Publicité
Publicité
Commentaire : Besoin d'aide avec les recaptcha qui se font sur tout les sites web que j'essai d'acceder et les multiples redirections qui me renvoient vers des sites de jeux ou de porno.. Merci
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2016.1.31.23 By Nicolas Coolman (2016/01/30)
~ Run by Marc Oued (Administrator) (2017/05/11 00:29:10)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: No network file
~ Mode: Scan
~ Report: C:\Users\user\Desktop\ZHPDiag.txt
~ Report: C:\Users\user\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 14393)
---\\ Internet Browsers (1) - 0s
MSIE: Internet Explorer v11.1066.14393.0
---\\ Windows Product Information (3) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ System protection software (3) - 3s
avast! SecureLine v1.0.24.0
Kaspersky Internet Security v16.0.0.614
Windows Defender (Activate)
---\\ Surveillance software (1) - 4s
Adobe Flash Player 25 NPAPI
---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 8284.524 MB (59% free)
System Restore: Activé (Enable)
System drive C: has 36 GB () free of 342 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: MYLAP
~ User Name: Marc Oued
~ Logged in as Administrator
---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 36 GB free of 342 GB (System)
~ Drive D: has 65 GB free of 318 GB
---\\ State of the Windows Security Center (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Search Generic System Files (25) - 0s
[MD5.F2D58A2E27C2CD486F8F0A123A3F34C3] - 04/03/2017 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [4674360] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation
[MD5.C7645D43451C6D94D87F4D07BDE59C89] - 16/07/2016 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [69632] =>.Microsoft Corporation
[MD5.99A19C9A74E2F9820E501DCE77F84F70] - 16/07/2016 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [304240] {33000000D0ED4ADB049E69E8710000000000D0} =>.Microsoft Corporation
[MD5.C9028EFC81B0AD00D2E5037AAF377FB5] - 28/03/2017 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [2895872] =>.Microsoft Corporation
[MD5.917F081E2AB667C44F7D96DE1D16DFAE] - 14/12/2016 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [673792] =>.Microsoft Corporation
[MD5.9600B7F2F89DE60A80D13DE42F672834] - 16/07/2016 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [402432] =>.Microsoft Corporation
[MD5.2813C62F5BE7FAF0A1C5CC37E5C2F25D] - 04/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [646688] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation
[MD5.AA86DC342B4ED1C1F839C3BC8AEA64B1] - 04/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [497416] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation
[MD5.7ABD5430F75A7FDDE5323B354C77514F] - 16/07/2016 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\WINDOWS\System32\fr-FR\user32.dll.mui [19968] =>.Microsoft Corporation
[MD5.323AA1953ED9C01E23F740FA891FE064] - 15/10/2016 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [584032] =>.Microsoft Windows®
[MD5.A10F989A812B57B9695F6C305907C9C6] - 16/07/2016 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows®
[MD5.F8FB51B9EF6372610E9B31A1D86B62FC] - 16/07/2016 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
[MD5.613D0137C269187FA298A157E3D14A18] - 16/07/2016 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173056] =>.Microsoft Corporation
[MD5.4BC21E937E9F9F408672D2C2CBE4A153] - 04/03/2017 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [145408] =>.Microsoft Corporation
[MD5.10E3515FE5DBA6656FA62C29342EC4A1] - 16/07/2016 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [83456] =>.Microsoft Corporation
[MD5.B54B30992620C97230013A74461C8517] - 16/07/2016 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114176] =>.Microsoft Corporation
[MD5.F1DAECC3B3D6399875D4F10529D6A77C] - 16/07/2016 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [212480] =>.Microsoft Corporation
[MD5.D559FF28B1AD9B1E15A4186E785E61F6] - 04/03/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [450400] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation
[MD5.6FEBB0A847FFD5F057B9AC8889F1B9A7] - 16/07/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [279040] =>.Microsoft Corporation
[MD5.98BBD81DC481E9D58EEB31C81EBDEFF5] - 04/03/2017 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2255712] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation
[MD5.6B81BF7853D161DB8AC62CD8B9C2DE6B] - 16/07/2016 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation
[MD5.17E565710172ED71B8531D8822E1C5D1] - 16/07/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation
[MD5.7135785C21CA79D270D11037C43D3F19] - 16/07/2016 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [177152] =>.Microsoft Corporation
[MD5.0B237F8A96952BF95A14865030E131F2] - 04/03/2017 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118624] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation
[MD5.BF2546583BB75F01DDA60A7921DFB230] - 16/07/2016 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [391520] =>.Microsoft Windows®
---\\ Non Microsoft non disabled Windows Services (16) - 3s
O23 - Service: Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe =>.Kaspersky Lab®
O23 - Service: Droid4XService (Droid4XService) . (...) - C:\Program Files (x86)\Droid4X\Droid4XService.exe
O23 - Service: F-Secure Freedome Service (Freedome Service) . (.F-Secure Corporation - F-Secure Freedome Service.) - C:\Program Files (x86)\F-Secure\Freedome\Freedome\1.1\FreedomeService.exe {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: HTCMonitorService (HTCMonitorService) . (.Nero AG - NService Application.) - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe =>.Nero AG®
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation - pGFX®
O23 - Service: Internet Pass-Through Service (PassThru Service) . (.Copyright (C) 2012 - PassThruSvr Application.) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: avast! SecureLine (SecureLine) . (...) - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe =>.AVAST Software a.s.®
O23 - Service: Baidu Spark Service (SparkSvc) . (.Baidu Inc. - spark.) - C:\Program Files (x86)\baidu\Baidu Browser\sparkservice.exe {5FAEE9E83F32948F3B2040AC6DF0145C}
O23 - Service: VMware Authorization Service (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe =>.VMware, Inc.®
O23 - Service: VMware DHCP Service (VMnetDHCP) . (.VMware, Inc. - VMware VMnet DHCP service.) - C:\Windows\SysWOW64\vmnetdhcp.exe =>.VMware, Inc.®
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe =>.VMware, Inc.®
O23 - Service: VMware NAT Service (VMware NAT Service) . (.VMware, Inc. - VMware NAT Service.) - C:\Windows\SysWOW64\vmnat.exe =>.VMware, Inc.®
O23 - Service: VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe =>.VMware, Inc.®
O23 - Service: Wondershare Application Framework Service (WsAppService) . (.Wondershare - Wondershare Passport.) - C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
O23 - Service: Wondershare Driver Install Service (WsDrvInst) . (.Wondershare - MobileGo Driver Installer.) - C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\Library\DriverInstaller\DriverInstall.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
---\\ Services not Microsoft (SR=Run, SS=Stop) (34) - 124s
SS - Disabl [16/04/2017] [ 271448] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SS - Disabl [28/07/2011] [ 262144] Arp Intelligent Protection Service (AIPS) . (.Arcai.com.) - C:\Program Files (x86)\netcut\services\aips.exe =>.arcai.com
SS - Auto [14/10/2016] [ 194000] Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe =>.Kaspersky Lab®
SS - Demand [18/01/2013] [ 577536] BlackBerry Device Manager (Blackberry Device Manager) . (.Research In Motion Limited.) - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe =>.Research In Motion Limited
SS - Disabl [12/08/2015] [ 462096] Service Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
SS - Demand [12/05/2016] [ 280696] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - pGFX®
SR - Auto [13/06/2016] [ 279552] Droid4XService (Droid4XService) . (...) - C:\Program Files (x86)\Droid4X\Droid4XService.exe
SR - Auto [27/04/2017] [ 563168] F-Secure Freedome Service (Freedome Service) . (.F-Secure Corporation.) - C:\Program Files (x86)\F-Secure\Freedome\Freedome\1.1\FreedomeService.exe {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation
SS - Auto [07/02/2017] [ 153752] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [07/02/2017] [ 153752] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Disabl [24/09/2012] [ 31040] @oem14.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe =>.Hewlett-Packard Company
SR - Auto [20/09/2016] [ 87368] HTCMonitorService (HTCMonitorService) . (.Nero AG.) - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe =>.Nero AG®
SS - Demand [24/04/2012] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe =>.Intel Corporation®
SR - Auto [12/05/2016] [ 319096] Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation
SR - Auto [07/12/2012] [ 167424] Internet Pass-Through Service (PassThru Service) . (.Copyright (C) 2012.) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
SS - Disabl [02/11/2006] [ 174656] ProtexisLicensing (ProtexisLicensing) . (.© 2000-2005 Protexis Inc..) - C:\Windows\SysWOW64\PSIService.exe
SS - Disabl [25/06/2010] [ 117264] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe =>.CACE Technologies, Inc.®
SS - Auto [30/05/2014] [ 395912] avast! SecureLine (SecureLine) . (...) - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe =>.AVAST Software a.s.®
SS - Disabl [27/09/2015] [ 739520] Service KMSELDI (Service KMSELDI) . (.@ByELDI.) - C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
SS - Disabl [01/03/2013] [ 161384] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Technologies SA®
SR - Auto [02/03/2017] [ 97080] Baidu Spark Service (SparkSvc) . (.Baidu Inc..) - C:\Program Files (x86)\baidu\Baidu Browser\sparkservice.exe {5FAEE9E83F32948F3B2040AC6DF0145C}
SS - Demand [17/12/2015] [ 1372472] Baidu Spark Updater (SparkUpdater) . (.Baidu.com, Inc..) - C:\Program Files (x86)\baidu\SparkUpdate\Sparkupdate.exe {5FAEE9E83F32948F3B2040AC6DF0145C}
SS - Disabl [27/06/2016] [ 253960] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
SR - Auto [14/04/2016] [ 97864] VMware Authorization Service (VMAuthdService) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe =>.VMware, Inc.®
SR - Auto [14/04/2016] [ 358080] VMware DHCP Service (VMnetDHCP) . (.VMware, Inc..) - C:\Windows\SysWOW64\vmnetdhcp.exe =>.VMware, Inc.®
SR - Auto [10/03/2016] [ 907968] VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe =>.VMware, Inc.®
SR - Auto [14/04/2016] [ 392896] VMware NAT Service (VMware NAT Service) . (.VMware, Inc..) - C:\Windows\SysWOW64\vmnat.exe =>.VMware, Inc.®
SR - Auto [14/04/2016] [12471368] VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe =>.VMware, Inc.®
SS - Disabl [09/07/2015] [ 144640] vssbrigde64 (vssbrigde64) . (.AO Kaspersky Lab.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe =>.Kaspersky Lab®
SS - Demand [01/07/2016] [ 29696] wampapache64 (wampapache64) . (.Apache Software Foundation.) - c:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe =>.Apache Software Foundation
SS - Demand [12/07/2016] [39885824] wampmysqld64 (wampmysqld64) . (...) - c:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe
SR - Auto [20/03/2017] [ 473312] Wondershare Application Framework Service (WsAppService) . (.Wondershare.) - C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
SR - Auto [20/04/2017] [ 119008] Wondershare Driver Install Service (WsDrvInst) . (.Wondershare.) - C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\Library\DriverInstaller\DriverInstall.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
---\\ Task Planned Automatically (29) - 7s
[MD5.BE62B286791F715E430FB022C1707BBA] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [271448] =>.Adobe Systems Incorporated®
[MD5.EBF9EE1FD3CAF93596208A4EF1A5B942] [APT] [AutoPico Daily Restart] (.@ByELDI.) -- C:\Program Files\KMSpico\AutoPico.exe [740032] =>HackTool.KMSpico
[MD5.70B2F403924958B8BD9BCACE8E097A59] [APT] [azskdtfaddfUpdate] (.VideoLAN.) -- C:\Program Files (x86)\azskdtfaddf\yuto.exe [137152] =>.VideoLAN®
[MD5.5BCE955CF12AF3417F055DADC0212920] [APT] [Browser Updater Task(Core)] (.Tencent.) -- C:\Program Files (x86)\TXQQBrowser\Update\3B878D788DA34B0EA09AC0543ABB3821\Update\BrowserUpdate.exe [690144] =>.Superfluous.Tencent
[MD5.00000000000000000000000000000000] [APT] [Ghipshplokaty Module] (...) -- C:\Program Files (x86)\Pluratherprivasy\ghpmoduleHujishprerwaied.exe (.not file.) [0]
[MD5.2D8BBF6C7241AAD9EDE7708EBB7B43A4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] =>.Google Inc®
[MD5.2D8BBF6C7241AAD9EDE7708EBB7B43A4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] =>.Google Inc®
[MD5.00000000000000000000000000000000] [APT] [Launch HTC Sync Loader] (...) -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe (.not file.) [0]
[MD5.7F014D20314F4902FF7AB2BD459C4430] [APT] [Milimili] (...) -- C:\Program Files (x86)\MIO\MIO.exe [282168] =>.Superfluous.Tencent
[MD5.00000000000000000000000000000000] [APT] [Pramase Debuger] (...) -- C:\Program Files (x86)\Pramase\pramaseDbgTsk.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [smadav] (...) -- C:\Program Files (x86)\Smadav\SM?RTP.exe (.not file.) [0]
[MD5.13E901EEC0347A024450962C48385120] [APT] [SparkUpdater] (.Baidu.com, Inc..) -- C:\Program Files (x86)\baidu\Baidu Browser\SparkUpdate.exe [1372472] {5FAEE9E83F32948F3B2040AC6DF0145C}
[MD5.00000000000000000000000000000000] [APT] [UCBrowserUpdater] (...) -- C:\Program Files (x86)\UCBrowser\Application\update_task.exe (.not file.) [0] =>PUP.Optional.CertifiedToolbar
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984] =>.Apple Inc.®
[MD5.E3238CA9101C670556B636C8F4FCE358] [APT] [Lenovo\Lenovo Customer Feedback Program 64 35] (.Lenovo.) -- C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184] =>.LENOVO®
O39 - APT: UCBrowserUpdater - (...) -- C:\WINDOWS\Tasks\UCBrowserUpdater.job [476] (.Orphean.) =>PUP.Optional.CertifiedToolbar
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [4558] =>.Adobe Systems Incorporated
O39 - APT: AutoPico Daily Restart - (.@ByELDI.) -- C:\WINDOWS\System32\Tasks\AutoPico Daily Restart [3464] =>HackTool.KMSpico
O39 - APT: azskdtfaddfUpdate - (.VideoLAN.) -- C:\WINDOWS\System32\Tasks\azskdtfaddfUpdate [2274] =>.VideoLAN
O39 - APT: Browser Updater Task(Core) - (.Tencent.) -- C:\WINDOWS\System32\Tasks\Browser Updater Task(Core) [7926] =>.Superfluous.Tencent
O39 - APT: Ghipshplokaty Module - (...) -- C:\WINDOWS\System32\Tasks\Ghipshplokaty Module [7486] (.Orphean.)
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3462] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3586] =>.Google Inc.
O39 - APT: Launch HTC Sync Loader - (...) -- C:\WINDOWS\System32\Tasks\Launch HTC Sync Loader [3696] (.Orphean.)
O39 - APT: Milimili - (...) -- C:\WINDOWS\System32\Tasks\Milimili [3676]
O39 - APT: Pramase Debuger - (...) -- C:\WINDOWS\System32\Tasks\Pramase Debuger [7478] (.Orphean.)
O39 - APT: smadav - (...) -- C:\WINDOWS\System32\Tasks\smadav [2426] (.Orphean.)
O39 - APT: SparkUpdater - (.Baidu.com, Inc..) -- C:\WINDOWS\System32\Tasks\SparkUpdater [4190]
O39 - APT: UCBrowserUpdater - (...) -- C:\WINDOWS\System32\Tasks\UCBrowserUpdater [3140] (.Orphean.) =>PUP.Optional.CertifiedToolbar
---\\ Process running (34) - 2s
[MD5.58F30D9E0A2FC51B95042577BFF5F62E] - (.Intel Corporation - igfxCUIService Module.) -- C:\Windows\System32\igfxCUIService.exe [319096] [PID.1608] =>.Intel Corporation - pGFX®
[MD5.E0A69AAB9D8F6EFDAD11AE261E3FE986] - (.Wondershare - Wondershare Passport.) -- C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312] [PID.2560] {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
[MD5.5C8BC8A28798FD010E7ABC4E0D588CAA] - (.Nero AG - NService Application.) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368] [PID.2576] =>.Nero AG®
[MD5.6F2D3D1DC9C5C55D195D3836616E7EA0] - (.Wondershare - MobileGo Driver Installer.) -- C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\Library\DriverInstaller\DriverInstall.exe [119008] [PID.2584] {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
[MD5.D01950732DC7829124C9E3CC247F21A1] - (...) -- C:\Program Files (x86)\Droid4X\Droid4XService.exe [279552] [PID.2592]
[MD5.75DEC843BDA054C9D3ACFC006E41A380] - (.F-Secure Corporation - F-Secure Freedome Service.) -- C:\Program Files (x86)\F-Secure\Freedome\Freedome\1.1\FreedomeService.exe [563168] [PID.2644] {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation
[MD5.6A881210DB2753D610EF045BF27BC022] - (.Baidu Inc. - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\sparkservice.exe [97080] [PID.2816] {5FAEE9E83F32948F3B2040AC6DF0145C}
[MD5.D845AD2EF17354B85A9C2564EFCBE692] - (.VMware, Inc. - VMware VMnet DHCP service.) -- C:\Windows\SysWOW64\vmnetdhcp.exe [358080] [PID.2824] =>.VMware, Inc.®
[MD5.3CAE2BBC86FCF7F94C9696994AF30386] - (.Copyright (C) 2012 - PassThruSvr Application.) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424] [PID.2832]
[MD5.21189E3D6E45A0537D326E2A41A31936] - (.VMware, Inc. - VMware NAT Service.) -- C:\Windows\SysWOW64\vmnat.exe [392896] [PID.2888] =>.VMware, Inc.®
[MD5.688911427532BCD0FB6E840CD75BE77A] - (.VMware, Inc. - VMware Authorization Service.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [97864] [PID.3208] =>.VMware, Inc.®
[MD5.4AD6167F85CF70754D18222D33DB2F75] - (.VMware, Inc. - VMware USB Arbitration Service.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [907968] [PID.3216] =>.VMware, Inc.®
[MD5.4007A33A82C6E289A7694184628DC189] - (...) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12471368] [PID.3644] =>.VMware, Inc.®
[MD5.4E50F3A1299C1274612F801CB2BEAADF] - (.Intel Corporation - igfxEM Module.) -- C:\Windows\System32\igfxEM.exe [530552] [PID.6136] =>.Intel Corporation - pGFX®
[MD5.EA0F427B322F9861AE5A80E95DEA4AB1] - (.Intel Corporation - igfxHK Module.) -- C:\Windows\System32\igfxHK.exe [247416] [PID.872] =>.Intel Corporation - pGFX®
[MD5.59DCEF50755E5FBB54EC882FC7BE6D00] - (...) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe [821240] [PID.7008] =>.Nero AG®
[MD5.58D0F2A12C419A527AE1B45458BAC4F2] - (.Wondershare - BackupRemind.) -- C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\Addins\AndroidBackupRestore\BackupRemind.exe [40080] [PID.9380] {1F8663313222FF9957A7D5EDD27A3346} =>.Wondershare
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.860] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.7940] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.1440] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.11440] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.15868] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.11400] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.16388] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.9500] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.9260] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.7100] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.13520] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.13748] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.FF9CE0FC9E3B4BC22001764A9EFE4741] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\user\Downloads\Programs\ZHPDiag3.exe [2105344] [PID.10772] =>.Nicolas Coolman
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.10788] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.D0278FA8947ED54A112893F71917F46A] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe [2133504] [PID.4868] {59123D60D39E60127D6B456A62C9DEAC}
[MD5.D7B59C5C8C22101B50502AFB482A86FE] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe [387072] [PID.10944]
[MD5.D7B59C5C8C22101B50502AFB482A86FE] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe [387072] [PID.3696]
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (2) - 1s
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll =>.Adobe Systems Incorporated
P2 - FPN: [HKLM] [@RIM.com/WebSLLauncher,version=1.0] - (.Research In Motion.) -- C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll =>.Research In Motion
---\\ Internet Explorer Extensions, Start, Search (18) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpageing123.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.startpageing123.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpageing123.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.startpageing123.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.startpageing123.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpageing123.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.startpageing123.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (6) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=
---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (16)
---\\ Browser Helper Object (BHO) (5) - 0s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll {7828C7315808BC8717710E13FA3C0B24} =>.Internet Download Manager, Tonec Inc.
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
O2 - BHO: ScriptInjectionPluginBrowserHelperObject [64Bits] - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} . (.AO Kaspersky Lab - Kaspersky Protection plugins.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab
O2 - BHO: Microsoft OneDrive for Business Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} (Orphean)
---\\ Auto loading programs from Registry and folders (20) - 1s
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Zune Launcher] . (.Microsoft Corporation - Zune Auto-Launcher.) -- C:\Program Files\Zune\ZuneLauncher.exe =>.Microsoft Corporation®
O4 - HKLM\..\Run: [WindowsDefender] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe (.not file.)
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC}
O4 - HKCU\..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (.not file.)
O4 - HKCU\..\Run: [PC Remote Server] . (.PC Remote - PC Remote Server.) -- C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe {2B2F2DCBBD5B48}
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc.
O4 - HKCU\..\Run: [IDM trial reset] . (...) -- C:\Users\user\Downloads\IDM\Trial Reset IDM Auto.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.®
O4 - HKLM\..\Wow6432Node\Run: [vmware-tray.exe] . (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe =>.VMware, Inc.®
O4 - HKLM\..\Wow6432Node\Run: [RIMBBLaunchAgent.exe] . (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe =>.Research In Motion®
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC}
O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (.not file.)
O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [PC Remote Server] . (.PC Remote - PC Remote Server.) -- C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe {2B2F2DCBBD5B48}
O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc.
O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [IDM trial reset] . (...) -- C:\Users\user\Downloads\IDM\Trial Reset IDM Auto.exe
---\\ Global shortcuts Startup (123) - 8s
O4 - GS\Desktop [Administrateur]: Advanced Grammar in Use.lnk . (.Cambridge University Press - Advanced Grammar in Use.) C:\Cambridge\AGU\AGU.exe =>.Cambridge University Press
O4 - GS\Desktop [Administrateur]: ASIO4ALL v2 Instruction Manual.lnk . (...) C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.pdf
O4 - GS\Desktop [Administrateur]: Car Mechanic Simulator 2015.lnk . (...) C:\Games\Car Mechanic Simulator 2015\cms2015_Loader.exe
O4 - GS\Desktop [Administrateur]: Cisco Packet Tracer.lnk . (...) C:\Program Files (x86)\Cisco Packet Tracer 6.0.1\bin\PacketTracer6.exe
O4 - GS\Desktop [Administrateur]: DoulCI Activator v3.0 Private Build.lnk . (.DoulCI Team® - DoulCI Activator v3.0.) C:\Program Files (x86)\DoulCI Team\DoulCI Activator v3.0 Private Build\DoulCI Activator v3.0.exe
O4 - GS\Desktop [Administrateur]: doulCi™ Activator v2.0.14.lnk . (.Copyright © 2015 - Doulci iCloud.) C:\Program Files (x86)\Doulci iCloud\doulCi™ Activator tool\doulCi™ Activator v2.0.14.exe
O4 - GS\Desktop [Administrateur]: eclipse.exe - Raccourci.lnk . (...) C:\Users\user\Documents\Mes cours\Isig international\Semestre 5\Infographie\Info\eclipse-standard-kepler-SR1-win32-x86_64\eclipse\eclipse.exe
O4 - GS\Desktop [Administrateur]: English Grammar in Use.lnk . (.Cambridge University Press - English Grammar in Use.) C:\Cambridge\EGU\EGU.exe =>.Cambridge University Press
O4 - GS\Desktop [Administrateur]: Essential Grammar in Use.lnk . (.Cambridge University Press - Essential Grammar In Use.) C:\Program Files (x86)\Cambridge\EssentialGrammarInUse\EssGram.exe =>.Cambridge University Press
O4 - GS\Desktop [Administrateur]: FL Studio 12 (64bit).lnk . (.Image-Line - FL Studio.) C:\Program Files (x86)\Image-Line\FL Studio 12\FL64.exe {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line
O4 - GS\Desktop [Administrateur]: FL.exe - Shortcut.lnk . (.Image-Line - FL Studio.) C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line
O4 - GS\Desktop [Administrateur]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\Desktop [Administrateur]: Grand Dictionnaire Hachette Oxford.lnk . (.Oxford University Press - Oxford-Hachette French Dictionary.) C:\Program Files (x86)\GDHO\gdho.exe
O4 - GS\Desktop [Administrateur]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc.
