• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Solved Many games and apps broken

Status
Not open for further replies.

10months

PCHF Member
Aug 13, 2017
23
0
29
-Sorry for the length of this post, there are a lot of problems and I do not know what details are relevant.

A few days ago my games started to drop frames dramatically after a few minutes, then crashed with an error message which couldn't be seen through the black screens. When I went to open geforce and the nvidia control panel (as it is very out of date, as is my driver software), neither would open. A bit of fiddling around and a system restore later, none of microsoft office worked in addition to the photo gallery, my antivirus and steam games, none starting up nor showing error messages (chrome and discord had similar problems but worked after a reinstall).

After a windows repair install, the games seem to be behaving as they did at the start, photo gallery and my antivirus is working again, but microsoft office returns an error stating "AppVISubsystems32.dll" is missing - both the office repair and uninstall from programs and features run into errors 30034-4 and 30015-4(1006) respectively, geforce experience won't start (type initializer for system.componentmodel.designerproperties threw an exception), nor any nvidia product's installation. Most fixes to these seem to be reinstalling, but most of these cannot be either installed or uninstalled, and either way the sheer amount of different programs with errors strikes me as there being a much bigger problem - whether the thing blocking apps starting and the thing tanking then crashing all games after two minutes are even the same (perhaps it's blocking something else key to running the games)

An additional note, my windows product key was rejected, the system was custom built a few years ago on PC specialist, the key is stuck onto the side of the case, I have had problems with the key before, I cannot remember how I dealt with it originally.

Could someone please help if they have any ideas/suggestions?

Also, if there is nothing else do be done, is there some way to perform a complete factory reset? (I have copies of the important data I just need the hardware)
 
Last edited:
Hello

Windows 7 has had issues with geforce experience in the past,as the two don't play well together.. You can un-install geforce experience that may solve the issue. Note if you do you will have to download the correct drivers manually in the future. Was the product key ever activated?
@phillpower2 @DOUGIE
 
Geforce has been uninstalled, the issue is not resolved. Also, when I try to use the nvidia installer to get the new driver software it flickers then bluescreens, and has, in starting the process without finishing it deleted the 3D controller driver and HD audio driver - 3D vision driver was already gone. From the nvidia installer it doesn't look like you can install any of the others without installing the driver, the first stage and the stage at which it crashes.

As for the product key, it is the same as I was using before so I suppose I must have used it, but it was rejected originally as well. I really don't remember how I got it to work, sorry
 
Not really, I've not tried much recently, ccleaner scan of the registry didn't help. In terms of games, there are one or two basic 2D games which work for sometimes over an hour, but they all end up eventually with an error message and black screen (most crash after 2-20 minutes). I tried to get a screenshot of what it was, but it would either corrupt or only show the outline of the message. Office still is behaving the same, nvidia products are still gone or unresponsive.
 
I do not suspect malware here, this tool will just give me an in depth look into your machine.

ZHP Diag Scan


Download ZHP Diag to your desktop.


1. Right Click Run as Admin.

2. Click the Options button.

Click on Check All
Then Click Validate
Then click close.

upload_2017-4-26_17-16-39-png.2074





2. Click the Scanner button.


upload_2017-2-23_3-32-26-png.1647



When complete please push the report button.
A notepad will open... copy and paste the report in your next reply.
 
~ ZHPDiag v2017.9.4.150 By Nicolas Coolman (2017/09/04)

~ Run by Dan (Administrator) (2017/09/05 12:49:42)

~ Web: https://www.nicolascoolman.com

~ Blog: https://nicolascoolman.eu/

~ Facebook: https://www.facebook.com/nicolascoolman1

~ Certificate ZHPDiag: Legal

~ State version: Version OK

~ Mode: Scan

~ Report: C:\Users\Dan\Desktop\ZHPDiag.txt

~ Report: C:\Users\Dan\AppData\Roaming\ZHP\ZHPDiag.txt

~ UAC: Activate

~ System startup: Normal (Normal boot)

Windows 7 Professional, 64-bit Service Pack 1 (Build 7601) =>.Microsoft Corporation


---\\ Internet Browsers (3) - 0s

~ GCIE: Google Chrome v60.0.3112.113

~ MFIE: Mozilla Firefox 42.0 (x86 en-GB)

~ MSIE: Internet Explorer v8.0.7601.17514


---\\ Windows Product Information (4) - 3s

~ Windows Server License Manager Script : OK

~ Licence Script File Génération : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK


---\\ System protection software (1) - 1s

Norton Security v22.9.1.12 (Protection)


---\\ Surveillance software (1) - 1s

~ Adobe Flash Player Plugin (Surveillance)


---\\ Information on the system (6) - 0s

~ Operating System: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel

~ Operating System: 64-bit

~ Boot mode: Normal (Normal boot)

Total RAM: 33412.324 MB (83% free) : OK =>.RAM Value

System Restore: Activé (Enable)

System drive C: has 62 GB (26%) free of 232 GB : OK =>.Disk Space


---\\ Connection to the system mode (3) - 0s

~ Computer Name: LUCY

~ User Name: Dan

~ Logged in as Administrator


---\\ Enumeration of the disk units (2) - 0s

~ Drive C: has 62 GB free of 232 GB (System)

~ Drive E: has 497 GB free of 1907 GB


---\\ State of the Windows Security Center (10) - 0s

[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK


---\\ Search Generic System Files (25) - 1s

[MD5.AC4C51EB24AA95B77F705AB159189E24] - 21/11/2010 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2872320] =>.Microsoft Corporation

[MD5.C36BB659F08F046B139C8D1B980BF1AC] - 30/03/2017 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [46080] =>.Microsoft Corporation

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation

[MD5.7FDF925B70507715598E1319601FCA6A] - 10/12/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [1188864] =>.Microsoft Corporation

[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - 17/07/2014 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [455168] =>.Microsoft Corporation

[MD5.067FA52BFB59A56110A12312EF9AF243] - 21/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation

[MD5.492D07D79E7024CA310867B526D9636D] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation

[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation

[MD5.0DC2A9882540DEA4A55B08785E09D8FC] - 04/04/2017 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [496128] =>.Microsoft Corporation

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows®

[MD5.B8BD2BB284668C84865658C77574381A] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation

[MD5.F036CE71586E93D94DAB220D7BDF4416] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation

[MD5.9B38580063D281A99E68EF5813022A5F] - 08/09/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [106496] =>.Microsoft Corporation

[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation

[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 14/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation

[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation

[MD5.0CAFC684CABD24D089A53467CAF5C7BB] - 07/07/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [159744] =>.Microsoft Corporation

[MD5.E47D571FEC2C76E867935109AB2A770C] - 11/05/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [262144] =>.Microsoft Corporation

[MD5.7FD5A7FB8F55254E9AF5666C653AF3CA] - 09/06/2017 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1680616] =>.Microsoft Windows®

[MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation

[MD5.471815800AE33E6F1C32FB1B97C490CA] - 21/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation

[MD5.1B6163C503398B23FF8B939C67747683] - 21/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888] =>.Microsoft Corporation

[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation

[MD5.4DD986720F7CB7A8A5D1226793097B9A] - 29/07/2017 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [117248] =>.Microsoft Corporation

[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 21/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Windows®


---\\ Non Microsoft non disabled Windows Services (13) - 1s

O23 - Service: AdobeUpdateService (AdobeUpdateService) . (.Adobe Systems Incorporated - Adobe Update Service.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated®

O23 - Service: Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated®

O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®

O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation

O23 - Service: Norton Security (NS) . (.Symantec Corporation - Norton Security.) - C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\NS.exe =>.Symantec Corporation®

O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®

O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (...) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

O23 - Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation - NVIDIA Streamer Service.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe =>.NVIDIA Corporation®

O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 347.8.) - C:\Windows\system32\nvvsvc.exe =>.NVIDIA Corporation

O23 - Service: Origin Web Helper Service (Origin Web Helper Service) . (.Electronic Arts - OriginWebHelperService.) - E:\Origin\OriginWebHelperService.exe =>.Electronic Arts, Inc.®

O23 - Service: RunSwUSB (RunSwUSB) . (.Copyright (C) 2012-2013 - .) - C:\Windows\runSW.exe =>.Realtek Semiconductor Corp®

O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®

O23 - Service: TunnelBear Maintenance (TunnelBearMaintenance) . (.Copyright © 2013 - TBear.Maintenance.) - C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe =>.TunnelBear, Inc.®


---\\ Services not Microsoft (SR=Run, SS=Stop) (21) - 7s

SR - Auto [24/08/2016] [ 744640] AdobeUpdateService (AdobeUpdateService) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated®

SR - Auto [18/05/2017] [ 2246256] Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated®

SS - Demand [18/04/2017] [ 1517576] BattlEye Service (BEService) . (...) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe =>.BattlEye Innovations e.K.®

SS - Demand [09/08/2015] [ 288688] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - pGFX®

SS - Auto [11/08/2017] [ 153168] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®

SS - Demand [11/08/2017] [ 153168] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®

SR - Auto [09/08/2015] [ 355232] Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation - pGFX®

SS - Demand [30/10/2015] [ 147624] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®

SR - Auto [15/07/2017] [ 326144] Norton Security (NS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\NS.exe =>.Symantec Corporation®

SR - Auto [15/07/2017] [ 326144] NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®

SS - Demand [15/07/2017] [ 326144] NVIDIA NetworkService Container (NvContainerNetworkService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®

SS - Auto [15/07/2017] [ 326144] NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (...) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

SS - Auto [15/07/2017] [ 326144] NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe =>.NVIDIA Corporation®

SS - Auto [15/07/2017] [ 326144] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe =>.NVIDIA Corporation®

SS - Demand [15/07/2017] [ 326144] Origin Client Service (Origin Client Service) . (.Electronic Arts.) - E:\Origin\OriginClientService.exe =>.Electronic Arts, Inc.®

SS - Auto [15/07/2017] [ 326144] Origin Web Helper Service (Origin Web Helper Service) . (.Electronic Arts.) - E:\Origin\OriginWebHelperService.exe =>.Electronic Arts, Inc.®

SS - Demand [15/07/2017] [ 326144] Overwolf Updater Windows SCM (OverwolfUpdater) . (.Overwolf LTD.) - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe =>.Overwolf Ltd®

SR - Auto [15/07/2017] [ 326144] RunSwUSB (RunSwUSB) . (.Copyright (C) 2012-2013.) - C:\Windows\runSW.exe =>.Realtek Semiconductor Corp®

SS - Auto [15/07/2017] [ 326144] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®

SR - Demand [15/07/2017] [ 326144] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve®

SR - Auto [15/07/2017] [ 326144] TunnelBear Maintenance (TunnelBearMaintenance) . (.Copyright © 2013.) - C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe =>.TunnelBear, Inc.®


---\\ Task Planned Automatically (19) - 7s

[MD5.68DDCB629A7F2C5A3D2392F8177A3CD0] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [7658200] (.Activate.) =>.Piriform Ltd®

[MD5.00000000000000000000000000000000] [APT] [DllKitPRO] (...) -- C:\Program Files (x86)\DllKitPRO\dllkitpro.exe (.not file.) [0] (.Activate.) =>.SUP.Empty

[MD5.0545A3EB959CFA4790D267BFB8C1ACA4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168] (.Activate.) =>.Google Inc®

[MD5.0545A3EB959CFA4790D267BFB8C1ACA4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168] (.Activate.) =>.Google Inc®

[MD5.CEF487606A4D64DC9A5F4D76EEE996AA] [APT] [NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784] (.Activate.) =>.NVIDIA Corporation®

[MD5.1C6289672DB8FD12F1732CC0223022CA] [APT] [NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [945600] (.Activate.) =>.NVIDIA Corporation®

[MD5.915B93CC8F435D84FF39F8E55B457166] [APT] [NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [646592] (.Activate.) =>.NVIDIA Corporation®

[MD5.915B93CC8F435D84FF39F8E55B457166] [APT] [NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [646592] (.Activate.) =>.NVIDIA Corporation®

[MD5.330BE3D50A1A64E60EC3F83F61B45F41] [APT] [NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160] (.Activate.) =>.NVIDIA Corporation®

[MD5.6BDFC89931F09122204604095CB4FB7E] [APT] [NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248] (.Activate.) =>.NVIDIA Corporation®

[MD5.6BDFC89931F09122204604095CB4FB7E] [APT] [NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248] (.Activate.) =>.NVIDIA Corporation®

[MD5.63EADA6D272D04B05D3B4385975B2566] [APT] [Overwolf Updater Task] (.Overwolf LTD.) -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1450824] (.Activate.) =>.Overwolf Ltd®

[MD5.00000000000000000000000000000000] [APT] [SaferUpdateTaskSCUD] (...) -- C:\Program Files (x86)\Safer Technologies\Safer Updater\SaferUpdater.exe (.not file.) [0] (.Activate.) =>.SUP.Empty

[MD5.FB44E569E95C0B9B5257F2A72793B387] [APT] [{B28C17EA-9931-456C-BCA8-E7A7B96573AA}] (.Google Inc..) -- c:\program files (x86)\google\chrome\application\chrome.exe [1301848] (.Activate.) =>.Google Inc®

[MD5.FB44E569E95C0B9B5257F2A72793B387] [APT] [{DF1C8261-E1FE-4965-82AF-80E17E609D25}] (.Google Inc..) -- c:\program files (x86)\google\chrome\application\chrome.exe [1301848] (.Activate.) =>.Google Inc®

[MD5.78B8BDD8EF9BC48B426E20208A0CB6C0] [APT] [Microsoft\Office\OfficeBackgroundTaskHandlerRegistration] (.Hewlett-Packard.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [24264] (.Activate.) {33000001797C2E574E52E1CAD6000100000179} =>.Hewlett-Packard

[MD5.D2A67735B2D1C7C4F39145EF91D5C4E6] [APT] [Norton Security\Norton Security Error Analyzer] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\SymErr.exe [102016] (.Activate.) =>.Symantec Corporation®

[MD5.D2A67735B2D1C7C4F39145EF91D5C4E6] [APT] [Norton Security\Norton Security Error Processor] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\SymErr.exe [102016] (.Activate.) =>.Symantec Corporation®

[MD5.D2A67735B2D1C7C4F39145EF91D5C4E6] [APT] [Remediation\AntimalwareMigrationTask] (.Symantec Corporation.) -- C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [3791560] (.Activate.) =>.Symantec Corporation®


---\\ Task Planned Automatically (Register) (22) - 1s

O40 - TASK: {0BB47E1C-65AC-4B30-9954-187CCB1234B9} [64Bits][\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA telemetry monitor.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160] =>.NVIDIA Corporation®

O40 - TASK: {17596CE6-A1DF-4172-8437-489E78CAC20B} [64Bits][\Microsoft\Windows\Media Center\RecordingRestart] - (...) -- C:\Windows\ehome\ehrec (.not file.) [0] (.Orphan.) =>.SUP.Orphan

O40 - TASK: {261FA479-21DD-497F-80C0-93B0CAB58638} [64Bits][\Norton Security\Norton Security Error Processor] - (.Symantec Corporation - Symantec Error Reporting.) -- C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\symerr.exe [102016] =>.Symantec Corporation®

O40 - TASK: {32319C6E-5BC2-4AD3-ACE8-45BD4789AF9D} [64Bits][\Microsoft\Windows\Media Center\mcupdate_scheduled] - (...) -- C:\Windows\ehome\mcupdate (.not file.) [0] (.Orphan.) =>.SUP.Orphan

O40 - TASK: {38D0448B-F829-48E5-8504-107BA9B04682} [64Bits][\CCleanerSkipUAC] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [7658200] =>.Piriform Ltd®

O40 - TASK: {4FA96B98-EE12-4A28-8ED8-FA80068D3571} [64Bits][\Microsoft\Windows\Media Center\StartRecording] - (...) -- C:\Windows\ehome\ehrec (.not file.) [0] (.Orphan.) =>.SUP.Orphan

O40 - TASK: {58CB4454-B5FE-44A7-848A-C9283038B151} [64Bits][\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248] =>.NVIDIA Corporation®

