• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

No networks seen

Status
Not open for further replies.
#21
You ask for it...you got it!
~ ZHPDiag v2017.5.1.75 By Nicolas Coolman (2017/05/01)
~ Run by Alan Robinson (Administrator) (2017/05/02 17:49:14)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version:
~ Mode: Scan
~ Report: C:\Users\Alan Robinson\Desktop\ZHPDiag.txt
~ Report: C:\Users\Alan Robinson\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Home, 64-bit (Build 10586) =>.Microsoft Corporation

---\\ Internet Browsers (2) - 0s
~ GCIE: Google Chrome v57.0.2987.133
~ MSIE: Internet Explorer v11.873.10586.0

---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Automatic Updates : OK

---\\ System protection software (2) - 5s
Avast Free Antivirus v17.3.2291 (Protection)
Windows Defender (Deactivate)

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 78 Stepping 3, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 16664.48 MB (88% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 870 GB (93%) free of 935 GB : OK =>.Disk Space

---\\ Connection to the system mode (3) - 0s
~ Computer Name: LAPTOP-I7A2M64K
~ User Name: Alan Robinson
~ Logged in as Administrator

---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 870 GB free of 935 GB (System)
~ Drive D: has 1 GB free of 16 GB
~ Drive F: has 1 GB free of 3 GB

---\\ State of the Windows Security Center (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Search Generic System Files (24) - 1s
[MD5.FBE9252AEC157F10485A88E3EF77F9C4] - 04/03/2017 - (.Microsoft Corporation - Windows Explorer.) -- C:\windows\Explorer.exe [4516800] =>.Microsoft Windows®
[MD5.0DCB89B1F3689BC6262FF30BBD603171] - 30/10/2015 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\windows\System32\rundll32.exe [59392] =>.Microsoft Corporation
[MD5.C1C81AAF533552B3C4D9F11A5FF97700] - 23/04/2016 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\windows\System32\Wininit.exe [291360] =>.Microsoft Windows Publisher®
[MD5.0E89B11FC9D9B1EF2886F4C8161645F8] - 28/03/2017 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\windows\System32\wininet.dll [3405312] =>.Microsoft Corporation
[MD5.046C8307CFB02D0D21CDDBCE5A3C4E3F] - 04/03/2017 - (.Microsoft Corporation - Windows Logon Application.) -- C:\windows\System32\Winlogon.exe [585216] =>.Microsoft Corporation
[MD5.9EEAA1B69DC3FD620AE576CC8F4147DC] - 30/10/2015 - (.Microsoft Corporation - Software Licensing Library.) -- C:\windows\System32\sppcomapi.dll [430592] =>.Microsoft Corporation
[MD5.8427BC27A16470C163C050E094DA80AF] - 04/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\windows\System32\dnsapi.dll [687496] =>.Microsoft Windows®
[MD5.7B120B1C8F4951E119E8FB453F9410DD] - 04/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\windows\Syswow64\dnsapi.dll [535088] =>.Microsoft Windows®
[MD5.70148EFA9A562E7185B75BBE7D376BF7] - 11/04/2016 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\windows\System32\drivers\AFD.sys [578912] =>.Microsoft Windows®
[MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - 30/10/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\windows\System32\drivers\atapi.sys [28512] =>.Microsoft Windows®
[MD5.7F9C7226D743B232907ED2537B8A574F] - 30/10/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\windows\System32\drivers\Cdfs.sys [92672] =>.Microsoft Corporation
[MD5.82D97776BF982AA143BDC7DFB5054EA8] - 30/10/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\windows\System32\drivers\Cdrom.sys [173568] =>.Microsoft Corporation
[MD5.F69EB180AB7F8D324B6A7770959C6434] - 04/03/2017 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\windows\System32\drivers\DfsC.sys [148992] =>.Microsoft Corporation
[MD5.DB1409A2774DB8AD3611EA28C48CEB66] - 25/10/2016 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\windows\System32\drivers\HDAudBus.sys [79872] =>.Microsoft Corporation
[MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - 30/10/2015 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\windows\System32\drivers\i8042prt.sys [114688] =>.Microsoft Corporation
[MD5.9E5E8F2A1996F23B7E9687846AA81B01] - 30/10/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\windows\System32\drivers\IpNat.sys [143360] =>.Microsoft Corporation
[MD5.E899947F5A85901F75AB04C8E5BE60B1] - 04/03/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\windows\System32\drivers\MRxSmb.sys [431456] =>.Microsoft Windows®
[MD5.C03E926B0E7D66D68994067231DC3246] - 28/05/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\windows\System32\drivers\netBT.sys [278528] =>.Microsoft Corporation
[MD5.19BD8A88AAC580592668B070AC0727D9] - 29/03/2016 - (.Microsoft Corporation - NT File System Driver.) -- C:\windows\System32\drivers\ntfs.sys [2152280] =>.Microsoft Windows®
[MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - 30/10/2015 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\windows\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation
[MD5.E3C82823B22463BC38AA4F8ADA852624] - 11/04/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\windows\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation
[MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - 30/10/2015 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\windows\System32\drivers\rdpdr.sys [173056] =>.Microsoft Corporation
[MD5.91D3F2A6253EF83EFBD7903028F58C4D] - 11/04/2016 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\windows\System32\drivers\tdx.sys [118624] =>.Microsoft Windows®
[MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - 30/10/2015 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\windows\System32\drivers\volsnap.sys [414560] =>.Microsoft Windows®

---\\ Non Microsoft non disabled Windows Services (25) - 2s
O23 - Service: McAfee Application Installer Cleanup (0119471489614535) (0119471489614535mcinstcleanup) . (...) - C:\windows\TEMP\011947~1.EXE (.not file.)
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - Avast Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) . (.Dropbox, Inc. - Dropbox Update.) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe =>.Dropbox, Inc®
O23 - Service: @oem8.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) - C:\windows\SysWOW64\esif_uf.exe =>.Intel(R) Software®
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe =>.Intel Corporation-Wireless Connectivity Solutions®
O23 - Service: GamesAppIntegrationService (GamesAppIntegrationService) . (.WildTangent - WildTangent Games App Integration Service.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe =>.WildTangent Inc®
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: McAfee Home Network (HomeNetSvc) . (...) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (.not file.)
O23 - Service: HP Comm Recovery (HP Comm Recover) . (.HP Inc. - CommRecovery.) - c:\Program Files\HPCommRecovery\HPCommRecovery.exe =>.HP Inc.
O23 - Service: @oem4.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\windows\system32\Hpservice.exe =>.Hewlett-Packard Company
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.HP Inc. - HP Support Solutions Framework Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe =>.HP Inc.®
O23 - Service: HPWMISVC (HPWMISVC) . (.HP Inc. - HP WMI Service.) - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe =>.Hewlett-Packard Company®
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe =>.Intel(R) Rapid Storage Technology®
O23 - Service: @oem27.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) . (...) - C:\windows\system32\ibtsiva (.not file.) =>.Intel Corporation
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\windows\system32\igfxCUIService.exe =>.Intel Corporation
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
O23 - Service: McAfee Boot Delay Start Service (mcbootdelaystartsvc) . (...) - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (.not file.)
O23 - Service: McAfee CSP Service (mccspsvc) . (...) - C:\Program Files\Common Files\McAfee\CSP\1.8.190.0\McCSPServiceHost.exe (.not file.)
O23 - Service: McAfee Service Controller (mfemms) . (...) - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (.not file.)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe =>.Intel Corporation-Wireless Connectivity Solutions®
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) . (.Copyright 2004 - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe =>.CyberLink Corp.®
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp®
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe =>.Intel Corporation-Wireless Connectivity Solutions®

---\\ Services not Microsoft (SR=Run, SS=Stop) (29) - 22s
SR - Demand [28/03/2017] [ 7398336] aswbIDSAgent (aswbIDSAgent) . (.AVAST Software s.r.o..) - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe =>.AVAST Software s.r.o.®
SR - Auto [04/04/2017] [ 261712] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
SR - Auto [31/08/2011] [ 462184] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
SR - Demand [22/02/2017] [ 310240] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel(R) pGFX®
SS - Demand [22/02/2017] [ 488928] Intel(R) Content Protection HDCP Service (cplspcon) . (.Intel Corporation.) - C:\windows\system32\IntelCpHDCPSvc.exe =>.Intel(R) pGFX®
SS - Auto [15/03/2017] [ 143144] Dropbox Update Service (dbupdate) (dbupdate) . (.Dropbox, Inc..) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe =>.Dropbox, Inc®
SS - Demand [15/03/2017] [ 143144] Dropbox Update Service (dbupdatem) (dbupdatem) . (.Dropbox, Inc..) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe =>.Dropbox, Inc®
SR - Auto [20/01/2016] [ 1392792] @oem8.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) . (.Intel Corporation.) - C:\windows\SysWOW64\esif_uf.exe =>.Intel(R) Software®
SR - Auto [04/08/2016] [ 640928] Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe =>.Intel Corporation-Wireless Connectivity Solutions®
SR - Auto [22/12/2015] [ 349728] GamesAppIntegrationService (GamesAppIntegrationService) . (.WildTangent.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe =>.WildTangent Inc®
SS - Demand [22/12/2015] [ 209952] GamesAppService (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe =>.WildTangent Inc®
SS - Auto [24/03/2017] [ 153752] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [24/03/2017] [ 153752] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SR - Auto [02/03/2016] [ 44032] HP Comm Recovery (HP Comm Recover) . (.HP Inc..) - c:\Program Files\HPCommRecovery\HPCommRecovery.exe =>.HP Inc.
SR - Demand [28/04/2015] [ 1102472] HP Software Framework Service (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe =>.Hewlett-Packard Company®
SR - Auto [29/06/2015] [ 54448] @oem4.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company.) - C:\windows\system32\Hpservice.exe =>.Hewlett-Packard Company®
SR - Auto [07/04/2017] [ 33640] HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.HP Inc..) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe =>.HP Inc.®
SR - Auto [11/01/2016] [ 606224] HPWMISVC (HPWMISVC) . (.HP Inc..) - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe =>.Hewlett-Packard Company®
SR - Auto [04/11/2015] [ 19440] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe =>.Intel(R) Rapid Storage Technology®
SR - Auto [22/02/2017] [ 350688] Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation.) - C:\windows\system32\igfxCUIService.exe =>.Intel(R) pGFX®
SS - Demand [14/01/2016] [ 976848] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel(R) Trusted Connect Service®
SS - Demand [17/09/2015] [ 19088] Intel(R) WiDi Software Asset Manager (Intel(R) WiDi SAM) . (.Intel Corporation.) - C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe =>.Intel(R) Software Asset Manager®
SR - Auto [11/02/2016] [ 209184] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
SS - Demand [04/08/2016] [ 268704] Wireless PAN DHCP Server (MyWiFiDHCPDNS) . (.Copyright (C) 2005-2010 by Achal Dhir.) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe =>.Intel Corporation-Wireless Connectivity Solutions®
SR - Auto [04/08/2016] [ 157600] Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe =>.Intel Corporation-Wireless Connectivity Solutions®
SR - Auto [14/04/2014] [ 389896] Cyberlink RichVideo64 Service(CRVS) (RichVideo64) . (.Copyright 2004.) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe =>.CyberLink Corp.®
SR - Auto [18/03/2016] [ 310016] Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp®
SR - Auto [26/07/2016] [ 261240] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
SR - Auto [04/08/2016] [ 3732896] Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe =>.Intel Corporation-Wireless Connectivity Solutions®

