• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Laptop cannot detect USB wireless mouse...

Status
Not open for further replies.

Pouhi

PCHF Member
PCHF Member
May 13, 2018
9
2
17
#1
First of all, apologies if this is the wrong thread! Onto the problem...

My laptop has been having many troubles, ever since I started using it; when I first started, it would crash everyday ranging from every 30 seconds to every 2 hours. Which there was no warning for the crashes, either... the computer just did what it wanted. Now, my computer rarely, if ever, does it anymore, which is good; but I still have trouble with this PC. I am a digital artist and I use a mouse; that said, I need my mouse to work. My wireless mouse turns on just fine, but the laptop doesn't seem to want it. I've tried all 3 USB ports, but none of them work. This problem has been going on for a while now; at least a year. Ex. I'd plug the USB into one port, and it would work for about 1-5 minutes; then it would stop, and I'd plug it into another port; the cycle continues. Now it just doesn't work at all.
* I do have "Notify me if there are issues connecting to USB devices" checked, but I do not get any sort of notification, it just refuses the USB altogether.
* My mouse is not that old, so I am certain it isn't at fault.
* This PC is a few years old, but I do not have the money to get a new one, and would have a hard time getting to a shop; so if it's possible, I'd like a D.I.Y solution.
* I take care of this laptop; I don't use it that often anymore, either. It isn't being overused, I keep the fan where it can breathe, etc.

If it helps, my PC is an HP pavillion.
 

Evan Omo

Computer Support Technician
Moderator
Support Team
#2
Hi Pouhi, Welcome to PCHF :)

Before we get started with troubleshooting this issue, we need more information about the PC in question and its hardware. This is a necessary step in diagnostics.

Please go HERE and download the portable version of Speccy. Save it to somewhere you can find, locate the file and as it comes as a Zip file use your favorite unzip application to decompress it. Open the newly created folder and double left click Speccy.exe if you have a 32 bit system or Speccy64.exe if yours is 64bit. If you are not sure what your system is click HERE.



Speccy will open and after a short wait will display a summary of your system specs.
[*]Click on the file menu.
[*]Then click Publish snapshot.



A dialogue box will ask you to confirm, select yes.



Another dialogue box will open
[*]Click Copy to Clipboard.
[*]Then click Close.



Now that your link has been copied please paste it into your next post. It should look something like the example below :)

http://speccy.piriform.com/results/6waAHapcLrZIVPakgxXXXXXXX

BTW: once you have finished with speccy and no longer want it removing it is easy because it is a portable app with no install. Simply delete the downloaded file and folder you created when you decompressed it and it will be gone.
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,797
491
#4
Lets clean up all the old drivers related to your USB devices.


  • Remove All usb connected items from the computer, only leave the mouse and keyboard installed.
  • Download drivecleanup.zip to your desktop.
  • CLICK HERE to determine whether you’re running 32-bit or 64-bit for Windows.
  • Once the determination has been made, open either the 32-bit or 64-bit folder.
  • Right Click the .exe on the inside of the folder, and Run as Administrator.
  • A command prompt window will open, telling you what has been removed upon completion.
  • Reboot your machine.
  • Check the issue.
 

Pouhi

PCHF Member
PCHF Member
May 13, 2018
9
2
17
#5
@Malnutrition
My PC will not let me run drivecleanup; windows protector is preventing me from doing it because it believes it is dangerous since it's "unknown". Can I turn this off, or is there another way?
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,797
491
#7
Lets also get some information from your machine.

MiniToolBox Scan


Please download MINITOOLBOX and run it.

Checkmark following boxes:



Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go post the result.
 

Pouhi

PCHF Member
PCHF Member
May 13, 2018
9
2
17
#8
@Malnutrition
Here are the results.
By the way; I have run the tool (I found the "run anyway" option and chose it) and it said "press any key to close" so I did so, I guess it's done?

MiniToolBox by Farbar Version: 17-06-2016
Ran by ((user)) (administrator) on 13-05-2018 at 21:54:08
Running from "C:\Users\((user))\Downloads"
Microsoft Windows 10 Home (X64)
Model: HP Pavilion 17 Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================
========================= IP Configuration: ================================

Realtek RTL8723BE 802.11 bgn Wi-Fi Adapter = Wi-Fi (Connected)
LogMeIn Hamachi Virtual Ethernet Adapter = Hamachi (Connected)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=25.0.0.1 publish=Yes
set interface interface="Ethernet (Kernel Debugger)" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Hamachi" forwarding=enabled advertise=enabled metric=9000 nud=enabled ignoredefaultroutes=disabled
set subinterface interface=?? subinterface=ethernet_32774 mtu=1404


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DESKTOP-JJEJ0G3
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 38-63-BB-99-3C-D5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Hamachi:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : LogMeIn Hamachi Virtual Ethernet Adapter
Physical Address. . . . . . . . . : 7A-79-19-0B-73-2C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2620:9b::190b:732c(Preferred)
Link-local IPv6 Address . . . . . : fe80::c8b7:76a8:2b17:f46%14(Preferred)
IPv4 Address. . . . . . . . . . . : 25.11.115.44(Preferred)
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Lease Obtained. . . . . . . . . . : Sunday, May 13, 2018 8:53:54 PM
Lease Expires . . . . . . . . . . : Monday, May 13, 2019 8:53:53 PM
Default Gateway . . . . . . . . . : 2620:9b::1900:1
25.0.0.1
DHCP Server . . . . . . . . . . . : 25.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 587354354
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-22-3A-A0-E6-38-63-BB-99-3C-D5
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Local Area Connection* 1:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 76-29-AF-60-9C-E7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8723BE 802.11 bgn Wi-Fi Adapter
Physical Address. . . . . . . . . : 74-29-AF-60-9C-E7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c5de:77ee:c091:331e%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, May 13, 2018 8:59:40 PM
Lease Expires . . . . . . . . . . : Monday, May 14, 2018 8:59:40 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 125053359
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-22-3A-A0-E6-38-63-BB-99-3C-D5
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 74-29-AF-60-9C-E8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:88e:3890:3f57:fef9(Preferred)
Link-local IPv6 Address . . . . . : fe80::88e:3890:3f57:fef9%3(Preferred)
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 50331648
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-22-3A-A0-E6-38-63-BB-99-3C-D5
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4002:c00::66
74.125.136.100
74.125.136.101
74.125.136.113
74.125.136.138
74.125.136.102
74.125.136.139


Pinging google.com [74.125.136.139] with 32 bytes of data:
Reply from 74.125.136.139: bytes=32 time=30ms TTL=44
Reply from 74.125.136.139: bytes=32 time=28ms TTL=44

Ping statistics for 74.125.136.139:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 28ms, Maximum = 30ms, Average = 29ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 2001:4998:44:41d::4
2001:4998:c:1023::4
2001:4998:c:1023::5
2001:4998:44:41d::3
2001:4998:58:1836::11
2001:4998:58:1836::10
72.30.35.9
98.137.246.7
98.138.219.231
98.137.246.8
72.30.35.10
98.138.219.232


Pinging yahoo.com [98.138.219.231] with 32 bytes of data:
Reply from 98.138.219.231: bytes=32 time=35ms TTL=53
Reply from 98.138.219.231: bytes=32 time=35ms TTL=53

Ping statistics for 98.138.219.231:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 35ms, Maximum = 35ms, Average = 35ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...38 63 bb 99 3c d5 ......Realtek PCIe FE Family Controller
14...7a 79 19 0b 73 2c ......LogMeIn Hamachi Virtual Ethernet Adapter
4...76 29 af 60 9c e7 ......Microsoft Wi-Fi Direct Virtual Adapter
15...74 29 af 60 9c e7 ......Realtek RTL8723BE 802.11 bgn Wi-Fi Adapter
11...74 29 af 60 9c e8 ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
3...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 25.0.0.1 25.11.115.44 9256
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.6 55
25.0.0.0 255.0.0.0 On-link 25.11.115.44 9256
25.11.115.44 255.255.255.255 On-link 25.11.115.44 9256
25.255.255.255 255.255.255.255 On-link 25.11.115.44 9256
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.1.0 255.255.255.0 On-link 192.168.1.6 311
192.168.1.6 255.255.255.255 On-link 192.168.1.6 311
192.168.1.255 255.255.255.255 On-link 192.168.1.6 311
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.1.6 311
224.0.0.0 240.0.0.0 On-link 25.11.115.44 9256
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.1.6 311
255.255.255.255 255.255.255.255 On-link 25.11.115.44 9256
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 25.0.0.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 9015 ::/0 2620:9b::1900:1
1 331 ::1/128 On-link
3 331 2001::/32 On-link
3 331 2001:0:4137:9e76:88e:3890:3f57:fef9/128
On-link
14 271 2620:9b::/96 On-link
14 271 2620:9b::190b:732c/128 On-link
15 311 fe80::/64 On-link
14 271 fe80::/64 On-link
3 331 fe80::/64 On-link
3 331 fe80::88e:3890:3f57:fef9/128
On-link
15 311 fe80::c5de:77ee:c091:331e/128
On-link
14 271 fe80::c8b7:76a8:2b17:f46/128
On-link
1 331 ff00::/8 On-link
15 311 ff00::/8 On-link
14 271 ff00::/8 On-link
3 331 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 2620:9b::/96 On-link
0 9000 ::/0 2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [63488] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31232] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/13/2018 08:56:06 PM) (Source: Application Hang) (User: )
Description: The program svchost.exe version 10.0.16299.15 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 808

Start Time: 01d3eb187a0b5485

Termination Time: 4294967295

Application Path: C:\Windows\System32\svchost.exe

Report Id: c60fe2c4-8356-4358-b7f7-10d86723debe

Faulting package full name:

Faulting package-relative application ID:

Error: (05/13/2018 04:21:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-JJEJ0G3)
Description: Package Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.

Error: (05/12/2018 01:55:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: Amorous.Game.Windows.exe, version: 1.0.0.0, time stamp: 0x598e2908
Faulting module name: KERNELBASE.dll, version: 10.0.16299.309, time stamp: 0x90a96867
Exception code: 0xe0434352
Fault offset: 0x0000000000014008
Faulting process id: 0x2df4
Faulting application start time: 0xAmorous.Game.Windows.exe0
Faulting application path: Amorous.Game.Windows.exe1
Faulting module path: Amorous.Game.Windows.exe2
Report Id: Amorous.Game.Windows.exe3
Faulting package full name: Amorous.Game.Windows.exe4
Faulting package-relative application ID: Amorous.Game.Windows.exe5

Error: (05/12/2018 01:55:03 PM) (Source: .NET Runtime) (User: )
Description: Application: Amorous.Game.Windows.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.File.InternalMove(System.String, System.String, Boolean)
at _ncuQN7vlGGMI3XlJyylqqdQWNsE._IVChWZG8edanuDgQF6kfBDGIClE()
at _CVV3pgaKyVmFVuTvEAEvgeRsi1G._i3CI6BpAmlbbbIfIL2AUoj7BYdnb()

Error: (05/12/2018 01:54:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-JJEJ0G3)
Description: Package Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.

Error: (05/10/2018 03:57:01 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (05/10/2018 03:37:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-JJEJ0G3)
Description: Package Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe+Microsoft.ZuneVideo was terminated because it took too long to suspend.

Error: (05/10/2018 02:57:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-JJEJ0G3)
Description: Package Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.

Error: (04/01/2018 05:28:47 AM) (Source: Application Hang) (User: )
Description: The program Steam.exe version 4.43.41.43 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 27e0

Start Time: 01d3c9736e0498d4

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Steam\Steam.exe

Report Id: 996b0612-8de6-4879-bcd6-aaa54ca19a14

Faulting package full name:

Faulting package-relative application ID:

Error: (03/22/2018 07:13:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-JJEJ0G3)
Description: Package Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.


System errors:
=============
Error: (05/13/2018 09:10:23 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/13/2018 08:59:41 PM) (Source: DCOM) (User: DESKTOP-JJEJ0G3)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}DESKTOP-JJEJ0G3Tao HarlessS-1-5-21-4273935202-3176793472-1427593408-1001LocalHost (Using LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (05/13/2018 08:59:15 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service hung on starting.

Error: (05/13/2018 08:59:14 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/13/2018 08:59:14 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/13/2018 08:59:14 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/13/2018 08:59:14 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/13/2018 08:59:14 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/13/2018 08:59:14 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/13/2018 08:59:14 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable


Microsoft Office Sessions:
=========================
Error: (05/13/2018 08:56:06 PM) (Source: Application Hang)(User: )
Description: svchost.exe10.0.16299.1580801d3eb187a0b54854294967295C:\Windows\System32\svchost.exec60fe2c4-8356-4358-b7f7-10d86723debe

Error: (05/13/2018 04:21:43 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-JJEJ0G3)
Description: Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe+App

Error: (05/12/2018 01:55:04 PM) (Source: Application Error)(User: )
Description: Amorous.Game.Windows.exe1.0.0.0598e2908KERNELBASE.dll10.0.16299.30990a96867e043435200000000000140082df401d3ea22bb8765faC:\Users\((user))\Desktop\amorous-windows\Amorous.Game.Windows.exeC:\WINDOWS\System32\KERNELBASE.dll1e351f63-a6fc-4805-9fe3-134d43c056d6

Error: (05/12/2018 01:55:03 PM) (Source: .NET Runtime)(User: )
Description: Application: Amorous.Game.Windows.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.File.InternalMove(System.String, System.String, Boolean)
at _ncuQN7vlGGMI3XlJyylqqdQWNsE._IVChWZG8edanuDgQF6kfBDGIClE()
at _CVV3pgaKyVmFVuTvEAEvgeRsi1G._i3CI6BpAmlbbbIfIL2AUoj7BYdnb()

Error: (05/12/2018 01:54:49 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-JJEJ0G3)
Description: Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe+App

Error: (05/10/2018 03:57:01 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (05/10/2018 03:37:44 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-JJEJ0G3)
Description: Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe+Microsoft.ZuneVideo

Error: (05/10/2018 02:57:55 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-JJEJ0G3)
Description: Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe+App

Error: (04/01/2018 05:28:47 AM) (Source: Application Hang)(User: )
Description: Steam.exe4.43.41.4327e001d3c9736e0498d44294967295C:\Program Files (x86)\Steam\Steam.exe996b0612-8de6-4879-bcd6-aaa54ca19a14

Error: (03/22/2018 07:13:25 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-JJEJ0G3)
Description: Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe+App


CodeIntegrity Errors:
===================================
Date: 2018-04-01 06:26:56.913
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-04-01 04:15:09.891
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-04-01 03:37:01.682
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-04-01 00:19:44.946
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-23 00:37:33.660
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-21 22:30:07.703
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-21 07:15:51.339
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-20 19:19:04.396
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-19 18:57:06.650
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-18 20:59:17.082
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 7364.91 MB
Available physical RAM: 3985.02 MB
Total Virtual: 11076.91 MB
Available Virtual: 6468.67 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:676.23 GB) (Free:520.14 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:20.42 GB) (Free:2 GB) NTFS

========================= Users: ========================================

User accounts for \\DESKTOP-JJEJ0G3

Administrator DefaultAccount Guest
Tao Harless WDAGUtilityAccount


**** End of log ****
 
Last edited:

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,797
491
#10
You can also use this tool.

devicecleanup.zip

Download it save to your desktop.
Right Click Run as Admin.
Select Devices
Then Select All.
Then Select
Then Right click on all highlighted devices.
Then select remove Device.
Make sure all items are deleted.
If not, then repeat and then reboot the machine.
 

