - SDL:2015/07/01 01:56:32 A . (.Pismo Technic Inc. - System Extension - Pismo File Mount.) -- C:\windows\System32\drivers\pfmfs_178.sys [92112] =>.Pismo Technic Inc.®
O58 - SDL:2009/07/14 05:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\windows\System32\drivers\ql2300.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\windows\System32\drivers\ql40xx.sys [92112] =>.Microsoft Windows®
O58 - SDL:2013/10/07 12:36:30 A . (.Riverbed Technology, Inc - Steelhead Mobile Client.) -- C:\windows\System32\drivers\rbtnfd.sys [92112]
O58 - SDL:2011/06/10 02:34:52 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) -- C:\windows\System32\drivers\Rt86win7.sys [92112] =>.Realtek Semiconductor Corp®
O58 - SDL:2011/01/04 21:08:58 A . (.Realtek Semiconductor Corporation - Realtek RTL81892CE NDIS Driverr.) -- C:\windows\System32\drivers\rtl8192ce.sys [92112] =>.Realtek Semiconductor Corp®
O58 - SDL:2011/03/15 14:09:16 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\windows\System32\drivers\RtsUVStor.sys [92112] =>.Realtek Semiconductor Corp®
O58 - SDL:2009/07/14 00:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\windows\System32\drivers\secdrv.sys [92112] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2009/07/14 05:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\windows\System32\drivers\sisraid2.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\windows\System32\drivers\sisraid4.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\windows\System32\drivers\stexstor.sys [92112] =>.Microsoft Windows®
O58 - SDL:2017/02/26 16:10:05 A . (...) -- C:\windows\System32\drivers\TrueSight.sys [92112] =>.Adlice®
O58 - SDL:2017/02/25 12:40:53 A . (.Zaitsev Oleg, 2006 - AVZGuard Driver.) -- C:\windows\System32\drivers\ujiyodk3.sys [92112]
O58 - SDL:2012/12/13 10:50:38 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\windows\System32\drivers\usbaapl.sys [92112] =>.Apple, Inc.
O58 - SDL:2017/02/05 13:40:58 A . (.Zaitsev Oleg, Copyright (C) 2004-2006 - AVZ Driver.) -- C:\windows\System32\drivers\utiyodk3.sys [92112]
O58 - SDL:2009/07/14 05:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\windows\System32\drivers\viaide.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/24 20:21:14 A . (.RealVNC Ltd. - VNC Mirror Miniport.) -- C:\windows\System32\drivers\vncmirror.sys [92112] =>.RealVNC Ltd.
O58 - SDL:2013/08/31 01:53:13 A . (.Cisco Systems, Inc. - Cisco AnyConnect Secure Mobility Client Vir.) -- C:\windows\System32\drivers\vpnva-6.sys [92112] =>.Cisco Systems, Inc.®
O58 - SDL:2009/07/14 05:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\windows\System32\drivers\vsmraid.sys [92112] =>.Microsoft Windows®
O58 - SDL:2015/04/30 00:01:06 A . (.Western Digital Technologies - WD SCSI Architecture Model (SAM) driver.) -- C:\windows\System32\drivers\wdcsam.sys [92112] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2009/07/14 01:40:41 A . (...) -- C:\windows\System32\ANSI.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/10/05 21:31:50 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\windows\System32\athr.sys [92112] =>.Atheros Communications, Inc.
O58 - SDL:2009/07/14 01:40:44 A . (...) -- C:\windows\System32\country.sys [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:40 A . (...) -- C:\windows\System32\HIMEM.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:43 A . (...) -- C:\windows\System32\KEY01.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:43 A . (...) -- C:\windows\System32\KEYBOARD.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:23 A . (...) -- C:\windows\System32\NTDOS.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:31 A . (...) -- C:\windows\System32\NTDOS404.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:35 A . (...) -- C:\windows\System32\NTDOS411.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:39 A . (...) -- C:\windows\System32\NTDOS412.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:27 A . (...) -- C:\windows\System32\NTDOS804.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:11 A . (...) -- C:\windows\System32\NTIO.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:15 A . (...) -- C:\windows\System32\NTIO404.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:17 A . (...) -- C:\windows\System32\NTIO411.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:19 A . (...) -- C:\windows\System32\NTIO412.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:13 A . (...) -- C:\windows\System32\NTIO804.SYS [92112] =>.Microsoft Corporation

---\\ Last modified or created user files (1) - 34s
O61 - LFC: 2017/03/11 05:26:02 A . (.Copyright © 2015.) -- C:\Users\MSI CR-460\Desktop\Adware Removal Tool by TSA.exe [752296] {317DD1C55F51AC2756D9C93C060C6FA5}

---\\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (8) - 0s
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

---\\ Search Browser Infection (4) - 4s
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - (Google) - http://www.google.com/ =>.Google Inc.
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM] {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - (Google) - http://www.google.com/ =>.Google Inc.

---\\ Search Svchost Services (32) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [92112] =>.Microsoft Corporation

---\\ Additional Scan (O88) (1) - 0s
~ No malicious or unnecessary items found.

---\\ Summary of the elements found (1) - 0s
~ No malicious or unnecessary items found.

~ Unselected Options: O82,
~ End of the scan, 71476 items in 04mn18s (1026)(0)
Click to expand...
 
#46
Right click autoruns run as administrator.
Scroll to the task scheduler tab and the uncheck the items below.

upload_2017-3-11_6-34-48.png


+ "\Microsoft\Windows\Autochk\Proxy" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
+ "\Microsoft\Windows\SystemRestore\SR" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
+ "\Microsoft\Windows\Tcpip\IpAddressConflict1" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
+ "\Microsoft\Windows\Tcpip\IpAddressConflict2" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
+ "\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
+ "\Microsoft\Windows\WindowsBackup\AutomaticBackup" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
+ "\WPD\SqmUpload_S-1-5-21-590680974-46065942-2644484873-1000" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""

Reboot the machine and see if the error persist.
 
#48
Please post a new autoruns log for review...
Then....
Windows Repair.

Install (use the direct download) the Tweaking.com - Windows all in one repair tool. Then boot Windows into Safe Mode, (Make Certain To Run This Program As Administrator) then run through the Prescan on step 2 tab. Then skip to step 5 and create a system restore point. Then go to the repair tab...

Notice create a registry backup is ticked by default, so no need to do so in step 5...
upload_2017-1-5_18-37-26-png.1290


Now run the program, with the boxes ticked in the picture below.

Click Image Below For Better Resolution.

upload_2017-1-5_18-40-40-png.1292


May want to save picture or write down what boxes need ticked, since you will run this in Safe Mode.


Important: Make certain to reboot twice after running this tool!!
 