O4 - GS\Desktop [Administrateur]: KB Piano 2.lnk . (.G.F. Software - .) C:\Program Files (x86)\KB Piano 2\KBPiano2.exe
O4 - GS\Desktop [Administrateur]: LGMobile Support Tool.lnk . (.LG Electronics - LGMLauncher LGMobile Application.) C:\ProgramData\LGMOBILEAX\LGMLauncher.exe {4BAD88265909F29EB7827157954A75A5} =>.LG Electronics
O4 - GS\Desktop [Administrateur]: Messenger.exe - Raccourci.lnk . (...) C:\Program Files (x86)\Softros Systems\Softros Messenger\Messenger.exe
O4 - GS\Desktop [Administrateur]: NFS13.exe - Raccourci.lnk . (.Electronic Arts - Need for Speed™ Most Wanted.) D:\Logistics\Games\Race\Need for Speed Most Wanted\NFS13.exe =>.Electronic Arts
O4 - GS\Desktop [Administrateur]: NoteWorthy Composer.lnk . (...) C:\Program Files (x86)\NoteWorthy Composer\NWC32.EXE
O4 - GS\Desktop [Administrateur]: PC Remote Server.lnk . (.PC Remote - PC Remote Server.) C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe {2B2F2DCBBD5B48}
O4 - GS\Desktop [Administrateur]: PianoFX STUDIO 4.0.lnk . (.Tanseon Systems - PianoFX STUDIO 4.0.) C:\Program Files (x86)\PianoFX\PianoFX.exe
O4 - GS\Desktop [Administrateur]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe =>.VS Revo Group®
O4 - GS\Desktop [Administrateur]: Safe Money.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab®
O4 - GS\Desktop [Administrateur]: Speed - Raccourci.lnk . (...) D:\Logistics\Games\Race\Need for Speed Most Wanted\Speed.exe
O4 - GS\Desktop [Administrateur]: sublime_text.exe - Raccourci.lnk . (.Copyright (C) 2006 - 2016 Sublime HQ Pty Ltd - Sublime Text.) C:\Sublime Text Build 3047\sublime_text.exe {7F74C210CC0D477C7F54A8D4822D6A}
O4 - GS\Desktop [Administrateur]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe
O4 - GS\Desktop [Administrateur]: Test Simulator.lnk . (...) C:\Program Files (x86)\Test Simulator\T_Simulator.exe
O4 - GS\Desktop [Administrateur]: traducteur.exe - Shortcut.lnk . (...) D:\Logistics\TRADUCTION ANG FRANC\traducteur.exe
O4 - GS\Desktop [Administrateur]: UniFlash V2.lnk . (...) C:\Users\user\AppData\Roaming\Microsoft\Installer\{76C39E3D-0A9D-453C-80E3-D4FA454BE16B}\_B03BBBBDCA6E22E5A7F457.exe
O4 - GS\Desktop [Administrateur]: Universal Advance Unlocker.lnk . (.Josedavido & Dawood1208 - Universal Advance Unlocker.) C:\Program Files (x86)\Universal Advance Unlocker\Universal Advance Unlocker.exe
O4 - GS\Desktop [Administrateur]: UsbFix.lnk . (...) C:\UsbFix\UsbFix.exe {03E439D641B50EB561802D9A7F57D494}
O4 - GS\Desktop [Administrateur]: Usenet.nl.lnk . (.Copyright © 2009 - Usenet.nl.) C:\Program Files (x86)\Usenet.nl\Usenet.nl.exe
O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\user\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrateur]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC}
O4 - GS\Quicklaunch [Administrateur]: Apple Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Quicklaunch [Administrateur]: Arcai.com's NetCut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files (x86)\netcut\netcut.exe =>.arcai.com
O4 - GS\Quicklaunch [Administrateur]: dr.fone toolkit pour Android.lnk . (.Wondershare - dr.fone toolkit loader.) C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\DrFoneLoader.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
O4 - GS\Quicklaunch [Administrateur]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.0, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Administrateur]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe
O4 - GS\Quicklaunch [Administrateur]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC}
O4 - GS\sendTo [Administrateur]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Administrateur]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies SA®
O4 - GS\TaskBar [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Bangcar\Application\chrome.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
O4 - GS\Startup [Administrateur]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe
O4 - GS\Desktop [Marc Oued]: Advanced Grammar in Use.lnk . (.Cambridge University Press - Advanced Grammar in Use.) C:\Cambridge\AGU\AGU.exe =>.Cambridge University Press
O4 - GS\Desktop [Marc Oued]: ASIO4ALL v2 Instruction Manual.lnk . (...) C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.pdf
O4 - GS\Desktop [Marc Oued]: Car Mechanic Simulator 2015.lnk . (...) C:\Games\Car Mechanic Simulator 2015\cms2015_Loader.exe
O4 - GS\Desktop [Marc Oued]: Cisco Packet Tracer.lnk . (...) C:\Program Files (x86)\Cisco Packet Tracer 6.0.1\bin\PacketTracer6.exe
O4 - GS\Desktop [Marc Oued]: DoulCI Activator v3.0 Private Build.lnk . (.DoulCI Team® - DoulCI Activator v3.0.) C:\Program Files (x86)\DoulCI Team\DoulCI Activator v3.0 Private Build\DoulCI Activator v3.0.exe
O4 - GS\Desktop [Marc Oued]: doulCi™ Activator v2.0.14.lnk . (.Copyright © 2015 - Doulci iCloud.) C:\Program Files (x86)\Doulci iCloud\doulCi™ Activator tool\doulCi™ Activator v2.0.14.exe
O4 - GS\Desktop [Marc Oued]: eclipse.exe - Raccourci.lnk . (...) C:\Users\user\Documents\Mes cours\Isig international\Semestre 5\Infographie\Info\eclipse-standard-kepler-SR1-win32-x86_64\eclipse\eclipse.exe
O4 - GS\Desktop [Marc Oued]: English Grammar in Use.lnk . (.Cambridge University Press - English Grammar in Use.) C:\Cambridge\EGU\EGU.exe =>.Cambridge University Press
O4 - GS\Desktop [Marc Oued]: Essential Grammar in Use.lnk . (.Cambridge University Press - Essential Grammar In Use.) C:\Program Files (x86)\Cambridge\EssentialGrammarInUse\EssGram.exe =>.Cambridge University Press
O4 - GS\Desktop [Marc Oued]: FL Studio 12 (64bit).lnk . (.Image-Line - FL Studio.) C:\Program Files (x86)\Image-Line\FL Studio 12\FL64.exe {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line
O4 - GS\Desktop [Marc Oued]: FL.exe - Shortcut.lnk . (.Image-Line - FL Studio.) C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line
O4 - GS\Desktop [Marc Oued]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\Desktop [Marc Oued]: Grand Dictionnaire Hachette Oxford.lnk . (.Oxford University Press - Oxford-Hachette French Dictionary.) C:\Program Files (x86)\GDHO\gdho.exe
O4 - GS\Desktop [Marc Oued]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc.
O4 - GS\Desktop [Marc Oued]: KB Piano 2.lnk . (.G.F. Software - .) C:\Program Files (x86)\KB Piano 2\KBPiano2.exe
O4 - GS\Desktop [Marc Oued]: LGMobile Support Tool.lnk . (.LG Electronics - LGMLauncher LGMobile Application.) C:\ProgramData\LGMOBILEAX\LGMLauncher.exe {4BAD88265909F29EB7827157954A75A5} =>.LG Electronics
O4 - GS\Desktop [Marc Oued]: Messenger.exe - Raccourci.lnk . (...) C:\Program Files (x86)\Softros Systems\Softros Messenger\Messenger.exe
O4 - GS\Desktop [Marc Oued]: NFS13.exe - Raccourci.lnk . (.Electronic Arts - Need for Speed™ Most Wanted.) D:\Logistics\Games\Race\Need for Speed Most Wanted\NFS13.exe =>.Electronic Arts
O4 - GS\Desktop [Marc Oued]: NoteWorthy Composer.lnk . (...) C:\Program Files (x86)\NoteWorthy Composer\NWC32.EXE
O4 - GS\Desktop [Marc Oued]: PC Remote Server.lnk . (.PC Remote - PC Remote Server.) C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe {2B2F2DCBBD5B48}
O4 - GS\Desktop [Marc Oued]: PianoFX STUDIO 4.0.lnk . (.Tanseon Systems - PianoFX STUDIO 4.0.) C:\Program Files (x86)\PianoFX\PianoFX.exe
O4 - GS\Desktop [Marc Oued]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe =>.VS Revo Group®
O4 - GS\Desktop [Marc Oued]: Safe Money.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab®
O4 - GS\Desktop [Marc Oued]: Speed - Raccourci.lnk . (...) D:\Logistics\Games\Race\Need for Speed Most Wanted\Speed.exe
O4 - GS\Desktop [Marc Oued]: sublime_text.exe - Raccourci.lnk . (.Copyright (C) 2006 - 2016 Sublime HQ Pty Ltd - Sublime Text.) C:\Sublime Text Build 3047\sublime_text.exe {7F74C210CC0D477C7F54A8D4822D6A}
O4 - GS\Desktop [Marc Oued]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe
O4 - GS\Desktop [Marc Oued]: Test Simulator.lnk . (...) C:\Program Files (x86)\Test Simulator\T_Simulator.exe
O4 - GS\Desktop [Marc Oued]: traducteur.exe - Shortcut.lnk . (...) D:\Logistics\TRADUCTION ANG FRANC\traducteur.exe
O4 - GS\Desktop [Marc Oued]: UniFlash V2.lnk . (...) C:\Users\user\AppData\Roaming\Microsoft\Installer\{76C39E3D-0A9D-453C-80E3-D4FA454BE16B}\_B03BBBBDCA6E22E5A7F457.exe
O4 - GS\Desktop [Marc Oued]: Universal Advance Unlocker.lnk . (.Josedavido & Dawood1208 - Universal Advance Unlocker.) C:\Program Files (x86)\Universal Advance Unlocker\Universal Advance Unlocker.exe
O4 - GS\Desktop [Marc Oued]: UsbFix.lnk . (...) C:\UsbFix\UsbFix.exe {03E439D641B50EB561802D9A7F57D494}
O4 - GS\Desktop [Marc Oued]: Usenet.nl.lnk . (.Copyright © 2009 - Usenet.nl.) C:\Program Files (x86)\Usenet.nl\Usenet.nl.exe
O4 - GS\Desktop [Marc Oued]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\user\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Marc Oued]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC}
O4 - GS\Quicklaunch [Marc Oued]: Apple Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Quicklaunch [Marc Oued]: Arcai.com's NetCut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files (x86)\netcut\netcut.exe =>.arcai.com
O4 - GS\Quicklaunch [Marc Oued]: dr.fone toolkit pour Android.lnk . (.Wondershare - dr.fone toolkit loader.) C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\DrFoneLoader.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
O4 - GS\Quicklaunch [Marc Oued]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.0, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Marc Oued]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe
O4 - GS\Quicklaunch [Marc Oued]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC}
O4 - GS\sendTo [Marc Oued]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Marc Oued]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies SA®
O4 - GS\TaskBar [Marc Oued]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Bangcar\Application\chrome.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
O4 - GS\Startup [Marc Oued]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe
O4 - GS\CommonDesktop [Public]: AIMP.lnk . (.AIMP DevTeam - AIMP.) C:\Program Files (x86)\AIMP\AIMP.exe {2E5136402087ADFCCD8977967B2F00B7} =>.AIMP DevTeam
O4 - GS\CommonDesktop [Public]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe {5FAEE9E83F32948F3B2040AC6DF0145C}
O4 - GS\CommonDesktop [Public]: BlackBerry Desktop Software.lnk . (.Research In Motion - BlackBerry Desktop Software.) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe =>.Research In Motion®
O4 - GS\CommonDesktop [Public]: Download IDM 6.26 build...lnk . (...) C:\Users\user\Downloads\Programs\IDM 6.exe
O4 - GS\CommonDesktop [Public]: dr.fone toolkit pour Android.lnk . (.Wondershare - dr.fone toolkit loader.) C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\DrFoneLoader.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
O4 - GS\CommonDesktop [Public]: Droid4X Multi Manager.lnk . (...) C:\Program Files (x86)\Droid4X\MultiMgr.exe {141EC0B6DE6EE09A2165B9E3CEAE9C05}
O4 - GS\CommonDesktop [Public]: Droid4X.lnk . (...) C:\Program Files (x86)\Droid4X\Droid4X.exe {141EC0B6DE6EE09A2165B9E3CEAE9C05}
O4 - GS\CommonDesktop [Public]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.0, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\CommonDesktop [Public]: Freedome.lnk . (.F-Secure Corporation - F-Secure Freedome UI.) C:\Program Files (x86)\F-Secure\Freedome\Freedome\1.1\Freedome.exe {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Bangcar\Application\chrome.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
O4 - GS\CommonDesktop [Public]: Google Earth.lnk . (.Google - Google Earth.) C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google
O4 - GS\CommonDesktop [Public]: Google.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe {5FAEE9E83F32948F3B2040AC6DF0145C}
O4 - GS\CommonDesktop [Public]: Harrap's Unabridged Pro Français - Anglais.lnk . (.Copyright (C) 2002 - Application MFC Multilingual.) C:\Program Files (x86)\Harrap\Harrap's Unabridged Pro\Bin\MultiLingual.exe
O4 - GS\CommonDesktop [Public]: HTC Sync Manager.lnk . (...) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe =>.Nero AG®
O4 - GS\CommonDesktop [Public]: Intel(R) HD Graphics Control Panel.lnk . (.Intel Corporation - GFXUIEX Module.) C:\WINDOWS\system32\GfxUIEx.exe =>.Intel Corporation - pGFX®
O4 - GS\CommonDesktop [Public]: iReport-5.6.0.lnk . (...) C:\Program Files (x86)\Jaspersoft\iReport-5.6.0\bin\ireport.exe
O4 - GS\CommonDesktop [Public]: Jurassic UniAndroid.lnk . (.Jurassic GSM Tools - Jurassic Universal Android Tool.) C:\Program Files (x86)\JURASSIC Universal Android Tool v.5.0.2\Jurassic UniAndroid.exe
O4 - GS\CommonDesktop [Public]: Kaspersky Internet Security.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab®
O4 - GS\CommonDesktop [Public]: MiniTool Partition Wizard Free.lnk . (...) C:\Program Files\MiniTool Partition Wizard Free 9.1\loader.exe {1121FE616769A8C3C0A0EDC5507542AE320D}
O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Firefox\Firefox.exe {57FCDAB4B0C6202BC89A0DDD4A742960} =>.Mozilla Corporation
O4 - GS\CommonDesktop [Public]: NetBeans IDE 8.0.2.lnk . (.Oracle Corporation - .) C:\Program Files (x86)\NetBeans 8.0.2\bin\netbeans64.exe =>.Oracle Corporation
O4 - GS\CommonDesktop [Public]: Petit Larousse 2010.lnk . (.Larousse - Le Petit Larousse 2010.) C:\Program Files (x86)\Larousse\Petit Larousse 2010\bin\PLViewer.exe
O4 - GS\CommonDesktop [Public]: Recuva.lnk . (.Piriform Ltd - Recuva.) C:\Program Files\Recuva\recuva64.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\CommonDesktop [Public]: SecureLine.lnk . (.AVAST Software - SecureLine.) C:\Program Files\AVAST Software\SecureLine\SecureLine.exe =>.AVAST Software a.s.®
O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\WINDOWS\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN
O4 - GS\CommonDesktop [Public]: Wampserver64.lnk . (.Aestan Software - Aestan Tray Menu.) C:\wamp64\wampmanager.exe =>.Aestan Software
O4 - GS\Startup [Public]: avast! SecureLine.lnk . (.AVAST Software - SecureLine.) C:\Program Files\AVAST Software\SecureLine\SecureLine.exe =>.AVAST Software a.s.®
O4 - GS\Startup [Public]: BackupRemind.lnk . (.Wondershare - BackupRemind.) C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\Addins\AndroidBackupRestore\BackupRemind.exe {1F8663313222FF9957A7D5EDD27A3346} =>.Wondershare
O4 - GS\Startup [Public]: Hyperappel du Petit Larousse 2010.lnk . (.Copyright (C) 2000 - Application MFC hyperappel.) C:\Program Files (x86)\Larousse\Petit Larousse 2010\bin\Hyperappel.exe
O4 - GS\Programs [Public]: Essential Grammar in Use.lnk . (.Cambridge University Press - Essential Grammar In Use.) C:\Program Files (x86)\Cambridge\EssentialGrammarInUse\EssGram.exe =>.Cambridge University Press
O4 - GS\Programs [Public]: NoteWorthy Composer.lnk . (...) C:\Program Files (x86)\NoteWorthy Composer\NWC32.EXE
O4 - GS\Programs [Public]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe
O4 - GS\Programs [Public]: UniFlash V2.lnk . (...) C:\Users\user\AppData\Roaming\Microsoft\Installer\{76C39E3D-0A9D-453C-80E3-D4FA454BE16B}\_E4A40A3216341D7F72DB1C.exe
---\\ Lop.com/Domain Hijackers (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{124991fe-45c5-4718-a553-9220dee06f91}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0d511c1c-9df9-4f03-bf4a-aa7be1a7d953}: DhcpNameServer = 198.18.6.145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{c1a485f3-dd50-415a-a57c-872e1a132a28}: DhcpNameServer = 192.168.0.1
---\\ Extra protocols (31) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (...) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (.not file.)
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (...) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (.not file.)
O18 - Handler: mso-minsb-roaming.16 [64Bits] - {83C25742-A9F7-49FB-9138-434302C88D07} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
O18 - Handler: mso-minsb.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
O18 - Handler: osf-roaming.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll =>.Skype Technologies SA®
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation®
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation®
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
---\\ List of key exploring StartupApproved (38) - 1s
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:uTorrent
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Bitdefender Wallet Agent
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:IDMan
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDrive
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SpeedConnectStartUp
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:pdiface
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Chromium
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:IDM trial reset
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:X-Lite
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:apphide2
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SuperCopier3
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Viber
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OfficeSyncProcess
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:PC Remote Server
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:background_fault
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:e.lnk
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:MyPC Backup.lnk =>PUP.Optional.MyPCBackup
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:PdaNet Desktop.lnk
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:Survey Remover 4.1.0.0.lnk
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:uTorrent
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Bitdefender Wallet Agent
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:IDMan
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDrive
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SpeedConnectStartUp
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:pdiface
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Chromium
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:IDM trial reset
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:X-Lite
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:apphide2
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SuperCopier3
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Viber
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OfficeSyncProcess
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:PC Remote Server
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:background_fault
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:e.lnk
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:MyPC Backup.lnk =>PUP.Optional.MyPCBackup
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:PdaNet Desktop.lnk
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:Survey Remover 4.1.0.0.lnk
---\\ Software installed (142) - 22s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent {59123D60D39E60127D6B456A62C9DEAC}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0A5B39D2-7ED6-4779-BCC9-37F381139DB3} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 25 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Shockwave Player + Authorware Web Player - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player + Authorware Web Player =>.Adobe Systems, Inc.
O42 - Logiciel: AIMP - (.AIMP DevTeam.) [HKLM][64Bits] -- AIMP {2E5136402087ADFCCD8977967B2F00B7} =>.AIMP DevTeam
O42 - Logiciel: AlphaGo - (.AlphaGo.) [HKLM][64Bits] -- {E1AF73C7-0C82-4D66-829E-16B29FBBF384}
O42 - Logiciel: amuleC - (.amuleC.) [HKLM][64Bits] -- {19539992-061C-4E8B-9053-07B175303AF4}
O42 - Logiciel: Analyseur et SDK MSXML 4.0 SP2 - (.Microsoft Corporation.) [HKLM][64Bits] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC} =>.Microsoft Corporation
O42 - Logiciel: Android Studio - (.Google Inc..) [HKLM][64Bits] -- Android Studio {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc.
O42 - Logiciel: ASIO4ALL - (.Michael Tippach.) [HKLM][64Bits] -- ASIO4ALL =>.Michael Tippach
O42 - Logiciel: avast! SecureLine v1.0.24.0 - (.AVAST Software.) [HKLM][64Bits] -- {2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1 =>.AVAST Software a.s.®
O42 - Logiciel: Baidu Browser - (.Baidu Inc..) [HKLM][64Bits] -- Spark {5FAEE9E83F32948F3B2040AC6DF0145C}
O42 - Logiciel: Barre de recherche Encarta (64 bits) - (.Microsoft.) [HKLM][64Bits] -- {08184040-959A-4B0D-8825-2C533F0DDB19} =>.Microsoft
O42 - Logiciel: BlackBerry Desktop Software 7.1 - (.Research In Motion Ltd..) [HKLM][64Bits] -- {BE5B0450-DCCB-4FE9-93E2-3B38D88A745B} =>.Research In Motion Ltd.
O42 - Logiciel: BlackBerry Desktop Software 7.1 - (.Research In Motion Ltd..) [HKLM][64Bits] -- BlackBerry_Desktop =>.Research In Motion®
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {56DDDFB8-7F79-4480-89D5-25E1F52AB28F} =>.Apple Inc.
O42 - Logiciel: Cambridge- Advanced Grammar in Use - (.Clarity Language Consultants Ltd.) [HKLM][64Bits] -- Cambridge- Advanced Grammar in Use
O42 - Logiciel: Cambridge- English Grammar in Use - (.Clarity Language Consultants Ltd.) [HKLM][64Bits] -- Cambridge- English Grammar in Use
O42 - Logiciel: Car Mechanic Simulator 2015 v.1.0.6.2 - (...) [HKLM][64Bits] -- Car Mechanic Simulator 2015_is1
O42 - Logiciel: Cisco Networking Academy curriculum 4.0(1) - (.Cisco Systems, Inc..) [HKLM][64Bits] -- Cisco Networking Academy curriculum_is1 =>.Cisco Systems, Inc.
O42 - Logiciel: Cisco Packet Tracer 6.0.1 - (.Cisco Systems, Inc..) [HKLM][64Bits] -- Cisco Packet Tracer 6.0.1_is1 =>.Cisco Systems, Inc.
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft
O42 - Logiciel: DoulCI Activator v3.0 Private Build - (.DoulCI Team.) [HKLM][64Bits] -- DoulCI Activator v3.0 Private Build
O42 - Logiciel: doulCi™ Activator tool 2.0.14 - (.Doulci iCloud.) [HKLM][64Bits] -- doulCi™ Activator tool 2.0.14 =>.Superfluous.DoulCiActivator
O42 - Logiciel: dr.fone toolkit pour Android (Version 8.2.1) - (.Wondershare Technology Co.,Ltd..) [HKLM][64Bits] -- {7B08A1E1-3644-4237-B39D-762B5F5564D0}_is1 {5CCAA82369A26AEE30D017616B1CEB69}
O42 - Logiciel: Droid4X - (.Haiyu Dongxiang Co.,Ltd..) [HKLM][64Bits] -- Droid4X
O42 - Logiciel: Essential Grammar in Use - (.Cambridge.) [HKLM][64Bits] -- {253C884B-3E62-4FA3-88AF-4861F1A1BCC3} =>.Cambridge
O42 - Logiciel: FL Studio 12 - (.Image-Line.) [HKLM][64Bits] -- FL Studio 12 {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line
O42 - Logiciel: FL Studio ASIO - (.Image-Line.) [HKLM][64Bits] -- FL Studio ASIO {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line
O42 - Logiciel: FormatFactory 3.3.1.0 - (.Format Factory.) [HKLM][64Bits] -- FormatFactory =>.Format Factory
O42 - Logiciel: Foxit Reader - (.Foxit Software Inc..) [HKLM][64Bits] -- Foxit Reader_is1 =>.Foxit Software Incorporated®
O42 - Logiciel: Free Bible 0.92 - (.BibleGratuite.org.) [HKLM][64Bits] -- BibleGratuite_is1
O42 - Logiciel: Freedome - (.F-Secure Corporation.) [HKLM][64Bits] -- F-Secure Freedome {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation
O42 - Logiciel: GlassFish Server Open Source Edition 4.1 - (...) [HKLM][64Bits] -- nbi-glassfish-mod-4.1.0.13.0
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {F6430171-B86B-4639-839E-374913E7911D} =>.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Grand Dictionnaire Hachette-Oxford - (...) [HKLM][64Bits] -- Grand Dictionnaire Hachette-Oxford
O42 - Logiciel: Harrap's Unabridged Pro - (...) [HKLM][64Bits] -- Harrap's Unabridged Pro
O42 - Logiciel: Harrap's Unabridged Pro Français - Anglais - (...) [HKLM][64Bits] -- {1F73C81A-E441-4957-BF0C-9CFAB635E69B}
O42 - Logiciel: HTC Driver Installer - (.HTC Corporation.) [HKLM][64Bits] -- {4CEEE5D0-F905-4688-B9F9-ECC710507796} =>.HTC Corporation
O42 - Logiciel: HTC Sync Manager - (.HTC.) [HKLM][64Bits] -- {231D0C79-98A6-4693-A366-36DE7D7346EC} =>.HTC
O42 - Logiciel: IL Download Manager - (.Image-Line.) [HKLM][64Bits] -- IL Download Manager {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line
O42 - Logiciel: IL Shared Libraries - (.Image-Line.) [HKLM][64Bits] -- IL Shared Libraries {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {1CEAC85D-2590-4760-800F-8DE5E91F3700} =>.Intel Corporation
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {9ECA1744-4800-4AE2-AC52-9109E24854AA} =>.Intel Corporation
O42 - Logiciel: Intel(R) ME UninstallLegacy - (.Intel Corporation.) [HKLM][64Bits] -- {335F9123-9306-4DB0-AF07-9C636317EE9D} =>.Intel Corporation
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - pGFX®
O42 - Logiciel: Intel® RealSense™ SDK 2014 Runtime (x64): Core - (.Intel Corporation.) [HKLM][64Bits] -- {37D41A97-6B02-4C30-8753-85107BE1D674} =>.Intel Corporation
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc.