Pouhi

PCHF Member
PCHF Member
May 13, 2018
9
2
17
#12
@Malnutrition
I edited my last post with a few notes at the top, but I'll post here too; I managed to run the other tool you suggested (minitoolbox) and a prompt did come up, but it didn't list any deleted programs, if that's normal. All it said was "press any key to close" which I did. If devicecleanup is seperate I can do a run with that as well.
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,797
491
#13
If devicecleanup is seperate I can do a run with that as well.
Yes this is a different tool, please run this then reboot your machine and let me know the outcome. :)


You can also use this tool.

devicecleanup.zip

Download it save to your desktop.
Right Click Run as Admin.
Select Devices
Then Select All.
Then Select
Then Right click on all highlighted devices.
Then select remove Device.
Make sure all items are deleted.
If not, then repeat and then reboot the machine.
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,797
491
#15
Odd you are having this issue.

Error: (05/13/2018 08:56:06 PM) (Source: Application Hang) (User: )
Description: The program svchost.exe version 10.0.16299.15 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Can you run this tool for me please.

  • Please download AdwCleaner and save it on your desktop.
  • Close all open programs and browsers
  • Double click on AdwCleaner.exe, click Run, then select I agree if it appears
  • Click Scan
  • Once the scan has completed if there are threats found you will see Found 3 threats or something similar above the progress bar
  • Click on Clean
  • Confirm the cleaning and rebooting of your computer by clicking OK
  • Click OK twice to finish the removal process by automatically rebooting your computer
  • Once completed an AdwCleaner document will open on your desktop
  • Copy and paste the contents in your reply
 

Pouhi

PCHF Member
PCHF Member
May 13, 2018
9
2
17
#16
@Malnutrition @Evan Omo
I tried the USB after all the instructed scans, and it worked for a little bit (about 3-5 seconds); and it stopped working again. Getting there... (I removed the USB info again and rebooted after the retry)
Here is what I got from the AdwCleaner.

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-05-11.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-13-2018
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 6
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Ask
Deleted http://astromenda.com/?f=7&a=ast_ki...C0FtBtDyByBtC0AtC2Q&cr=956427308&uref=308&ir=
Deleted http://astromenda.com/?f=7&a=ast_ki...tGyBtCzz0C0FtBtDyByBtC0AtC2Q&cr=956427308&ir=
Deleted http://www.v9.com/?type=hp&ts=14133...9YG142_W047DPQMXXXXW047DPQM&i=psd&t=34a68fd61
Deleted http://taplika.com/?f=7&a=tpl_insta...GyByDtCyCyB0Ezy0A0D0EtB0D2Q&cr=1481137156&ir=
Deleted AOL

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,797
491
#17
Ok, seems that some trash was removed.

Lets dig a little deeper.

ZHP Scan.

Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.






2. Once you have started the program, you will need to click the scanner button.





The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.




At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

Clean up temp files and reduce startup load with CCleaner.


Note: This tool will clean your browsing history as well.

  • Download CCleaner from here.
  • After install Click Options.
  • Go to monitoring.
  • Uncheck All Monitoring items.
  • Go to advanced -- Click close program after cleaning.
  • Go to settings -- click run ccleaner when the computer starts.
  • Now that you have ccleaner installed and set-up:
  • Open the program.
  • Go to Tools
  • Go to Startup
  • Now double click each item. To Disable.
  • Leave only your antivirus enabled.
  • Then disable All items in your scheduled task as well.
  • Unless they are related to windows defender.Or your antivirus.
  • Reboot the machine.


Rogue Killer Scan.

Download RogueKiller -- (Portable) -- from one of the following links and save it to your Desktop:

Link 1
Link 2


  • Close all other the running programs
  • Disable ALL Antivirus -- Antimalware -- Applications.
  • Right Click Rogue Killer and Run as Administrator.
  • Click the Start Scan button.
  • Allow the scan to run -- it can take ten minutes or more.
  • Once the scan is complete check All items for removal.


  • After All items are checked then press Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on open report -- then open txt
  • Copy the content of the report and paste it here in your next reply.



ZHP Diag Scan


Download ZHP Diag to your desktop.


1. Right Click Run as Admin.

2. Click the Options button.

Click on Check All
Then Click Validate
Then click close.








2. Click the Scanner button.






When complete please push the report button.
A notepad will open... copy and paste the report in your next reply.
 

Pouhi

PCHF Member
PCHF Member
May 13, 2018
9
2
17
#18
@Malnutrition This will be a big post because of all the logs involved. x_x
Zhp scan: here's the log.
* note: there were 4 items removed, but I didn't get a report on them. Sorry.


~ ZHPCleaner v2018.5.10.103 by Nicolas Coolman (2018/05/10)
~ Run by ((user)) (Administrator) (13/05/2018 23:10:53)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scan
~ Report : C:\Users\((user))\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\((user))\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 16299)

---\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found. (ADS)

---\ Services (0)
~ No malicious or unnecessary items found. (Service)

---\ Browser internet (0)
~ No malicious or unnecessary items found. (Browser)

---\ Hosts file (1)
~ The hosts file is legitimate (21)

---\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found. (Task)

---\ Explorer ( File, Folder) (0)
~ No malicious or unnecessary items found. (Explorer)

---\ Registry ( Key, Value, Data) (0)
~ No malicious or unnecessary items found. (Register)

---\ Result of repair
~ Any repair made
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)

---\ Statistics
~ Items scanned : 84810
~ Items found : 0
~ Items cancelled : 0
~ Items options : 0/7
~ Space saving (bytes) : 0
~ End of search in 00h08mn07s

---\ Reports (4)
ZHPCleaner-[R]-13052018-23_00_39.txt
ZHPCleaner-[ S]-13052018-22_58_45.txt
ZHPCleaner-[ S]-13052018-23_08_47.txt
ZHPCleaner-[ S]-13052018-23_19_00.txt


RogueKiller: it seems to have found nothing during its scan. Possibly a good thing?

RogueKiller V12.12.16.0 (x64) [May 4 2018] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.16299) 64 bits version
Started in : Normal mode
User : ((user)) [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 05/13/2018 23:46:37 (Duration : 00:50:40)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: HGST HTS541075A9E680 +++++
--- User ---
[MBR] 6d10d50fd41ccac7b0ab474c969513fa
[BSP] 613fe8b19f3b1d12fa556a0b47944ac7 : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 650 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1333248 | Size: 260 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1865728 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2127872 | Size: 692459 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1420285952 | Size: 985 MB
5 - [SYSTEM] Basic data partition | Offset (sectors): 1422303232 | Size: 20915 MB
User = LL1 ... OK
User = LL2 ... OK


ZHPdiag: "Verify" was not an option for my checkbox, so I ran it without. Hope that was OK. Also I didn't repair as I wasn't instructed to; if
I need to I can redo it.

~ ZHPDiag v2018.5.14.107 By Nicolas Coolman (2018/05/14)
~ Run by ((user)) (Administrator) (2018/05/14 11:35:05)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Certificate ZHPDiag: Legal
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\((user))\Desktop\ZHPDiag.txt
~ Report: C:\Users\((user))\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Home, 64-bit (Build 16299) =>.Microsoft Corporation

---\ Internet Browsers (3) - 1s
~ GCIE: Google Chrome v66.0.3359.170
~ MSIE: Microsoft Edge v40
~ MSIE: Internet Explorer v11.431.16299.0

---\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Automatic Updates : OK

---\ System protection software (2) - 1s
Avast Free Antivirus v18.4.2338 (Protection)
Windows Defender W10 (Deactivate)

---\ ANTI-MALWARE SOFTWARE (1) - 1s
~ RogueKiller version 12.12.16.0 v12.12.16.0 (Anti-Malware)

---\ System optimization software (1) - 1s
~ CCleaner v5.42 (Optimisation)

---\ Informations on the system (6) - 0s
~ Operating System: AMD64 Family 21 Model 19 Stepping 1, AuthenticAMD
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 7541.672 MB (58% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 532 GB (76%) free of 692 GB : OK =>.Disk Space

---\ Connection to the system mode (3) - 0s
~ Computer Name: DESKTOP-JJEJ0G3
~ User Name: ((user))
~ Logged in as Administrator

---\ Enumeration of the disk units (2) - 0s
~ Drive C: has 532 GB free of 692 GB (System)
~ Drive D: has 2 GB free of 20 GB

---\ State of the Windows Security Center (7) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\ Search Generic System Files (24) - 1s
[MD5.28A9316147DF6223D0AB7774706B55EC] - 15/04/2018 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [3904296] =>.Microsoft Windows®
[MD5.731A783A36A8E69A6434D19D98B12A09] - 29/09/2017 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [71168] =>.Microsoft Corporation
[MD5.BF3E1D9B2360C6BE4CC3094CD2DDC617] - 29/09/2017 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [359584] =>.Microsoft Corporation
[MD5.81181CC5523E9501B8797333BB32FD84] - 03/05/2018 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [3334144] =>.Microsoft Corporation
[MD5.C67E7F605A830AA96A204ECCDC678FBC] - 29/03/2018 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [716288] =>.Microsoft Corporation
[MD5.4D487E7D2B047FB929BE00117C09F9EC] - 29/09/2017 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [414720] =>.Microsoft Corporation
[MD5.51A5224C9B00B1F31C016B4B29F3DFB7] - 13/03/2018 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [739696] =>.Microsoft Windows®
[MD5.CCF0DECFEB3D31F4CB733B39EFDFBAB3] - 13/03/2018 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [597160] =>.Microsoft Windows®
[MD5.9619C0D7DB55CC3A636A24A7D82B0C8E] - 29/03/2018 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [614304] =>.Microsoft Corporation
[MD5.6191B9B2EE0E8CB957C683B9B341CC86] - 29/09/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28568] =>.Microsoft Corporation
[MD5.9E82A95D77AC78C84BA75FF896B060BF] - 29/09/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [93184] =>.Microsoft Corporation
[MD5.6D83565C1652E80447EDEA6947FA89D7] - 29/09/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [159744] =>.Microsoft Corporation
[MD5.FAEC08F583CAD06D4F057DBB733A03A1] - 29/03/2018 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [151040] =>.Microsoft Corporation
[MD5.99A34FD1F6431A10D8C3BB50E170D0F2] - 29/09/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [86016] =>.Microsoft Corporation
[MD5.56FF074E50F9042FD2856AB3418F4B18] - 29/09/2017 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [105984] =>.Microsoft Corporation
[MD5.7BEC2AF23F586EFF0DB4DBF4331B0C70] - 29/09/2017 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [214016] =>.Microsoft Corporation
[MD5.71729B1EE949E1B092CB5CB75CC63715] - 10/02/2018 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [494488] =>.Microsoft Corporation
[MD5.2A56FA2634A9650EF4ED5DFE976397BA] - 15/04/2018 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [316928] =>.Microsoft Corporation
[MD5.BEE4FDB8DE2C90728D93393E4A3B88C2] - 03/05/2018 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2395040] =>.Microsoft Corporation
[MD5.2E07EC2C1622F5E7B535D62DCD61F3AB] - 29/09/2017 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [98816] =>.Microsoft Corporation
[MD5.E0220BB6580D34001D4D1D133052DAA4] - 29/09/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [106496] =>.Microsoft Corporation
[MD5.39886C19FB466BBF8AEC31E3E77C034C] - 29/03/2018 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [182784] =>.Microsoft Corporation
[MD5.09125A12CAB5F8D5EAE9C83C25792FDD] - 29/03/2018 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [121248] =>.Microsoft Corporation
[MD5.5B27846CF4B1C21AFB3A35A8336BA02F] - 07/12/2017 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [401304] =>.Microsoft Corporation

---\ Non Microsoft non disabled Windows Services (8) - 2s
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\WINDOWS\System32\atiesrxx.exe =>.AMD
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - Avast Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) . (.LogMeIn Inc. - Hamachi Client Tunneling Engine.) - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe =>.LogMeIn, Inc.®
O23 - Service: LMIGuardianSvc (LMIGuardianSvc) . (.LogMeIn, Inc. - LMIGuardianSvc.) - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe =>.LogMeIn, Inc.®
O23 - Service: Origin Web Helper Service (Origin Web Helper Service) . (.Electronic Arts - OriginWebHelperService.) - C:\Program Files (x86)\Origin\OriginWebHelperService.exe =>.Electronic Arts, Inc.®
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp®
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®

---\ Services not Microsoft (SR=Run, SS=Stop) (12) - 9s
SR - Auto [08/10/2015] [ 264224] (AMD External Events Utility) . (.AMD.) - C:\WINDOWS\System32\atiesrxx.exe =>.Microsoft Windows Hardware Compatibility Publisher®
SR - Demand [13/05/2018] [ 7620096] aswbIDSAgent (aswbIDSAgent) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe =>.AVAST Software s.r.o.®
SR - Auto [13/05/2018] [ 317280] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
SS - Auto [14/03/2018] [ 153168] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [14/03/2018] [ 153168] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SR - Auto [29/06/2017] [ 3418024] LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe =>.LogMeIn, Inc.®
SR - Auto [27/05/2016] [ 419248] LMIGuardianSvc (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe =>.LogMeIn, Inc.®
SS - Demand [19/03/2018] [ 2158912] Origin Client Service (Origin Client Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginClientService.exe =>.Electronic Arts, Inc.®
SS - Auto [19/03/2018] [ 3028808] Origin Web Helper Service (Origin Web Helper Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginWebHelperService.exe =>.Electronic Arts, Inc.®
SR - Auto [08/01/2014] [ 290520] Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp®
SS - Demand [26/03/2018] [ 1671968] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve®
SR - Auto [18/08/2017] [ 278616] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®

---\ Task Planned Automatically (Register) (12) - 4s
O38 - TASK: {0BD10C14-2279-407A-84B5-34F44D5BCB7C} [64Bits][\CCleanerSkipUAC] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [13619968] =>.Piriform Ltd
O38 - TASK: {487DF9B7-2695-44BD-B52B-536D9C8735CD} [64Bits][\Avast Emergency Update] - (.AVAST Software - Avast Emergency Update.) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2650328] =>.AVAST Software
O38 - TASK: {4EE950D7-F841-4ACE-8AC4-1B930944E485} [64Bits][\CCleaner Update] - (.Piriform Ltd - CCleaner emergency updater.) -- C:\Program Files\CCleaner\CCUpdate.exe [520736] =>.Piriform Ltd
O38 - TASK: {7306C55B-AD16-44B0-8610-F2B5A2D7A974} [64Bits][\Avast Software\Overseer] - (.AVAST Software - Avast Overseer.) -- C:\Program Files\AVAST Software\Avast\setup\overseer.exe [1869008] =>.AVAST Software
O38 - TASK: {95195E4C-9E64-45EE-B61D-4EEEE4EDDFD0} [64Bits][\GoogleUpdateTaskMachineCore] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168] =>.Google Inc.
O38 - TASK: {B54C7575-0A7A-44FB-8551-B2CF69DD48FF} [64Bits][\GoogleUpdateTaskMachineUA] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168] =>.Google Inc.
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [$(Arg0)] =>.Piriform Ltd
C:\WINDOWS\System32\Tasks\Avast Emergency Update - (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [] =>.AVAST Software
C:\WINDOWS\System32\Tasks\CCleaner Update - (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCUpdate.exe [] =>.Piriform Ltd
C:\WINDOWS\System32\Tasks\Avast Software\Overseer - (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\setup\overseer.exe [] =>.AVAST Software
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [/c] =>.Google Inc.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [/ua] =>.Google Inc.

