~ ZHPDiag v2016.1.31.23 By Nicolas Coolman (2016/01/30) ~ Run by Sleipnir (Administrator) (2017/03/19 01:58:21) ~ Web: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: No network file ~ Mode: Scan ~ Report: C:\Users\Sleipnir\Desktop\ZHPDiag.txt ~ Report: C:\Users\Sleipnir\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Deactivate ~ System startup: Normal (Normal boot) Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) ---\\ Internet Browsers (3) - 0s GCIE: Google Chrome v56.0.2924.87 MFIE: Mozilla Firefox 52.0.1 (x86 en-US) MSIE: Internet Explorer v11.0.9600.18282 ---\\ Windows Product Information (4) - 0s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System protection software (3) - 7s Avira Antivirus v15.0.25.154 Malwarebytes Anti-Malware version 2.1.8.1057 Windows Defender W7 (Deactivate) ---\\ System protection software (Superfluous) (2) - 7s ESET Online Scanner v3 Spybot - Search & Destroy v2.4.40 ---\\ System optimization software (1) - 7s CCleaner v5.13 ---\\ Surveillance software (2) - 7s Adobe Flash Player 23 NPAPI Adobe Acrobat Reader DC - Français ---\\ Information on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 8325.008 MB (23% free) System Restore: Activé (Enable) System drive C: has 63 GB () free of 153 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: SLEIPNIR-PC ~ User Name: Sleipnir ~ Logged in as Administrator ---\\ Enumeration of the disk units (2) - 0s ~ Drive C: has 63 GB free of 153 GB (System) ~ Drive F: has 333 GB free of 800 GB ---\\ State of the Windows Security Center (11) - 0s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (24) - 1s [MD5.9D77CC4A36FEEA644D002CFB9B2D42C0] - 22/01/2016 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [3231232] =>.Microsoft Corporation [MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] =>.Microsoft Corporation [MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation [MD5.D2E3B1DEDF6F6177D8C32B2516703A93] - 31/03/2016 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [2596864] =>.Microsoft Corporation [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - 17/07/2014 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [455168] =>.Microsoft Corporation [MD5.067FA52BFB59A56110A12312EF9AF243] - 21/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation [MD5.492D07D79E7024CA310867B526D9636D] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation [MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation [MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - 13/10/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [497664] =>.Microsoft Corporation [MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows® [MD5.B8BD2BB284668C84865658C77574381A] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation [MD5.F036CE71586E93D94DAB220D7BDF4416] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 21/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 14/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation [MD5.10112D850C844606419C79EE24EE6016] - 12/05/2016 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [159744] =>.Microsoft Corporation [MD5.09594D1089C523423B32A4229263F068] - 21/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] =>.Microsoft Corporation [MD5.47B2D0B31BDC3EBE6090228E2BA3764D] - 11/01/2016 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1684416] {33000000354C94FF5B25BE5277000000000035} =>.Microsoft Corporation [MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation [MD5.471815800AE33E6F1C32FB1B97C490CA] - 21/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation [MD5.AA77EB517D2F07A947294F260E3ACA83] - 13/10/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [118272] =>.Microsoft Corporation [MD5.0D08D2F3B3FF84E433346669B5E0F639] - 21/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Windows® ---\\ Non Microsoft non disabled Windows Services (30) - 2s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: Avira Protection e-mail (AntiVirMailService) . (.Avira Operations GmbH & Co. KG - Antivirus MailScanner WFP Service.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe {76BA9423DDBCE7B145A95F01EE015F17} =>.Avira Operations GmbH & Co. KG O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe {76BA9423DDBCE7B145A95F01EE015F17} =>.Avira Operations GmbH & Co. KG O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe {76BA9423DDBCE7B145A95F01EE015F17} =>.Avira Operations GmbH & Co. KG O23 - Service: Avira Protection Web (AntiVirWebService) . (.Avira Operations GmbH & Co. KG - AntiVir WebGuard WFP Service.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe {76BA9423DDBCE7B145A95F01EE015F17} =>.Avira Operations GmbH & Co. KG O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.® O23 - Service: ASUS Com Service (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe =>.ASUSTeK Computer Inc.® O23 - Service: Avira Service Host (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG - Avira Service Host.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe {39CF937CF8909F05793300DE20B4E45F} =>.Avira Operations GmbH & Co. KG O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.® O23 - Service: chip 1-click download service (chip1click) . (.Chip Digital GmbH - chip 1-click installer.) - C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe O23 - Service: Service Mise à jour Dropbox (dbupdate) (dbupdate) . (.Dropbox, Inc. - Dropbox Update.) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe =>.Dropbox, Inc® O23 - Service: DbxSvc (DbxSvc) . (.Dropbox, Inc. - Dropbox Service.) - C:\Windows\System32\DbxSvc.exe {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.HP Inc. - HP Support Solutions Framework Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe {0098B182EAF5DF8BDE0F8872EDE210C75E} O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe =>.Intel Corporation - Intel® Rapid Storage Technology® O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation O23 - Service: Intel(R) PROSet Monitoring Service (Intel(R) PROSet Monitoring Service) . (.Intel Corporation - Intel® PROSet Monitoring Service.) - C:\Windows\System32\IProsetMonitor.exe =>.Intel Corporation® O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware® O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products® O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation® O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation® O23 - Service: Nalpeiron Licensing Service (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\Windows\SysWOW64\nlssrv32.exe {00C4CB4AB4B462B35CE25879623525B89D} =>.Nalpeiron Ltd. O23 - Service: RalinkRegistryWriter (RalinkRegistryWriter) . (.Ralink Technology, Corp. - RalinkRegistryWriter.) - C:\Program Files (x86)\Hama\Common\RaRegistry.exe =>.Mediatek Inc.® O23 - Service: RalinkRegistryWriter64 (RalinkRegistryWriter64) . (.Ralink Technology, Corp. - RalinkRegistryWriter.) - C:\Program Files (x86)\Hama\Common\RaRegistry64.exe =>.Mediatek Inc.® O23 - Service: Razer Game Scanner (Razer Game Scanner Service) . (.Copyright © 2013-2016 - GameScannerService.) - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe {1834B81889070312B5C4CA72EA419A5E} O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe =>.Safer Networking Ltd.® O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe =>.Safer-Networking Ltd.® O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe =>.Safer-Networking Ltd.® O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe {330000008AF4BE0B29747A0FA000000000008A} =>.Skype Technologies O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) . (.Cisco Systems, Inc. - VPN Agent Service.) - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe {3B5F35C73F400C6113BEEF9D414AF6E5} =>.Cisco Systems, Inc. ---\\ Services not Microsoft (SR=Run, SS=Stop) (39) - 16s SR - Auto [19/12/2016] [ 82640] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® SS - Auto [17/02/2017] [ 1115552] Avira Protection e-mail (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe {76BA9423DDBCE7B145A95F01EE015F17} =>.Avira Operations GmbH & Co. KG SR - Auto [17/02/2017] [ 487424] Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe {76BA9423DDBCE7B145A95F01EE015F17} =>.Avira Operations GmbH & Co. KG SR - Auto [17/02/2017] [ 487424] Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe {76BA9423DDBCE7B145A95F01EE015F17} =>.Avira Operations GmbH & Co. KG SS - Auto [17/02/2017] [ 1519144] Avira Protection Web (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe {76BA9423DDBCE7B145A95F01EE015F17} =>.Avira Operations GmbH & Co. KG SR - Auto [07/10/2015] [ 77104] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.® SR - Auto [07/05/2013] [ 936728] ASUS Com Service (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe =>.ASUSTeK Computer Inc.® SR - Auto [09/03/2017] [ 349560] Avira Service Host (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe {39CF937CF8909F05793300DE20B4E45F} =>.Avira Operations GmbH & Co. KG SR - Auto [12/08/2015] [ 462096] Service Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.® SR - Auto [27/10/2016] [ 91136] chip 1-click download service (chip1click) . (.Chip Digital GmbH.) - C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe SS - Auto [14/01/2016] [ 143144] Service Mise à jour Dropbox (dbupdate) (dbupdate) . (.Dropbox, Inc..) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe =>.Dropbox, Inc® SS - Demand [14/01/2016] [ 143144] Service Mise à jour Dropbox (dbupdatem) (dbupdatem) . (.Dropbox, Inc..) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe =>.Dropbox, Inc® SR - Auto [21/01/2017] [ 46408] DbxSvc (DbxSvc) . (.Dropbox, Inc..) - C:\Windows\system32\DbxSvc.exe =>.Dropbox, Inc. SS - Auto [05/01/2016] [ 144200] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [05/01/2016] [ 144200] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SR - Auto [07/12/2016] [ 31776] HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.HP Inc..) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe {0098B182EAF5DF8BDE0F8872EDE210C75E} SR - Auto [07/08/2013] [ 15720] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe =>.Intel Corporation - Intel® Rapid Storage Technology® SS - Demand [14/11/2005] [ 69632] InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe =>.Macrovision Corporation SR - Auto [27/08/2013] [ 747520] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation SS - Demand [27/08/2013] [ 828376] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel® Trusted Connect Service® SR - Auto [30/07/2013] [ 204552] Intel(R) PROSet Monitoring Service (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe =>.Intel Corporation SS - Demand [17/12/2015] [ 644880] Service de l’iPod (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe =>.Apple Inc.® SR - Auto [16/09/2013] [ 169432] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware® SR - Auto [16/09/2013] [ 390616] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products® SR - Auto [18/06/2015] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation® SS - Auto [18/06/2015] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation® SS - Demand [18/03/2017] [ 172488] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SR - Auto [24/02/2015] [ 70768] Nalpeiron Licensing Service (nlsX86cc) . (.Nalpeiron Ltd..) - C:\Windows\SysWOW64\nlssrv32.exe {00C4CB4AB4B462B35CE25879623525B89D} =>.Nalpeiron Ltd. SS - Demand [05/03/2017] [ 1325384] Overwolf Updater Windows SCM (OverwolfUpdater) . (.Overwolf LTD.) - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe {4FD6C5FE16AB00F702179D23B4372EBC} =>.Overwolf LTD SR - Auto [04/02/2013] [ 387376] RalinkRegistryWriter (RalinkRegistryWriter) . (.Ralink Technology, Corp..) - C:\Program Files (x86)\Hama\Common\RaRegistry.exe =>.Mediatek Inc.® SR - Auto [04/02/2013] [ 452912] RalinkRegistryWriter64 (RalinkRegistryWriter64) . (.Ralink Technology, Corp..) - C:\Program Files (x86)\Hama\Common\RaRegistry64.exe =>.Mediatek Inc.® SR - Auto [25/09/2016] [ 189264] Razer Game Scanner (Razer Game Scanner Service) . (.Copyright © 2013-2016.) - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe {1834B81889070312B5C4CA72EA419A5E} SR - Auto [24/06/2014] [ 1738168] Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe =>.Safer Networking Ltd.® SR - Auto [21/09/2016] [ 4088608] Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe =>.Safer-Networking Ltd.® SR - Auto [24/11/2016] [ 235984] Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe =>.Safer-Networking Ltd.