O40 - TASK: {62A9EDB2-6B89-4750-B445-5F5D2C7F4793} [64Bits][\Norton Security\Norton Security Error Analyzer] - (.Symantec Corporation - Symantec Error Reporting.) -- C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\symerr.exe [102016] =>.Symantec Corporation®

O40 - TASK: {641A6F4E-DAB3-4C5B-9108-FF3513DEA8C2} [64Bits][\GoogleUpdateTaskMachineCore] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168] =>.Google Inc®

O40 - TASK: {66BD7690-8E3A-4166-BA16-051A98E84C62} [64Bits][\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [646592] =>.NVIDIA Corporation®

O40 - TASK: {7A180518-D8DF-41D3-8C8F-E1D26DA021C7} [64Bits][\DllKitPRO] - (...) -- C:\Program Files (x86)\DllKitPRO\dllkitpro.exe (.not file.) [0] (.Orphan.) =>.SUP.Orphan

O40 - TASK: {92B47D1E-E56A-4807-8453-66E6AF1EC407} [64Bits][\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784] =>.NVIDIA Corporation®

O40 - TASK: {9350ECA1-A41C-4A0D-B77D-1A79EF41587F} [64Bits][\Overwolf Updater Task] - (.Overwolf LTD - OverwolfUpdater.) -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1450824] =>.Overwolf Ltd®

O40 - TASK: {974BAD45-A597-4EC3-BB75-996CF41B7CAF} [64Bits][\{DF1C8261-E1FE-4965-82AF-80E17E609D25}] - (.Google Inc. - Google Chrome.) -- c:\program files (x86)\google\chrome\application\chrome.exe [1301848] =>.Google Inc®

O40 - TASK: {9C308003-5E6F-47C2-B7AF-7E4A0147DB19} [64Bits][\{B28C17EA-9931-456C-BCA8-E7A7B96573AA}] - (.Google Inc. - Google Chrome.) -- c:\program files (x86)\google\chrome\application\chrome.exe [1301848] =>.Google Inc®

O40 - TASK: {A1EEB53C-0127-440B-BBB1-602B4C557D30} [64Bits][\SaferUpdateTaskSCUD] - (...) -- C:\Program Files (x86)\Safer Technologies\Safer Updater\SaferUpdater.exe (.not file.) [0] (.Orphan.) =>.SUP.Orphan

O40 - TASK: {A8D3C198-71E3-495A-9800-FC2A09B6402D} [64Bits][\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248] =>.NVIDIA Corporation®

O40 - TASK: {C3B84E8B-499E-4461-9FD8-190CE7087FD4} [64Bits][\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA nodejs launcher.) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [945600] =>.NVIDIA Corporation®

O40 - TASK: {CC21B860-0C88-45F5-A572-5500341E5D11} [64Bits][\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [646592] =>.NVIDIA Corporation®

O40 - TASK: {D556B455-9C86-4F05-AA5E-1F501B329789} [64Bits][\GoogleUpdateTaskMachineUA] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168] =>.Google Inc®

O40 - TASK: {D6CF144C-B4C8-4E01-8841-B7BFF8475CBD} [64Bits][\Microsoft\Windows\Media Center\mcupdate] - (...) -- C:\Windows\ehome\mcupdate (.not file.) [0] (.Orphan.) =>.SUP.Orphan

O40 - TASK: {E8C67460-F6EA-4AF6-B038-9766FE23716C} [64Bits][\Remediation\AntimalwareMigrationTask] - (.Symantec Corporation - WSCStub.) -- C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [3791560] =>.Symantec Corporation®


---\\ Auto loading programs from Registry and folders (21) - 1s

O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp®

O4 - HKLM\..\Run: [ShadowPlay] . (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\system32\rundll32.exe =>.Microsoft Corporation

O4 - HKLM\..\Run: [XboxStat] . (.Microsoft Corporation - XBoxStat.exe.) -- C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe =>.Microsoft Corporation®

O4 - HKCU\..\Run: [Discord] . (.Discord Inc. - Discord.) -- C:\Users\Dan\AppData\Local\Discord\app-0.0.298\Discord.exe =>.Hammer & Chisel Inc.®

O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®

O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- E:\Steam\steam.exe =>.Valve®

O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_AD2529C7DB5B63D28C23362385276129] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®

O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Sticky Notes.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation

O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated®

O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.®

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation

O4 - HKUS\S-1-5-21-630333582-4039751370-1614634531-1000\..\Run: [Discord] . (.Discord Inc. - Discord.) -- C:\Users\Dan\AppData\Local\Discord\app-0.0.298\Discord.exe =>.Hammer & Chisel Inc.®

O4 - HKUS\S-1-5-21-630333582-4039751370-1614634531-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®

O4 - HKUS\S-1-5-21-630333582-4039751370-1614634531-1000\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- E:\Steam\steam.exe =>.Valve®

O4 - HKUS\S-1-5-21-630333582-4039751370-1614634531-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®

O4 - HKUS\S-1-5-21-630333582-4039751370-1614634531-1000\..\Run: [GoogleChromeAutoLaunch_AD2529C7DB5B63D28C23362385276129] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®

O4 - HKUS\S-1-5-21-630333582-4039751370-1614634531-1000\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Sticky Notes.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation


---\\ Google Chrome, Start,Search,Extensions (31) - 0s

G0 - GCSP: Preferences [User Data\Default][HomePage] http://captive.apple.com

G0 - GCSP: Preferences [User Data\Default][HomePage] http://detectportal.firefox.com

G0 - GCSP: Preferences [User Data\Default][HomePage] http://g.cn

G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.airport.us

G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.thinkdifferent.us

G0 - GCSP: Preferences [User Data\Default][HomePage] http://api.ciuvo.com =>PUP.Optional.PriceSparrow

G0 - GCSP: Preferences [User Data\Default][HomePage] http://lh3.googleusercontent.com =>.Google Inc.

G0 - GCSP: Preferences [User Data\Default][HomePage] http://s2.googleusercontent.com =>.Google Inc.

G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.

G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.co.uk =>.Google Inc.

G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.youtube.com/ =>.Youtube

G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.netflix.com/

G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://twitter.com

G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.schoolplannerbook.com/

G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://vle.ths.uk.net/

G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] =>.Google Inc. {Docs}

G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] http://drive.google.com/ =>.Google Inc. {Drive}

G2 - GCE: Preference [User Data\Default] [blakpkgjpemejpbmfiglncklihnhjkij] =>.Skype Technologies

G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] http://www.youtube.com =>.Youtube {Youtube}

G2 - GCE: Preference [User Data\Default] [cjabmdjcfcfdmffimndhafhblfmpjdpe] Norton Toolbar =>.Symantec Corporation

G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] http://www.google.com/ =>.Google Inc. {Hidden Chrome extensions}

G2 - GCE: Preference [User Data\Default] [dajedkncpodkggklbegccjpmnglmnflm]

G2 - GCE: Preference [User Data\Default] [fdcgdnkidjaadafnichfpabhfomcebme] ZenMate =>.zenmate.com

G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}

G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] Michael Gundlach =>.Wladimir Palant {AdBlock}

G2 - GCE: Preference [User Data\Default] [iikflkcanblccfahdhdonehdalibjnif] Norton Identity Safe =>.Symantec Corporation

G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype =>.Skype Technologies

G2 - GCE: Preference [User Data\Default] [mcbpblocgmgfnpjjppndjkmgjaogfceg] FireShot - Capture page =>.screenshot-program {FireShot}

G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}

G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] http://mail.google.com/ =>.Google Inc. {Gmail}

G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.


---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (5) - 1s

M0 - MFSP: prefs.js [Dan - h90wxnqo.default] http://www.msn.com/ =>.Microsoft Corporation

P2 - EXT FILE: (.Microsoft Corporation - Bing Search.) -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\h90wxnqo.default\extensions\bingsearch.full@microsoft.com.xpi =>.Microsoft Corporation

P2 - EXT FILE: (.Bing - Bing. Search by Microsoft..) -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\h90wxnqo.default\searchplugins\bing-.xml =>.Bing

P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} =>.Mozilla

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll =>.Adobe Systems Incorporated


---\\ Internet Explorer Extensions, Start, Search (18) - 0s

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = C:\Program Files\Internet Explorer\pcspecialist.html

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation

R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\program files\internet explorer\pcspecialist.html

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation

R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\SysWOW64\ieframe.dll =>.Microsoft Corporation


---\\ Internet Explorer, Proxy Management (5) - 0s

R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft


---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s

F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation

F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation

F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation


---\\ Hosts file redirection (1) - 0s

~ Le fichier hôte est sain (The hosts file is clean) (21)


---\\ Browser Helper Object (BHO) (7) - 0s

O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O2 - BHO: Norton Identity Safety [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Security\Engine32\22.9.1.12\coIEPlg.dll =>.Symantec Corporation®

O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (.Orphan.)

O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll =>.Microsoft Corporation®

O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O2 - BHO: Microsoft OneDrive for Business Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} (.Orphan.)


---\\ Global shortcuts Startup (166) - 5s

O4 - GS\Desktop [Administrator]: Discord.lnk . (.GitHub - Update.) C:\Users\Dan\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Hammer & Chisel Inc.®

O4 - GS\Desktop [Administrator]: Norton Installation Files.lnk . (...) C:\Users\Public\Downloads\Norton\{NS2260142-SHPD-FSD56083}

O4 - GS\Desktop [Administrator]: Uplay.lnk . (.Ubisoft - Uplay launcher.) E:\Ubisoft Game Launcher\Uplay.exe =>.Ubisoft Entertainment Sweden AB®

O4 - GS\Desktop [Administrator]: Warband Battle Sizer.lnk . (...) E:\Steam\steamapps\common\MountBlade Warband\BattleSizer.exe =>.Steam Games

O4 - GS\Desktop [Administrator]: WFaS Battle Sizer.lnk . (...) E:\Steam\steamapps\common\Mount & Blade With Fire and Sword\BattleSizer.exe =>.Steam Games

O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Dan\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman

O4 - GS\Quicklaunch [Administrator]: Bandicam.lnk . (.www.Bandisoft.com - Bandisoft - bdcam.exe.) C:\Bandicam\bdcam.exe =>.Bandisoft®

O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®

O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®

O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation

O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®

O4 - GS\TaskBar [Administrator]: Adobe Photoshop CS6.lnk . (.PortableXapps® - Adobe Photoshop Lite® Portable.) C:\Program Files (x86)\Adobe Photoshop CS6\Photoshop.exe

O4 - GS\TaskBar [Administrator]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files (x86)\Audacity\audacity.exe =>.The Audacity Team

O4 - GS\TaskBar [Administrator]: Bandisoft - bdcam.lnk . (.www.Bandisoft.com - Bandisoft - bdcam.exe.) C:\Bandicam\bdcam.exe =>.Bandisoft®

O4 - GS\TaskBar [Administrator]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\Windows\system32\calc.exe =>.Microsoft Corporation

O4 - GS\TaskBar [Administrator]: Discord.lnk . (.GitHub - Update.) C:\Users\Dan\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Hammer & Chisel Inc.®

O4 - GS\TaskBar [Administrator]: Excel 2016.lnk . (.Microsoft Corporation - Microsoft Excel.) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®

O4 - GS\TaskBar [Administrator]: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation®

O4 - GS\TaskBar [Administrator]: On-Screen Keyboard.lnk . (.Microsoft Corporation - Accessibility On-Screen Keyboard.) C:\Windows\system32\osk.exe =>.Microsoft Corporation

O4 - GS\TaskBar [Administrator]: Origin.lnk . (.Electronic Arts - Origin.) E:\Origin\Origin.exe =>.Electronic Arts, Inc.®

O4 - GS\TaskBar [Administrator]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation

O4 - GS\TaskBar [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®

O4 - GS\TaskBar [Administrator]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) E:\Steam\Steam.exe =>.Valve®

O4 - GS\TaskBar [Administrator]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH®

O4 - GS\TaskBar [Administrator]: Uplay.lnk . (.Ubisoft - Uplay launcher.) E:\Ubisoft Game Launcher\Uplay.exe =>.Ubisoft Entertainment Sweden AB®

O4 - GS\TaskBar [Administrator]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation

O4 - GS\TaskBar [Administrator]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation

O4 - GS\TaskBar [Administrator]: Word 2016.lnk . (.Microsoft Corporation - Microsoft Word.) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O4 - GS\Programs [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®

O4 - GS\Programs [Administrator]: Microsoft OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Dan\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®

O4 - GS\Desktop [Dan]: Discord.lnk . (.GitHub - Update.) C:\Users\Dan\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Hammer & Chisel Inc.®

O4 - GS\Desktop [Dan]: Norton Installation Files.lnk . (...) C:\Users\Public\Downloads\Norton\{NS2260142-SHPD-FSD56083}

O4 - GS\Desktop [Dan]: Uplay.lnk . (.Ubisoft - Uplay launcher.) E:\Ubisoft Game Launcher\Uplay.exe =>.Ubisoft Entertainment Sweden AB®

O4 - GS\Desktop [Dan]: Warband Battle Sizer.lnk . (...) E:\Steam\steamapps\common\MountBlade Warband\BattleSizer.exe =>.Steam Games

O4 - GS\Desktop [Dan]: WFaS Battle Sizer.lnk . (...) E:\Steam\steamapps\common\Mount & Blade With Fire and Sword\BattleSizer.exe =>.Steam Games

O4 - GS\Desktop [Dan]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Dan\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman

O4 - GS\Quicklaunch [Dan]: Bandicam.lnk . (.www.Bandisoft.com - Bandisoft - bdcam.exe.) C:\Bandicam\bdcam.exe =>.Bandisoft®

O4 - GS\Quicklaunch [Dan]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®

O4 - GS\Quicklaunch [Dan]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®

O4 - GS\sendTo [Dan]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation

O4 - GS\sendTo [Dan]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®

O4 - GS\TaskBar [Dan]: Adobe Photoshop CS6.lnk . (.PortableXapps® - Adobe Photoshop Lite® Portable.) C:\Program Files (x86)\Adobe Photoshop CS6\Photoshop.exe

O4 - GS\TaskBar [Dan]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files (x86)\Audacity\audacity.exe =>.The Audacity Team

O4 - GS\TaskBar [Dan]: Bandisoft - bdcam.lnk . (.www.Bandisoft.com - Bandisoft - bdcam.exe.) C:\Bandicam\bdcam.exe =>.Bandisoft®

O4 - GS\TaskBar [Dan]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\Windows\system32\calc.exe =>.Microsoft Corporation

O4 - GS\TaskBar [Dan]: Discord.lnk . (.GitHub - Update.) C:\Users\Dan\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Hammer & Chisel Inc.®

O4 - GS\TaskBar [Dan]: Excel 2016.lnk . (.Microsoft Corporation - Microsoft Excel.) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O4 - GS\TaskBar [Dan]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®

O4 - GS\TaskBar [Dan]: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation®

O4 - GS\TaskBar [Dan]: On-Screen Keyboard.lnk . (.Microsoft Corporation - Accessibility On-Screen Keyboard.) C:\Windows\system32\osk.exe =>.Microsoft Corporation

O4 - GS\TaskBar [Dan]: Origin.lnk . (.Electronic Arts - Origin.) E:\Origin\Origin.exe =>.Electronic Arts, Inc.®

O4 - GS\TaskBar [Dan]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation

O4 - GS\TaskBar [Dan]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®

O4 - GS\TaskBar [Dan]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) E:\Steam\Steam.exe =>.Valve®

O4 - GS\TaskBar [Dan]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH®

O4 - GS\TaskBar [Dan]: Uplay.lnk . (.Ubisoft - Uplay launcher.) E:\Ubisoft Game Launcher\Uplay.exe =>.Ubisoft Entertainment Sweden AB®

O4 - GS\TaskBar [Dan]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation

O4 - GS\TaskBar [Dan]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation

O4 - GS\TaskBar [Dan]: Word 2016.lnk . (.Microsoft Corporation - Microsoft Word.) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O4 - GS\Programs [Dan]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®

O4 - GS\Programs [Dan]: Microsoft OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Dan\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®