---\ Auto loading programs from Registry and folders (16) - 3s
O4 - HKLM\..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Defender notification icon.) -- C:\Program Files\Windows Defender\MSASCuiL.exe =>.Microsoft Windows®
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - AvLaunch component.) -- C:\Program Files\AVAST Software\Avast\AvLaunch.exe =>.AVAST Software s.r.o.®
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\((user))\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - HKCU\..\Run: [Discord] . (.Discord Inc. - Discord.) -- C:\Users\((user))\AppData\Local\Discord\app-0.0.301\Discord.exe =>.Discord Inc.®
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - HKCU\..\Run: [CCleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe =>.LogMeIn, Inc.®
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-21-4273935202-3176793472-1427593408-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\((user))\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-4273935202-3176793472-1427593408-1001\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - HKUS\S-1-5-21-4273935202-3176793472-1427593408-1001\..\Run: [Discord] . (.Discord Inc. - Discord.) -- C:\Users\((user))\AppData\Local\Discord\app-0.0.301\Discord.exe =>.Discord Inc.®
O4 - HKUS\S-1-5-21-4273935202-3176793472-1427593408-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - HKUS\S-1-5-21-4273935202-3176793472-1427593408-1001\..\Run: [CCleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®

---\ Process running (21) - 5s
[MD5.23D869881D465D75D28F05911B73B573] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [264224] [PID.1732] =>.AMD
[MD5.6878AA087110223C0089FE8A69D459E2] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [692256] [PID.1844] =>.AMD
[MD5.F1D20C2B36F78863530B251DF504CC51] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520] [PID.2168] =>.Realtek Semiconductor Corp®
[MD5.0F5B142D4CF1E742B37690AF07D14A8D] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544] [PID.2196] =>.Realtek Semiconductor Corp®
[MD5.0F5B142D4CF1E742B37690AF07D14A8D] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544] [PID.2216] =>.Realtek Semiconductor Corp®
[MD5.0554F3B69D39D175DD110D765C11347A] - (.LogMeIn, Inc. - LMIGuardianSvc.) -- C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248] [PID.3184] =>.LogMeIn, Inc.®
[MD5.91AF2EF13E4F1A555F16C49F50BF8746] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616] [PID.3236] =>.Synaptics Incorporated®
[MD5.779D28A8A2DAAED18575E70AE8EB95C3] - (.LogMeIn Inc. - Hamachi Client Tunneling Engine.) -- C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024] [PID.3412] =>.LogMeIn, Inc.®
[MD5.AEBC1AFA26110E24B324B10FFD7D99D7] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4397144] [PID.4488] =>.Synaptics Incorporated®
[MD5.0486C5A48DB97E46E7E4BE47BA302A3A] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [228960] [PID.4396] =>.Synaptics Incorporated®
[MD5.D5D8FFDE7F1204FB816EA2677606C215] - (.AVAST Software - Avast Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [12007128] [PID.7076] =>.AVAST Software s.r.o.®
[MD5.443D39F346EA1BD3B8522D7C8A0A8800] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.7104] =>.Google Inc®
[MD5.443D39F346EA1BD3B8522D7C8A0A8800] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.7164] =>.Google Inc®
[MD5.443D39F346EA1BD3B8522D7C8A0A8800] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.6584] =>.Google Inc®
[MD5.443D39F346EA1BD3B8522D7C8A0A8800] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.6828] =>.Google Inc®
[MD5.443D39F346EA1BD3B8522D7C8A0A8800] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.5320] =>.Google Inc®
[MD5.605CCC9CE1839BC5583017DF7CAE27A6] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168] [PID.4344] =>.Google Inc®
[MD5.E81B06A07919E9663DB9AE7FB37B9721] - (...) -- C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe [478720] [PID.2992] =>.Microsoft Corporation
[MD5.F8127F4DD22960352C3D65DE26D2542D] - (...) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe [86528] [PID.9136] =>.Skype Technologies
[MD5.443D39F346EA1BD3B8522D7C8A0A8800] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.9284] =>.Google Inc®
[MD5.6EA3E882449F0DCA78D84619557E9669] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\((user))\AppData\Roaming\ZHP\ZHPDiag3.exe [3097984] [PID.1532] =>.Nicolas Coolman

---\ Google Chrome, Start,Search,Extensions (12) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://cdn.materialdesignicons.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://fonts.googleapis.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://go.nordvpn.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://maxcdn.bootstrapcdn.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://media.go2speed.org
G0 - GCSP: Preferences [User Data\Default][HomePage] http://pchelpforum.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://pchf2-jew4efcjsvzg0rz43cny.stackpathdns.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.googletagmanager.com
G2 - GCE: Preference [((user))][User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
G2 - GCE: Preference [((user))][User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.

---\ Internet Explorer Extensions, Start, Search (15) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (11.00.16299.371 (WinBuild.160101.0800)) -- C:\Windows\System32\ieframe.dll =>.Microsoft Corporation

---\ INTERNET EXPLORER, trusted site and sensitive site (1) - 0s
~ Microsoft Internet Explorer Restricted Site(s) Domains: 0(Good) / 0(Bad)

---\ Internet Explorer, Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 =>.Default.Value
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft

---\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

---\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\ Global shortcuts Startup (115) - 14s
O4 - GS\Desktop [Administrator]: blender.lnk . (.Blender Foundation - .) C:\Program Files (x86)\Blender Foundation\Blender\blender.exe =>.Blender Foundation
O4 - GS\Desktop [Administrator]: Cheat Engine.lnk . (...) C:\Program Files (x86)\Cheat Engine 6.7\Cheat Engine.exe =>.Cheat Engine®
O4 - GS\Desktop [Administrator]: Discord.lnk . (.GitHub - Update.) C:\Users\((user))\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\Desktop [Administrator]: IMVU.lnk . (...) C:\Users\((user))\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe =>.IMVU®
O4 - GS\Desktop [Administrator]: osu!.lnk . (.ppy - osu!.) C:\Users\((user))\AppData\Local\osu!\osu!.exe =>.Dean Herbert®
O4 - GS\Desktop [Administrator]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\((user))\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\((user))\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: Amorous.Game.lnk . (...) C:\Users\((user))\Desktop\amorous-windows\Amorous.Game.Windows.exe
O4 - GS\TaskBar [Administrator]: Cube World.lnk . (...) C:\Program Files (x86)\Cube World\CubeLauncher.exe
O4 - GS\TaskBar [Administrator]: Discord.lnk . (.GitHub - Update.) C:\Users\((user))\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Administrator]: MediBang Paint Pro.lnk . (...) C:\Program Files\Medibang\MediBang Paint Pro\MediBangPaintPro.exe {71657EDE0A4C9D0B006628E01E776FC8}
O4 - GS\TaskBar [Administrator]: Minecraft.lnk . (.Mojang - Minecraft launcher.) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe =>.Mojang AB®
O4 - GS\TaskBar [Administrator]: osu!.lnk . (.ppy - osu!.) C:\Users\((user))\AppData\Local\osu!\osu!.exe =>.Dean Herbert®
O4 - GS\TaskBar [Administrator]: Star Stable Online.lnk . (.Flexera Software LLC - InstallShield.) C:\WINDOWS\Installer\{8CD50415-04B7-459E-8CBD-DA96A9CDF98E}\StarStableOnlinePr_A836D210CAFA42B7A7BAFE2D4CBFFAD4.exe =>.Flexera Software LLC
O4 - GS\TaskBar [Administrator]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\Startup [Administrator]: IMVU.lnk . (...) C:\Users\((user))\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe '--startup' =>.IMVU®
O4 - GS\Programs [Administrator]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\((user))\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrator]: osu!.lnk . (.ppy - osu!.) C:\Users\((user))\AppData\Local\osu!\osu!.exe =>.Dean Herbert®
O4 - GS\Desktop [Guest]: blender.lnk . (.Blender Foundation - .) C:\Program Files (x86)\Blender Foundation\Blender\blender.exe =>.Blender Foundation
O4 - GS\Desktop [Guest]: Cheat Engine.lnk . (...) C:\Program Files (x86)\Cheat Engine 6.7\Cheat Engine.exe =>.Cheat Engine®
O4 - GS\Desktop [Guest]: Discord.lnk . (.GitHub - Update.) C:\Users\((user))\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\Desktop [Guest]: IMVU.lnk . (...) C:\Users\((user))\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe =>.IMVU®
O4 - GS\Desktop [Guest]: osu!.lnk . (.ppy - osu!.) C:\Users\((user))\AppData\Local\osu!\osu!.exe =>.Dean Herbert®
O4 - GS\Desktop [Guest]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\((user))\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\((user))\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: Amorous.Game.lnk . (...) C:\Users\((user))\Desktop\amorous-windows\Amorous.Game.Windows.exe
O4 - GS\TaskBar [Guest]: Cube World.lnk . (...) C:\Program Files (x86)\Cube World\CubeLauncher.exe
O4 - GS\TaskBar [Guest]: Discord.lnk . (.GitHub - Update.) C:\Users\((user))\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Guest]: MediBang Paint Pro.lnk . (...) C:\Program Files\Medibang\MediBang Paint Pro\MediBangPaintPro.exe {71657EDE0A4C9D0B006628E01E776FC8}
O4 - GS\TaskBar [Guest]: Minecraft.lnk . (.Mojang - Minecraft launcher.) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe =>.Mojang AB®
O4 - GS\TaskBar [Guest]: osu!.lnk . (.ppy - osu!.) C:\Users\((user))\AppData\Local\osu!\osu!.exe =>.Dean Herbert®
O4 - GS\TaskBar [Guest]: Star Stable Online.lnk . (.Flexera Software LLC - InstallShield.) C:\WINDOWS\Installer\{8CD50415-04B7-459E-8CBD-DA96A9CDF98E}\StarStableOnlinePr_A836D210CAFA42B7A7BAFE2D4CBFFAD4.exe =>.Flexera Software LLC
O4 - GS\TaskBar [Guest]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\Startup [Guest]: IMVU.lnk . (...) C:\Users\((user))\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe '--startup' =>.IMVU®
O4 - GS\Programs [Guest]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\((user))\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Guest]: osu!.lnk . (.ppy - osu!.) C:\Users\((user))\AppData\Local\osu!\osu!.exe =>.Dean Herbert®
O4 - GS\Desktop [((user))]: blender.lnk . (.Blender Foundation - .) C:\Program Files (x86)\Blender Foundation\Blender\blender.exe =>.Blender Foundation
O4 - GS\Desktop [((user))]: Cheat Engine.lnk . (...) C:\Program Files (x86)\Cheat Engine 6.7\Cheat Engine.exe =>.Cheat Engine®
O4 - GS\Desktop [((user))]: Discord.lnk . (.GitHub - Update.) C:\Users\((user))\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\Desktop [((user))]: IMVU.lnk . (...) C:\Users\((user))\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe =>.IMVU®
O4 - GS\Desktop [((user))]: osu!.lnk . (.ppy - osu!.) C:\Users\((user))\AppData\Local\osu!\osu!.exe =>.Dean Herbert®
O4 - GS\Desktop [((user))]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\((user))\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [((user))]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\((user))\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [((user))]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [((user))]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [((user))]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [((user))]: Amorous.Game.lnk . (...) C:\Users\((user))\Desktop\amorous-windows\Amorous.Game.Windows.exe
O4 - GS\TaskBar [((user))]: Cube World.lnk . (...) C:\Program Files (x86)\Cube World\CubeLauncher.exe
O4 - GS\TaskBar [((user))]: Discord.lnk . (.GitHub - Update.) C:\Users\((user))\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\TaskBar [((user))]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [((user))]: MediBang Paint Pro.lnk . (...) C:\Program Files\Medibang\MediBang Paint Pro\MediBangPaintPro.exe {71657EDE0A4C9D0B006628E01E776FC8}
O4 - GS\TaskBar [((user))]: Minecraft.lnk . (.Mojang - Minecraft launcher.) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe =>.Mojang AB®
O4 - GS\TaskBar [((user))]: osu!.lnk . (.ppy - osu!.) C:\Users\((user))\AppData\Local\osu!\osu!.exe =>.Dean Herbert®
O4 - GS\TaskBar [((user))]: Star Stable Online.lnk . (.Flexera Software LLC - InstallShield.) C:\WINDOWS\Installer\{8CD50415-04B7-459E-8CBD-DA96A9CDF98E}\StarStableOnlinePr_A836D210CAFA42B7A7BAFE2D4CBFFAD4.exe =>.Flexera Software LLC
O4 - GS\TaskBar [((user))]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\Startup [((user))]: IMVU.lnk . (...) C:\Users\((user))\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe '--startup' =>.IMVU®
O4 - GS\Programs [((user))]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\((user))\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [((user))]: osu!.lnk . (.ppy - osu!.) C:\Users\((user))\AppData\Local\osu!\osu!.exe =>.Dean Herbert®
O4 - GS\Desktop [WDAGUtilityAccount]: blender.lnk . (.Blender Foundation - .) C:\Program Files (x86)\Blender Foundation\Blender\blender.exe =>.Blender Foundation
O4 - GS\Desktop [WDAGUtilityAccount]: Cheat Engine.lnk . (...) C:\Program Files (x86)\Cheat Engine 6.7\Cheat Engine.exe =>.Cheat Engine®
O4 - GS\Desktop [WDAGUtilityAccount]: Discord.lnk . (.GitHub - Update.) C:\Users\((user))\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\Desktop [WDAGUtilityAccount]: IMVU.lnk . (...) C:\Users\((user))\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe =>.IMVU®
O4 - GS\Desktop [WDAGUtilityAccount]: osu!.lnk . (.ppy - osu!.) C:\Users\((user))\AppData\Local\osu!\osu!.exe =>.Dean Herbert®
O4 - GS\Desktop [WDAGUtilityAccount]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\((user))\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [WDAGUtilityAccount]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\((user))\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [WDAGUtilityAccount]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [WDAGUtilityAccount]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [WDAGUtilityAccount]: Amorous.Game.lnk . (...) C:\Users\((user))\Desktop\amorous-windows\Amorous.Game.Windows.exe
O4 - GS\TaskBar [WDAGUtilityAccount]: Cube World.lnk . (...) C:\Program Files (x86)\Cube World\CubeLauncher.exe
O4 - GS\TaskBar [WDAGUtilityAccount]: Discord.lnk . (.GitHub - Update.) C:\Users\((user))\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\TaskBar [WDAGUtilityAccount]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [WDAGUtilityAccount]: MediBang Paint Pro.lnk . (...) C:\Program Files\Medibang\MediBang Paint Pro\MediBangPaintPro.exe {71657EDE0A4C9D0B006628E01E776FC8}
O4 - GS\TaskBar [WDAGUtilityAccount]: Minecraft.lnk . (.Mojang - Minecraft launcher.) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe =>.Mojang AB®
O4 - GS\TaskBar [WDAGUtilityAccount]: osu!.lnk . (.ppy - osu!.) C:\Users\((user))\AppData\Local\osu!\osu!.exe =>.Dean Herbert®
O4 - GS\TaskBar [WDAGUtilityAccount]: Star Stable Online.lnk . (.Flexera Software LLC - InstallShield.) C:\WINDOWS\Installer\{8CD50415-04B7-459E-8CBD-DA96A9CDF98E}\StarStableOnlinePr_A836D210CAFA42B7A7BAFE2D4CBFFAD4.exe =>.Flexera Software LLC
O4 - GS\TaskBar [WDAGUtilityAccount]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\Startup [WDAGUtilityAccount]: IMVU.lnk . (...) C:\Users\((user))\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe '--startup' =>.IMVU®
O4 - GS\Programs [WDAGUtilityAccount]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\((user))\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [WDAGUtilityAccount]: osu!.lnk . (.ppy - osu!.) C:\Users\((user))\AppData\Local\osu!\osu!.exe =>.Dean Herbert®
O4 - GS\CommonDesktop [Public]: Avast Free Antivirus.lnk . (.AVAST Software - Avast Antivirus.) C:\Program Files\AVAST Software\Avast\AvastUI.exe =>.AVAST Software s.r.o.®
O4 - GS\CommonDesktop [Public]: Bandicam.lnk . (.Bandicam Company - Bandicam - bdcam.exe.) C:\Program Files (x86)\Bandicam\bdcam.exe {3F8D23C136AE9CBEEAC7605B24EC0391} =>.Bandicam Company
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: LogMeIn Hamachi.lnk . (.LogMeIn Inc. - Hamachi Client Application.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe =>.LogMeIn, Inc.®
O4 - GS\CommonDesktop [Public]: MediBang Paint Pro.lnk . (...) C:\Program Files\Medibang\MediBang Paint Pro\MediBangPaintPro.exe {71657EDE0A4C9D0B006628E01E776FC8}
O4 - GS\CommonDesktop [Public]: Origin.lnk . (.Electronic Arts - Origin.) C:\Program Files (x86)\Origin\Origin.exe =>.Electronic Arts, Inc.®
O4 - GS\CommonDesktop [Public]: RogueKiller.lnk . (.Adlice Software - Anti-malware remediation tool.) C:\Program Files\RogueKiller\RogueKiller64.exe =>.Adlice®
O4 - GS\CommonDesktop [Public]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\((user))\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: osu!.lnk . (.ppy - osu!.) C:\Users\v\AppData\Local\osu!\osu!.exe =>.Dean Herbert®
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\internet explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Steps Recorder.) C:\WINDOWS\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\WINDOWS\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Avast Free Antivirus.lnk . (.AVAST Software - Avast Antivirus.) C:\Program Files\AVAST Software\Avast\AvastUI.exe =>.AVAST Software s.r.o.®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe =>.Microsoft Corporation