O42 - Logiciel: IPTInstaller - (.HTC.) [HKLM][64Bits] -- {08208143-777D-4A06-BB54-71BF0AD1BB70} =>.HTC
O42 - Logiciel: iReport 5.6.0 - (.Jaspersoft Corp..) [HKLM][64Bits] -- iReport-5.6.0.exe
O42 - Logiciel: Java 8 Update 51 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418051F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Java SE Development Kit 8 Update 51 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180510} =>.Oracle Corporation
O42 - Logiciel: Java(TM) 7 Update 2 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417002FF} =>.Oracle
O42 - Logiciel: Java(TM) SE Development Kit 7 Update 2 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0170020} =>.Oracle
O42 - Logiciel: JavaFX 2.0.2 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {1111706F-666A-4037-7777-202648764D10} =>.Oracle Corporation
O42 - Logiciel: JavaFX 2.0.2 SDK (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {2222706F-666A-4037-7777-202648764D10} =>.Oracle Corporation
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {0BE9E708-5DC0-4963-9CFD-0AA519090E79} =>.Microsoft Corporation
O42 - Logiciel: JURASSIC Universal Android Tool v.5.0.2 - (...) [HKLM][64Bits] -- JURASSIC Universal Android Tool v.5.0.2
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- {77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} =>.Kaspersky Lab
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} =>.Kaspersky Lab
O42 - Logiciel: KB Piano 2.5.1 Shareware version - (...) [HKLM][64Bits] -- KB Piano_is1
O42 - Logiciel: KMSpico - (...) [HKLM][64Bits] -- {8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 =>HackTool.KMSpico
O42 - Logiciel: LG United Mobile Driver - (.LG Electronics.) [HKLM][64Bits] -- {2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA} =>.LG Electronics
O42 - Logiciel: LG USB WML Modem Driver - (.LG Electronics.) [HKLM][64Bits] -- {FBA0CA60-8BF2-4381-B819-74F020E165A9} =>.LG Electronics
O42 - Logiciel: LG VZW United Drivers - (.LG Electronics.) [HKLM][64Bits] -- {E86DE69E-A94E-41B6-8661-7372FCA1A83C} =>.LG Electronics
O42 - Logiciel: Metric Collection SDK 35 - (.Lenovo Group Limited.) [HKLM][64Bits] -- {C2B5B5B0-2545-4E94-B4BA-548D4BF0B196} =>.Lenovo Group Limited
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Encarta 2009 - Collection - (.Microsoft Corporation.) [HKLM][64Bits] -- {09180081-2C94-4A67-8E55-8483C019C7D2} =>.Microsoft Corporation
O42 - Logiciel: MiniTool Partition Wizard Free 9.1 - (.MiniTool Solution Ltd..) [HKLM][64Bits] -- {05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1 {1121FE616769A8C3C0A0EDC5507542AE320D} =>.MiniTool Solution Ltd.
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} =>.Microsoft
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} =>.Microsoft
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} =>.Microsoft
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM][64Bits] -- {196467F1-C11F-4F76-858B-5812ADC83B94} =>.Microsoft Corporation
O42 - Logiciel: MusicLab Virtual MIDI Driver - (.MusicLab, Inc..) [HKLM][64Bits] -- {A30B7FD7-04A1-46e1-ABDF-FD592C113253}
O42 - Logiciel: NetBeans IDE 8.0.2 - (.NetBeans.org.) [HKLM][64Bits] -- nbi-nb-base-8.0.2.0.201411181905 =>.NetBeans.org
O42 - Logiciel: NetCut 2.1.4 - (.arcai.com.) [HKLM][64Bits] -- NetCut_is1 =>.arcai.com
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++ =>.Notepad++ Team
O42 - Logiciel: NoteWorthy Composer - (...) [HKLM][64Bits] -- NoteWorthy Composer
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component 64-bit Registration - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00DD-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-007E-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Oracle VM VirtualBox 4.3.12_ZZZZ - (.Oracle Corporation.) [HKLM][64Bits] -- {B5121457-0126-4E62-BCBF-6DC7C73D9E4A} =>.Oracle Corporation
O42 - Logiciel: PC Remote - (.PC Remote.) [HKLM][64Bits] -- {C934DF74-D0D9-445C-90AA-34012A04E11D}
O42 - Logiciel: Petit Larousse 2010 - (...) [HKLM][64Bits] -- {422FADA9-FED2-41D7-B5FA-472BB98B7784}
O42 - Logiciel: PianoFX STUDIO 4.0 - (.Tanseon Systems.) [HKLM][64Bits] -- PianoFX STUDIO 4.0_is1
O42 - Logiciel: PotPlayer v1.6.55391 Stable x86 - (.Daum Corp..) [HKLM][64Bits] -- PotPlayer
O42 - Logiciel: Recuva - (.Piriform.) [HKLM][64Bits] -- Recuva =>.Piriform Ltd®
O42 - Logiciel: reFX Nexus VSTi RTAS v2.2.0 - (...) [HKLM][64Bits] -- reFX Nexus_is1
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller =>.VS Revo Group
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D} =>.Apple Inc.
O42 - Logiciel: SAM CoDeC Pack - (.www.SamLab.ws.) [HKLM][64Bits] -- SAM CoDeC Pack
O42 - Logiciel: Skype™ 6.3 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D} =>.Skype Technologies S.A.
O42 - Logiciel: Survey Remover Trial - (.Survey Remover Online.) [HKLM][64Bits] -- Survey Remover Trial4.1.0.0
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated
O42 - Logiciel: Terela - (.Terela.) [HKLM][64Bits] -- {E2F7C535-0785-4C2D-B56F-016BFD02B010}
O42 - Logiciel: Test Simulator - (...) [HKLM][64Bits] -- Test Simulator
O42 - Logiciel: Try Corel Snapfire muvee autoProducer add on - (.Nom de votre société.) [HKLM][64Bits] -- {12665B01-3F3A-4433-B179-9D8E352D7547}
O42 - Logiciel: UAUBEN DEL SOFTWARE BUNDLE - (.UAUBEN.) [HKLM][64Bits] -- {6238D800-71CD-44F2-BED6-707CE8FEDFBE}
O42 - Logiciel: UniFlash - (.Mikhail Prokofiev.) [HKLM][64Bits] -- {76C39E3D-0A9D-453C-80E3-D4FA454BE16B}
O42 - Logiciel: Universal Adb Driver - (.ClockworkMod.) [HKLM][64Bits] -- {D9C4202E-6D51-4B06-A8F1-22316E654BCA} =>.ClockworkMod
O42 - Logiciel: Universal Advance Unlocker - (...) [HKLM][64Bits] -- Universal Advance Unlocker
O42 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM][64Bits] -- Usbfix =>.El Desaparecido - www.usbfix.net - www.sosvirus.net
O42 - Logiciel: Usenet.nl - (...) [HKLM][64Bits] -- Usenet.nl_is1 =>.TangySoft Ltd.®
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: VMware Workstation - (.VMware, Inc..) [HKLM][64Bits] -- {F4C0A853-FA3B-4404-954B-799299EB5A98} =>.VMware, Inc.
O42 - Logiciel: Wampserver64 3.0.6 - (.Dominique Ottello aka Otomatic.) [HKLM][64Bits] -- {wampserver64}_is1
O42 - Logiciel: Windows Mobile Device Updater Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {F2CB8C3C-9C9E-4FAB-9067-655601C5F748} =>.Microsoft Corporation
O42 - Logiciel: Windows Phone app for desktop - (.Microsoft Corporation.) [HKLM][64Bits] -- {5F71448B-88EB-4357-9A98-8658D4C49C48} =>.Microsoft Corporation
O42 - Logiciel: Windows Phone Device Manager - (.Julien Schapman.) [HKLM][64Bits] -- {3959E064-5785-4DA1-9799-5A841F6B9DA5}
O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM][64Bits] -- WinPcapInst =>.CACE Technologies
O42 - Logiciel: WinRAR 5.01 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: WinSnare - (.WinSnare.) [HKLM][64Bits] -- {BD101EEA-592F-453A-A5BD-11BB4B6EC9A0}
O42 - Logiciel: Zune - (.Microsoft Corporation.) [HKLM][64Bits] -- {9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5} =>.Microsoft Corporation
O42 - Logiciel: Zune - (.Microsoft Corporation.) [HKLM][64Bits] -- Zune =>.Microsoft Corporation®
O42 - Logiciel: Zune Language Pack (CHS) - (.Microsoft Corporation.) [HKLM][64Bits] -- {2A9DFFD8-4E09-4B91-B957-454805B0D7C4} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (CHT) - (.Microsoft Corporation.) [HKLM][64Bits] -- {A5A53EA8-A11E-49F0-BDF5-AE536426A31A} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (CSY) - (.Microsoft Corporation.) [HKLM][64Bits] -- {A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (DAN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8B112338-2B08-4851-AF84-E7CAD74CEB32} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (DEU) - (.Microsoft Corporation.) [HKLM][64Bits] -- {BE236D9A-52EC-4A17-82DA-84B5EAD31E3E} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (ELL) - (.Microsoft Corporation.) [HKLM][64Bits] -- {3589A659-F732-4E65-A89A-5438C332E59D} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (ESP) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6B33492E-FBBC-4EC3-8738-09E16E395A10} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (FIN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {B4870774-5F3A-46D9-9DFE-06FB5599E26B} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (FRA) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C68D33B1-0204-4EBE-BC45-A6E432B1D13A} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (HUN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C6BE19C6-B102-4038-B2A6-1C313872DBB4} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (IND) - (.Microsoft Corporation.) [HKLM][64Bits] -- {92ECE3F9-591E-4C12-8A62-B9FCE38BF646} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (ITA) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C5D37FFA-7483-410B-982B-91E93FD3B7DA} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (JPN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {D8A781C9-3892-4E2E-9320-480CF896CFBB} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (KOR) - (.Microsoft Corporation.) [HKLM][64Bits] -- {51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (MSL) - (.Microsoft Corporation.) [HKLM][64Bits] -- {76BA306B-2AA0-47C0-AB6B-F313AB56C136} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (NLD) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6740BCB0-5863-47F4-80F4-44F394DE4FE2} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (NOR) - (.Microsoft Corporation.) [HKLM][64Bits] -- {5DEFD397-4012-46C3-B6DA-E8013E660772} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (PLK) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8960A0A1-BB5A-479E-92CF-65AB9D684B43} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (PTB) - (.Microsoft Corporation.) [HKLM][64Bits] -- {07EEE598-5F21-4B57-B40B-46592625B3D9} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (PTG) - (.Microsoft Corporation.) [HKLM][64Bits] -- {5C93E291-A1CC-4E51-85C6-E194209FCDB4} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (RUS) - (.Microsoft Corporation.) [HKLM][64Bits] -- {57C51D56-B287-4C11-9192-EC3C46EF76A4} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (SVE) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6EB931CD-A7DA-4A44-B74A-89C8EB50086F} =>.Microsoft Corporation
---\\ HKCU & HKLM Software Keys (215) - 22s
HKLM\SOFTWARE\Wow6432Node\3B878D788DA34B0EA09AC0543ABB3821 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\AMD
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Arcai
HKLM\SOFTWARE\Wow6432Node\ASIO
HKLM\SOFTWARE\Wow6432Node\ASIO4ALL
HKLM\SOFTWARE\Wow6432Node\Auslogics
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\AviSynth
HKLM\SOFTWARE\Wow6432Node\Baidu
HKLM\SOFTWARE\Wow6432Node\Bangcar
HKLM\SOFTWARE\Wow6432Node\Bavrykatok
HKLM\SOFTWARE\Wow6432Node\Caphyon
HKLM\SOFTWARE\Wow6432Node\Chromium
HKLM\SOFTWARE\Wow6432Node\Clarity
HKLM\SOFTWARE\Wow6432Node\Clickteam
HKLM\SOFTWARE\Wow6432Node\CloudOPTInfo
HKLM\SOFTWARE\Wow6432Node\co.ao.aio
HKLM\SOFTWARE\Wow6432Node\Corel
HKLM\SOFTWARE\Wow6432Node\CounterPath
HKLM\SOFTWARE\Wow6432Node\Couvutionkocty
HKLM\SOFTWARE\Wow6432Node\Cyanide
HKLM\SOFTWARE\Wow6432Node\Cygwin
HKLM\SOFTWARE\Wow6432Node\drpsu
HKLM\SOFTWARE\Wow6432Node\DSPRobotics
HKLM\SOFTWARE\Wow6432Node\Extended Systems
HKLM\SOFTWARE\Wow6432Node\F-Secure
HKLM\SOFTWARE\Wow6432Node\fdqoge
HKLM\SOFTWARE\Wow6432Node\Firefox
HKLM\SOFTWARE\Wow6432Node\fjffffadf
HKLM\SOFTWARE\Wow6432Node\Foxit Software
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\GuidGuid13
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\Harrap
HKLM\SOFTWARE\Wow6432Node\Havas Interactive
HKLM\SOFTWARE\Wow6432Node\hohosearchSoftware
HKLM\SOFTWARE\Wow6432Node\HTC
HKLM\SOFTWARE\Wow6432Node\ihpmserver =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Image-Line
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Larousse
HKLM\SOFTWARE\Wow6432Node\Lenovo
HKLM\SOFTWARE\Wow6432Node\LG Electronics
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\McAfee
HKLM\SOFTWARE\Wow6432Node\Microleaves
HKLM\SOFTWARE\Wow6432Node\MimarSinan
HKLM\SOFTWARE\Wow6432Node\MOVAVI
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nero
HKLM\SOFTWARE\Wow6432Node\NMDVPN-GUI
HKLM\SOFTWARE\Wow6432Node\Notepad++
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OldTimer Tools
HKLM\SOFTWARE\Wow6432Node\Propellerhead Software
HKLM\SOFTWARE\Wow6432Node\PTE Patch 2016
HKLM\SOFTWARE\Wow6432Node\RayDld =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\REALTEK Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Research In Motion
HKLM\SOFTWARE\Wow6432Node\RtWLan
HKLM\SOFTWARE\Wow6432Node\ScreenShot
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Softros Systems
HKLM\SOFTWARE\Wow6432Node\SoftVoice
HKLM\SOFTWARE\Wow6432Node\SOSVirus
HKLM\SOFTWARE\Wow6432Node\SprgFiles
HKLM\SOFTWARE\Wow6432Node\startpageing123Software
HKLM\SOFTWARE\Wow6432Node\Stellar Data Recovery
HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent
HKLM\SOFTWARE\Wow6432Node\ThinPrint
HKLM\SOFTWARE\Wow6432Node\UAUBEN
HKLM\SOFTWARE\Wow6432Node\UCBrowserPID
HKLM\SOFTWARE\Wow6432Node\UniFlash
HKLM\SOFTWARE\Wow6432Node\VMware, Inc.
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WafCX
HKLM\SOFTWARE\Wow6432Node\WinArcher
HKLM\SOFTWARE\Wow6432Node\WinPcap
HKLM\SOFTWARE\Wow6432Node\WinSaberSvc
HKLM\SOFTWARE\Wow6432Node\Wise Solutions
HKLM\SOFTWARE\Wow6432Node\Wondershare
HKLM\SOFTWARE\Wow6432Node\WOW6432Node
HKLM\SOFTWARE\Wow6432Node\wvc
HKLM\SOFTWARE\Wow6432Node\xvb`lj
HKLM\SOFTWARE\Wow6432Node\youndooSoftware
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\3B878D788DA34B0EA09AC0543ABB3821 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AC3Filter
HKCU\SOFTWARE\AlphaGo
HKCU\SOFTWARE\Andy
HKCU\SOFTWARE\AOMEI
HKCU\SOFTWARE\Apowersoft
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Arcai.com
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\Bangcar
HKCU\SOFTWARE\BibleGratuite
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Bytescout
HKCU\SOFTWARE\CamStudioOpenSource for Nick
HKCU\SOFTWARE\CBS Software
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Clickteam
HKCU\SOFTWARE\CounterPath
HKCU\SOFTWARE\csastats
HKCU\SOFTWARE\Cyanide
HKCU\SOFTWARE\Cygwin
HKCU\SOFTWARE\DAUM
HKCU\SOFTWARE\deskapp
HKCU\SOFTWARE\DownloadAstro
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Dropbox
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\DRPSu Updater
HKCU\SOFTWARE\DSS
HKCU\SOFTWARE\DVG
HKCU\SOFTWARE\Emjysoft
HKCU\SOFTWARE\Extended Systems
HKCU\SOFTWARE\F-Secure
HKCU\SOFTWARE\Foxit Software
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\heheelibom
HKCU\SOFTWARE\HTC
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Image-Line
HKCU\SOFTWARE\ImTOO
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\JEDI-VCL
HKCU\SOFTWARE\KasperskyLab
HKCU\SOFTWARE\KC Softwares
HKCU\SOFTWARE\L&H Language Technology
HKCU\SOFTWARE\Learn Spanish - Level 7 - Intermediate Audio Course
HKCU\SOFTWARE\Lenovo
HKCU\SOFTWARE\LG Electronics
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\LowRegistry
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Micro Application
HKCU\SOFTWARE\Mikhail Prokofiev
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\MiniTool Solution Ltd.
HKCU\SOFTWARE\Mirage
HKCU\SOFTWARE\MOVAVI
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-BE
HKCU\SOFTWARE\Native Instruments
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\PC Remote
HKCU\SOFTWARE\PdaNetAndroid
HKCU\SOFTWARE\PEiD
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Red Dot Games
HKCU\SOFTWARE\reFX
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Research In Motion
HKCU\SOFTWARE\SamLab.ws
HKCU\SOFTWARE\Screen Recorder Studio
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SMADΔV
HKCU\SOFTWARE\SoftVoice
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\Terela
HKCU\SOFTWARE\Torrentex Inc.
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\UCBrowser
HKCU\SOFTWARE\UCBrowserPID
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\UsbFix
HKCU\SOFTWARE\usr
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\vanBasco
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\VMware, Inc.