---\\ Task Planned Automatically (35) - 8s
[MD5.617E1ED0D0D7CF1EF087C1BA2AA1A89B] [APT] [Avast Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2346488] (.Activate.) =>.AVAST Software s.r.o.®
[MD5.A1F58FFF448E4099297D6EE0641D4D0E] [APT] [DropboxUpdateTaskMachineCore] (.Dropbox, Inc..) -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144] (.Activate.) =>.Dropbox, Inc®
[MD5.A1F58FFF448E4099297D6EE0641D4D0E] [APT] [DropboxUpdateTaskMachineUA] (.Dropbox, Inc..) -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144] (.Activate.) =>.Dropbox, Inc®
[MD5.2D8BBF6C7241AAD9EDE7708EBB7B43A4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] (.Activate.) =>.Google Inc®
[MD5.2D8BBF6C7241AAD9EDE7708EBB7B43A4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] (.Activate.) =>.Google Inc®
[MD5.D1BD2B7EDD5D5C0CB3DEABDE0F44E11D] [APT] [HPDAS] (.HP.) -- C:\Program Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe [301832] (.Activate.) =>.Hewlett-Packard®
[MD5.0DDF8D84CEA511BF72638DBBA07DB32F] [APT] [HPGenoobeReminder] (.Copyright © 2012.) -- C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe [34032] (.Activate.) =>.Hewlett-Packard Company®
[MD5.389A9DFEA362871002789A6D95B52717] [APT] [Intel PTT EK Recertification] (.Intel(R) Corporation.) -- C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [857568] (.Activate.) =>.Intel(R) Trusted Connect Service®
[MD5.40A2BC2EA39EC3A6BBE5259671803826] [APT] [IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec] (.Intel Corporation.) -- C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088] (.Activate.) =>.Intel(R) Software Asset Manager®
[MD5.40A2BC2EA39EC3A6BBE5259671803826] [APT] [IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon] (.Intel Corporation.) -- C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088] (.Activate.) =>.Intel(R) Software Asset Manager®
[MD5.00000000000000000000000000000000] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473] (...) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [McAfeeLogon] (...) -- C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [RegistrationModuleReminder_Welcome-S-1-5-21-180794559-3542364667-3217180141-1001] (...) -- C:\Program Files\HP\HP Welcome\Garage.Container.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.F485EE3C484D9874E9DD75E6B4FEE332] [APT] [SafeZone scheduled Autoupdate 1490704360] (.Avast Software.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe [927264] (.Activate.) =>.AVAST Software s.r.o.®
[MD5.283E10FD63971145CC1E750FFA46180E] [APT] [AVAST Software\Avast settings backup] (.AVAST Software.) -- C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [826808] (.Activate.) =>.AVAST Software s.r.o.®
[MD5.C439F9F83D8F5155638AE49C88D7FFC1] [APT] [HP\HP CoolSense\HP CoolSense Start at Logon] (.HP Development Company, L.P..) -- C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1356008] (.Activate.) =>.Hewlett-Packard Company®
[MD5.A5BD1BFB3ABF68647510315B877782CF] [APT] [Intel\Intel Telemetry 2] (.Intel Corporation.) -- C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000] (.Activate.) =>.Intel(R) Software®
O39 - APT: DropboxUpdateTaskMachineCore - (.Dropbox, Inc..) -- C:\windows\Tasks\DropboxUpdateTaskMachineCore.job [944] =>.Dropbox, Inc®
O39 - APT: DropboxUpdateTaskMachineUA - (.Dropbox, Inc..) -- C:\windows\Tasks\DropboxUpdateTaskMachineUA.job [948] =>.Dropbox, Inc®
O39 - APT: Avast Emergency Update - (.AVAST Software.) -- C:\windows\System32\Tasks\Avast Emergency Update [4268] =>.AVAST Software s.r.o.®
O39 - APT: DropboxOEM - (...) -- C:\windows\System32\Tasks\DropboxOEM [3186] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: DropboxUpdateTaskMachineCore - (.Dropbox, Inc..) -- C:\windows\System32\Tasks\DropboxUpdateTaskMachineCore [3776] =>.Dropbox, Inc®
O39 - APT: DropboxUpdateTaskMachineUA - (.Dropbox, Inc..) -- C:\windows\System32\Tasks\DropboxUpdateTaskMachineUA [4008] =>.Dropbox, Inc®
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore [3292] =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA [3416] =>.Google Inc®
O39 - APT: HPDAS - (.HP.) -- C:\windows\System32\Tasks\HPDAS [2540] =>.Hewlett-Packard®
O39 - APT: HPGenoobeReminder - (.Copyright © 2012.) -- C:\windows\System32\Tasks\HPGenoobeReminder [4166] =>.Hewlett-Packard Company®
O39 - APT: Intel PTT EK Recertification - (.Intel(R) Corporation.) -- C:\windows\System32\Tasks\Intel PTT EK Recertification [3118] =>.Intel(R) Trusted Connect Service®
O39 - APT: IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec - (.Intel Corporation.) -- C:\windows\System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec [3040] =>.Intel(R) Software Asset Manager®
O39 - APT: IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon - (.Intel Corporation.) -- C:\windows\System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon [2674] =>.Intel(R) Software Asset Manager®
O39 - APT: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - (...) -- C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 [3834] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: McAfeeLogon - (...) -- C:\windows\System32\Tasks\McAfeeLogon [2440] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: Unknown - (.Microsoft Corporation.) -- C:\windows\System32\Tasks\OneDrive Standalone Update Task v2 [3306] =>.Microsoft Corporation
O39 - APT: RegistrationModuleReminder_Welcome-S-1-5-21-180794559-3542364667-3217180141-1001 - (...) -- C:\windows\System32\Tasks\RegistrationModuleReminder_Welcome-S-1-5-21-180794559-3542364667-3217180141-1001 [4146] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: SafeZone scheduled Autoupdate 1490704360 - (.Avast Software.) -- C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1490704360 [4022] =>.AVAST Software s.r.o.®

---\\ Auto loading programs from Registry and folders (12) - 1s
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - AvLaunch component.) -- C:\Program Files\AVAST Software\Avast\AvLaunch.exe =>.AVAST Software s.r.o.®
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Alan Robinson\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKCU\..\Run: [Lync] . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe =>.Microsoft Corporation®
O4 - HKLM\..\Wow6432Node\Run: [HPMessageService] . (.HP Inc. - HP Message Service.) -- C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe =>.Hewlett-Packard Company®
O4 - HKLM\..\Wow6432Node\Run: [AccelerometerSysTrayApplet] . (.Hewlett-Packard Company - Hp Accelerometer System Tray.) -- C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe =>.Hewlett-Packard®
O4 - HKLM\..\Wow6432Node\Run: [HPRadioMgr] . (.HP - HP Radio Manager.) -- C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe =>.Hewlett-Packard®
O4 - HKLM\..\Wow6432Node\Run: [PowerDVD14Agent] . (.CyberLink Corp. - Power Media Player.) -- C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe =>.CyberLink Corp.®
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-180794559-3542364667-3217180141-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Alan Robinson\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-180794559-3542364667-3217180141-1001\..\Run: [Lync] . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe =>.Microsoft Corporation®

---\\ Process running (35) - 1s
[MD5.98B3066540C43BF5349BDB4B5C4CE04F] - (.Intel Corporation - IntelCpHeciSvc Executable.) -- C:\windows\SysWOW64\IntelCpHeciSvc.exe [310240] [PID.1388] =>.Intel(R) pGFX®
[MD5.00000000000000000000000000000000] - (.Intel Corporation - igfxCUIService Module.) -- C:\windows\system32\igfxCUIService.exe [0] [PID.1492] =>.Intel Corporation
[MD5.00000000000000000000000000000000] - (.Hewlett-Packard Company - HpService.) -- C:\windows\system32\Hpservice.exe [0] [PID.1664] =>.Hewlett-Packard Company
[MD5.CD605AD8FBEA0FF8631F7B905CCEA782] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016] [PID.1728] =>.Realtek Semiconductor Corp®
[MD5.1E89C8E5025180EFD5F854506D09372B] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008] [PID.1820] =>.Realtek Semiconductor Corp®
[MD5.4336F6ACB1D668753208F81ACCA5DC0B] - (.HP Inc. - CommRecovery.) -- c:\Program Files\HPCommRecovery\HPCommRecovery.exe [44032] [PID.2556] =>.HP Inc.
[MD5.A3037B7A05E7F90373323B7B5B0C2E16] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [640928] [PID.2624] =>.Intel Corporation-Wireless Connectivity Solutions®
[MD5.00000000000000000000000000000000] - (.Intel Corporation - Intel(R) Wireless Bluetooth(R) iBtSiva Serv.) -- C:\windows\system32\ibtsiva.exe [0] [PID.2644] =>.Intel Corporation
[MD5.EBBCD5DFBB1DE70E8F4AF8FA59E401FD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [462184] [PID.2700] =>.Apple Inc.®
[MD5.7109608928D8AB470D60F47BAD5D153A] - (.HP Inc. - HP WMI Service.) -- c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224] [PID.2740] =>.Hewlett-Packard Company®
[MD5.9E18DF158751CF968E7DF83256D70233] - (.Copyright 2004 - RichVideo Module.) -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896] [PID.2760] =>.CyberLink Corp.®
[MD5.49EDBE0603232013F7247413407F713E] - (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\windows\SysWOW64\esif_uf.exe [1392792] [PID.2840] =>.Intel(R) Software®
[MD5.89253C7F17EF15F627CDE2DB104E6BF8] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [157600] [PID.2864] =>.Intel Corporation-Wireless Connectivity Solutions®
[MD5.9AA10B94912AEC6726598505B3EAA6F1] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [261240] [PID.2892] =>.Synaptics Incorporated®
[MD5.0101294E7BA216B0158056AFA42A7AAB] - (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\windows\Temp\DPTF\esif_assist_64.exe [257152] [PID.3048] =>.Intel(R) Software®
[MD5.0C0F3E3AEF6ACF74CFF758064EFB25B1] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4257400] [PID.2164] =>.Synaptics Incorporated®
[MD5.F01B10760ED962879BCAA456AD39A898] - (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896] [PID.2236] =>.Intel Corporation-Wireless Connectivity Solutions®
[MD5.1A5E899463111CB5490972298C4F0CDE] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [227960] [PID.3540] =>.Synaptics Incorporated®
[MD5.2D8BBF6C7241AAD9EDE7708EBB7B43A4] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] [PID.4280] =>.Google Inc®
[MD5.00000000000000000000000000000000] - (.Intel Corporation - igfxEM Module.) -- C:\windows\system32\igfxEM.exe [0] [PID.4452] =>.Intel Corporation
[MD5.33E6E5822E22A5E1DEA523C06155FD07] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe [288848] [PID.5940] =>.Google Inc®
[MD5.27BEAF3F308ED2276F3863C2F2597556] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe [366672] [PID.5404] =>.Google Inc®
[MD5.5F3A1CC40266B5960628EB4E456231AD] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8853248] [PID.5220] =>.Realtek Semiconductor Corp®
[MD5.06EE5B41E2F85D3144B1CAED4D11D3DC] - (.AVAST Software - Avast Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [9162920] [PID.5648] =>.AVAST Software s.r.o.®
[MD5.C439F9F83D8F5155638AE49C88D7FFC1] - (.HP Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1356008] [PID.772] =>.Hewlett-Packard Company®
[MD5.0834375437F84215117725DD7C803916] - (.HP Inc. - HP Message Service.) -- C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424] [PID.1676] =>.Hewlett-Packard Company®
[MD5.F4BC46AD4FC1F2F3372EBF8505D00436] - (.Hewlett-Packard Company - Hp Accelerometer System Tray.) -- C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe [127528] [PID.6024] =>.Hewlett-Packard®
[MD5.88767443524FCF8C5D3C97752FD9FCF7] - (.HP - HP Radio Manager.) -- C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [258600] [PID.6008] =>.Hewlett-Packard®
[MD5.7B7DE6B3DC30F3246958F42C67A6F7BB] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [1102472] [PID.4948] =>.Hewlett-Packard Company®
[MD5.0D1F9F6D9173D26506683DD5B0BAF4C8] - (.WildTangent - WildTangent Games App Integration Service.) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728] [PID.5844] =>.WildTangent Inc®
[MD5.91ADA2CF99A0C28A231763E033FD6F98] - (.HP Inc. - HP Support Solutions Framework Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640] [PID.6892] =>.HP Inc.®
[MD5.31BD488EE7F6ED608A7418F6A7C6948D] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440] [PID.6960] =>.Intel(R) Rapid Storage Technology®
[MD5.50E156D426D494EB9F429A55BED837C9] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184] [PID.6444] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
[MD5.3A6A224B65E44D6F440452F38FA79D63] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Alan Robinson\AppData\Roaming\ZHP\ZHPDiag3.exe [2721280] [PID.3008] =>.Nicolas Coolman
[MD5.40A2BC2EA39EC3A6BBE5259671803826] - (.Intel Corporation - IntelSoftwareAssetManagerService.exe.) -- C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088] [PID.4444] =>.Intel(R) Software Asset Manager®