® SS - Auto [16/01/2017] [ 317400] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe {330000008AF4BE0B29747A0FA000000000008A} =>.Skype Technologies SS - Demand [13/03/2017] [ 1590560] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve® SR - Auto [06/10/2016] [ 641536] Cisco AnyConnect Secure Mobility Agent (vpnagent) . (.Cisco Systems, Inc..) - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe {3B5F35C73F400C6113BEEF9D414AF6E5} =>.Cisco Systems, Inc. ---\\ Task Planned Automatically (26) - 4s [MD5.A0747D9A94EDFD251ED8E6556E70BA37] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408] =>.Adobe Systems, Incorporated® [MD5.00000000000000000000000000000000] [APT] [AMD Updater] (...) -- C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe (.not file.) [0] [MD5.8025F05E5A51FD499584AFD7A688423C] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6602152] =>.Piriform Ltd® [MD5.A1F58FFF448E4099297D6EE0641D4D0E] [APT] [DropboxUpdateTaskMachineCore] (.Dropbox, Inc..) -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144] =>.Dropbox, Inc® [MD5.A1F58FFF448E4099297D6EE0641D4D0E] [APT] [DropboxUpdateTaskMachineUA] (.Dropbox, Inc..) -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144] =>.Dropbox, Inc® [MD5.88FBBB1C601A6BC42054E57C2897FA45] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] =>.Google Inc® [MD5.88FBBB1C601A6BC42054E57C2897FA45] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] =>.Google Inc® [MD5.1D8B159B8B7B5A5F59CB474CB073A6DE] [APT] [HPCeeScheduleForSleipnir] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97848] =>.Hewlett-Packard Company® [MD5.F46DA2B189B9312CDA638E9901985187] [APT] [Overwolf Updater Task] (.Overwolf LTD.) -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1325384] {4FD6C5FE16AB00F702179D23B4372EBC} =>.Overwolf LTD [MD5.00000000000000000000000000000000] [APT] [{14EC3E71-72B1-4E94-8107-9CBF2A9FFF94}] (...) -- C:\Program Files (x86)\Steam\Steam.exe (.not file.) [0] [MD5.C2D924CE9EA2EE3E7B7E6A7C476619CA] [APT] [{ACBD3A35-86DF-401A-B751-F21AC4060609}] (.Mozilla Corporation.) -- c:\program files (x86)\mozilla firefox\firefox.exe [517064] =>.Mozilla Corporation® [MD5.00000000000000000000000000000000] [APT] [{F205B179-44EA-4FAB-982B-62AA49DC75DC}] (...) -- C:\Program Files (x86)\Steam\Steam.exe (.not file.) [0] [MD5.E009BACC88ACD9DB268F09515C260ED1] [APT] [ASUS\ASUS Product Register Service] (.ASUSTek Computer Inc..) -- C:\Program Files (x86)\ASUS\APRP\aprp.exe [3220640] =>.ASUSTek Computer Inc. [MD5.6DBF5E67EEA838135065948A99219D0F] [APT] [Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)] (.HP Inc..) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696] {06EEEB059F8022329ED5C6C79DCFC4A9} O39 - APT: DropboxUpdateTaskMachineCore - (.Dropbox, Inc..) -- C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job [1186] =>.Dropbox, Inc. O39 - APT: DropboxUpdateTaskMachineUA - (.Dropbox, Inc..) -- C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job [1190] =>.Dropbox, Inc. O39 - APT: HPCeeScheduleForSleipnir - (.Hewlett-Packard.) -- C:\Windows\Tasks\HPCeeScheduleForSleipnir.job [344] =>.Hewlett-Packard O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [4476] =>.Adobe Systems Incorporated O39 - APT: AMD Updater - (...) -- C:\Windows\System32\Tasks\AMD Updater [4224] (.Orphean.) O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2802] =>.Piriform Ltd O39 - APT: DropboxUpdateTaskMachineCore - (.Dropbox, Inc..) -- C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore [3934] =>.Dropbox, Inc. O39 - APT: DropboxUpdateTaskMachineUA - (.Dropbox, Inc..) -- C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA [4186] =>.Dropbox, Inc. O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3372] =>.Google Inc. O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [3500] =>.Google Inc. O39 - APT: HPCeeScheduleForSleipnir - (.Hewlett-Packard.) -- C:\Windows\System32\Tasks\HPCeeScheduleForSleipnir [3204] =>.Hewlett-Packard O39 - APT: Overwolf Updater Task - (.Overwolf LTD.) -- C:\Windows\System32\Tasks\Overwolf Updater Task [3728] =>.Overwolf LTD ---\\ Process running (56) - 17s [MD5.D0B825B69468D1A3095A921F575FCEC6] - (.Cisco Systems, Inc. - VPN Agent Service.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [641536] [PID.1264] {3B5F35C73F400C6113BEEF9D414AF6E5} =>.Cisco Systems, Inc. [MD5.58FD213E044D88825E411A1A0A6AEE64] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\Antivirus\sched.exe [487424] [PID.1472] {76BA9423DDBCE7B145A95F01EE015F17} =>.Avira Operations GmbH & Co. KG [MD5.B932E0EE190778D840F1442DFC0F9612] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640] [PID.1700] =>.Adobe Systems, Incorporated® [MD5.58FD213E044D88825E411A1A0A6AEE64] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe [487424] [PID.1740] {76BA9423DDBCE7B145A95F01EE015F17} =>.Avira Operations GmbH & Co. KG [MD5.2D564BB1C4559A517B390A031955714D] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104] [PID.1768] =>.Apple Inc.® [MD5.BBF8F831C7720DD5135D8C4C8325187A] - (...) -- C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728] [PID.1832] =>.ASUSTeK Computer Inc.® [MD5.B5C2F92EE1106DFE7BB1CCE4D35B6037] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [462096] [PID.1868] =>.Apple Inc.® [MD5.59B4AB79011957DD3B83F0C2E63741BD] - (.Chip Digital GmbH - chip 1-click installer.) -- C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136] [PID.1888] [MD5.5B7A202DECF962A6C9A2E759551BF05E] - (.Dropbox, Inc. - Dropbox Service.) -- C:\Windows\System32\DbxSvc.exe [46408] [PID.2028] {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. [MD5.DAE6C3099D291EED8922A65C29ABCF52] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520] [PID.1948] =>.Intel(R) Corporation [MD5.B45D80667300D34BF043B421D5D9CD8E] - (.Intel Corporation - Intel® PROSet Monitoring Service.) -- C:\Windows\System32\IProsetMonitor.exe [204552] [PID.1168] =>.Intel Corporation® [MD5.301E3FDFCF33640BB8763BA444BC5093] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.2060] =>.Malwarebytes Corporation® [MD5.D6691A65D2414AE04200D5FCE7542E90] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\Windows\SysWOW64\nlssrv32.exe [70768] [PID.2192] {00C4CB4AB4B462B35CE25879623525B89D} =>.Nalpeiron Ltd. [MD5.40EFC3CB925FB84F09F83E4E30FB1500] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) -- C:\Program Files (x86)\Hama\Common\RaRegistry.exe [387376] [PID.2276] =>.Mediatek Inc.® [MD5.E01B930DD3D006A996F824716330CE8F] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) -- C:\Program Files (x86)\Hama\Common\RaRegistry64.exe [452912] [PID.2300] =>.Mediatek Inc.® [MD5.5753CD9159718444F6D9E1634B984BF5] - (.Copyright © 2013-2016 - GameScannerService.) -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264] [PID.2324] {1834B81889070312B5C4CA72EA419A5E} [MD5.D777F1417D9BB9F66CD9D9C3B61F730F] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168] [PID.2380] =>.Safer Networking Ltd.® [MD5.2508D922074C96B4E7C25D011550EFCA] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Program Files (x86)\Avira\Antivirus\avshadow.exe [1063016] [PID.2476] {76BA9423DDBCE7B145A95F01EE015F17} =>.Avira Operations GmbH & Co. KG [MD5.94653C9CFDC15B30EEECD94BA7219654] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608] [PID.2832] =>.Safer-Networking Ltd.® [MD5.AA46643E268120F3C70AADA7056CD0CC] - (.Avira Operations GmbH & Co. KG - Avira Service Host.) -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [349560] [PID.2176] {39CF937CF8909F05793300DE20B4E45F} =>.Avira Operations GmbH & Co. KG [MD5.A7C46DA2D7C25DAA810E1DE4B14D1478] - (.Safer-Networking Ltd. - Windows Security Center integration..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984] [PID.2960] =>.Safer-Networking Ltd.® [MD5.FE40EC349D80C0ED24A5808DCFE9A0D2] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe [288920] [PID.4268] =>.Google Inc® [MD5.B5C7D56B6DB76C66E24B4B735BB66509] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe [366232] [PID.4276] =>.Google Inc® [MD5.5B90B4108AFA762A5E8F46202ED661DA] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7541464] [PID.4432] =>.Realtek Semiconductor Corp® [MD5.39F07FEA9532CD88F388ECABEFE37CD2] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Sleipnir\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000] [PID.4520] =>.Spotify AB® [MD5.7692B581DC890A53B440DE9E54D7E2D5] - (...) -- C:\Program Files\YoloMouse\YoloMouse.exe [222208] [PID.4528] [MD5.CE1DEC053DA24927E89D9AA196D31281] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe [8590760] [PID.4540] =>.Piriform Ltd® [MD5.BA69F51DE9B849377BA42CC912E0565D] - (.GIGABYTE Technology Co.,Ltd. - Graphics Card Smart Tuner..) -- C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe [24211456] [PID.4608] [MD5.094E4E76FB9AB960A73F841BC6733F42] - (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848] [PID.4628] =>.Intel Corporation - Software and Firmware Products® [MD5.1519248C040C04C346ABE07B51ECB5BA] - (.Razer Inc. - Razer Synapse.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640] [PID.4648] {1834B81889070312B5C4CA72EA419A5E} =>.Razer Inc. [MD5.7AA96F1D57CCE13A15C540A350AEAA18] - (...) -- C:\ProgramData\cdblc\cdblc.exe [203469362] [PID.4676] [MD5.C6AB60044691ECF7DA5A5E64F4602912] - (.Dropbox, Inc. - Dropbox.) -- C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [27308304] [PID.4704] {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. [MD5.1E0029B9936F42C86138EADB5C27439E] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744] [PID.4800] {76BA9423DDBCE7B145A95F01EE015F17} =>.Avira Operations GmbH & Co. KG [MD5.7EE68A122ED08E4AAD8DA551E34D2515] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576] [PID.4820] =>.Safer Networking Ltd.® [MD5.B06ECBE832DCB8A15B6736E740A2C7B8] - (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [309264] [PID.4892] {1FEB5456B9E0C2C68357C42975B98224} =>.Avira Operations GmbH & Co. KG [MD5.C4B517193613BFE663172ACAB7159177] - (.© 2015 Razer Inc. All rights reserved. - RzStats.Manager.) -- C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe [298448] [PID.208] {1834B81889070312B5C4CA72EA419A5E} [MD5.8B4A0AACC73F809B12E7B1BBDE81961E] - (.Razer, Inc. - RazerIngameEngine.) -- C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe [259864] [PID.4248] {1834B81889070312B5C4CA72EA419A5E} =>.Razer, Inc. [MD5.3D45AD2B246B90DBD3E6F213E7AEBF64] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592] [PID.3392] =>.Intel Corporation - Intel® Rapid Storage Technology® [MD5.F8DBFD416E84B567BE5C04F1C00DB604] - (.Razer, Inc. - Razer Chromium Render Process.) -- C:\Users\Sleipnir\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe [275224] [PID.3608] {1834B81889070312B5C4CA72EA419A5E} =>.Razer, Inc. [MD5.F8DBFD416E84B567BE5C04F1C00DB604] - (.Razer, Inc. - Razer Chromium Render Process.) -- C:\Users\Sleipnir\AppData\Local\Razer\InGameEngine\cache\RzSynapse\RzCefRenderProcess.exe [275224] [PID.2244] {1834B81889070312B5C4CA72EA419A5E} =>.Razer, Inc. [MD5.EC80F3ECC5F8543E22BBCB037D837CA9] - (.HP Inc. - HP Support Solutions Framework Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776] [PID.6820] {0098B182EAF5DF8BDE0F8872EDE210C75E} [MD5.20E83F4632E15A5E9E716FF2E8AC7FAE] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720] [PID.6952] =>.Intel Corporation - Intel® Rapid Storage Technology® [MD5.52069AEB42D3D0F97CBCA1085EBF55E6] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.7044] =>.Intel Corporation - Intel® Management Engine Firmware® [MD5.3DE66F47365AA8CEB18B1EE272F4FEBA] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616] [PID.7072] =>.Intel Corporation - Software and Firmware Products® [MD5.BF8D7240B300E3D9916788ADEEC383BD] - (.Valve Corporation - Steam Client Bootstrapper.) -- F:\Steam\Steam.exe [3019552] [PID.2020] =>.Valve® [MD5.54EA8A3DCBF0AD3E968063A0E5451B3D] - (.Hammer & Chisel, Inc. - Discord.) -- C:\Users\Sleipnir\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304] [PID.4844] {042AB042F4270D4BCF90EC033B9A1EC5} =>.Hammer & Chisel, Inc. [MD5.F8DBFD416E84B567BE5C04F1C00DB604] - (.Razer, Inc. - Razer Chromium Render Process.) -- C:\Users\Sleipnir\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe [275224] [PID.5604] {1834B81889070312B5C4CA72EA419A5E} =>.Razer, Inc. [MD5.54EA8A3DCBF0AD3E968063A0E5451B3D] - (.Hammer & Chisel, Inc. - Discord.) -- C:\Users\Sleipnir\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304] [PID.6500] {042AB042F4270D4BCF90EC033B9A1EC5} =>.Hammer & Chisel, Inc. [MD5.54EA8A3DCBF0AD3E968063A0E5451B3D] - (.Hammer & Chisel, Inc. - Discord.) -- C:\Users\Sleipnir\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304] [PID.4116] {042AB042F4270D4BCF90EC033B9A1EC5} =>.Hammer & Chisel, Inc. [MD5.0D181A3A9FC732B5F7E59E6C8459EC01] - (.Valve Corporation - Steam Client WebHelper.) -- F:\Steam\bin\cef\cef.win7\steamwebhelper.exe [2190624] [PID.7132] =>.Valve® [MD5.0D181A3A9FC732B5F7E59E6C8459EC01] - (.Valve Corporation - Steam Client WebHelper.) -- F:\Steam\bin\cef\cef.win7\steamwebhelper.exe [2190624] [PID.3776] =>.Valve® [MD5.ABFF2B3A80AA5348BE5E43EFD6B415D1] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6554424] [PID.4952] =>.Malwarebytes Corporation® [MD5.2D5B9311091ADFA85F0CEA88ED0309C8] - (.ArenaNet - Guild Wars 2 Game Client.) -- F:\Games\Guild Wars 2\Gw2-64.exe [30218920] [PID.1916] {6469A8B182E0D31F351D0BF700AF541B} [MD5.30CEF18D07DA3CAFBA05866B0478E223] - (.Coherent Labs - Coherent UI - A Modern User Interface Libra.) -- F:\Games\Guild Wars 2\bin64\CoherentUI_Host.exe [36143096] [PID.4880] =>.ArenaNet Inc.