#49
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" "" "08/9/2015 8:23 AM" ""
+ "rdpclip" "" "" "File not found: rdpclip" "" ""
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "28/2/2017 7:58 PM" ""
+ "CCleaner" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe" "08/2/2017 6:17 AM" ""
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" "" "21/8/2016 1:01 PM" ""
+ "Google Chrome" "Google Chrome Installer" "Google Inc." "c:\program files\google\chrome\application\56.0.2924.87\installer\chrmstp.exe" "01/2/2017 11:48 AM" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe" "14/7/2009 3:42 AM" ""
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" "" "23/4/2012 4:47 AM" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office15\msoxmlmf.dll" "18/12/2013 12:15 AM" ""
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" "" "25/2/2017 12:07 PM" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll" "07/11/2012 2:30 PM" ""
+ "osf" "Microsoft Office 2013 component" "Microsoft Corporation" "c:\program files\microsoft office\office15\msosb.dll" "20/4/2016 2:34 AM" ""
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll" "10/11/2010 2:56 PM" ""
+ "wlpg" "Windows Live Album Download Protocol Handler" "Microsoft Corporation" "c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll" "10/11/2010 2:21 PM" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" "" "16/4/2012 3:31 AM" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "21/11/2016 7:12 PM" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "15/11/2016 7:58 AM" ""
+ "PismoFileMountAuditPackage" "Shell Extension - Pismo File Mount Audit Package" "Pismo Technic Inc." "c:\windows\system32\pfmshx_178.dll" "01/7/2015 1:57 AM" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers" "" "" "" "21/11/2016 7:12 PM" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "15/11/2016 7:58 AM" ""
+ "PismoFileMountAuditPackage" "Shell Extension - Pismo File Mount Audit Package" "Pismo Technic Inc." "c:\windows\system32\pfmshx_178.dll" "01/7/2015 1:57 AM" ""
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" "" "07/9/2015 10:31 AM" ""
+ "WDBackupPropSheetHandler" "WD ContextMenu Handler" "Western Digital Technologies, Inc." "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll" "23/7/2014 2:19 AM" ""
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "30/10/2016 4:23 AM" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "21/11/2016 7:12 PM" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "15/11/2016 7:58 AM" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" "" "27/2/2012 9:53 AM" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll" "12/12/2009 2:11 PM" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll" "29/10/2010 10:23 PM" ""
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "16/4/2012 3:31 AM" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll" "14/7/2009 5:09 AM" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll" "20/3/2012 2:12 AM" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" "" "14/3/2015 2:25 PM" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll" "11/5/2013 1:34 PM" ""
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "30/10/2016 4:23 AM" ""
+ "PismoFileMountAuditPackage" "Shell Extension - Pismo File Mount Audit Package" "Pismo Technic Inc." "c:\windows\system32\pfmshx_178.dll" "01/7/2015 1:57 AM" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" "" "27/2/2012 9:53 AM" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll" "12/12/2009 2:11 PM" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll" "29/10/2010 10:23 PM" ""
"HKLM\Software\Classes\Folder\ShellEx\PropertySheetHandlers" "" "" "" "07/9/2015 10:31 AM" ""
+ "WDBackupPropSheetHandler" "WD ContextMenu Handler" "Western Digital Technologies, Inc." "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll" "23/7/2014 2:19 AM" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "23/7/2016 8:02 PM" ""
+ " SkyDrivePro1 (ErrorConflict)" "Microsoft OneDrive for Business Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office15\grooveex.dll" "01/11/2016 11:14 AM" ""
+ " SkyDrivePro2 (SyncInProgress)" "Microsoft OneDrive for Business Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office15\grooveex.dll" "01/11/2016 11:14 AM" ""
+ " SkyDrivePro3 (InSync)" "Microsoft OneDrive for Business Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office15\grooveex.dll" "01/11/2016 11:14 AM" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "05/2/2017 12:41 PM" ""
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
+ "Java(tm) Plug-In 2 SSV Helper" "Java(TM) Platform SE binary" "Oracle Corporation" "c:\program files\java\jre1.8.0_121\bin\jp2ssv.dll" "13/12/2016 7:00 AM" ""
+ "Java(tm) Plug-In SSV Helper" "Java(TM) Platform SE binary" "Oracle Corporation" "c:\program files\java\jre1.8.0_121\bin\ssv.dll" "13/12/2016 7:00 AM" ""
+ "Microsoft SkyDrive Pro Browser Helper" "Microsoft OneDrive for Business Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office15\grooveex.dll" "01/11/2016 11:14 AM" ""
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office15\urlredir.dll" "18/12/2013 12:06 AM" ""
+ "Skype for Business Browser Helper" "Skype for Business" "Microsoft Corporation" "c:\program files\microsoft office\office15\ochelper.dll" "13/12/2016 10:42 AM" ""
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll" "22/9/2010 1:01 AM" ""
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files\windows live\companion\companioncore.dll" "10/11/2010 2:02 PM" ""
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" "" "09/9/2015 11:58 AM" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files\windows live\writer\writerbrowserextension.dll" "10/11/2010 2:03 PM" ""
+ "Messenger Companion (Ctrl+Shift+C)" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files\windows live\companion\companioncore.dll" "10/11/2010 2:02 PM" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office15\onbttnielinkednotes.dll" "01/11/2016 11:18 AM" ""
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office15\onbttnie.dll" "01/11/2016 11:28 AM" ""
+ "Skype for Business Click to Call" "Skype for Business" "Microsoft Corporation" "c:\program files\microsoft office\office15\ochelper.dll" "13/12/2016 10:42 AM" ""
"Task Scheduler" "" "" "" "" ""
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe" "08/2/2017 6:17 AM" ""
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe" "15/11/2016 7:57 AM" ""
+ "\Microsoft\Office\Office 15 Subscription Heartbeat" "Office Subscription Licensing Heartbeat" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office15\olicenseheartbeat.exe" "18/12/2013 12:08 AM" ""
+ "\Microsoft\Office\OfficeTelemetryAgentFallBack" "Office Telemetry Agent" "Microsoft Corporation" "c:\program files\microsoft office\office15\msoia.exe" "18/12/2013 12:13 AM" ""
+ "\Microsoft\Office\OfficeTelemetryAgentLogOn" "Office Telemetry Agent" "Microsoft Corporation" "c:\program files\microsoft office\office15\msoia.exe" "18/12/2013 12:13 AM" ""
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll" "10/11/2010 2:02 PM" ""
X "\Microsoft\Windows\Autochk\Proxy" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs" "11/6/2009 1:19 AM" ""
X "\Microsoft\Windows\SystemRestore\SR" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
X "\Microsoft\Windows\Tcpip\IpAddressConflict1" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
X "\Microsoft\Windows\Tcpip\IpAddressConflict2" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
X "\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe" "14/7/2009 4:09 AM" ""
X "\Microsoft\Windows\WindowsBackup\AutomaticBackup" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
X "\WPD\SqmUpload_S-1-5-21-590680974-46065942-2644484873-1000" "" "" "File not found: C:\windows\system32\rundll32.exe" "" ""
"HKLM\System\CurrentControlSet\Services" "" "" "" "11/3/2017 10:33 AM" ""
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\virtualization handler\cvhsvc.exe" "18/3/2015 11:48 PM" ""