---\ Lop.com/Domain Hijackers (1) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\..\{e4b8ac8d-a6fc-40eb-8a1d-14144398d211}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress

---\ Extra protocols (22) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation

---\ AppInit_DLLs Registry value Autorun (1) - 0s
O20 - Winlogon : UserInit . (.Microsoft Corporation - Userinit Logon Application.) - C:\WINDOWS\system32\userinit.exe =>.Microsoft Corporation

---\ ASIC (ActiveSetup Installed Components) (5) - 1s
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utilit.) -- C:\Windows\System32\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll =>.Microsoft Corporation®
O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.170\Installer\chrmstp.exe =>.Google Inc®

---\ Software installed (87) - 12s
O42 - Logiciel: 100% Orange Juice - (.Orange_Juice.) [HKLM][64Bits] -- Steam App 282800 =>.Valve®
O42 - Logiciel: 200% Mixed Juice! - (.Orange_Juice.) [HKLM][64Bits] -- Steam App 335190 =>.Valve®
O42 - Logiciel: Alicemare - (.△○□× (Miwashiba).) [HKLM][64Bits] -- Steam App 524850 =>.Valve®
O42 - Logiciel: Alicia - (.NtreevSoft.) [HKLM][64Bits] -- Alicia =>.NtreevSoft
O42 - Logiciel: Apple Application Support (32-bit) - (.Apple Inc..) [HKLM][64Bits] -- {D4C80B0C-CF67-43A7-90C3-466853543B54} =>.Apple Inc.
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast Antivirus =>.AVAST Software s.r.o.®
O42 - Logiciel: Azure Striker Gunvolt - (.INTI CREATES CO., LTD..) [HKLM][64Bits] -- Steam App 388800 =>.Valve®
O42 - Logiciel: Bandicam - (.Bandicam.com.) [HKLM][64Bits] -- Bandicam =>.Bandicam.com
O42 - Logiciel: Bandicam MPEG-1 Decoder - (.Bandicam.com.) [HKLM][64Bits] -- BandiMPEG1 =>.Bandicam.com
O42 - Logiciel: Blender - (.Blender Foundation.) [HKLM][64Bits] -- {6B32721F-EA02-40BB-B781-92404BA3485C} =>.Blender Foundation
O42 - Logiciel: Bloody Trapland - (.2Play.) [HKLM][64Bits] -- Steam App 257750 =>.Valve®
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: Cheat Engine 6.7 - (.Cheat Engine.) [HKLM][64Bits] -- Cheat Engine 6.7_is1 =>.Cheat Engine®
O42 - Logiciel: Crypt of the NecroDancer - (.Brace Yourself Games.) [HKLM][64Bits] -- Steam App 247080 =>.Valve®
O42 - Logiciel: Cube World version 0.0.1 - (.Picroma.) [HKLM][64Bits] -- {D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1 =>.Picroma
O42 - Logiciel: Delicious! Pretty Girls Mahjong Solitaire - (.Zoo Corporation.) [HKLM][64Bits] -- Steam App 540610 =>.Valve®
O42 - Logiciel: Discord - (.Discord Inc..) [HKCU][64Bits] -- Discord =>.Discord Inc.®
O42 - Logiciel: DLC Quest - (.Going Loud Studios.) [HKLM][64Bits] -- Steam App 230050 =>.Valve®
O42 - Logiciel: Don't Starve - (.Klei Entertainment.) [HKLM][64Bits] -- Steam App 219740 =>.Valve®
O42 - Logiciel: Don't Starve Together - (.Klei Entertainment.) [HKLM][64Bits] -- Steam App 322330 =>.Valve®
O42 - Logiciel: Downwell - (.Moppin.) [HKLM][64Bits] -- Steam App 360740 =>.Valve®
O42 - Logiciel: Elsword - (.KOG.) [HKLM][64Bits] -- Steam App 237310 =>.Valve®
O42 - Logiciel: Five Nights at Freddy's 4 - (.Scott Cawthon.) [HKLM][64Bits] -- Steam App 388090 =>.Valve®
O42 - Logiciel: Gametree Launcher - (.NtreevSoft.) [HKLM][64Bits] -- GTL =>.NtreevSoft
O42 - Logiciel: Garry's Mod - (.Facepunch Studios.) [HKLM][64Bits] -- Steam App 4000 =>.Valve®
O42 - Logiciel: Genital Jousting - (.Free Lives.) [HKLM][64Bits] -- Steam App 469820 =>.Valve®
O42 - Logiciel: Geometry Dash - (.RobTop Games.) [HKLM][64Bits] -- Steam App 322170 =>.Valve®
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Human Resource Machine - (.Tomorrow Corporation.) [HKLM][64Bits] -- Steam App 375820 =>.Valve®
O42 - Logiciel: HunieCam Studio - (.HuniePot.) [HKLM][64Bits] -- Steam App 426000 =>.Valve®
O42 - Logiciel: HuniePop - (.HuniePot.) [HKLM][64Bits] -- Steam App 339800 =>.Valve®
O42 - Logiciel: Hyperdevotion Noire: Goddess Black Heart - (.Idea Factory.) [HKLM][64Bits] -- Steam App 415480 =>.Valve®
O42 - Logiciel: IMVU Avatar Chat Software - (.IMVU Inc..) [HKCU][64Bits] -- IMVU Avatar chat client software BETA =>.IMVU Inc.
O42 - Logiciel: Kingdom: Classic - (.Noio.) [HKLM][64Bits] -- Steam App 368230 =>.Valve®
O42 - Logiciel: Kingdom: New Lands - (.Noio.) [HKLM][64Bits] -- Steam App 496300 =>.Valve®
O42 - Logiciel: LiEat - (.△○□× (Miwashiba).) [HKLM][64Bits] -- Steam App 373770 =>.Valve®
O42 - Logiciel: LogMeIn Hamachi - (.LogMeIn, Inc..) [HKLM][64Bits] -- {BE82D2D7-6CA2-43B3-8C22-CCF6405806E7} =>.LogMeIn, Inc.
O42 - Logiciel: LogMeIn Hamachi - (.LogMeIn, Inc..) [HKLM][64Bits] -- LogMeIn Hamachi =>.LogMeIn, Inc.
O42 - Logiciel: MediBang Paint Pro 13.2 (64-bit) - (.Medibang.) [HKLM][64Bits] -- MediBang Paint Pro_is1
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe =>.Microsoft Corporation®
O42 - Logiciel: Minecraft - (.Mojang.) [HKLM][64Bits] -- {1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872} =>.Mojang
O42 - Logiciel: Momodora III - (.rdein.) [HKLM][64Bits] -- Steam App 302790 =>.Valve®
O42 - Logiciel: Monster Loves You! - (.Radial Games Corp.) [HKLM][64Bits] -- Steam App 226740 =>.Valve®
O42 - Logiciel: Montaro - (.JCKSLAP.) [HKLM][64Bits] -- Steam App 495890 =>.Valve®
O42 - Logiciel: Mr. Massagy - (.Green Lava Studios.) [HKLM][64Bits] -- Steam App 511350 =>.Valve®
O42 - Logiciel: NEKOPARA Vol. 0 - (.NEKO WORKs.) [HKLM][64Bits] -- Steam App 385800 =>.Valve®
O42 - Logiciel: NEKOPARA Vol. 1 - (.NEKO WORKs.) [HKLM][64Bits] -- Steam App 333600 =>.Valve®
O42 - Logiciel: Never Alone (Kisima Ingitchuna) - (.Upper One Games.) [HKLM][64Bits] -- Steam App 295790 =>.Valve®
O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin =>.Electronic Arts, Inc.®
O42 - Logiciel: osu! - (.ppy Pty Ltd.) [HKLM][64Bits] -- {e0d70f8a-c96b-4494-ada0-4da8ab009465} =>.Dean Herbert®
O42 - Logiciel: Papers, Please - (.3909.) [HKLM][64Bits] -- Steam App 239030 =>.Valve®
O42 - Logiciel: Plants vs. Zombies: Game of the Year - (.PopCap Games, Inc..) [HKLM][64Bits] -- Steam App 3590 =>.Valve®
O42 - Logiciel: Pony Island - (.Daniel Mullins Games.) [HKLM][64Bits] -- Steam App 405640 =>.Valve®
O42 - Logiciel: Pretty Girls Mahjong Solitaire - (.Zoo Corporation.) [HKLM][64Bits] -- Steam App 393980 =>.Valve®
O42 - Logiciel: Realm of the Mad God - (.Wild Shadow Studios.) [HKLM][64Bits] -- Steam App 200210 =>.Valve®
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp®
O42 - Logiciel: RogueKiller version 12.12.16.0 - (.Adlice Software.) [HKLM][64Bits] -- 8B3D7924-ED89-486B-8322-E8594065D5CB_is1 =>.Adlice®
O42 - Logiciel: Shelter 2 - (.Might and Delight.) [HKLM][64Bits] -- Steam App 275100 =>.Valve®
O42 - Logiciel: Slayaway Camp - (.Blue Wizard Digital.) [HKLM][64Bits] -- Steam App 530390 =>.Valve®
O42 - Logiciel: Soda Dungeon - (.AN Productions.) [HKLM][64Bits] -- Steam App 564710 =>.Valve®
O42 - Logiciel: Sonic Adventure™ 2 - (.SEGA.) [HKLM][64Bits] -- Steam App 213610 =>.Valve®
O42 - Logiciel: Spore - (.Maxis™.) [HKLM][64Bits] -- Steam App 17390 =>.Valve®
O42 - Logiciel: Star Stable Online - (.Star Stable Entertainment AB.) [HKLM][64Bits] -- {8CD50415-04B7-459E-8CBD-DA96A9CDF98E} =>.Star Stable Entertainment AB
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam =>.Valve®
O42 - Logiciel: Synaptics ClickPad Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated®
O42 - Logiciel: Tales of Symphonia - (.BANDAI NAMCO Entertainment Inc..) [HKLM][64Bits] -- Steam App 372360 =>.Valve®
O42 - Logiciel: Tales of Zestiria - (.BANDAI NAMCO Studio Inc..) [HKLM][64Bits] -- Steam App 351970 =>.Valve®
O42 - Logiciel: The Binding of Isaac - (.Edmund McMillen and Florian Himsl.) [HKLM][64Bits] -- Steam App 113200 =>.Valve®
O42 - Logiciel: The Binding of Isaac: Rebirth - (.Nicalis, Inc..) [HKLM][64Bits] -- Steam App 250900 =>.Valve®
O42 - Logiciel: The Cat Games - (.M. Hanka.) [HKLM][64Bits] -- Steam App 603260 =>.Valve®
O42 - Logiciel: The Howler - (.Antanas Marcelionis.) [HKLM][64Bits] -- Steam App 306040 =>.Valve®
O42 - Logiciel: The Jackbox Party Pack - (.Jackbox Games, Inc..) [HKLM][64Bits] -- Steam App 331670 =>.Valve®
O42 - Logiciel: The Jackbox Party Pack 2 - (.Jackbox Games, Inc..) [HKLM][64Bits] -- Steam App 397460 =>.Valve®
O42 - Logiciel: The Jackbox Party Pack 3 - (.Jackbox Games, Inc..) [HKLM][64Bits] -- Steam App 434170 =>.Valve®
O42 - Logiciel: The Purring Quest - (.Valhalla Cats.) [HKLM][64Bits] -- Steam App 409100 =>.Valve®
O42 - Logiciel: There's Poop In My Soup - (.K Bros Games.) [HKLM][64Bits] -- Steam App 449540 =>.Valve®
O42 - Logiciel: Town of Salem - (.BlankMediaGames.) [HKLM][64Bits] -- Steam App 334230 =>.Valve®
O42 - Logiciel: Undertale - (.tobyfox.) [HKLM][64Bits] -- Steam App 391540 =>.Valve®
O42 - Logiciel: Unturned - (.Smartly Dressed Games.) [HKLM][64Bits] -- Steam App 304930 =>.Valve®
O42 - Logiciel: Valley - (.Blue Isle Studios.) [HKLM][64Bits] -- Steam App 378610 =>.Valve®
O42 - Logiciel: We Were Here - (.Total Mayhem Games.) [HKLM][64Bits] -- Steam App 582500 =>.Valve®
O42 - Logiciel: Welcome to the Game - (.Reflect Studios.) [HKLM][64Bits] -- Steam App 485380 =>.Valve®
O42 - Logiciel: Who's Your Daddy - (.Evil Tortilla Games.) [HKLM][64Bits] -- Steam App 427730 =>.Valve®
O42 - Logiciel: WolfQuest - (.eduweb.) [HKLM][64Bits] -- Steam App 431180 =>.Valve®
O42 - Logiciel: World of Goo - (.2D BOY.) [HKLM][64Bits] -- Steam App 22000 =>.Valve®
O42 - Logiciel: Zooicide - (.Evil Tortilla Games.) [HKLM][64Bits] -- Steam App 622040 =>.Valve®