---\\ Google Chrome, Start,Search,Extensions (8) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://go.microsoft.com =>.Microsoft Corporation
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc. =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (2) - 1s
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (.McAfee Total Protection MIME Plugin.) -- c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL =>.McAfee Total Protection MIME Plugin
P2 - FPN: [HKLM] [@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll =>.WildTangent

---\\ Internet Explorer Extensions, Start, Search (18) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://hp15-comm.msn.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://hp15-comm.msn.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://hp15-comm.msn.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp15-comm.msn.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp15-comm.msn.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp15-comm.msn.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Object (BHO) (2) - 0s
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll =>.Microsoft Corporation®
O2 - BHO: Microsoft OneDrive for Business Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} (.Orphan.)

---\\ Global shortcuts Startup (64) - 3s
O4 - GS\Desktop [Administrator]: Accounts.lnk . (...) C:\Users\Alan Robinson\Documents\Alan Robinson\Miscellaneous\Accounts.ods
O4 - GS\Desktop [Administrator]: C480 - Networks - Shortcut.lnk . (...) C:\Users\Alan Robinson\Documents\Alan Robinson\WGU\C480 - Networks
O4 - GS\Desktop [Administrator]: ISM.lnk . (...) C:\Users\Alan Robinson\Documents\Alan Robinson\Employment\ISM
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Alan Robinson\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: Avast SafeZone Browser.lnk . (.Avast Software - Avast SafeZone Browser.) C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software s.r.o.®
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Administrator]: OpenOffice.lnk . (.Apache Software Foundation - OpenOffice 4.1.3.) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe =>.Apache Software Foundation
O4 - GS\Programs [Administrator]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Alan Robinson\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Alan Robinson]: Accounts.lnk . (...) C:\Users\Alan Robinson\Documents\Alan Robinson\Miscellaneous\Accounts.ods
O4 - GS\Desktop [Alan Robinson]: C480 - Networks - Shortcut.lnk . (...) C:\Users\Alan Robinson\Documents\Alan Robinson\WGU\C480 - Networks
O4 - GS\Desktop [Alan Robinson]: ISM.lnk . (...) C:\Users\Alan Robinson\Documents\Alan Robinson\Employment\ISM
O4 - GS\Desktop [Alan Robinson]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Alan Robinson\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Alan Robinson]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [Alan Robinson]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Alan Robinson]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [Alan Robinson]: Avast SafeZone Browser.lnk . (.Avast Software - Avast SafeZone Browser.) C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software s.r.o.®
O4 - GS\TaskBar [Alan Robinson]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Alan Robinson]: OpenOffice.lnk . (.Apache Software Foundation - OpenOffice 4.1.3.) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe =>.Apache Software Foundation
O4 - GS\Programs [Alan Robinson]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Alan Robinson\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Guest]: Accounts.lnk . (...) C:\Users\Alan Robinson\Documents\Alan Robinson\Miscellaneous\Accounts.ods
O4 - GS\Desktop [Guest]: C480 - Networks - Shortcut.lnk . (...) C:\Users\Alan Robinson\Documents\Alan Robinson\WGU\C480 - Networks
O4 - GS\Desktop [Guest]: ISM.lnk . (...) C:\Users\Alan Robinson\Documents\Alan Robinson\Employment\ISM
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Alan Robinson\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: Avast SafeZone Browser.lnk . (.Avast Software - Avast SafeZone Browser.) C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software s.r.o.®
O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Guest]: OpenOffice.lnk . (.Apache Software Foundation - OpenOffice 4.1.3.) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe =>.Apache Software Foundation
O4 - GS\Programs [Guest]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Alan Robinson\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Alan Robinson\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Steps Recorder.) C:\windows\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) C:\windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\windows\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Avast Free Antivirus.lnk . (.AVAST Software - Avast Antivirus.) C:\Program Files\AVAST Software\Avast\AvastUI.exe =>.AVAST Software s.r.o.®
O4 - GS\ProgramsCommon [Public]: Avast SafeZone Browser.lnk . (.Avast Software - Avast SafeZone Browser.) C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software s.r.o.®
O4 - GS\ProgramsCommon [Public]: B&O Play Audio Control.lnk . (.Realtek Semiconductor - .) C:\Program Files (x86)\Realtek\Audio\HDA\RtkNGUI64.exe /LAUNCH_BY_STARTMENU =>.Realtek Semiconductor
O4 - GS\ProgramsCommon [Public]: CyberLink Power Media Player 14.lnk . (.CyberLink Corp. - CyberLink Power Media Player.) C:\Program Files (x86)\Cyberlink\PowerDVD14\PDVDLP.exe =>.CyberLink Corp.®
O4 - GS\ProgramsCommon [Public]: CyberLink PowerDirector.lnk . (.CyberLink Corp. - PowerDirector 12.) C:\Program Files\CyberLink\PowerDirector12\PowerDirector_video_editing.exe =>.CyberLink Corp.®
O4 - GS\ProgramsCommon [Public]: Devices Flow.lnk . (.Microsoft Corporation - Devices Flow.) C:\windows\DevicesFlow\DevicesFlow.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: Dropbox 25 GB.lnk . (.Copyright © 2015 - DropboxOEM.) C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe manualstartmenu =>.Dropbox, Inc®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: HP Smart Friend.lnk . (.Copyright (C) 2015 - .) C:\Program Files (x86)\HP\Shared\WizLocaleLink.exe C:\HP\HPQWare\HPSmartFriend_URL\WizLocaleLink_NB.ini
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\windows\System32\Control.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: MiracastView.lnk . (.Microsoft Corporation - MiracastView.) C:\windows\MiracastView\MiracastView.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: Priceline.com.lnk . (.Copyright (C) 2008 - WizLink Application.) C:\Program Files (x86)\HP\Shared\WizLink.exe http://www.priceline.com/
O4 - GS\ProgramsCommon [Public]: PrintDialog.lnk . (.Microsoft Corporation - Print Dialog.) C:\windows\PrintDialog\PrintDialog.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: Search.lnk . (.Microsoft Corporation - Windows host process (Rundll32).) C:\windows\system32\rundll32.exe -sta {C90FB8CA-3295-4462-A721-2935E83694BA} =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Skype for Business 2016.lnk . (.Microsoft Corporation - Skype for Business.) C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: WildTangent Games App - hp.lnk . (.WildTangent - WildTangent Games App.) C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe /src gamesmenu /dp hpcnb2c16 =>.WildTangent Inc®
O4 - GS\ProgramsCommon [Public]: Windows 10 Upgrade Assistant.lnk . (.Microsoft Corporation - Windows 10 Upgrade Assistant.) C:\Windows10Upgrade\Windows10UpgraderApp.exe /ClientID "Win10Upgrade:VNL:OobeTh2:{}" =>.Microsoft Corporation®

---\\ Lop.com/Domain Hijackers (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 =>.USA Rochester Time Warner Cable Internet LlC
O17 - HKLM\System\CCS\Services\Tcpip\..\{6c0a0b17-81bb-496d-b6a6-02e85d07506d}: DhcpNameServer = 209.18.47.61 209.18.47.62 =>.USA Rochester Time Warner Cable Internet LlC

---\\ Extra protocols (27) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: mso-minsb-roaming.16 [64Bits] - {83C25742-A9F7-49FB-9138-434302C88D07} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: mso-minsb.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: osf-roaming.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-mfe-ipt [64Bits] - {3EF5086B-5478-4598-A054-786C45D75692} . (...) -- c:\PROGRA~2\mcafee\msc\mcsniepl.dll (.not file.)
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\windows\SysWOW64\mscoree.dll =>.Microsoft Corporation