O4 - GS\Desktop [Guest]: Discord.lnk . (.GitHub - Update.) C:\Users\Dan\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Hammer & Chisel Inc.®

O4 - GS\Desktop [Guest]: Norton Installation Files.lnk . (...) C:\Users\Public\Downloads\Norton\{NS2260142-SHPD-FSD56083}

O4 - GS\Desktop [Guest]: Uplay.lnk . (.Ubisoft - Uplay launcher.) E:\Ubisoft Game Launcher\Uplay.exe =>.Ubisoft Entertainment Sweden AB®

O4 - GS\Desktop [Guest]: Warband Battle Sizer.lnk . (...) E:\Steam\steamapps\common\MountBlade Warband\BattleSizer.exe =>.Steam Games

O4 - GS\Desktop [Guest]: WFaS Battle Sizer.lnk . (...) E:\Steam\steamapps\common\Mount & Blade With Fire and Sword\BattleSizer.exe =>.Steam Games

O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Dan\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman

O4 - GS\Quicklaunch [Guest]: Bandicam.lnk . (.www.Bandisoft.com - Bandisoft - bdcam.exe.) C:\Bandicam\bdcam.exe =>.Bandisoft®

O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®

O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®

O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation

O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®

O4 - GS\TaskBar [Guest]: Adobe Photoshop CS6.lnk . (.PortableXapps® - Adobe Photoshop Lite® Portable.) C:\Program Files (x86)\Adobe Photoshop CS6\Photoshop.exe

O4 - GS\TaskBar [Guest]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files (x86)\Audacity\audacity.exe =>.The Audacity Team

O4 - GS\TaskBar [Guest]: Bandisoft - bdcam.lnk . (.www.Bandisoft.com - Bandisoft - bdcam.exe.) C:\Bandicam\bdcam.exe =>.Bandisoft®

O4 - GS\TaskBar [Guest]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\Windows\system32\calc.exe =>.Microsoft Corporation

O4 - GS\TaskBar [Guest]: Discord.lnk . (.GitHub - Update.) C:\Users\Dan\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Hammer & Chisel Inc.®

O4 - GS\TaskBar [Guest]: Excel 2016.lnk . (.Microsoft Corporation - Microsoft Excel.) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®

O4 - GS\TaskBar [Guest]: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation®

O4 - GS\TaskBar [Guest]: On-Screen Keyboard.lnk . (.Microsoft Corporation - Accessibility On-Screen Keyboard.) C:\Windows\system32\osk.exe =>.Microsoft Corporation

O4 - GS\TaskBar [Guest]: Origin.lnk . (.Electronic Arts - Origin.) E:\Origin\Origin.exe =>.Electronic Arts, Inc.®

O4 - GS\TaskBar [Guest]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation

O4 - GS\TaskBar [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®

O4 - GS\TaskBar [Guest]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) E:\Steam\Steam.exe =>.Valve®

O4 - GS\TaskBar [Guest]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH®

O4 - GS\TaskBar [Guest]: Uplay.lnk . (.Ubisoft - Uplay launcher.) E:\Ubisoft Game Launcher\Uplay.exe =>.Ubisoft Entertainment Sweden AB®

O4 - GS\TaskBar [Guest]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation

O4 - GS\TaskBar [Guest]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation

O4 - GS\TaskBar [Guest]: Word 2016.lnk . (.Microsoft Corporation - Microsoft Word.) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O4 - GS\Programs [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®

O4 - GS\Programs [Guest]: Microsoft OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Dan\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®

O4 - GS\CommonDesktop [Public]: Adobe Creative Cloud.lnk . (.Adobe Systems Incorporated - Adobe Creative Cloud.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated®

O4 - GS\CommonDesktop [Public]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files (x86)\Audacity\audacity.exe =>.The Audacity Team

O4 - GS\CommonDesktop [Public]: Battlefield 1942 Secret Weapons of WWII.lnk . (...) C:\Program Files (x86)\EA GAMES\Battlefield 1942\BF1942.exe +game XPack2

O4 - GS\CommonDesktop [Public]: Battlefield 1942 The Road To Rome.lnk . (...) C:\Program Files (x86)\EA GAMES\Battlefield 1942\BF1942.exe +game XPack1

O4 - GS\CommonDesktop [Public]: Battlefield 1942.lnk . (...) C:\Program Files (x86)\EA GAMES\Battlefield 1942\BF1942.exe

O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®

O4 - GS\CommonDesktop [Public]: Darksiders Comic.lnk . (...) C:\Program Files (x86)\THQ\Darksiders\Comic\Darksiders_Comic.pdf

O4 - GS\CommonDesktop [Public]: Darksiders Soundtrack.lnk . (...) C:\Program Files (x86)\THQ\Darksiders\SoundTrack

O4 - GS\CommonDesktop [Public]: DARTHMOD SHOGUN II.lnk . (.Runtime Engine Copyright © 2010 Indigo Rose Corporati - AutoPlay Application.) E:\Steam\steamapps\common\Total War SHOGUN 2\data\DMS\DMS.exe

O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®

O4 - GS\CommonDesktop [Public]: Minecraft.lnk . (.Mojang - Minecraft launcher.) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe =>.Mojang AB®

O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®

O4 - GS\CommonDesktop [Public]: Norton Security.lnk . (.Symantec Corporation - Norton Protection Center UI Stub.) C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\uistub.exe =>.Symantec Corporation®

O4 - GS\CommonDesktop [Public]: Origin.lnk . (.Electronic Arts - Origin.) E:\Origin\Origin.exe =>.Electronic Arts, Inc.®

O4 - GS\CommonDesktop [Public]: Pivot Animator.lnk . (.Motus Software Ltd - Pivot Animator Executable.) C:\Program Files (x86)\Pivot Animator\pivot.exe =>.Motus Software Ltd

O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\Windows\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe =>.Skype Technologies

O4 - GS\CommonDesktop [Public]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) E:\Steam\Steam.exe =>.Valve®

O4 - GS\CommonDesktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH®

O4 - GS\CommonDesktop [Public]: TP-LINK Wireless Configuration Utility.lnk . (...) E:\TWCU.exe

O4 - GS\CommonDesktop [Public]: TunnelBear.lnk . (...) C:\Program Files (x86)\TunnelBear\launch.vbs

O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®

O4 - GS\Programs [Public]: Microsoft OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Dan\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®

O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\system32\cmd.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\Windows\system32\notepad.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation

O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff =>.Microsoft Corporation®

O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation

O4 - GS\Startup [Public]: TP-LINK Wireless Configuration Utility.lnk . (...) E:\TWCU.exe -nogui

O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\Windows\system32\calc.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Display Switch.) C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Math Input Panel Accessory.) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Windows Mobility Center.) C:\Windows\system32\mblctr.exe /open =>.Microsoft Corporation

O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.) C:\Windows\system32\NetProj.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\Windows\system32\mstsc.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\Windows\System32\mobsync.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows host process (Rundll32).) C:\Windows\system32\rundll32.exe %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut =>..Microsoft Corporation

O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation

O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\Windows\system32\charmap.exe =>.Microsoft Corporation

O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Microsoft® Disk Defragmenter.) C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation

O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Disk Space Cleanup Manager for Windows.) C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation

O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Resource and Performance Monitor.) C:\Windows\system32\perfmon.exe /res =>.Microsoft Corporation

O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - System Information.) C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation

O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Microsoft® Windows System Restore.) C:\Windows\system32\rstrui.exe =>.Microsoft Corporation

O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc /s =>..Microsoft Corporation

O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Windows Easy Transfer Post Migration Applic.) C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation

O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Windows Easy Transfer Application.) C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation

O4 - GS\ProgramsCommon [Public]: Access 2016.lnk . (.Microsoft Corporation - Microsoft Access.) C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O4 - GS\ProgramsCommon [Public]: Adobe Creative Cloud.lnk . (.Adobe Systems Incorporated - Adobe Creative Cloud.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated®

O4 - GS\ProgramsCommon [Public]: Adobe Help.lnk . (...) C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe

O4 - GS\ProgramsCommon [Public]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files (x86)\Audacity\audacity.exe =>.The Audacity Team

O4 - GS\ProgramsCommon [Public]: Excel 2016.lnk . (.Microsoft Corporation - Microsoft Excel.) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®

O4 - GS\ProgramsCommon [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation

O4 - GS\ProgramsCommon [Public]: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation®

O4 - GS\ProgramsCommon [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®

O4 - GS\ProgramsCommon [Public]: OneDrive for Business.lnk . (.Microsoft Corporation - Microsoft OneDrive for Business.) C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O4 - GS\ProgramsCommon [Public]: OneNote 2016.lnk . (.Microsoft Corporation - Microsoft OneNote.) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O4 - GS\ProgramsCommon [Public]: Outlook 2016.lnk . (.Microsoft Corporation - Microsoft Outlook.) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O4 - GS\ProgramsCommon [Public]: Photo Gallery.lnk . (.Microsoft Corporation - Photo Gallery.) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation®

O4 - GS\ProgramsCommon [Public]: PowerPoint 2016.lnk . (.Microsoft Corporation - Microsoft PowerPoint.) C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O4 - GS\ProgramsCommon [Public]: Publisher 2016.lnk . (.Microsoft Corporation - Microsoft Publisher.) C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O4 - GS\ProgramsCommon [Public]: Sidebar.lnk . (.Microsoft Corporation - Windows Desktop Gadgets.) C:\Program Files (x86)\Windows Sidebar\sidebar.exe /showgadgets =>.Microsoft Corporation

O4 - GS\ProgramsCommon [Public]: Skype for Business 2016.lnk . (.Microsoft Corporation - Skype for Business.) C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O4 - GS\ProgramsCommon [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Windows Anytime Upgrade User Interface.) C:\Windows\system32\WindowsAnytimeUpgradeUI.exe =>.Microsoft Corporation

O4 - GS\ProgramsCommon [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\DVD Maker\DVDMaker.exe =>.Microsoft Corporation

O4 - GS\ProgramsCommon [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe =>.Microsoft Corporation

O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation

O4 - GS\ProgramsCommon [Public]: Word 2016.lnk . (.Microsoft Corporation - Microsoft Word.) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O4 - GS\ProgramsCommon [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation


---\\ Lop.com/Domain Hijackers (5) - 0s

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = lan =>.Local Domain

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 =>.Local IP Adress

O17 - HKLM\System\CCS\Services\Tcpip\..\{D6FE7615-E3F4-4DBD-B664-C7231B00AA05}: DhcpNameServer = 192.168.0.5 =>.Local IP Adress

O17 - HKLM\System\CCS\Services\Tcpip\..\{DE19D148-F66E-4E70-9848-0E911A76D5E4}: DhcpNameServer = 192.168.1.254 =>.Local IP Adress

O17 - HKLM\System\CCS\Services\Tcpip\..\{DE19D148-F66E-4E70-9848-0E911A76D5E4}: DhcpDomain = lan =>.Local Domain


---\\ Extra protocols (27) - 0s

O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation

O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation

O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation

O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation

O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation

O18 - Handler: mso-minsb-roaming.16 [64Bits] - {83C25742-A9F7-49FB-9138-434302C88D07} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O18 - Handler: mso-minsb.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O18 - Handler: osf-roaming.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation

O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation

O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation

O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation®

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®

O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation

O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation


---\\ Software installed (230) - 11s

O42 - Logiciel: A Game of Thrones version 1.2 - (.AGOT TEAM.) [HKCU][64Bits] -- {7C82709E-75FE-4C3A-976A-8C97908DDD7B}_is1

O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FE23D063-934D-4829-A0D8-00634CE79B4A} =>.Adobe Systems Incorporated

O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated®

O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Creative Cloud =>.Adobe Systems Incorporated®

O42 - Logiciel: Adobe Flash Player Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin =>.Adobe Systems Incorporated

O42 - Logiciel: Adobe Help Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AF37176A-78CA-545B-34EF-8B6A21514DD1} =>.Adobe Systems Incorporated

O42 - Logiciel: Adobe Help Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 =>.Adobe Systems Incorporated

O42 - Logiciel: Adobe Photoshop CS6 version 13.0.1 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- {A724DC44-6241-42D3-BA57-778B178ABC17}_is1 =>.Adobe Systems, Inc.

O42 - Logiciel: Age of Empires® III: Complete Collection - (.Ensemble Studios.) [HKLM][64Bits] -- Steam App 105450 =>.Valve®

O42 - Logiciel: Alien: Isolation - (.Creative Assembly.) [HKLM][64Bits] -- Steam App 214490 =>.Valve®

O42 - Logiciel: American Truck Simulator - (.SCS Software.) [HKLM][64Bits] -- Steam App 270880 =>.Valve®

O42 - Logiciel: Ansel - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel =>.NVIDIA Corporation

O42 - Logiciel: ARK: Survival Evolved - (.Studio Wildcard.) [HKLM][64Bits] -- Steam App 346110 =>.Valve®

O42 - Logiciel: Arma 3 - (.Bohemia Interactive.) [HKLM][64Bits] -- Steam App 107410 =>.Valve®

O42 - Logiciel: Assassin's Creed III - (.Ubisoft.) [HKLM][64Bits] -- Uplay Install 54 =>.Ubisoft Entertainment Sweden AB®

O42 - Logiciel: Assassin's Creed IV Black Flag - (.Ubisoft Montreal.) [HKLM][64Bits] -- Steam App 242050 =>.Valve®

O42 - Logiciel: Astroloco: Worst Contact - (.Hungry Planet Games.) [HKLM][64Bits] -- Steam App 357490 =>.Valve®

O42 - Logiciel: Audacity 2.1.2 - (.Audacity Team.) [HKLM][64Bits] -- Audacity®_is1 =>.Audacity Team

O42 - Logiciel: Audiosurf - (.Dylan Fitterer.) [HKLM][64Bits] -- Steam App 12900 =>.Valve®

O42 - Logiciel: Audiosurf 2 - (.Dylan Fitterer.) [HKLM][64Bits] -- Steam App 235800 =>.Valve®

O42 - Logiciel: Bandicam - (.Bandisoft.com.) [HKLM][64Bits] -- Bandicam =>.Bandisoft.com

O42 - Logiciel: Bandisoft MPEG-1 Decoder - (.Bandisoft.com.) [HKLM][64Bits] -- BandiMPEG1 =>.Bandisoft.com

O42 - Logiciel: Banished - (.Shining Rock Software LLC.) [HKLM][64Bits] -- Steam App 242920 =>.Valve®

O42 - Logiciel: Batman: Arkham City GOTY - (.Rocksteady Studios.) [HKLM][64Bits] -- Steam App 200260 =>.Valve®

O42 - Logiciel: Battlefield 1942 - (.Electronic Arts, Inc..) [HKLM][64Bits] -- {698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65} =>.Electronic Arts, Inc.

O42 - Logiciel: Battlefield 1942: Secret Weapons of WWII - (.Electronic Arts, Inc..) [HKLM][64Bits] -- {B73B4A99-4173-4747-BBEC-0F05E966F9D2} =>.Electronic Arts, Inc.

O42 - Logiciel: Battlefield 1942: The Road To Rome - (.Electronic Arts, Inc..) [HKLM][64Bits] -- {D057AA08-8CBF-42E3-9EAB-23B8FED1C279} =>.Electronic Arts, Inc.