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files\windows live\family safety\fsssvc.exe" "23/9/2010 11:16 AM" ""
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files\microsoft office\office14\groove.exe" "19/12/2013 4:34 AM" ""
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe" "15/11/2016 7:57 AM" ""
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe" "15/11/2016 7:57 AM" ""
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe" "07/11/2012 2:37 PM" ""
+ "osppsvc" "Enables the download, installation, and enforcement of digital licenses for Microsoft Office applications. These applications require this service for proper operation. It is strongly recommended that you keep this service enabled." "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe" "06/7/2012 3:41 AM" ""
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files\microsoft application virtualization client\sftlist.exe" "25/6/2013 11:04 PM" ""
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files\microsoft application virtualization client\sftvsa.exe" "25/6/2013 11:02 PM" ""
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll" "27/5/2013 8:57 AM" ""
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe" "22/9/2010 1:00 AM" ""
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe" "20/11/2010 2:36 PM" ""
"HKLM\System\CurrentControlSet\Services" "" "" "" "11/3/2017 10:33 AM" ""
+ "acsock" "Cisco AnyConnect Kernel Driver Framework Socket Layer Interceptor" "Cisco Systems, Inc." "c:\windows\system32\drivers\acsock.sys" "07/11/2012 6:27 AM" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys" "06/12/2008 3:59 AM" ""
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys" "01/5/2007 9:29 PM" ""
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys" "28/2/2007 4:03 AM" ""
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys" "12/4/2006 4:20 AM" ""
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys" "14/7/2009 3:11 AM" ""
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys" "19/3/2010 5:08 AM" ""
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys" "20/3/2009 10:35 PM" ""
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys" "19/3/2010 8:19 PM" ""
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys" "25/5/2007 1:31 AM" ""
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys" "14/1/2009 11:26 PM" ""
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athr.sys" "21/6/2011 12:00 PM" ""
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys" "14/2/2009 2:10 AM" ""
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys" "26/4/2009 3:15 PM" ""
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys" "07/8/2006 1:33 AM" ""
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys" "07/8/2006 1:33 AM" ""
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys" "07/8/2006 1:33 AM" ""
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys" "07/8/2006 1:33 AM" ""
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys" "07/8/2006 1:33 AM" ""
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys" "09/8/2006 4:02 PM" ""
+ "clwvd" "CyberLink WebCam Virtual Driver" "CyberLink Corporation" "c:\windows\system32\drivers\clwvd.sys" "28/7/2010 5:13 AM" ""
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys" "14/7/2009 3:11 AM" ""
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys" "31/12/2008 8:06 PM" ""
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys" "04/2/2009 2:09 AM" ""
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys" "11/5/2009 11:22 AM" ""
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys" "19/5/2009 3:42 AM" ""
+ "htcnprot" "HTC NDIS Protocol Driver" "Windows (R) Win 7 DDK provider" "c:\windows\system32\drivers\htcnprot.sys" "23/6/2010 6:24 AM" ""
+ "HtcVCom32" "USB Modem/Serial Device Driver" "QUALCOMM Incorporated" "c:\windows\system32\drivers\htcvcomv32.sys" "26/10/2009 4:01 PM" ""
+ "HWiNFO32" "HWiNFO x86 Kernel Driver" "REALiX(tm)" "c:\windows\system32\drivers\hwinfo32.sys" "23/11/2014 8:24 PM" ""
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys" "11/6/2010 4:45 AM" ""
+ "IDMWFP" "Internet Download Manager WFP Driver" "Tonec Inc." "c:\windows\system32\drivers\idmwfp.sys" "26/1/2012 5:47 PM" ""
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys" "20/3/2012 3:26 AM" ""
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys" "14/12/2005 1:48 AM" ""
+ "IntcDAud" "Intel(R) Display Audio Driver" "Intel(R) Corporation" "c:\windows\system32\drivers\intcdaud.sys" "15/10/2010 12:27 PM" ""
+ "ivusb" "Initio Default Vendor Specific Device Driver" "Initio Corporation" "c:\windows\system32\drivers\ivusb.sys" "14/5/2010 6:41 AM" ""
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x86.sys" "27/9/2010 10:36 AM" ""
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys" "10/12/2008 2:28 AM" ""
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys" "19/5/2009 4:19 AM" ""
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys" "19/5/2009 4:31 AM" ""
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys" "17/4/2009 2:14 AM" ""
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys" "19/5/2009 5:09 AM" ""
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys" "19/5/2009 5:25 AM" ""
+ "MEI" "Intel(R) Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\heci.sys" "20/10/2010 3:33 AM" ""
+ "netr28u" "Ralink 802.11n Wireless Adapter Driver" "Ralink Technology Corp." "c:\windows\system32\drivers\netr28u.sys" "13/11/2009 1:44 PM" ""
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys" "07/6/2006 1:12 AM" ""
+ "nvraid" "NVIDIA® nForce(TM) RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys" "20/3/2010 1:00 AM" ""
+ "nvstor" "NVIDIA® nForce(TM) Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys" "20/3/2010 12:51 AM" ""
+ "pfmfs_178" "System Extension - Pismo File Mount" "Pismo Technic Inc." "c:\windows\system32\drivers\pfmfs_178.sys" "01/7/2015 1:56 AM" ""
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys" "23/1/2009 3:28 AM" ""
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys" "19/5/2009 5:17 AM" ""
+ "rbtnfd_srv" "Riverbed Steelhead Mobile NDIS6 filter driver" "Riverbed Technology, Inc" "c:\windows\system32\drivers\rbtnfd.sys" "05/10/2013 3:34 AM" ""
+ "RSUSBVSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsuvstor.sys" "15/3/2011 1:57 PM" ""
+ "RTL8167" "Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver " "Realtek " "c:\windows\system32\drivers\rt86win7.sys" "10/6/2011 10:31 AM" ""
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys" "24/9/2008 10:19 PM" ""
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys" "02/10/2008 1:52 AM" ""
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys" "18/2/2009 3:03 AM" ""
+ "TrueSight" "" "" "c:\windows\system32\drivers\truesight.sys" "16/1/2016 12:17 AM" ""
+ "ujiyodk3" "AVZGuard Driver" "Zaitsev Oleg, 2006" "c:\windows\system32\drivers\ujiyodk3.sys" "31/3/2011 7:04 PM" ""
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys" "28/11/2012 3:37 AM" ""
+ "utiyodk3" "AVZ Driver" "" "c:\windows\system32\drivers\utiyodk3.sys" "12/1/2008 6:51 PM" ""
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys" "14/7/2009 3:11 AM" ""
+ "vncmirror" "VNC Mirror Miniport" "RealVNC Ltd." "c:\windows\system32\drivers\vncmirror.sys" "14/3/2008 9:42 PM" ""
+ "vpnva" "Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows" "Cisco Systems, Inc." "c:\windows\system32\drivers\vpnva-6.sys" "15/6/2013 12:18 AM" ""
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys" "31/1/2009 5:13 AM" ""
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam.sys" "16/4/2008 12:27 PM" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers" "" "" "" "14/7/2009 8:41 AM" ""
+ "Adobe Type Manager" "Windows NT OpenType/Type 1 Font Driver" "Adobe Systems Incorporated" "c:\windows\system32\atmfd.dll" "02/11/2016 6:53 PM" ""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "23/5/2015 12:37 PM" ""