® [MD5.FF9CE0FC9E3B4BC22001764A9EFE4741] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Sleipnir\AppData\Roaming\ZHP\ZHPDiag3.exe [2105344] [PID.4588] =>.Nicolas Coolman [MD5.F65A78A54B58C5F7B4C324AE25B7864B] - (.Avira Operations GmbH & Co. KG - Control Center.) -- C:\Program Files (x86)\Avira\Antivirus\avcenter.exe [653160] [PID.7232] {76BA9423DDBCE7B145A95F01EE015F17} =>.Avira Operations GmbH & Co. KG ---\\ Google Chrome, Start,Search,Extensions (8) - 0s G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.google.com G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [cmedhionkhpnakcndndgjdbohmhepckk] __MSG_extension_name__ G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [kanbnempkjnhadplbfgdaagijdbdbjeb] Auto Replay for YouTube™ G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (6) - 1s M0 - MFSP: prefs.js [Sleipnir - xvE2Cvhr.default] http://yourtv.link =>PUP.Optional.Browser P2 - EXT FILE: (...) -- C:\Users\Sleipnir\AppData\Roaming\Mozilla\Firefox\Profiles\xvE2Cvhr.default\extensions\abs@avira.com.xpi P2 - EXT FILE: (...) -- C:\Users\Sleipnir\AppData\Roaming\Mozilla\Firefox\Profiles\xvE2Cvhr.default\extensions\fr@fbt.ovh.xpi P2 - EXT FILE: (...) -- C:\Users\Sleipnir\AppData\Roaming\Mozilla\Firefox\Profiles\xvE2Cvhr.default\searchplugins\Google .xml P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll =>.Adobe Systems Incorporated P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll =>.Apple Inc. ---\\ Internet Explorer Extensions, Start, Search (15) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yourtv.link =>PUP.Optional.Browser R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer, Proxy Management (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\Windows\System32\Userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Auto loading programs from Registry and folders (17) - 0s O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp® O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe =>.Intel Corporation O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Sticky Notes.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Sleipnir\AppData\Roaming\Spotify\SpotifyWebHelper.exe =>.Spotify AB® O4 - HKCU\..\Run: [YoloMouse] . (...) -- C:\Program Files\YoloMouse\YoloMouse.exe O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd® O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] . (.Safer-Networking Ltd. - Makes sure Spybot 2 is there on Windows 10..) -- C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe =>.Safer-Networking Ltd. O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe =>.Intel Corporation - Software and Firmware Products® O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-792549663-3945398320-1686471432-1000\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Sticky Notes.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-792549663-3945398320-1686471432-1000\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Sleipnir\AppData\Roaming\Spotify\SpotifyWebHelper.exe =>.Spotify AB® O4 - HKUS\S-1-5-21-792549663-3945398320-1686471432-1000\..\Run: [YoloMouse] . (...) -- C:\Program Files\YoloMouse\YoloMouse.exe O4 - HKUS\S-1-5-21-792549663-3945398320-1686471432-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd® O4 - HKUS\S-1-5-21-792549663-3945398320-1686471432-1000\..\Run: [SpybotPostWindows10UpgradeReInstall] . (.Safer-Networking Ltd. - Makes sure Spybot 2 is there on Windows 10..) -- C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe =>.Safer-Networking Ltd. ---\\ Global shortcuts Startup (82) - 8s O4 - GS\Desktop [Administrator]: Discord.lnk . (.GitHub - Update.) C:\Users\Sleipnir\AppData\Local\Discord\Update.exe {042AB042F4270D4BCF90EC033B9A1EC5} O4 - GS\Desktop [Administrator]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. O4 - GS\Desktop [Administrator]: Georg foldy - Shortcut.lnk . (...) F:\Georg foldy O4 - GS\Desktop [Administrator]: IrfanView 64.lnk . (.Irfan Skiljan - .) C:\Program Files (x86)\IrfanView\i_view64.exe =>.Irfan Skiljan O4 - GS\Desktop [Administrator]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files (x86)\PhotoScape\PhotoScape.exe =>.Mooii Tech® O4 - GS\Desktop [Administrator]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Sleipnir\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB® O4 - GS\Desktop [Administrator]: Texmaker.lnk . (...) C:\Program Files (x86)\Texmaker\texmaker.exe O4 - GS\Desktop [Administrator]: The Elder Scrolls Online.lnk . (.ZeniMax Online Studios - ZeniMax Online Studios Launcher.) F:\Games\Launcher\Bethesda.net_Launcher.exe {5703A83169AFEF8304E753B714065E6A} =>.Zenimax Online Studios O4 - GS\Desktop [Administrator]: Uplay.lnk . (.Ubisoft - Uplay launcher.) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe {6341C8C11C28F83F5D595E83D5129569} =>.Ubisoft O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Sleipnir\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. O4 - GS\Quicklaunch [Administrator]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files (x86)\PhotoScape\PhotoScape.exe =>.Mooii Tech® O4 - GS\sendTo [Administrator]: Dropbox.lnk . (...) C:\Users\Sleipnir\Dropbox O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe {330000008AF4BE0B29747A0FA000000000008A} =>.Skype Technologies S.A. O4 - GS\TaskBar [Administrator]: Guild Wars 2.lnk . (.ArenaNet - Guild Wars 2 Game Client.) F:\Games\Guild Wars 2\Gw2.exe {6469A8B182E0D31F351D0BF700AF541B} O4 - GS\TaskBar [Administrator]: iTunes.lnk . (.Apple Inc. - .) C:\Program Files (x86)\iTunes\iTunes.exe =>.Apple Inc. O4 - GS\TaskBar [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\TaskBar [Administrator]: Skype.lnk . (...) C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe O4 - GS\TaskBar [Administrator]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) F:\Steam\Steam.exe =>.Valve® O4 - GS\TaskBar [Administrator]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe {7CC41BCAABFE00CF836F57AC128F1810} =>.TeamSpeak Systems GmbH O4 - GS\Startup [Administrator]: Sleipnir.lnk . (...) C:\ProgramData\cdblc\cdblc.exe O4 - GS\Desktop [Guest]: Discord.lnk . (.GitHub - Update.) C:\Users\Sleipnir\AppData\Local\Discord\Update.exe {042AB042F4270D4BCF90EC033B9A1EC5} O4 - GS\Desktop [Guest]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. O4 - GS\Desktop [Guest]: Georg foldy - Shortcut.lnk . (...) F:\Georg foldy O4 - GS\Desktop [Guest]: IrfanView 64.lnk . (.Irfan Skiljan - .) C:\Program Files (x86)\IrfanView\i_view64.exe =>.Irfan Skiljan O4 - GS\Desktop [Guest]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files (x86)\PhotoScape\PhotoScape.exe =>.Mooii Tech® O4 - GS\Desktop [Guest]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Sleipnir\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB® O4 - GS\Desktop [Guest]: Texmaker.lnk . (...) C:\Program Files (x86)\Texmaker\texmaker.exe O4 - GS\Desktop [Guest]: The Elder Scrolls Online.lnk . (.ZeniMax Online Studios - ZeniMax Online Studios Launcher.) F:\Games\Launcher\Bethesda.net_Launcher.exe {5703A83169AFEF8304E753B714065E6A} =>.Zenimax Online Studios O4 - GS\Desktop [Guest]: Uplay.lnk . (.Ubisoft - Uplay launcher.) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe {6341C8C11C28F83F5D595E83D5129569} =>.Ubisoft O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Sleipnir\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. O4 - GS\Quicklaunch [Guest]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files (x86)\PhotoScape\PhotoScape.exe =>.Mooii Tech® O4 - GS\sendTo [Guest]: Dropbox.lnk . (...) C:\Users\Sleipnir\Dropbox O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe {330000008AF4BE0B29747A0FA000000000008A} =>.Skype Technologies S.A. O4 - GS\TaskBar [Guest]: Guild Wars 2.lnk . (.ArenaNet - Guild Wars 2 Game Client.) F:\Games\Guild Wars 2\Gw2.exe {6469A8B182E0D31F351D0BF700AF541B} O4 - GS\TaskBar [Guest]: iTunes.lnk . (.Apple Inc. - .) C:\Program Files (x86)\iTunes\iTunes.exe =>.Apple Inc. O4 - GS\TaskBar [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\TaskBar [Guest]: Skype.lnk . (...) C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe O4 - GS\TaskBar [Guest]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) F:\Steam\Steam.exe =>.Valve® O4 - GS\TaskBar [Guest]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe {7CC41BCAABFE00CF836F57AC128F1810} =>.TeamSpeak Systems GmbH O4 - GS\Startup [Guest]: Sleipnir.lnk . (...) C:\ProgramData\cdblc\cdblc.exe O4 - GS\Desktop [Sleipnir]: Discord.lnk . (.GitHub - Update.) C:\Users\Sleipnir\AppData\Local\Discord\Update.exe {042AB042F4270D4BCF90EC033B9A1EC5} O4 - GS\Desktop [Sleipnir]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. O4 - GS\Desktop [Sleipnir]: Georg foldy - Shortcut.lnk . (...) F:\Georg foldy O4 - GS\Desktop [Sleipnir]: IrfanView 64.lnk . (.Irfan Skiljan - .) C:\Program Files (x86)\IrfanView\i_view64.exe =>.Irfan Skiljan O4 - GS\Desktop [Sleipnir]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files (x86)\PhotoScape\PhotoScape.exe =>.Mooii Tech® O4 - GS\Desktop [Sleipnir]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Sleipnir\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB® O4 - GS\Desktop [Sleipnir]: Texmaker.lnk . (...) C:\Program Files (x86)\Texmaker\texmaker.exe O4 - GS\Desktop [Sleipnir]: The Elder Scrolls Online.lnk . (.ZeniMax Online Studios - ZeniMax Online Studios Launcher.) F:\Games\Launcher\Bethesda.net_Launcher.exe {5703A83169AFEF8304E753B714065E6A} =>.Zenimax Online Studios O4 - GS\Desktop [Sleipnir]: Uplay.lnk . (.Ubisoft - Uplay launcher.) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe {6341C8C11C28F83F5D595E83D5129569} =>.Ubisoft O4 - GS\Desktop [Sleipnir]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Sleipnir\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Sleipnir]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. O4 - GS\Quicklaunch [Sleipnir]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files (x86)\PhotoScape\PhotoScape.exe =>.Mooii Tech® O4 - GS\sendTo [Sleipnir]: Dropbox.lnk . (...) C:\Users\Sleipnir\Dropbox O4 - GS\sendTo [Sleipnir]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe {330000008AF4BE0B29747A0FA000000000008A} =>.Skype Technologies S.A. O4 - GS\TaskBar [Sleipnir]: Guild Wars 2.lnk . (.ArenaNet - Guild Wars 2 Game Client.) F:\Games\Guild Wars 2\Gw2.exe {6469A8B182E0D31F351D0BF700AF541B} O4 - GS\TaskBar [Sleipnir]: iTunes.lnk . (.Apple Inc. - .) C:\Program Files (x86)\iTunes\iTunes.exe =>.Apple Inc. O4 - GS\TaskBar [Sleipnir]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\TaskBar [Sleipnir]: Skype.lnk . (...) C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe O4 - GS\TaskBar [Sleipnir]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) F:\Steam\Steam.exe =>.Valve® O4 - GS\TaskBar [Sleipnir]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe {7CC41BCAABFE00CF836F57AC128F1810} =>.TeamSpeak Systems GmbH O4 - GS\Startup [Sleipnir]: Sleipnir.lnk . (...) C:\ProgramData\cdblc\cdblc.exe O4 - GS\CommonDesktop [Public]: Acrobat Reader DC.lnk . (.Adobe Systems Incorporated - Adobe Acrobat Reader DC.) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated® O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - .) C:\Program Files (x86)\CCleaner\CCleaner64.exe =>.Piriform Ltd O4 - GS\CommonDesktop [Public]: Centre de solutions HP.lnk . (.Hewlett-Packard Company - hpqdirec.exe.) C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe =>.Hewlett-Packard Company O4 - GS\CommonDesktop [Public]: GIGABYTE OC_GURU.lnk . (.Macrovision Corporation - InstallShield.) C:\Windows\Installer\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}\OC_GURU.exe1_5588D686D23B4C9DBDFA2A7875CD3722.exe =>.Macrovision Corporation O4 - GS\CommonDesktop [Public]: Guild Wars 2.lnk . (.ArenaNet - Guild Wars 2 Game Client.) F:\Games\Guild Wars 2\Gw2.exe {6469A8B182E0D31F351D0BF700AF541B} O4 - GS\CommonDesktop [Public]: iTunes.lnk . (.Apple Inc. - .) C:\Program Files (x86)\iTunes\iTunes.exe =>.Apple Inc. O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation® O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\CommonDesktop [Public]: OpenOffice 4.1.2.lnk . (.Apache Software Foundation - OpenOffice 4.1.2.) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe =>.Apache Software Foundation O4 - GS\CommonDesktop [Public]: R x64 3.3.2.lnk . (...) C:\Program Files (x86)\R\R-3.3.2\bin\x64\Rgui.exe O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe O4 - GS\CommonDesktop [Public]: Spybot-S&D Start Center.lnk . (.Safer-Networking Ltd. - Start Center.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe =>.Safer Networking Ltd.