O42 - Logiciel: Beholder - (.Warm Lamp Games.) [HKLM][64Bits] -- Steam App 475550 =>.Valve®

O42 - Logiciel: Besiege - (.Spiderling Studios.) [HKLM][64Bits] -- Steam App 346010 =>.Valve®

O42 - Logiciel: Betrayer - (.Blackpowder Games.) [HKLM][64Bits] -- Steam App 243120 =>.Valve®

O42 - Logiciel: BioShock Infinite - (.Irrational Games.) [HKLM][64Bits] -- Steam App 8870 =>.Valve®

O42 - Logiciel: Blackwake - (.Mastfire Studios Pty Ltd.) [HKLM][64Bits] -- Steam App 420290 =>.Valve®

O42 - Logiciel: Borderlands 2 - (.Gearbox Software.) [HKLM][64Bits] -- Steam App 49520 =>.Valve®

O42 - Logiciel: Braid - (.Number None.) [HKLM][64Bits] -- Steam App 26800 =>.Valve®

O42 - Logiciel: Broforce - (.Free Lives.) [HKLM][64Bits] -- Steam App 274190 =>.Valve®

O42 - Logiciel: Call of Duty: Black Ops II - (.Treyarch.) [HKLM][64Bits] -- Steam App 202970 =>.Valve®

O42 - Logiciel: Call of Duty: Black Ops II - Multiplayer - (.Treyarch.) [HKLM][64Bits] -- Steam App 202990 =>.Valve®

O42 - Logiciel: Call of Duty: Black Ops II - Zombies - (..) [HKLM][64Bits] -- Steam App 212910 =>.Valve®

O42 - Logiciel: Call of Duty: Modern Warfare 2 - (.Infinity Ward.) [HKLM][64Bits] -- Steam App 10180 =>.Valve®

O42 - Logiciel: Call of Duty: Modern Warfare 2 - Multiplayer - (.Infinity Ward.) [HKLM][64Bits] -- Steam App 10190 =>.Valve®

O42 - Logiciel: Call of Juarez Gunslinger - (.Techland.) [HKLM][64Bits] -- Steam App 204450 =>.Valve®

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd®

O42 - Logiciel: Chivalry: Medieval Warfare - (.Torn Banner Studios.) [HKLM][64Bits] -- Steam App 219640 =>.Valve®

O42 - Logiciel: Cities: Skylines - (.Colossal Order Ltd..) [HKLM][64Bits] -- Steam App 255710 =>.Valve®

O42 - Logiciel: Clustertruck - (.Landfall.) [HKLM][64Bits] -- Steam App 397950 =>.Valve®

O42 - Logiciel: Counter-Strike: Global Offensive - (.Valve.) [HKLM][64Bits] -- Steam App 730 =>.Valve®

O42 - Logiciel: Counter-Strike: Source - (.Valve.) [HKLM][64Bits] -- Steam App 240 =>.Valve®

O42 - Logiciel: Crusader Kings II - (.Paradox Development Studio.) [HKLM][64Bits] -- Steam App 203770 =>.Valve®

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft

O42 - Logiciel: Darkest Dungeon - (.Red Hook Studios.) [HKLM][64Bits] -- Steam App 262060 =>.Valve®

O42 - Logiciel: Darksiders - (.Vigil Games.) [HKLM][64Bits] -- Steam App 50620 =>.Valve®

O42 - Logiciel: DarksidersInstaller - (.THQ.) [HKLM][64Bits] -- {B93EEE50-9C8F-45DF-95E4-3D85A6E242F3} =>.THQ

O42 - Logiciel: DarthMod: Shogun II - (.DarthMod Productions.) [HKLM][64Bits] -- DarthMod: Shogun II =>.DarthMod Productions

O42 - Logiciel: DEFCON - (.Introversion Software.) [HKLM][64Bits] -- Steam App 1520 =>.Valve®

O42 - Logiciel: Democracy 3 - (.Positech Games.) [HKLM][64Bits] -- Steam App 245470 =>.Valve®

O42 - Logiciel: Depth - (.Digital Confectioners.) [HKLM][64Bits] -- Steam App 274940 =>.Valve®

O42 - Logiciel: Discord - (.Discord Inc..) [HKCU][64Bits] -- Discord =>.Hammer & Chisel Inc.®

O42 - Logiciel: Dishonored 2 - (.Arkane Studios.) [HKLM][64Bits] -- Steam App 403640 =>.Valve®

O42 - Logiciel: Domina - (.DolphinBarn.) [HKLM][64Bits] -- Steam App 535230 =>.Valve®

O42 - Logiciel: DOOM - (.id Software.) [HKLM][64Bits] -- Steam App 379720 =>.Valve®

O42 - Logiciel: Dying Light - (.Techland.) [HKLM][64Bits] -- Steam App 239140 =>.Valve®

O42 - Logiciel: Empire TV Tycoon - (.Dreamsite Games.) [HKLM][64Bits] -- Steam App 377900 =>.Valve®

O42 - Logiciel: Euro Truck Simulator 2 - (.SCS Software.) [HKLM][64Bits] -- Steam App 227300 =>.Valve®

O42 - Logiciel: Europa Universalis IV - (.Paradox Development Studio.) [HKLM][64Bits] -- Steam App 236850 =>.Valve®

O42 - Logiciel: F1 2016 - (.Codemasters.) [HKLM][64Bits] -- Steam App 391040 =>.Valve®

O42 - Logiciel: First Strike Final Hour - (.Blindflug Studios AG.) [HKLM][64Bits] -- Steam App 587000 =>.Valve®

O42 - Logiciel: FTL: Faster Than Light - (.Subset Games.) [HKLM][64Bits] -- Steam App 212680 =>.Valve®

O42 - Logiciel: Game of Thrones - A Telltale Games Series - (.Telltale Games.) [HKLM][64Bits] -- Steam App 330840 =>.Valve®

O42 - Logiciel: Garry's Mod - (.Facepunch Studios.) [HKLM][64Bits] -- Steam App 4000 =>.Valve®

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.

O42 - Logiciel: Grand Theft Auto V - (.Rockstar North.) [HKLM][64Bits] -- Steam App 271590 =>.Valve®

O42 - Logiciel: Hearts of Iron IV - (.Paradox Development Studio.) [HKLM][64Bits] -- Steam App 394360 =>.Valve®

O42 - Logiciel: Hell Yeah! - (.Arkedo.) [HKLM][64Bits] -- Steam App 205230 =>.Valve®

O42 - Logiciel: Hexcells Infinite - (.Matthew Brown.) [HKLM][64Bits] -- Steam App 304410 =>.Valve®

O42 - Logiciel: HITMAN™ - (.Io-Interactive.) [HKLM][64Bits] -- Steam App 236870 =>.Valve®

O42 - Logiciel: Injustice: Gods Among Us Ultimate Edition - (.NetherRealm Studios.) [HKLM][64Bits] -- Steam App 242700 =>.Valve®

O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - pGFX®

O42 - Logiciel: Java 8 Update 144 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F64180144F0} =>.Oracle Corporation

O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation

O42 - Logiciel: Jet Set Radio - (.Blit Software.) [HKLM][64Bits] -- Steam App 205950 =>.Valve®

O42 - Logiciel: Just Cause 3 - (.Avalanche Studios.) [HKLM][64Bits] -- Steam App 225540 =>.Valve®

O42 - Logiciel: Kerbal Space Program - (.Squad.) [HKLM][64Bits] -- Steam App 220200 =>.Valve®

O42 - Logiciel: KHOLAT - (.IMGN.PRO.) [HKLM][64Bits] -- Steam App 343710 =>.Valve®

O42 - Logiciel: Kinect for Windows Speech Recognition Language Pack (en-AU) - (.Microsoft Corporation.) [HKLM][64Bits] -- {48CEC0A3-AE10-4EE3-AC62-76D3D58792E5} =>.Microsoft Corporation

O42 - Logiciel: Kinect for Windows Speech Recognition Language Pack (en-CA) - (.Microsoft Corporation.) [HKLM][64Bits] -- {9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A} =>.Microsoft Corporation

O42 - Logiciel: Kinect for Windows Speech Recognition Language Pack (en-GB) - (.Microsoft Corporation.) [HKLM][64Bits] -- {A0186231-0A8B-455A-8A25-B64AABCC11A6} =>.Microsoft Corporation

O42 - Logiciel: Kinect for Windows Speech Recognition Language Pack (en-US) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8AAA44BB-487E-4D01-AF76-484ACB90DBFE} =>.Microsoft Corporation

O42 - Logiciel: Left 4 Dead 2 - (.Valve.) [HKLM][64Bits] -- Steam App 550 =>.Valve®

O42 - Logiciel: Mafia II - (.2K Czech.) [HKLM][64Bits] -- Steam App 50130 =>.Valve®

O42 - Logiciel: Mafia III - (.Hangar 13.) [HKLM][64Bits] -- Steam App 360430 =>.Valve®

O42 - Logiciel: Medieval II: Total War - (.The Creative Assembly.) [HKLM][64Bits] -- Steam App 4700 =>.Valve®

O42 - Logiciel: Medieval Kingdoms 1212 Part 1 - (..) [HKCU][64Bits] -- Medieval Kingdoms 1212 Part 1

O42 - Logiciel: Medieval Kingdoms 1212 Part 2 - (..) [HKCU][64Bits] -- Medieval Kingdoms 1212 Part 2

O42 - Logiciel: Metro 2033 Redux - (.4A GAMES.) [HKLM][64Bits] -- Steam App 286690 =>.Valve®

O42 - Logiciel: Metro: Last Light Redux - (.4A Games.) [HKLM][64Bits] -- Steam App 287390 =>.Valve®

O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation

O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {59E4543A-D49D-4489-B445-473D763C79AF} =>.Microsoft Corporation

O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe =>.Microsoft Corporation®

O42 - Logiciel: Microsoft Server Speech Platform Runtime (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B433087-E62E-4BF5-97F9-4AF6E1C2409C} =>.Microsoft Corporation

O42 - Logiciel: Microsoft Small Basic v1.1 - (.Microsoft Corporation.) [HKLM][64Bits] -- {7AAA27E4-CDB3-49C0-AA2D-41827C001BA3} =>.Microsoft Corporation

O42 - Logiciel: Microsoft Xbox 360 Accessories 1.2 - (.Microsoft.) [HKLM][64Bits] -- {D9C50188-12D5-4D3E-8F00-682346C2AA5F} =>.Microsoft

O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 Refresh - (.Microsoft Corporation.) [HKLM][64Bits] -- {D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F} =>.Microsoft Corporation

O42 - Logiciel: Middle-earth: Shadow of Mordor - (.Monolith Productions, Inc..) [HKLM][64Bits] -- Steam App 241930 =>.Valve®

O42 - Logiciel: Minecraft - (.Mojang.) [HKLM][64Bits] -- {1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872} =>.Mojang

O42 - Logiciel: Mini Metro - (.Dinosaur Polo Club.) [HKLM][64Bits] -- Steam App 287980 =>.Valve®

O42 - Logiciel: Mirror's Edge - (.DICE.) [HKLM][64Bits] -- Steam App 17410 =>.Valve®

O42 - Logiciel: Mount & Blade: Warband - (.TaleWorlds Entertainment.) [HKLM][64Bits] -- Steam App 48700 =>.Valve®

O42 - Logiciel: Mount & Blade: With Fire and Sword - (.TaleWorlds Entertainment.) [HKLM][64Bits] -- Steam App 48720 =>.Valve®

O42 - Logiciel: Mozilla Firefox 42.0 (x86 en-GB) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 42.0 (x86 en-GB) =>.Mozilla Corporation®

O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft

O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} =>.Microsoft

O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} =>.Microsoft

O42 - Logiciel: Napoleon: Total War - (.The Creative Assembly.) [HKLM][64Bits] -- Steam App 34030 =>.Valve®

O42 - Logiciel: Naval War: Arctic Circle - (.TURBO TAPE GAMES.) [HKLM][64Bits] -- Steam App 200050 =>.Valve®

O42 - Logiciel: Next Car Game: Wreckfest - (.Bugbear.) [HKLM][64Bits] -- Steam App 228380 =>.Valve®

O42 - Logiciel: Nexus Mod Manager - (.Black Tree Gaming.) [HKLM][64Bits] -- 6af12c54-643b-4752-87d0-8335503010de_is1 =>.Black Tree Gaming Ltd.®

O42 - Logiciel: Norton Security - (.Symantec Corporation.) [HKLM][64Bits] -- NS =>.Symantec Corporation®

O42 - Logiciel: NVIDIA Backend - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend =>.NVIDIA Corporation

O42 - Logiciel: NVIDIA Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer =>.NVIDIA Corporation

O42 - Logiciel: NVIDIA Control Panel 347.88 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation

O42 - Logiciel: NVIDIA Display Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer =>.NVIDIA Corporation

O42 - Logiciel: NVIDIA Display Container LS - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS =>.NVIDIA Corporation

O42 - Logiciel: NVIDIA Display Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer =>.NVIDIA Corporation

O42 - Logiciel: NVIDIA Display Watchdog Plugin - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog =>.NVIDIA Corporation

O42 - Logiciel: NVIDIA Graphics Driver 347.88 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation

O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation

O42 - Logiciel: NVIDIA LocalSystem Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem =>.NVIDIA Corporation

O42 - Logiciel: NVIDIA Message Bus for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus =>.NVIDIA Corporation

O42 - Logiciel: NVIDIA NetworkService Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService =>.NVIDIA Corporation

O42 - Logiciel: NVIDIA PhysX System Software 9.16.0318 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation

O42 - Logiciel: NVIDIA Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session =>.NVIDIA Corporation

O42 - Logiciel: NVIDIA ShadowPlay 3.4.0.70 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay =>.NVIDIA Corporation

O42 - Logiciel: Nvidia Share - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC =>.NVIDIA Corporation

O42 - Logiciel: NVIDIA User Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User =>.NVIDIA Corporation

O42 - Logiciel: NVIDIA Watchdog Plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog =>.NVIDIA Corporation

O42 - Logiciel: NvNodejs - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs =>.NVIDIA Corporation

O42 - Logiciel: NvvHci - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci =>.NVIDIA Corporation

O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0000-0000-0000000FF1CE} =>.Microsoft Corporation

O42 - Logiciel: Office 16 Click-to-Run Extensibility Component 64-bit Registration - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00DD-0000-1000-0000000FF1CE} =>.Microsoft Corporation

O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008F-0000-1000-0000000FF1CE} =>.Microsoft Corporation

O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0409-0000-0000000FF1CE} =>.Microsoft Corporation

O42 - Logiciel: One Finger Death Punch - (.Silver Dollar Games.) [HKLM][64Bits] -- Steam App 264200 =>.Valve®

O42 - Logiciel: OpenAL - (.Open Audio Library.) [HKLM][64Bits] -- OpenAL =>.Creative Labs Inc®

O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin =>.Electronic Arts, Inc.®

O42 - Logiciel: ORION: Prelude - (.Spiral Game Studios.) [HKLM][64Bits] -- Steam App 104900 =>.Valve®

O42 - Logiciel: Overgrowth - (.Wolfire.) [HKLM][64Bits] -- Steam App 25000 =>.Valve®

O42 - Logiciel: Overwolf - (.Overwolf Ltd..) [HKLM][64Bits] -- Overwolf =>.Overwolf Ltd®

O42 - Logiciel: Painkiller Hell & Damnation - (.The Farm 51.) [HKLM][64Bits] -- Steam App 214870 =>.Valve®

O42 - Logiciel: Painkiller Overdose - (.Mindware Studios.) [HKLM][64Bits] -- Steam App 3270 =>.Valve®

O42 - Logiciel: Painkiller: Black Edition - (.People Can Fly.) [HKLM][64Bits] -- Steam App 39530 =>.Valve®

O42 - Logiciel: Painkiller: Recurring Evil - (.Med-Art.) [HKLM][64Bits] -- Steam App 206760 =>.Valve®

O42 - Logiciel: Painkiller: Redemption - (.Eggtooth Team.) [HKLM][64Bits] -- Steam App 65560 =>.Valve®

O42 - Logiciel: Painkiller: Resurrection - (.Homegrown Games.) [HKLM][64Bits] -- Steam App 39560 =>.Valve®

O42 - Logiciel: Panzermadels: Tank Dating Simulator - (.DEVGRU-P.) [HKLM][64Bits] -- Steam App 379980 =>.Valve®

O42 - Logiciel: Papers, Please - (.3909.) [HKLM][64Bits] -- Steam App 239030 =>.Valve®

O42 - Logiciel: Pivot Animator version 4.1.10 - (.Motus Software Ltd.) [HKLM][64Bits] -- Pivot Animator_is1 =>.Motus Software Ltd

O42 - Logiciel: Plague Inc: Evolved - (.Ndemic Creations.) [HKLM][64Bits] -- Steam App 246620 =>.Valve®

O42 - Logiciel: Prison Architect - (.Introversion Software.) [HKLM][64Bits] -- Steam App 233450 =>.Valve®

O42 - Logiciel: Project Zomboid - (.The Indie Stone.) [HKLM][64Bits] -- Steam App 108600 =>.Valve®

O42 - Logiciel: PunkBuster for Battlefield 1942 - (.Electronic Arts, Inc..) [HKLM][64Bits] -- {127B684B-A002-44C8-99A7-6CF8F1E26873} =>.Electronic Arts, Inc.