---\\ Software installed (89) - 4s
O42 - Logiciel: 12 Labours of Hercules III: Girl Power - (.WildTangent.) [HKLM][64Bits] -- WTA-7712126f-2717-48c1-b005-7119a8ae3d7e =>.WildTangent Inc®
O42 - Logiciel: Adobe Shockwave Player 12.1 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player =>.Adobe Systems, Inc.
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast Antivirus =>.AVAST Software s.r.o.®
O42 - Logiciel: Awakening: The Dreamless Castle - (.WildTangent.) [HKLM][64Bits] -- WTA-e60011cf-c807-4fbd-aa6e-c64fe04b7696 =>.WildTangent Inc®
O42 - Logiciel: Azkend 2: The World Beneath - (.WildTangent.) [HKLM][64Bits] -- WTA-2519fe1e-56bc-4c19-899a-83200f8a9c72 =>.WildTangent Inc®
O42 - Logiciel: Barn Yarn Collector's Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-513d1190-451a-46b9-9f81-fcdc0b240bae =>.WildTangent Inc®
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} =>.Apple Inc.
O42 - Logiciel: CyberLink Power Media Player 14 - (.CyberLink Corp..) [HKLM][64Bits] -- {32C8E300-BDB4-4398-92C2-E9B7D8A233DB} =>.CyberLink Corp.
O42 - Logiciel: CyberLink PowerDirector 12 - (.CyberLink Corp..) [HKLM][64Bits] -- {E1646825-D391-42A0-93AA-27FA810DA093} =>.CyberLink Corp.®
O42 - Logiciel: CyberLink PowerDirector 12 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093} =>.CyberLink Corp.®
O42 - Logiciel: Delicious: Emily's Wonder Wedding Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-245cc46e-1995-45ed-aa3b-b7b2f110edf2 =>.WildTangent Inc®
O42 - Logiciel: DisableMSDefender - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {74FE39A0-FB76-47CD-84BA-91E2BBB17EF2} =>.Hewlett-Packard Company
O42 - Logiciel: Dropbox 25 GB - (.Dropbox, Inc..) [HKLM][64Bits] -- {736A97C6-8766-3699-84A9-71736C5E0CE3} =>.Dropbox, Inc.
O42 - Logiciel: Dropbox Update Helper - (.Dropbox, Inc..) [HKLM][64Bits] -- {099218A5-A723-43DC-8DB5-6173656A1E94} =>.Dropbox, Inc.
O42 - Logiciel: Energy Star - (.HP Inc..) [HKLM][64Bits] -- {5CB22648-35F8-41BC-9C35-1E41FE6E12A5} =>.HP Inc.
O42 - Logiciel: Entwined: The Perfect Murder - (.WildTangent.) [HKLM][64Bits] -- WTA-4d2c89fb-0aae-4768-b980-2d79d34bcf2f =>.WildTangent Inc®
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Green City: Go South - (.WildTangent.) [HKLM][64Bits] -- WTA-f91b440f-bc19-4585-98ab-9754b1b8a228 =>.WildTangent Inc®
O42 - Logiciel: Home Makeover - (.WildTangent.) [HKLM][64Bits] -- WTA-ca1f78f5-9a4a-4c28-913b-e494cb787ee5 =>.WildTangent Inc®
O42 - Logiciel: Hoyle Illusions Mahjongg - (.WildTangent.) [HKLM][64Bits] -- WTA-dbd153c6-d960-4f38-81e2-cc5b8867f769 =>.WildTangent Inc®
O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A} =>.Hewlett-Packard Company
O42 - Logiciel: HP CoolSense - (.HP Inc..) [HKLM][64Bits] -- {0C723C74-62DF-4B35-9490-A207546D866D} =>.HP Inc.
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {0CC8AE1D-F5AA-4143-8FAD-E017E0E9EE70} =>.Hewlett-Packard
O42 - Logiciel: HP Documentation - (.HP Inc..) [HKLM][64Bits] -- HP_Documentation =>.HP Inc.
O42 - Logiciel: HP ePrint SW - (.HP.) [HKLM][64Bits] -- {3C246BB4-8985-480D-8163-0E075A23AB04} =>.HP
O42 - Logiciel: HP ePrint SW - (.HP.) [HKLM][64Bits] -- {7855A8A5-0B5B-41A9-AC8B-A50405FB72FE} =>.HP
O42 - Logiciel: HP ePrint SW - (.HP.) [HKLM][64Bits] -- {7ADB025F-BFB1-480B-B3BF-B2FF8F115FB8} =>.HP
O42 - Logiciel: HP ePrint SW - (.HP.) [HKLM][64Bits] -- {88970959-baf7-4864-a39a-69a58e8ae5cf} =>.Hewlett-Packard®
O42 - Logiciel: HP ePrint SW - (.HP.) [HKLM][64Bits] -- {E2A0A04B-C0A4-49F5-A496-4B93E1D0710D} =>.HP
O42 - Logiciel: HP ePrint SW - (.HP.) [HKLM][64Bits] -- {EFDACC2F-510D-4A1A-A988-196D58B4B915} =>.HP
O42 - Logiciel: HP Recovery Manager - (.HP.) [HKLM][64Bits] -- {64BAA990-F1FC-4145-A7B1-E41FBBC9DA47} =>.HP
O42 - Logiciel: HP Registration Service - (.Hewlett-Packard.) [HKLM][64Bits] -- {D1E8F2D7-7794-4245-B286-87ED86C1893C} =>.Hewlett-Packard
O42 - Logiciel: HP Support Solutions Framework - (.HP.) [HKLM][64Bits] -- {5F084DD8-AF2C-4004-9C92-820C32E4BD55} =>.HP
O42 - Logiciel: HP System Event Utility - (.HP Inc..) [HKLM][64Bits] -- {09D0DB68-90EA-4015-983E-A0BD777D5A02} =>.HP Inc.
O42 - Logiciel: HP Welcome - (.HP Inc..) [HKLM][64Bits] -- HPWelcome =>.HP Inc.
O42 - Logiciel: HP Wireless Button Driver - (.HP.) [HKLM][64Bits] -- {1BDD178E-43DC-4063-B480-BA2BAE03E2A0} =>.HP
O42 - Logiciel: IGT Slots Fire Rubies - (.WildTangent.) [HKLM][64Bits] -- WTA-cc3c83dd-7ae1-40b0-85f5-a91fe32880d4 =>.WildTangent Inc®
O42 - Logiciel: Imperial Island: Birth of an Empire - (.WildTangent.) [HKLM][64Bits] -- WTA-e47d2365-daf5-41ee-baed-cd5ed9f8f35a =>.WildTangent Inc®
O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {55398EAC-F58E-4F19-B553-BDF8B9EFD839} =>.Intel Corporation
O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel(R) Corporation.) [HKLM][64Bits] -- {c7f54569-0018-439c-809a-48046a4d4ebc} =>.Intel Corporation - Software and Firmware Products®
O42 - Logiciel: Intel(R) Dynamic Platform and Thermal Framework - (.Intel Corporation.) [HKLM][64Bits] -- {654EE65D-FAA4-4EA6-8C07-DC94E6A304D4} =>.Intel Corporation
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {1CEAC85D-2590-4760-800F-8DE5E91F3700} =>.Intel Corporation
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {B5F3C3A9-225A-4CAB-A56A-2CA278DC8EBE} =>.Intel Corporation
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {F76DCE2C-FE39-4B74-9393-6E57BC3E7136} =>.Intel Corporation
O42 - Logiciel: Intel(R) ME UninstallLegacy - (.Intel Corporation.) [HKLM][64Bits] -- {CA0C143D-F121-405C-A863-D95BC462A444} =>.Intel Corporation
O42 - Logiciel: Intel(R) PRO/Wireless Driver - (.Intel Corporation.) [HKLM][64Bits] -- {8736f7db-10ee-4722-b588-3a7296eafc38} =>.Intel Corporation
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel(R) pGFX®
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} =>.Intel Corporation
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {B66F70B4-34E5-429A-9F55-7129E0833A45} =>.Intel Corporation
O42 - Logiciel: Intel(R) WiDi - (.Intel Corporation.) [HKLM][64Bits] -- {6B15F1EF-F3A8-4C29-BF9E-18EB3683A83D} =>.Intel Corporation
O42 - Logiciel: Intel(R) WiDi Software Asset Manager - (.Intel Corporation.) [HKLM][64Bits] -- {AC8973AF-7F4C-40F4-BFE1-C02FE95ED2C2} =>.Intel Corporation
O42 - Logiciel: Intel(R) Wireless Bluetooth(R) - (.Intel Corporation.) [HKLM][64Bits] -- {EB14CEF0-8F59-47A3-B965-D0C0D6AC0DA3} =>.Intel Corporation
O42 - Logiciel: Intel® PROSet/Wireless Software - (.Intel Corporation.) [HKLM][64Bits] -- {d5572863-793c-4ec8-872a-43cccc68b948} =>.Intel Corporation-Wireless Connectivity Solutions®
O42 - Logiciel: Intel® PROSet/Wireless WiFi Software - (.Intel Corporation.) [HKLM][64Bits] -- {362FC667-C52E-4985-AEFB-8533A2F3C49C} =>.Intel Corporation
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {21D65C5B-7EB7-42A2-A596-56C275341D53} =>.Intel Corporation
O42 - Logiciel: Jewel Match Snowscapes - (.WildTangent.) [HKLM][64Bits] -- WTA-834b8b26-b782-43cb-aae7-dee8d8c7090f =>.WildTangent Inc®
O42 - Logiciel: Little Boy: Walter's Scooter - (.WildTangent.) [HKLM][64Bits] -- WTA-10dcdc83-c698-4f7b-87f9-54d58bdc0da7 =>.WildTangent Inc®
O42 - Logiciel: Lost Souls: Timeless Fables Collector's Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-523e3e42-bbc7-42f5-b894-f58cac16ab6f =>.WildTangent Inc®
O42 - Logiciel: Magic Heroes: Save Our Park - (.WildTangent.) [HKLM][64Bits] -- WTA-20ab3d24-8d92-470d-a701-c25eb13b68f3 =>.WildTangent Inc®
O42 - Logiciel: Manor Memoirs Collector's Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-45197070-2e95-4389-873a-3059e66eb987 =>.WildTangent Inc®
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe =>.Microsoft Corporation®
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0000-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component 64-bit Registration - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00DD-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008F-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: OpenOffice 4.1.3 - (.Apache Software Foundation.) [HKLM][64Bits] -- {EEA30AEB-8BA7-465B-85D4-098BB99733E7} =>.Apache Software Foundation
O42 - Logiciel: Plagiarii - (.WildTangent.) [HKLM][64Bits] -- WTA-63a721b5-6100-44d4-b619-6297faf91013 =>.WildTangent Inc®
O42 - Logiciel: Polar Bowler 1st Frame - (.WildTangent.) [HKLM][64Bits] -- WTA-26914a2f-53d3-4e2e-a37c-e71cbc2541ea =>.WildTangent Inc®
O42 - Logiciel: PuppetShow: Return to Joyville - (.WildTangent.) [HKLM][64Bits] -- WTA-ea4e491d-36d7-40b3-af67-56251adb8b37 =>.WildTangent Inc®
O42 - Logiciel: Pyro Jump - (.WildTangent.) [HKLM][64Bits] -- WTA-ad26815f-fdf3-4a6e-a413-0dd42081a2a5 =>.WildTangent Inc®
O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconduct Corp..) [HKLM][64Bits] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp.®
O42 - Logiciel: Regency Solitaire - (.WildTangent.) [HKLM][64Bits] -- WTA-960e3c8d-a3a4-4841-aa07-81e63fe98e65 =>.WildTangent Inc®
O42 - Logiciel: Runefall - (.WildTangent.) [HKLM][64Bits] -- WTA-53b20ede-deb5-4058-89db-a23dcf959bee =>.WildTangent Inc®
O42 - Logiciel: Rush Hour! Gas Station - (.WildTangent.) [HKLM][64Bits] -- WTA-7ec5d5a5-cfcd-46cb-a53a-fd31c4180332 =>.WildTangent Inc®
O42 - Logiciel: SafeZone Stable 3.55.2393.596 - (.Avast Software.) [HKLM][64Bits] -- SafeZone 3.55.2393.596 =>.AVAST Software s.r.o.®
O42 - Logiciel: Sky High Farm - (.WildTangent.) [HKLM][64Bits] -- WTA-0e9adee2-2a4f-4a09-9c6c-c17593b1fe99 =>.WildTangent Inc®
O42 - Logiciel: Skype for Business Basic 2016 - en-us - (.Microsoft Corporation.) [HKLM][64Bits] -- SkypeforBusinessEntryRetail - en-us =>.Microsoft Corporation®
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} =>.Adobe Systems, Inc
O42 - Logiciel: Synaptics ClickPad Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated®
O42 - Logiciel: Tasty Blue - (.WildTangent.) [HKLM][64Bits] -- WTA-cdb18abb-4bc9-4b22-96aa-5e3f292b9b09 =>.WildTangent Inc®
O42 - Logiciel: The Far Kingdoms - (.WildTangent.) [HKLM][64Bits] -- WTA-79c9b02b-f9d2-4040-93e7-8820548f9d9b =>.WildTangent Inc®
O42 - Logiciel: Unknown Device Identifier 9.01 - (.Huntersoft.) [HKLM][64Bits] -- Unknown Device Identifier_is1 =>.Huntersoft
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App =>.WildTangent Inc®
O42 - Logiciel: WildTangent Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall =>.WildTangent Inc®
O42 - Logiciel: WildTangent Games App for HP - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp =>.WildTangent Inc®
O42 - Logiciel: Windows 10 Upgrade Assistant - (.Microsoft Corporation.) [HKLM][64Bits] -- {D5C69738-B486-402E-85AC-2456D98A64E4} =>.Microsoft Corporation®