+ "msacm.aacacm" "AAC ACM Codec" "fccHandler" "c:\windows\system32\aacacm.acm" "01/10/2011 5:03 AM" ""
+ "msacm.ac3acm" "AC-3 ACM Codec" "fccHandler" "c:\windows\system32\ac3acm.acm" "22/12/2011 4:14 AM" ""
+ "msacm.ac3filter" "" "" "c:\windows\system32\ac3filter.acm" "11/8/2009 9:18 PM" ""
+ "msacm.avis" "ffdshow ACM codec" "" "c:\windows\system32\ff_acm.acm" "28/1/2012 2:10 PM" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm" "14/7/2009 5:06 AM" ""
+ "msacm.l3pacm" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecp.acm" "14/7/2009 5:06 AM" ""
+ "msacm.lameacm" "Lame MP3 codec engine" "http://www.mp3dev.org/" "c:\windows\system32\lameacm.acm" "24/9/2008 11:41 PM" ""
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll" "20/11/2010 3:59 PM" ""
+ "VIDC.FFDS" "ffdshow VFW" "" "c:\windows\system32\ff_vfw.dll" "28/1/2012 2:54 AM" ""
+ "VIDC.LAGS" "Lagarith" " " "c:\windows\system32\lagarith.dll" "08/12/2011 4:32 AM" ""
+ "VIDC.X264" "" "" "c:\windows\system32\x264vfw.dll" "19/1/2012 1:29 PM" ""
+ "VIDC.XVID" "" "" "c:\windows\system32\xvidvfw.dll" "24/6/2011 6:44 PM" ""
+ "VIDC.YV12" "" "" "c:\windows\system32\xvidvfw.dll" "24/6/2011 6:44 PM" ""
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "28/8/2016 1:55 PM" ""
+ "AC3File" "" "" "c:\program files\k-lite codec pack\filters\ac3file.ax" "04/8/2009 9:09 AM" ""
+ "Audio Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmprevu.dll" "12/12/2002 5:34 AM" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll" "10/11/2010 2:21 PM" ""
+ "DC-Bass Source" "DirectShow™ Audio Decoder" "http://www.dsp-worx.de" "c:\program files\k-lite codec pack\filters\dcbasssource.ax" "20/6/1992 2:22 AM" ""
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files\k-lite codec pack\filters\vsfilter.dll" "06/2/2012 2:36 AM" ""
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files\k-lite codec pack\filters\vsfilter.dll" "06/2/2012 2:36 AM" ""
+ "DXVA Filter" "MPEG-1/2 Decoder Filter for DirectShow" "Gabest" "c:\program files\gretech\gomplayer\codecs\mpeg2decfilter.ax" "05/6/2004 12:09 PM" ""
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax" "06/2/2012 10:13 PM" ""
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax" "06/2/2012 10:13 PM" ""
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax" "06/2/2012 10:13 PM" ""
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax" "06/2/2012 10:13 PM" ""
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax" "06/2/2012 10:13 PM" ""
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax" "06/2/2012 10:13 PM" ""
+ "File Source (Monkey Audio)" "" "" "c:\program files\k-lite codec pack\filters\monkeysource.ax" "20/6/1992 2:22 AM" ""
+ "Gretech AAC Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech ASF Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech AsfEx Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech Audio Filter" "Gretech Audio Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gaf.ax" "09/6/2016 2:20 PM" ""
+ "Gretech AVI Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech FLV Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech MKV Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech MP3 Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech MP4 Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech MPEG Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech MPEG Source Filter2" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech Network(AVI) Filter" "Gretech Corp." "Gretech Corp." "c:\program files\gretech\gomplayer\gnf.ax" "03/3/2014 1:27 PM" ""
+ "Gretech Network(FLV) Filter" "Gretech Corp." "Gretech Corp." "c:\program files\gretech\gomplayer\gnf.ax" "03/3/2014 1:27 PM" ""
+ "Gretech Network(GOM) Filter" "Gretech Corp." "Gretech Corp." "c:\program files\gretech\gomplayer\gnf.ax" "03/3/2014 1:27 PM" ""
+ "Gretech Network(MP4) Filter" "Gretech Corp." "Gretech Corp." "c:\program files\gretech\gomplayer\gnf.ax" "03/3/2014 1:27 PM" ""
+ "Gretech Network(OGG) Filter" "Gretech Corp." "Gretech Corp." "c:\program files\gretech\gomplayer\gnf.ax" "03/3/2014 1:27 PM" ""
+ "Gretech Network(SHOUTcast) Filter" "Gretech Corp." "Gretech Corp." "c:\program files\gretech\gomplayer\gnf.ax" "03/3/2014 1:27 PM" ""
+ "Gretech OGG Source Filter" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech OGG Source Filter2" "Gretech Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\gsfu.ax" "26/12/2013 5:41 AM" ""
+ "Gretech Source Filter" "Gretech Media Source Filter" "Gretech Corp." "c:\program files\gretech\gomplayer\mediasource.ax" "22/7/2016 11:20 AM" ""
+ "Gretech Video Filter" "Gretech Video Filter" "Gretech" "c:\program files\gretech\gomplayer\gvf.ax" "08/8/2016 10:41 AM" ""
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax" "08/9/2011 6:01 PM" ""
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax" "08/9/2011 6:01 PM" ""
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax" "08/9/2011 6:01 PM" ""
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax" "08/9/2011 6:01 PM" ""
+ "Haali Video Renderer" "" "" "c:\program files\k-lite codec pack\filters\haali\dxr.dll" "08/9/2011 6:00 PM" ""
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax" "08/9/2011 6:01 PM" ""
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack\filters\lav\lavaudio.ax" "06/2/2012 10:27 PM" ""
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack\filters\lav\lavsplitter.ax" "06/2/2012 10:27 PM" ""
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack\filters\lav\lavsplitter.ax" "06/2/2012 10:27 PM" ""
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack\filters\lav\lavvideo.ax" "06/2/2012 10:27 PM" ""
+ "madFlac Decoder" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files\k-lite codec pack\filters\madflac.ax" "20/6/1992 2:22 AM" ""
+ "madFlac Source" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files\k-lite codec pack\filters\madflac.ax" "20/6/1992 2:22 AM" ""
+ "madVR" "madshi's D3D9 based video renderer" "madshi.net" "c:\program files\k-lite codec pack\filters\madvr\madvr.ax" "19/12/2011 12:25 AM" ""
+ "MONOGRAM AMR Decoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax" "16/3/2008 5:30 PM" ""
+ "MONOGRAM AMR Encoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax" "16/3/2008 5:30 PM" ""
+ "MONOGRAM AMR Mux" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax" "16/3/2008 5:30 PM" ""
+ "MONOGRAM AMR Splitter" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax" "16/3/2008 5:30 PM" ""
+ "MONOGRAM Musepack Decoder" "mmmpcdec" "" "c:\program files\k-lite codec pack\filters\mmmpcdec.ax" "18/1/2009 3:03 PM" ""
+ "MONOGRAM Musepack Splitter" "mmmpcdmx" "" "c:\program files\k-lite codec pack\filters\mmmpcdmx.ax" "18/1/2009 8:15 PM" ""
+ "MPC - DTS/AC3/DD+ Source" "DTS/AC3 Source Filter" "MPC-HC Team" "c:\program files\win7codecs\filters\dtsac3source.ax" "09/2/2012 3:55 PM" ""
+ "MPC Matroska Source" "Matroska Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\matroskasplitter.ax" "09/2/2012 3:54 PM" ""
+ "MPC Matroska Splitter" "Matroska Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\matroskasplitter.ax" "09/2/2012 3:54 PM" ""
+ "MPC Ogg Source" "Ogg Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\oggsplitter.ax" "09/2/2012 3:54 PM" ""
+ "MPC Ogg Splitter" "Ogg Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\oggsplitter.ax" "09/2/2012 3:54 PM" ""
+ "MPC RealAudio Decoder" "RealMedia Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\realmediasplitter.ax" "06/2/2012 1:45 AM" ""
+ "MPC RealMedia Source" "RealMedia Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\realmediasplitter.ax" "06/2/2012 1:45 AM" ""
+ "MPC RealMedia Splitter" "RealMedia Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\realmediasplitter.ax" "06/2/2012 1:45 AM" ""
+ "MPC RealVideo Decoder" "RealMedia Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\realmediasplitter.ax" "06/2/2012 1:45 AM" ""
+ "MPEG Audio Decoder (MAD)" "Mpeg Audio Decoder for DirectShow, based on libmad" "Gabest" "c:\program files\gretech\gomplayer\codecs\mpadecfilter.ax" "18/5/2004 8:06 AM" ""