---\ HKCU & HKLM Software Keys (77) - 12s
HKLM\SOFTWARE\AMD =>.AMD
HKLM\SOFTWARE\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\ATI =>.ATI
HKLM\SOFTWARE\AVAST Software =>.AVAST Software
HKLM\SOFTWARE\BandiMPEG1 =>.Bandisoft
HKLM\SOFTWARE\BANDISOFT =>.Bandisoft
HKLM\SOFTWARE\Electronic Arts =>.Electronic Arts
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\Khronos =>.Khronos
HKLM\SOFTWARE\LogMeIn Hamachi =>.LogMeIn Entreprise
HKLM\SOFTWARE\Macromedia =>.Macromedia
HKLM\SOFTWARE\Mojang =>.Mojang
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\Ntreev
HKLM\SOFTWARE\Nuance =>.Nuance
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Origin =>.Electronic Arts, Inc.
HKLM\SOFTWARE\Valve =>.Valve
HKLM\SOFTWARE\VoidElsword
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\AMD =>.AMD
HKLM\SOFTWARE\WOW6432Node\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\WOW6432Node\ATI =>.ATI
HKLM\SOFTWARE\WOW6432Node\AVAST Software =>.AVAST Software
HKLM\SOFTWARE\WOW6432Node\BandiMPEG1 =>.Bandisoft
HKLM\SOFTWARE\WOW6432Node\BANDISOFT =>.Bandisoft
HKLM\SOFTWARE\WOW6432Node\Electronic Arts =>.Electronic Arts
HKLM\SOFTWARE\WOW6432Node\Google =>.Google
HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel
HKLM\SOFTWARE\WOW6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\WOW6432Node\LogMeIn Hamachi =>.LogMeIn Entreprise
HKLM\SOFTWARE\WOW6432Node\Macromedia =>.Macromedia
HKLM\SOFTWARE\WOW6432Node\Mojang =>.Mojang
HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\WOW6432Node\Ntreev
HKLM\SOFTWARE\WOW6432Node\Nuance =>.Nuance
HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\WOW6432Node\Origin =>.Electronic Arts, Inc.
HKLM\SOFTWARE\WOW6432Node\Valve =>.Valve
HKLM\SOFTWARE\WOW6432Node\VoidElsword
HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\AliciaOnline
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\ATI =>.ATI
HKCU\SOFTWARE\Avast Software =>.AVAST Software
HKCU\SOFTWARE\AvastAdSDK =>.Avast Software s.r.o
HKCU\SOFTWARE\BandiMPEG1 =>.Bandisoft
HKCU\SOFTWARE\BANDISOFT =>.Bandisoft
HKCU\SOFTWARE\Blender Foundation =>.Blender Foundation
HKCU\SOFTWARE\Blue Wizard
HKCU\SOFTWARE\Browser Cleanup =>.Avast Software s.r.o
HKCU\SOFTWARE\Cheat Engine =>.Dark Byte
HKCU\SOFTWARE\Chromium =>.Chromium
HKCU\SOFTWARE\eduweb
HKCU\SOFTWARE\ElswordINT =>.ElswordINT
HKCU\SOFTWARE\Epic Games =>.Epic Games
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\HuniePot
HKCU\SOFTWARE\Imagination Technologies =>.Imagination Technologies
HKCU\SOFTWARE\IMVU
HKCU\SOFTWARE\LoE
HKCU\SOFTWARE\Might and Delight
HKCU\SOFTWARE\Mojang =>.Mojang
HKCU\SOFTWARE\Ntreev
HKCU\SOFTWARE\osu! =>.Osu! Games
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\StarStableEntertainment
HKCU\SOFTWARE\Synaptics =>.Synaptics
HKCU\SOFTWARE\Unity =>.Unity
HKCU\SOFTWARE\Valve =>.Valve
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation

---\ Contents of the Common Files folders (96) - 14s
O43 - CFD: 14/03/2018 - [] D -- C:\Program Files\AMD =>.AMD
O43 - CFD: 13/05/2018 - [] D -- C:\Program Files\AVAST Software =>.AVAST Software s.r.o.®
O43 - CFD: 15/03/2018 - [] D -- C:\Program Files\Blender Foundation =>.Blender Foundation
O43 - CFD: 13/05/2018 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd
O43 - CFD: 15/03/2018 - [] D -- C:\Program Files\Medibang {71657EDE0A4C9D0B006628E01E776FC8}
O43 - CFD: 14/03/2018 - [] D -- C:\Program Files\Realtek =>.Realtek
O43 - CFD: 13/05/2018 - [] D -- C:\Program Files\RogueKiller =>.Adlice Software
O43 - CFD: 14/03/2018 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated®
O43 - CFD: 23/03/2018 - [] D -- C:\Program Files (x86)\Bandicam =>.Bandisoft
O43 - CFD: 23/03/2018 - [] D -- C:\Program Files (x86)\BandiMPEG1 =>.Bandisoft
O43 - CFD: 24/03/2018 - [] D -- C:\Program Files (x86)\Cheat Engine 6.7 =>.Dark Byte
O43 - CFD: 24/03/2018 - [] D -- C:\Program Files (x86)\Cube World
O43 - CFD: 14/03/2018 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 16/03/2018 - [] D -- C:\Program Files (x86)\LogMeIn Hamachi =>.LogMeIn Entreprise
O43 - CFD: 01/04/2018 - [] D -- C:\Program Files (x86)\Origin =>.Electronic Arts, Inc.
O43 - CFD: 25/03/2018 - [0] D -- C:\Program Files (x86)\Origin Games =>.Electronic Arts, Inc.
O43 - CFD: 17/03/2018 - [] D -- C:\Program Files (x86)\Star Stable Online =>.Star Stable Entertainment AB®
O43 - CFD: 13/05/2018 - [] D -- C:\Program Files (x86)\Steam =>.Steam Games
O43 - CFD: 14/03/2018 - [] D -- C:\Program Files (x86)\VoidElsword
O43 - CFD: 10/05/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 23/03/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam =>.Bandisoft
O43 - CFD: 13/05/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd
O43 - CFD: 24/03/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.7 =>.Dark Byte
O43 - CFD: 14/03/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cube World
O43 - CFD: 16/03/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi =>.LogMeIn Entreprise
O43 - CFD: 15/03/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medibang
O43 - CFD: 24/03/2018 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin =>.Electronic Arts, Inc.
O43 - CFD: 13/05/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller =>.Adlice Software
O43 - CFD: 15/03/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Stable Online
O43 - CFD: 14/03/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games
O43 - CFD: 15/03/2018 - [] D -- C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 14/05/2018 - [] D -- C:\ProgramData\AVAST Software =>.AVAST Software
O43 - CFD: 15/03/2018 - [] D -- C:\ProgramData\Gametree
O43 - CFD: 16/03/2018 - [] D -- C:\ProgramData\LogMeIn =>.LogMeIn
O43 - CFD: 31/03/2018 - [] D -- C:\ProgramData\Origin =>.Electronic Arts, Inc.
O43 - CFD: 14/03/2018 - [] D -- C:\ProgramData\Picroma =>.Picroma
O43 - CFD: 13/05/2018 - [] D -- C:\ProgramData\RogueKiller =>.Adlice Software
O43 - CFD: 14/03/2018 - [] D -- C:\ProgramData\Synaptics =>.Synaptics
O43 - CFD: 15/03/2018 - [] D -- C:\Program Files (x86)\Common Files\Apple =>.Apple Inc.
O43 - CFD: 01/04/2018 - [] D -- C:\Program Files (x86)\Common Files\Steam =>.Steam Games
O43 - CFD: 16/03/2018 - [] D -- C:\Users\((user))\AppData\Roaming\3909 =>.3909
O43 - CFD: 14/03/2018 - [] D -- C:\Users\((user))\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 15/03/2018 - [] D -- C:\Users\((user))\AppData\Roaming\AliciaOnline
O43 - CFD: 13/05/2018 - [] D -- C:\Users\((user))\AppData\Roaming\AVAST Software =>.AVAST Software
O43 - CFD: 23/03/2018 - [] D -- C:\Users\((user))\AppData\Roaming\Bandicam Company =>.Bandicam Company
O43 - CFD: 10/05/2018 - [] D -- C:\Users\((user))\AppData\Roaming\discord =>.GitHub
O43 - CFD: 02/04/2018 - [] D -- C:\Users\((user))\AppData\Roaming\dungeon
O43 - CFD: 14/03/2018 - [] D -- C:\Users\((user))\AppData\Roaming\Google =>.Google
O43 - CFD: 13/05/2018 - [] D -- C:\Users\((user))\AppData\Roaming\IMVU
O43 - CFD: 16/03/2018 - [] D -- C:\Users\((user))\AppData\Roaming\IMVUClient
O43 - CFD: 16/03/2018 - [] D -- C:\Users\((user))\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 31/03/2018 - [] D -- C:\Users\((user))\AppData\Roaming\Origin =>.Electronic Arts, Inc.
O43 - CFD: 14/03/2018 - [] D -- C:\Users\((user))\AppData\Roaming\Synaptics =>.Synaptics
O43 - CFD: 14/05/2018 - [] D -- C:\Users\((user))\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 15/03/2018 - [] D -- C:\Users\((user))\AppData\Local\AMD =>.AMD
O43 - CFD: 14/03/2018 - [] D -- C:\Users\((user))\AppData\Local\CEF =>.CEF
O43 - CFD: 16/03/2018 - [0] D -- C:\Users\((user))\AppData\Local\DBG =>.DBG
O43 - CFD: 10/05/2018 - [] D -- C:\Users\((user))\AppData\Local\Discord =>.GitHub
O43 - CFD: 01/04/2018 - [] D -- C:\Users\((user))\AppData\Local\Downwell_v1_0_5
O43 - CFD: 15/03/2018 - [] D -- C:\Users\((user))\AppData\Local\Gametree
O43 - CFD: 01/04/2018 - [] D -- C:\Users\((user))\AppData\Local\GeometryDash
O43 - CFD: 14/03/2018 - [] D -- C:\Users\((user))\AppData\Local\Google =>.Google
O43 - CFD: 16/03/2018 - [] D -- C:\Users\((user))\AppData\Local\LogMeIn =>.LogMeIn
O43 - CFD: 13/05/2018 - [] D -- C:\Users\((user))\AppData\Local\LogMeIn Hamachi =>.LogMeIn Entreprise
O43 - CFD: 15/03/2018 - [] D -- C:\Users\((user))\AppData\Local\Medibang
O43 - CFD: 24/03/2018 - [] D -- C:\Users\((user))\AppData\Local\Origin =>.Electronic Arts, Inc.
O43 - CFD: 21/03/2018 - [] D -- C:\Users\((user))\AppData\Local\osu! =>.osu! Game
O43 - CFD: 14/03/2018 - [] D -- C:\Users\((user))\AppData\Local\PlaceholderTileLogoFolder
O43 - CFD: 14/03/2018 - [] D -- C:\Users\((user))\AppData\Local\SquirrelTemp =>.Squirrels
O43 - CFD: 17/03/2018 - [] D -- C:\Users\((user))\AppData\Local\Star Stable
O43 - CFD: 14/03/2018 - [] D -- C:\Users\((user))\AppData\Local\Steam =>.Steam Games
O43 - CFD: 15/03/2018 - [] D -- C:\Users\((user))\AppData\Local\The_Cat_Games
O43 - CFD: 10/05/2018 - [] D -- C:\Users\((user))\AppData\Local\ThiefProto
O43 - CFD: 10/05/2018 - [] D -- C:\Users\((user))\AppData\Local\UnrealEngine =>.Unreal Software
O43 - CFD: 14/05/2018 - [] D -- C:\Users\((user))\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 16/03/2018 - [] D -- C:\Users\((user))\AppData\LocalLow\Blue Wizard
O43 - CFD: 15/03/2018 - [] D -- C:\Users\((user))\AppData\LocalLow\DefaultCompany
O43 - CFD: 16/03/2018 - [] D -- C:\Users\((user))\AppData\LocalLow\E_Line Media
O43 - CFD: 25/03/2018 - [] D -- C:\Users\((user))\AppData\LocalLow\HuniePot
O43 - CFD: 15/03/2018 - [] D -- C:\Users\((user))\AppData\LocalLow\LoE
O43 - CFD: 15/03/2018 - [] D -- C:\Users\((user))\AppData\LocalLow\noio
O43 - CFD: 16/03/2018 - [] D -- C:\Users\((user))\AppData\LocalLow\ValhallaCats
O43 - CFD: 14/03/2018 - [] D -- C:\Users\((user))\Desktop\adopts for the future
O43 - CFD: 13/05/2018 - [] D -- C:\Users\((user))\Desktop\amorous-windows
O43 - CFD: 15/03/2018 - [] D -- C:\Users\((user))\Desktop\backgrounds
O43 - CFD: 13/05/2018 - [] D -- C:\Users\((user))\Desktop\fursona-maker-windows
O43 - CFD: 10/05/2018 - [] D -- C:\Users\((user))\Desktop\Ransacked
O43 - CFD: 24/03/2018 - [] D -- C:\Users\((user))\Desktop\stuff
O43 - CFD: 15/03/2018 - [] D -- C:\Users\((user))\Desktop\stuff for duwolf
O43 - CFD: 13/05/2018 - [] D -- C:\Users\((user))\Desktop\x64
O43 - CFD: 13/05/2018 - [] RD -- C:\Users\((user))\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 15/03/2018 - [] D -- C:\Users\((user))\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender =>.Blender Fondation
O43 - CFD: 10/05/2018 - [] D -- C:\Users\((user))\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc =>.Discord Inc
O43 - CFD: 15/03/2018 - [] D -- C:\Users\((user))\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gametree
O43 - CFD: 16/03/2018 - [] D -- C:\Users\((user))\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU
O43 - CFD: 13/05/2018 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\AVAST Software =>.AVAST Software