HKCU\SOFTWARE\VSRevoGroup
HKCU\SOFTWARE\Webcam Simulator
HKCU\SOFTWARE\Windows Live Writer
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\WinSnare
HKCU\SOFTWARE\Wintertree
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\wvc
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\PasswordBox
---\\ Contents of the Common Files folders (336) - 18s
O43 - CFD: 14/03/2017 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 14/11/2016 - [] D -- C:\Program Files (x86)\AIMP {2E5136402087ADFCCD8977967B2F00B7}
O43 - CFD: 07/02/2017 - [] AD -- C:\Program Files (x86)\amuleC1
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\AndroidControl_v1.3.1
O43 - CFD: 14/04/2017 - [] AD -- C:\Program Files (x86)\Apple Software Update =>.Apple Inc.®
O43 - CFD: 10/12/2016 - [] D -- C:\Program Files (x86)\ASIO4ALL v2
O43 - CFD: 09/07/2016 - [] D -- C:\Program Files (x86)\azskdtfaddf =>.VideoLAN®
O43 - CFD: 02/03/2017 - [] D -- C:\Program Files (x86)\baidu {5FAEE9E83F32948F3B2040AC6DF0145C}
O43 - CFD: 27/02/2017 - [] D -- C:\Program Files (x86)\Bangcar {2A9C21ACAAA63A3C58A7B9322BEE948D}
O43 - CFD: 06/03/2017 - [] AD -- C:\Program Files (x86)\BibleGratuite
O43 - CFD: 03/03/2016 - [] AD -- C:\Program Files (x86)\Bonjour =>.Apple Inc.®
O43 - CFD: 10/02/2016 - [] D -- C:\Program Files (x86)\Cambridge
O43 - CFD: 21/04/2016 - [] AD -- C:\Program Files (x86)\Cisco Packet Tracer 6.0.1
O43 - CFD: 21/04/2016 - [] D -- C:\Program Files (x86)\Cisco Packet Tracer 6.1.1sv
O43 - CFD: 23/03/2017 - [] D -- C:\Program Files (x86)\ClockworkMod
O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 13/08/2016 - [] D -- C:\Program Files (x86)\Daum =>.Daum Kakao Corp.®
O43 - CFD: 10/08/2016 - [] D -- C:\Program Files (x86)\DaumBack
O43 - CFD: 05/05/2017 - [] D -- C:\Program Files (x86)\Doulci iCloud
O43 - CFD: 05/05/2017 - [] D -- C:\Program Files (x86)\DoulCI Team
O43 - CFD: 19/04/2017 - [] HD -- C:\Program Files (x86)\DrFoneAndroid_Temp
O43 - CFD: 09/05/2017 - [] D -- C:\Program Files (x86)\Droid4X
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\F-Secure {041BB945D9BF4EFB0CA0FD633751DB8A}
O43 - CFD: 06/05/2017 - [] AD -- C:\Program Files (x86)\Firefox {57FCDAB4B0C6202BC89A0DDD4A742960}
O43 - CFD: 26/06/2016 - [] D -- C:\Program Files (x86)\Foxit Software =>.Foxit Software Incorporated®
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\FreeTime
O43 - CFD: 10/02/2016 - [] D -- C:\Program Files (x86)\GDHO
O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 10/02/2016 - [] D -- C:\Program Files (x86)\Harrap
O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\HTC
O43 - CFD: 16/02/2017 - [] D -- C:\Program Files (x86)\Image-Line {675CD761D5E622BE396492313ABC0E9A}
O43 - CFD: 21/04/2017 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield Software Corporation®
O43 - CFD: 03/04/2017 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation - pGFX®
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files (x86)\Internet Download Manager {7828C7315808BC8717710E13FA3C0B24}
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 26/05/2016 - [] D -- C:\Program Files (x86)\Jaspersoft
O43 - CFD: 27/05/2016 - [] AD -- C:\Program Files (x86)\Java =>.Oracle America, Inc.®
O43 - CFD: 04/04/2017 - [] D -- C:\Program Files (x86)\JURASSIC Universal Android Tool v.5.0.2
O43 - CFD: 14/10/2016 - [] D -- C:\Program Files (x86)\Kaspersky Lab =>.Kaspersky Lab®
O43 - CFD: 22/04/2017 - [] AD -- C:\Program Files (x86)\KB Piano 2
O43 - CFD: 13/03/2016 - [] D -- C:\Program Files (x86)\Larousse
O43 - CFD: 11/05/2016 - [] D -- C:\Program Files (x86)\Lenovo =>.LENOVO®
O43 - CFD: 21/04/2017 - [] D -- C:\Program Files (x86)\LG Electronics
O43 - CFD: 22/02/2017 - [] D -- C:\Program Files (x86)\Microleaves
O43 - CFD: 21/12/2016 - [] D -- C:\Program Files (x86)\Microsoft Chart Controls
O43 - CFD: 02/07/2016 - [] AD -- C:\Program Files (x86)\Microsoft Encarta =>.Microsoft Corporation®
O43 - CFD: 24/12/2016 - [] AD -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 01/03/2017 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Mikhail Prokofiev
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\MIO =>.Superfluous.Tencent
O43 - CFD: 26/10/2016 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 14/03/2017 - [] AD -- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 22/10/2016 - [] AD -- C:\Program Files (x86)\netcut
O43 - CFD: 11/09/2016 - [] D -- C:\Program Files (x86)\Notepad++ {055F937A9DF73DFD90BA9889E4C50A11}
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\NoteWorthy Composer
O43 - CFD: 15/03/2017 - [] D -- C:\Program Files (x86)\PC Remote {2B2F2DCBBD5B48}
O43 - CFD: 13/04/2017 - [] AD -- C:\Program Files (x86)\PdaNet for Android {01000000000129AAA07E1C}
O43 - CFD: 17/01/2017 - [] AD -- C:\Program Files (x86)\PianoFX
O43 - CFD: 10/02/2017 - [] D -- C:\Program Files (x86)\Pluratherprivasy
O43 - CFD: 26/10/2016 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 11/05/2017 - [] D -- C:\Program Files (x86)\reports
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files (x86)\Research In Motion =>.Research In Motion®
O43 - CFD: 14/04/2017 - [] AD -- C:\Program Files (x86)\Safari =>.Apple Inc.®
O43 - CFD: 09/02/2016 - [] D -- C:\Program Files (x86)\SAM CoDeC Pack
O43 - CFD: 24/12/2016 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Technologies SA®
O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Spirent Communications
O43 - CFD: 05/05/2017 - [] AD -- C:\Program Files (x86)\Survey Remover Trial
O43 - CFD: 18/04/2016 - [] D -- C:\Program Files (x86)\Test Simulator
O43 - CFD: 12/07/2016 - [] D -- C:\Program Files (x86)\TXQQBrowser =>.Superfluous.Tencent
O43 - CFD: 24/04/2017 - [] D -- C:\Program Files (x86)\Universal Advance Unlocker
O43 - CFD: 10/05/2017 - [] AD -- C:\Program Files (x86)\Usenet.nl =>.TangySoft Ltd.®
O43 - CFD: 24/04/2017 - [] D -- C:\Program Files (x86)\usr
O43 - CFD: 08/04/2017 - [] AD -- C:\Program Files (x86)\VMware =>.VMware, Inc.®
O43 - CFD: 24/04/2016 - [] D -- C:\Program Files (x86)\VS Revo Group =>.VS Revo Group®
O43 - CFD: 10/12/2016 - [] D -- C:\Program Files (x86)\VstPlugins
O43 - CFD: 17/03/2016 - [] D -- C:\Program Files (x86)\Webcam Video Capture 7.0
O43 - CFD: 14/04/2017 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 24/12/2016 - [] AD -- C:\Program Files (x86)\Windows Live =>.Microsoft Corporation®
O43 - CFD: 23/03/2017 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 14/03/2017 - [] AD -- C:\Program Files (x86)\Windows Phone =>.Microsoft Corporation®
O43 - CFD: 14/04/2017 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 09/02/2016 - [] D -- C:\Program Files (x86)\WinPcap =>.CACE Technologies, Inc.®
O43 - CFD: 13/04/2017 - [] D -- C:\Program Files (x86)\Winphone
O43 - CFD: 14/10/2016 - [] D -- C:\Program Files (x86)\WinSaber
O43 - CFD: 02/03/2017 - [] AD -- C:\Program Files (x86)\WinSnare(4.0.9)
O43 - CFD: 02/03/2017 - [] AD -- C:\Program Files (x86)\WinSnare(4.2.1)
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\Wondershare =>.BugSplat LLC®
O43 - CFD: 23/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 14/04/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 23/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
O43 - CFD: 05/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
O43 - CFD: 08/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com
O43 - CFD: 07/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 02/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Browser
O43 - CFD: 20/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry
O43 - CFD: 05/01/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Networking Academy
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer
O43 - CFD: 12/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Droid4X
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
O43 - CFD: 27/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freedome
O43 - CFD: 28/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Harrap
O43 - CFD: 06/05/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
O43 - CFD: 19/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jaspersoft
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
O43 - CFD: 04/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JURASSIC Universal Android Tool v.5.0.2
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
O43 - CFD: 17/01/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KB Piano 2
O43 - CFD: 25/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Larousse
O43 - CFD: 05/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool
O43 - CFD: 16/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Encarta
O43 - CFD: 01/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1
O43 - CFD: 20/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicLab
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
O43 - CFD: 16/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 17/01/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PianoFX STUDIO
O43 - CFD: 11/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAM CoDeC Pack
O43 - CFD: 24/12/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 06/05/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 16/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 10/05/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Usenet.nl
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 08/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
O43 - CFD: 11/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wampserver64
O43 - CFD: 24/12/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 14/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 19/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
O43 - CFD: 15/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77
O43 - CFD: 20/02/2016 - [] D -- C:\ProgramData\AomeiBR
O43 - CFD: 27/02/2017 - [] D -- C:\ProgramData\Apple
O43 - CFD: 03/03/2016 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 26/10/2016 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 14/03/2017 - [] D -- C:\ProgramData\Applications
O43 - CFD: 07/03/2017 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 06/05/2017 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\BDLogging
O43 - CFD: 08/02/2016 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 06/05/2017 - [0] D -- C:\ProgramData\ByteFence =>.Superfluous.ByteTechnologies
O43 - CFD: 26/10/2016 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 19/10/2016 - [] D -- C:\ProgramData\DwinpD
O43 - CFD: 23/04/2017 - [] D -- C:\ProgramData\F-Secure
O43 - CFD: 16/04/2016 - [] D -- C:\ProgramData\HP
O43 - CFD: 06/05/2017 - [] D -- C:\ProgramData\HTC
O43 - CFD: 06/05/2017 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 03/04/2017 - [] D -- C:\ProgramData\Intel
O43 - CFD: 11/05/2017 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 17/01/2017 - [] D -- C:\ProgramData\KB Piano
O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\LGMOBILEAX
O43 - CFD: 14/10/2016 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 08/02/2016 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 14/12/2016 - [] D -- C:\ProgramData\Microleaves
O43 - CFD: 06/05/2017 - [] ASD -- C:\ProgramData\Microsoft
O43 - CFD: 15/02/2017 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 08/02/2016 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 10/02/2016 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 03/04/2017 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 28/04/2017 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 20/04/2017 - [] D -- C:\ProgramData\Research In Motion
O43 - CFD: 24/12/2016 - [] D -- C:\ProgramData\Skype
O43 - CFD: 10/02/2016 - [] D -- C:\ProgramData\Sun
O43 - CFD: 09/02/2016 - [] D -- C:\ProgramData\Synaptics
O43 - CFD: 04/04/2017 - [] D -- C:\ProgramData\Thunder Network
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 11/05/2017 - [] AD -- C:\ProgramData\VMware
O43 - CFD: 18/02/2016 - [] D -- C:\ProgramData\VS Revo Group
O43 - CFD: 04/04/2017 - [] D -- C:\ProgramData\Wondershare
O43 - CFD: 21/06/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 14/03/2017 - [] AD -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 21/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Corel
O43 - CFD: 11/02/2017 - [] D -- C:\Program Files (x86)\Common Files\Digidesign
O43 - CFD: 21/04/2017 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 26/10/2016 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 26/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 22/04/2017 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 03/10/2016 - [] D -- C:\Program Files (x86)\Common Files\Propellerhead Software
O43 - CFD: 05/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Qualcomm Atheros
O43 - CFD: 20/04/2017 - [] AD -- C:\Program Files (x86)\Common Files\Research In Motion
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 24/12/2016 - [] AD -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 08/04/2017 - [] AD -- C:\Program Files (x86)\Common Files\ThinPrint
O43 - CFD: 08/04/2017 - [] D -- C:\Program Files (x86)\Common Files\VMware
O43 - CFD: 24/12/2016 - [] D -- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files (x86)\Common Files\XCPCSync.OEM
O43 - CFD: 20/04/2017 - [] D -- C:\Users\user\AppData\Roaming\AC3Filter
O43 - CFD: 24/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Adobe
O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Roaming\AIMP
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Andy
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Roaming\Apple Computer
O43 - CFD: 02/03/2017 - [] D -- C:\Users\user\AppData\Roaming\Baidu
O43 - CFD: 04/05/2017 - [0] D -- C:\Users\user\AppData\Roaming\BitLord =>PUP.Optional.WhenUSave
O43 - CFD: 22/05/2016 - [] D -- C:\Users\user\AppData\Roaming\Cambridge
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Corel
O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Roaming\DMCache
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\DRPSu
O43 - CFD: 08/06/2016 - [] D -- C:\Users\user\AppData\Roaming\dvdcss
O43 - CFD: 20/04/2016 - [] D -- C:\Users\user\AppData\Roaming\Edulang
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Emjysoft
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\EssentialGrammarInUse
O43 - CFD: 27/02/2017 - [] D -- C:\Users\user\AppData\Roaming\Firefox
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Foxit Software
O43 - CFD: 04/04/2017 - [] D -- C:\Users\user\AppData\Roaming\HaiYuInst
O43 - CFD: 07/05/2016 - [] D -- C:\Users\user\AppData\Roaming\hpqLog
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Roaming\HTC
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Roaming\IDM
O43 - CFD: 03/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Image-Line
O43 - CFD: 03/03/2016 - [] D -- C:\Users\user\AppData\Roaming\ImTOO
O43 - CFD: 22/05/2016 - [] D -- C:\Users\user\AppData\Roaming\InterchangeFourthEditionSelfstudyLevel1
O43 - CFD: 05/04/2017 - [] D -- C:\Users\user\AppData\Roaming\JetBrains
O43 - CFD: 15/11/2016 - [] D -- C:\Users\user\AppData\Roaming\Keolab
O43 - CFD: 10/02/2016 - [] D -- C:\Users\user\AppData\Roaming\Macromedia
O43 - CFD: 06/05/2017 - [] SD -- C:\Users\user\AppData\Roaming\Microsoft
O43 - CFD: 04/05/2017 - [] D -- C:\Users\user\AppData\Roaming\Mozilla
O43 - CFD: 10/02/2016 - [] D -- C:\Users\user\AppData\Roaming\NetBeans
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Notepad++
O43 - CFD: 15/03/2017 - [] D -- C:\Users\user\AppData\Roaming\PC Remote
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Roaming\PotPlayerMini
O43 - CFD: 09/07/2016 - [] D -- C:\Users\user\AppData\Roaming\Profiles
O43 - CFD: 04/05/2017 - [] D -- C:\Users\user\AppData\Roaming\Python-Eggs
O43 - CFD: 25/03/2016 - [] D -- C:\Users\user\AppData\Roaming\reaper
O43 - CFD: 20/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Research In Motion
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Skype
O43 - CFD: 25/02/2016 - [] D -- C:\Users\user\AppData\Roaming\SpringFiles
O43 - CFD: 01/04/2016 - [] D -- C:\Users\user\AppData\Roaming\Steam
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\SynciOS Data Transfer
O43 - CFD: 24/12/2016 - [] D -- C:\Users\user\AppData\Roaming\Tenorshare
O43 - CFD: 23/02/2016 - [] D -- C:\Users\user\AppData\Roaming\Thinstall
O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Roaming\Usenet.nl
O43 - CFD: 11/05/2017 - [] D -- C:\Users\user\AppData\Roaming\uTorrent
O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Roaming\vlc
O43 - CFD: 17/03/2016 - [] D -- C:\Users\user\AppData\Roaming\Webcam Simulator
O43 - CFD: 09/02/2016 - [] D -- C:\Users\user\AppData\Roaming\WinRAR
O43 - CFD: 04/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Wondershare
O43 - CFD: 11/05/2017 - [] D -- C:\Users\user\AppData\Roaming\ZHP
O43 - CFD: 09/07/2016 - [] D -- C:\Users\user\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
O43 - CFD: 16/04/2017 - [] D -- C:\Users\user\AppData\Local\Adobe
O43 - CFD: 05/04/2017 - [] D -- C:\Users\user\AppData\Local\Android
O43 - CFD: 09/07/2016 - [] D -- C:\Users\user\AppData\Local\app =>PUP.Optional.CrossRider
O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Local\Apple
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Apple Computer
O43 - CFD: 26/10/2016 - [0] SHD -- C:\Users\user\AppData\Local\Application Data
O43 - CFD: 07/05/2017 - [] D -- C:\Users\user\AppData\Local\background_fault
O43 - CFD: 27/02/2017 - [] D -- C:\Users\user\AppData\Local\Bangcar
O43 - CFD: 10/04/2016 - [] D -- C:\Users\user\AppData\Local\Bluestacks
O43 - CFD: 05/05/2017 - [] D -- C:\Users\user\AppData\Local\CEF
O43 - CFD: 09/05/2017 - [] D -- C:\Users\user\AppData\Local\Comms
O43 - CFD: 29/10/2016 - [] D -- C:\Users\user\AppData\Local\ConnectedDevicesPlatform
O43 - CFD: 07/05/2016 - [] D -- C:\Users\user\AppData\Local\CounterPath
O43 - CFD: 03/03/2016 - [] D -- C:\Users\user\AppData\Local\CrashRpt =>.Superfluous.CrashReports
O43 - CFD: 28/04/2017 - [] D -- C:\Users\user\AppData\Local\Diagnostics
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Downloaded Installations
O43 - CFD: 09/05/2017 - [] D -- C:\Users\user\AppData\Local\Droid4X
O43 - CFD: 13/02/2017 - [] D -- C:\Users\user\AppData\Local\Edraw
O43 - CFD: 23/04/2017 - [] D -- C:\Users\user\AppData\Local\ElevatedDiagnostics
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Local\Emjysoft
O43 - CFD: 23/04/2017 - [] D -- C:\Users\user\AppData\Local\F-Secure
O43 - CFD: 27/02/2017 - [] D -- C:\Users\user\AppData\Local\Firefox
O43 - CFD: 16/12/2016 - [] D -- C:\Users\user\AppData\Local\Foxit Reader
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Google
O43 - CFD: 26/10/2016 - [0] SHD -- C:\Users\user\AppData\Local\Historique
O43 - CFD: 11/05/2017 - [] D -- C:\Users\user\AppData\Local\HTC MediaHub
O43 - CFD: 16/03/2017 - [] D -- C:\Users\user\AppData\Local\IIIQF
O43 - CFD: 11/05/2016 - [] D -- C:\Users\user\AppData\Local\Lenovo
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Microsoft
O43 - CFD: 30/11/2016 - [] D -- C:\Users\user\AppData\Local\Microsoft Help
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Local\MicrosoftEdge
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Local\Movavi
O43 - CFD: 01/03/2017 - [] D -- C:\Users\user\AppData\Local\MSfree Inc
O43 - CFD: 10/02/2016 - [] D -- C:\Users\user\AppData\Local\NetBeans
O43 - CFD: 09/07/2016 - [] D -- C:\Users\user\AppData\Local\niughfujuiedghergadom
O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Local\Packages
O43 - CFD: 06/05/2017 - [0] D -- C:\Users\user\AppData\Local\PeerDistRepub
O43 - CFD: 09/07/2016 - [] D -- C:\Users\user\AppData\Local\Profiles
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Programs
O43 - CFD: 21/06/2016 - [] D -- C:\Users\user\AppData\Local\PTE_Patch
O43 - CFD: 09/02/2016 - [] D -- C:\Users\user\AppData\Local\Publishers
O43 - CFD: 20/04/2017 - [] D -- C:\Users\user\AppData\Local\Research In Motion
O43 - CFD: 27/05/2016 - [] D -- C:\Users\user\AppData\Local\ScreenCapture
O43 - CFD: 27/05/2016 - [] D -- C:\Users\user\AppData\Local\ScreenCaptureStudio
O43 - CFD: 03/05/2017 - [] D -- C:\Users\user\AppData\Local\SNAREA
O43 - CFD: 15/11/2016 - [] D -- C:\Users\user\AppData\Local\speech
O43 - CFD: 03/11/2016 - [] D -- C:\Users\user\AppData\Local\SquirrelTemp
O43 - CFD: 11/05/2017 - [] D -- C:\Users\user\AppData\Local\Temp
O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Local\TempOfficeC2R3B4A8167-42E0-41D9-80E9-B6BBE6284DF1
O43 - CFD: 30/08/2016 - [] D -- C:\Users\user\AppData\Local\TempOfficeC2R8FA960D3-3AFC-437B-8F04-CFEF69CAAACB
O43 - CFD: 26/10/2016 - [0] SHD -- C:\Users\user\AppData\Local\Temporary Internet Files
O43 - CFD: 09/02/2016 - [] D -- C:\Users\user\AppData\Local\TileDataLayer
O43 - CFD: 27/05/2016 - [] D -- C:\Users\user\AppData\Local\VideoEditor
O43 - CFD: 12/04/2016 - [] D -- C:\Users\user\AppData\Local\VirtualStore
O43 - CFD: 18/02/2016 - [] D -- C:\Users\user\AppData\Local\VS Revo Group
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Windows Live
O43 - CFD: 25/12/2016 - [] D -- C:\Users\user\AppData\Local\Windows Live Writer
O43 - CFD: 10/03/2017 - [] D -- C:\Users\user\AppData\Local\__SHARED
O43 - CFD: 16/07/2016 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/10/2016 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/04/2017 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 10/12/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cambridge
O43 - CFD: 23/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GDHO
O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
O43 - CFD: 19/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 16/07/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 07/03/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NoteWorthy Composer
O43 - CFD: 15/03/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Remote
O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PotPlayer
O43 - CFD: 19/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 05/05/2017 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 05/05/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Survey Remover Trial
O43 - CFD: 16/07/2016 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Test Simulator
O43 - CFD: 24/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Universal Advance Unlocker
O43 - CFD: 16/07/2016 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
---\\ ShellIconOverlayIdentifiers (SIOI) (8) - 0s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
---\\ System Drivers List (124) - 8s
O58 - SDL:2016/07/16 11:41:53 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] =>.Microsoft Windows®
O58 - SDL:2012/09/24 09:40:56 A . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\WINDOWS\System32\drivers\Accelerometer.sys [43840] =>.Hewlett-Packard Company®
O58 - SDL:2016/07/16 11:41:53 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2016/07/16 11:41:53 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2016/07/16 11:41:52 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [533856] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\cht4dx64.sys [102752] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) -- C:\WINDOWS\System32\drivers\cht4sx64.sys [346976] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T4 Chipset.) -- C:\WINDOWS\System32\drivers\cht4vx64.sys [2104160] =>.Microsoft Windows®
O58 - SDL:2015/07/06 00:10:20 A . (.Kaspersky Lab ZAO - Cryptographic Module Driver x64 (Weak).) -- C:\WINDOWS\System32\drivers\cm_km.sys [389816] =>.Kaspersky Lab®
O58 - SDL:2016/10/14 15:58:30 A . (.Connectify - NDISRD helper driver.) -- C:\WINDOWS\System32\drivers\cnnctfy3.sys [35352] =>.Connectify®
O58 - SDL:2016/07/16 11:41:52 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3418976] =>.Microsoft Windows®
O58 - SDL:2009/09/09 09:23:46 A . (.Intel Corporation - BIOS Update Driver.) -- C:\WINDOWS\System32\drivers\flashud.sys [51712] =>.Intel Corporation
O58 - SDL:2017/04/23 01:50:57 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\fsfreedometap.sys [36480] {3300000012B05493EADDCEEB4B000000000012} =>.The OpenVPN Project
O58 - SDL:2016/03/10 08:03:16 A . (.VMware, Inc. - VMware USB monitor.) -- C:\WINDOWS\System32\drivers\hcmon.sys [57536] =>.VMware, Inc.®
O58 - SDL:2012/09/24 09:40:56 A . (.Hewlett-Packard Company - HP Disk Filter - SATA/RAID.) -- C:\WINDOWS\System32\drivers\hpdskflt.sys [31040] =>.Hewlett-Packard Company®
O58 - SDL:2015/06/17 19:40:54 A . (.Hewlett-Packard Company - Keyboard Filter Driver.) -- C:\WINDOWS\System32\drivers\HpqKbFiltr64.sys [37112] =>.Hewlett-Packard Company®
O58 - SDL:2016/07/16 11:41:53 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:54 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys [33280] =>.Intel(R) Corporation
O58 - SDL:2016/07/16 11:41:54 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation
O58 - SDL:2016/07/16 11:41:54 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [64512] =>.Intel Corporation
O58 - SDL:2016/07/16 11:41:54 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [176384] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
O58 - SDL:2016/07/16 11:41:52 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2016/07/16 11:41:50 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2015/05/29 14:05:32 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorA.sys [646408] =>.Intel Corporation - Rapid Storage Technology®
O58 - SDL:2016/07/16 11:41:53 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [526176] =>.Microsoft Windows®
O58 - SDL:2016/10/17 15:35:48 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\WINDOWS\System32\drivers\idmwfp.sys [223464] {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc.
O58 - SDL:2016/05/12 16:49:30 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [3793872] {330000B898AA86B5A39E5A1BBD00020000B898} =>.Intel Corporation
O58 - SDL:2015/08/21 11:50:48 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [463112] =>.Intel Corporation - Client Components Group®
O58 - SDL:2015/12/01 19:46:03 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\intelaud.sys [50160] {330000B7E741A34024FC3AB6E700020000B7E7} =>.Intel Corporation
O58 - SDL:2015/12/01 19:46:03 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\iwdbus.sys [38896] {330000B7E741A34024FC3AB6E700020000B7E7} =>.Intel Corporation
O58 - SDL:2015/06/22 20:40:04 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\WINDOWS\System32\drivers\kl1.sys [478392] =>.Kaspersky Lab®
O58 - SDL:2015/06/06 08:48:24 A . (.Kaspersky Lab ZAO - Backup Disk Filter [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\klbackupdisk.sys [53432] =>.Kaspersky Lab®
O58 - SDL:2015/06/27 01:30:00 A . (.Kaspersky Lab ZAO - Backup File Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klbackupflt.sys [70512] =>.Kaspersky Lab®
O58 - SDL:2016/10/14 16:01:31 A . (.AO Kaspersky Lab - Virtual Disk [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\kldisk.sys [77728] {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab
O58 - SDL:2015/06/24 01:28:32 A . (.Kaspersky Lab - Klelam Mini-Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klelam.sys [30328] =>.Microsoft Windows Early Launch Anti-malware Publisher®
O58 - SDL:2016/10/14 16:01:31 A . (.AO Kaspersky Lab - Filter Core [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klflt.sys [181640] =>.Kaspersky Lab®
O58 - SDL:2016/10/14 15:31:10 A . (.AO Kaspersky Lab - klhk [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klhk.sys [238000] {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab
O58 - SDL:2016/10/14 16:01:35 A . (.AO Kaspersky Lab - Core System Interceptors [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klif.sys [933808] {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab
O58 - SDL:2016/11/03 11:38:11 A . (.AO Kaspersky Lab - Kaspersky Lab Intermediate Network Driver [.) -- C:\WINDOWS\System32\drivers\klim6.sys [49240] {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab
O58 - SDL:2015/06/06 08:31:42 A . (.Kaspersky Lab ZAO - Keyboard Device Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klkbdflt.sys [41656] =>.Kaspersky Lab®
O58 - SDL:2015/06/07 01:52:56 A . (.Kaspersky Lab ZAO - Mouse Device Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klmouflt.sys [41656] =>.Kaspersky Lab®
O58 - SDL:2016/10/14 16:01:35 A . (.AO Kaspersky Lab - Format Recognizer [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\klpd.sys [41352] =>.Kaspersky Lab®
O58 - SDL:2016/10/14 16:01:35 A . (.AO Kaspersky Lab - WFP Network Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klwfp.sys [87984] {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab
O58 - SDL:2015/06/16 21:56:32 A . (.Kaspersky Lab ZAO - WFP Network Connection Filter Driver [fre_w.) -- C:\WINDOWS\System32\drivers\klwtp.sys [102584] =>.Kaspersky Lab®
O58 - SDL:2015/06/23 18:30:50 A . (.Kaspersky Lab ZAO - Network Processor [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\kneps.sys [187056] =>.Kaspersky Lab®
O58 - SDL:2013/02/21 11:23:06 A . (.Google Inc - ADB Interface.) -- C:\WINDOWS\System32\drivers\lgandadb.sys [31744] =>.Google Inc
O58 - SDL:2014/10/10 09:20:36 A . (.LG Electronics Inc. - LGE AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgandnetbus64.sys [20992] =>.LG Electronics Inc.