+ "Mpeg2Dec Filter" "MPEG-1/2 Decoder Filter for DirectShow" "Gabest" "c:\program files\gretech\gomplayer\codecs\mpeg2decfilter.ax" "05/6/2004 12:09 PM" ""
+ "Nero Digital Parser" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\win7codecs\filters\ndparser.ax" "26/1/2006 8:29 PM" ""
+ "Nero ES Video Reader" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\win7codecs\filters\ndparser.ax" "26/1/2006 8:29 PM" ""
+ "RadLight OptimFROG DirectShow Filter" "RLOFRDec" "RadLight" "c:\program files\win7codecs\filters\rlofrdec.ax" "27/4/2004 7:03 PM" ""
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll" "10/11/2010 2:21 PM" ""
+ "Record Queue" "WME Record Queue" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmedque.dll" "12/12/2002 5:34 AM" ""
+ "T" "VP7 Decompression Filter" "On2.com Inc." "c:\program files\k-lite codec pack\filters\vp7dec.ax" "25/3/2006 2:09 AM" ""
+ "Video Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmprevu.dll" "12/12/2002 5:34 AM" ""
+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files\k-lite codec pack\filters\wavpackdsdecoder.ax" "04/3/2007 1:50 PM" ""
+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files\k-lite codec pack\filters\wavpackdssplitter.ax" "03/10/2007 2:09 AM" ""
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll" "10/11/2010 2:21 PM" ""
+ "WMEnc Screen Capture Filter" "WMESrcWp Module" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmesrcwp.dll" "12/12/2002 5:34 AM" ""
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll" "10/11/2010 2:21 PM" ""
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll" "10/11/2010 2:21 PM" ""
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll" "10/11/2010 2:21 PM" ""
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll" "10/11/2010 2:21 PM" ""
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll" "10/11/2010 2:21 PM" ""
"HKLM\SOFTWARE\Classes\Htmlfile\Shell\Open\Command\(Default)" "" "" "" "21/5/2013 11:38 PM" ""
+ "C:\Program Files\Internet Explorer\iexplore.exe" "Internet Explorer" "Microsoft Corporation" "c:\program files\internet explorer\iexplore.exe" "12/11/2016 8:56 PM" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" "" "28/2/2012 12:32 AM" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll" "22/9/2010 1:01 AM" ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" "" "05/6/2015 6:56 PM" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "22/9/2010 1:00 AM" ""
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "22/9/2010 1:00 AM" ""
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" "" "17/10/2016 6:33 PM" ""
+ "Canon BJ FAX Language Monitor MX420 series" "Canon Inkjet Fax Driver" "CANON INC." "c:\windows\system32\cncalam.dll" "21/10/2010 4:22 AM" ""
+ "Canon BJ Language Monitor MX420 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlmam.dll" "13/3/2012 10:15 AM" ""
+ "Canon BJNP Port" "Canon IJ Network 32bit comm Module" "CANON INC." "c:\windows\system32\cnmnppm.dll" "14/6/2012 12:18 PM" ""
+ "MONVNC" "Port Monitor DLL" "" "c:\windows\system32\vncpm.dll" "24/2/2009 8:26 PM" ""
+ "PDF Converter Elite 3.0 Monitor" "" "" "File not found: pc3PCR2PortMon.dll" "" ""
+ "PDFill Writer Monitor" "DDK Local Monitor DLL" "Windows (R) Codename Longhorn DDK provider" "c:\program files\plotsoft\pdfill\pdfwriter\driver\pdfillwritermon.dll" "21/6/2008 5:24 PM" ""
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" "" "08/9/2015 1:42 PM" ""
+ "pfmunc" "Pismo File Mount" "Pismo Technic Inc." "c:\windows\system32\pfmapi_178.dll" "01/7/2015 1:56 AM" ""
"WMI Database Entries" "" "" "" "" ""
+ "BVTConsumer" "" "" "File not found: KernCap.vbs" "" ""
"HKLM\Software\Microsoft\Office\Outlook\Addins" "" "" "" "20/10/2015 10:17 PM" ""
X "BCSAddin Connect class" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files\microsoft office\office14\addins\bcsaddin.dll" "05/11/2012 7:24 PM" ""
+ "Connect Class" "Outlook Social Connector 2013" "Microsoft Corporation" "c:\program files\microsoft office\office15\socialconnector.dll" "12/5/2015 7:22 PM" ""
+ "FormRegionAddin Class" "" "" "c:\program files\microsoft office\office15\addins\umoutlookaddin.dll" "13/10/2015 12:52 PM" ""
+ "Groove OutlookProxyAddIn" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "19/12/2013 4:37 AM" ""
+ "LyncAddin Class" "Skype for Business" "Microsoft Corporation" "c:\program files\microsoft office\office15\ucaddin.dll" "13/12/2016 10:32 AM" ""
+ "Microsoft VBA for Outlook Addin" "Outlook VBA Integration Add-In" "Microsoft Corporation" "c:\program files\microsoft office\office15\addins\outlvba.dll" "13/12/2016 10:41 AM" ""
+ "OneNote Notes about Outlook Items" "Microsoft OneNote Outlook Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office15\onbttnol.dll" "01/11/2016 11:28 AM" ""
+ "TeamViewerMeetingAddIn.AddIn" "FileDescription" "CompanyName" "c:\program files\teamviewer\outlook\teamviewermeetingaddinshim.dll" "11/9/2015 7:34 PM" ""
"HKCU\Software\Microsoft\Office\Outlook\Addins" "" "" "" "18/9/2015 7:02 AM" ""
+ "Access COM Addin for Outlook" "Access Outlook Data Collection Addin" "Microsoft Corporation" "c:\program files\microsoft office\office14\addins\accolk.dll" "13/10/2015 3:40 PM" ""
+ "ColleagueImportAddIn Class" "Microsoft Office 2013 component" "Microsoft Corporation" "c:\program files\microsoft office\office15\addins\colleagueimport.dll" "15/8/2013 4:14 AM" ""
+ "OcForms Class" "Skype for Business" "Microsoft Corporation" "c:\program files\microsoft office\office15\ocoffice.dll" "12/7/2016 5:17 PM" ""
"HKLM\Software\Microsoft\Office\Excel\Addins" "" "" "" "09/9/2015 11:58 AM" ""
+ "ExcelAddin Class" "PDFillPDFButton Module for Excel" "PlotSoft LLC" "c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_excel.dll" "12/9/2010 1:06 AM" ""
+ "NativeShim.InquireConnector Class" "" "" "c:\program files\microsoft office\office15\dcf\nativeshim.dll" "07/11/2012 2:39 PM" ""
"HKCU\Software\Microsoft\Office\Excel\Addins" "" "" "" "09/9/2015 12:46 PM" ""
+ "Ad Hoc Reporting Excel Client Add-In" "Power View for Excel module" "Microsoft Corporation" "c:\program files\microsoft office\office15\addins\power view excel add-in\adhocreportingexcelclient.dll" "26/3/2015 3:55 AM" ""
+ "ExcelAddin Class" "PDFillPDFButton Module for Excel" "PlotSoft LLC" "c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_excel.dll" "12/9/2010 1:06 AM" ""
+ "NativeEntry Class" "Power Pivot for Excel" "Microsoft Corporation" "c:\program files\microsoft office\office15\addins\powerpivot excel add-in\powerpivotexcelclientaddin.dll" "16/10/2014 4:12 AM" ""
"HKLM\Software\Microsoft\Office\PowerPoint\Addins" "" "" "" "14/11/2014 6:19 PM" ""
+ "PowerpointAddin Class" "PDFillPDFButton Module for PowerPoint" "PlotSoft LLC" "c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_powerpoint.dll" "12/9/2010 1:03 AM" ""
"HKCU\Software\Microsoft\Office\PowerPoint\Addins" "" "" "" "14/11/2014 6:19 PM" ""
X "OneNote PowerPoint Add-In Take Notes Content Service Class" "Microsoft OneNote PowerPoint Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office15\onpptaddin.dll" "01/11/2016 11:07 AM" ""
+ "PowerpointAddin Class" "PDFillPDFButton Module for PowerPoint" "PlotSoft LLC" "c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_powerpoint.dll" "12/9/2010 1:03 AM" ""
"HKLM\Software\Microsoft\Office\Word\Addins" "" "" "" "14/11/2014 6:19 PM" ""
+ "WordAddin Class" "PDFillPDFButton Module for Word" "PlotSoft LLC" "c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_word.dll" "12/9/2010 12:56 AM" ""
"HKCU\Software\Microsoft\Office\Word\Addins" "" "" "" "14/11/2014 6:19 PM" ""
X "OneNote Word Add-In Take Notes Content Service Class" "Microsoft OneNote Word Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office15\onwordaddin.dll" "01/11/2016 11:24 AM" ""
+ "WordAddin Class" "PDFillPDFButton Module for Word" "PlotSoft LLC" "c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_word.dll" "12/9/2010 12:56 AM" ""
Click to expand...
 