® O4 - GS\CommonDesktop [Public]: Stainless Steel 6.4.lnk . (.gracul @ TWCenter - M2TW:Kingdoms Mod Launcher.) F:\Steam\steamapps\common\Medieval II Total War\mods\SS6.3\SS_Launcher.exe O4 - GS\CommonDesktop [Public]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) F:\Steam\Steam.exe =>.Valve® O4 - GS\CommonDesktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - .) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN® O4 - GS\Startup [Public]: GIGABYTE OC_GURU.lnk . (.GIGABYTE Technology Co.,Ltd. - Graphics Card Smart Tuner..) C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe O4 - GS\Programs [Public]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Sleipnir\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB® O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc ---\\ Lop.com/Domain Hijackers (4) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A5698D8-9E49-4E0B-A780-69E38290DF5C}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AD767538-86A2-4A27-8D30-BB466451FDBD}: DhcpNameServer = 10.188.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B836A898-8614-4A20-B1E8-016E3E7BBE5D}: DhcpNameServer = 10.188.0.1 ---\\ Extra protocols (20) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® ---\\ BootExecute (BEX) (1) - 0s O34 - HKLM BootExecute: (sdnclean64.exe) ---\\ Software installed (189) - 12s O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent {0CF35369A9710762C36F6805FC9E45D6} O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {55D55008-E5F6-47D6-B16F-B2A40D4D145F} =>.Hewlett-Packard O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Flash Player 23 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824211354} =>.Adobe Systems Incorporated O42 - Logiciel: Age of Mythology: Extended Edition - (.SkyBox Labs.) [HKLM][64Bits] -- Steam App 266840 =>.Valve® O42 - Logiciel: AIO_CDA_ProductContext - (.Hewlett-Packard.) [HKLM][64Bits] -- {2A7EF808-14F3-4E93-BE3A-1675EE5332A4} =>.Hewlett-Packard O42 - Logiciel: AIO_CDA_Software - (.Hewlett-Packard.) [HKLM][64Bits] -- {A7AEE29F-839E-46B5-B347-6D430618129F} =>.Hewlett-Packard O42 - Logiciel: AIO_Scan - (.Hewlett-Packard.) [HKLM][64Bits] -- {D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6} =>.Hewlett-Packard O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {AAB4E5D9-72CB-3861-0387-8272B977D2C9} =>.Advanced Micro Devices, Inc. O42 - Logiciel: AMD Wireless Display v3.0 - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {3300B9C3-E57A-97E5-8C3A-C5ADDBEB7200} =>.Advanced Micro Devices, Inc. O42 - Logiciel: AMD Wireless Display v3.0 - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {3BF9EC04-F930-6F15-38C8-52405EC3CC6E} =>.Advanced Micro Devices, Inc. O42 - Logiciel: AMD Wireless Display v3.0 - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {71767C47-6F12-C176-7557-F61B7F9580D7} =>.Advanced Micro Devices, Inc. O42 - Logiciel: AMD Wireless Display v3.0 - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {7B26ED6A-EAAE-02C1-B302-1951A807D1DA} =>.Advanced Micro Devices, Inc. O42 - Logiciel: AMD Wireless Display v3.0 - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {A29F43A3-BF9B-6D85-8CE5-8E46437A0B34} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Anno 1404 - (.Blue Byte.) [HKLM][64Bits] -- Steam App 33250 =>.Valve® O42 - Logiciel: Anno 1404: Venice - (.Blue Byte.) [HKLM][64Bits] -- Steam App 33350 =>.Valve® O42 - Logiciel: Anno 2070 - (.Blue Byte.) [HKLM][64Bits] -- Steam App 48240 =>.Valve® O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM][64Bits] -- {7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F} =>.Apple Inc. O42 - Logiciel: Apple Application Support (64 bits) - (.Apple Inc..) [HKLM][64Bits] -- {691F30EB-9009-475A-B8A9-E1BF39598FD5} =>.Apple Inc. O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {3540181E-340A-4E7A-B409-31663472B2F7} =>.Apple Inc. O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF} =>.Apple Inc. O42 - Logiciel: ASUS Product Register Program - (.ASUSTek Computer Inc..) [HKLM][64Bits] -- {C87D79F6-F813-4812-B7A9-CCCAAB8B1188} =>.ASUSTek Computer Inc. O42 - Logiciel: Avira Antivirus v15.0.25.154 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- Avira Antivirus {76BA9423DDBCE7B145A95F01EE015F17} =>.Avira Operations GmbH & Co. KG O42 - Logiciel: Avira Connect v1.2.81.41506 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- {0b46d918-af4f-4612-8076-5c0ae67cb2aa} {1FEB5456B9E0C2C68357C42975B98224} =>.Avira Operations GmbH & Co. KG O42 - Logiciel: Avira Connect v1.2.81.41506 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- {BC5A9829-B67F-4E3A-83EE-0CDBDB6FBA1C} =>.Avira Operations GmbH & Co. KG O42 - Logiciel: Belkin N600 DB USB Wireless Adapter - (.Belkin International, Inc..) [HKLM][64Bits] -- {B20F9D1C-A0A5-4CD8-8306-DA03872311B1} {20E73AF5731266691C0FE84C168DA522} =>.Belkin International, Inc. O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {56DDDFB8-7F79-4480-89D5-25E1F52AB28F} =>.Apple Inc. O42 - Logiciel: Bootstrapper - (.Minitab, Inc..) [HKLM][64Bits] -- {4C461D52-6BFB-4BF0-85B3-D13D545C678E} O42 - Logiciel: BufferChm - (.Hewlett-Packard.) [HKLM][64Bits] -- {2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C} =>.Hewlett-Packard O42 - Logiciel: C4100 - (.Hewlett-Packard.) [HKLM][64Bits] -- {B6916E4B-FD07-47E7-B906-B3F734F08E29} =>.Hewlett-Packard O42 - Logiciel: c4100_Help - (.Hewlett-Packard.) [HKLM][64Bits] -- {3260D61B-DCA6-4ec6-8A41-DCCE01BC6EE4} =>.Hewlett-Packard O42 - Logiciel: CameraHelperMsi - (.Logitech.) [HKLM][64Bits] -- {15634701-BACE-4449-8B25-1567DA8C9FD3} =>.Logitech O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {11087D24-567D-7D88-69C6-D7A08B5F4C47} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Graphics Previews Common - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {6722142F-BEDC-C744-D0E1-5F9F99A47C08} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Localization All - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {BD24EBA2-F4E8-9230-3786-91E7619D0DB8} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Chinese Standard - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {BF551285-A36C-EED0-7CC1-BA82095A8E75} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Chinese Traditional - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {0385BD3A-3209-B7E0-4AB1-48E16FE2170E} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Czech - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {2E58D59B-75E5-FEFF-9471-171F276F435D} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Danish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {B6F34D9A-13F1-C8CB-FAAB-9C9ED2CF8BA1} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Dutch - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {32CEF1ED-2EEB-F48E-4171-B2A6ECD423DE} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help English - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {AC8B801C-51C0-1D5A-858B-FF85DAC59AD7} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Finnish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {2E8EE640-EF9C-4ECD-7E55-EF6035440820} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help French - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {A9E91C02-865A-DFBA-B389-D10BE85FA8CB} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help German - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {117D3CA5-E150-5C94-50B3-F2FAE1ED5A10} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Greek - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {C67AECCD-03F4-8376-1EEE-B2EF3B935EA8} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Hungarian - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {35E64E43-3626-CC57-5280-F5078FF71806} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Italian - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {3A899D7E-67E6-0E90-F60B-3B3054F43B13} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Japanese - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {A2D70B6E-4A5D-31BA-8879-3A0D210B164B} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Korean - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {06EDC792-0870-6E55-8559-EE3B723C6ADE} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Norwegian - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F7845CF7-72D9-A092-1761-EE034669CCB1} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Polish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {98455EC3-3EF1-E2CD-DC41-7EED8473960E} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Portuguese - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {0F42290A-4D94-9757-9E46-A8DF4DDD282D} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Russian - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {040E9D90-A64D-5BAF-3851-863D2E03F50F} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Spanish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F89520CF-1031-C876-56ED-512899F34A12} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Swedish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {4A050489-3991-5FF7-19C9-EE70455DCC50} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Thai - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {7480E9F6-0CC9-2DBB-D094-64A0F11DE7F4} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCC Help Turkish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {6D2C70AE-189F-C386-BB68-14FCA21677AE} =>.Advanced Micro Devices, Inc. O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd® O42 - Logiciel: chip 1-click download service - (.Chip Digital GmbH.) [HKLM][64Bits] -- {503CA94E-0834-4CEE-AD92-BA17AF4E809A} O42 - Logiciel: Chivalry: Medieval Warfare - (.Torn Banner Studios.) [HKLM][64Bits] -- Steam App 219640 =>.Valve® O42 - Logiciel: Cisco AnyConnect Secure Mobility Client - (.Cisco Systems, Inc..) [HKLM][64Bits] -- Cisco AnyConnect Secure Mobility Client {3B5F35C73F400C6113BEEF9D414AF6E5} =>.Cisco Systems, Inc. O42 - Logiciel: Cisco AnyConnect Secure Mobility Client - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {2A01CAB3-5117-4BDC-96FF-2A0D2AB0F182} =>.Cisco Systems, Inc. O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} =>.Cisco Systems, Inc. O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE} =>.Cisco Systems, Inc. O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640} =>.Cisco Systems, Inc. O42 - Logiciel: Cities: Skylines - (.Colossal Order Ltd..) [HKLM][64Bits] -- Steam App 255710 =>.Valve® O42 - Logiciel: Copy - (.Hewlett-Packard.) [HKLM][64Bits] -- {3C92B2E6-380D-4fef-B4DF-4A3B4B669771} =>.Hewlett-Packard O42 - Logiciel: Destinations - (.Hewlett-Packard.) [HKLM][64Bits] -- {BD7204BA-DD64-499E-9B55-6A282CDF4FA4} =>.Hewlett-Packard O42 - Logiciel: DeviceDiscovery - (.Hewlett-Packard.) [HKLM][64Bits] -- {2FF8C687-DB7D-4adc-A5DC-57983EC25046} =>.Hewlett-Packard O42 - Logiciel: Discord - (.Hammer & Chisel, Inc..) [HKCU][64Bits] -- Discord {042AB042F4270D4BCF90EC033B9A1EC5} =>.Hammer & Chisel, Inc. O42 - Logiciel: DocProc - (.Hewlett-Packard.) [HKLM][64Bits] -- {9B362566-EC1B-4700-BB9C-EC661BDE2175} =>.Hewlett-Packard O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKLM][64Bits] -- Dropbox {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. O42 - Logiciel: Dropbox Update Helper - (.Dropbox, Inc..) [HKLM][64Bits] -- {099218A5-A723-43DC-8DB5-6173656A1E94} =>.Dropbox, Inc. O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM][64Bits] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} =>.Logitech, Inc. O42 - Logiciel: ESET Online Scanner v3 - (...) [HKLM][64Bits] -- ESET Online Scanner =>.ESET, spol. s r.o.