O58 - SDL:2014/10/10 09:20:34 N . (.LG Electronics Inc. - LGE AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgandnetdiag64.sys [30720] =>.LG Electronics Inc.
O58 - SDL:2014/10/10 09:20:34 N . (.LG Electronics Inc. - LGE AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgandnetmodem64.sys [37376] =>.LG Electronics Inc.
O58 - SDL:2013/05/06 14:48:18 A . (.LG Electronics Inc. - LGE VZW AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgvzandnetdiag64.sys [29696] =>.LG Electronics Inc.
O58 - SDL:2013/05/06 14:48:52 A . (.LG Electronics Inc. - LGE VZW AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgvzandnetmdm64.sys [36864] =>.LG Electronics Inc.
O58 - SDL:2016/07/16 11:41:53 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108896] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [105824] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [101216] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82776] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] =>.Microsoft Windows®
O58 - SDL:2016/10/05 10:09:07 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] =>.Microsoft Windows®
O58 - SDL:2012/08/29 10:50:38 A . (.MusicLab, Inc. - MusicLab Virtual MIDI Device.) -- C:\WINDOWS\System32\drivers\mlkumidi.sys [57408] {0100000000012E75558FAC}
O58 - SDL:2016/07/16 11:41:53 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [842584] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [108896] =>.Microsoft Windows®
O58 - SDL:2012/12/07 10:28:06 A . (.Khalil Azzouzi - Azzouzi HotSpot helper driver.) -- C:\WINDOWS\System32\drivers\ndiskhaz.sys [30536] {112143B4795DF5D1366AD8607B2770CC1649}
O58 - SDL:2016/07/16 11:42:03 A . (...) -- C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624]
O58 - SDL:2015/06/11 20:59:24 A . (.MediaTek Inc. - MediaTek 802.11 Wireless Adapter Driver.) -- C:\WINDOWS\System32\drivers\netr28x.sys [2554528] =>.MEDIATEK INC.®
O58 - SDL:2010/06/25 17:07:26 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\WINDOWS\System32\drivers\npf.sys [35344] =>.CACE Technologies, Inc.®
O58 - SDL:2016/07/16 11:41:53 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58720] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [61792] =>.Microsoft Windows®
O58 - SDL:2011/11/25 00:25:52 A . (.June Fabrics Technology Inc. - PdaNet Broadband Adapter Driver.) -- C:\WINDOWS\System32\drivers\pneteth.sys [15360]
O58 - SDL:2012/12/10 15:48:02 A . (.Research in Motion Ltd - RIM Virtual Serial Driver.) -- C:\WINDOWS\System32\drivers\RimSerial_AMD64.sys [44544] =>.Research in Motion Ltd
O58 - SDL:2013/01/03 13:50:48 A . (.Research In Motion Limited - BlackBerry Device Driver.) -- C:\WINDOWS\System32\drivers\RimUsb_AMD64.sys [78336] =>.Research In Motion Limited
O58 - SDL:2015/05/29 02:14:22 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Dr.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [886528] =>.Realtek Semiconductor Corp®
O58 - SDL:2014/11/24 23:49:46 A . (.Ralink Technology, Corp. - Ralink Bluetooth Adapter.) -- C:\WINDOWS\System32\drivers\rtbth.sys [1206384] =>.MEDIATEK INC.®
O58 - SDL:2015/06/01 14:44:54 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\WINDOWS\System32\drivers\RtsP2Stor.sys [301784] =>.Realtek Semiconductor Corp®
O58 - SDL:2016/07/16 11:41:53 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows®
O58 - SDL:2016/06/27 18:07:35 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys [52392] =>.Synaptics Incorporated®
O58 - SDL:2016/06/27 18:07:35 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [52904] =>.Synaptics Incorporated®
O58 - SDL:2016/06/27 18:07:35 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys [52904] =>.Synaptics Incorporated®
O58 - SDL:2016/10/26 12:00:50 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [131712] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2016/10/26 12:00:45 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [165504] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2016/07/16 11:41:53 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows®
O58 - SDL:2016/06/27 18:07:41 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [622784] =>.Synaptics Incorporated®
O58 - SDL:2016/04/12 19:32:03 A . (.Tencent Technology(Shenzhen) Company Limited - TAOKernel.) -- C:\WINDOWS\System32\drivers\TAOKernelEx64.sys [132344] {52048B9C8A67E28F0CC8CC75813DDC5A} =>.Superfluous.Tencent
O58 - SDL:2011/04/25 13:37:38 A . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\tap0901.sys [31232] =>.The OpenVPN Project
O58 - SDL:2016/03/28 22:01:56 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [186424] {5600000027396847078B466FFF000000000027} =>.Intel Corporation
O58 - SDL:2016/04/25 10:32:07 A . (.Huorong Borui (Beijing) Technology Co., Ltd. - Huorong Network Security Core Kext.) -- C:\WINDOWS\System32\drivers\ucguard.sys [80768] {348A4D46C9A1A9EDC2B4818465A66BED} =>.Huorong Borui (Beijing) Technology Co., Ltd.
O58 - SDL:2016/08/07 04:53:25 A . (.MBB - USB Modem/Serial Device Driver.) -- C:\WINDOWS\System32\drivers\usb2ser.sys [151184] {7FE63AB8AB9D36964BC29EAD7641180A} =>.MBB
O58 - SDL:2015/06/17 17:04:24 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\drivers\usbaapl64.sys [54784] =>.Apple, Inc.
O58 - SDL:2014/05/16 14:04:46 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\WINDOWS\System32\drivers\VBoxDrv.sys [254240] =>.Oracle Corporation®
O58 - SDL:2015/10/02 14:36:10 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Host-Only Network Adapt.) -- C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [117768] =>.Oracle Corporation®
O58 - SDL:2015/10/02 14:36:10 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Lightweight Filter Driv.) -- C:\WINDOWS\System32\drivers\VBoxNetLwf.sys [146584] =>.Oracle Corporation®
O58 - SDL:2015/11/05 19:25:42 A . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\WINDOWS\System32\drivers\vmci.sys [90816] =>.VMware, Inc.®
O58 - SDL:2016/04/14 16:53:32 A . (.VMware, Inc. - VMware virtual network driver (64-bit).) -- C:\WINDOWS\System32\drivers\vmnet.sys [27328] =>.VMware, Inc.®
O58 - SDL:2016/04/14 16:53:32 A . (.VMware, Inc. - VMware virtual network adapter driver (64-b.) -- C:\WINDOWS\System32\drivers\vmnetadapter.sys [28864] =>.VMware, Inc.®
O58 - SDL:2016/04/14 16:53:32 A . (.VMware, Inc. - VMware bridge driver (64-bit).) -- C:\WINDOWS\System32\drivers\vmnetbridge.sys [48832] =>.VMware, Inc.®
O58 - SDL:2016/04/14 16:53:42 A . (.VMware, Inc. - VMware network application interface driver.) -- C:\WINDOWS\System32\drivers\vmnetuserif.sys [26816] =>.VMware, Inc.®
O58 - SDL:2016/04/14 17:17:44 A . (.VMware, Inc. - VMware kernel driver.) -- C:\WINDOWS\System32\drivers\vmx86.sys [66752] =>.VMware, Inc.®
O58 - SDL:2016/07/16 11:41:53 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] =>.Microsoft Windows®
O58 - SDL:2015/11/05 19:25:42 A . (.VMware, Inc. - VMware vSockets Service.) -- C:\WINDOWS\System32\drivers\vsock.sys [75512] =>.VMware, Inc.®
O58 - SDL:2016/07/16 11:41:53 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows®
O58 - SDL:2016/02/19 01:23:38 A . (.Western Digital Technologies, Inc. - Western Digital SCSI Architecture Model (SA.) -- C:\WINDOWS\System32\drivers\wdcsam64.sys [26880] =>.WDKTestCert wdclab,130885612892544312®
O58 - SDL:2016/07/16 11:41:53 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [32096] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [64864] =>.Microsoft Windows®
O58 - SDL:2015/06/23 18:24:48 A . (.HP Inc. - HP Wireless Button Driver.) -- C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384] =>.Hewlett-Packard Company®
O58 - SDL:2017/05/06 22:05:02 A . (.Google Inc - ADB Interface.) -- C:\WINDOWS\System32\drivers\wsadb.sys [40720] =>.Shenzhen Wondershare Information Technology Co., Ltd.®
O58 - SDL:2012/11/22 20:05:58 A . (.MBB Incorporated - CDROM Filter.) -- C:\WINDOWS\System32\drivers\ztembbmassfilter.sys [15360] =>.MBB Incorporated
O58 - SDL:2012/11/23 11:06:10 A . (.ZTE Incorporated - ZTE Incorporated.) -- C:\WINDOWS\System32\drivers\ztembbusbmdm.sys [123264] =>.ZTE Incorporated
O58 - SDL:2012/11/23 11:06:16 A . (.ZTE Incorporated - ZTE Incorporated.) -- C:\WINDOWS\System32\drivers\ztembbusbnmea.sys [123264] =>.ZTE Incorporated
O58 - SDL:2012/11/23 11:06:24 A . (.ZTE Incorporated - ZTE Incorporated.) -- C:\WINDOWS\System32\drivers\ztembbusbser6k.sys [123264] =>.ZTE Incorporated
O58 - SDL:2013/05/07 14:27:12 A . (...) -- C:\WINDOWS\System32\ambakdrv.sys [30648]
O58 - SDL:2013/05/07 14:27:12 A . (...) -- C:\WINDOWS\System32\ammntdrv.sys [151480]
O58 - SDL:2013/02/06 15:52:48 A . (...) -- C:\WINDOWS\System32\amwrtdrv.sys [17848]
O58 - SDL:2013/09/30 15:26:50 N . (...) -- C:\WINDOWS\System32\pwdrvio.sys [19152] =>.MiniTool Solution Ltd®
O58 - SDL:2013/09/30 15:26:48 N . (...) -- C:\WINDOWS\System32\pwdspio.sys [12504] =>.MiniTool Solution Ltd®
---\\ Last modified or created user files (11) - 83s
O61 - LFC: 2017/05/04 20:24:33 A . (..) -- C:\Users\user\Downloads\Programs\BitLord-Installer.exe [441408] {7D10B220FDFA59C2BD4E1AF300EBA218} =>PUP.Optional.WhenUSave
O61 - LFC: 2017/05/04 20:42:23 A . (..) -- C:\Users\user\Downloads\Programs\BitLord_v2.3.2.exe [36929416] =>PUP.Optional.WhenUSave
O61 - LFC: 2017/05/04 20:49:29 A . (.Hekomacidi.) -- C:\Users\user\Downloads\Programs\intel-r-extreme-graphics-driver.exe [1265608] {4BA54A70AEBC69BFA87C05E1}
O61 - LFC: 2017/05/06 22:36:19 A . (.Copyright (c) 2016 HTC Corporation.) -- C:\Users\user\Downloads\Programs\setup_3.1.77.0_htc_NO_EULA.exe [147561816] {075A2ADEE8FFDBE2C3B45353F62202DC}
O61 - LFC: 2017/05/06 18:13:55 RA . (..) -- C:\Users\user\AppData\Roaming\Microsoft\Installer\{76C39E3D-0A9D-453C-80E3-D4FA454BE16B}\_B03BBBBDCA6E22E5A7F457.exe [32038]
O61 - LFC: 2017/05/06 18:13:55 RA . (..) -- C:\Users\user\AppData\Roaming\Microsoft\Installer\{76C39E3D-0A9D-453C-80E3-D4FA454BE16B}\_E4A40A3216341D7F72DB1C.exe [32038]
O61 - LFC: 2017/05/03 11:32:38 A . (.InterSect Alliance Pty Ltd.) -- C:\Users\user\AppData\Local\SNAREA\Snare.dll [826368]
O61 - LFC: 2017/05/11 00:15:23 A . (..) -- C:\Users\user\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin [16148]
O61 - LFC: 2017/05/03 06:30:56 A . (..) -- C:\Users\user\AppData\Local\background_fault\cfsa_blob.bin [365056]
O61 - LFC: 2017/05/07 20:17:32 A . (..) -- C:\Users\user\AndroidStudioProjects\MyApplication2\gradlew.bat [2404]
O61 - LFC: 2017/05/07 19:55:33 N . (.Java(TM) Native Access (JNA).) -- C:\Users\user\.AndroidStudio2.3\system\tmp\jna3765821241993789922.dll [198144]
---\\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\spark.exe {5FAEE9E83F32948F3B2040AC6DF0145C}
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
---\\ Start Menu Internet (16) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe {5FAEE9E83F32948F3B2040AC6DF0145C}
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.ex http://www.startpageing123.com/
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc.®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\spark.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\spark.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\spark.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe (.not file.)
---\\ Search Browser Infection (7) - 1s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (yoursites123) - http://yoursites123.com/ =>PUP.Optional.YourSites123
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {33BB0A4E-99AF-4226-BDF6-49120163DE86} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
---\\ Search Svchost Services (46) - 2s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [193536] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [193536] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [305152] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\WINDOWS\System32\gpsvc.dll [1227264] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\WINDOWS\System32\ikeext.dll [932352] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\WINDOWS\System32\iphlpsvc.dll [945664] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\WINDOWS\System32\appinfo.dll [125952] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\WINDOWS\system32\iscsiexe.dll [151552] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\WINDOWS\System32\eapsvc.dll [112128] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\WINDOWS\system32\schedsvc.dll [948224] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [222720] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [134656] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [387072] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\WINDOWS\System32\wercplsupport.dll [94208] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll [161792] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\WINDOWS\system32\themeservice.dll [70656] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\WINDOWS\System32\lfsvc.dll [37376] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [407552] =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infrared Monitor.) -- C:\WINDOWS\System32\irmon.dll [25088] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [105472] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [658432] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [496128] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\System32\sens.dll [70656] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\System32\ipnathlp.dll [541696] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [309248] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2316288] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll [1054208] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [617472] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [57344] =>.Microsoft Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) -- C:\WINDOWS\system32\WpnService.dll [234496] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1025536] =>.Microsoft Corporation
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [183808] =>.Microsoft Corporation
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [650752] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\WINDOWS\System32\bdesvc.dll [361472] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [197632] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\WINDOWS\System32\ncasvc.dll [167936] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [197632] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [358400] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [1020928] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1159680] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight Settings.) -- C:\WINDOWS\system32\flightsettings.dll [635904] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [1016320] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [549376] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\WINDOWS\system32\wlidsvc.dll [2104320] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\WINDOWS\System32\NetSetupSvc.dll [265728] =>.Microsoft Corporation
---\\ Firewall Active Exception List (11) - 2s
O87 - FAEL: "UDP Query User{3D6EDC27-3C16-4793-A44C-68793171A281}C:\program files (x86)\cisco packet tracer 6.0.1\bin\packettracer6.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\cisco packet tracer 6.0.1\bin\packettracer6.exe
O87 - FAEL: "TCP Query User{AFDE4892-E83D-4CA6-AEE7-6784084FC9DA}C:\program files (x86)\cisco packet tracer 6.0.1\bin\packettracer6.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\cisco packet tracer 6.0.1\bin\packettracer6.exe
O87 - FAEL: "{1FC1D3AF-6852-4C8E-BAA5-19743ABA7C06}" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe (.not file.) =>.Superfluous.Tencent
O87 - FAEL: "{C2243631-B50D-4FC7-85AC-13C73FDC34F0}" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe (.not file.) =>.Superfluous.Tencent
O87 - FAEL: "UDP Query User{B151C79D-A79C-46D6-84BD-DE27B56C7282}C:\users\user\documents\mes cours\isig international\semestre 5\infographie\info\eclipse-standard-kepler-sr1-win32-x86_64\eclipse\eclipse.exe" [In-None-P17-TRUE] .(...) -- C:\users\user\documents\mes cours\isig international\semestre 5\infographie\info\eclipse-standard-kepler-sr1-win32-x86_64\eclipse\eclipse.exe
O87 - FAEL: "TCP Query User{79228387-395D-4280-BBFE-185E71B100BC}C:\users\user\documents\mes cours\isig international\semestre 5\infographie\info\eclipse-standard-kepler-sr1-win32-x86_64\eclipse\eclipse.exe" [In-None-P6-TRUE] .(...) -- C:\users\user\documents\mes cours\isig international\semestre 5\infographie\info\eclipse-standard-kepler-sr1-win32-x86_64\eclipse\eclipse.exe
O87 - FAEL: "{C0E1C359-D28A-4444-B473-B76CBFFC9FFB}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC}
O87 - FAEL: "{CEA24433-EA03-4CF2-81E5-6EDEBC1A8870}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC}
O87 - FAEL: "{4A5FCDAD-77D8-4760-BC5B-8C39F2BB6F40}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O87 - FAEL: "{0D0041D1-49FC-46E5-B938-2C39A9E4EC6A}" [In-None-P6-TRUE] .(.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe {5FAEE9E83F32948F3B2040AC6DF0145C}
O87 - FAEL: "{CD70F6FD-0B21-4556-BD39-B2642F74A8E9}" [In-None-P17-TRUE] .(.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe {5FAEE9E83F32948F3B2040AC6DF0145C}
---\\ Search Tracing Registry Key (2) - 1s
HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 =>.Superfluous.ByteTechnologies
HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS =>.Superfluous.ByteTechnologies
---\\ Additional Scan (O88) (28) - 0s
HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI =>HackTool.KMSpico
C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
C:\WINDOWS\Tasks\UCBrowserUpdater.job =>PUP.Optional.CertifiedToolbar
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart =>HackTool.KMSpico
C:\WINDOWS\System32\Tasks\Browser Updater Task(Core) =>.Superfluous.Tencent
C:\WINDOWS\System32\Tasks\UCBrowserUpdater =>PUP.Optional.CertifiedToolbar
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 =>HackTool.KMSpico
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\doulCi™ Activator tool 2.0.14 =>.Superfluous.DoulCiActivator
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\doulCi™ Activator tool 2.0.14 =>.Superfluous.DoulCiActivator
HKLM\SOFTWARE\Wow6432Node\3B878D788DA34B0EA09AC0543ABB3821 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\ihpmserver =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\RayDld =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\3B878D788DA34B0EA09AC0543ABB3821 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
C:\ProgramData\ByteFence =>.Superfluous.ByteTechnologies
C:\Users\user\AppData\Roaming\BitLord =>PUP.Optional.WhenUSave
C:\Users\user\AppData\Local\app =>PUP.Optional.CrossRider
C:\Users\user\AppData\Local\CrashRpt =>.Superfluous.CrashReports
C:\WINDOWS\System32\drivers\TAOKernelEx64.sys =>.Superfluous.Tencent
C:\Users\user\Downloads\Programs\BitLord-Installer.exe =>PUP.Optional.WhenUSave
C:\Users\user\Downloads\Programs\BitLord_v2.3.2.exe =>PUP.Optional.WhenUSave
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} =>PUP.Optional.YourSites123
HKLM64\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 =>.Superfluous.ByteTechnologies
HKLM64\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS =>.Superfluous.ByteTechnologies
---\\ Summary of the elements found (11) - 0s
http://www.nicolascoolman.fr/?p=989 =>HackTool.KMSpico
http://www.nicolascoolman.fr/?p=577 =>PUP.Optional.CertifiedToolbar
http://www.nicolascoolman.fr/?p=368 =>.Superfluous.Tencent
http://www.nicolascoolman.fr/?p=316 =>PUP.Optional.MyPCBackup
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.DoulCiActivator
http://www.nicolascoolman.fr/?p=180 =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Downloader
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.ByteTechnologies
http://www.nicolascoolman.fr/?p=880 =>PUP.Optional.WhenUSave
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.CrashReports
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.YourSites123
~ End of the scan, 64016 items in 05h58mn32s (1419)(0)
~ Run by Marc Oued (Administrator) (2017/05/11 00:29:10)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: No network file
~ Mode: Scan
~ Report: C:\Users\user\Desktop\ZHPDiag.txt
~ Report: C:\Users\user\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 14393)
---\\ Internet Browsers (1) - 0s
MSIE: Internet Explorer v11.1066.14393.0
---\\ Windows Product Information (3) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ System protection software (3) - 3s
avast! SecureLine v1.0.24.0
Kaspersky Internet Security v16.0.0.614
Windows Defender (Activate)
---\\ Surveillance software (1) - 4s
Adobe Flash Player 25 NPAPI
---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 8284.524 MB (59% free)
System Restore: Activé (Enable)
System drive C: has 36 GB () free of 342 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: MYLAP
~ User Name: Marc Oued
~ Logged in as Administrator
---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 36 GB free of 342 GB (System)
~ Drive D: has 65 GB free of 318 GB
---\\ State of the Windows Security Center (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Search Generic System Files (25) - 0s
[MD5.F2D58A2E27C2CD486F8F0A123A3F34C3] - 04/03/2017 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [4674360] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation
[MD5.C7645D43451C6D94D87F4D07BDE59C89] - 16/07/2016 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [69632] =>.Microsoft Corporation
[MD5.99A19C9A74E2F9820E501DCE77F84F70] - 16/07/2016 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [304240] {33000000D0ED4ADB049E69E8710000000000D0} =>.Microsoft Corporation
[MD5.C9028EFC81B0AD00D2E5037AAF377FB5] - 28/03/2017 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [2895872] =>.Microsoft Corporation
[MD5.917F081E2AB667C44F7D96DE1D16DFAE] - 14/12/2016 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [673792] =>.Microsoft Corporation
[MD5.9600B7F2F89DE60A80D13DE42F672834] - 16/07/2016 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [402432] =>.Microsoft Corporation
[MD5.2813C62F5BE7FAF0A1C5CC37E5C2F25D] - 04/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [646688] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation
[MD5.AA86DC342B4ED1C1F839C3BC8AEA64B1] - 04/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [497416] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation
[MD5.7ABD5430F75A7FDDE5323B354C77514F] - 16/07/2016 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\WINDOWS\System32\fr-FR\user32.dll.mui [19968] =>.Microsoft Corporation
[MD5.323AA1953ED9C01E23F740FA891FE064] - 15/10/2016 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [584032] =>.Microsoft Windows®
[MD5.A10F989A812B57B9695F6C305907C9C6] - 16/07/2016 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows®
[MD5.F8FB51B9EF6372610E9B31A1D86B62FC] - 16/07/2016 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
[MD5.613D0137C269187FA298A157E3D14A18] - 16/07/2016 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173056] =>.Microsoft Corporation
[MD5.4BC21E937E9F9F408672D2C2CBE4A153] - 04/03/2017 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [145408] =>.Microsoft Corporation
[MD5.10E3515FE5DBA6656FA62C29342EC4A1] - 16/07/2016 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [83456] =>.Microsoft Corporation
[MD5.B54B30992620C97230013A74461C8517] - 16/07/2016 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114176] =>.Microsoft Corporation
[MD5.F1DAECC3B3D6399875D4F10529D6A77C] - 16/07/2016 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [212480] =>.Microsoft Corporation
[MD5.D559FF28B1AD9B1E15A4186E785E61F6] - 04/03/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [450400] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation
[MD5.6FEBB0A847FFD5F057B9AC8889F1B9A7] - 16/07/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [279040] =>.Microsoft Corporation
[MD5.98BBD81DC481E9D58EEB31C81EBDEFF5] - 04/03/2017 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2255712] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation
[MD5.6B81BF7853D161DB8AC62CD8B9C2DE6B] - 16/07/2016 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation
[MD5.17E565710172ED71B8531D8822E1C5D1] - 16/07/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation
[MD5.7135785C21CA79D270D11037C43D3F19] - 16/07/2016 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [177152] =>.Microsoft Corporation
[MD5.0B237F8A96952BF95A14865030E131F2] - 04/03/2017 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118624] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation
[MD5.BF2546583BB75F01DDA60A7921DFB230] - 16/07/2016 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [391520] =>.Microsoft Windows®
---\\ Non Microsoft non disabled Windows Services (16) - 3s
O23 - Service: Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe =>.Kaspersky Lab®
O23 - Service: Droid4XService (Droid4XService) . (...) - C:\Program Files (x86)\Droid4X\Droid4XService.exe
O23 - Service: F-Secure Freedome Service (Freedome Service) . (.F-Secure Corporation - F-Secure Freedome Service.) - C:\Program Files (x86)\F-Secure\Freedome\Freedome\1.1\FreedomeService.exe {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: HTCMonitorService (HTCMonitorService) . (.Nero AG - NService Application.) - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe =>.Nero AG®
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation - pGFX®
O23 - Service: Internet Pass-Through Service (PassThru Service) . (.Copyright (C) 2012 - PassThruSvr Application.) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: avast! SecureLine (SecureLine) . (...) - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe =>.AVAST Software a.s.®