---\ ShellIconOverlayIdentifiers (SIOI) (2) - 0s
O106 - SIOI: avast [00asw] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - Avast Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll =>.AVAST Software s.r.o.®
O106 - SIOI: [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation

---\ Search Context Menu Handlers (SCMH) (21) - 2s
O108 - CMH1: avast [64Bits] - {472083B0-C522-11CF-8763-00608CC02F24} . (.AVAST Software - Avast Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll =>.AVAST Software s.r.o.®
O108 - CMH1: ModernSharing [64Bits] - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH1: Open With EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH3: 00asw [64Bits] - {472083B0-C522-11CF-8763-00608CC02F24} . (.AVAST Software - Avast Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll =>.AVAST Software s.r.o.®
O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH4: EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH4: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH5: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH6: avast [64Bits] - {472083B0-C522-11CF-8763-00608CC02F24} . (.AVAST Software - Avast Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll =>.AVAST Software s.r.o.®
O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH6: PintoStartScreen [64Bits] - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - App Resolver.) -- C:\Windows\System32\appresolver.dll =>.Microsoft Windows®
O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation

---\ Image File Execution Options (11) - 1s
O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialization Utility.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\MRT.exe - (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) [CFGOptions\\1] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\\1118481] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\\4294967296] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Host Process for Windows Services.) [MinimumStackCommitInBytes\\32768] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Host Process for Windows Services.) [MitigationAuditOptions\\17660905521152] =>.Microsoft Windows Publisher®

---\ System Drivers List (82) - 17s
O58 - SDL:2017/09/29 08:41:02 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107416] =>.Microsoft Windows®
O58 - SDL:2017/12/18 18:00:56 A . (.HP - HP Accelerometer.) -- C:\WINDOWS\System32\drivers\Accelerometer.sys [53760] =>.HP Inc.®
O58 - SDL:2017/09/29 08:41:02 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135512] =>.Microsoft Windows®
O58 - SDL:2015/10/08 21:38:30 A . (.Advanced Micro Devices - AMD ACP Binaries.) -- C:\WINDOWS\System32\drivers\amdacpksd.sys [315104] =>.Advanced Micro Devices, Inc.®
O58 - SDL:2017/09/29 08:41:02 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83352] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [258592] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [27032] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131992] =>.Microsoft Windows®
O58 - SDL:2018/05/13 23:32:14 A . (.AVAST Software - Avast anti rootkit.) -- C:\WINDOWS\System32\drivers\aswArPot.sys [196640] =>.AVAST Software s.r.o.®
O58 - SDL:2018/05/13 23:31:31 A . (.AVAST Software - IDS Application Activity Monitor Driver..) -- C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504] =>.AVAST Software s.r.o.®
O58 - SDL:2018/05/13 23:31:31 A . (.AVAST Software - Application Activity Monitor Helper Driver.) -- C:\WINDOWS\System32\drivers\aswbidsha.sys [199440] =>.AVAST Software s.r.o.®
O58 - SDL:2018/05/13 23:31:31 A . (.AVAST Software - Logging Driver.) -- C:\WINDOWS\System32\drivers\aswbloga.sys [343752] =>.AVAST Software s.r.o.®
O58 - SDL:2018/05/13 23:31:31 A . (.AVAST Software - Universal Driver.) -- C:\WINDOWS\System32\drivers\aswbuniva.sys [57680] =>.AVAST Software s.r.o.®
O58 - SDL:2018/05/13 23:31:33 A . (.AVAST Software - Home Network Security.) -- C:\WINDOWS\System32\drivers\aswHdsKe.sys [234560] =>.AVAST Software s.r.o.®
O58 - SDL:2018/05/13 23:32:14 A . (.AVAST Software - Avast HWID.) -- C:\WINDOWS\System32\drivers\aswHwid.sys [46968] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2018/05/13 23:32:14 A . (.AVAST Software - Avast File System Minifilter for Windows 20.) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys [159120] =>.AVAST Software s.r.o.®
O58 - SDL:2018/05/13 23:32:13 A . (.AVAST Software - Avast WFP Redirect Driver.) -- C:\WINDOWS\System32\drivers\aswRdr2.sys [111360] =>.AVAST Software s.r.o.®
O58 - SDL:2018/05/13 23:32:14 A . (.AVAST Software - Avast Revert.) -- C:\WINDOWS\System32\drivers\aswRvrt.sys [85968] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2018/05/13 23:31:40 A . (.AVAST Software - Avast Virtualization Driver.) -- C:\WINDOWS\System32\drivers\aswSnx.sys [1027720] =>.AVAST Software s.r.o.®
O58 - SDL:2018/05/13 23:32:14 A . (.AVAST Software - Avast self protection module.) -- C:\WINDOWS\System32\drivers\aswSP.sys [460520] =>.AVAST Software s.r.o.®
O58 - SDL:2018/05/13 23:32:15 A . (.AVAST Software - Stream Filter.) -- C:\WINDOWS\System32\drivers\aswStm.sys [205976] =>.AVAST Software s.r.o.®
O58 - SDL:2018/05/13 23:32:15 A . (.AVAST Software - Avast VM Monitor.) -- C:\WINDOWS\System32\drivers\aswVmm.sys [381552] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2015/05/28 09:00:44 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\WINDOWS\System32\drivers\AtihdWT6.sys [102912] =>.Advanced Micro Devices
O58 - SDL:2015/10/08 21:38:36 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\atikmdag.sys [21653520] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2015/10/08 21:38:34 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\WINDOWS\System32\drivers\atikmpag.sys [683032] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2016/01/05 15:45:28 A . (.BitDefender - BitDefender AntiVirus Active Virus Control.) -- C:\WINDOWS\System32\drivers\avchv.sys [282000] =>.Bitdefender SRL®
O58 - SDL:2017/09/29 08:41:02 A . (. - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Broadcom Corporation
O58 - SDL:2017/09/29 08:41:01 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [533912] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\cht4dx64.sys [141208] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) -- C:\WINDOWS\System32\drivers\cht4sx64.sys [357272] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T5/T6 Chip.) -- C:\WINDOWS\System32\drivers\cht4vx64.sys [1723288] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:01 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3419032] =>.Microsoft Windows®
O58 - SDL:2017/06/29 12:24:50 A . (.LogMeIn Inc. - LogMeIn Hamachi Virtual Miniport Driver.) -- C:\WINDOWS\System32\drivers\Hamdrv.sys [45680] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2017/12/18 18:00:58 A . (.HP - HP Disk Filter - SATA/RAID.) -- C:\WINDOWS\System32\drivers\hpdskflt.sys [39936] =>.HP Inc.®
O58 - SDL:2017/09/29 08:41:02 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [63520] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:40:59 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys [36864] =>.Intel(R) Corporation
O58 - SDL:2017/09/29 08:40:59 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [91648] =>.Intel(R) Corporation
O58 - SDL:2017/09/29 08:40:59 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360] =>.Intel Corporation
O58 - SDL:2017/09/29 08:40:59 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576] =>.Intel Corporation
O58 - SDL:2017/09/29 08:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520] =>.Intel Corporation
O58 - SDL:2017/09/29 08:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592] =>.Intel Corporation
O58 - SDL:2017/09/29 08:41:01 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2017/09/29 08:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2017/09/29 08:41:03 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [674200] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:03 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412056] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [526232] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108064] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [123800] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [103320] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82840] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59800] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys [63520] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575896] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [842648] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63896] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [108952] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150424] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166296] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58776] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [61848] =>.Microsoft Windows®
O58 - SDL:2013/12/18 14:35:22 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\WINDOWS\System32\drivers\Rt630x64.sys [839896] =>.Realtek Semiconductor Corp®
O58 - SDL:2017/09/29 08:41:14 N . (.Realtek - Realtek PCIe GBE Family Controller Flight.) -- C:\WINDOWS\System32\drivers\rteth.sys [59904] =>.Realtek
O58 - SDL:2017/07/20 08:41:10 A . (.Realtek Semiconductor Corporation - Realtek Bluetooth Filter Driver.) -- C:\WINDOWS\System32\drivers\RtkBtfilter.sys [723920] =>.Realtek Semiconductor Corp.®
O58 - SDL:2014/03/12 00:00:46 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [3891800] =>.Realtek Semiconductor Corp®
O58 - SDL:2015/06/05 04:12:54 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\WINDOWS\System32\drivers\RtsP2Stor.sys [310528] =>.Realtek Semiconductor Corp®
O58 - SDL:2017/05/03 06:27:24 A . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driver 52611 27170.) -- C:\WINDOWS\System32\drivers\rtwlane.sys [6804480] =>.Realtek Semiconductor Corp.®
O58 - SDL:2017/09/29 08:41:02 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44952] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81816] =>.Microsoft Windows®
O58 - SDL:2017/08/18 04:23:50 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [53848] =>.Synaptics Incorporated®
O58 - SDL:2017/08/18 04:23:50 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys [53848] =>.Synaptics Incorporated®
O58 - SDL:2017/08/18 04:23:50 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [55384] =>.Synaptics Incorporated®
O58 - SDL:2017/08/18 04:23:50 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys [55384] =>.Synaptics Incorporated®
O58 - SDL:2017/09/29 08:41:02 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31128] =>.Microsoft Windows®
O58 - SDL:2017/08/18 04:23:52 A . (.Synaptics Incorporated - Synaptics I2C Driver.) -- C:\WINDOWS\System32\drivers\SynRMIHID_Aux.sys [66136] =>.Synaptics Incorporated®
O58 - SDL:2017/08/18 04:23:52 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [716384] =>.Synaptics Incorporated®
O58 - SDL:2018/05/13 23:46:39 A . (...) -- C:\WINDOWS\System32\drivers\TrueSight.sys [28272] =>.Adlice®
O58 - SDL:2017/11/27 17:50:32 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\drivers\usbaapl64.sys [54784] =>.Apple, Inc.
O58 - SDL:2017/09/29 08:41:02 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166808] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305560] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [32152] =>.Microsoft Windows®
O58 - SDL:2017/09/29 08:41:02 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [64920] =>.Microsoft Windows®
O58 - SDL:2017/06/21 19:04:22 A . (.HP - HP Wireless Button Driver.) -- C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30368] =>.HP Inc.®

---\ Last modified or created user files (73) - 24s
O61 - LFC: 2018/05/13 23:34:07 A . (..) -- C:\ProgramData\AVAST Software\Avast\Cache\InstallLocation\OneDriveSetup.exe [336]
O61 - LFC: 2018/05/10 16:48:17 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\Amorous.Engine.dll [328704]
O61 - LFC: 2018/05/10 16:48:19 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\Amorous.Game.dll [690176]
O61 - LFC: 2018/05/10 16:48:19 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\Amorous.Game.Windows.exe [90112]
O61 - LFC: 2018/05/10 16:50:26 A . (.Ethan 'flibitijibibo' Lee.) -- C:\Users\((user))\Desktop\amorous-windows\FNA.dll [877056]
O61 - LFC: 2018/05/10 16:50:27 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\Spine.dll [103936]
O61 - LFC: 2018/05/10 16:50:27 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\Squid.dll [198144]
O61 - LFC: 2018/05/10 16:50:28 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x64\libjpeg-9.dll [243200]
O61 - LFC: 2018/05/10 16:50:28 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x64\libogg-0.dll [31566]
O61 - LFC: 2018/05/10 16:50:28 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x64\libpng16-16.dll [216064]
O61 - LFC: 2018/05/10 16:50:28 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x64\libtheoradec-1.dll [69454]
O61 - LFC: 2018/05/10 16:50:28 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x64\libtheorafile.dll [68689]
O61 - LFC: 2018/05/10 16:50:28 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x64\libvorbis-0.dll [186984]
O61 - LFC: 2018/05/10 16:50:28 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x64\libvorbisfile.dll [41274]
O61 - LFC: 2018/05/10 16:50:27 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x64\MojoShader.dll [417090]
O61 - LFC: 2018/05/10 16:50:28 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x64\SDL2.dll [822272]
O61 - LFC: 2018/05/10 16:50:28 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x64\SDL2_image.dll [97792]
O61 - LFC: 2018/05/10 16:50:29 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x64\soft_oal.dll [2996415]
O61 - LFC: 2018/05/10 16:50:29 A . (.(C) 1995-2013 Jean-loup Gailly & Mark Adler.) -- C:\Users\((user))\Desktop\amorous-windows\x64\zlib1.dll [133632]
O61 - LFC: 2018/05/10 16:50:29 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x86\libjpeg-9.dll [223232]
O61 - LFC: 2018/05/10 16:50:30 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x86\libogg-0.dll [27423]
O61 - LFC: 2018/05/10 16:50:30 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x86\libpng16-16.dll [200704]
O61 - LFC: 2018/05/10 16:50:30 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x86\libtheoradec-1.dll [61215]
O61 - LFC: 2018/05/10 16:50:30 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x86\libtheorafile.dll [59162]
O61 - LFC: 2018/05/10 16:50:30 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x86\libvorbis-0.dll [171087]
O61 - LFC: 2018/05/10 16:50:30 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x86\libvorbisfile.dll [38203]
O61 - LFC: 2018/05/10 16:50:29 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x86\MojoShader.dll [369935]
O61 - LFC: 2018/05/10 16:50:29 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x86\SDL2.dll [668672]
O61 - LFC: 2018/05/10 16:50:29 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x86\SDL2_image.dll [93184]
O61 - LFC: 2018/05/10 16:50:31 A . (..) -- C:\Users\((user))\Desktop\amorous-windows\x86\soft_oal.dll [2424800]
O61 - LFC: 2018/05/10 16:50:31 A . (.(C) 1995-2013 Jean-loup Gailly & Mark Adler.) -- C:\Users\((user))\Desktop\amorous-windows\x86\zlib1.dll [123904]
O61 - LFC: 2018/05/13 16:40:23 A . (..) -- C:\Users\((user))\Desktop\fursona-maker-windows\FursonaMaker.exe [16793088]
O61 - LFC: 2018/05/13 16:40:27 A . (..) -- C:\Users\((user))\Desktop\fursona-maker-windows\FursonaMaker_Data\Managed\Assembly-CSharp.dll [204288]
O61 - LFC: 2018/05/13 16:40:28 A . (..) -- C:\Users\((user))\Desktop\fursona-maker-windows\FursonaMaker_Data\Managed\Mono.Data.Tds.dll [96256]
O61 - LFC: 2018/05/13 16:40:32 A . (..) -- C:\Users\((user))\Desktop\fursona-maker-windows\FursonaMaker_Data\Managed\UnityEngine.dll [967680]
O61 - LFC: 2018/05/10 16:44:32 A . (..) -- C:\Users\((user))\Desktop\Ransacked\Ransacked\GameFolder\Engine\Binaries\ThirdParty\NVIDIA\NVaftermath\Win64\GFSDK_Aftermath_Lib.dll [31744]
O61 - LFC: 2018/05/10 16:44:35 A . (..) -- C:\Users\((user))\Desktop\Ransacked\Ransacked\GameFolder\Engine\Binaries\ThirdParty\PhysX\Win64\VS2015\NvCloth_x64.dll [266240]
O61 - LFC: 2018/05/10 16:44:32 A . (..) -- C:\Users\((user))\Desktop\Ransacked\Ransacked\GameFolder\Ransacked.exe [159744]
O61 - LFC: 2018/05/10 16:44:39 A . (.Real Nifty Games.) -- C:\Users\((user))\Desktop\Ransacked\Ransacked\GameFolder\ThiefProto\Binaries\Win64\ThiefProto-Win64-Shipping.exe [44408320]
O61 - LFC: 2018/05/13 14:47:12 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1026.dll [77824]
O61 - LFC: 2018/05/13 14:47:12 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1031.dll [77824]
O61 - LFC: 2018/05/13 14:47:12 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1034.dll [86016]
O61 - LFC: 2018/05/13 14:47:12 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1035.dll [81920]
O61 - LFC: 2018/05/13 14:47:12 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1036.dll [81920]
O61 - LFC: 2018/05/13 14:47:12 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1037.dll [65536]
O61 - LFC: 2018/05/13 14:47:12 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1038.dll [81920]
O61 - LFC: 2018/05/13 14:47:12 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1040.dll [81920]
O61 - LFC: 2018/05/13 14:47:12 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1041.dll [53248]
O61 - LFC: 2018/05/13 14:47:12 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1043.dll [81920]
O61 - LFC: 2018/05/13 14:47:12 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1045.dll [81920]
O61 - LFC: 2018/05/13 14:47:12 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1046.dll [77824]
O61 - LFC: 2018/05/13 14:47:12 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1049.dll [77824]
O61 - LFC: 2018/05/13 14:47:12 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1050.dll [81920]
O61 - LFC: 2018/05/13 14:47:12 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1051.dll [73728]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1052.dll [77824]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1053.dll [77824]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1055.dll [73728]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1058.dll [77824]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1059.dll [77824]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1060.dll [77824]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1062.dll [81920]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1066.dll [73728]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1067.dll [73728]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1068.dll [73728]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1071.dll [77824]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1079.dll [77824]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-1102.dll [77824]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-2052.dll [31232]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-2070.dll [77824]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-2074.dll [77824]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-3098.dll [77824]
O61 - LFC: 2018/05/13 14:47:13 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-5146.dll [73728]
O61 - LFC: 2018/05/13 14:47:14 A . (..) -- C:\Users\((user))\Downloads\spsetup131\lang\lang-9999.dll [73728]