® O42 - Logiciel: Farming Simulator 15 - (.Giants Software.) [HKLM][64Bits] -- Steam App 313160 =>.Valve® O42 - Logiciel: Fax - (.Hewlett-Packard.) [HKLM][64Bits] -- {440B915A-0C85-45DB-92AE-75AE14704A64} =>.Hewlett-Packard O42 - Logiciel: GIGABYTE OC_GURU II - (.GIGABYTE Technology Co.,Ltd..) [HKLM][64Bits] -- {EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F} O42 - Logiciel: GIGABYTE OC_GURU II - (.GIGABYTE Technology Co.,Ltd..) [HKLM][64Bits] -- InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F} O42 - Logiciel: GIMP 2.8.18 - (.The GIMP Team.) [HKLM][64Bits] -- GIMP-2_is1 {031CE845CCA97AAE1EAD8B6464F9C7B6} =>.The GIMP Team O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: GPBaseService2 - (.Hewlett-Packard.) [HKLM][64Bits] -- {63FF21C9-A810-464F-B60A-3111747B1A6D} =>.Hewlett-Packard O42 - Logiciel: Guild Wars 2 - (.NCsoft Corporation, Ltd..) [HKLM][64Bits] -- Guild Wars 2 {6469A8B182E0D31F351D0BF700AF541B} =>.NCsoft Corporation, Ltd. O42 - Logiciel: Hama Wireless LAN Adapter - (.Hama.) [HKLM][64Bits] -- {28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D} O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {0CC8AE1D-F5AA-4143-8FAD-E017E0E9EE70} =>.Hewlett-Packard O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM][64Bits] -- HPExtendedCapabilities =>.Hewlett Packard® O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM][64Bits] -- HP Imaging Device Functions =>.Hewlett Packard® O42 - Logiciel: HP Photosmart All-In-One Driver Software 13.0 Rel. A - (.HP.) [HKLM][64Bits] -- {17016DA1-F040-4032-BD36-34DD317BC9D5} =>.Hewlett Packard® O42 - Logiciel: HP Photosmart Essential 3.5 - (.HP.) [HKLM][64Bits] -- HP Photosmart Essential =>.Hewlett Packard® O42 - Logiciel: HP Smart Web Printing 4.51 - (.HP.) [HKLM][64Bits] -- HP Smart Web Printing =>.Hewlett Packard® O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM][64Bits] -- HP Solution Center & Imaging Support Tools =>.Hewlett Packard® O42 - Logiciel: HP Support Assistant - (.HP.) [HKLM][64Bits] -- {78E2C850-ADA6-420D-BA35-2F4A9BE733CC} =>.HP O42 - Logiciel: HP Support Solutions Framework - (.HP.) [HKLM][64Bits] -- {EB72DB50-C935-4C26-8349-69828F198902} =>.HP O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {7059BDA7-E1DB-442C-B7A1-6144596720A4} =>.Hewlett-Packard O42 - Logiciel: HPPhotoGadget - (.Hewlett-Packard.) [HKLM][64Bits] -- {CAE4213F-F797-439D-BD9E-79B71D115BE3} =>.Hewlett-Packard O42 - Logiciel: HPPhotoSmartDiscLabelContent1 - (.Hewlett-Packard.) [HKLM][64Bits] -- {681B698F-C997-42C3-B184-B489C6CA24C9} =>.Hewlett-Packard O42 - Logiciel: HPPhotosmartEssential - (.Hewlett-Packard.) [HKLM][64Bits] -- {D79113E7-274C-470B-BD46-01B10219DF6A} =>.Hewlett-Packard O42 - Logiciel: HPProductAssistant - (.Hewlett-Packard.) [HKLM][64Bits] -- {C43326F5-F135-4551-8270-7F7ABA0462E1} =>.Hewlett-Packard O42 - Logiciel: HPSSupply - (.Hewlett-Packard.) [HKLM][64Bits] -- {6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91} =>.Hewlett-Packard O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation - Software and Firmware Products® O42 - Logiciel: Intel(R) Network Connections 18.7.28.0 - (.Intel.) [HKLM][64Bits] -- {594AEAFB-0822-4EA9-A5B8-309485A515EE} =>.Intel O42 - Logiciel: Intel(R) Network Connections 18.7.28.0 - (.Intel.) [HKLM][64Bits] -- PROSetDX =>.Intel O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} =>.Intel Corporation O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {93F692D4-0C4D-4EED-9BFE-657C1D5959FE} =>.Intel Corporation O42 - Logiciel: Intel(R) USB 3.0 eXtensible Host Controller Driver - (.Intel Corporation.) [HKLM][64Bits] -- {240C3DDD-C5E9-4029-9DF7-95650D040CF2} =>.Intel Corporation - Software and Firmware Products® O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {B5E06417-A4AC-4225-B36E-7E34C91616E7} =>.Intel Corporation O42 - Logiciel: IrfanView 64 (remove only) - (.Irfan Skiljan.) [HKLM][64Bits] -- IrfanView64 =>.Irfan Skiljan O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E} =>.Apple Inc. O42 - Logiciel: Java 8 Update 91 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218091F0} =>.Oracle Corporation O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM][64Bits] -- {D40EB009-0499-459c-A8AF-C9C110766215} =>.Logitech® O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM][64Bits] -- {FF167195-9EE4-46C0-8CD7-FBA3457E88AB} =>.Logitech O42 - Logiciel: LWS Gallery - (.Logitech.) [HKLM][64Bits] -- {6F76EC3C-34B1-436E-97FB-48C58D7BEDCD} =>.Logitech O42 - Logiciel: LWS Help_main - (.Logitech.) [HKLM][64Bits] -- {1651216E-E7AD-4250-92A1-FB8ED61391C9} =>.Logitech O42 - Logiciel: LWS Launcher - (.Logitech.) [HKLM][64Bits] -- {83C8FA3C-F4EA-46C4-8392-D3CE353738D6} =>.Logitech O42 - Logiciel: LWS Motion Detection - (.Logitech.) [HKLM][64Bits] -- {71E66D3F-A009-44AB-8784-75E2819BA4BA} =>.Logitech O42 - Logiciel: LWS Pictures And Video - (.Logitech.) [HKLM][64Bits] -- {08610298-29AE-445B-B37D-EFBE05802967} =>.Logitech O42 - Logiciel: LWS Twitter - (.Logitech.) [HKLM][64Bits] -- {174A3B31-4C43-43DD-866F-73C9DB887B48} =>.Logitech O42 - Logiciel: LWS Webcam Software - (.Logitech.) [HKLM][64Bits] -- {8937D274-C281-42E4-8CDB-A0B2DF979189} =>.Logitech O42 - Logiciel: LWS WLM Plugin - (.Logitech.) [HKLM][64Bits] -- {9DAEA76B-E50F-4272-A595-0124E826553D} =>.Logitech O42 - Logiciel: LWS YouTube Plugin - (.Logitech.) [HKLM][64Bits] -- {21DF0294-6B9D-4741-AB6F-B2ABFBD2387E} =>.Logitech O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes Corporation O42 - Logiciel: MarketResearch - (.Hewlett-Packard.) [HKLM][64Bits] -- {175F0111-2968-4935-8F70-33108C6A4DE3} =>.Hewlett-Packard O42 - Logiciel: Medieval II: Total War - (.The Creative Assembly.) [HKLM][64Bits] -- Steam App 4700 =>.Valve® O42 - Logiciel: MiKTeX 2.9 - (.MiKTeX.org.) [HKCU][64Bits] -- MiKTeX 2.9 =>.MiKTeX.org O42 - Logiciel: Minitab 17 - (.Minitab, Inc..) [HKLM][64Bits] -- Minitab17 {4DBB59EABCE58E6B16F54D9785CBC9} O42 - Logiciel: Minitab Software Update Manager - (.Minitab, Inc..) [HKLM][64Bits] -- MinitabSoftwareManager {4DBB59EABCE58E6B16F54D9785CBC9} O42 - Logiciel: Minitab17 - (.Minitab Inc.) [HKLM][64Bits] -- {0046A2A8-8227-4E95-B6B9-98005A7E6C6D} O42 - Logiciel: Minitab17 - (.Minitab Inc.) [HKLM][64Bits] -- {6E45FA46-572A-4AE7-98AA-41D8D999ADC2} O42 - Logiciel: Minitab17 - (.Minitab Inc.) [HKLM][64Bits] -- {E146C7D7-DFF6-4D89-8947-9911E9C3A0FD} O42 - Logiciel: Minitab17 - (.Minitab, Inc..) [HKLM][64Bits] -- {9C7E58CC-BAF4-46A3-A967-5EE058BE204B} O42 - Logiciel: Mozilla Firefox 52.0.1 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 52.0.1 (x86 en-US) =>.Mozilla Corporation® O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla O42 - Logiciel: Network64 - (.Hewlett-Packard.) [HKLM][64Bits] -- {05EFBF37-0E52-4579-875C-7EEF0DFB4FCB} =>.Hewlett-Packard O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {DD1865F0-AD73-40FB-B23E-1822E02396FF} =>.NVIDIA Corporation O42 - Logiciel: OCR Software by I.R.I.S. 13.0 - (.HP.) [HKLM][64Bits] -- HPOCR =>.Hewlett Packard® O42 - Logiciel: OpenOffice 4.1.2 - (.Apache Software Foundation.) [HKLM][64Bits] -- {DCB1B348-C94E-4D6D-8CE0-7D9DA5CF663E} =>.Apache Software Foundation O42 - Logiciel: Oracle VM VirtualBox 5.0.12 - (.Oracle Corporation.) [HKLM][64Bits] -- {6F93731D-89E1-4A8F-BDA9-D104860DDB02} =>.Oracle Corporation O42 - Logiciel: Ori and the Blind Forest - (.Moon Studios GmbH.) [HKLM][64Bits] -- Steam App 261570 =>.Valve® O42 - Logiciel: Overlord - (.Triumph Studios.) [HKLM][64Bits] -- Steam App 11450 =>.Valve® O42 - Logiciel: Overlord II - (.Triumph Studios.) [HKLM][64Bits] -- Steam App 12810 =>.Valve® O42 - Logiciel: Overlord: Raising Hell - (.Triumph Studios.) [HKLM][64Bits] -- Steam App 12710 =>.Valve® O42 - Logiciel: Overwolf - (.Overwolf Ltd..) [HKLM][64Bits] -- Overwolf {4FD6C5FE16AB00F702179D23B4372EBC} =>.Overwolf Ltd. O42 - Logiciel: PDF Blender - (...) [HKLM][64Bits] -- PDF Blender O42 - Logiciel: PhotoScape - (...) [HKLM][64Bits] -- PhotoScape O42 - Logiciel: Raptr - (.Raptr, Inc.) [HKLM][64Bits] -- Raptr =>.Raptr, Inc O42 - Logiciel: Razer Synapse - (.Razer Inc..) [HKLM][64Bits] -- {0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6} =>.Razer Inc. O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp. O42 - Logiciel: RStudio - (.RStudio.) [HKLM][64Bits] -- RStudio =>.RStudio O42 - Logiciel: Scan - (.Hewlett-Packard.) [HKLM][64Bits] -- {0F367CA3-3B2F-43F9-A44A-25A8EE69E45D} =>.Hewlett-Packard O42 - Logiciel: Shelter 2 - (.Might and Delight.) [HKLM][64Bits] -- Steam App 275100 =>.Valve® O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM][64Bits] -- Shop for HP Supplies =>.Hewlett Packard® O42 - Logiciel: Sid Meier's Civilization V - (.2K Games, Inc..) [HKLM][64Bits] -- Steam App 8930 =>.Valve® O42 - Logiciel: Sid Meier's Civilization V - (.Firaxis Games.) [HKLM][64Bits] -- Steam App 8930 =>.Valve® O42 - Logiciel: Sid Meier's Civilization VI - (.Firaxis.) [HKLM][64Bits] -- Steam App 289070 =>.Valve® O42 - Logiciel: Sid Meier's Civilization: Beyond Earth - (.Firaxis Games.) [HKLM][64Bits] -- Steam App 65980 =>.Valve® O42 - Logiciel: Skype™ 7.32 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {FC965A47-4839-40CA-B618-18F486F042C6} =>.Skype Technologies S.A. O42 - Logiciel: SmartWebPrinting - (.Hewlett-Packard.) [HKLM][64Bits] -- {DC635845-46D3-404B-BCB1-FC4A91091AFA} =>.Hewlett-Packard O42 - Logiciel: SoftwareManager - (.Minitab, Inc..) [HKLM][64Bits] -- {58409EBC-C187-4D51-B5FA-799865A4F326} O42 - Logiciel: SolutionCenter - (.Hewlett-Packard.) [HKLM][64Bits] -- {4A70EF07-7F88-4434-BB61-D1DE8AE93DD4} =>.Hewlett-Packard O42 - Logiciel: Sonic Radar - (.ASUSTeKcomputer.Inc.) [HKLM][64Bits] -- {0E2BE1E8-F087-45D6-8D29-5CB305643B78} =>.ASUSTeKcomputer.Inc O42 - Logiciel: Spotify - (.Spotify AB.) [HKCU][64Bits] -- Spotify =>.Spotify AB® O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1 =>.Safer Networking Ltd.® O42 - Logiciel: Status - (.Hewlett-Packard.) [HKLM][64Bits] -- {0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC} =>.Hewlett-Packard O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam =>.Valve® O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client =>.TeamSpeak Systems GmbH O42 - Logiciel: Texmaker - (...) [HKLM][64Bits] -- Texmaker O42 - Logiciel: The Elder Scrolls Online - (.Zenimax Online Studios.) [HKLM][64Bits] -- The Elder Scrolls Online =>.Zenimax Online Studios O42 - Logiciel: The Elder Scrolls V: Skyrim - (.Bethesda Game Studios.) [HKLM][64Bits] -- Steam App 72850 =>.Valve® O42 - Logiciel: The Witcher 2: Assassins of Kings Enhanced Edition - (.CD PROJEKT RED.) [HKLM][64Bits] -- Steam App 20920 =>.Valve® O42 - Logiciel: Toolbox - (.Hewlett-Packard.) [HKLM][64Bits] -- {6BBA26E9-AB03-4FE7-831A-3535584CA002} =>.Hewlett-Packard O42 - Logiciel: TrayApp - (.Hewlett-Packard.) [HKLM][64Bits] -- {1EC71BFB-01A3-4239-B6AF-B1AE656B15C0} =>.Hewlett-Packard O42 - Logiciel: Tyto Ecology - (.Immersed Games.) [HKLM][64Bits] -- Steam App 453750 =>.Valve® O42 - Logiciel: UnloadSupport - (.Hewlett-Packard.) [HKLM][64Bits] -- {4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35} =>.Hewlett-Packard O42 - Logiciel: Uplay - (.Ubisoft.) [HKLM][64Bits] -- Uplay {6341C8C11C28F83F5D595E83D5129569} =>.Ubisoft O42 - Logiciel: VC_CRT_x64 - (.Intel Corporation.) [HKLM][64Bits] -- {54F2237F-018C-483B-8884-9FC0D88840C3} =>.Intel Corporation O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: Vulkan Run Time Libraries 1.0.11.0 - (.LunarG, Inc..) [HKLM][64Bits] -- VulkanRT1.0.11.0 {03B471CD4D7FFEC29A3B20B2CB0F5F54} O42 - Logiciel: Vulkan Run Time Libraries 1.0.17.0 - (.LunarG, Inc..) [HKLM][64Bits] -- VulkanRT1.0.17.0 {03B471CD4D7FFEC29A3B20B2CB0F5F54} O42 - Logiciel: Vulkan Run Time Libraries 1.0.26.0 - (.LunarG, Inc..) [HKLM][64Bits] -- VulkanRT1.0.26.0 {03B471CD4D7FFEC29A3B20B2CB0F5F54} O42 - Logiciel: Vulkan Run Time Libraries 1.0.3.1 - (.LunarG, Inc..) [HKLM][64Bits] -- VulkanRT1.0.3.1 O42 - Logiciel: Vulkan Run Time Libraries 1.0.3.1 - (.LunarG, Inc..) [HKLM][64Bits] -- VulkanRT1.0.3.1-3 O42 - Logiciel: WebReg - (.Hewlett-Packard.) [HKLM][64Bits] -- {43CDF946-F5D9-4292-B006-BA0D92013021} =>.Hewlett-Packard O42 - Logiciel: WildStar - (.Carbine Studios.) [HKLM][64Bits] -- Steam App 376570 =>.Valve® O42 - Logiciel: WildStar - (.NCSOFT.) [HKLM][64Bits] -- WildStar {20881C1F663AE8C94B4CE39C372486A4} =>.NCSOFT O42 - Logiciel: Worms Ultimate Mayhem - (.Team17 Digital Ltd.) [HKLM][64Bits] -- Steam App 70600 =>.Valve® O42 - Logiciel: YoloMouse - (.HaPpY.) [HKLM][64Bits] -- {0BD95EA1-50C1-4841-869E-25B3AC863A26} ---\\ HKCU & HKLM Software Keys (132) - 12s HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies HKLM\SOFTWARE\Wow6432Node\AMD HKLM\SOFTWARE\Wow6432Node\Apple Inc. HKLM\SOFTWARE\Wow6432Node\ArenaNet HKLM\SOFTWARE\Wow6432Node\ASUS HKLM\SOFTWARE\Wow6432Node\ATI HKLM\SOFTWARE\Wow6432Node\ATI Technologies HKLM\SOFTWARE\Wow6432Node\Avira HKLM\SOFTWARE\Wow6432Node\Belkin International, Inc. HKLM\SOFTWARE\Wow6432Node\bethesda softworks HKLM\SOFTWARE\Wow6432Node\Caphyon HKLM\SOFTWARE\Wow6432Node\cd projekt red HKLM\SOFTWARE\Wow6432Node\Cisco HKLM\SOFTWARE\Wow6432Node\codemasters HKLM\SOFTWARE\Wow6432Node\Dropbox HKLM\SOFTWARE\Wow6432Node\DropboxUpdate HKLM\SOFTWARE\Wow6432Node\Eset HKLM\SOFTWARE\Wow6432Node\GIGABYTE HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\Hama HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard HKLM\SOFTWARE\Wow6432Node\HP HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\InstallShield HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\Licenses HKLM\SOFTWARE\Wow6432Node\logishrd HKLM\SOFTWARE\Wow6432Node\Logitech HKLM\SOFTWARE\Wow6432Node\LogMeInRescueCallingCard HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware HKLM\SOFTWARE\Wow6432Node\Minitab HKLM\SOFTWARE\Wow6432Node\Mooii HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\Nalpeiron HKLM\SOFTWARE\Wow6432Node\Nuance HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\OpenOffice HKLM\SOFTWARE\Wow6432Node\Overwolf HKLM\SOFTWARE\Wow6432Node\PDF Blender HKLM\SOFTWARE\Wow6432Node\Raptr HKLM\SOFTWARE\Wow6432Node\Razer HKLM\SOFTWARE\Wow6432Node\Realtek HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. HKLM\SOFTWARE\Wow6432Node\RStudio HKLM\SOFTWARE\Wow6432Node\Safer Networking Limited HKLM\SOFTWARE\Wow6432Node\SEGA HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\Ubisoft HKLM\SOFTWARE\Wow6432Node\Valve