O23 - Service: Baidu Spark Service (SparkSvc) . (.Baidu Inc. - spark.) - C:\Program Files (x86)\baidu\Baidu Browser\sparkservice.exe {5FAEE9E83F32948F3B2040AC6DF0145C}
O23 - Service: VMware Authorization Service (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe =>.VMware, Inc.®
O23 - Service: VMware DHCP Service (VMnetDHCP) . (.VMware, Inc. - VMware VMnet DHCP service.) - C:\Windows\SysWOW64\vmnetdhcp.exe =>.VMware, Inc.®
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe =>.VMware, Inc.®
O23 - Service: VMware NAT Service (VMware NAT Service) . (.VMware, Inc. - VMware NAT Service.) - C:\Windows\SysWOW64\vmnat.exe =>.VMware, Inc.®
O23 - Service: VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe =>.VMware, Inc.®
O23 - Service: Wondershare Application Framework Service (WsAppService) . (.Wondershare - Wondershare Passport.) - C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
O23 - Service: Wondershare Driver Install Service (WsDrvInst) . (.Wondershare - MobileGo Driver Installer.) - C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\Library\DriverInstaller\DriverInstall.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
---\\ Services not Microsoft (SR=Run, SS=Stop) (34) - 124s
SS - Disabl [16/04/2017] [ 271448] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SS - Disabl [28/07/2011] [ 262144] Arp Intelligent Protection Service (AIPS) . (.Arcai.com.) - C:\Program Files (x86)\netcut\services\aips.exe =>.arcai.com
SS - Auto [14/10/2016] [ 194000] Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe =>.Kaspersky Lab®
SS - Demand [18/01/2013] [ 577536] BlackBerry Device Manager (Blackberry Device Manager) . (.Research In Motion Limited.) - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe =>.Research In Motion Limited
SS - Disabl [12/08/2015] [ 462096] Service Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
SS - Demand [12/05/2016] [ 280696] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - pGFX®
SR - Auto [13/06/2016] [ 279552] Droid4XService (Droid4XService) . (...) - C:\Program Files (x86)\Droid4X\Droid4XService.exe
SR - Auto [27/04/2017] [ 563168] F-Secure Freedome Service (Freedome Service) . (.F-Secure Corporation.) - C:\Program Files (x86)\F-Secure\Freedome\Freedome\1.1\FreedomeService.exe {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation
SS - Auto [07/02/2017] [ 153752] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [07/02/2017] [ 153752] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Disabl [24/09/2012] [ 31040] @oem14.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe =>.Hewlett-Packard Company
SR - Auto [20/09/2016] [ 87368] HTCMonitorService (HTCMonitorService) . (.Nero AG.) - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe =>.Nero AG®
SS - Demand [24/04/2012] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe =>.Intel Corporation®
SR - Auto [12/05/2016] [ 319096] Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation
SR - Auto [07/12/2012] [ 167424] Internet Pass-Through Service (PassThru Service) . (.Copyright (C) 2012.) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
SS - Disabl [02/11/2006] [ 174656] ProtexisLicensing (ProtexisLicensing) . (.© 2000-2005 Protexis Inc..) - C:\Windows\SysWOW64\PSIService.exe
SS - Disabl [25/06/2010] [ 117264] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe =>.CACE Technologies, Inc.®
SS - Auto [30/05/2014] [ 395912] avast! SecureLine (SecureLine) . (...) - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe =>.AVAST Software a.s.®
SS - Disabl [27/09/2015] [ 739520] Service KMSELDI (Service KMSELDI) . (.@ByELDI.) - C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
SS - Disabl [01/03/2013] [ 161384] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Technologies SA®
SR - Auto [02/03/2017] [ 97080] Baidu Spark Service (SparkSvc) . (.Baidu Inc..) - C:\Program Files (x86)\baidu\Baidu Browser\sparkservice.exe {5FAEE9E83F32948F3B2040AC6DF0145C}
SS - Demand [17/12/2015] [ 1372472] Baidu Spark Updater (SparkUpdater) . (.Baidu.com, Inc..) - C:\Program Files (x86)\baidu\SparkUpdate\Sparkupdate.exe {5FAEE9E83F32948F3B2040AC6DF0145C}
SS - Disabl [27/06/2016] [ 253960] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
SR - Auto [14/04/2016] [ 97864] VMware Authorization Service (VMAuthdService) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe =>.VMware, Inc.®
SR - Auto [14/04/2016] [ 358080] VMware DHCP Service (VMnetDHCP) . (.VMware, Inc..) - C:\Windows\SysWOW64\vmnetdhcp.exe =>.VMware, Inc.®
SR - Auto [10/03/2016] [ 907968] VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe =>.VMware, Inc.®
SR - Auto [14/04/2016] [ 392896] VMware NAT Service (VMware NAT Service) . (.VMware, Inc..) - C:\Windows\SysWOW64\vmnat.exe =>.VMware, Inc.®
SR - Auto [14/04/2016] [12471368] VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe =>.VMware, Inc.®
SS - Disabl [09/07/2015] [ 144640] vssbrigde64 (vssbrigde64) . (.AO Kaspersky Lab.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe =>.Kaspersky Lab®
SS - Demand [01/07/2016] [ 29696] wampapache64 (wampapache64) . (.Apache Software Foundation.) - c:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe =>.Apache Software Foundation
SS - Demand [12/07/2016] [39885824] wampmysqld64 (wampmysqld64) . (...) - c:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe
SR - Auto [20/03/2017] [ 473312] Wondershare Application Framework Service (WsAppService) . (.Wondershare.) - C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
SR - Auto [20/04/2017] [ 119008] Wondershare Driver Install Service (WsDrvInst) . (.Wondershare.) - C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\Library\DriverInstaller\DriverInstall.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
---\\ Task Planned Automatically (29) - 7s
[MD5.BE62B286791F715E430FB022C1707BBA] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [271448] =>.Adobe Systems Incorporated®
[MD5.EBF9EE1FD3CAF93596208A4EF1A5B942] [APT] [AutoPico Daily Restart] (.@ByELDI.) -- C:\Program Files\KMSpico\AutoPico.exe [740032] =>HackTool.KMSpico
[MD5.70B2F403924958B8BD9BCACE8E097A59] [APT] [azskdtfaddfUpdate] (.VideoLAN.) -- C:\Program Files (x86)\azskdtfaddf\yuto.exe [137152] =>.VideoLAN®
[MD5.5BCE955CF12AF3417F055DADC0212920] [APT] [Browser Updater Task(Core)] (.Tencent.) -- C:\Program Files (x86)\TXQQBrowser\Update\3B878D788DA34B0EA09AC0543ABB3821\Update\BrowserUpdate.exe [690144] =>.Superfluous.Tencent
[MD5.00000000000000000000000000000000] [APT] [Ghipshplokaty Module] (...) -- C:\Program Files (x86)\Pluratherprivasy\ghpmoduleHujishprerwaied.exe (.not file.) [0]
[MD5.2D8BBF6C7241AAD9EDE7708EBB7B43A4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] =>.Google Inc®
[MD5.2D8BBF6C7241AAD9EDE7708EBB7B43A4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] =>.Google Inc®
[MD5.00000000000000000000000000000000] [APT] [Launch HTC Sync Loader] (...) -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe (.not file.) [0]
[MD5.7F014D20314F4902FF7AB2BD459C4430] [APT] [Milimili] (...) -- C:\Program Files (x86)\MIO\MIO.exe [282168] =>.Superfluous.Tencent
[MD5.00000000000000000000000000000000] [APT] [Pramase Debuger] (...) -- C:\Program Files (x86)\Pramase\pramaseDbgTsk.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [smadav] (...) -- C:\Program Files (x86)\Smadav\SM?RTP.exe (.not file.) [0]
[MD5.13E901EEC0347A024450962C48385120] [APT] [SparkUpdater] (.Baidu.com, Inc..) -- C:\Program Files (x86)\baidu\Baidu Browser\SparkUpdate.exe [1372472] {5FAEE9E83F32948F3B2040AC6DF0145C}
[MD5.00000000000000000000000000000000] [APT] [UCBrowserUpdater] (...) -- C:\Program Files (x86)\UCBrowser\Application\update_task.exe (.not file.) [0] =>PUP.Optional.CertifiedToolbar
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984] =>.Apple Inc.®
[MD5.E3238CA9101C670556B636C8F4FCE358] [APT] [Lenovo\Lenovo Customer Feedback Program 64 35] (.Lenovo.) -- C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184] =>.LENOVO®
O39 - APT: UCBrowserUpdater - (...) -- C:\WINDOWS\Tasks\UCBrowserUpdater.job [476] (.Orphean.) =>PUP.Optional.CertifiedToolbar
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [4558] =>.Adobe Systems Incorporated
O39 - APT: AutoPico Daily Restart - (.@ByELDI.) -- C:\WINDOWS\System32\Tasks\AutoPico Daily Restart [3464] =>HackTool.KMSpico
O39 - APT: azskdtfaddfUpdate - (.VideoLAN.) -- C:\WINDOWS\System32\Tasks\azskdtfaddfUpdate [2274] =>.VideoLAN
O39 - APT: Browser Updater Task(Core) - (.Tencent.) -- C:\WINDOWS\System32\Tasks\Browser Updater Task(Core) [7926] =>.Superfluous.Tencent
O39 - APT: Ghipshplokaty Module - (...) -- C:\WINDOWS\System32\Tasks\Ghipshplokaty Module [7486] (.Orphean.)
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3462] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3586] =>.Google Inc.
O39 - APT: Launch HTC Sync Loader - (...) -- C:\WINDOWS\System32\Tasks\Launch HTC Sync Loader [3696] (.Orphean.)
O39 - APT: Milimili - (...) -- C:\WINDOWS\System32\Tasks\Milimili [3676]
O39 - APT: Pramase Debuger - (...) -- C:\WINDOWS\System32\Tasks\Pramase Debuger [7478] (.Orphean.)
O39 - APT: smadav - (...) -- C:\WINDOWS\System32\Tasks\smadav [2426] (.Orphean.)
O39 - APT: SparkUpdater - (.Baidu.com, Inc..) -- C:\WINDOWS\System32\Tasks\SparkUpdater [4190]
O39 - APT: UCBrowserUpdater - (...) -- C:\WINDOWS\System32\Tasks\UCBrowserUpdater [3140] (.Orphean.) =>PUP.Optional.CertifiedToolbar
---\\ Process running (34) - 2s
[MD5.58F30D9E0A2FC51B95042577BFF5F62E] - (.Intel Corporation - igfxCUIService Module.) -- C:\Windows\System32\igfxCUIService.exe [319096] [PID.1608] =>.Intel Corporation - pGFX®
[MD5.E0A69AAB9D8F6EFDAD11AE261E3FE986] - (.Wondershare - Wondershare Passport.) -- C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312] [PID.2560] {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
[MD5.5C8BC8A28798FD010E7ABC4E0D588CAA] - (.Nero AG - NService Application.) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368] [PID.2576] =>.Nero AG®
[MD5.6F2D3D1DC9C5C55D195D3836616E7EA0] - (.Wondershare - MobileGo Driver Installer.) -- C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\Library\DriverInstaller\DriverInstall.exe [119008] [PID.2584] {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
[MD5.D01950732DC7829124C9E3CC247F21A1] - (...) -- C:\Program Files (x86)\Droid4X\Droid4XService.exe [279552] [PID.2592]
[MD5.75DEC843BDA054C9D3ACFC006E41A380] - (.F-Secure Corporation - F-Secure Freedome Service.) -- C:\Program Files (x86)\F-Secure\Freedome\Freedome\1.1\FreedomeService.exe [563168] [PID.2644] {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation
[MD5.6A881210DB2753D610EF045BF27BC022] - (.Baidu Inc. - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\sparkservice.exe [97080] [PID.2816] {5FAEE9E83F32948F3B2040AC6DF0145C}
[MD5.D845AD2EF17354B85A9C2564EFCBE692] - (.VMware, Inc. - VMware VMnet DHCP service.) -- C:\Windows\SysWOW64\vmnetdhcp.exe [358080] [PID.2824] =>.VMware, Inc.®
[MD5.3CAE2BBC86FCF7F94C9696994AF30386] - (.Copyright (C) 2012 - PassThruSvr Application.) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424] [PID.2832]
[MD5.21189E3D6E45A0537D326E2A41A31936] - (.VMware, Inc. - VMware NAT Service.) -- C:\Windows\SysWOW64\vmnat.exe [392896] [PID.2888] =>.VMware, Inc.®
[MD5.688911427532BCD0FB6E840CD75BE77A] - (.VMware, Inc. - VMware Authorization Service.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [97864] [PID.3208] =>.VMware, Inc.®
[MD5.4AD6167F85CF70754D18222D33DB2F75] - (.VMware, Inc. - VMware USB Arbitration Service.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [907968] [PID.3216] =>.VMware, Inc.®
[MD5.4007A33A82C6E289A7694184628DC189] - (...) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12471368] [PID.3644] =>.VMware, Inc.®
[MD5.4E50F3A1299C1274612F801CB2BEAADF] - (.Intel Corporation - igfxEM Module.) -- C:\Windows\System32\igfxEM.exe [530552] [PID.6136] =>.Intel Corporation - pGFX®
[MD5.EA0F427B322F9861AE5A80E95DEA4AB1] - (.Intel Corporation - igfxHK Module.) -- C:\Windows\System32\igfxHK.exe [247416] [PID.872] =>.Intel Corporation - pGFX®
[MD5.59DCEF50755E5FBB54EC882FC7BE6D00] - (...) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe [821240] [PID.7008] =>.Nero AG®
[MD5.58D0F2A12C419A527AE1B45458BAC4F2] - (.Wondershare - BackupRemind.) -- C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\Addins\AndroidBackupRestore\BackupRemind.exe [40080] [PID.9380] {1F8663313222FF9957A7D5EDD27A3346} =>.Wondershare
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.860] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.7940] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.1440] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.11440] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.15868] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.11400] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.16388] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.9500] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.9260] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.7100] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.13520] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.13748] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.FF9CE0FC9E3B4BC22001764A9EFE4741] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\user\Downloads\Programs\ZHPDiag3.exe [2105344] [PID.10772] =>.Nicolas Coolman
[MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.10788] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.D0278FA8947ED54A112893F71917F46A] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe [2133504] [PID.4868] {59123D60D39E60127D6B456A62C9DEAC}
[MD5.D7B59C5C8C22101B50502AFB482A86FE] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe [387072] [PID.10944]
[MD5.D7B59C5C8C22101B50502AFB482A86FE] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe [387072] [PID.3696]
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (2) - 1s
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll =>.Adobe Systems Incorporated
P2 - FPN: [HKLM] [@RIM.com/WebSLLauncher,version=1.0] - (.Research In Motion.) -- C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll =>.Research In Motion
---\\ Internet Explorer Extensions, Start, Search (18) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpageing123.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.startpageing123.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpageing123.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.startpageing123.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.startpageing123.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpageing123.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.startpageing123.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (6) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=
---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (16)
---\\ Browser Helper Object (BHO) (5) - 0s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll {7828C7315808BC8717710E13FA3C0B24} =>.Internet Download Manager, Tonec Inc.
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
O2 - BHO: ScriptInjectionPluginBrowserHelperObject [64Bits] - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} . (.AO Kaspersky Lab - Kaspersky Protection plugins.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab
O2 - BHO: Microsoft OneDrive for Business Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} (Orphean)
---\\ Auto loading programs from Registry and folders (20) - 1s
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Zune Launcher] . (.Microsoft Corporation - Zune Auto-Launcher.) -- C:\Program Files\Zune\ZuneLauncher.exe =>.Microsoft Corporation®
O4 - HKLM\..\Run: [WindowsDefender] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe (.not file.)
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC}
O4 - HKCU\..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (.not file.)
O4 - HKCU\..\Run: [PC Remote Server] . (.PC Remote - PC Remote Server.) -- C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe {2B2F2DCBBD5B48}
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc.
O4 - HKCU\..\Run: [IDM trial reset] . (...) -- C:\Users\user\Downloads\IDM\Trial Reset IDM Auto.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.®
O4 - HKLM\..\Wow6432Node\Run: [vmware-tray.exe] . (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe =>.VMware, Inc.®
O4 - HKLM\..\Wow6432Node\Run: [RIMBBLaunchAgent.exe] . (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe =>.Research In Motion®
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC}
O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (.not file.)
O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [PC Remote Server] . (.PC Remote - PC Remote Server.) -- C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe {2B2F2DCBBD5B48}
O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc.
O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [IDM trial reset] . (...) -- C:\Users\user\Downloads\IDM\Trial Reset IDM Auto.exe
---\\ Global shortcuts Startup (123) - 8s
O4 - GS\Desktop [Administrateur]: Advanced Grammar in Use.lnk . (.Cambridge University Press - Advanced Grammar in Use.) C:\Cambridge\AGU\AGU.exe =>.Cambridge University Press
O4 - GS\Desktop [Administrateur]: ASIO4ALL v2 Instruction Manual.lnk . (...) C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.pdf
O4 - GS\Desktop [Administrateur]: Car Mechanic Simulator 2015.lnk . (...) C:\Games\Car Mechanic Simulator 2015\cms2015_Loader.exe
O4 - GS\Desktop [Administrateur]: Cisco Packet Tracer.lnk . (...) C:\Program Files (x86)\Cisco Packet Tracer 6.0.1\bin\PacketTracer6.exe
O4 - GS\Desktop [Administrateur]: DoulCI Activator v3.0 Private Build.lnk . (.DoulCI Team® - DoulCI Activator v3.0.) C:\Program Files (x86)\DoulCI Team\DoulCI Activator v3.0 Private Build\DoulCI Activator v3.0.exe
O4 - GS\Desktop [Administrateur]: doulCi™ Activator v2.0.14.lnk . (.Copyright © 2015 - Doulci iCloud.) C:\Program Files (x86)\Doulci iCloud\doulCi™ Activator tool\doulCi™ Activator v2.0.14.exe
O4 - GS\Desktop [Administrateur]: eclipse.exe - Raccourci.lnk . (...) C:\Users\user\Documents\Mes cours\Isig international\Semestre 5\Infographie\Info\eclipse-standard-kepler-SR1-win32-x86_64\eclipse\eclipse.exe
O4 - GS\Desktop [Administrateur]: English Grammar in Use.lnk . (.Cambridge University Press - English Grammar in Use.) C:\Cambridge\EGU\EGU.exe =>.Cambridge University Press
O4 - GS\Desktop [Administrateur]: Essential Grammar in Use.lnk . (.Cambridge University Press - Essential Grammar In Use.) C:\Program Files (x86)\Cambridge\EssentialGrammarInUse\EssGram.exe =>.Cambridge University Press
O4 - GS\Desktop [Administrateur]: FL Studio 12 (64bit).lnk . (.Image-Line - FL Studio.) C:\Program Files (x86)\Image-Line\FL Studio 12\FL64.exe {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line
O4 - GS\Desktop [Administrateur]: FL.exe - Shortcut.lnk . (.Image-Line - FL Studio.) C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line
O4 - GS\Desktop [Administrateur]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\Desktop [Administrateur]: Grand Dictionnaire Hachette Oxford.lnk . (.Oxford University Press - Oxford-Hachette French Dictionary.) C:\Program Files (x86)\GDHO\gdho.exe
O4 - GS\Desktop [Administrateur]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc.
O4 - GS\Desktop [Administrateur]: KB Piano 2.lnk . (.G.F. Software - .) C:\Program Files (x86)\KB Piano 2\KBPiano2.exe
O4 - GS\Desktop [Administrateur]: LGMobile Support Tool.lnk . (.LG Electronics - LGMLauncher LGMobile Application.) C:\ProgramData\LGMOBILEAX\LGMLauncher.exe {4BAD88265909F29EB7827157954A75A5} =>.LG Electronics
O4 - GS\Desktop [Administrateur]: Messenger.exe - Raccourci.lnk . (...) C:\Program Files (x86)\Softros Systems\Softros Messenger\Messenger.exe
O4 - GS\Desktop [Administrateur]: NFS13.exe - Raccourci.lnk . (.Electronic Arts - Need for Speed™ Most Wanted.) D:\Logistics\Games\Race\Need for Speed Most Wanted\NFS13.exe =>.Electronic Arts
O4 - GS\Desktop [Administrateur]: NoteWorthy Composer.lnk . (...) C:\Program Files (x86)\NoteWorthy Composer\NWC32.EXE
O4 - GS\Desktop [Administrateur]: PC Remote Server.lnk . (.PC Remote - PC Remote Server.) C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe {2B2F2DCBBD5B48}
O4 - GS\Desktop [Administrateur]: PianoFX STUDIO 4.0.lnk . (.Tanseon Systems - PianoFX STUDIO 4.0.) C:\Program Files (x86)\PianoFX\PianoFX.exe
O4 - GS\Desktop [Administrateur]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe =>.VS Revo Group®
O4 - GS\Desktop [Administrateur]: Safe Money.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab®
O4 - GS\Desktop [Administrateur]: Speed - Raccourci.lnk . (...) D:\Logistics\Games\Race\Need for Speed Most Wanted\Speed.exe
O4 - GS\Desktop [Administrateur]: sublime_text.exe - Raccourci.lnk . (.Copyright (C) 2006 - 2016 Sublime HQ Pty Ltd - Sublime Text.) C:\Sublime Text Build 3047\sublime_text.exe {7F74C210CC0D477C7F54A8D4822D6A}
O4 - GS\Desktop [Administrateur]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe
O4 - GS\Desktop [Administrateur]: Test Simulator.lnk . (...) C:\Program Files (x86)\Test Simulator\T_Simulator.exe
O4 - GS\Desktop [Administrateur]: traducteur.exe - Shortcut.lnk . (...) D:\Logistics\TRADUCTION ANG FRANC\traducteur.exe
O4 - GS\Desktop [Administrateur]: UniFlash V2.lnk . (...) C:\Users\user\AppData\Roaming\Microsoft\Installer\{76C39E3D-0A9D-453C-80E3-D4FA454BE16B}\_B03BBBBDCA6E22E5A7F457.exe
O4 - GS\Desktop [Administrateur]: Universal Advance Unlocker.lnk . (.Josedavido & Dawood1208 - Universal Advance Unlocker.) C:\Program Files (x86)\Universal Advance Unlocker\Universal Advance Unlocker.exe
O4 - GS\Desktop [Administrateur]: UsbFix.lnk . (...) C:\UsbFix\UsbFix.exe {03E439D641B50EB561802D9A7F57D494}
O4 - GS\Desktop [Administrateur]: Usenet.nl.lnk . (.Copyright © 2009 - Usenet.nl.) C:\Program Files (x86)\Usenet.nl\Usenet.nl.exe
O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\user\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrateur]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC}
O4 - GS\Quicklaunch [Administrateur]: Apple Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Quicklaunch [Administrateur]: Arcai.com's NetCut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files (x86)\netcut\netcut.exe =>.arcai.com
O4 - GS\Quicklaunch [Administrateur]: dr.fone toolkit pour Android.lnk . (.Wondershare - dr.fone toolkit loader.) C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\DrFoneLoader.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
O4 - GS\Quicklaunch [Administrateur]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.0, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Administrateur]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe
O4 - GS\Quicklaunch [Administrateur]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC}
O4 - GS\sendTo [Administrateur]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Administrateur]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies SA®
O4 - GS\TaskBar [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Bangcar\Application\chrome.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
O4 - GS\Startup [Administrateur]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe
O4 - GS\Desktop [Marc Oued]: Advanced Grammar in Use.lnk . (.Cambridge University Press - Advanced Grammar in Use.) C:\Cambridge\AGU\AGU.exe =>.Cambridge University Press
O4 - GS\Desktop [Marc Oued]: ASIO4ALL v2 Instruction Manual.lnk . (...) C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.pdf
O4 - GS\Desktop [Marc Oued]: Car Mechanic Simulator 2015.lnk . (...) C:\Games\Car Mechanic Simulator 2015\cms2015_Loader.exe
O4 - GS\Desktop [Marc Oued]: Cisco Packet Tracer.lnk . (...) C:\Program Files (x86)\Cisco Packet Tracer 6.0.1\bin\PacketTracer6.exe
O4 - GS\Desktop [Marc Oued]: DoulCI Activator v3.0 Private Build.lnk . (.DoulCI Team® - DoulCI Activator v3.0.) C:\Program Files (x86)\DoulCI Team\DoulCI Activator v3.0 Private Build\DoulCI Activator v3.0.exe
O4 - GS\Desktop [Marc Oued]: doulCi™ Activator v2.0.14.lnk . (.Copyright © 2015 - Doulci iCloud.) C:\Program Files (x86)\Doulci iCloud\doulCi™ Activator tool\doulCi™ Activator v2.0.14.exe
O4 - GS\Desktop [Marc Oued]: eclipse.exe - Raccourci.lnk . (...) C:\Users\user\Documents\Mes cours\Isig international\Semestre 5\Infographie\Info\eclipse-standard-kepler-SR1-win32-x86_64\eclipse\eclipse.exe
O4 - GS\Desktop [Marc Oued]: English Grammar in Use.lnk . (.Cambridge University Press - English Grammar in Use.) C:\Cambridge\EGU\EGU.exe =>.Cambridge University Press
O4 - GS\Desktop [Marc Oued]: Essential Grammar in Use.lnk . (.Cambridge University Press - Essential Grammar In Use.) C:\Program Files (x86)\Cambridge\EssentialGrammarInUse\EssGram.exe =>.Cambridge University Press
O4 - GS\Desktop [Marc Oued]: FL Studio 12 (64bit).lnk . (.Image-Line - FL Studio.) C:\Program Files (x86)\Image-Line\FL Studio 12\FL64.exe {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line
O4 - GS\Desktop [Marc Oued]: FL.exe - Shortcut.lnk . (.Image-Line - FL Studio.) C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line
O4 - GS\Desktop [Marc Oued]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\Desktop [Marc Oued]: Grand Dictionnaire Hachette Oxford.lnk . (.Oxford University Press - Oxford-Hachette French Dictionary.) C:\Program Files (x86)\GDHO\gdho.exe
O4 - GS\Desktop [Marc Oued]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc.