O42 - Logiciel: PunkBuster Services - (.Even Balance, Inc..) [HKLM][64Bits] -- PunkBusterSvc =>.Even Balance, Inc.®

O42 - Logiciel: Python 3.5.0 (32-bit) - (.Python Software Foundation.) [HKCU][64Bits] -- {1197d2bb-6cf8-488a-b994-d5bf6d7efe7b} =>.Python Software Foundation®

O42 - Logiciel: Python 3.5.0 Core Interpreter (32-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {E9E55FC3-A47F-4ACA-8691-C22469450FB1} =>.Python Software Foundation

O42 - Logiciel: Python 3.5.0 Development Libraries (32-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {D5A057BD-471E-40D6-B7E0-79E08210D8F6} =>.Python Software Foundation

O42 - Logiciel: Python 3.5.0 Documentation (32-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {169B7A58-FE29-48E8-8773-9D6390815C8C} =>.Python Software Foundation

O42 - Logiciel: Python 3.5.0 Executables (32-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {CE48771A-4CC2-4F35-A7B3-D136E91D04F3} =>.Python Software Foundation

O42 - Logiciel: Python 3.5.0 Launcher (32-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {CAA5FC80-DEF6-4DFA-9C06-23921A87F092} =>.Python Software Foundation

O42 - Logiciel: Python 3.5.0 pip Bootstrap (32-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {11187860-0D92-490D-86EC-3A941C98D451} =>.Python Software Foundation

O42 - Logiciel: Python 3.5.0 Standard Library (32-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {0740B2CD-63EC-44C7-B39E-B6EB579773E6} =>.Python Software Foundation

O42 - Logiciel: Python 3.5.0 Tcl/Tk Support (32-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {7AB85182-2EE4-4137-A5C6-D8C03958DCBA} =>.Python Software Foundation

O42 - Logiciel: Python 3.5.0 Test Suite (32-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {2234BC4D-E95D-40C2-818D-7845760C510F} =>.Python Software Foundation

O42 - Logiciel: Python 3.5.0 Utility Scripts (32-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {4A69B338-2C0C-4726-A261-44DBCF0DA94A} =>.Python Software Foundation

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp®

O42 - Logiciel: Reigns - (.Nerial.) [HKLM][64Bits] -- Steam App 474750 =>.Valve®

O42 - Logiciel: Reus - (.Abbey Games.) [HKLM][64Bits] -- Steam App 222730 =>.Valve®

O42 - Logiciel: Rising Storm 2: Vietnam - (.Antimatter Games.) [HKLM][64Bits] -- Steam App 418460 =>.Valve®

O42 - Logiciel: Rising Storm/Red Orchestra 2 Multiplayer - (.Tripwire Interactive.) [HKLM][64Bits] -- Steam App 35450 =>.Valve®

O42 - Logiciel: Rocket League - (.Psyonix, Inc..) [HKLM][64Bits] -- Steam App 252950 =>.Valve®

O42 - Logiciel: Rockstar Games Social Club - (.Rockstar Games.) [HKLM][64Bits] -- Rockstar Games Social Club =>.Rockstar Games, Inc.®

O42 - Logiciel: Rodina - (.Elliptic Games.) [HKLM][64Bits] -- Steam App 314230 =>.Valve®

O42 - Logiciel: Scourge of War: Waterloo - (.NorbSoftDev.) [HKLM][64Bits] -- Steam App 369390 =>.Valve®

O42 - Logiciel: SEGA Genesis & Mega Drive Classics - (.Sega.) [HKLM][64Bits] -- Steam App 34270 =>.Valve®

O42 - Logiciel: Shadow Warrior - (.Flying Wild Hog.) [HKLM][64Bits] -- Steam App 233130 =>.Valve®

O42 - Logiciel: SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv =>.NVIDIA Corporation

O42 - Logiciel: SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController =>.NVIDIA Corporation

O42 - Logiciel: Sir, You Are Being Hunted - (.Big Robot Ltd.) [HKLM][64Bits] -- Steam App 242880 =>.Valve®

O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B} =>.Microsoft Corporation

O42 - Logiciel: Skype Web Plugin - (.Skype Technologies S.A..) [HKLM][64Bits] -- {AC7406B6-BB3B-4CD1-AEBA-0527B9CB16FE} =>.Skype Technologies S.A.

O42 - Logiciel: Skype Web Plugin - (.Skype Technologies S.A..) [HKLM][64Bits] -- {FAD5089C-EB67-442F-89A3-970BCD034D40} =>.Skype Technologies S.A.

O42 - Logiciel: Skype™ 7.36 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {3B7E914A-93D5-4A29-92BB-AF8C3F66C431} =>.Skype Technologies S.A.

O42 - Logiciel: Space Engineers - (.Keen Software House.) [HKLM][64Bits] -- Steam App 244850 =>.Valve®

O42 - Logiciel: Spermination - (.Phr00t's Software.) [HKLM][64Bits] -- Steam App 363460 =>.Valve®

O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam =>.Valve®

O42 - Logiciel: Stellaris - (.Paradox Development Studio.) [HKLM][64Bits] -- Steam App 281990 =>.Valve®

O42 - Logiciel: Stranded Deep - (.Beam Team Games.) [HKLM][64Bits] -- Steam App 313120 =>.Valve®

O42 - Logiciel: Sunless Sea - (.Failbetter Games.) [HKLM][64Bits] -- Steam App 304650 =>.Valve®

O42 - Logiciel: Sword With Sauce: Alpha - (.Diatomic Games.) [HKLM][64Bits] -- Steam App 581630 =>.Valve®

O42 - Logiciel: Syrian Warfare - (.Cats Who Play.) [HKLM][64Bits] -- Steam App 485980 =>.Valve®

O42 - Logiciel: Team Fortress 2 - (.Valve.) [HKLM][64Bits] -- Steam App 440 =>.Valve®

O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client =>.TeamSpeak Systems GmbH

O42 - Logiciel: The Binding of Isaac: Rebirth - (.Nicalis, Inc..) [HKLM][64Bits] -- Steam App 250900 =>.Valve®

O42 - Logiciel: The Curious Expedition - (.Maschinen-Mensch.) [HKLM][64Bits] -- Steam App 358130 =>.Valve®

O42 - Logiciel: The Elder Scrolls V: Skyrim - (.Bethesda Game Studios.) [HKLM][64Bits] -- Steam App 72850 =>.Valve®

O42 - Logiciel: The Forest - (.Endnight Games Ltd.) [HKLM][64Bits] -- Steam App 242760 =>.Valve®

O42 - Logiciel: The Howler - (.Antanas Marcelionis.) [HKLM][64Bits] -- Steam App 306040 =>.Valve®

O42 - Logiciel: The Swindle - (.Size Five Games.) [HKLM][64Bits] -- Steam App 369110 =>.Valve®

O42 - Logiciel: The Walking Dead - (..) [HKLM][64Bits] -- Steam App 207610 =>.Valve®

O42 - Logiciel: The Walking Dead: Season Two - (.Telltale Games.) [HKLM][64Bits] -- Steam App 261030 =>.Valve®

O42 - Logiciel: theHunter™: Call of the Wild - (.Expansive Worlds.) [HKLM][64Bits] -- Steam App 518790 =>.Valve®

O42 - Logiciel: This War of Mine - (.11 bit studios.) [HKLM][64Bits] -- Steam App 282070 =>.Valve®

O42 - Logiciel: Tom Clancy's Rainbow Six Siege - (.Ubisoft Montreal.) [HKLM][64Bits] -- Steam App 359550 =>.Valve®

O42 - Logiciel: Total War: ATTILA - (.Creative Assembly.) [HKLM][64Bits] -- Steam App 325610 =>.Valve®

O42 - Logiciel: Total War: ROME II - Emperor Edition - (.Creative Assembly.) [HKLM][64Bits] -- Steam App 214950 =>.Valve®

O42 - Logiciel: Total War™: WARHAMMER® - (.Creative Assembly.) [HKLM][64Bits] -- Steam App 364360 =>.Valve®

O42 - Logiciel: TP-LINK Archer T4U Driver - (.TP-LINK.) [HKLM][64Bits] -- {58F414FE-74CC-42A0-9D86-A089849C510A} =>.TP-LINK

O42 - Logiciel: TP-LINK Wireless Configuration Utility - (.TP-LINK.) [HKLM][64Bits] -- {319D91C6-3D44-436C-9F79-36C0D22372DC} =>.TP-LINK

O42 - Logiciel: Tropico 5 - (.Haemimont Games.) [HKLM][64Bits] -- Steam App 245620 =>.Valve®

O42 - Logiciel: TunnelBear - (.TunnelBear.) [HKLM][64Bits] -- {7094abcc-0311-45f4-aaac-638bf633a58a} =>.TunnelBear, Inc.®

O42 - Logiciel: TunnelBear - (.TunnelBear.) [HKLM][64Bits] -- {EFF0A0F1-E557-4228-8F55-E6DD94516FDC} =>.TunnelBear

O42 - Logiciel: Universe Sandbox ² - (.Giant Army.) [HKLM][64Bits] -- Steam App 230290 =>.Valve®

O42 - Logiciel: Uplay - (.Ubisoft.) [HKLM][64Bits] -- Uplay =>.Ubisoft Entertainment Sweden AB®

O42 - Logiciel: Verdun - (.M2H.) [HKLM][64Bits] -- Steam App 242860 =>.Valve®

O42 - Logiciel: Victoria II - (.Paradox Development Studio.) [HKLM][64Bits] -- Steam App 42960 =>.Valve®

O42 - Logiciel: Viscera Cleanup Detail: Shadow Warrior - (.RuneStorm.) [HKLM][64Bits] -- Steam App 255520 =>.Valve®

O42 - Logiciel: Wargame: Red Dragon - (.Eugen Systems.) [HKLM][64Bits] -- Steam App 251060 =>.Valve®

O42 - Logiciel: Warhammer: End Times - Vermintide - (.Fatshark.) [HKLM][64Bits] -- Steam App 235540 =>.Valve®

O42 - Logiciel: Westerado: Double Barreled - (.Ostrich Banditos.) [HKLM][64Bits] -- Steam App 275200 =>.Valve®

O42 - Logiciel: WinRAR 5.30 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®


---\\ HKCU & HKLM Software Keys (123) - 11s

HKLM\SOFTWARE\Wow6432Node\activision =>.Activision

HKLM\SOFTWARE\Wow6432Node\Adobe =>.Adobe

HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies =>.AGEIA Technologies

HKLM\SOFTWARE\Wow6432Node\BandiMPEG1 =>.Bandisoft

HKLM\SOFTWARE\Wow6432Node\BANDISOFT =>.Bandisoft

HKLM\SOFTWARE\Wow6432Node\bethesda softworks =>.Bethesda Softworks

HKLM\SOFTWARE\Wow6432Node\ea games =>.EA Games

HKLM\SOFTWARE\Wow6432Node\EasyAntiCheat =>.EasyAntiCheat

HKLM\SOFTWARE\Wow6432Node\Electronic Arts =>.Electronic Arts

HKLM\SOFTWARE\Wow6432Node\Even Balance =>.Even Balance Inc

HKLM\SOFTWARE\Wow6432Node\Google =>.Google

HKLM\SOFTWARE\Wow6432Node\IM Providers =>.IM Providers

HKLM\SOFTWARE\Wow6432Node\Intel =>.Intel

HKLM\SOFTWARE\Wow6432Node\JavaSoft =>.JavaSoft

HKLM\SOFTWARE\Wow6432Node\JreMetrics =>.JreMetrics

HKLM\SOFTWARE\Wow6432Node\Khronos =>.Khronos

HKLM\SOFTWARE\Wow6432Node\Macromedia =>.Macromedia

HKLM\SOFTWARE\Wow6432Node\Modulaatio Games =>.Modulaatio Games

HKLM\SOFTWARE\Wow6432Node\Mojang =>.Mojang

HKLM\SOFTWARE\Wow6432Node\mount&blade warband =>.Mount And Blade

HKLM\SOFTWARE\Wow6432Node\Mozilla =>.Mozilla

HKLM\SOFTWARE\Wow6432Node\mozilla.org =>.mozilla.org

HKLM\SOFTWARE\Wow6432Node\MozillaPlugins =>.MozillaPlugins

HKLM\SOFTWARE\Wow6432Node\Norton =>.Symantec Corporation

HKLM\SOFTWARE\Wow6432Node\Nuance =>.Nuance

HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation =>.nVidia Corporation

HKLM\SOFTWARE\Wow6432Node\ODBC =>.DB Connectivity Solutions

HKLM\SOFTWARE\Wow6432Node\OpenAL =>.Open Audio Library

HKLM\SOFTWARE\Wow6432Node\Origin =>.Electronic Arts, Inc.

HKLM\SOFTWARE\Wow6432Node\Overwolf =>.Overwolf

HKLM\SOFTWARE\Wow6432Node\paradox interactive =>.Paradox Interactive

HKLM\SOFTWARE\Wow6432Node\PivotAnimator

HKLM\SOFTWARE\Wow6432Node\Redhook

HKLM\SOFTWARE\Wow6432Node\Rockstar Games =>.Rockstar Games

HKLM\SOFTWARE\Wow6432Node\RtWlan =>.Realtek Semiconductor Corp.

HKLM\SOFTWARE\Wow6432Node\Safer Technologies

HKLM\SOFTWARE\Wow6432Node\SEGA =>.SEGA

HKLM\SOFTWARE\Wow6432Node\Skype =>.Skype

HKLM\SOFTWARE\Wow6432Node\Symantec =>.Symantec

HKLM\SOFTWARE\Wow6432Node\techland =>.Techland

HKLM\SOFTWARE\Wow6432Node\THQ =>.THQ

HKLM\SOFTWARE\Wow6432Node\TP-LINK =>.TP-LINK

HKLM\SOFTWARE\Wow6432Node\TunnelBear =>.TunnelBear

HKLM\SOFTWARE\Wow6432Node\Ubisoft =>.Ubisoft

HKLM\SOFTWARE\Wow6432Node\Valve =>.Valve

HKLM\SOFTWARE\Wow6432Node\WinRAR =>.WinRAR

HKLM\SOFTWARE\Wow6432Node\RegisteredApplications =>.Microsoft Corporation

HKCU\SOFTWARE\4A-Games

HKCU\SOFTWARE\Adobe =>.Adobe

HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation

HKCU\SOFTWARE\Audiosurf, LLC

HKCU\SOFTWARE\BandiMPEG1 =>.Bandisoft

HKCU\SOFTWARE\BANDISOFT =>.Bandisoft

HKCU\SOFTWARE\Beam Team Games

HKCU\SOFTWARE\Big Robot =>.Big Robot

HKCU\SOFTWARE\Blindflug Studios AG

HKCU\SOFTWARE\Blue Isle Studios

HKCU\SOFTWARE\BugSplat =>.Bugsplat Game

HKCU\SOFTWARE\BullGuard Ltd. =>.BullGuard Ltd.