---\\ HKCU & HKLM Software Keys (50) - 4s
HKLM\SOFTWARE\Wow6432Node\Adobe =>.Adobe
HKLM\SOFTWARE\Wow6432Node\AppDataLow =>.Microsoft Corporation
HKLM\SOFTWARE\Wow6432Node\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\Wow6432Node\AVAST Software =>.AVAST Software
HKLM\SOFTWARE\Wow6432Node\Caphyon =>.Caphyon
HKLM\SOFTWARE\Wow6432Node\CyberLink =>.CyberLink Corporation
HKLM\SOFTWARE\Wow6432Node\Dropbox =>.Dropbox
HKLM\SOFTWARE\Wow6432Node\DropboxUpdate =>.Dropbox Inc.
HKLM\SOFTWARE\Wow6432Node\Google =>.Google
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard =>.Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\HP =>.HP
HKLM\SOFTWARE\Wow6432Node\IM Providers =>.IM Providers
HKLM\SOFTWARE\Wow6432Node\Intel =>.Intel
HKLM\SOFTWARE\Wow6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\Wow6432Node\LogMeInRescueCallingCard =>.LogMeIn Entreprise
HKLM\SOFTWARE\Wow6432Node\Macromedia =>.Macromedia
HKLM\SOFTWARE\Wow6432Node\McAfee.com =>.McAfee Inc.
HKLM\SOFTWARE\Wow6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Network Associates =>.Network Associates
HKLM\SOFTWARE\Wow6432Node\Nuance =>.Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Wow6432Node\OpenOffice =>.SourceForge
HKLM\SOFTWARE\Wow6432Node\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\WildTangent =>.WildTangent
HKLM\SOFTWARE\Wow6432Node\Wow6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\AVAST Software =>.AVAST Software
HKCU\SOFTWARE\Cyberlink =>.CyberLink Corporation
HKCU\SOFTWARE\DropboxUpdate =>.Dropbox Inc.
HKCU\SOFTWARE\Geek Uninstaller =>.Geek Uninstaller
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\Hewlett-Packard =>.Hewlett-Packard
HKCU\SOFTWARE\HP =>.HP
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\McAfee =>.McAfee Inc.
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\OpenOffice =>.SourceForge
HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\Synaptics =>.Synaptics
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\Adobe =>.Adobe

---\\ Contents of the Common Files folders (164) - 3s
O43 - CFD: 28/03/2017 - [] D -- C:\Program Files\AVAST Software =>.AVAST Software s.r.o.®
O43 - CFD: 11/04/2016 - [] AD -- C:\Program Files\Bonjour =>.Apple Inc.
O43 - CFD: 24/03/2017 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [] D -- C:\Program Files\CyberLink =>.CyberLink Corporation
O43 - CFD: 18/10/2016 - [] D -- C:\Program Files\HP =>.Hewlett-Packard
O43 - CFD: 18/10/2016 - [] D -- C:\Program Files\HPCommRecovery
O43 - CFD: 24/03/2017 - [] D -- C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 18/10/2016 - [] D -- C:\Program Files\Intel Corporation =>.Intel Corporation
O43 - CFD: 13/04/2017 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 27/03/2017 - [] D -- C:\Program Files\Microsoft Office 15 =>.Microsoft Corporation
O43 - CFD: 03/11/2015 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [] RD -- C:\Program Files\Online Services =>.Hewlett-Packard
O43 - CFD: 18/10/2016 - [] D -- C:\Program Files\Realtek =>.Realtek
O43 - CFD: 03/11/2015 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated®
O43 - CFD: 02/11/2015 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 02/05/2017 - [] D -- C:\Program Files\Unknown Device Identifier
O43 - CFD: 13/04/2017 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 28/03/2017 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 28/03/2017 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 11/04/2016 - [] D -- C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 13/04/2017 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 11/04/2016 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 02/05/2017 - [] HD -- C:\Program Files\WindowsApps =>.Microsoft Corporation
O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 11/04/2016 - [] AD -- C:\Program Files (x86)\Bonjour =>.Apple Inc.
O43 - CFD: 28/04/2017 - [] D -- C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [] D -- C:\Program Files (x86)\Cyberlink =>.CyberLink Corporation
O43 - CFD: 21/03/2017 - [] D -- C:\Program Files (x86)\Dropbox =>.Dropbox, Inc®
O43 - CFD: 24/03/2017 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 24/03/2017 - [] AD -- C:\Program Files (x86)\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 18/10/2016 - [] AD -- C:\Program Files (x86)\HP =>.Hewlett-Packard
O43 - CFD: 18/10/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield Software
O43 - CFD: 24/03/2017 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation
O43 - CFD: 18/10/2016 - [] D -- C:\Program Files (x86)\Intel Corporation =>.Intel Corporation
O43 - CFD: 13/04/2017 - [] D -- C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 28/04/2017 - [] AD -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 24/03/2017 - [] D -- C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 03/11/2015 - [] D -- C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [] D -- C:\Program Files (x86)\NSIS Uninstall Information =>.MSIS
O43 - CFD: 18/10/2016 - [] RD -- C:\Program Files (x86)\Online Services =>.Hewlett-Packard
O43 - CFD: 24/03/2017 - [] AD -- C:\Program Files (x86)\OpenOffice 4 =>.OpenOffice.org
O43 - CFD: 18/10/2016 - [] D -- C:\Program Files (x86)\Realtek =>.Realtek
O43 - CFD: 03/11/2015 - [] D -- C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [0] HD -- C:\Program Files (x86)\Temp =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [] AD -- C:\Program Files (x86)\WildGames =>.WildTangent Inc®
O43 - CFD: 18/10/2016 - [] D -- C:\Program Files (x86)\WildTangent Games =>.WildTangent Games
O43 - CFD: 13/04/2017 - [] D -- C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 28/03/2017 - [] D -- C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 28/03/2017 - [] D -- C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 11/04/2016 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 13/04/2017 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 11/04/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files (x86)\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 28/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 28/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 28/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 24/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 24/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support =>.Hewlett-Packard
O43 - CFD: 18/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation =>.Intel Corporation
O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee =>.McAfee
O43 - CFD: 27/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools =>.Microsoft Corporation
O43 - CFD: 24/03/2017 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3 =>.SourceForge
O43 - CFD: 15/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp =>.Microsoft Corporation
O43 - CFD: 28/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 02/05/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unknown Device Identifier 9.01
O43 - CFD: 11/04/2016 - [] D -- C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 18/10/2016 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 28/03/2017 - [] D -- C:\ProgramData\AVAST Software =>.AVAST Software
O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\Comms =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [] D -- C:\ProgramData\CyberLink =>.CyberLink Corporation
O43 - CFD: 18/10/2016 - [0] SHD -- C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 11/04/2016 - [] D -- C:\ProgramData\Dropbox =>.Dropbox
O43 - CFD: 25/03/2017 - [] D -- C:\ProgramData\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 19/03/2017 - [] D -- C:\ProgramData\HP =>.Hewlett-Packard
O43 - CFD: 18/10/2016 - [] D -- C:\ProgramData\install_clap =>.Microsoft Corporation
O43 - CFD: 23/03/2017 - [] D -- C:\ProgramData\Intel =>.Intel Corporation
O43 - CFD: 18/10/2016 - [] D -- C:\ProgramData\Intel Corporation =>.Intel Corporation
O43 - CFD: 27/03/2017 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 28/04/2017 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 23/03/2017 - [] D -- C:\ProgramData\Roaming =>.Microsoft Corporation
O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [] D -- C:\ProgramData\SRS Labs =>.SRS Labs
O43 - CFD: 18/10/2016 - [0] SHD -- C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [] D -- C:\ProgramData\SUPPORTDIR =>.Microsoft Corporation
O43 - CFD: 02/05/2017 - [0] D -- C:\ProgramData\SWCUTemp
O43 - CFD: 18/10/2016 - [] D -- C:\ProgramData\Synaptics =>.Synaptics
O43 - CFD: 18/10/2016 - [] D -- C:\ProgramData\Temp =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [0] SHD -- C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\USOPrivate =>.Microsoft Corporation
O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\USOShared =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [] D -- C:\ProgramData\WildTangent =>.WildTangent
O43 - CFD: 13/04/2017 - [] D -- C:\Program Files (x86)\Common Files\AV =>.Avast
O43 - CFD: 28/04/2017 - [] AD -- C:\Program Files (x86)\Common Files\DESIGNER =>.Designer
O43 - CFD: 18/10/2016 - [] D -- C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation
O43 - CFD: 18/10/2016 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation =>.Intel Corporation
O43 - CFD: 28/04/2017 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared =>.Microsoft Corporation
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 28/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Roaming\AVAST Software =>.AVAST Software
O43 - CFD: 15/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Roaming\DropboxOEM =>.Dropbox Inc.
O43 - CFD: 02/05/2017 - [] D -- C:\Users\Alan Robinson\AppData\Roaming\Geek Uninstaller =>.Geek Uninstaller
O43 - CFD: 15/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Roaming\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 24/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Roaming\hpqLog =>.Hewlett-Packard
O43 - CFD: 23/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Roaming\Intel =>.Intel Corporation
O43 - CFD: 15/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 27/03/2017 - [] SD -- C:\Users\Alan Robinson\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 24/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Roaming\OpenOffice =>.SourceForge
O43 - CFD: 16/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Roaming\Skype =>.Skype
O43 - CFD: 15/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Roaming\Synaptics =>.Synaptics
O43 - CFD: 02/05/2017 - [] D -- C:\Users\Alan Robinson\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 15/03/2017 - [0] D -- C:\Users\Alan Robinson\AppData\Local\ActiveSync =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - [0] SHD -- C:\Users\Alan Robinson\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 28/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Local\CEF =>.CEF
O43 - CFD: 15/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Local\Comms =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Local\CyberLink =>.CyberLink Corporation
O43 - CFD: 02/05/2017 - [] D -- C:\Users\Alan Robinson\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Local\DropboxOEM =>.Dropbox Inc.
O43 - CFD: 27/04/2017 - [0] D -- C:\Users\Alan Robinson\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 27/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Local\Google =>.Google
O43 - CFD: 15/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Local\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 15/03/2017 - [0] SHD -- C:\Users\Alan Robinson\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Local\HP =>.Hewlett-Packard
O43 - CFD: 15/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Local\HP_Inc =>.Hewlett-Packard
O43 - CFD: 28/04/2017 - [] D -- C:\Users\Alan Robinson\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 24/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Local\MicrosoftEdge =>.Microsoft Corporation
O43 - CFD: 25/03/2017 - [0] D -- C:\Users\Alan Robinson\AppData\Local\NetworkTiles =>.NetworkTiles
O43 - CFD: 27/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Local\Publishers =>.Microsoft Corporation
O43 - CFD: 02/05/2017 - [] D -- C:\Users\Alan Robinson\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - [0] SHD -- C:\Users\Alan Robinson\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 24/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Local\TileDataLayer =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - [0] D -- C:\Users\Alan Robinson\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 02/05/2017 - [] D -- C:\Users\Alan Robinson\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 30/10/2015 - [] RD -- C:\Users\Alan Robinson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - [] RD -- C:\Users\Alan Robinson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 13/04/2017 - [] RD -- C:\Users\Alan Robinson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 30/10/2015 - [] D -- C:\Users\Alan Robinson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 13/04/2017 - [] RD -- C:\Users\Alan Robinson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 30/10/2015 - [] RD -- C:\Users\Alan Robinson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 30/10/2015 - [] RSD -- C:\Users\Alan Robinson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [0] SHD -- C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 30/10/2015 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 30/10/2015 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [0] SHD -- C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 30/10/2015 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 30/10/2015 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - [] -- C:\windows\System32\Config\systemprofile\AppData\Local\Dropbox =>.Dropbox
O43 - CFD: 18/10/2016 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 28/03/2017 - [] SD -- C:\windows\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 18/10/2016 - [] -- C:\windows\System32\Config\systemprofile\AppData\Roaming\WildTangent =>.WildTangent