HKLM\SOFTWARE\Wow6432Node\VideoLAN HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\X-AVCSD HKLM\SOFTWARE\Wow6432Node\Zenimax_Online HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AMD HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\ASUS HKCU\SOFTWARE\ATI HKCU\SOFTWARE\Avira HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\CD Projekt RED HKCU\SOFTWARE\cdblc.exe HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\Cisco HKCU\SOFTWARE\Colossal Order HKCU\SOFTWARE\Dropbox HKCU\SOFTWARE\DropboxUpdate HKCU\SOFTWARE\Epic Games HKCU\SOFTWARE\ESET HKCU\SOFTWARE\Firaxis HKCU\SOFTWARE\FLEXnet HKCU\SOFTWARE\Google HKCU\SOFTWARE\Hewlett-Packard HKCU\SOFTWARE\HP HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\Intel HKCU\SOFTWARE\Leadertech HKCU\SOFTWARE\LEd HKCU\SOFTWARE\Licenses HKCU\SOFTWARE\Local AppWizard-Generated Applications HKCU\SOFTWARE\LogiShrd HKCU\SOFTWARE\Logitech HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\Malwarebytes HKCU\SOFTWARE\Might and Delight HKCU\SOFTWARE\MiKTeX.org HKCU\SOFTWARE\Minitab HKCU\SOFTWARE\Mooii HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\OCS HKCU\SOFTWARE\OpenOffice HKCU\SOFTWARE\Oracle HKCU\SOFTWARE\Overwolf HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\ProtectedStorage HKCU\SOFTWARE\QtProject HKCU\SOFTWARE\Raptr HKCU\SOFTWARE\Razer HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\Related Designs HKCU\SOFTWARE\Safer Networking Limited HKCU\SOFTWARE\SEGA HKCU\SOFTWARE\Skype HKCU\SOFTWARE\skypeapp-077eb48dd9b7 HKCU\SOFTWARE\Spotify HKCU\SOFTWARE\SUPERAntiSpyware.com HKCU\SOFTWARE\The Creative Assembly HKCU\SOFTWARE\TheCreativeAssembly HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\TUG HKCU\SOFTWARE\Ubisoft HKCU\SOFTWARE\Unity HKCU\SOFTWARE\Valve HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\xm1 HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\ZHP HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\Yahoo ---\\ Contents of the Common Files folders (270) - 27s O43 - CFD: 07/01/2016 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems, Incorporated® O43 - CFD: 29/12/2016 - [] D -- C:\Program Files (x86)\AGEIA Technologies O43 - CFD: 03/06/2016 - [] D -- C:\Program Files (x86)\AMD O43 - CFD: 17/01/2016 - [] D -- C:\Program Files (x86)\Apple Software Update =>.Apple Inc.® O43 - CFD: 05/01/2016 - [] D -- C:\Program Files (x86)\ASUS =>.ASUSTeK Computer Inc.® O43 - CFD: 03/03/2017 - [] D -- C:\Program Files (x86)\Avira {39CF937CF8909F05793300DE20B4E45F} O43 - CFD: 27/10/2016 - [] D -- C:\Program Files (x86)\Belkin O43 - CFD: 17/01/2016 - [] D -- C:\Program Files (x86)\Bonjour =>.Apple Inc.® O43 - CFD: 26/11/2016 - [] D -- C:\Program Files (x86)\Chip Digital GmbH O43 - CFD: 26/11/2016 - [] D -- C:\Program Files (x86)\Cisco {3B5F35C73F400C6113BEEF9D414AF6E5} O43 - CFD: 16/02/2017 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 12/03/2017 - [] D -- C:\Program Files (x86)\Dropbox =>.Dropbox, Inc® O43 - CFD: 17/03/2017 - [] D -- C:\Program Files (x86)\ESET =>.ESET, spol. s r.o.® O43 - CFD: 05/01/2016 - [] D -- C:\Program Files (x86)\GIGABYTE O43 - CFD: 07/06/2016 - [] D -- C:\Program Files (x86)\Google =>.Google Inc® O43 - CFD: 05/01/2016 - [0] D -- C:\Program Files (x86)\GUM32B3.tmp O43 - CFD: 26/10/2016 - [] D -- C:\Program Files (x86)\Hama =>.Ralink Technology Corporation® O43 - CFD: 28/04/2016 - [] D -- C:\Program Files (x86)\Hewlett-Packard {0098B182EAF5DF8BDE0F8872EDE210C75E} O43 - CFD: 28/04/2016 - [] D -- C:\Program Files (x86)\HP =>.Hewlett Packard® O43 - CFD: 27/10/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.Macrovision Corporation® O43 - CFD: 05/01/2016 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation - Software and Firmware Products® O43 - CFD: 28/04/2016 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 17/01/2016 - [] D -- C:\Program Files (x86)\iTunes O43 - CFD: 22/04/2016 - [] D -- C:\Program Files (x86)\Java =>.Oracle America, Inc.® O43 - CFD: 23/04/2016 - [] D -- C:\Program Files (x86)\LEd O43 - CFD: 18/04/2016 - [] D -- C:\Program Files (x86)\Logitech =>.Logitech, Inc.® O43 - CFD: 17/03/2017 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware =>.Malwarebytes Corporation® O43 - CFD: 05/01/2016 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 22/01/2016 - [] D -- C:\Program Files (x86)\Minitab {4DBB59EABCE58E6B16F54D9785CBC9} O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla Corporation® O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla Corporation® O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 01/08/2016 - [] D -- C:\Program Files (x86)\NCSOFT {20881C1F663AE8C94B4CE39C372486A4} O43 - CFD: 07/01/2016 - [] D -- C:\Program Files (x86)\OpenOffice 4 O43 - CFD: 14/03/2017 - [] D -- C:\Program Files (x86)\Overwolf {4FD6C5FE16AB00F702179D23B4372EBC} O43 - CFD: 28/04/2016 - [] D -- C:\Program Files (x86)\PDF Blender O43 - CFD: 08/11/2016 - [] D -- C:\Program Files (x86)\PhotoScape =>.Mooii Tech® O43 - CFD: 18/04/2016 - [] D -- C:\Program Files (x86)\Raptr Inc =>.Raptr, Inc® O43 - CFD: 07/01/2016 - [] D -- C:\Program Files (x86)\Razer {1834B81889070312B5C4CA72EA419A5E} O43 - CFD: 05/01/2016 - [] D -- C:\Program Files (x86)\Realtek =>.Realtek Semiconductor Corp® O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 16/02/2017 - [] RD -- C:\Program Files (x86)\Skype {330000008AF4BE0B29747A0FA000000000008A} O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Spybot - Search & Destroy 2 =>.Safer Networking Ltd.® O43 - CFD: 05/01/2016 - [0] HD -- C:\Program Files (x86)\Temp O43 - CFD: 26/11/2016 - [] D -- C:\Program Files (x86)\Texmaker O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Trojan Remover O43 - CFD: 11/07/2016 - [] D -- C:\Program Files (x86)\Ubisoft {6341C8C11C28F83F5D595E83D5129569} O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 08/01/2016 - [] D -- C:\Program Files (x86)\VideoLAN O43 - CFD: 05/11/2016 - [] D -- C:\Program Files (x86)\VulkanRT O43 - CFD: 08/01/2016 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 28/04/2016 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 28/04/2016 - [] D -- C:\Program Files (x86)\Yahoo! O43 - CFD: 05/08/2016 - [] HD -- C:\Program Files (x86)\Zero G Registry O43 - CFD: 05/01/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 18/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved O43 - CFD: 07/01/2017 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings O43 - CFD: 16/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira O43 - CFD: 26/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco O43 - CFD: 12/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox O43 - CFD: 14/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE O43 - CFD: 29/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 30/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2 O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hama Wireless LAN O43 - CFD: 28/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP O43 - CFD: 28/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support O43 - CFD: 05/01/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel O43 - CFD: 17/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes O43 - CFD: 22/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 23/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEd O43 - CFD: 18/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 17/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 06/06/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minitab O43 - CFD: 01/08/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT O43 - CFD: 29/12/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation O43 - CFD: 07/01/2016 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2 O43 - CFD: 08/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox O43 - CFD: 28/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Blender O43 - CFD: 08/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape O43 - CFD: 04/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R O43 - CFD: 03/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr O43 - CFD: 07/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer O43 - CFD: 04/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Radar O43 - CFD: 17/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 O43 - CFD: 12/09/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stainless Steel O43 - CFD: 19/01/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 30/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam O43 - CFD: 12/04/2011 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client O43 - CFD: 26/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker O43 - CFD: 08/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 30/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1 O43 - CFD: 07/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YoloMouse O43 - CFD: 07/06/2016 - [] D -- C:\ProgramData\.mono O43 - CFD: 07/01/2016 - [] D -- C:\ProgramData\Adobe O43 - CFD: 17/01/2016 - [] D -- C:\ProgramData\Apple O43 - CFD: 17/01/2016 - [] D -- C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 06/01/2016 - [] D -- C:\ProgramData\ATI O43 - CFD: 03/03/2017 - [] D -- C:\ProgramData\Avira O43 - CFD: 12/05/2016 - [] SHD -- C:\ProgramData\cdblc O43 - CFD: 26/11/2016 - [] D -- C:\ProgramData\Cisco O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Dropbox O43 - CFD: 20/10/2016 - [] D -- C:\ProgramData\Elder Scrolls Online O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\FLEXnet O43 - CFD: 18/03/2017 - [] SHD -- C:\ProgramData\Google O43 - CFD: 29/04/2016 - [] D -- C:\ProgramData\Hewlett-Packard O43 - CFD: 28/04/2016 - [] D -- C:\ProgramData\HP O43 - CFD: 28/04/2016 - [] D -- C:\ProgramData\HP Product Assistant O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Intel O43 - CFD: 17/03/2017 - [] D -- C:\ProgramData\Licenses O43 - CFD: 18/04/2016 - [] D -- C:\ProgramData\LogiShrd O43 - CFD: 18/03/2017 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 17/03/2017 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\Minitab O43 - CFD: 13/07/2016 - [] SHD -- C:\ProgramData\Mozilla O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Norton O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\NortonInstaller O43 - CFD: 22/04/2016 - [] D -- C:\ProgramData\Oracle O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Overwolf O43 - CFD: 16/03/2017 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Ralink O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\RalinkRT2870 Driver O43 - CFD: 23/12/2016 - [] D -- C:\ProgramData\Razer O43 - CFD: 16/02/2017 - [] D -- C:\ProgramData\Skype O43 - CFD: 14/07/2016 - [] D -- C:\ProgramData\Solidshield O43 - CFD: 18/03/2017 - [] D -- C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 17/03/2017 - [] D -- C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 27/04/2016 - [] D -- C:\ProgramData\WEBREG O43 - CFD: 06/01/2016 - [] D -- C:\ProgramData\Western Digital O43 - CFD: 29/06/2016 - [0] SHD -- C:\ProgramData\Windows 7 O43 - CFD: 07/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 17/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Apple O43 - CFD: 05/01/2016 - [] D -- C:\Program Files (x86)\Common Files\ATI Technologies O43 - CFD: 27/04/2016 - [] D -- C:\Program Files (x86)\Common Files\Hewlett-Packard O43 - CFD: 28/04/2016 - [] D -- C:\Program Files (x86)\Common Files\HP O43 - CFD: 05/01/2016 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 05/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation O43 - CFD: 22/04/2016 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 18/04/2016 - [] D -- C:\Program Files (x86)\Common Files\LogiShrd O43 - CFD: 05/01/2016 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 22/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Minitab Shared O43 - CFD: 14/03/2017 - [] D -- C:\Program Files (x86)\Common Files\Overwolf O43 - CFD: 05/01/2016 - [] D -- C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 16/02/2017 - [] D -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 15/03/2017 - [] D -- C:\Program Files (x86)\Common Files\Steam O43 - CFD: 08/01/2016 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 29/12/2016 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard O43 - CFD: 07/06/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\.mono O43 - CFD: 11/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Adobe O43 - CFD: 17/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Apple Computer O43 - CFD: 05/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\ATI O43 - CFD: 17/03/2017 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Avira O43 - CFD: 12/01/2017 - [] D -- C:\Users\Sleipnir\AppData\Roaming\discord O43 - CFD: 14/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Dropbox O43 - CFD: 10/11/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\FiraxisLive O43 - CFD: 