HKCU\SOFTWARE\Canon =>.Canon

HKCU\SOFTWARE\Chromium =>.Chromium

HKCU\SOFTWARE\Colossal Order =>.Colossal Order

HKCU\SOFTWARE\devolver =>.Devolver

HKCU\SOFTWARE\Dinosaur Polo Club

HKCU\SOFTWARE\Dreamsite Games

HKCU\SOFTWARE\Emmanuel Ramos

HKCU\SOFTWARE\Endless Loop Studios

HKCU\SOFTWARE\Epic Games =>.Epic Games

HKCU\SOFTWARE\Free Lives =>.Free Lives

HKCU\SOFTWARE\Giant Army

HKCU\SOFTWARE\Google =>.Google

HKCU\SOFTWARE\IM Providers =>.IM Providers

HKCU\SOFTWARE\Intel =>.Intel

HKCU\SOFTWARE\IO Interactive =>.IO Interactive

HKCU\SOFTWARE\JavaSoft =>.JavaSoft

HKCU\SOFTWARE\Landfall

HKCU\SOFTWARE\Macromedia =>.Macromedia

HKCU\SOFTWARE\Mastfire Studios

HKCU\SOFTWARE\Matthew Brown =>.Matthew Brown

HKCU\SOFTWARE\Mojang =>.Mojang

HKCU\SOFTWARE\MountAndBladeWarbandKeys =>.Mount And Blade

HKCU\SOFTWARE\MountAndBladeWarbandWFASKeys =>.Mount And Blade

HKCU\SOFTWARE\Mozilla =>.Mozilla

HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins

HKCU\SOFTWARE\Ndemic Creations =>.Ndemic Creations

HKCU\SOFTWARE\Netscape =>.Netscape

HKCU\SOFTWARE\Norton =>.Symantec Corporation

HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation

HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions

HKCU\SOFTWARE\OpenAutomate =>.nVidia Corporation

HKCU\SOFTWARE\Overwolf =>.Overwolf

HKCU\SOFTWARE\Piriform =>.Piriform

HKCU\SOFTWARE\ProtectedStorage =>.Microsoft Corporation

HKCU\SOFTWARE\Python =>.Python

HKCU\SOFTWARE\QtProject =>.QtProject

HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.

HKCU\SOFTWARE\Red Hook Studios =>.Red Hook Studios

HKCU\SOFTWARE\Rockstar Games =>.Rockstar Games

HKCU\SOFTWARE\Safer Technologies

HKCU\SOFTWARE\SEGA =>.SEGA

HKCU\SOFTWARE\Shining Rock Software LLC =>.Shining Rock Software LLC

HKCU\SOFTWARE\Size Five Games

HKCU\SOFTWARE\SKS =>.SKS Software

HKCU\SOFTWARE\Skype =>.Skype

HKCU\SOFTWARE\skypeapp-3f0685d5ce7e

HKCU\SOFTWARE\SkypePlugin =>.Skype Technologies

HKCU\SOFTWARE\SUPERHOT_Team

HKCU\SOFTWARE\telltale games =>.Telltale Games

HKCU\SOFTWARE\The Creative Assembly =>.The Creative Assembly

HKCU\SOFTWARE\TheCreativeAssembly =>.The Creative Assembly

HKCU\SOFTWARE\TunnelBear =>.TunnelBear

HKCU\SOFTWARE\Ubisoft =>.Ubisoft

HKCU\SOFTWARE\Unity =>.Unity

HKCU\SOFTWARE\Valve =>.Valve

HKCU\SOFTWARE\Verdun

HKCU\SOFTWARE\VITALI KIRPU & QUADRO DELTA

HKCU\SOFTWARE\Warm Lamp Games

HKCU\SOFTWARE\WinRAR =>.WinRAR

HKCU\SOFTWARE\WinRAR SFX =>.RarLab

HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation

HKCU\SOFTWARE\ZHP =>.Nicolas Coolman

HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation

HKCU\SOFTWARE\AppDataLow\Software\Norton =>.Symantec Corporation


---\\ Contents of the Common Files folders (279) - 3s

O43 - CFD: 14/08/2017 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation

O43 - CFD: 14/08/2017 - [] D -- C:\Program Files\DVD Maker =>.Aone Software

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files\Intel =>.Intel Corporation

O43 - CFD: 14/08/2017 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation

O43 - CFD: 14/08/2017 - [] D -- C:\Program Files\Java =>.Oracle

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files\Microsoft Office 15 =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files\Microsoft Xbox 360 Accessories =>.Microsoft Corporation

O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files\Nexus Mod Manager =>.Winstep Software Technologies

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files\NortonInstaller =>.Symantec

O43 - CFD: 14/08/2017 - [] D -- C:\Program Files\NVIDIA Corporation =>.nVidia Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files\Realtek =>.Realtek

O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files\Rockstar Games =>.Rockstar Games, Inc.®

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files\TeamSpeak 3 Client =>.TeamSpeak

O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation

O43 - CFD: 14/08/2017 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Corporation

O43 - CFD: 14/08/2017 - [] D -- C:\Program Files\Windows Journal =>.Microsoft Corporation

O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation

O43 - CFD: 14/08/2017 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation

O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows NT =>.Microsoft Corporation

O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation

O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation

O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated®

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Adobe Photoshop CS6 =>.Adobe Inc.

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Audacity =>.Audacity

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\BandiMPEG1 =>.Bandisoft

O43 - CFD: 03/09/2017 - [] D -- C:\Program Files (x86)\Common Files =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\EA GAMES =>.EA Games

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®

O43 - CFD: 13/08/2017 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation

O43 - CFD: 14/08/2017 - [] D -- C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Microsoft =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Microsoft ASP.NET =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Microsoft Chart Controls =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE =>.Microsoft Corporation

O43 - CFD: 05/09/2017 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Microsoft OneDrive =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Microsoft XNA =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Minecraft =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla

O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\MSBuild =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Norton Security =>.Symantec

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\NortonInstaller =>.Symantec

O43 - CFD: 14/08/2017 - [] D -- C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\OpenAL =>.Open Audio Library

O43 - CFD: 26/10/2016 - [0] D -- C:\Program Files (x86)\Origin Games =>.Electronic Arts, Inc.

O43 - CFD: 30/08/2017 - [] D -- C:\Program Files (x86)\Overwolf =>.Overwolf

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Pivot Animator

O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Rockstar Games =>.Rockstar Games, Inc.®

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Safer Technologies =>.Safer Technologies

O43 - CFD: 13/08/2017 - [] RD -- C:\Program Files (x86)\Skype =>.Skype

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\THQ =>.Microsoft Corporation®

O43 - CFD: 04/09/2017 - [] D -- C:\Program Files (x86)\TunnelBear =>.TunnelBear, Inc.®

O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation

O43 - CFD: 14/08/2017 - [] D -- C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Windows Live =>.Microsoft Corporation

O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation

O43 - CFD: 14/08/2017 - [] D -- C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation

O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT =>.Microsoft Corporation

O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation

O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation

O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\WinRAR =>.win.rar GmbH®

O43 - CFD: 03/07/2013 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation

O43 - CFD: 03/07/2013 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 =>.Adobe Inc.

O43 - CFD: 14/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DarthMod Shogun II

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES =>.EA Games

O43 - CFD: 13/08/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation

O43 - CFD: 14/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle

O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation

O43 - CFD: 14/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager =>.Winstep Software Technologies

O43 - CFD: 13/08/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security =>.Symantec

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin =>.Electronic Arts, Inc.

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pivot Animator

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype =>.Skype

O43 - CFD: 13/08/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games

O43 - CFD: 12/04/2011 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC =>.Wacom Technology

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client =>.TeamSpeak

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ =>.THQ

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK =>.TP-LINK

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear =>.TunnelBear

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\.mono =>.Legitimate

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Adobe =>.Adobe

O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\boost_interprocess =>.boost.org

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\BullGuard =>.BullGuard Software

O43 - CFD: 13/08/2017 - [] HD -- C:\ProgramData\CanonBJ =>.Canon Inc.

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Codemasters =>.Codemasters

O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop =>.Microsoft Corporation

O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Electronic Arts =>.Electronic Arts

O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Hotspot Shield =>.Hotspot Shield

O43 - CFD: 13/08/2017 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Norton =>.Symantec Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\NortonInstaller =>.Symantec

O43 - CFD: 31/08/2017 - [] D -- C:\ProgramData\NVIDIA =>.nVidia Corporation

O43 - CFD: 14/08/2017 - [] D -- C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Oracle =>.Oracle

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Origin =>.Electronic Arts, Inc.

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Overwolf =>.Overwolf

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Pivot Animator

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\regid.1986-12.com.adobe =>.Adobe Inc.

O43 - CFD: 03/09/2017 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Skype =>.Skype

O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu =>.Microsoft Corporation

O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\TP-LINK =>.TP-LINK

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Common Files\Adobe =>.Adobe

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR =>.Adobe Inc.

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Common Files\BattlEye =>.BattlEye

O43 - CFD: 03/09/2017 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER =>.Designer

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation

O43 - CFD: 14/08/2017 - [] D -- C:\Program Files (x86)\Common Files\Java =>.Oracle

O43 - CFD: 03/09/2017 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared =>.Microsoft Corporation

O43 - CFD: 30/08/2017 - [] D -- C:\Program Files (x86)\Common Files\Overwolf =>.Overwolf

O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Common Files\Skype =>.Skype

O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines =>.Microsoft Corporation

O43 - CFD: 31/08/2017 - [] D -- C:\Program Files (x86)\Common Files\Steam =>.Steam Games

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Common Files\Symantec Shared =>.Symantec Corporation

O43 - CFD: 14/08/2017 - [] D -- C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Common Files\Windows Live =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard =>.Seagate

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\.minecraft =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\.mono =>.Legitimate

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\11bitstudios =>.11 Bit Studios

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\3909 =>.3909

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Adobe =>.Adobe

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Audacity =>.Audacity

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Awesomium =>.Awesomium Technologies LLC

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\BANDISOFT =>.Bandisoft

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\BullGuard =>.BullGuard Software

O43 - CFD: 31/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\discord =>.GitHub

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Domina

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\EasyAntiCheat

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Fatshark =>.Fatshark

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Frontier Developments =>.Frontier Developments

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Google =>.Google

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Identities =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Injustice

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Io Interactive =>.IO Interactive

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\java =>.Oracle

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Kalypso Media =>.Kalypso Media

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Macromedia =>.Macromedia

O43 - CFD: 12/04/2011 - [0] D -- C:\Users\Dan\AppData\Roaming\Media Center Programs =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] SD -- C:\Users\Dan\AppData\Roaming\Microsoft =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Mount&Blade Warband =>.Mount And Blade

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Mount&Blade With Fire and Sword =>.Mount And Blade

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Mozilla =>.Mozilla Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\NekoWorks

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\NVIDIA =>.nVidia Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\OBS =>.OBS

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\OpenCandy =>Adware.OpenCandy

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Origin =>.Electronic Arts, Inc.

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\PixelPiracy

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Running with rifles

O43 - CFD: 05/09/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Skype =>.Skype

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\SpaceEngineers

O43 - CFD: 14/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Sun =>.Oracle

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\The Creative Assembly =>.The Creative Assembly

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\The Curious Expedition

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\TP-LINK =>.TP-LINK

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Tropico 5 =>.Kalypso Media

O43 - CFD: 17/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\TS3Client =>.TeamSpeak

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\TunnelBear =>.TunnelBear

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\WesteradoDB

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\WinRAR =>.WinRAR

O43 - CFD: 05/09/2017 - [] D -- C:\Users\Dan\AppData\Roaming\ZHP =>.Nicolas Coolman

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\2K Games =>.2K Games

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\4A Games =>.4A Games

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Adobe =>.Adobe

O43 - CFD: 13/08/2017 - [0] SHD -- C:\Users\Dan\AppData\Local\Application Data =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Apps =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Audacity =>.Audacity

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Black_Tree_Gaming =>.Black Tree Gaming Ltd

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\CEF =>.CEF

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Chromium =>.Chromium

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Colossal Order =>.Colossal Order Ltd

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\CrashDumps =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\CrashRpt

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Curious Expedition

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Darksiders

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Diagnostics =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Discord =>.GitHub

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Fallout3 =>.Black Isle Studios

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Fallout4 =>.Black Isle Studios

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Frontier Developments =>.Frontier Developments

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Google =>.Google

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\GWX =>.GWX

O43 - CFD: 13/08/2017 - [0] SHD -- C:\Users\Dan\AppData\Local\History =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\id Software =>.id Software

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Introversion =>.Introversion

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\IsolatedStorage =>.id Software

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Kholat

O43 - CFD: 25/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Microsoft =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Microsoft Help =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Mozilla =>.Mozilla Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Ndemic Creations =>.Ndemic Creations

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\NVIDIA =>.nVidia Corporation

O43 - CFD: 14/08/2017 - [] D -- C:\Users\Dan\AppData\Local\NVIDIA Corporation =>.nVidia Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\OfficeBSCache-MyComputer

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Origin =>.Electronic Arts, Inc.

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Overwolf =>.Overwolf

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Package Cache =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Programs =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\PunkBuster =>.PunkBuster Games

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Rockstar Games =>.Rockstar Games

O43 - CFD: 27/01/2016 - [0] D -- C:\Users\Dan\AppData\Local\Skype =>.Skype

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\SkypePlugin =>.Skype Technologies

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Skyrim =>.Skyrim Games

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\SmallBasic

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Sniper3

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\SniperV2 =>.Games Software

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\SquirrelTemp =>.Squirrels

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Steam =>.Steam Games

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\SUPERHOT_Sp_z_o.o

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\SwordWithSauce

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\TeamSpeak 3 =>.TeamSpeak

O43 - CFD: 05/09/2017 - [] D -- C:\Users\Dan\AppData\Local\Temp =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [0] SHD -- C:\Users\Dan\AppData\Local\Temporary Internet Files =>.Microsoft Corporation

O43 - CFD: 11/01/2016 - [0] D -- C:\Users\Dan\AppData\Local\THQ =>.THQ

O43 - CFD: 17/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Ubisoft Game Launcher =>.Ubisoft

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\UnrealEngine =>.Unreal Software

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\VirtualStore =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Windows Live =>.Microsoft Corporation

O43 - CFD: 05/09/2017 - [] D -- C:\Users\Dan\AppData\Local\ZHP =>.Nicolas Coolman

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64}

O43 - CFD: 17/10/2015 - [0] D -- C:\Users\Dan\AppData\Local\Programs\Common =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Local\Programs\Python =>.Python

O43 - CFD: 14/07/2009 - [] RD -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation

O43 - CFD: 14/08/2017 - [] RD -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AGOT

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc =>.Hammer & Chisel, Inc

O43 - CFD: 14/07/2009 - [] RD -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton =>.Symantec Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf =>.Overwolf

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.5 =>.Python

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Small Basic

O43 - CFD: 14/08/2017 - [] RD -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft =>.Ubisoft

O43 - CFD: 13/08/2017 - [] D -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR

O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation

O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\History =>.Microsoft Corporation

O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation

O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation

O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation

O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation

O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation

O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation

O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation

O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Local\IsolatedStorage =>.id Software

O43 - CFD: 14/08/2017 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation

O43 - CFD: 22/08/2017 - [0] -- C:\Windows\System32\Config\systemprofile\AppData\Local\Overwolf =>.Overwolf

O43 - CFD: 14/07/2009 - [] SD -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation

O43 - CFD: 13/08/2017 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\TunnelBear =>.TunnelBear


---\\ ShellIconOverlayIdentifiers (SIOI) (13) - 1s

O106 - SIOI: OverlayExcluded Class [ OverlayExcluded] - {4433A54A-1AC8-432F-90FC-85F045CF383C}. (.Symantec Corporation - Backup Shell.) -- C:\Program Files (x86)\Norton Security\Engine32\22.9.1.12\BuShell.dll =>.Symantec Corporation®

O106 - SIOI: OverlayPending Class [ OverlayPending] - {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}. (.Symantec Corporation - Backup Shell.) -- C:\Program Files (x86)\Norton Security\Engine32\22.9.1.12\BuShell.dll =>.Symantec Corporation®

O106 - SIOI: OverlayProtected Class [ OverlayProtected] - {476D0EA3-80F9-48B5-B70B-05E677C9C148}. (.Symantec Corporation - Backup Shell.) -- C:\Program Files (x86)\Norton Security\Engine32\22.9.1.12\BuShell.dll =>.Symantec Corporation®

O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Dan\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll =>.Microsoft Corporation®

O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Dan\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll =>.Microsoft Corporation®

O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Dan\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll =>.Microsoft Corporation®

O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Dan\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll =>.Microsoft Corporation®

O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Dan\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll =>.Microsoft Corporation®

O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation

O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation

O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation


---\\ Image File Execution Options (4) - 0s

O50 - IFEO:C:\Windows\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialization Utility.) [MitigationOptions\\256] =>.Microsoft Corporation

O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\\256] =>.Microsoft Corporation

O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] =>.Microsoft Corporation

O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\\256] =>.Microsoft Corporation


---\\ System Drivers List (59) - 7s

O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows®

O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows®

O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows®

O58 - SDL:2009/07/14 02:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows®

O58 - SDL:2013/12/13 21:00:34 A . (.Advanced Micro Devices, Inc. - AMD PCI Root Bus Lower Filter.) -- C:\Windows\System32\drivers\amdkmpfd.sys [36608] =>.Advanced Micro Devices, Inc.®

O58 - SDL:2010/11/21 04:23:47 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows®

O58 - SDL:2009/07/14 02:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows®

O58 - SDL:2010/11/21 04:23:47 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows®

O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows®

O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows®

O58 - SDL:2009/06/10 21:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation

O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd.