---\\ ShellIconOverlayIdentifiers (SIOI) (6) - 0s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Alan Robinson\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Alan Robinson\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Alan Robinson\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Alan Robinson\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Alan Robinson\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: avast [00asw] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - Avast Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software s.r.o.®

---\\ Image File Execution Options (18) - 1s
O50 - IFEO:C:\windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\\3] =>.Microsoft Windows®
O50 - IFEO:C:\windows\System32\drvinst.exe - (.Microsoft Corporation - Driver Installation Module.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\windows\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialization Utility.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\windows\System32\mmc.exe - (.Microsoft Corporation - Microsoft Management Console.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\windows\System32\MRT.exe - (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) [CFGOptions\\1] =>.Microsoft Corporation
O50 - IFEO:C:\windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\\1118481] =>.Microsoft Corporation
O50 - IFEO:C:\windows\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\windows\System32\rundll32.exe - (.Microsoft Corporation - Windows host process (Rundll32).) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\windows\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\\4294967296] =>.Microsoft Corporation
O50 - IFEO:C:\windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\windows\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\windows\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\windows\System32\svchost.exe - (.Microsoft Corporation - Host Process for Windows Services.) [MinimumStackCommitInBytes\\32768] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation

---\\ System Drivers List (77) - 8s
O58 - SDL:2015/10/30 03:17:22 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\windows\System32\drivers\3ware.sys [107360] =>.Microsoft Windows®
O58 - SDL:2015/06/29 12:27:42 A . (.Hewlett-Packard - HP Accelerometer.) -- C:\windows\System32\drivers\Accelerometer.sys [53424] =>.Hewlett-Packard Company®
O58 - SDL:2015/10/30 03:17:22 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\windows\System32\drivers\adp80xx.sys [1135456] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:22 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\windows\System32\drivers\amdsata.sys [83296] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:22 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\windows\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:22 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\windows\System32\drivers\amdxata.sys [26976] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:22 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\windows\System32\drivers\arcsas.sys [131936] =>.Microsoft Windows®
O58 - SDL:2017/03/28 08:24:56 A . (.AVAST Software s.r.o. - IDS Application Activity Monitor Driver..) -- C:\windows\System32\drivers\aswbidsdrivera.sys [307736] =>.AVAST Software s.r.o.®
O58 - SDL:2017/03/28 08:24:56 A . (.AVAST Software s.r.o. - Application Activity Monitor Helper Driver.) -- C:\windows\System32\drivers\aswbidsha.sys [189768] =>.AVAST Software s.r.o.®
O58 - SDL:2017/03/28 08:24:56 A . (.AVAST Software s.r.o. - Logging Driver.) -- C:\windows\System32\drivers\aswbloga.sys [334088] =>.AVAST Software s.r.o.®
O58 - SDL:2017/03/28 08:24:56 A . (.AVAST Software s.r.o. - Universal Driver.) -- C:\windows\System32\drivers\aswbuniva.sys [48528] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/04 08:30:27 A . (.AVAST Software - Avast HWID.) -- C:\windows\System32\drivers\aswHwid.sys [38296] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2017/04/04 08:30:07 A . (.AVAST Software - Avast Keyboard Filter Driver.) -- C:\windows\System32\drivers\aswKbd.sys [32600] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/28 08:30:42 A . (.AVAST Software - Avast File System Minifilter for Windows 20.) -- C:\windows\System32\drivers\aswmonflt.sys [128648] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/04 08:30:27 A . (.AVAST Software - Avast WFP Redirect Driver.) -- C:\windows\System32\drivers\aswRdr2.sys [101152] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/04 08:30:27 A . (.AVAST Software - Avast Revert.) -- C:\windows\System32\drivers\aswRvrt.sys [75704] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2017/04/04 08:30:07 A . (.AVAST Software - Avast Virtualization Driver.) -- C:\windows\System32\drivers\aswSnx.sys [1005048] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/28 08:30:42 A . (.AVAST Software - Avast self protection module.) -- C:\windows\System32\drivers\aswsp.sys [556784] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/04 08:30:27 A . (.AVAST Software - Stream Filter.) -- C:\windows\System32\drivers\aswStm.sys [164064] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/04 08:30:27 A . (.AVAST Software - Avast VM Monitor.) -- C:\windows\System32\drivers\aswVmm.sys [339696] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2015/10/30 03:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\windows\System32\drivers\bcmfn.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/10/30 03:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\windows\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/10/30 03:17:22 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\windows\System32\drivers\bxvbda.sys [531296] =>.Microsoft Windows®
O58 - SDL:2016/01/20 00:02:04 A . (.Intel Corporation - DPTF CPU Device (64-Bit).) -- C:\windows\System32\drivers\dptf_cpu.sys [52200] =>.Intel(R) Software®
O58 - SDL:2016/01/20 00:02:04 A . (.Intel Corporation - DPTF Zone (64-Bit).) -- C:\windows\System32\drivers\esif_lf.sys [260072] =>.Intel(R) Software®
O58 - SDL:2015/10/30 03:17:22 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\windows\System32\drivers\evbda.sys [3436896] =>.Microsoft Windows®
O58 - SDL:2015/06/29 12:27:42 A . (.Hewlett-Packard - HP Disk Filter - SATA/RAID.) -- C:\windows\System32\drivers\hpdskflt.sys [40624] =>.Hewlett-Packard Company®
O58 - SDL:2015/10/30 03:17:22 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\windows\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:18 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\windows\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation
O58 - SDL:2015/10/30 03:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\windows\System32\drivers\iaLPSS2i_I2C.sys [165888] =>.Intel Corporation
O58 - SDL:2015/10/30 03:17:18 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\windows\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2015/10/30 03:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\windows\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2015/11/12 23:05:48 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver -.) -- C:\windows\System32\drivers\iaStorA.sys [1467912] =>.Intel(R) Rapid Storage Technology®
O58 - SDL:2015/10/30 03:17:22 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\windows\System32\drivers\iaStorAV.sys [673120] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:22 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\windows\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:23 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\windows\System32\drivers\ibbus.sys [424800] =>.Microsoft Windows®
O58 - SDL:2016/02/09 22:17:40 A . (.Intel Corporation - Intel(R) Wireless Bluetooth(R) Filter Drive.) -- C:\windows\System32\drivers\ibtusb.sys [301328] =>.Intel Corporation-Wireless Connectivity Solutions®
O58 - SDL:2017/02/22 01:45:54 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\windows\System32\drivers\igdkmd64.sys [11036640] =>.Intel(R) pGFX®
O58 - SDL:2016/10/07 08:25:26 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\windows\System32\drivers\IntcDAud.sys [822248] =>.Intel(R) OWR®
O58 - SDL:2015/10/30 03:17:23 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\windows\System32\drivers\lsi_sas.sys [108888] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:23 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\windows\System32\drivers\lsi_sas2i.sys [104800] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:23 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\windows\System32\drivers\lsi_sas3i.sys [99168] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:23 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\windows\System32\drivers\lsi_sss.sys [82784] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\windows\System32\drivers\megasas.sys [59744] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:23 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\windows\System32\drivers\megasr.sys [575840] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:23 A . (.Mellanox - MLX4 Bus Driver.) -- C:\windows\System32\drivers\mlx4_bus.sys [705376] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:23 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\windows\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:23 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\windows\System32\drivers\ndfltr.sys [76128] =>.Microsoft Windows®
O58 - SDL:2016/02/06 23:16:02 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\windows\System32\drivers\Netwbw02.sys [3516176] =>.Intel Corporation-Wireless Connectivity Solutions®
O58 - SDL:2016/02/06 23:15:58 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\windows\System32\drivers\Netwtw02.sys [6724368] =>.Intel Corporation-Wireless Connectivity Solutions®
O58 - SDL:2016/06/10 00:32:28 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\windows\System32\drivers\Netwtw04.sys [7152912] =>.Intel Corporation-Wireless Connectivity Solutions®
O58 - SDL:2015/10/30 03:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\windows\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\windows\System32\drivers\nvstor.sys [166240] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:23 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\windows\System32\drivers\percsas2i.sys [58208] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\windows\System32\drivers\percsas3i.sys [58720] =>.Microsoft Windows®
O58 - SDL:2016/01/20 00:43:22 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Dr.) -- C:\windows\System32\drivers\rt640x64.sys [935168] =>.Realtek Semiconductor Corp®
O58 - SDL:2016/03/18 08:18:03 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\windows\System32\drivers\RTKVHD64.sys [4856064] =>.Realtek Semiconductor Corp®
O58 - SDL:2016/01/20 05:13:11 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\windows\System32\drivers\RtsBaStor.sys [313048] =>.Realtek Semiconductor Corp®
O58 - SDL:2016/01/20 05:13:11 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\windows\System32\drivers\RtsP2Stor.sys [328920] =>.Realtek Semiconductor Corp®
O58 - SDL:2016/01/20 05:13:11 A . (.Realsil Semiconductor Corporation - RTS PCIE READER Driver.) -- C:\windows\System32\drivers\RtsPer.sys [769752] =>.Realtek Semiconductor Corp®
O58 - SDL:2016/01/20 05:13:11 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\windows\System32\drivers\RtsPStor.sys [367320] =>.Realtek Semiconductor Corp®
O58 - SDL:2016/01/20 05:13:11 A . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\windows\System32\drivers\RtsUer.sys [413912] =>.Realtek Semiconductor Corp®
O58 - SDL:2015/10/30 03:17:23 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\windows\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:23 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\windows\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows®
O58 - SDL:2016/02/22 04:58:10 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\windows\System32\drivers\Smb_driver_AMDASF.sys [58984] =>.Synaptics Incorporated®
O58 - SDL:2016/07/26 08:39:38 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\windows\System32\drivers\Smb_driver_AMDASF_Aux.sys [68728] =>.Synaptics Incorporated®
O58 - SDL:2016/07/26 08:39:40 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\windows\System32\drivers\Smb_driver_Intel.sys [71800] =>.Synaptics Incorporated®
O58 - SDL:2016/07/26 08:39:40 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\windows\System32\drivers\Smb_driver_Intel_Aux.sys [71800] =>.Synaptics Incorporated®
O58 - SDL:2015/10/30 03:17:23 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\windows\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows®
O58 - SDL:2016/07/26 08:39:50 A . (.Synaptics Incorporated - Synaptics I2C Driver.) -- C:\windows\System32\drivers\SynRMIHID_Aux.sys [66168] =>.Synaptics Incorporated®
O58 - SDL:2016/07/26 08:39:52 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\windows\System32\drivers\SynTP.sys [870520] =>.Synaptics Incorporated®
O58 - SDL:2016/02/04 03:43:28 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\windows\System32\drivers\TeeDriverW8x64.sys [185896] =>.Intel(R) Embedded Subsystems and IP Blocks Group®
O58 - SDL:2015/10/30 03:17:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\windows\System32\drivers\vsmraid.sys [166752] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:23 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\windows\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:23 A . (.Mellanox - Kernel WinMad.) -- C:\windows\System32\drivers\winmad.sys [26976] =>.Microsoft Windows®
O58 - SDL:2015/10/30 03:17:23 A . (.Mellanox - Kernel WinVerbs.) -- C:\windows\System32\drivers\winverbs.sys [59232] =>.Microsoft Windows®
O58 - SDL:2015/08/13 00:57:18 A . (.HP - HP Wireless Button Driver.) -- C:\windows\System32\drivers\WirelessButtonDriver64.sys [30544] =>.Hewlett-Packard Company®