#50
Right Click on the FRST program that you have on your desktop.
Type rundll32.exe into the search field.
upload_2017-3-11_19-46-52.png

Click on search files.
A report will appear on your desktop.
Copy and paste that in your next reply.
 
#53
Farbar Recovery Scan Tool (x86) Version: 29-01-2017
Ran by MSI CR-460 (12-03-2017 10:45:44)
Running from C:\Users\MSI CR-460\Desktop
Boot Mode: Normal

================== Search Files: "rundll32.exe" =============

C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\rundll32.exe
[2016-10-30 04:23][2016-03-10 14:07] 0960480 ____A (MalwareBytes) F86A4139730504047F52CCFB8C47E9F5 [File is digitally signed]

====== End of Search ======
 
#54
Download the rundll32.zip attached to this post.
Unzip it to your desktop. ( 7-ZIP)
Open the C:\Windows\System32 folder.
You can do this by pressing the windows key and r at the same time.
Then copy C:\Windows\System32 paste it into the Run box hit OK.
Drag and Drop the rundll32.exe file into C:\Windows\System32 folder.
Make sure and not drop it into a folder within the folder.
Now reboot your machine and tell me if the issue occurs again.
If it does, then rerun FRST with the file search as you did last, so I can verify it is in the correct spot.
 