22/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\FLEXnet O43 - CFD: 29/06/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Guild Wars 2 O43 - CFD: 28/04/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Hewlett-Packard O43 - CFD: 27/04/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\HP O43 - CFD: 28/04/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\hpqLog O43 - CFD: 05/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Identities O43 - CFD: 05/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\InstallShield O43 - CFD: 05/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Intel Corporation O43 - CFD: 29/02/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\IrfanView O43 - CFD: 18/04/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Leadertech O43 - CFD: 05/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\library_dir O43 - CFD: 05/08/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Macromedia O43 - CFD: 12/04/2011 - [0] D -- C:\Users\Sleipnir\AppData\Roaming\Media Center Programs O43 - CFD: 15/11/2016 - [] SD -- C:\Users\Sleipnir\AppData\Roaming\Microsoft O43 - CFD: 23/04/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\MiKTeX O43 - CFD: 05/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Mozilla O43 - CFD: 01/08/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\NCSOFT O43 - CFD: 07/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\OpenOffice O43 - CFD: 08/02/2017 - [] D -- C:\Users\Sleipnir\AppData\Roaming\PhotoScape O43 - CFD: 03/06/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\PlaysTV O43 - CFD: 01/08/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Raptr O43 - CFD: 14/01/2017 - [] D -- C:\Users\Sleipnir\AppData\Roaming\RStudio O43 - CFD: 06/03/2017 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Skype O43 - CFD: 13/02/2017 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Spotify O43 - CFD: 22/04/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Sun O43 - CFD: 02/09/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\The Creative Assembly O43 - CFD: 18/03/2017 - [] D -- C:\Users\Sleipnir\AppData\Roaming\TS3Client O43 - CFD: 14/07/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Ubisoft O43 - CFD: 24/02/2017 - [] D -- C:\Users\Sleipnir\AppData\Roaming\uTorrent O43 - CFD: 11/02/2017 - [] D -- C:\Users\Sleipnir\AppData\Roaming\vlc O43 - CFD: 26/11/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\xm1 O43 - CFD: 29/06/2016 - [0] D -- C:\Users\Sleipnir\AppData\Roaming\Yahoo! O43 - CFD: 19/03/2017 - [] D -- C:\Users\Sleipnir\AppData\Roaming\ZHP O43 - CFD: 08/11/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Adobe O43 - CFD: 05/11/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\AMD O43 - CFD: 17/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Apple O43 - CFD: 17/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Apple Computer O43 - CFD: 05/01/2016 - [0] SHD -- C:\Users\Sleipnir\AppData\Local\Application Data O43 - CFD: 05/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\ATI O43 - CFD: 05/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\CEF O43 - CFD: 12/12/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Chromium O43 - CFD: 26/11/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Cisco O43 - CFD: 07/06/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Colossal Order O43 - CFD: 24/02/2017 - [0] D -- C:\Users\Sleipnir\AppData\Local\CrashDumps O43 - CFD: 10/01/2017 - [0] D -- C:\Users\Sleipnir\AppData\Local\Diagnostics O43 - CFD: 11/01/2017 - [] D -- C:\Users\Sleipnir\AppData\Local\Discord O43 - CFD: 26/11/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Downloaded Installations O43 - CFD: 12/03/2017 - [] D -- C:\Users\Sleipnir\AppData\Local\Dropbox O43 - CFD: 02/02/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\fontconfig O43 - CFD: 02/02/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\gegl-0.2 O43 - CFD: 06/06/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Google O43 - CFD: 05/12/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\gtk-2.0 O43 - CFD: 12/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\GWX O43 - CFD: 29/04/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Hewlett-Packard O43 - CFD: 05/01/2016 - [0] SHD -- C:\Users\Sleipnir\AppData\Local\History O43 - CFD: 27/04/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\HP O43 - CFD: 23/04/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\LEd O43 - CFD: 18/04/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Logitech® Webcam Software O43 - CFD: 03/09/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Macromedia O43 - CFD: 08/07/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Microsoft O43 - CFD: 23/04/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\MiKTeX O43 - CFD: 05/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Mozilla O43 - CFD: 28/06/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\My Games O43 - CFD: 05/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\NAHIMICAPO1.0.0 O43 - CFD: 01/08/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\NCSOFT O43 - CFD: 27/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Ori and the Blind Forest O43 - CFD: 05/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Overwolf O43 - CFD: 23/04/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Programs O43 - CFD: 07/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Razer O43 - CFD: 14/01/2017 - [] D -- C:\Users\Sleipnir\AppData\Local\RStudio-Desktop O43 - CFD: 23/12/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\RzStats O43 - CFD: 07/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Skyrim O43 - CFD: 13/02/2017 - [] D -- C:\Users\Sleipnir\AppData\Local\Spotify O43 - CFD: 07/01/2017 - [] D -- C:\Users\Sleipnir\AppData\Local\SquirrelTemp O43 - CFD: 12/12/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Steam O43 - CFD: 11/01/2017 - [] D -- C:\Users\Sleipnir\AppData\Local\TeamSpeak 3 O43 - CFD: 19/03/2017 - [] D -- C:\Users\Sleipnir\AppData\Local\Temp O43 - CFD: 05/01/2016 - [0] SHD -- C:\Users\Sleipnir\AppData\Local\Temporary Internet Files O43 - CFD: 25/03/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\The Witcher 2 O43 - CFD: 01/07/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\TytoEcology O43 - CFD: 11/07/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\Ubisoft Game Launcher O43 - CFD: 01/07/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\UnrealEngine O43 - CFD: 27/04/2016 - [] D -- C:\Users\Sleipnir\AppData\Local\VirtualStore O43 - CFD: 07/03/2017 - [] D -- C:\Users\Sleipnir\AppData\Local\YoloMouse O43 - CFD: 14/07/2009 - [] RD -- C:\Users\Sleipnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 28/04/2016 - [] RD -- C:\Users\Sleipnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 11/01/2017 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc O43 - CFD: 29/02/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView O43 - CFD: 14/07/2009 - [] RD -- C:\Users\Sleipnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 23/04/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9 O43 - CFD: 05/01/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf O43 - CFD: 28/04/2016 - [0] D -- C:\Users\Sleipnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Blender O43 - CFD: 08/05/2016 - [] RD -- C:\Users\Sleipnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 01/08/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam O43 - CFD: 26/11/2016 - [0] D -- C:\Users\Sleipnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker O43 - CFD: 05/08/2016 - [0] D -- C:\Users\Sleipnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online O43 - CFD: 11/07/2016 - [] D -- C:\Users\Sleipnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft ---\\ ShellIconOverlayIdentifiers (SIOI) (12) - 0s O106 - SIOI: DropboxExt1 Class [ DropboxExt01] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. O106 - SIOI: DropboxExt7 Class [ DropboxExt02] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. O106 - SIOI: DropboxExt9 Class [ DropboxExt03] - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. O106 - SIOI: DropboxExt3 Class [ DropboxExt04] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. O106 - SIOI: DropboxExt2 Class [ DropboxExt05] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. O106 - SIOI: DropboxExt4 Class [ DropboxExt06] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. O106 - SIOI: DropboxExt5 Class [ DropboxExt07] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. O106 - SIOI: DropboxExt8 Class [ DropboxExt08] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. O106 - SIOI: DropboxExt10 Class [ DropboxExt09] - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. O106 - SIOI: DropboxExt6 Class [ DropboxExt10] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll {08C59BC23C534BF2B514F7E7C28603A6} =>.Dropbox, Inc. O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation ---\\ ShareTools MSconfig StartupReg (13) - 1s O53 - SMSR:HKLM\...\startupreg\CCleaner Monitoring [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd O53 - SMSR:HKLM\...\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows [Key] . (.Cisco Systems, Inc. - Cisco AnyConnect User Interface.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe =>.Cisco Systems, Inc. O53 - SMSR:HKLM\...\startupreg\Discord [Key] . (.Hammer & Chisel, Inc. - Discord.) -- C:\Users\Sleipnir\AppData\Local\Discord\app-0.0.297\Discord.exe =>.Hammer & Chisel, Inc. O53 - SMSR:HKLM\...\startupreg\HP Software Update [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard O53 - SMSR:HKLM\...\startupreg\hpqSRMon [Key] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe =>.Hewlett-Packard O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe =>.Apple Inc. O53 - SMSR:HKLM\...\startupreg\LWS [Key] . (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe =>.Logitech Inc. O53 - SMSR:HKLM\...\startupreg\Raptr [Key] . (...) -- C:\PROGRA~2\Raptr\raptrstub.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O53 - SMSR:HKLM\...\startupreg\Spotify [Key] . (.Spotify Ltd - Spotify.) -- C:\Users\Sleipnir\AppData\Roaming\Spotify\Spotify.exe =>.Spotify Ltd O53 - SMSR:HKLM\...\startupreg\Spotify Web Helper [Key] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Sleipnir\AppData\Roaming\Spotify\SpotifyWebHelper.exe =>.Spotify Ltd O53 - SMSR:HKLM\...\startupreg\Steam [Key] . (.Valve Corporation - Steam Client Bootstrapper.) -- F:\Steam\Steam.exe =>.Valve Corporation O53 - SMSR:HKLM\...\startupreg\swg [Key] . (...) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (.not file.) ---\\ System Drivers List (79) - 36s O58 - SDL:2016/10/06 18:00:43 RA . (.Cisco Systems, Inc. - Cisco AnyConnect Kernel Driver Framework So.) -- C:\Windows\System32\drivers\acsock64.sys [238344] {64813F6B7BDE8BA2ED1B9263A6DAB71A} =>.Cisco Systems, Inc. O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows® O58 - SDL:2016/09/16 20:40:04 A . (.Advanced Micro Devices - AMD ACP Binaries.) -- C:\Windows\System32\drivers\amdacpksd.sys [305544] {72DCD35B1DBBF28F0F9848EC766A1BDF} =>.Advanced Micro Devices O58 - SDL:2011/03/11 07:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows® O58 - SDL:2011/03/11 07:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows® O58 - SDL:2016/03/30 06:00:36 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\AtihdW76.sys [96256] =>.Advanced Micro Devices O58 - SDL:2016/09/16 20:37:36 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [26550784] =>.Advanced Micro Devices, Inc. O58 - SDL:2016/09/16 20:41:30 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [518536] {72DCD35B1DBBF28F0F9848EC766A1BDF} =>.Advanced Micro Devices, Inc. O58 - SDL:2017/02/17 09:44:54 A . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\drivers\avgntflt.sys [176968] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2017/02/17 09:44:55 A . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\drivers\avipbb.sys [148104] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2017/02/17 09:44:56 A . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\drivers\avkmgr.sys [35328] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2017/02/17 09:44:58 A . (.