---\\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (12) - 0s
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: <SafeZoneStable> <SafeZone Stable>[HKLM\..\Shell\open\Command] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\Launcher.exe =>.AVAST Software s.r.o.®
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <SafeZoneStable> <SafeZone Stable>[HKLM\..\InstallInfo\ShowIconsCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <SafeZoneStable> <SafeZone Stable>[HKLM\..\InstallInfo\ReinstallCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <SafeZoneStable> <SafeZone Stable>[HKLM\..\InstallInfo\HideIconsCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software

---\\ Search Browser Infection (4) - 0s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {7BF63490-69F0-43B4-AB0D-2300EA230A88} - (Amazon Search Suggestions) - http://www.amazon.com/ =>.Amazon Corporation
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM] {7BF63490-69F0-43B4-AB0D-2300EA230A88} - (Amazon Search Suggestions) - http://www.amazon.com/ =>.Amazon Corporation

---\\ Search Svchost Services (41) - 1s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\windows\System32\certprop.dll [192000] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\windows\System32\certprop.dll [192000] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\windows\system32\srvsvc.dll [283136] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\windows\System32\gpsvc.dll [1339904] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\windows\System32\ikeext.dll [957952] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\windows\System32\iphlpsvc.dll [963072] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\windows\system32\seclogon.dll [31232] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\windows\System32\appinfo.dll [94720] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\windows\system32\iscsiexe.dll [151040] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\windows\System32\eapsvc.dll [112640] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\windows\system32\schedsvc.dll [1001472] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\windows\system32\wbem\WMIsvc.dll [225280] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\windows\System32\browser.dll [134656] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\windows\system32\profsvc.dll [328192] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\windows\System32\SessEnv.dll [372736] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\windows\System32\wercplsupport.dll [96256] =>.Microsoft Corporation
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\windows\system32\dcpsvc.dll [186880] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\windows\system32\wlidsvc.dll [2054144] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\windows\System32\ncasvc.dll [168960] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\windows\System32\NetSetupSvc.dll [211456] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\windows\system32\themeservice.dll [59392] =>.Microsoft Corporation
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\windows\system32\RDXService.dll [1073152] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\windows\System32\lfsvc.dll [27136] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\windows\System32\rasauto.dll [106496] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\windows\System32\rasmans.dll [696320] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\windows\System32\mprdim.dll [507904] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\windows\System32\sens.dll [73216] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\windows\System32\ipnathlp.dll [456704] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\windows\System32\tapisrv.dll [311808] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\windows\system32\wuaueng.dll [2280960] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\windows\System32\qmgr.dll [1132544] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\windows\System32\shsvcs.dll [608768] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\windows\system32\dmwappushsvc.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\windows\System32\bdesvc.dll [361472] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\windows\system32\XboxNetApiSvc.dll [1035776] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\windows\system32\usocore.dll [379392] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\windows\System32\XblGameSave.dll [1139712] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\windows\System32\Windows.Internal.Management.dll [278016] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\windows\System32\DeviceSetupManager.dll [205824] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\windows\System32\usermgr.dll [912384] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\windows\System32\XblAuthManager.dll [948736] =>.Microsoft Corporation

---\\ Additional Scan (O88) (2) - 2s
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} =>.Superfluous.Orphan
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} =>.Superfluous.Orphan

---\\ Summary of the elements found (1) - 0s
~ No malicious or unnecessary items found.

~ Unselected Options:
~ End of the scan, 28819 items in 01mn37s (875)(0)
 
#24
ZHP Fix
4bd9Ugb.png

  • Disable your antivirus prior to this fix!
  • Download ZHP-Fix from here.
  • Install it.
  • Click Suivant 5 Times.
  • Then Installer.
  • Then Terminer.
  • Then right clcick the ZHP Fix icon Run as admin.
  • Copy the entire content of the code box below, the next step will grab it from your clipboard.
  • Then click on import.
  • Then click GO.
  • Allow completion.
  • A log file will appear on your desktop.
  • Post it here in your next reply.