Attachments

  • rundll32.zip
    19.3 KB · Views: 16
#55
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-03-2017
Ran by MSI CR-460 (16-03-2017 21:30:39)
Running from C:\Users\MSI CR-460\Desktop
Microsoft Windows 7 Starter Service Pack 1 (X86) (2012-04-12 20:06:10)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-590680974-46065942-2644484873-500 - Administrator - Disabled)
Guest (S-1-5-21-590680974-46065942-2644484873-501 - Limited - Disabled)
MSI CR-460 (S-1-5-21-590680974-46065942-2644484873-1000 - Administrator - Enabled) => C:\Users\MSI CR-460

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (Version: 1.2.42.68439 - Alcor Micro Corp.) Hidden
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Client Installation Program (HKLM\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
AVG PC TuneUp 2015 (en-US) (Version: 15.0.1001.604 - AVG Technologies) Hidden
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.82.63 - Broadcom Corporation)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MX420 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX420_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04066 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.04066 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.0.0820 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Family Tree Maker 2012 (HKLM\...\Family Tree Maker 2012) (Version: 21.0.388 - Ancestry.com, Inc.)
Family Tree Maker 2012 (Version: 21.0.388 - Ancestry.com, Inc.) Hidden
FileHippo App Manager (HKLM\...\FileHippo.com) (Version: - FileHippo.com)
FlashGet3.7 (HKLM\...\FlashGet3.7) (Version: 3.7.0.1195 - hxxp://www.FlashGet.com)
FormatFactory 2.20 (HKLM\...\FormatFactory) (Version: 2.20 - Free Time)
GOM Player (HKLM\...\GOM Player) (Version: 2.3.6.5260 - Gretech Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.46.0 - HTC)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 8.3.2 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 8.3.2 - )
Lenovo_Wireless_Driver (HKLM\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 3.1.14.0 - Lenovo)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Master PDF Editor 2.1.65 (HKLM\...\Master PDF Editor 2.1.65_is1) (Version: - Code Industry Ltd.)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Photo Creations (Photobookmart Edition) (HKLM\...\{111FC0F4-F93D-4FB1-A91D-B0258A8A1BA5}) (Version: 8.7.8288 - Digilabs)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Password Remover (HKLM\...\PDF Password Remover) (Version: - Tenorshare, Inc.)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 11.0 - PlotSoft LLC)
Photobook Designer (HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\Photobook Designer) (Version: Photobook Designer 4.1.0 - Photobook Malaysia)
Pismo File Mount Audit Package (HKLM\...\PismoFileMountAuditPackage) (Version: - )
PIXAJOY Editor (HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\PIXAJOY Editor) (Version: PIXAJOY Editor 3.5.0 - Pixajoy )
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek USB 2.0 Reader Driver (HKLM\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0178 - REALTEK Semiconductor Corp.)
Riverbed Steelhead Mobile (HKLM\...\{09D86FD5-EA7E-4072-997F-4E88AE25ACA2}) (Version: 49.10.4101.10 - Riverbed Technology, Inc.)
RogueKiller version 12.9.8.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.8.0 - Adlice Software)
S-Bar (HKLM\...\{4E18A842-A084-46E0-81BA-31C7EB96B26C}) (Version: 21.011.10272 - MSI)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0051-0000-0000-0000000FF1CE}_Office15.VISPRO_{8D2E04ED-3350-4ECE-9D6E-3BC9A9A93A47}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Telegram Desktop version 0.10.19 (HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.10.19 - Telegram Messenger LLP)
TuneUp Utilities 2014 (en-US) (Version: 14.0.1000.340 - TuneUp Software) Hidden
Tweaking.com - Windows Repair (HKLM\...\Tweaking.com - Windows Repair) (Version: 3.9.26 - Tweaking.com)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{9F6B3627-AF9E-40A5-AAD5-3497C4327616}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3161988) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{245EB15F-A90C-422B-9D3F-3AEEDF028CCC}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3161988) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{245EB15F-A90C-422B-9D3F-3AEEDF028CCC}) (Version: - Microsoft)
Uplayer (HKLM\...\{246F5A8A-ADB1-4ED9-BE01-C4118E7DB3A5}) (Version: 1.0.0.33 - D-LINK CORPORATION)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VNC Enterprise Edition E4.5.1 (HKLM\...\RealVNC_is1) (Version: E4.5.1 - RealVNC Ltd.)
VNC Mirror Driver 1.8.0 (HKLM\...\VNCMirror_is1) (Version: 1.8.0 - RealVNC Ltd.)
VNC Printer Driver 1.6.0 (HKLM\...\VNCPrinter_is1) (Version: 1.6.0 - RealVNC Ltd.)
WD Drive Utilities (HKLM\...\{E61CFDDA-40DD-4400-95CA-12819C50B5C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD Security (HKLM\...\{429a42d7-4c55-44d4-b38a-5872a0d70495}) (Version: 1.3.0.18 - Western Digital Technologies, Inc.)
WD Security (Version: 1.3.0.18 - Western Digital Technologies, Inc.) Hidden
WD SES Driver Setup (Version: 1.1.0.51 - Western Digital) Hidden
WD SmartWare (HKLM\...\{6EE644CD-FC7F-424C-83EA-9C0285C4FB7F}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 3.4.7 - Shark007)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - ENE (EUCR) USB (12/04/2009 5.89.0.64) (HKLM\...\7F523D4F8E191139525DC0260B06BF68E4E581EE) (Version: 12/04/2009 5.89.0.64 - ENE)
Windows Driver Package - Intel (NETw5s32) net (03/18/2010 13.2.0.30) (HKLM\...\5B1D8E9CE6F89F5466353F3E5A7084A126505FEA) (Version: 03/18/2010 13.2.0.30 - Intel)
Windows Driver Package - Intel (NETw5s32) net (09/15/2009 13.0.0.107) (HKLM\...\261F972493946CC8B32688E5247ADD2EE612DEB9) (Version: 09/15/2009 13.0.0.107 - Intel)
Windows Driver Package - Intel (NETw5v32) net (03/18/2010 13.2.0.30) (HKLM\...\DA556C9045FE4065F487AF1C9B3992A6AD4C8A66) (Version: 03/18/2010 13.2.0.30 - Intel)
Windows Driver Package - Intel (NETw5v32) net (09/15/2009 13.0.0.107) (HKLM\...\FB8C5A1BB9B0EB1DBE21E5BBBF6942439C4FB2F9) (Version: 09/15/2009 13.0.0.107 - Intel)
Windows Driver Package - Ralink (netr28u) Net (11/13/2009 3.00.09.0000) (HKLM\...\AB8CA567F16EA6E1DF917E5D13C2A15AD9BB4B14) (Version: 11/13/2009 3.00.09.0000 - Ralink)
Windows Driver Package - Ralink Technology, Corp. (netr28) Net (02/09/2010 3.00.17.0000) (HKLM\...\DA9E83E3434B0A377F6C3573D30A3E6E692E31F2) (Version: 02/09/2010 3.00.17.0000 - Ralink Technology, Corp.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BE}) (Version: 15.0.9302 - WinZip Computing, S.L. )
ZHPFix 2015 (HKLM\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\MSI CR-460\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID\{202B524F-841E-5A9D-8D3F-1010FA1A469E}\InprocServer32 -> C:\Users\MSI CR-460\AppData\Roaming\dlink\Uplayer\1.0.0.33\npUplayer.dll (D-LINK CORPORATION)
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\MSI CR-460\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\MSI CR-460\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\MSI CR-460\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\MSI CR-460\AppData\Local\Google\Update\1.3.22.3\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\MSI CR-460\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\MSI CR-460\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\MSI CR-460\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\MSI CR-460\AppData\Local\Google\Update\1.3.22.3\psuser.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {263B3821-B41B-463B-9133-B29AB4A227DC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {50FE601E-95B7-48F4-B38A-7CF148B16D0A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-15] (Microsoft Corporation)
Task: {5BB67B3B-E846-4BBB-9DCD-56EB60ECCEB9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {D17E1CAE-E13D-4BF7-894B-7D1A5A1D4F90} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {F7FAC57A-51A1-4FB7-BF19-D51B743EF666} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Tweaking.com - Windows Repair Tray Icon.job => C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe C:\Program Files\Tweaking.com\Windows Repair (All in One) Tweaking.com - Windows Repair )Created By Tweaking.com