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) -- C:\Windows\System32\drivers\avnetflt.sys [78600] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2017/02/17 09:44:59 A . (.Avira Operations GmbH & Co. KG - Avira USB Filter Driver.) -- C:\Windows\System32\drivers\avusbflt.sys [51248] {76BA9423DDBCE7B145A95F01EE015F17} =>.Avira Operations GmbH & Co. KG O58 - SDL:2009/06/10 21:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd. O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd. O58 - SDL:2009/07/14 02:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 21:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation O58 - SDL:2009/07/14 02:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows® O58 - SDL:2017/02/10 19:42:40 A . (.Dropbox, Inc. - Dropbox Filter Driver.) -- C:\Windows\System32\drivers\dbx-canary.sys [45672] {3300000012B05493EADDCEEB4B000000000012} =>.Dropbox, Inc. O58 - SDL:2017/02/10 19:42:40 A . (.Dropbox, Inc. - Dropbox Filter Driver.) -- C:\Windows\System32\drivers\dbx-dev.sys [45672] {3300000012B05493EADDCEEB4B000000000012} =>.Dropbox, Inc. O58 - SDL:2017/03/06 21:50:52 A . (.Dropbox, Inc. - Dropbox Filter Driver.) -- C:\Windows\System32\drivers\dbx-stable.sys [46184] {3300000012B05493EADDCEEB4B000000000012} =>.Dropbox, Inc. O58 - SDL:2013/08/29 10:49:00 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -- C:\Windows\System32\drivers\e1d62x64.sys [494864] =>.Intel Corporation® O58 - SDL:2009/07/14 02:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows® O58 - SDL:2009/06/10 21:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation O58 - SDL:2009/06/10 21:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc. O58 - SDL:2010/11/21 04:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows® O58 - SDL:2013/04/22 01:06:34 A . (.Intel Corporation - NDIS 6.1 Advanced Networking Services..) -- C:\Windows\System32\drivers\iANSW60e.sys [163400] =>.Intel Corporation® O58 - SDL:2013/08/07 14:23:46 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [644968] =>.Intel Corporation - Intel® Rapid Storage Technology® O58 - SDL:2013/08/07 14:23:46 A . (.Intel Corporation - Intel Rapid Storage Technology Filter drive.) -- C:\Windows\System32\drivers\iaStorF.sys [28008] =>.Intel Corporation - Intel® Rapid Storage Technology® O58 - SDL:2011/03/11 07:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows® O58 - SDL:2013/08/12 12:50:00 A . (.Intel Corporation - Intel(R) Network Adapter Diagnostic Driver.) -- C:\Windows\System32\drivers\iqvw64e.sys [33616] =>.Intel Corporation® O58 - SDL:2013/04/26 03:24:58 A . (.Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Dri.) -- C:\Windows\System32\drivers\iusb3hcs.sys [20464] =>.Intel Corporation - Software and Firmware Products® O58 - SDL:2013/04/26 03:24:56 A . (.Intel Corporation - Intel(R) USB 3.0 Hub Driver.) -- C:\Windows\System32\drivers\iusb3hub.sys [368112] =>.Intel Corporation - Software and Firmware Products® O58 - SDL:2013/04/26 03:24:56 A . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller.) -- C:\Windows\System32\drivers\iusb3xhc.sys [786416] =>.Intel Corporation - Software and Firmware Products® O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows® O58 - SDL:2012/09/21 20:04:22 A . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Dr.) -- C:\Windows\System32\drivers\lvrs64.sys [351520] =>.Logitech, Inc.® O58 - SDL:2017/03/18 23:36:14 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [113880] =>.Malwarebytes Corporation® O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows® O58 - SDL:2013/04/25 19:28:00 A . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28ux.sys [2229552] =>.Mediatek Inc.® O58 - SDL:2009/07/14 02:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows® O58 - SDL:2011/03/11 07:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows® O58 - SDL:2011/03/11 07:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows® O58 - SDL:2014/02/18 12:42:12 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [3867992] =>.Realtek Semiconductor Corp® O58 - SDL:2014/12/16 11:09:21 RA . (.Realtek Semiconductor Corporation - Realtek WLAN USB NDIS Driver 32965.) -- C:\Windows\System32\drivers\rtwlanu.sys [3664600] =>.Realtek Semiconductor Corp® O58 - SDL:2015/08/13 16:19:08 A . (.Razer Inc - Razer RzEndPt.) -- C:\Windows\System32\drivers\rzendpt.sys [50392] =>.Razer Inc.® O58 - SDL:2015/08/13 16:19:08 A . (.Razer Inc - Razer RzMPos.) -- C:\Windows\System32\drivers\rzmpos.sys [48840] =>.Razer Inc.® O58 - SDL:2016/09/17 02:12:20 A . (.Razer, Inc. - Razer Overlay Support.) -- C:\Windows\System32\drivers\rzpmgrk.sys [44144] =>.Razer Inc.® O58 - SDL:2015/12/14 23:24:25 A . (.Razer, Inc. - Razer Overlay Support.) -- C:\Windows\System32\drivers\rzpnk.sys [130880] =>.Razer Inc.® O58 - SDL:2015/08/13 16:19:08 A . (.Razer Inc - Razer Rzudd Engine.) -- C:\Windows\System32\drivers\rzudd.sys [201432] =>.Razer Inc.® O58 - SDL:2009/06/10 21:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited, O58 - SDL:2009/07/14 02:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows® O58 - SDL:2013/09/16 12:17:42 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [99288] =>.Intel Corporation - Intel® Management Engine Firmware® O58 - SDL:2015/06/17 17:04:24 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl64.sys [54784] =>.Apple, Inc. O58 - SDL:2015/12/18 17:08:48 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\System32\drivers\VBoxDrv.sys [965440] =>.Oracle Corporation® O58 - SDL:2015/12/18 17:08:18 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Host-Only Network Adapt.) -- C:\Windows\System32\drivers\VBoxNetAdp6.sys [117768] =>.Oracle Corporation® O58 - SDL:2015/12/18 17:08:18 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Lightweight Filter Driv.) -- C:\Windows\System32\drivers\VBoxNetLwf.sys [194976] =>.Oracle Corporation® O58 - SDL:2015/12/18 17:08:18 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\System32\drivers\VBoxUSBMon.sys [138904] =>.Oracle Corporation® O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows® O58 - SDL:2016/10/06 18:01:44 A . (.Cisco Systems, Inc. - Cisco AnyConnect Secure Mobility Client Vir.) -- C:\Windows\System32\drivers\vpnva64-6.sys [52592] =>.Cisco Systems, Inc.® O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows® ---\\ Last modified or created user files (8) - 45s O61 - LFC: 2017/03/17 21:53:03 A . (.Copyright © 2011.) -- C:\Users\Sleipnir\Downloads\FakeAlertRemover.exe [115712] O61 - LFC: 2017/03/16 18:09:51 A . (..) -- C:\Users\Sleipnir\AppData\Roaming\TS3Client\plugins\gamepad_joystick_win64.dll [139264] O61 - LFC: 2017/03/18 23:43:04 A . (..) -- C:\Users\Sleipnir\AppData\Local\AMD\GLCache\f2559cf86b08242d_11.bin [47466] O61 - LFC: 2017/03/17 19:22:22 A . (..) -- C:\Users\Sleipnir\AppData\Local\AMD\DxCache\181a5a891c783523e0aaf7c6994ab98762c950c5c2054f6a..bin [4194304] O61 - LFC: 2017/03/17 19:19:53 A . (..) -- C:\Users\Sleipnir\AppData\Local\AMD\DxCache\23e2a2b06267508cd9267914028036e5b25fd624376be278..bin [4194304] O61 - LFC: 2017/03/17 22:05:02 A . (..) -- C:\Users\Sleipnir\AppData\Local\AMD\DxCache\6fb640cb8d0641826394ad65d118606698c5ad16b00cd987..bin [4194304] O61 - LFC: 2017/03/17 19:19:28 A . (..) -- C:\Users\Sleipnir\AppData\Local\AMD\DxCache\9bbd00ba00e00f71fc30960fd0b5806c7ec8f724bb010e9d..bin [4194304] O61 - LFC: 2017/03/17 19:19:28 A . (..) -- C:\Users\Sleipnir\AppData\Local\AMD\DxCache\b86e2913860da2c415af7edc7798f149ffaabf15c1e7bff7..bin [4194304] ---\\ File Associations Shell Spawning (11) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® ---\\ Start Menu Internet (12) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation ---\\ Search Browser Infection (3) - 7s O69 - SBI: prefs.js [Sleipnir - xvE2Cvhr.default] user_pref("browser.startup.homepage", "http://yourtv.link"); =>PUP.Optional.Browser O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Google) - http://www.google.com/ O69 - SBI: SearchScopes [HKLM] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com/ ---\\ Search Svchost Services (32) - 1s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [236032] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [859648] =>.Microsoft Corporation O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [680960] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [683520] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [2610688] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70656] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [156672] =>.Microsoft Corporation O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [67584] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1110016] =>.Microsoft Corporation O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [90624] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [44544] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation ---\\ Firewall Active Exception List (30) - 10s O87 - FAEL: "{9F274A5F-0BE4-40ED-9193-D90AAC59EA2D}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe {0CF35369A9710762C36F6805FC9E45D6} O87 - FAEL: "{03F902C5-E70A-49DC-9BA0-0C87F370E375}" [Out-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe {0CF35369A9710762C36F6805FC9E45D6} O87 - FAEL: "{5589957A-07CB-44B4-A85D-79B12B1C344A}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe {0CF35369A9710762C36F6805FC9E45D6} O87 - FAEL: "{2F8CCAC6-8331-4E4F-B1C6-4B30E72F9A9E}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe {0CF35369A9710762C36F6805FC9E45D6} O87 - FAEL: "{CC77F8C8-BC39-42C8-B010-92A5D7B45BAA}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe {0CF35369A9710762C36F6805FC9E45D6} O87 - FAEL: "{367603B6-4A82-471C-8F8E-1C1BDB78D92B}" [Out-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe {0CF35369A9710762C36F6805FC9E45D6} O87 - FAEL: "{3F82CA1B-08BF-4F8B-82E7-8F1A153A792D}" [In-None-P6-TRUE] .(...) -- F:\Steam\steamapps\common\Shelter2\Shelter2.exe O87 - FAEL: "{244BE40C-98BF-4EC7-9EF0-8EC03D280DD6}" [In-None-P17-TRUE] .(...) -- F:\Steam\steamapps\common\Shelter2\Shelter2.exe O87 - FAEL: "{B2EED0E4-BDE6-47F4-BC6D-30D5962A43DC}" [In-None-P6-TRUE] .(.TODO: - Launcher.) -- F:\Steam\steamapps\common\Age of Mythology\Launcher.exe O87 - FAEL: "{6FA1111D-DC6F-48C2-AAE2-7B0B4513E699}" [In-None-P17-TRUE] .(.TODO: - Launcher.) -- F:\Steam\steamapps\common\Age of Mythology\Launcher.exe O87 - FAEL: "{A98AD9C0-BB45-48BF-A92A-8844A9410ECC}" [In-None-P6-TRUE] .(...) -- F:\Steam\steamapps\common\Ori\ori.exe O87 - FAEL: "{446B7F80-1106-4ED0-942E-08F82C3A0A0D}" [In-None-P17-TRUE] .(...) -- F:\Steam\steamapps\common\Ori\ori.exe O87 - FAEL: "{25EABC61-5224-4D7A-8DBC-F428A3A25E26}" [In-None-P6-TRUE] .(.Copyright © 2013 - CDWLauncher.) -- F:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe O87 - FAEL: "{89EB0C64-8FB6-4606-B77B-D29ED31068FE}" [In-None-P17-TRUE] .(.Copyright © 2013 - CDWLauncher.) -- F:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe O87 - FAEL: "TCP Query User{C1B99BF4-9DC9-4A45-9FBA-AC873BEE3ACA}F:\steam\steamapps\common\anno 1404\tools\anno4web.exe" [In-None-P6-TRUE] .(...) -- F:\steam\steamapps\common\anno 1404\tools\anno4web.exe O87 - FAEL: "UDP Query User{E59D17F4-2173-4E9D-938A-E3D634CC9D82}F:\steam\steamapps\common\anno 1404\tools\anno4web.exe" [In-None-P17-TRUE] .(...) -- F:\steam\steamapps\common\anno 1404\tools\anno4web.exe O87 - FAEL: "TCP Query User{C05F43E7-A7CD-499F-91CC-B5E36F84130B}F:\steam\steamapps\common\anno 1404\tools\addonweb.exe" [In-None-P6-TRUE] .(...) -- F:\steam\steamapps\common\anno 1404\tools\addonweb.exe O87 - FAEL: "UDP Query User{AFA4B244-7A34-4AB6-BF0B-6BBC5E9F1EA0}F:\steam\steamapps\common\anno 1404\tools\addonweb.exe" [In-None-P17-TRUE] .(...) -- F:\steam\steamapps\common\anno 1404\tools\addonweb.exe O87 - FAEL: "{C42D1EE0-9C97-4BA0-BABB-9E011166514E}" [In-None-P6-TRUE] .(...) -- F:\Steam\steamapps\common\Cities_Skylines\Cities.exe O87 - FAEL: "{8C63A2CF-6D4B-416A-8BA2-3615A9E973FC}" [In-None-P17-TRUE] .(...) -- F:\Steam\steamapps\common\Cities_Skylines\Cities.exe O87 - FAEL: "{7B9963A6-727F-4D44-A542-00358D7DE9F6}" [In-None-P6-TRUE] .(...) -- F:\Steam\steamapps\common\Tyto Ecology\TytoEcology.exe O87 - FAEL: "{206C577C-7FD3-4F64-9D0B-169511960CAA}" [In-None-P17-TRUE] .(...) -- F:\Steam\steamapps\common\Tyto Ecology\TytoEcology.exe O87 - FAEL: "{975B82DF-20CD-4968-84F2-1BCB157C7FC1}" [In-None-P6-TRUE] .(.Triumph Studios - Game Application.) -- F:\Steam\steamapps\common\Overlord\Overlord.exe O87 - FAEL: "{3C2F828D-5EB1-40CC-BAE7-75ACCFCF1970}" [In-None-P17-TRUE] .(.Triumph Studios - Game Application.) -- F:\Steam\steamapps\common\Overlord\Overlord.exe O87 - FAEL: "{9CA7A31A-DD47-4BBF-9E81-98232EDE3304}" [In-None-P6-TRUE] .(...) -- F:\Steam\steamapps\common\Overlord\Config.exe O87 - FAEL: "{975C6FFD-3E46-4A80-8CFA-6CC68FAADF45}" [In-None-P17-TRUE] .(...) -- F:\Steam\steamapps\common\Overlord\Config.exe O87 - FAEL: "{F6D445C0-E1A1-499A-B108-0171039EB53A}" [In-None-P6-TRUE] .(...) -- F:\Steam\steamapps\common\Overlord II\Overlord2.exe O87 - FAEL: "{C1582815-3F4A-4F5A-8C3A-EF534C043A79}" [In-None-P17-TRUE] .(...) -- F:\Steam\steamapps\common\Overlord II\Overlord2.exe O87 - FAEL: "{E31AE7B7-1F90-42F8-B442-1B1C4831177B}" [In-None-P6-TRUE] .(...) -- F:\Steam\steamapps\common\Overlord II\Config.exe O87 - FAEL: "{694A45AA-F432-486B-85B9-A761723E8407}" [In-None-P17-TRUE] .(...) -- F:\Steam\steamapps\common\Overlord II\Config.exe ---\\ Additional Scan (O88) (1) - 0s ~ No malicious or unnecessary items found. ---\\ Summary of the elements found (1) - 0s http://www.nicolascoolman.fr/?p=546 =>PUP.Optional.Browser ~ End of the scan, 40936 items in 00h03mn28s (1207)(0)