Code: 
Script ZhpFix
SysRestore
EmptyFlash
ProxyFix
EmptyCLSID
O23 - Service: McAfee Application Installer Cleanup (0119471489614535) (0119471489614535mcinstcleanup) . (...) - C:\windows\TEMP\011947~1.EXE (.not file.)
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - Avast Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
O23 - Service: GamesAppIntegrationService (GamesAppIntegrationService) . (.WildTangent - WildTangent Games App Integration Service.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe =>.WildTangent Inc®
O23 - Service: McAfee Home Network (HomeNetSvc) . (...) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (.not file.)
[MD5.617E1ED0D0D7CF1EF087C1BA2AA1A89B] [APT] [Avast Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2346488] (.Activate.) =>.AVAST Software s.r.o.®
[MD5.00000000000000000000000000000000] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473] (...) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [McAfeeLogon] (...) -- C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [RegistrationModuleReminder_Welcome-S-1-5-21-180794559-3542364667-3217180141-1001] (...) -- C:\Program Files\HP\HP Welcome\Garage.Container.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.F485EE3C484D9874E9DD75E6B4FEE332] [APT] [SafeZone scheduled Autoupdate 1490704360] (.Avast Software.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe [927264] (.Activate.) =>.AVAST Software s.r.o.®
[MD5.283E10FD63971145CC1E750FFA46180E] [APT] [AVAST Software\Avast settings backup] (.AVAST Software.) -- C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [826808] (.Activate.) =>.AVAST Software s.r.o.®
O39 - APT: Avast Emergency Update - (.AVAST Software.) -- C:\windows\System32\Tasks\Avast Emergency Update [4268] =>.AVAST Software s.r.o.®
O39 - APT: DropboxOEM - (...) -- C:\windows\System32\Tasks\DropboxOEM [3186] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - (...) -- C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 [3834] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: McAfeeLogon - (...) -- C:\windows\System32\Tasks\McAfeeLogon [2440] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: RegistrationModuleReminder_Welcome-S-1-5-21-180794559-3542364667-3217180141-1001 - (...) -- C:\windows\System32\Tasks\RegistrationModuleReminder_Welcome-S-1-5-21-180794559-3542364667-3217180141-1001 [4146] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: SafeZone scheduled Autoupdate 1490704360 - (.Avast Software.) -- C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1490704360 [4022] =>.AVAST Software s.r.o.®
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - AvLaunch component.) -- C:\Program Files\AVAST Software\Avast\AvLaunch.exe =>.AVAST Software s.r.o.®
C:\Program Files\AVAST Software
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (.McAfee Total Protection MIME Plugin.) -- c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL =>.McAfee Total Protection MIME Plugin
P2 - FPN: [HKLM] [@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll =>.WildTangent
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://hp15-comm.msn.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://hp15-comm.msn.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://hp15-comm.msn.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp15-comm.msn.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp15-comm.msn.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp15-comm.msn.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft
O2 - BHO: Microsoft OneDrive for Business Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} (.Orphan.)
O4 - GS\TaskBar [Administrator]: Avast SafeZone Browser.lnk . (.Avast Software - Avast SafeZone Browser.) C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software s.r.o.®
O4 - GS\TaskBar [Alan Robinson]: Avast SafeZone Browser.lnk . (.Avast Software - Avast SafeZone Browser.) C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software s.r.o.®
O4 - GS\TaskBar [Guest]: Avast SafeZone Browser.lnk . (.Avast Software - Avast SafeZone Browser.) C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software s.r.o.®
O4 - GS\ProgramsCommon [Public]: Avast Free Antivirus.lnk . (.AVAST Software - Avast Antivirus.) C:\Program Files\AVAST Software\Avast\AvastUI.exe =>.AVAST Software s.r.o.®
O4 - GS\ProgramsCommon [Public]: Avast SafeZone Browser.lnk . (.Avast Software - Avast SafeZone Browser.) C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software s.r.o.®
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast Antivirus =>.AVAST Software s.r.o.®
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} =>.Apple Inc.
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {0CC8AE1D-F5AA-4143-8FAD-E017E0E9EE70} =>.Hewlett-Packard
O42 - Logiciel: SafeZone Stable 3.55.2393.596 - (.Avast Software.) [HKLM][64Bits] -- SafeZone 3.55.2393.596 =>.AVAST Software s.r.o.®
HKLM\SOFTWARE\Wow6432Node\AVAST Software =>.AVAST Software
HKLM\SOFTWARE\Wow6432Node\McAfee.com =>.McAfee Inc.
HKCU\SOFTWARE\AVAST Software =>.AVAST Software
HKCU\SOFTWARE\McAfee =>.McAfee Inc.
O43 - CFD: 28/03/2017 - [] D -- C:\Program Files\AVAST Software =>.AVAST Software s.r.o.®
O43 - CFD: 15/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee =>.McAfee
O43 - CFD: 28/03/2017 - [] D -- C:\ProgramData\AVAST Software =>.AVAST Software
O43 - CFD: 13/04/2017 - [] D -- C:\Program Files (x86)\Common Files\AV =>.Avast
O43 - CFD: 28/03/2017 - [] D -- C:\Users\Alan Robinson\AppData\Roaming\AVAST Software =>.AVAST Software
O106 - SIOI: avast [00asw] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - Avast Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software s.r.o.®
O58 - SDL:2017/03/28 08:24:56 A . (.AVAST Software s.r.o. - IDS Application Activity Monitor Driver..) -- C:\windows\System32\drivers\aswbidsdrivera.sys [307736] =>.AVAST Software s.r.o.®
O58 - SDL:2017/03/28 08:24:56 A . (.AVAST Software s.r.o. - Application Activity Monitor Helper Driver.) -- C:\windows\System32\drivers\aswbidsha.sys [189768] =>.AVAST Software s.r.o.®
O58 - SDL:2017/03/28 08:24:56 A . (.AVAST Software s.r.o. - Logging Driver.) -- C:\windows\System32\drivers\aswbloga.sys [334088] =>.AVAST Software s.r.o.®
O58 - SDL:2017/03/28 08:24:56 A . (.AVAST Software s.r.o. - Universal Driver.) -- C:\windows\System32\drivers\aswbuniva.sys [48528] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/04 08:30:27 A . (.AVAST Software - Avast HWID.) -- C:\windows\System32\drivers\aswHwid.sys [38296] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2017/04/04 08:30:07 A . (.AVAST Software - Avast Keyboard Filter Driver.) -- C:\windows\System32\drivers\aswKbd.sys [32600] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/28 08:30:42 A . (.AVAST Software - Avast File System Minifilter for Windows 20.) -- C:\windows\System32\drivers\aswmonflt.sys [128648] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/04 08:30:27 A . (.AVAST Software - Avast WFP Redirect Driver.) -- C:\windows\System32\drivers\aswRdr2.sys [101152] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/04 08:30:27 A . (.AVAST Software - Avast Revert.) -- C:\windows\System32\drivers\aswRvrt.sys [75704] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2017/04/04 08:30:07 A . (.AVAST Software - Avast Virtualization Driver.) -- C:\windows\System32\drivers\aswSnx.sys [1005048] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/28 08:30:42 A . (.AVAST Software - Avast self protection module.) -- C:\windows\System32\drivers\aswsp.sys [556784] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/04 08:30:27 A . (.AVAST Software - Stream Filter.) -- C:\windows\System32\drivers\aswStm.sys [164064] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/04 08:30:27 A . (.AVAST Software - Avast VM Monitor.) -- C:\windows\System32\drivers\aswVmm.sys [339696] =>.AVAST Software s.r.o.® (.AVAST Software)
O68 - StartMenuInternet: <SafeZoneStable> <SafeZone Stable>[HKLM\..\Shell\open\Command] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\Launcher.exe =>.AVAST Software s.r.o.®
O68 - StartMenuInternet: <SafeZoneStable> <SafeZone Stable>[HKLM\..\InstallInfo\ShowIconsCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
O68 - StartMenuInternet: <SafeZoneStable> <SafeZone Stable>[HKLM\..\InstallInfo\ReinstallCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
O68 - StartMenuInternet: <SafeZoneStable> <SafeZone Stable>[HKLM\..\InstallInfo\HideIconsCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {7BF63490-69F0-43B4-AB0D-2300EA230A88} - (Amazon Search Suggestions) - http://www.amazon.com/ =>.Amazon Corporation
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM] {7BF63490-69F0-43B4-AB0D-2300EA230A88} - (Amazon Search Suggestions) - http://www.amazon.com/ =>.Amazon Corporation
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} =>.Superfluous.Orphan
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} =>.Superfluous.Orphan
EmptyTemp
 
#25
Reboot the machine after, if this does not solve the issue, then we will need to check and see of the issue is hardware related.

You can do that by running Puppy linux, or Hirens boot cd. If you are able to connect via wireless with either of these then the problem is within windows. If you are unable to connect then there is a hardware issue..
 
#26
Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015
Fichier d'export Registre :
Run by Alan Robinson at 5/2/2017 6:23:45 PM
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (10586)

Recycle Bin emptied (05mn AMs)

========== Software ==========
REMOVES: HP Customer Experience Enhancements

========== Registry keys ==========
REMOVES: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0CC8AE1D-F5AA-4143-8FAD-E017E0E9EE70}]
REMOVES: Service: 0119471489614535mcinstcleanup
REMOVES: Service: GamesAppIntegrationService
REMOVES: Service: HomeNetSvc
REMOVES:* Mozilla Plugin: @mcafee.com/MSC,version=10
REMOVES: HKLM\SOFTWARE\Wow6432Node\AVAST Software
REMOVES: HKLM\SOFTWARE\Wow6432Node\McAfee.com
REMOVES: HKCU\SOFTWARE\AVAST Software
REMOVES: HKCU\SOFTWARE\McAfee
REMOVES: SearchScopes :{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
REMOVES: SearchScopes :{7BF63490-69F0-43B4-AB0D-2300EA230A88}
REMOVES:* HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}
REMOVES: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}

========== Registry values ==========
ProxyFix : Proxy configuration successfully removed
REMOVES ProxyServer Value
REMOVES ProxyEnable Value
REMOVES EnableHttp1_1 Value
REMOVES ProxyHttp1.1 Value
REMOVES ProxyOverride Value
REMOVES: URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497}

========== Elements of the registry data ==========
REMOVES: R0 - Main,Start Page = KCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
REMOVES: R0 - Main,Start Page = KLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
REMOVES: R0 - Main,Start Page = KLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page
REMOVES: R1 Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
REMOVES: R1 Search Page = http://hp15-comm.msn.com/?pc=HRTE
REMOVES: R1 Search Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
REMOVES: R1 Search Page = about:NoAdd-ons
REMOVES: R1 Search Page = about:SecurityRisk
REMOVES: R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable
REMOVES: R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy

========== Folders ==========
No folders empty CLSID Local user
REMOVES: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
REMOVES: C:\ProgramData\AVAST Software
REMOVES: C:\Program Files (x86)\Common Files\AV
Deletes temporary Windows (0)

========== Files ==========
REMOVES Flash Cookies (0) (0 octets)
REMOVES: c:\program files (x86)\wildtangent games\app\gamesappintegrationservice.exe
REMOVES Reboot: c:\windows\system32\tasks\dropboxoem
Deletes temporary Windows (0) (0 octets)

========== Scheduled task ==========
REMOVES: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
REMOVES: McAfeeLogon
REMOVES: RegistrationModuleReminder_Welcome-S-1-5-21-180794559-3542364667-3217180141-1001

========== System restore ==========
The system successfully created restore point

========== Other ==========
NON-TREATY R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []


========== Summary ==========
13 : Registry keys
7 : Registry values
10 : Elements of the registry data
5 : Folders
4 : Files
1 : Software
3 : Scheduled task
1 : System restore
1 : Other


End of clean in 13mn AMs

========== Path to file report ==========
C:\Users\Alan Robinson\AppData\Roaming\ZHP\ZHPFix[R1].txt - 5/2/2017 6:23:50 PM [3548]
 
#27
One more thing we could try.... But this is looking like a hardware issue to be honest.

Windows Repair.

Install (use the direct download) the Tweaking.com - Windows all in one repair tool. Then boot Windows into Safe Mode, (Make Certain To Run This Program As Administrator) then run through the Prescan on step 2 tab. Then skip to step 5 and create a system restore point. Then go to the repair tab...

Notice create a registry backup is ticked by default, so no need to do so in step 5...
upload_2017-1-5_18-37-26-png.1290


Now run the program, with the boxes ticked in the picture below.

Click Image Below For Better Resolution.

upload_2017-1-5_18-40-40-png.1292


May want to save picture or write down what boxes need ticked, since you will run this in Safe Mode.


Important: Make certain to reboot twice after running this tool!!
 
#29
Yeah, last thing I can think of before a hardware issue is to make sure the services are running that are required to use wireless....

If the step below does not help, then hardware may well be the issue...

@phillpower2 May be able to assist further.

Download easy service optmizer, save it to your desktop and unzip it there. Right click it and run as admin, then select Tweaked at the bottom. Then click on the rocket, this will turn off a lot of useless items.


tnkjYlk.png


You will however need to change one setting. Right Click on Wlansvc — WLAN AutoConfig, then select start service, the edit service. Make sure it is automatic across the board, as per the picture.


PO7tPc7.png
 
#30
Also, did you ever try and connect via ethernet cable and see if it connects? Or do you have a wireless USB dongle that you can test on this machine, to ensure that we are dealing with a hardware issue.

Remove the power cord from the laptop again and then remove the battery, then push the power button while the battery is out. Replace the battery and cord and check the wireless.
 
Last edited:
Status
Not open for further replies.
Top Bottom
Back
Forums
Resources
Menu