O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd.

O58 - SDL:2009/07/14 02:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd.

O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd.

O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd.

O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd.

O58 - SDL:2009/06/10 21:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation

O58 - SDL:2009/07/14 02:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows®

O58 - SDL:2009/07/14 02:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows®

O58 - SDL:2009/06/10 21:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation

O58 - SDL:2009/06/10 21:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc.

O58 - SDL:2014/03/20 12:43:02 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [64512] =>.Intel Corporation - Intel® Management Engine Firmware®

O58 - SDL:2010/11/21 04:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows®

O58 - SDL:2014/04/11 10:30:44 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver -.) -- C:\Windows\System32\drivers\iaStorA.sys [645480] =>.Intel Corporation - Intel® Rapid Storage Technology®

O58 - SDL:2014/04/11 10:30:44 A . (.Intel Corporation - Intel(R) Rapid Storage Technology Filter dr.) -- C:\Windows\System32\drivers\iaStorF.sys [28008] =>.Intel Corporation - Intel® Rapid Storage Technology®

O58 - SDL:2010/11/21 04:23:47 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows®

O58 - SDL:2015/08/09 04:50:42 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [4928256] =>.Intel Corporation - pGFX®

O58 - SDL:2009/07/14 02:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows®

O58 - SDL:2014/10/03 14:35:54 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [454416] =>.Intel Corporation - Client Components Group®

O58 - SDL:2014/02/22 05:56:14 A . (.Intel Corporation - Intel(R) USB 3.0 Hub Driver.) -- C:\Windows\System32\drivers\iusb3hub.sys [370672] =>.Intel Corporation - Software and Firmware Products®

O58 - SDL:2014/02/22 05:56:14 A . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller.) -- C:\Windows\System32\drivers\iusb3xhc.sys [791024] =>.Intel Corporation - Software and Firmware Products®

O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows®

O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows®

O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows®

O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows®

O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows®

O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows®

O58 - SDL:2009/06/10 21:35:35 A . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28x.sys [620544] =>.Ralink Technology, Corp.

O58 - SDL:2009/07/14 02:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows®

O58 - SDL:2017/08/10 01:22:47 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [15425984] =>.NVIDIA Corporation®

O58 - SDL:2010/11/21 04:23:47 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows®

O58 - SDL:2010/11/21 04:23:47 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows®

O58 - SDL:2015/03/13 20:41:48 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\Windows\System32\drivers\nvvad64v.sys [38032] =>.NVIDIA Corporation®

O58 - SDL:2009/07/14 02:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows®

O58 - SDL:2009/07/14 02:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows®

O58 - SDL:2011/12/26 12:43:27 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [646248] =>.Realtek Semiconductor Corp®

O58 - SDL:2014/05/28 13:23:26 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [3977944] =>.Realtek Semiconductor Corp®

O58 - SDL:2013/11/14 16:50:34 A . (.Realtek Semiconductor Corporation - Realtek WLAN USB NDIS Driver.) -- C:\Windows\System32\drivers\RTWlanU.sys [2978520] =>.Realtek Semiconductor Corp®

O58 - SDL:2009/06/10 21:37:19 A . (.Macrovision Europe Ltd - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040]

O58 - SDL:2009/07/14 02:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows®

O58 - SDL:2009/07/14 02:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows®

O58 - SDL:2009/07/14 02:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows®

O58 - SDL:2017/09/04 03:38:44 A . (.Symantec Corporation - Symantec Event Library.) -- C:\Windows\System32\drivers\SYMEVENT64x86.SYS [102568] =>.Symantec Corporation®

O58 - SDL:2016/09/20 13:05:28 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\drivers\taphss6.sys [42064] =>.AnchorFree Inc®

O58 - SDL:2014/03/20 12:43:02 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [118272] =>.Intel Corporation - Intel® Management Engine Firmware®

O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows®

O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows®

O58 - SDL:2013/11/14 16:50:34 A . (.Realtek Semiconductor Corporation - Realtek WLAN USB NDIS Driver.) -- C:\Windows\System32\rtwlanu.sys [2978520] =>.Realtek Semiconductor Corp®


---\\ File Associations Shell Spawning (10) - 0s

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE =>.Microsoft Corporation®

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (...) -- %1" %*

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation

O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S


---\\ Start Menu Internet (12) - 0s

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox> [64Bits][HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®

O68 - StartMenuInternet: <Google Chrome> <Google Chrome> [64Bits][HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation

O68 - StartMenuInternet: <Google Chrome> <Google Chrome> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation

O68 - StartMenuInternet: <Google Chrome> <Google Chrome> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation

O68 - StartMenuInternet: <Google Chrome> <Google Chrome> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation


---\\ Search Browser Infection (7) - 2s

O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com

O69 - SBI: SearchScopes [HKCU] [64Bits]{A6A1D0B1-E2C0-425C-9FA5-600268E3E449} - (Yahoo Search!) - http://search.yahoo.com/ =>.Yahoo! Inc.

O69 - SBI: SearchScopes [HKCU] [64Bits]{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} - (Norton Safe Search) - http://nortonsafe.search.ask.com/ =>.Symantec Corporation

O69 - SBI: SearchScopes [HKCU] [64Bits]{E5C08DF4-F5F1-4F74-B779-C18750CDCC3F} - (Default) - http://searchinterneat-a.akamaihd.net/ =>.SUP.AkamaiHD

O69 - SBI: SearchScopes [HKLM] [64Bits]OldSearch - (Yahoo! UK & Ireland) - http://uk.yhs4.search.yahoo.com/ =>.Yahoo! Inc.

O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com

O69 - SBI: SearchScopes [HKLM] [64Bits]{E5C08DF4-F5F1-4F74-B779-C18750CDCC3F} [DefaultScope] - (Default) - http://searchinterneat-a.akamaihd.net/ =>.SUP.AkamaiHD


---\\ Search Svchost Services (33) - 0s

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [236032] =>.Microsoft Corporation

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [794624] =>.Microsoft Corporation

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [859648] =>.Microsoft Corporation

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [680448] =>.Microsoft Corporation

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\sens.dll [64512] =>.Microsoft Corporation

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [683520] =>.Microsoft Corporation

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2651136] =>.Microsoft Corporation

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70144] =>.Microsoft Corporation

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [156672] =>.Microsoft Corporation

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [67584] =>.Microsoft Corporation

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\sessenv.dll [121856] =>.Microsoft Corporation

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704] =>.Microsoft Corporation

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [1110016] =>.Microsoft Corporation

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\kmsvc.dll [90624] =>.Microsoft Corporation

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [210432] =>.Microsoft Corporation

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [44544] =>.Microsoft Corporation

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation

O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [193536] =>.Microsoft Corporation


---\\ Firewall Active Exception List (75) - 10s

O87 - FAEL: "{9EF21195-2FF3-469C-A2E6-C75F54C9E403}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe =>.Steam Games

O87 - FAEL: "{8751276E-0CFE-488F-B354-0042937D54ED}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe =>.Steam Games

O87 - FAEL: "UDP Query User{FA795D5E-A9B9-4D7E-9D00-E16CA398D6EE}E:\steam\steamapps\common\sword with sauce alpha\swordwithsauce\binaries\win64\swordwithsauce-win64-shipping.exe" [In-None-P17-TRUE] .(.Diatomic Games - Sword With Sauce.) -- E:\steam\steamapps\common\sword with sauce alpha\swordwithsauce\binaries\win64\swordwithsauce-win64-shipping.exe =>.Steam SteamApps Games

O87 - FAEL: "TCP Query User{CFFE91F1-1D3F-4835-B704-F5F4A9262B91}E:\steam\steamapps\common\sword with sauce alpha\swordwithsauce\binaries\win64\swordwithsauce-win64-shipping.exe" [In-None-P6-TRUE] .(.Diatomic Games - Sword With Sauce.) -- E:\steam\steamapps\common\sword with sauce alpha\swordwithsauce\binaries\win64\swordwithsauce-win64-shipping.exe =>.Steam SteamApps Games

O87 - FAEL: "{31DBB65F-F7A5-4814-B503-25F4476524D0}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Sword With Sauce Alpha\SwordWithSauce.exe =>.Steam Games

O87 - FAEL: "{2E786667-6141-434C-A780-255A6910E673}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Sword With Sauce Alpha\SwordWithSauce.exe =>.Steam Games

O87 - FAEL: "{DEBF978F-35D0-4D7E-AD01-31B137442E90}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\theHunterCotW\theHunterCotW_F.exe =>.Steam Games

O87 - FAEL: "{D4F83BA4-18EE-41D3-9A9F-9240A5C38382}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\theHunterCotW\theHunterCotW_F.exe =>.Steam Games

O87 - FAEL: "{9245239C-163E-414D-8D24-B1D9CE981418}" [In-None-P17-TRUE] .(.DolphinBarn - Domina.) -- E:\Steam\steamapps\common\Domina\Domina.exe =>.Steam SteamApps Games

O87 - FAEL: "{229F5F9A-4796-45AB-894A-1372D1023DD6}" [In-None-P6-TRUE] .(.DolphinBarn - Domina.) -- E:\Steam\steamapps\common\Domina\Domina.exe =>.Steam SteamApps Games

O87 - FAEL: "{443343FA-EEED-4D05-BC43-B8310536B93D}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Syrian Warfare\bin\SyrianWarfare.exe =>.Steam Games

O87 - FAEL: "{2FF90DBB-0406-41DF-8E03-403D91B3EB52}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Syrian Warfare\bin\SyrianWarfare.exe =>.Steam Games

O87 - FAEL: "{DC51661D-7F68-457D-8430-3B0E93495A8F}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\ClusterTruck\Clustertruck.exe =>.Steam Games

O87 - FAEL: "{B9BDF904-4648-4ADB-B3CA-0E59657FFFEB}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\ClusterTruck\Clustertruck.exe =>.Steam Games

O87 - FAEL: "{F84E3176-CF7B-409C-A59E-FC647FBC883F}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Audiosurf 2\Audiosurf2.exe =>.Steam Games

O87 - FAEL: "{55FB82E4-5B01-46C5-85D1-9401F194E31D}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Audiosurf 2\Audiosurf2.exe =>.Steam Games

O87 - FAEL: "{C8981042-BF2C-495F-9EE0-F9456AACC242}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe =>.Steam Games

O87 - FAEL: "{221E8CC9-8AAA-4C6A-93A1-2E0B40377098}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe =>.Steam Games

O87 - FAEL: "{2E49665E-D241-4A03-98DA-5852486E1F6E}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Kerbal Space Program\KSP.exe =>.Steam Games

O87 - FAEL: "{D2C17914-8F24-447A-82DE-458D5DEC49A2}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Kerbal Space Program\KSP.exe =>.Steam Games

O87 - FAEL: "{97BEEF9C-E91C-467B-B7AF-7678E676FD8C}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\FirstStrikeFinalHour\FirstStikeFinalHour.exe =>.Steam Games

O87 - FAEL: "{47544D27-5040-44E8-931A-050BD916A9F9}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\FirstStrikeFinalHour\FirstStikeFinalHour.exe =>.Steam Games

O87 - FAEL: "UDP Query User{B9388CB9-F2E6-4CB4-86E4-98275B380A1B}E:\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe" [In-None-P17-TRUE] .(...) -- E:\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe =>.Steam Games

O87 - FAEL: "TCP Query User{67039C1E-BFC8-492E-83C3-F4ECC6B74401}E:\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe" [In-None-P6-TRUE] .(...) -- E:\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe =>.Steam Games

O87 - FAEL: "{79398897-AA55-4EBE-A4CF-174B9FF29F98}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\DoorKickers\DoorKickers.exe =>.Steam Games

O87 - FAEL: "{F737ED71-AC79-42DD-931A-9497AB46210D}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\DoorKickers\DoorKickers.exe =>.Steam Games

O87 - FAEL: "{68B62FC8-6D34-4C1B-B8F0-87B5D9CC3B57}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Banished\Application-steam-x64.exe =>.Steam Games

O87 - FAEL: "{B9DEC131-09F7-4D63-8143-826784481799}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Banished\Application-steam-x64.exe =>.Steam Games

O87 - FAEL: "{77059F52-A28A-45DC-8284-D5EDDEA70EA8}" [In-None-P17-TRUE] .(.Norb Software Development, Inc. - Scourge of War - Waterloo.) -- E:\Steam\steamapps\common\Scourge of War Waterloo\SOWWL.exe {00C642D19632BB80C4} =>.Steam SteamApps Games

O87 - FAEL: "{3798A739-5DFA-4825-BFC5-EF093FDC220F}" [In-None-P6-TRUE] .(.Norb Software Development, Inc. - Scourge of War - Waterloo.) -- E:\Steam\steamapps\common\Scourge of War Waterloo\SOWWL.exe {00C642D19632BB80C4} =>.Steam SteamApps Games

O87 - FAEL: "{90CBC851-432B-403E-87EA-51993853EB89}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Blackwake\Blackwake.exe =>.Steam Games

O87 - FAEL: "{217A27C8-548A-4B26-87FB-E157D5C90A94}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Blackwake\Blackwake.exe =>.Steam Games

O87 - FAEL: "{89BC7FAB-24B9-418F-9C7E-534A3123B1D5}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Braid\braid.exe =>.Steam Games

O87 - FAEL: "{E715CA75-720B-40BA-87C6-6002A33AE2AE}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Braid\braid.exe =>.Steam Games

O87 - FAEL: "{D30F36CB-7D63-4A3B-A961-30A61D2DE9C5}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Panzermadels\Panzermadels.exe =>.Steam Games

O87 - FAEL: "{A9BE815F-B4E1-4EDF-A90E-636DB852B603}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Panzermadels\Panzermadels.exe =>.Steam Games

O87 - FAEL: "{1767CAD6-9A86-414E-8B02-FC3A28CCFB14}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Audiosurf\engine\QuestViewer.exe =>.Steam Games

O87 - FAEL: "{97691625-7572-4769-870A-0D530DDB4C03}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Audiosurf\engine\QuestViewer.exe =>.Steam Games

O87 - FAEL: "{FDF63DC1-420C-4E3D-B2AD-F17E03709C20}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe =>.Steam Games

O87 - FAEL: "{AEE7C769-39EB-4E9D-91D3-D62847C35183}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe =>.Steam Games

O87 - FAEL: "{D3D364A1-9F11-483D-A310-06E0DE383F51}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe =>.Steam Games

O87 - FAEL: "{407F5580-E04A-4ED2-A195-8FF05E5F763C}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe =>.Steam Games

O87 - FAEL: "{25BC2235-AE52-47C4-A548-842CD0F4BECD}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe =>.Steam Games

O87 - FAEL: "{6B81137A-C5E8-423A-AD96-B2574B330D61}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe =>.Steam Games

O87 - FAEL: "{24F33C97-33F4-44AC-90B1-B11B5A13135F}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Reigns\Reigns.exe =>.Steam Games