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-06-14 17:38 - 2016-06-14 17:38 - 08909504 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-06-22 19:04 - 2009-07-25 00:21 - 00026624 _____ () C:\windows\System32\VNCpm.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\petronas.com.my -> hxxps://eva.petronas.com.my
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4608 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:04 - 2017-02-05 16:41 - 00000035 ____A C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-590680974-46065942-2644484873-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1872A0EA-7570-4967-8363-13C0C6D39C55}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{AB8F892C-D59A-4BE3-B13F-DF4B352A6FF2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{529DF42A-CC4A-4747-96E2-FB4943BD714D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{707948CC-2B0C-440F-B7DC-4FBB9C131367}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3

==================== Restore Points =========================

05-02-2017 16:02:37 Windows Update
05-02-2017 16:40:42 Restore Point Created by FRST
25-02-2017 15:43:33 Windows Update
26-02-2017 14:31:33 Windows Update
26-02-2017 21:38:05 Windows Update
02-03-2017 10:15:18 Windows Update
11-03-2017 09:43:33 Windows Update
11-03-2017 14:28:35 ZHPFix Restore System Point
16-03-2017 11:40:35 Windows Update

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/16/2017 09:30:32 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhost (1644) An attempt to open the file "C:\Users\MSI CR-460\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (03/16/2017 09:26:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/16/2017 11:34:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/16/2017 11:32:46 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1652) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\MSI CR-460\AppData\Local\Microsoft\Windows\WebCache\V0100014.log.

Error: (03/12/2017 03:55:12 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (3172) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\MSI CR-460\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (03/12/2017 03:55:12 PM) (Source: ESENT) (EventID: 489) (User: )
Description: DllHost (3172) WebCacheLocal: An attempt to open the file "C:\Users\MSI CR-460\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (03/12/2017 03:55:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/12/2017 03:55:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (3172) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\MSI CR-460\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (03/12/2017 03:55:02 PM) (Source: ESENT) (EventID: 489) (User: )
Description: DllHost (3172) WebCacheLocal: An attempt to open the file "C:\Users\MSI CR-460\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (03/12/2017 02:55:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (03/16/2017 09:28:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/16/2017 09:25:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/16/2017 12:25:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.237.1302.0).

Error: (03/16/2017 12:17:48 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.237.1302.0

Update Source: Microsoft Update Server

Update Stage: Install

Source Path: http://www.microsoft.com

Signature Type: AntiVirus

Update Type: Full

User: NT AUTHORITY\SYSTEM

Current Engine Version:

Previous Engine Version: 1.1.13504.0

Error code: 0x80070643

Error description: Fatal error during installation.

Error: (03/16/2017 11:35:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/16/2017 11:32:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/12/2017 03:56:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/12/2017 03:53:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/12/2017 03:06:26 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.237.1006.0

Update Source: Microsoft Update Server

Update Stage: Search

Source Path: http://www.microsoft.com

Signature Type: AntiVirus

Update Type: Full

User: NT AUTHORITY\SYSTEM

Current Engine Version:

Previous Engine Version: 1.1.13504.0

Error code: 0x8024402c

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Error: (03/12/2017 02:56:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


CodeIntegrity:
===================================
Date: 2015-10-22 02:16:57.424
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-15 20:21:07.044
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-15 20:21:07.014
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-15 20:21:06.994
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-14 23:24:58.626
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-14 23:24:58.606
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-14 23:24:58.596
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-08 02:19:00.786
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-08 02:19:00.746
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-09-12 14:16:29.553
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B940 @ 2.00GHz
Percentage of memory in use: 35%
Total physical RAM: 2048 MB
Available physical RAM: 1311.4 MB
Total Virtual: 4096 MB
Available Virtual: 3356 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:298.09 GB) (Free:47.07 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: D21CB07A)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Click to expand...
 
#57
Glad to have helped!! Please tell a friend ...... or two about us.
smile.png


Optimize your internet connection.

Click here for instructions.

suggest the following in place of adblock.
Alternate DNS Server. Ad Blocking DNS.
Ublock Origin.
Anti Ad Block Killer.


Also, keep your browsing private with these tools:

Self Destructing Cookies.
Self Destructing Cookies Chrome.




Some items to keep you safe on the internet.


VooDoo Shield. control of what is running on your machine
Qualys BrowserCheck To update plugins.
Web Of Trust To Avoid Shady Websites.
Unchecky To Avoid Bundled Software.
Privazer To Clean up your mahcine.



Now Lets Clean up the tools we used and remove old restore points.



Download DelFix by "Xplode" to your Desktop.
Right Click the tool and Run as Admin ( Xp Users Double Click)
Put a check mark next the items below:


Remove disinfection tools
Create registry backup
Purge System Restore



Now click on "Run" button.
allow the program to complete its work.
all the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txt
 
Status
Not open for further replies.
Top Bottom
Back
Forums
Resources
Menu