O4 - GS\Desktop [Marc Oued]: KB Piano 2.lnk . (.G.F. Software - .) C:\Program Files (x86)\KB Piano 2\KBPiano2.exe
O4 - GS\Desktop [Marc Oued]: LGMobile Support Tool.lnk . (.LG Electronics - LGMLauncher LGMobile Application.) C:\ProgramData\LGMOBILEAX\LGMLauncher.exe {4BAD88265909F29EB7827157954A75A5} =>.LG Electronics
O4 - GS\Desktop [Marc Oued]: Messenger.exe - Raccourci.lnk . (...) C:\Program Files (x86)\Softros Systems\Softros Messenger\Messenger.exe
O4 - GS\Desktop [Marc Oued]: NFS13.exe - Raccourci.lnk . (.Electronic Arts - Need for Speed™ Most Wanted.) D:\Logistics\Games\Race\Need for Speed Most Wanted\NFS13.exe =>.Electronic Arts
O4 - GS\Desktop [Marc Oued]: NoteWorthy Composer.lnk . (...) C:\Program Files (x86)\NoteWorthy Composer\NWC32.EXE
O4 - GS\Desktop [Marc Oued]: PC Remote Server.lnk . (.PC Remote - PC Remote Server.) C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe {2B2F2DCBBD5B48}
O4 - GS\Desktop [Marc Oued]: PianoFX STUDIO 4.0.lnk . (.Tanseon Systems - PianoFX STUDIO 4.0.) C:\Program Files (x86)\PianoFX\PianoFX.exe
O4 - GS\Desktop [Marc Oued]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe =>.VS Revo Group®
O4 - GS\Desktop [Marc Oued]: Safe Money.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab®
O4 - GS\Desktop [Marc Oued]: Speed - Raccourci.lnk . (...) D:\Logistics\Games\Race\Need for Speed Most Wanted\Speed.exe
O4 - GS\Desktop [Marc Oued]: sublime_text.exe - Raccourci.lnk . (.Copyright (C) 2006 - 2016 Sublime HQ Pty Ltd - Sublime Text.) C:\Sublime Text Build 3047\sublime_text.exe {7F74C210CC0D477C7F54A8D4822D6A}
O4 - GS\Desktop [Marc Oued]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe
O4 - GS\Desktop [Marc Oued]: Test Simulator.lnk . (...) C:\Program Files (x86)\Test Simulator\T_Simulator.exe
O4 - GS\Desktop [Marc Oued]: traducteur.exe - Shortcut.lnk . (...) D:\Logistics\TRADUCTION ANG FRANC\traducteur.exe
O4 - GS\Desktop [Marc Oued]: UniFlash V2.lnk . (...) C:\Users\user\AppData\Roaming\Microsoft\Installer\{76C39E3D-0A9D-453C-80E3-D4FA454BE16B}\_B03BBBBDCA6E22E5A7F457.exe
O4 - GS\Desktop [Marc Oued]: Universal Advance Unlocker.lnk . (.Josedavido & Dawood1208 - Universal Advance Unlocker.) C:\Program Files (x86)\Universal Advance Unlocker\Universal Advance Unlocker.exe
O4 - GS\Desktop [Marc Oued]: UsbFix.lnk . (...) C:\UsbFix\UsbFix.exe {03E439D641B50EB561802D9A7F57D494}
O4 - GS\Desktop [Marc Oued]: Usenet.nl.lnk . (.Copyright © 2009 - Usenet.nl.) C:\Program Files (x86)\Usenet.nl\Usenet.nl.exe
O4 - GS\Desktop [Marc Oued]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\user\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Marc Oued]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC}
O4 - GS\Quicklaunch [Marc Oued]: Apple Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Quicklaunch [Marc Oued]: Arcai.com's NetCut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files (x86)\netcut\netcut.exe =>.arcai.com
O4 - GS\Quicklaunch [Marc Oued]: dr.fone toolkit pour Android.lnk . (.Wondershare - dr.fone toolkit loader.) C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\DrFoneLoader.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
O4 - GS\Quicklaunch [Marc Oued]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.0, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Marc Oued]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe
O4 - GS\Quicklaunch [Marc Oued]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC}
O4 - GS\sendTo [Marc Oued]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Marc Oued]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies SA®
O4 - GS\TaskBar [Marc Oued]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Bangcar\Application\chrome.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
O4 - GS\Startup [Marc Oued]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe
O4 - GS\CommonDesktop [Public]: AIMP.lnk . (.AIMP DevTeam - AIMP.) C:\Program Files (x86)\AIMP\AIMP.exe {2E5136402087ADFCCD8977967B2F00B7} =>.AIMP DevTeam
O4 - GS\CommonDesktop [Public]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe {5FAEE9E83F32948F3B2040AC6DF0145C}
O4 - GS\CommonDesktop [Public]: BlackBerry Desktop Software.lnk . (.Research In Motion - BlackBerry Desktop Software.) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe =>.Research In Motion®
O4 - GS\CommonDesktop [Public]: Download IDM 6.26 build...lnk . (...) C:\Users\user\Downloads\Programs\IDM 6.exe
O4 - GS\CommonDesktop [Public]: dr.fone toolkit pour Android.lnk . (.Wondershare - dr.fone toolkit loader.) C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\DrFoneLoader.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare
O4 - GS\CommonDesktop [Public]: Droid4X Multi Manager.lnk . (...) C:\Program Files (x86)\Droid4X\MultiMgr.exe {141EC0B6DE6EE09A2165B9E3CEAE9C05}
O4 - GS\CommonDesktop [Public]: Droid4X.lnk . (...) C:\Program Files (x86)\Droid4X\Droid4X.exe {141EC0B6DE6EE09A2165B9E3CEAE9C05}
O4 - GS\CommonDesktop [Public]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.0, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\CommonDesktop [Public]: Freedome.lnk . (.F-Secure Corporation - F-Secure Freedome UI.) C:\Program Files (x86)\F-Secure\Freedome\Freedome\1.1\Freedome.exe {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Bangcar\Application\chrome.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
O4 - GS\CommonDesktop [Public]: Google Earth.lnk . (.Google - Google Earth.) C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google
O4 - GS\CommonDesktop [Public]: Google.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe {5FAEE9E83F32948F3B2040AC6DF0145C}
O4 - GS\CommonDesktop [Public]: Harrap's Unabridged Pro Français - Anglais.lnk . (.Copyright (C) 2002 - Application MFC Multilingual.) C:\Program Files (x86)\Harrap\Harrap's Unabridged Pro\Bin\MultiLingual.exe
O4 - GS\CommonDesktop [Public]: HTC Sync Manager.lnk . (...) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe =>.Nero AG®
O4 - GS\CommonDesktop [Public]: Intel(R) HD Graphics Control Panel.lnk . (.Intel Corporation - GFXUIEX Module.) C:\WINDOWS\system32\GfxUIEx.exe =>.Intel Corporation - pGFX®
O4 - GS\CommonDesktop [Public]: iReport-5.6.0.lnk . (...) C:\Program Files (x86)\Jaspersoft\iReport-5.6.0\bin\ireport.exe
O4 - GS\CommonDesktop [Public]: Jurassic UniAndroid.lnk . (.Jurassic GSM Tools - Jurassic Universal Android Tool.) C:\Program Files (x86)\JURASSIC Universal Android Tool v.5.0.2\Jurassic UniAndroid.exe
O4 - GS\CommonDesktop [Public]: Kaspersky Internet Security.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab®
O4 - GS\CommonDesktop [Public]: MiniTool Partition Wizard Free.lnk . (...) C:\Program Files\MiniTool Partition Wizard Free 9.1\loader.exe {1121FE616769A8C3C0A0EDC5507542AE320D}
O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Firefox\Firefox.exe {57FCDAB4B0C6202BC89A0DDD4A742960} =>.Mozilla Corporation
O4 - GS\CommonDesktop [Public]: NetBeans IDE 8.0.2.lnk . (.Oracle Corporation - .) C:\Program Files (x86)\NetBeans 8.0.2\bin\netbeans64.exe =>.Oracle Corporation
O4 - GS\CommonDesktop [Public]: Petit Larousse 2010.lnk . (.Larousse - Le Petit Larousse 2010.) C:\Program Files (x86)\Larousse\Petit Larousse 2010\bin\PLViewer.exe
O4 - GS\CommonDesktop [Public]: Recuva.lnk . (.Piriform Ltd - Recuva.) C:\Program Files\Recuva\recuva64.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\CommonDesktop [Public]: SecureLine.lnk . (.AVAST Software - SecureLine.) C:\Program Files\AVAST Software\SecureLine\SecureLine.exe =>.AVAST Software a.s.®
O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\WINDOWS\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN
O4 - GS\CommonDesktop [Public]: Wampserver64.lnk . (.Aestan Software - Aestan Tray Menu.) C:\wamp64\wampmanager.exe =>.Aestan Software
O4 - GS\Startup [Public]: avast! SecureLine.lnk . (.AVAST Software - SecureLine.) C:\Program Files\AVAST Software\SecureLine\SecureLine.exe =>.AVAST Software a.s.®
O4 - GS\Startup [Public]: BackupRemind.lnk . (.Wondershare - BackupRemind.) C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\Addins\AndroidBackupRestore\BackupRemind.exe {1F8663313222FF9957A7D5EDD27A3346} =>.Wondershare
O4 - GS\Startup [Public]: Hyperappel du Petit Larousse 2010.lnk . (.Copyright (C) 2000 - Application MFC hyperappel.) C:\Program Files (x86)\Larousse\Petit Larousse 2010\bin\Hyperappel.exe
O4 - GS\Programs [Public]: Essential Grammar in Use.lnk . (.Cambridge University Press - Essential Grammar In Use.) C:\Program Files (x86)\Cambridge\EssentialGrammarInUse\EssGram.exe =>.Cambridge University Press
O4 - GS\Programs [Public]: NoteWorthy Composer.lnk . (...) C:\Program Files (x86)\NoteWorthy Composer\NWC32.EXE
O4 - GS\Programs [Public]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe
O4 - GS\Programs [Public]: UniFlash V2.lnk . (...) C:\Users\user\AppData\Roaming\Microsoft\Installer\{76C39E3D-0A9D-453C-80E3-D4FA454BE16B}\_E4A40A3216341D7F72DB1C.exe
---\\ Lop.com/Domain Hijackers (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{124991fe-45c5-4718-a553-9220dee06f91}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0d511c1c-9df9-4f03-bf4a-aa7be1a7d953}: DhcpNameServer = 198.18.6.145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{c1a485f3-dd50-415a-a57c-872e1a132a28}: DhcpNameServer = 192.168.0.1
---\\ Extra protocols (31) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (...) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (.not file.)
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (...) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (.not file.)
O18 - Handler: mso-minsb-roaming.16 [64Bits] - {83C25742-A9F7-49FB-9138-434302C88D07} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
O18 - Handler: mso-minsb.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
O18 - Handler: osf-roaming.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll =>.Skype Technologies SA®
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation®
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation®
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
---\\ List of key exploring StartupApproved (38) - 1s
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:uTorrent
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Bitdefender Wallet Agent
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:IDMan
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDrive
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SpeedConnectStartUp
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:pdiface
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Chromium
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:IDM trial reset
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:X-Lite
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:apphide2
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SuperCopier3
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Viber
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OfficeSyncProcess
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:PC Remote Server
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:background_fault
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:e.lnk
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:MyPC Backup.lnk =>PUP.Optional.MyPCBackup
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:PdaNet Desktop.lnk
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:Survey Remover 4.1.0.0.lnk
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:uTorrent
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Bitdefender Wallet Agent
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:IDMan
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDrive
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SpeedConnectStartUp
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:pdiface
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Chromium
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:IDM trial reset
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:X-Lite
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:apphide2
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SuperCopier3
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Viber
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OfficeSyncProcess
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:PC Remote Server
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:background_fault
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:e.lnk
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:MyPC Backup.lnk =>PUP.Optional.MyPCBackup
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:PdaNet Desktop.lnk
[HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:Survey Remover 4.1.0.0.lnk
---\\ Software installed (142) - 22s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent {59123D60D39E60127D6B456A62C9DEAC}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0A5B39D2-7ED6-4779-BCC9-37F381139DB3} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 25 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Shockwave Player + Authorware Web Player - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player + Authorware Web Player =>.Adobe Systems, Inc.
O42 - Logiciel: AIMP - (.AIMP DevTeam.) [HKLM][64Bits] -- AIMP {2E5136402087ADFCCD8977967B2F00B7} =>.AIMP DevTeam
O42 - Logiciel: AlphaGo - (.AlphaGo.) [HKLM][64Bits] -- {E1AF73C7-0C82-4D66-829E-16B29FBBF384}
O42 - Logiciel: amuleC - (.amuleC.) [HKLM][64Bits] -- {19539992-061C-4E8B-9053-07B175303AF4}
O42 - Logiciel: Analyseur et SDK MSXML 4.0 SP2 - (.Microsoft Corporation.) [HKLM][64Bits] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC} =>.Microsoft Corporation
O42 - Logiciel: Android Studio - (.Google Inc..) [HKLM][64Bits] -- Android Studio {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc.
O42 - Logiciel: ASIO4ALL - (.Michael Tippach.) [HKLM][64Bits] -- ASIO4ALL =>.Michael Tippach
O42 - Logiciel: avast! SecureLine v1.0.24.0 - (.AVAST Software.) [HKLM][64Bits] -- {2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1 =>.AVAST Software a.s.®
O42 - Logiciel: Baidu Browser - (.Baidu Inc..) [HKLM][64Bits] -- Spark {5FAEE9E83F32948F3B2040AC6DF0145C}
O42 - Logiciel: Barre de recherche Encarta (64 bits) - (.Microsoft.) [HKLM][64Bits] -- {08184040-959A-4B0D-8825-2C533F0DDB19} =>.Microsoft
O42 - Logiciel: BlackBerry Desktop Software 7.1 - (.Research In Motion Ltd..) [HKLM][64Bits] -- {BE5B0450-DCCB-4FE9-93E2-3B38D88A745B} =>.Research In Motion Ltd.
O42 - Logiciel: BlackBerry Desktop Software 7.1 - (.Research In Motion Ltd..) [HKLM][64Bits] -- BlackBerry_Desktop =>.Research In Motion®
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {56DDDFB8-7F79-4480-89D5-25E1F52AB28F} =>.Apple Inc.
O42 - Logiciel: Cambridge- Advanced Grammar in Use - (.Clarity Language Consultants Ltd.) [HKLM][64Bits] -- Cambridge- Advanced Grammar in Use
O42 - Logiciel: Cambridge- English Grammar in Use - (.Clarity Language Consultants Ltd.) [HKLM][64Bits] -- Cambridge- English Grammar in Use
O42 - Logiciel: Car Mechanic Simulator 2015 v.1.0.6.2 - (...) [HKLM][64Bits] -- Car Mechanic Simulator 2015_is1
O42 - Logiciel: Cisco Networking Academy curriculum 4.0(1) - (.Cisco Systems, Inc..) [HKLM][64Bits] -- Cisco Networking Academy curriculum_is1 =>.Cisco Systems, Inc.
O42 - Logiciel: Cisco Packet Tracer 6.0.1 - (.Cisco Systems, Inc..) [HKLM][64Bits] -- Cisco Packet Tracer 6.0.1_is1 =>.Cisco Systems, Inc.
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft
O42 - Logiciel: DoulCI Activator v3.0 Private Build - (.DoulCI Team.) [HKLM][64Bits] -- DoulCI Activator v3.0 Private Build
O42 - Logiciel: doulCi™ Activator tool 2.0.14 - (.Doulci iCloud.) [HKLM][64Bits] -- doulCi™ Activator tool 2.0.14 =>.Superfluous.DoulCiActivator
O42 - Logiciel: dr.fone toolkit pour Android (Version 8.2.1) - (.Wondershare Technology Co.,Ltd..) [HKLM][64Bits] -- {7B08A1E1-3644-4237-B39D-762B5F5564D0}_is1 {5CCAA82369A26AEE30D017616B1CEB69}
O42 - Logiciel: Droid4X - (.Haiyu Dongxiang Co.,Ltd..) [HKLM][64Bits] -- Droid4X
O42 - Logiciel: Essential Grammar in Use - (.Cambridge.) [HKLM][64Bits] -- {253C884B-3E62-4FA3-88AF-4861F1A1BCC3} =>.Cambridge
O42 - Logiciel: FL Studio 12 - (.Image-Line.) [HKLM][64Bits] -- FL Studio 12 {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line
O42 - Logiciel: FL Studio ASIO - (.Image-Line.) [HKLM][64Bits] -- FL Studio ASIO {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line
O42 - Logiciel: FormatFactory 3.3.1.0 - (.Format Factory.) [HKLM][64Bits] -- FormatFactory =>.Format Factory
O42 - Logiciel: Foxit Reader - (.Foxit Software Inc..) [HKLM][64Bits] -- Foxit Reader_is1 =>.Foxit Software Incorporated®
O42 - Logiciel: Free Bible 0.92 - (.BibleGratuite.org.) [HKLM][64Bits] -- BibleGratuite_is1
O42 - Logiciel: Freedome - (.F-Secure Corporation.) [HKLM][64Bits] -- F-Secure Freedome {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation
O42 - Logiciel: GlassFish Server Open Source Edition 4.1 - (...) [HKLM][64Bits] -- nbi-glassfish-mod-4.1.0.13.0
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {F6430171-B86B-4639-839E-374913E7911D} =>.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Grand Dictionnaire Hachette-Oxford - (...) [HKLM][64Bits] -- Grand Dictionnaire Hachette-Oxford
O42 - Logiciel: Harrap's Unabridged Pro - (...) [HKLM][64Bits] -- Harrap's Unabridged Pro
O42 - Logiciel: Harrap's Unabridged Pro Français - Anglais - (...) [HKLM][64Bits] -- {1F73C81A-E441-4957-BF0C-9CFAB635E69B}
O42 - Logiciel: HTC Driver Installer - (.HTC Corporation.) [HKLM][64Bits] -- {4CEEE5D0-F905-4688-B9F9-ECC710507796} =>.HTC Corporation
O42 - Logiciel: HTC Sync Manager - (.HTC.) [HKLM][64Bits] -- {231D0C79-98A6-4693-A366-36DE7D7346EC} =>.HTC
O42 - Logiciel: IL Download Manager - (.Image-Line.) [HKLM][64Bits] -- IL Download Manager {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line
O42 - Logiciel: IL Shared Libraries - (.Image-Line.) [HKLM][64Bits] -- IL Shared Libraries {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {1CEAC85D-2590-4760-800F-8DE5E91F3700} =>.Intel Corporation
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {9ECA1744-4800-4AE2-AC52-9109E24854AA} =>.Intel Corporation
O42 - Logiciel: Intel(R) ME UninstallLegacy - (.Intel Corporation.) [HKLM][64Bits] -- {335F9123-9306-4DB0-AF07-9C636317EE9D} =>.Intel Corporation
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - pGFX®
O42 - Logiciel: Intel® RealSense™ SDK 2014 Runtime (x64): Core - (.Intel Corporation.) [HKLM][64Bits] -- {37D41A97-6B02-4C30-8753-85107BE1D674} =>.Intel Corporation
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc.
O42 - Logiciel: IPTInstaller - (.HTC.) [HKLM][64Bits] -- {08208143-777D-4A06-BB54-71BF0AD1BB70} =>.HTC
O42 - Logiciel: iReport 5.6.0 - (.Jaspersoft Corp..) [HKLM][64Bits] -- iReport-5.6.0.exe
O42 - Logiciel: Java 8 Update 51 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418051F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Java SE Development Kit 8 Update 51 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180510} =>.Oracle Corporation
O42 - Logiciel: Java(TM) 7 Update 2 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417002FF} =>.Oracle
O42 - Logiciel: Java(TM) SE Development Kit 7 Update 2 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0170020} =>.Oracle
O42 - Logiciel: JavaFX 2.0.2 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {1111706F-666A-4037-7777-202648764D10} =>.Oracle Corporation
O42 - Logiciel: JavaFX 2.0.2 SDK (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {2222706F-666A-4037-7777-202648764D10} =>.Oracle Corporation
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {0BE9E708-5DC0-4963-9CFD-0AA519090E79} =>.Microsoft Corporation
O42 - Logiciel: JURASSIC Universal Android Tool v.5.0.2 - (...) [HKLM][64Bits] -- JURASSIC Universal Android Tool v.5.0.2
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- {77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} =>.Kaspersky Lab
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} =>.Kaspersky Lab
O42 - Logiciel: KB Piano 2.5.1 Shareware version - (...) [HKLM][64Bits] -- KB Piano_is1
O42 - Logiciel: KMSpico - (...) [HKLM][64Bits] -- {8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 =>HackTool.KMSpico
O42 - Logiciel: LG United Mobile Driver - (.LG Electronics.) [HKLM][64Bits] -- {2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA} =>.LG Electronics
O42 - Logiciel: LG USB WML Modem Driver - (.LG Electronics.) [HKLM][64Bits] -- {FBA0CA60-8BF2-4381-B819-74F020E165A9} =>.LG Electronics
O42 - Logiciel: LG VZW United Drivers - (.LG Electronics.) [HKLM][64Bits] -- {E86DE69E-A94E-41B6-8661-7372FCA1A83C} =>.LG Electronics
O42 - Logiciel: Metric Collection SDK 35 - (.Lenovo Group Limited.) [HKLM][64Bits] -- {C2B5B5B0-2545-4E94-B4BA-548D4BF0B196} =>.Lenovo Group Limited
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Encarta 2009 - Collection - (.Microsoft Corporation.) [HKLM][64Bits] -- {09180081-2C94-4A67-8E55-8483C019C7D2} =>.Microsoft Corporation
O42 - Logiciel: MiniTool Partition Wizard Free 9.1 - (.MiniTool Solution Ltd..) [HKLM][64Bits] -- {05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1 {1121FE616769A8C3C0A0EDC5507542AE320D} =>.MiniTool Solution Ltd.