O87 - FAEL: "{3CC4B159-BA84-4086-A80B-F486438F3F81}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Reigns\Reigns.exe =>.Steam Games

O87 - FAEL: "{638F03D5-B23E-4D45-A336-358F4B01FAD9}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\SirYouAreBeingHunted\launcher\sir.exe =>.Steam Games

O87 - FAEL: "{BE1C0583-684C-4250-B6CE-E136CF57FBED}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\SirYouAreBeingHunted\launcher\sir.exe =>.Steam Games

O87 - FAEL: "{0D483D8E-E7A6-4A4D-9688-DBDC4B811C3D}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Victoria 2\victoria2.exe =>.Steam Games

O87 - FAEL: "{432A5774-162A-4E5F-8794-B533C7CC590A}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Victoria 2\victoria2.exe =>.Steam Games

O87 - FAEL: "{3F21D295-365B-4A2D-A6B0-CEBF9A6BE268}" [In-None-P17-TRUE] .(.2K Czech - Mafia II Application.) -- E:\Steam\steamapps\common\Mafia II\pc\mafia2.exe =>.Steam SteamApps Games

O87 - FAEL: "{62C82668-0ACB-4BC7-A472-8FA79FA41669}" [In-None-P6-TRUE] .(.2K Czech - Mafia II Application.) -- E:\Steam\steamapps\common\Mafia II\pc\mafia2.exe =>.Steam SteamApps Games

O87 - FAEL: "{DE40EABE-FBAA-4DE7-9E41-D784D2BE795E}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe =>.Steam Games

O87 - FAEL: "{C40CAABE-3F50-43CD-9C0B-944E643D1F0B}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe =>.Steam Games

O87 - FAEL: "{3B387808-6641-4704-95BD-43C4B161627C}" [In-None-P17-TRUE] .(.Chris Jones - AGS Game Setup.) -- E:\Steam\steamapps\common\Astroloco1\winsetup.exe =>.Steam SteamApps Games

O87 - FAEL: "{0811C7C5-BABE-4F4F-833F-B66A7047F02C}" [In-None-P6-TRUE] .(.Chris Jones - AGS Game Setup.) -- E:\Steam\steamapps\common\Astroloco1\winsetup.exe =>.Steam SteamApps Games

O87 - FAEL: "{20E32851-A107-4FE9-8415-65AFF7306D05}" [In-None-P17-TRUE] .(.Hungry Planet Games - Astroloco: Worst Contact.) -- E:\Steam\steamapps\common\Astroloco1\AstroLoco1.exe =>.Steam SteamApps Games

O87 - FAEL: "{FB4AE6F0-9CFE-4937-BC03-0C3CF0853A77}" [In-None-P6-TRUE] .(.Hungry Planet Games - Astroloco: Worst Contact.) -- E:\Steam\steamapps\common\Astroloco1\AstroLoco1.exe =>.Steam SteamApps Games

O87 - FAEL: "{669200CB-CC12-4307-894C-E7D19A0E7795}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Democracy 3\Democracy3.exe =>.Steam Games

O87 - FAEL: "{31410A78-3B3C-4CFC-90D1-0471D27E4D04}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Democracy 3\Democracy3.exe =>.Steam Games

O87 - FAEL: "{1F95792D-227B-4773-8026-9986CC24EEBD}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox VR.exe =>.Steam Games

O87 - FAEL: "{71DEEE14-47B6-4CD2-AE21-7BEF7F08CF79}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox VR.exe =>.Steam Games

O87 - FAEL: "{E986416F-C4ED-4608-B49E-A138F2211A11}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe (.not file.) =>.Steam Games

O87 - FAEL: "{A528405E-8BB8-4BF3-BB58-30731328943D}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe (.not file.) =>.Steam Games

O87 - FAEL: "{9A5A74F0-4D33-4B4E-8538-4D5772003F1E}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Broforce\Broforce_beta.exe =>.Steam Games

O87 - FAEL: "{E76347D7-E4D7-4044-AA54-C17AE849BA91}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Broforce\Broforce_beta.exe =>.Steam Games

O87 - FAEL: "{6B502C33-FE25-41DA-8340-C8E8BE3AA202}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Hexcells Infinite\Hexcells Infinite.exe =>.Steam Games

O87 - FAEL: "{216A7F06-258B-4771-9138-2C7F8673266B}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Hexcells Infinite\Hexcells Infinite.exe =>.Steam Games

O87 - FAEL: "{23CC8488-320F-41FD-A7DB-51D8C5F1BBD0}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Alien Isolation\AI.exe =>.Steam Games

O87 - FAEL: "{9E2B6E6C-D761-42C7-8054-533EE8B9121D}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\Alien Isolation\AI.exe =>.Steam Games

O87 - FAEL: "{C01E9C4E-BBC0-4636-ADE0-DC5024B5571B}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\KHOLAT\Kholat.exe =>.Steam Games

O87 - FAEL: "{CC009619-4293-4E81-83F7-CCACF57A3BA8}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\KHOLAT\Kholat.exe =>.Steam Games

O87 - FAEL: "{2C0384B5-AB33-4A4E-8D81-C04C16C02762}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\SunlessSea\Sunless Sea.exe =>.Steam Games

O87 - FAEL: "{75FAA455-D3E0-42B7-AF88-FABA47C7AE50}" [In-None-P6-TRUE] .(...) -- E:\Steam\steamapps\common\SunlessSea\Sunless Sea.exe =>.Steam Games

O87 - FAEL: "{19498042-C076-40DC-91E6-098E3D1C2D36}" [In-None-P17-TRUE] .(...) -- E:\Steam\steamapps\common\Howler\Howler.exe =>.Steam Games


---\\ Additional Scan (O88) (44) - 4s

[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] =>.SUP.Orphan

[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] =>.SUP.Orphan

C:\Users\Dan\AppData\Roaming\OpenCandy =>Adware.OpenCandy

HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E5C08DF4-F5F1-4F74-B779-C18750CDCC3F} =>.SUP.AkamaiHD

HKLM64\Software\Microsoft\Internet Explorer\SearchScopes\{E5C08DF4-F5F1-4F74-B779-C18750CDCC3F} =>.SUP.AkamaiHD

C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_battlefield-1942.en.softonic.com_0.localstorage =>.SUP.Softonic

C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_battlefield-1942.en.softonic.com_0.localstorage-journal =>.SUP.Softonic

C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_support.solvusoft.com_0.localstorage =>.SUP.Solvusoft

C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_support.solvusoft.com_0.localstorage-journal =>.SUP.Solvusoft

C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.putlocker-movies.cc_0.localstorage =>PUP.Optional.PutLocker

C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.putlocker-movies.cc_0.localstorage-journal =>PUP.Optional.PutLocker

C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage =>PUP.Optional.Chatango

C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage-journal =>PUP.Optional.Chatango

C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.putlocker-movies.cc_0.localstorage =>PUP.Optional.PutLocker

C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.putlocker-movies.cc_0.localstorage-journal =>PUP.Optional.PutLocker

C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.solvusoft.com_0.localstorage =>.SUP.Solvusoft

C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.solvusoft.com_0.localstorage-journal =>.SUP.Solvusoft

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\1916A2AF346D399F50313C393200F14140456616] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2A83E9020591A55FC6DDAD3FB102794C52B24E70] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2B84BFBB34EE2EF949FE1CBE30AA026416EB2216] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3A850044D8A195CD401A680C012CB0A3B5F8DC08] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\40AA38731BD189F9CDB5B9DC35E2136F38777AF4] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\43D9BCB568E039D073A74A71D8511F7476089CC3] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\471C949A8143DB5AD5CDF1C972864A2504FA23C9] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\61793FCBFA4F9008309BBA5FF12D2CB29CD4151A] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\63FEAE960BAA91E343CE2BD8B71798C76BDB77D0] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\6431723036FD26DEA502792FA595922493030F97] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\80962AE4D6C5B442894E95A13E4A699E07D694CF] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\86E817C81A5CA672FE000F36F878C19518D6F844] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\8E5BD50D6AE686D65252F843A9D4B96D197730AB] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9845A431D51959CAF225322B4A4FE9F223CE6D15] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B533345D06F64516403C00DA03187D3BFEF59156] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B86E791620F759F17B8D25E38CA8BE32E7D5EAC2] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\C060ED44CBD881BD0EF86C0BA287DDCF8167478C] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\CEA586B2CE593EC7D939898337C57814708AB2BE] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D018B62DC518907247DF50925BB09ACF4A5CB3AD] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F8A54E03AADC5692B850496A4C4630FFEAA29D83] =>PUM.Misplaced.Certificate [Avast Software]

[HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\FA6660A94AB45F6A88C0D7874D89A863D74DEE97] =>PUM.Misplaced.Certificate [Avast Software]


---\\ Summary of the elements found (8) - 0s

https://www.nicolascoolman.com/fr/pup-pricesparrow/ =>PUP.Optional.PriceSparrow

https://nicolascoolman.eu/2017/02/24/adware-opencandy/ =>Adware.OpenCandy

https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.AkamaiHD

https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Softonic

https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Solvusoft

https://www.nicolascoolman.com/fr/spyware-putlocker/ =>PUP.Optional.PutLocker

https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Chatango

https://nicolascoolman.eu/2017/06/26/trojan-certlock/ =>PUM.Misplaced.Certificate


~ Unselected Options:

~ End of the scan, 64442 items in 01mn40s (1406)(0)
 
@10months There appears to be some malware active on your machine. Please run these tools while I look over your log.

Rogue Killer Scan.

Download RogueKiller -- (Portable) -- from one of the following links and save it to your Desktop:

Link 1
Link 2

  • Close all other the running programs
  • Disable ALL Antivirus -- Antimalware -- Applications.
  • Right Click Rogue Killer and Run as Administrator.
  • Click the Start Scan button.
  • Allow the scan to run -- it can take ten minutes or more.
  • Once the scan is complete check All items for removal.
  • upload_2017-2-23_10-55-54-png.1658

  • After All items are checked then press Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on open report -- then open txt
  • Copy the content of the report and paste it here in your next reply.

JRT Scan.


Please download Junkware Removal Tool and save it on your desktop.


  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Adware Cleaner Scan.

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
 
Sorry for the response time. As it stands the install for nvidia is still failing the same way as always, that being the monitors losing connection and a sound similar to what it makes on a bluescreen. Have not yet tested any games, will do now, will post again or edit this if they work, if not I won't.

JRT log (first one ran):

File System: 13

Successfully deleted: C:\Users\Dan\AppData\Roaming\3909 (Folder)
Successfully deleted: C:\Users\Dan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23XGC66Y (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\84J2O671 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8EO9XVOP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GS2931V0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23XGC66Y (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\84J2O671 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8EO9XVOP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GS2931V0 (Temporary Internet Files Folder)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_AD2529C7DB5B63D28C23362385276129 (Registry Value)



Rogue Killer log:
RogueKiller V12.11.13.0 (x64) [Sep 4 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Dan[Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 09/08/2017 15:47:26 (Duration : 00:10:04)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 10 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/s...mepage/index.jsp?lg=en&pid=NS&pvid=22.6.0.142 -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/s...mepage/index.jsp?lg=en&pid=NS&pvid=22.6.0.142 -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-630333582-4039751370-1614634531-1000\Software\Microsoft\Internet Explorer\Main | Start Page : C:\Program Files\Internet Explorer\pcspecialist.html -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-630333582-4039751370-1614634531-1000\Software\Microsoft\Internet Explorer\Main | Start Page : C:\Program Files\Internet Explorer\pcspecialist.html -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/s...mepage/index.jsp?lg=en&pid=NS&pvid=22.6.0.142 -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/s...mepage/index.jsp?lg=en&pid=NS&pvid=22.6.0.142 -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-630333582-4039751370-1614634531-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : C:\Program Files\Internet Explorer\pcspecialist.html -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-630333582-4039751370-1614634531-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : C:\Program Files\Internet Explorer\pcspecialist.html -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-630333582-4039751370-1614634531-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-630333582-4039751370-1614634531-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Replaced (1)

¤¤¤ Tasks : 2 ¤¤¤
[Hj.Shortcut] \{B28C17EA-9931-456C-BCA8-E7A7B96573AA} -- "c:\program files (x86)\google\chrome\application\chrome.exe" (https://ui.skype.com/ui/0/7.35.0.103/en/go/help.faq.installer?LastError=1601) -> Deleted
[Hj.Shortcut] \{DF1C8261-E1FE-4965-82AF-80E17E609D25} -- "c:\program files (x86)\google\chrome\application\chrome.exe" (https://ui.skype.com/ui/0/7.35.0.103/en/abandoninstall?page=tsMain) -> Deleted

¤¤¤ Files : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [chrome://history/|https://www.youtube.com/feed/subscriptions|http://www.netflix.com/browse/|https://twitter.com/|(This bit was a homework website for my old school, with the name of the school and my name)] -> Deleted

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 850 EVO 250G SCSI Disk Device +++++
--- User ---
[MBR] 445ece1ef00c4fea7064762733615a31
[BSP] 515c49d6bfb6bcdbd6dd3b39a751d596 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 6000 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 12290048 | Size: 232473 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST2000DM 001-1ER164 SCSI Disk Device +++++
--- User ---
[MBR] 69b904a40fa89ed5aa5551478168ff5b
[BSP] f8d1dc82b54682bb89bdb7ebae5a1b81 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


Adware cleaner log:
# Updated on 2017/29/08 by Malwarebytes
# Database: 09-01-2017.2
# Running on Windows 7 Professional (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\Users\Alex\Documents\Product Key


***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Internet Explorer\SearchScopes | DoNotAskAgain
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Internet Explorer\SearchScopes | DoNotAskAgain
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-630333582-4039751370-1614634531-1000\Software\Microsoft\Internet Explorer\SearchScopes | DoNotAskAgain
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-630333582-4039751370-1614634531-1000\Software\Microsoft\Internet Explorer\SearchScopes | DoNotAskAgain
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-630333582-4039751370-1614634531-1000\Software\Microsoft\Internet Explorer\SearchScopes | DoNotAskAgain
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-630333582-4039751370-1614634531-1000\Software\Microsoft\Internet Explorer\SearchScopes | DoNotAskAgain
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes | DoNotAskAgain
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes | DoNotAskAgain
PUP.Optional.SaferBrowser, [Key] - HKLM\SOFTWARE\Safer Technologies
PUP.Optional.SaferBrowser, [Key] - HKU\S-1-5-21-630333582-4039751370-1614634531-1000\Software\Safer Technologies
PUP.Optional.SaferBrowser, [Key] - HKCU\Software\Safer Technologies


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
 
Hello 10months, my name is Gus and I'll be helping out till Malnutrition is able to return. Thank you for your JRT, Rogue Killer and Adwcleaner logs, unfortunately the Adwcleaner log shows you have scanned only and not actually cleaned the items found. Can you please run Adwcleaner again following the instructions given remembering to use the clean button after scanning.

Have copied the instruction below for you:)

Adware Cleaner Scan.

Please download AdwCleaner by Malwarebytes onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Thanks:thumbsup:
 
Most recent
# AdwCleaner 7.0.2.1 - Logfile created on Sun Sep 10 10:02:44 2017
# Updated on 2017/29/08 by Malwarebytes
# Database: 09-08-2017.1
# Running on Windows 7 Professional (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [2206 B] - [2017/9/8 15:4:51]
C:/AdwCleaner/AdwCleaner[S0].txt - [2203 B] - [2017/9/8 15:2:58]


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########

AdwCleaner[C0].txt (there is no C1)


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Value] - HKU\S-1-5-21-630333582-4039751370-1614634531-1000\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Value] - HKU\S-1-5-21-630333582-4039751370-1614634531-1000\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Value] - HKU\S-1-5-21-630333582-4039751370-1614634531-1000\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Value] - HKU\S-1-5-21-630333582-4039751370-1614634531-1000\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Key] - HKLM\SOFTWARE\Safer Technologies
Deleted: [Key] - HKU\S-1-5-21-630333582-4039751370-1614634531-1000\Software\Safer Technologies
Deleted: [Key] - HKCU\Software\Safer Technologies


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2203 B] - [2017/9/8 15:2:58]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
 
Status
Not open for further replies.