---\ File Associations Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- '%1' %* =>.Default.Value
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- '%1' %* =>.Default.Value
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- '%1' %* =>.Default.Value
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- '%1' %* =>.Default.Value
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (...) -- C:\Windows\System32\WScript.exe '%1' %* =>.Default.Value
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- '%1' /S =>.Default.Value

---\ Start Menu Internet (8) - 0s
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

---\ Search Browser Infection (2) - 0s
O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com

---\ Search Svchost Services (48) - 1s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [188928] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [188928] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [270848] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1275904] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [984064] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [820224] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [30720] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [144896] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [150528] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [109056] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [880640] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [220160] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [132608] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [408064] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [387584] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [108544] =>.Microsoft Corporation
O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) -- C:\Windows\System32\InstallService.dll [1313792] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\Windows\System32\XboxNetApiSvc.dll [1143808] =>.Microsoft Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) -- C:\Windows\System32\WpnService.dll [284672] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight Settings.) -- C:\Windows\System32\flightsettings.dll [779264] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\Windows\System32\dmwappushsvc.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) -- C:\Windows\System32\TokenBroker.dll [1236480] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [238080] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [69632] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) -- C:\Windows\System32\XboxGipSvc.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\NcaSvc.dll [170496] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\Windows\System32\usermgr.dll [951808] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\System32\wlidsvc.dll [2223616] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\Windows\System32\NetSetupSvc.dll [308224] =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Natural Authentication Service.) -- C:\Windows\System32\NaturalAuth.dll [795136] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [387072] =>.Microsoft Corporation
O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) -- C:\Windows\System32\PushToInstall.dll [254976] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\Windows\System32\XblAuthManager.dll [1107968] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [702464] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\Windows\System32\XblGameSave.dll [1272320] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\Windows\System32\Windows.SharedPC.AccountManager.dll [194560] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll [46080] =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infrared Monitor.) -- C:\Windows\System32\irmon.dll [24576] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [104960] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [930816] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [491520] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [73216] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [601088] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [307200] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2784256] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [1346560] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [613376] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\Windows\System32\usocore.dll [1300992] =>.Microsoft Corporation

---\ Firewall Active Exception List (125) - 11s
O87 - FAEL: '{93361E22-6AA0-4678-9E67-56B2B1F9427C}' [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\VoidElsword\VoidElsword\voidels.exe
O87 - FAEL: '{A7B9051E-4DDE-4E98-9B51-B8D6175A5E5A}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\VoidElsword\VoidElsword\data\x2.exe
O87 - FAEL: '{1BA8D137-AA7F-4685-9134-BCB3D2FCE5E2}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\VoidElsword\VoidElsword\data\x2.exe
O87 - FAEL: '{2204C0AC-A807-4CC1-8764-9CF660F3755D}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe =>.Steam Games
O87 - FAEL: '{8A3E5593-EEC0-4F4E-BF3C-0C07D313FD5A}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe =>.Steam Games
O87 - FAEL: '{121F27DE-FCB1-4887-8B3B-7E416B7CC07C}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Elsword\ESSTEAM.exe {018527920C3B93C6} =>.Steam Games
O87 - FAEL: '{10E2811C-6912-4825-B491-52C305DB8C5C}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Elsword\ESSTEAM.exe {018527920C3B93C6} =>.Steam Games
O87 - FAEL: '{54543950-3EA6-4E39-9B14-8EFD39C64BB2}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Soda Dungeon\dungeon.exe =>.Steam Games
O87 - FAEL: '{3D914F68-A882-4C03-98AD-7C2C18252CBF}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Soda Dungeon\dungeon.exe =>.Steam Games
O87 - FAEL: '{7731F45F-4999-4938-9FB1-46A1A2553B4C}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\We Were Here\We Were Here.exe =>.Steam Games
O87 - FAEL: '{55A8579B-99AD-4496-A7B1-9C88862ED37E}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\We Were Here\We Were Here.exe =>.Steam Games
O87 - FAEL: '{0F928908-6D8A-46E8-8937-CF22886298BB}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\We Were Here\We Were Here VR.exe =>.Steam Games
O87 - FAEL: '{9A16094A-6D26-4BC5-B6B2-B09DB03D562D}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\We Were Here\We Were Here VR.exe =>.Steam Games
O87 - FAEL: '{D20D4759-AF9B-4148-A1C7-D999D7AB33F4}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\100 Orange Juice\100orange.exe =>.Steam Games
O87 - FAEL: '{49C0387F-9C2D-44EA-A31B-3F6A31973EDC}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\100 Orange Juice\100orange.exe =>.Steam Games
O87 - FAEL: '{96265893-EDCB-4E90-8369-9E0120000DBF}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\200 Mixed Juice!\200MJ.exe =>.Steam Games
O87 - FAEL: '{76513E6E-7997-4840-8D8B-DFAB78C3F896}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\200 Mixed Juice!\200MJ.exe =>.Steam Games
O87 - FAEL: '{898B64DB-274C-41EC-B0D7-4E54C3D500B0}' [In-None-P6-TRUE] .(.SilverSecond - Game.) -- C:\Program Files (x86)\Steam\steamapps\common\Alicemare\Game.exe =>.Steam SteamApps Games
O87 - FAEL: '{4D099DA1-D4F5-4D87-9A98-33C6279C3657}' [In-None-P17-TRUE] .(.SilverSecond - Game.) -- C:\Program Files (x86)\Steam\steamapps\common\Alicemare\Game.exe =>.Steam SteamApps Games
O87 - FAEL: '{04239397-AFEC-43EA-B908-9E1037E979F3}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Alicemare\Config.exe =>.Steam Games
O87 - FAEL: '{DB17728F-79BB-4DF6-91A5-4BA41A1E49DC}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Alicemare\Config.exe =>.Steam Games
O87 - FAEL: '{8889B86C-46ED-4080-88DD-B3CCECFFC0E9}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Azure Striker Gunvolt\exe\gv_win.exe =>.Steam Games
O87 - FAEL: '{E8EC2B71-9505-4898-B4EC-E518350CBAFF}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Azure Striker Gunvolt\exe\gv_win.exe =>.Steam Games
O87 - FAEL: '{363D11AB-F36C-475D-96F6-A1F33F1C779E}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe =>.Steam Games
O87 - FAEL: '{7B98FFE6-8B27-45B2-8B71-3BEFC442ACB6}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe =>.Steam Games
O87 - FAEL: '{EB313F59-228A-4C55-A44A-CBBD93F89D9E}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\The Cat Games\The Cat Games.exe =>.Steam Games
O87 - FAEL: '{A33069DB-E371-4466-A94B-4C7FFAD4FC10}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\The Cat Games\The Cat Games.exe =>.Steam Games
O87 - FAEL: '{AC0011E3-6BEE-4976-B6C2-6E25DCB0D38E}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe =>.Brace Yourself Games (Transcendsense Technologies Inc)®
O87 - FAEL: '{CE1F3B23-5961-489C-B44B-4C1E70F75135}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe =>.Brace Yourself Games (Transcendsense Technologies Inc)®
O87 - FAEL: '{CE078F34-48C2-4C36-A79A-36CCE40DC3F1}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Delicious! Pretty Girls Mahjong Solitaire\DeliciousPGMS.exe =>.Steam Games
O87 - FAEL: '{C0B6DFE2-2A38-48F5-BD01-A6186A856789}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Delicious! Pretty Girls Mahjong Solitaire\DeliciousPGMS.exe =>.Steam Games
O87 - FAEL: '{8091AE93-4C7C-4ADC-9D7D-B7822FF5E0E7}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe =>.Steam Games
O87 - FAEL: '{114F0D57-035B-4D55-BD07-DA10C2DD6DAA}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe =>.Steam Games
O87 - FAEL: '{23C34F87-4F69-4BF0-987E-D0A1D4F134B0}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Downwell\Downwell.exe =>.Steam Games
O87 - FAEL: '{B5670B7B-44AD-4638-A210-D89FC52D421D}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Downwell\Downwell.exe =>.Steam Games
O87 - FAEL: '{4F29A722-22D7-4F4A-B572-9C17960D4FD4}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\FiveNightsatFreddys4\FiveNightsatFreddys4.exe =>.Steam Games
O87 - FAEL: '{1215B453-39A5-447F-B283-9602DC78C6F2}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\FiveNightsatFreddys4\FiveNightsatFreddys4.exe =>.Steam Games
O87 - FAEL: '{F011649B-BE9B-4641-80C2-FB27172A2C6C}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\FiveNightsatFreddys4\HalloweenEdition.exe =>.Steam Games
O87 - FAEL: '{E6337D96-05CB-4792-9F06-60B7B5918763}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\FiveNightsatFreddys4\HalloweenEdition.exe =>.Steam Games
O87 - FAEL: '{46AF8A74-EC2B-4905-A108-78AA7F3F0216}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe =>.Steam Games
O87 - FAEL: '{D4B47139-ACE9-43FE-8381-5414A5C9354B}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe =>.Steam Games
O87 - FAEL: '{8F856BA0-6789-47AD-907D-007451B7F951}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\GenitalJousting\GenitalJousting.exe =>.Steam Games
O87 - FAEL: '{ED6296AD-B010-4EAF-A4FC-39298D18FB64}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\GenitalJousting\GenitalJousting.exe =>.Steam Games
O87 - FAEL: '{B1C1C1AF-E5D4-4A6E-9206-893C75DBEC76}' [In-None-P6-TRUE] .(.Copyright (C) Ntreev Soft Co.,Ltd. All rights reserve - Alicia.) -- C:\Users\((user))\AppData\Local\Gametree\Alicia\Alicia.exe
O87 - FAEL: '{2DDB924D-42AC-4B20-959D-C9AA0EB82B9A}' [In-None-P17-TRUE] .(.Copyright (C) Ntreev Soft Co.,Ltd. All rights reserve - Alicia.) -- C:\Users\((user))\AppData\Local\Gametree\Alicia\Alicia.exe
O87 - FAEL: '{009B5EDC-6A74-477B-976E-465E7E0AB489}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Geometry Dash\GeometryDash.exe =>.Steam Games
O87 - FAEL: '{49FAB4D2-4503-4D7F-A1B6-5989C08EBE0C}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Geometry Dash\GeometryDash.exe =>.Steam Games
O87 - FAEL: '{94C8BCFF-31EC-45D7-A4E7-9E6BF564D491}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Hell Girls\game.exe =>.Steam Games
O87 - FAEL: '{5350FBAD-5146-489F-9A29-D63AE37E5639}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Hell Girls\game.exe =>.Steam Games
O87 - FAEL: '{BA25250A-8CEA-4C42-A787-FDB0A0282468}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Howler\Howler.exe =>.Steam Games
O87 - FAEL: '{F159544B-41CB-4F6B-83F8-2BE2E6853145}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Howler\Howler.exe =>.Steam Games
O87 - FAEL: '{168AA021-1ED5-4B16-BBDA-23BB8460EBAB}' [In-None-P6-TRUE] .(.Experimental Gameplay Group LLC - Human Resource Machine.) -- C:\Program Files (x86)\Steam\steamapps\common\Human Resource Machine\Human Resource Machine.exe =>.Steam SteamApps Games
O87 - FAEL: '{2B7EB958-18C0-448D-970B-2ABC16C90BD3}' [In-None-P17-TRUE] .(.Experimental Gameplay Group LLC - Human Resource Machine.) -- C:\Program Files (x86)\Steam\steamapps\common\Human Resource Machine\Human Resource Machine.exe =>.Steam SteamApps Games
O87 - FAEL: '{B1801FB4-D811-41B4-97B5-A62D31FC2058}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\HunieCam Studio\HunieCamStudio.exe =>.Steam Games
O87 - FAEL: '{61B71A23-BE59-45D7-8058-1124FCFFF179}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\HunieCam Studio\HunieCamStudio.exe =>.Steam Games
O87 - FAEL: '{73FEA5B3-9463-4E3C-9CC4-856FBC56BC2D}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\HuniePop\HuniePop.exe =>.Steam Games
O87 - FAEL: '{016DB888-F7DB-405A-9DD5-CAF0FC111105}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\HuniePop\HuniePop.exe =>.Steam Games
O87 - FAEL: '{C22A3CA0-EBC5-4B83-B3B1-B083A20AF135}' [In-None-P6-TRUE] .(.Idea Factory - Hyperdevotion Noire: Goddess Black Heart.) -- C:\Program Files (x86)\Steam\steamapps\common\Hyperdevotion Noire\Noire.exe =>.Steam SteamApps Games
O87 - FAEL: '{72281275-3823-4CA4-863D-922B66E50A82}' [In-None-P17-TRUE] .(.Idea Factory - Hyperdevotion Noire: Goddess Black Heart.) -- C:\Program Files (x86)\Steam\steamapps\common\Hyperdevotion Noire\Noire.exe =>.Steam SteamApps Games
O87 - FAEL: '{D8AEC18D-7131-412A-83DE-043462EB2A55}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack\TJPP.exe =>.Steam Games
O87 - FAEL: '{28C765BE-FFB0-4002-AEAC-81AF2C423FA1}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack\TJPP.exe =>.Steam Games
O87 - FAEL: '{87B9D4F9-D872-4FEE-B764-B008CAA464BA}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 2\The Jackbox Party Pack 2.exe =>.Steam Games
O87 - FAEL: '{4D5EFDFA-243C-4BAB-99D4-1E07C29CFC3B}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 2\The Jackbox Party Pack 2.exe =>.Steam Games
O87 - FAEL: '{ABC91972-0090-4AC1-8667-9FD397A67097}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe =>.Steam Games
O87 - FAEL: '{6D1B481D-1ED4-4391-8053-1BB2C67E2C29}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe =>.Steam Games
O87 - FAEL: '{039A87C2-3AAD-4C24-BAA2-E3BFE24E09CF}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Kingdom New Lands\Kingdom.exe =>.Steam Games
O87 - FAEL: '{6FA0AC38-2B3A-4EB2-9462-1D95CB85BB8E}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Kingdom New Lands\Kingdom.exe =>.Steam Games
O87 - FAEL: '{3C35AEF6-EA35-4382-9388-3289ED59B690}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Kingdom\Kingdom.exe =>.Steam Games
O87 - FAEL: '{9AB709C3-C89A-414D-B14C-5C04D62746B4}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Kingdom\Kingdom.exe =>.Steam Games
O87 - FAEL: '{1EA3F59D-9560-4158-A0D7-CA7C38766EE7}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\LiEat\LiEat_Launcher.exe =>.Steam Games
O87 - FAEL: '{AB600159-8989-46E8-8BE8-ACD870F3127A}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\LiEat\LiEat_Launcher.exe =>.Steam Games
O87 - FAEL: '{67D9D79A-4525-45BD-B25F-0E472DBAEF32}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Momodora III\Momodora3.exe =>.Steam Games
O87 - FAEL: '{3B800310-E266-442C-B07A-CEE282A1B407}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Momodora III\Momodora3.exe =>.Steam Games
O87 - FAEL: '{47D9FCBF-A324-4F85-80F9-C0E75B00BB75}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\MonsterLovesYou\MonsterLovesYou.exe =>.Steam Games
O87 - FAEL: '{97E3DF96-6F81-484A-BAC6-D594E45FABC9}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\MonsterLovesYou\MonsterLovesYou.exe =>.Steam Games
O87 - FAEL: '{A68B0151-00F6-4A23-94E0-1D081A702B97}' [In-None-P6-TRUE] .(.Green Lava Studios S.A. - A dating sim with a massage twist....) -- C:\Program Files (x86)\Steam\steamapps\common\Mr. Massagy\Mr Massagy.exe =>.Steam SteamApps Games
O87 - FAEL: '{896ABA87-5231-4B06-8F6F-35BA3761444F}' [In-None-P17-TRUE] .(.Green Lava Studios S.A. - A dating sim with a massage twist....) -- C:\Program Files (x86)\Steam\steamapps\common\Mr. Massagy\Mr Massagy.exe =>.Steam SteamApps Games
O87 - FAEL: '{6BBCF7EE-895D-41B2-94FE-ACD913EF20F4}' [In-None-P6-TRUE] .(.(KIRIKIRI core) (C) W.Dee and contributors All Rights - TVP(KIRIKIRI) Z core / Scripting Platform f.) -- C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 0\nekopara_vol0.exe =>.Steam SteamApps Games
O87 - FAEL: '{F481957F-C7C6-4221-B504-A4BEB2AD34A4}' [In-None-P17-TRUE] .(.(KIRIKIRI core) (C) W.Dee and contributors All Rights - TVP(KIRIKIRI) Z core / Scripting Platform f.) -- C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 0\nekopara_vol0.exe =>.Steam SteamApps Games
O87 - FAEL: '{446F057A-F790-463C-906B-F410F4773CA5}' [In-None-P6-TRUE] .(.(KIRIKIRI core) (C) W.Dee and contributors All Rights - TVP(KIRIKIRI) Z core / Scripting Platform f.) -- C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 1\nekopara_vol1.exe =>.Steam SteamApps Games
O87 - FAEL: '{DE204C8A-ED4B-45B0-899B-2850F5B40E73}' [In-None-P17-TRUE] .(.(KIRIKIRI core) (C) W.Dee and contributors All Rights - TVP(KIRIKIRI) Z core / Scripting Platform f.) -- C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 1\nekopara_vol1.exe =>.Steam SteamApps Games
O87 - FAEL: '{E01BBDDA-EAF6-4B6B-9346-D5B998610FD6}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\NeverAlone\Never_Alone.exe {2E7DADBE097CA65CD45890E001E510FF} =>.Steam Games
O87 - FAEL: '{81373EF2-62D9-4F2D-818C-E947CF287F56}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\NeverAlone\Never_Alone.exe {2E7DADBE097CA65CD45890E001E510FF} =>.Steam Games
O87 - FAEL: '{05E6FFDF-086E-4537-9DE7-5BCA60342ECA}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe =>.Steam Games
O87 - FAEL: '{0612C841-C64B-46C8-9E0B-DCB55A424391}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe =>.Steam Games
O87 - FAEL: '{AE338BCF-529E-4845-8171-CA692A8B6B98}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Plants Vs Zombies\PlantsVsZombies.exe =>.PopCap Games®
O87 - FAEL: '{6D3E0AF6-D2DA-47A9-AEB4-AC80EFA26821}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Plants Vs Zombies\PlantsVsZombies.exe =>.PopCap Games®
O87 - FAEL: '{226E9C0F-DB8D-486D-8A6C-BED86CE2E2DA}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Pony Island\PonyIsland.exe =>.Steam Games
O87 - FAEL: '{9CD7F253-C656-47D4-A2AF-AF0F344C1665}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Pony Island\PonyIsland.exe =>.Steam Games
O87 - FAEL: '{8C78C59F-C795-43D0-A575-15D1EE326AB7}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Pretty Girls Mahjong Solitaire\PrettyGirlsMahjongSolitaire.exe =>.Steam Games
O87 - FAEL: '{7DD303A4-13A8-46FF-9794-0599F8BD0AA1}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Pretty Girls Mahjong Solitaire\PrettyGirlsMahjongSolitaire.exe =>.Steam Games
O87 - FAEL: '{96D6093A-73C9-44E8-8BDE-B477A7A949F8}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\The Purring Quest\ThePurringQuest.exe =>.Steam Games
O87 - FAEL: '{8785FE55-C116-433E-8174-0912F1FD10B7}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\The Purring Quest\ThePurringQuest.exe =>.Steam Games
O87 - FAEL: '{76BEA176-959A-499C-874F-3BA867FB0BC0}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Shelter2\Shelter2.exe =>.Steam Games
O87 - FAEL: '{DADB82C6-D378-423F-92D1-5809CE2199F2}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Shelter2\Shelter2.exe =>.Steam Games
O87 - FAEL: '{B869BCDA-C26D-4093-9708-058566DC21EF}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Slayaway Camp\SlayawayCamp.exe =>.Steam Games
O87 - FAEL: '{47714386-5208-4096-87A6-385A026537C5}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Slayaway Camp\SlayawayCamp.exe =>.Steam Games
O87 - FAEL: '{FDF80B06-741D-4992-A32F-56CD41B86606}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Sonic Adventure 2\Launcher.exe =>.Steam Games
O87 - FAEL: '{F25FF585-5B23-4838-B475-1EB2FB48B2BF}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Sonic Adventure 2\Launcher.exe =>.Steam Games
O87 - FAEL: '{6FC93C4A-3184-4515-84E2-73DD18A3490A}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Zooicide\Zooicide.exe =>.Steam Games
O87 - FAEL: '{F6B3F437-88B5-4631-A208-E3A5D4DBAAD1}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Zooicide\Zooicide.exe =>.Steam Games
O87 - FAEL: '{C378E9E0-0991-4691-BD19-3D95C076095D}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Welcome to the Game\WTTG.exe =>.Steam Games
O87 - FAEL: '{F04F77AA-F313-4BB3-8EC5-3901DA5528D0}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Welcome to the Game\WTTG.exe =>.Steam Games
O87 - FAEL: '{77EC10E5-F4BB-4330-8290-C9C18FED28D6}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\World of Goo\WorldOfGoo.exe =>.Steam Games
O87 - FAEL: '{F9D0B5E3-4494-4059-94E6-40F9C88A842E}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\World of Goo\WorldOfGoo.exe =>.Steam Games
O87 - FAEL: '{5CEF27FC-BA1D-4177-9E8B-E08226BE5786}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe =>.Steam Games
O87 - FAEL: '{F202584B-44E0-4DED-A685-828C7EFB6F23}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe =>.Steam Games
O87 - FAEL: '{A48FE98B-DA20-4736-B6E7-71C12E0A5C95}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe =>.Steam Games
O87 - FAEL: '{44050C1D-CDF3-4EB3-A86D-C93A09E54197}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe =>.Steam Games
O87 - FAEL: '{21DCF377-AE7D-4A1F-B3B0-B841E3073E5C}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe =>.Steam Games
O87 - FAEL: '{60C4D6EE-CB45-4EC3-AB35-A9C987A58BB7}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe =>.Steam Games
O87 - FAEL: '{727214C6-32D9-4392-8BFE-95F461139FF5}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Tales of Symphonia\TOS.exe =>.Steam Games
O87 - FAEL: '{A68DEF2A-04B4-4055-A93E-63C35199C66D}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Tales of Symphonia\TOS.exe =>.Steam Games
O87 - FAEL: '{19FCC033-9F9E-4852-99B3-C071D532F603}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Valley\Valley.exe =>.Steam Games
O87 - FAEL: '{126CF82C-66A3-46E2-8F78-6A565F32A6F6}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Valley\Valley.exe =>.Steam Games
O87 - FAEL: '{A8C034EF-3C6D-47E1-83F2-361052D93857}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\WhosYourDaddy.exe =>.Steam Games
O87 - FAEL: '{5497E00C-55FA-4C2D-A4FD-5550CDF630F9}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\WhosYourDaddy.exe =>.Steam Games
O87 - FAEL: '{7891E410-23E3-46F9-AF6B-464F7CF53057}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\WolfQuest\WolfQuest.exe =>.Steam Games
O87 - FAEL: '{0DA7CCD1-E5C5-493C-B955-32CE61A88343}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\WolfQuest\WolfQuest.exe =>.Steam Games
O87 - FAEL: '{1F9C0804-3BC4-4E71-A431-D63B2E82FC09}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\There's Poop In My Soup\PoopInMySoup.exe =>.Steam Games
O87 - FAEL: '{4C743061-DC4A-480A-AABB-026A67E39979}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\There's Poop In My Soup\PoopInMySoup.exe =>.Steam Games
O87 - FAEL: '{01F1CA69-12B3-439A-B68B-64DF6CE0E2BE}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Elsword\data\x2.exe =>.KOG Co., Ltd.®
O87 - FAEL: '{81A8BB23-9A68-4457-9387-9059C500A9AC}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Elsword\data\x2.exe =>.KOG Co., Ltd.®
O87 - FAEL: '{125021A7-CA77-477C-A474-D81611AFEFC9}' [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Tales of Zestiria\Tales of Zestiria.exe =>.Steam Games
O87 - FAEL: '{D3BC996E-CD78-4FF7-B9AF-917D4E5EA353}' [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Tales of Zestiria\Tales of Zestiria.exe =>.Steam Games

---\ Product Upgrade Codes (1) - 0s
O90 - PUC: '51405DC87B40E954C8DBAD699ADC9FE8' [HKLM] . (.Star Stable Online.) -- C:\WINDOWS\Installer\{8CD50415-04B7-459E-8CBD-DA96A9CDF98E}\ARPPRODUCTICON.exe

---\ Windows Installer Scan (6) - 2s
[MD5.F0EE2E7F283866A2A0FEA9BE2D12A979] [WIS][2018/03/14 02:22:11] (.Google Inc. - Google Update Helper.) -- C:\WINDOWS\Installer\225581.msi [40960] =>.Google Inc.
[MD5.16D3F94BA8D38A212EF92277404754EC] [WIS][2018/03/15 01:43:54] (.Mojang - Minecraft.) -- C:\WINDOWS\Installer\5214cd9.msi [2314240] =>.Mojang
[MD5.B9508FC92FFC00A464CD26E7C4FA2AE0] [WIS][2018/03/15 08:05:01] (.Star Stable Entertainment AB - Star Stable Online.) -- C:\WINDOWS\Installer\67edb8a.msi [9878016] =>.Star Stable Entertainment AB
[MD5.AFC9669572A7FDCD209EBAAEA68D6CBE] [WIS][2018/03/15 22:59:41] (.Blender Foundation - Blender.) -- C:\WINDOWS\Installer\9b136ed.msi [87916645] =>.Blender Foundation
[MD5.86D4E38DF3802125FE670A2E8BD5B82C] [WIS][2018/01/22 03:12:56] (.Apple Inc. - Apple Application Support Installer.) -- C:\WINDOWS\Installer\9c92dd2.msi [46137344] =>.Apple Inc.
[MD5.0C0A4A62171057FA6C45342035449FD5] [WIS][2018/03/16 00:41:43] (.LogMeIn, Inc. - LogMeIn Hamachi Installer.) -- C:\WINDOWS\Installer\a0fa695.msi [9781248] =>.LogMeIn, Inc.

---\ Additional Scan (O88) (7) - 7s
C:\Users\((user)\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome
C:\Users\((user))\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome
C:\Users\((user))\AppData\Local\Google\Chrome\User Data\Default\File System\002 =>.SUP.Temporary.Chrome
C:\Users\((user))\AppData\Local\Google\Chrome\User Data\Default\File System\003 =>.SUP.Temporary.Chrome
C:\Users\((user))\AppData\Local\Google\Chrome\User Data\Default\File System\004 =>.SUP.Temporary.Chrome
C:\Users\((user))\AppData\Local\Google\Chrome\User Data\Default\File System\005 =>.SUP.Temporary.Chrome
C:\Users\((user))\AppData\Local\Google\Chrome\User Data\Default\File System\006 =>.SUP.Temporary.Chrome

---\ Summary of the elements found (1) - 0s
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Chrome

~ Unselected Options:
~ End of the scan, 8293 items in 02mn41s (1059)(0)
 

Pouhi

PCHF Member
PCHF Member
May 13, 2018
9
2
17
#20
@Malnutrition
Yes, it works in admin. Since it worked in admin I figured it would work in my original account (which it does). Thank you for your help! Wonder what the cause was.
I may be speaking too soon, though... So I apologize in advance need I come back.
 
Likes: Malnutrition
Status
Not open for further replies.