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} =>.Microsoft
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} =>.Microsoft
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} =>.Microsoft
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM][64Bits] -- {196467F1-C11F-4F76-858B-5812ADC83B94} =>.Microsoft Corporation
O42 - Logiciel: MusicLab Virtual MIDI Driver - (.MusicLab, Inc..) [HKLM][64Bits] -- {A30B7FD7-04A1-46e1-ABDF-FD592C113253}
O42 - Logiciel: NetBeans IDE 8.0.2 - (.NetBeans.org.) [HKLM][64Bits] -- nbi-nb-base-8.0.2.0.201411181905 =>.NetBeans.org
O42 - Logiciel: NetCut 2.1.4 - (.arcai.com.) [HKLM][64Bits] -- NetCut_is1 =>.arcai.com
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++ =>.Notepad++ Team
O42 - Logiciel: NoteWorthy Composer - (...) [HKLM][64Bits] -- NoteWorthy Composer
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component 64-bit Registration - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00DD-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-007E-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Oracle VM VirtualBox 4.3.12_ZZZZ - (.Oracle Corporation.) [HKLM][64Bits] -- {B5121457-0126-4E62-BCBF-6DC7C73D9E4A} =>.Oracle Corporation
O42 - Logiciel: PC Remote - (.PC Remote.) [HKLM][64Bits] -- {C934DF74-D0D9-445C-90AA-34012A04E11D}
O42 - Logiciel: Petit Larousse 2010 - (...) [HKLM][64Bits] -- {422FADA9-FED2-41D7-B5FA-472BB98B7784}
O42 - Logiciel: PianoFX STUDIO 4.0 - (.Tanseon Systems.) [HKLM][64Bits] -- PianoFX STUDIO 4.0_is1
O42 - Logiciel: PotPlayer v1.6.55391 Stable x86 - (.Daum Corp..) [HKLM][64Bits] -- PotPlayer
O42 - Logiciel: Recuva - (.Piriform.) [HKLM][64Bits] -- Recuva =>.Piriform Ltd®
O42 - Logiciel: reFX Nexus VSTi RTAS v2.2.0 - (...) [HKLM][64Bits] -- reFX Nexus_is1
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller =>.VS Revo Group
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D} =>.Apple Inc.
O42 - Logiciel: SAM CoDeC Pack - (.www.SamLab.ws.) [HKLM][64Bits] -- SAM CoDeC Pack
O42 - Logiciel: Skype™ 6.3 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D} =>.Skype Technologies S.A.
O42 - Logiciel: Survey Remover Trial - (.Survey Remover Online.) [HKLM][64Bits] -- Survey Remover Trial4.1.0.0
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated
O42 - Logiciel: Terela - (.Terela.) [HKLM][64Bits] -- {E2F7C535-0785-4C2D-B56F-016BFD02B010}
O42 - Logiciel: Test Simulator - (...) [HKLM][64Bits] -- Test Simulator
O42 - Logiciel: Try Corel Snapfire muvee autoProducer add on - (.Nom de votre société.) [HKLM][64Bits] -- {12665B01-3F3A-4433-B179-9D8E352D7547}
O42 - Logiciel: UAUBEN DEL SOFTWARE BUNDLE - (.UAUBEN.) [HKLM][64Bits] -- {6238D800-71CD-44F2-BED6-707CE8FEDFBE}
O42 - Logiciel: UniFlash - (.Mikhail Prokofiev.) [HKLM][64Bits] -- {76C39E3D-0A9D-453C-80E3-D4FA454BE16B}
O42 - Logiciel: Universal Adb Driver - (.ClockworkMod.) [HKLM][64Bits] -- {D9C4202E-6D51-4B06-A8F1-22316E654BCA} =>.ClockworkMod
O42 - Logiciel: Universal Advance Unlocker - (...) [HKLM][64Bits] -- Universal Advance Unlocker
O42 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM][64Bits] -- Usbfix =>.El Desaparecido - www.usbfix.net - www.sosvirus.net
O42 - Logiciel: Usenet.nl - (...) [HKLM][64Bits] -- Usenet.nl_is1 =>.TangySoft Ltd.®
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: VMware Workstation - (.VMware, Inc..) [HKLM][64Bits] -- {F4C0A853-FA3B-4404-954B-799299EB5A98} =>.VMware, Inc.
O42 - Logiciel: Wampserver64 3.0.6 - (.Dominique Ottello aka Otomatic.) [HKLM][64Bits] -- {wampserver64}_is1
O42 - Logiciel: Windows Mobile Device Updater Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {F2CB8C3C-9C9E-4FAB-9067-655601C5F748} =>.Microsoft Corporation
O42 - Logiciel: Windows Phone app for desktop - (.Microsoft Corporation.) [HKLM][64Bits] -- {5F71448B-88EB-4357-9A98-8658D4C49C48} =>.Microsoft Corporation
O42 - Logiciel: Windows Phone Device Manager - (.Julien Schapman.) [HKLM][64Bits] -- {3959E064-5785-4DA1-9799-5A841F6B9DA5}
O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM][64Bits] -- WinPcapInst =>.CACE Technologies
O42 - Logiciel: WinRAR 5.01 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: WinSnare - (.WinSnare.) [HKLM][64Bits] -- {BD101EEA-592F-453A-A5BD-11BB4B6EC9A0}
O42 - Logiciel: Zune - (.Microsoft Corporation.) [HKLM][64Bits] -- {9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5} =>.Microsoft Corporation
O42 - Logiciel: Zune - (.Microsoft Corporation.) [HKLM][64Bits] -- Zune =>.Microsoft Corporation®
O42 - Logiciel: Zune Language Pack (CHS) - (.Microsoft Corporation.) [HKLM][64Bits] -- {2A9DFFD8-4E09-4B91-B957-454805B0D7C4} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (CHT) - (.Microsoft Corporation.) [HKLM][64Bits] -- {A5A53EA8-A11E-49F0-BDF5-AE536426A31A} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (CSY) - (.Microsoft Corporation.) [HKLM][64Bits] -- {A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (DAN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8B112338-2B08-4851-AF84-E7CAD74CEB32} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (DEU) - (.Microsoft Corporation.) [HKLM][64Bits] -- {BE236D9A-52EC-4A17-82DA-84B5EAD31E3E} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (ELL) - (.Microsoft Corporation.) [HKLM][64Bits] -- {3589A659-F732-4E65-A89A-5438C332E59D} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (ESP) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6B33492E-FBBC-4EC3-8738-09E16E395A10} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (FIN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {B4870774-5F3A-46D9-9DFE-06FB5599E26B} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (FRA) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C68D33B1-0204-4EBE-BC45-A6E432B1D13A} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (HUN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C6BE19C6-B102-4038-B2A6-1C313872DBB4} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (IND) - (.Microsoft Corporation.) [HKLM][64Bits] -- {92ECE3F9-591E-4C12-8A62-B9FCE38BF646} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (ITA) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C5D37FFA-7483-410B-982B-91E93FD3B7DA} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (JPN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {D8A781C9-3892-4E2E-9320-480CF896CFBB} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (KOR) - (.Microsoft Corporation.) [HKLM][64Bits] -- {51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (MSL) - (.Microsoft Corporation.) [HKLM][64Bits] -- {76BA306B-2AA0-47C0-AB6B-F313AB56C136} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (NLD) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6740BCB0-5863-47F4-80F4-44F394DE4FE2} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (NOR) - (.Microsoft Corporation.) [HKLM][64Bits] -- {5DEFD397-4012-46C3-B6DA-E8013E660772} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (PLK) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8960A0A1-BB5A-479E-92CF-65AB9D684B43} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (PTB) - (.Microsoft Corporation.) [HKLM][64Bits] -- {07EEE598-5F21-4B57-B40B-46592625B3D9} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (PTG) - (.Microsoft Corporation.) [HKLM][64Bits] -- {5C93E291-A1CC-4E51-85C6-E194209FCDB4} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (RUS) - (.Microsoft Corporation.) [HKLM][64Bits] -- {57C51D56-B287-4C11-9192-EC3C46EF76A4} =>.Microsoft Corporation
O42 - Logiciel: Zune Language Pack (SVE) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6EB931CD-A7DA-4A44-B74A-89C8EB50086F} =>.Microsoft Corporation
---\\ HKCU & HKLM Software Keys (215) - 22s
HKLM\SOFTWARE\Wow6432Node\3B878D788DA34B0EA09AC0543ABB3821 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\AMD
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Arcai
HKLM\SOFTWARE\Wow6432Node\ASIO
HKLM\SOFTWARE\Wow6432Node\ASIO4ALL
HKLM\SOFTWARE\Wow6432Node\Auslogics
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\AviSynth
HKLM\SOFTWARE\Wow6432Node\Baidu
HKLM\SOFTWARE\Wow6432Node\Bangcar
HKLM\SOFTWARE\Wow6432Node\Bavrykatok
HKLM\SOFTWARE\Wow6432Node\Caphyon
HKLM\SOFTWARE\Wow6432Node\Chromium
HKLM\SOFTWARE\Wow6432Node\Clarity
HKLM\SOFTWARE\Wow6432Node\Clickteam
HKLM\SOFTWARE\Wow6432Node\CloudOPTInfo
HKLM\SOFTWARE\Wow6432Node\co.ao.aio
HKLM\SOFTWARE\Wow6432Node\Corel
HKLM\SOFTWARE\Wow6432Node\CounterPath
HKLM\SOFTWARE\Wow6432Node\Couvutionkocty
HKLM\SOFTWARE\Wow6432Node\Cyanide
HKLM\SOFTWARE\Wow6432Node\Cygwin
HKLM\SOFTWARE\Wow6432Node\drpsu
HKLM\SOFTWARE\Wow6432Node\DSPRobotics
HKLM\SOFTWARE\Wow6432Node\Extended Systems
HKLM\SOFTWARE\Wow6432Node\F-Secure
HKLM\SOFTWARE\Wow6432Node\fdqoge
HKLM\SOFTWARE\Wow6432Node\Firefox
HKLM\SOFTWARE\Wow6432Node\fjffffadf
HKLM\SOFTWARE\Wow6432Node\Foxit Software
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\GuidGuid13
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\Harrap
HKLM\SOFTWARE\Wow6432Node\Havas Interactive
HKLM\SOFTWARE\Wow6432Node\hohosearchSoftware
HKLM\SOFTWARE\Wow6432Node\HTC
HKLM\SOFTWARE\Wow6432Node\ihpmserver =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Image-Line
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Larousse
HKLM\SOFTWARE\Wow6432Node\Lenovo
HKLM\SOFTWARE\Wow6432Node\LG Electronics
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\McAfee
HKLM\SOFTWARE\Wow6432Node\Microleaves
HKLM\SOFTWARE\Wow6432Node\MimarSinan
HKLM\SOFTWARE\Wow6432Node\MOVAVI
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nero
HKLM\SOFTWARE\Wow6432Node\NMDVPN-GUI
HKLM\SOFTWARE\Wow6432Node\Notepad++
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OldTimer Tools
HKLM\SOFTWARE\Wow6432Node\Propellerhead Software
HKLM\SOFTWARE\Wow6432Node\PTE Patch 2016
HKLM\SOFTWARE\Wow6432Node\RayDld =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\REALTEK Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Research In Motion
HKLM\SOFTWARE\Wow6432Node\RtWLan
HKLM\SOFTWARE\Wow6432Node\ScreenShot
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Softros Systems
HKLM\SOFTWARE\Wow6432Node\SoftVoice
HKLM\SOFTWARE\Wow6432Node\SOSVirus
HKLM\SOFTWARE\Wow6432Node\SprgFiles
HKLM\SOFTWARE\Wow6432Node\startpageing123Software
HKLM\SOFTWARE\Wow6432Node\Stellar Data Recovery
HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent
HKLM\SOFTWARE\Wow6432Node\ThinPrint
HKLM\SOFTWARE\Wow6432Node\UAUBEN
HKLM\SOFTWARE\Wow6432Node\UCBrowserPID
HKLM\SOFTWARE\Wow6432Node\UniFlash
HKLM\SOFTWARE\Wow6432Node\VMware, Inc.
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WafCX
HKLM\SOFTWARE\Wow6432Node\WinArcher
HKLM\SOFTWARE\Wow6432Node\WinPcap
HKLM\SOFTWARE\Wow6432Node\WinSaberSvc
HKLM\SOFTWARE\Wow6432Node\Wise Solutions
HKLM\SOFTWARE\Wow6432Node\Wondershare
HKLM\SOFTWARE\Wow6432Node\WOW6432Node
HKLM\SOFTWARE\Wow6432Node\wvc
HKLM\SOFTWARE\Wow6432Node\xvb`lj
HKLM\SOFTWARE\Wow6432Node\youndooSoftware
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\3B878D788DA34B0EA09AC0543ABB3821 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AC3Filter
HKCU\SOFTWARE\AlphaGo
HKCU\SOFTWARE\Andy
HKCU\SOFTWARE\AOMEI
HKCU\SOFTWARE\Apowersoft
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Arcai.com
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\Bangcar
HKCU\SOFTWARE\BibleGratuite
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Bytescout
HKCU\SOFTWARE\CamStudioOpenSource for Nick
HKCU\SOFTWARE\CBS Software
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Clickteam
HKCU\SOFTWARE\CounterPath
HKCU\SOFTWARE\csastats
HKCU\SOFTWARE\Cyanide
HKCU\SOFTWARE\Cygwin
HKCU\SOFTWARE\DAUM
HKCU\SOFTWARE\deskapp
HKCU\SOFTWARE\DownloadAstro
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Dropbox
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\DRPSu Updater
HKCU\SOFTWARE\DSS
HKCU\SOFTWARE\DVG
HKCU\SOFTWARE\Emjysoft
HKCU\SOFTWARE\Extended Systems
HKCU\SOFTWARE\F-Secure
HKCU\SOFTWARE\Foxit Software
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\heheelibom
HKCU\SOFTWARE\HTC
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Image-Line
HKCU\SOFTWARE\ImTOO
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\JEDI-VCL
HKCU\SOFTWARE\KasperskyLab
HKCU\SOFTWARE\KC Softwares
HKCU\SOFTWARE\L&H Language Technology
HKCU\SOFTWARE\Learn Spanish - Level 7 - Intermediate Audio Course
HKCU\SOFTWARE\Lenovo
HKCU\SOFTWARE\LG Electronics
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\LowRegistry
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Micro Application
HKCU\SOFTWARE\Mikhail Prokofiev
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\MiniTool Solution Ltd.
HKCU\SOFTWARE\Mirage
HKCU\SOFTWARE\MOVAVI
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-BE
HKCU\SOFTWARE\Native Instruments
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\PC Remote
HKCU\SOFTWARE\PdaNetAndroid
HKCU\SOFTWARE\PEiD
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Red Dot Games
HKCU\SOFTWARE\reFX
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Research In Motion
HKCU\SOFTWARE\SamLab.ws
HKCU\SOFTWARE\Screen Recorder Studio
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SMADΔV
HKCU\SOFTWARE\SoftVoice
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\Terela
HKCU\SOFTWARE\Torrentex Inc.
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\UCBrowser
HKCU\SOFTWARE\UCBrowserPID
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\UsbFix
HKCU\SOFTWARE\usr
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\vanBasco
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\VMware, Inc.
HKCU\SOFTWARE\VSRevoGroup
HKCU\SOFTWARE\Webcam Simulator
HKCU\SOFTWARE\Windows Live Writer
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\WinSnare
HKCU\SOFTWARE\Wintertree
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\wvc
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\PasswordBox
---\\ Contents of the Common Files folders (336) - 18s
O43 - CFD: 14/03/2017 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 14/11/2016 - [] D -- C:\Program Files (x86)\AIMP {2E5136402087ADFCCD8977967B2F00B7}
O43 - CFD: 07/02/2017 - [] AD -- C:\Program Files (x86)\amuleC1
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\AndroidControl_v1.3.1
O43 - CFD: 14/04/2017 - [] AD -- C:\Program Files (x86)\Apple Software Update =>.Apple Inc.®
O43 - CFD: 10/12/2016 - [] D -- C:\Program Files (x86)\ASIO4ALL v2
O43 - CFD: 09/07/2016 - [] D -- C:\Program Files (x86)\azskdtfaddf =>.VideoLAN®
O43 - CFD: 02/03/2017 - [] D -- C:\Program Files (x86)\baidu {5FAEE9E83F32948F3B2040AC6DF0145C}
O43 - CFD: 27/02/2017 - [] D -- C:\Program Files (x86)\Bangcar {2A9C21ACAAA63A3C58A7B9322BEE948D}
O43 - CFD: 06/03/2017 - [] AD -- C:\Program Files (x86)\BibleGratuite
O43 - CFD: 03/03/2016 - [] AD -- C:\Program Files (x86)\Bonjour =>.Apple Inc.®
O43 - CFD: 10/02/2016 - [] D -- C:\Program Files (x86)\Cambridge
O43 - CFD: 21/04/2016 - [] AD -- C:\Program Files (x86)\Cisco Packet Tracer 6.0.1
O43 - CFD: 21/04/2016 - [] D -- C:\Program Files (x86)\Cisco Packet Tracer 6.1.1sv
O43 - CFD: 23/03/2017 - [] D -- C:\Program Files (x86)\ClockworkMod
O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 13/08/2016 - [] D -- C:\Program Files (x86)\Daum =>.Daum Kakao Corp.®
O43 - CFD: 10/08/2016 - [] D -- C:\Program Files (x86)\DaumBack
O43 - CFD: 05/05/2017 - [] D -- C:\Program Files (x86)\Doulci iCloud
O43 - CFD: 05/05/2017 - [] D -- C:\Program Files (x86)\DoulCI Team
O43 - CFD: 19/04/2017 - [] HD -- C:\Program Files (x86)\DrFoneAndroid_Temp
O43 - CFD: 09/05/2017 - [] D -- C:\Program Files (x86)\Droid4X
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\F-Secure {041BB945D9BF4EFB0CA0FD633751DB8A}
O43 - CFD: 06/05/2017 - [] AD -- C:\Program Files (x86)\Firefox {57FCDAB4B0C6202BC89A0DDD4A742960}
O43 - CFD: 26/06/2016 - [] D -- C:\Program Files (x86)\Foxit Software =>.Foxit Software Incorporated®
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\FreeTime
O43 - CFD: 10/02/2016 - [] D -- C:\Program Files (x86)\GDHO
O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 10/02/2016 - [] D -- C:\Program Files (x86)\Harrap
O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\HTC
O43 - CFD: 16/02/2017 - [] D -- C:\Program Files (x86)\Image-Line {675CD761D5E622BE396492313ABC0E9A}
O43 - CFD: 21/04/2017 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield Software Corporation®
O43 - CFD: 03/04/2017 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation - pGFX®
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files (x86)\Internet Download Manager {7828C7315808BC8717710E13FA3C0B24}
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 26/05/2016 - [] D -- C:\Program Files (x86)\Jaspersoft
O43 - CFD: 27/05/2016 - [] AD -- C:\Program Files (x86)\Java =>.Oracle America, Inc.®
O43 - CFD: 04/04/2017 - [] D -- C:\Program Files (x86)\JURASSIC Universal Android Tool v.5.0.2
O43 - CFD: 14/10/2016 - [] D -- C:\Program Files (x86)\Kaspersky Lab =>.Kaspersky Lab®
O43 - CFD: 22/04/2017 - [] AD -- C:\Program Files (x86)\KB Piano 2
O43 - CFD: 13/03/2016 - [] D -- C:\Program Files (x86)\Larousse
O43 - CFD: 11/05/2016 - [] D -- C:\Program Files (x86)\Lenovo =>.LENOVO®
O43 - CFD: 21/04/2017 - [] D -- C:\Program Files (x86)\LG Electronics
O43 - CFD: 22/02/2017 - [] D -- C:\Program Files (x86)\Microleaves
O43 - CFD: 21/12/2016 - [] D -- C:\Program Files (x86)\Microsoft Chart Controls
O43 - CFD: 02/07/2016 - [] AD -- C:\Program Files (x86)\Microsoft Encarta =>.Microsoft Corporation®
O43 - CFD: 24/12/2016 - [] AD -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 01/03/2017 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Mikhail Prokofiev
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\MIO =>.Superfluous.Tencent
O43 - CFD: 26/10/2016 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 14/03/2017 - [] AD -- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 22/10/2016 - [] AD -- C:\Program Files (x86)\netcut
O43 - CFD: 11/09/2016 - [] D -- C:\Program Files (x86)\Notepad++ {055F937A9DF73DFD90BA9889E4C50A11}
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\NoteWorthy Composer
O43 - CFD: 15/03/2017 - [] D -- C:\Program Files (x86)\PC Remote {2B2F2DCBBD5B48}
O43 - CFD: 13/04/2017 - [] AD -- C:\Program Files (x86)\PdaNet for Android {01000000000129AAA07E1C}
O43 - CFD: 17/01/2017 - [] AD -- C:\Program Files (x86)\PianoFX
O43 - CFD: 10/02/2017 - [] D -- C:\Program Files (x86)\Pluratherprivasy
O43 - CFD: 26/10/2016 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 11/05/2017 - [] D -- C:\Program Files (x86)\reports
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files (x86)\Research In Motion =>.Research In Motion®
O43 - CFD: 14/04/2017 - [] AD -- C:\Program Files (x86)\Safari =>.Apple Inc.®
O43 - CFD: 09/02/2016 - [] D -- C:\Program Files (x86)\SAM CoDeC Pack
O43 - CFD: 24/12/2016 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Technologies SA®
O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Spirent Communications
O43 - CFD: 05/05/2017 - [] AD -- C:\Program Files (x86)\Survey Remover Trial
O43 - CFD: 18/04/2016 - [] D -- C:\Program Files (x86)\Test Simulator
O43 - CFD: 12/07/2016 - [] D -- C:\Program Files (x86)\TXQQBrowser =>.Superfluous.Tencent
O43 - CFD: 24/04/2017 - [] D -- C:\Program Files (x86)\Universal Advance Unlocker
O43 - CFD: 10/05/2017 - [] AD -- C:\Program Files (x86)\Usenet.nl =>.TangySoft Ltd.®
O43 - CFD: 24/04/2017 - [] D -- C:\Program Files (x86)\usr
O43 - CFD: 08/04/2017 - [] AD -- C:\Program Files (x86)\VMware =>.VMware, Inc.®
O43 - CFD: 24/04/2016 - [] D -- C:\Program Files (x86)\VS Revo Group =>.VS Revo Group®
O43 - CFD: 10/12/2016 - [] D -- C:\Program Files (x86)\VstPlugins
O43 - CFD: 17/03/2016 - [] D -- C:\Program Files (x86)\Webcam Video Capture 7.0
O43 - CFD: 14/04/2017 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 24/12/2016 - [] AD -- C:\Program Files (x86)\Windows Live =>.Microsoft Corporation®
O43 - CFD: 23/03/2017 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 14/03/2017 - [] AD -- C:\Program Files (x86)\Windows Phone =>.Microsoft Corporation®
O43 - CFD: 14/04/2017 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 09/02/2016 - [] D -- C:\Program Files (x86)\WinPcap =>.CACE Technologies, Inc.®
O43 - CFD: 13/04/2017 - [] D -- C:\Program Files (x86)\Winphone
O43 - CFD: 14/10/2016 - [] D -- C:\Program Files (x86)\WinSaber
O43 - CFD: 02/03/2017 - [] AD -- C:\Program Files (x86)\WinSnare(4.0.9)
O43 - CFD: 02/03/2017 - [] AD -- C:\Program Files (x86)\WinSnare(4.2.1)
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\Wondershare =>.BugSplat LLC®
O43 - CFD: 23/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 14/04/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 23/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
O43 - CFD: 05/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
O43 - CFD: 08/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com
O43 - CFD: 07/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 02/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Browser
O43 - CFD: 20/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry
O43 - CFD: 05/01/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Networking Academy
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer
O43 - CFD: 12/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Droid4X
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
O43 - CFD: 27/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freedome
O43 - CFD: 28/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Harrap
O43 - CFD: 06/05/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
O43 - CFD: 19/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jaspersoft
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
O43 - CFD: 04/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JURASSIC Universal Android Tool v.5.0.2
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
O43 - CFD: 17/01/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KB Piano 2
O43 - CFD: 25/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Larousse
O43 - CFD: 05/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool
O43 - CFD: 16/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Encarta
O43 - CFD: 01/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1
O43 - CFD: 20/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicLab
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
O43 - CFD: 16/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 17/01/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PianoFX STUDIO
O43 - CFD: 11/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAM CoDeC Pack
O43 - CFD: 24/12/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 06/05/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 16/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 10/05/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Usenet.nl
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 08/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
O43 - CFD: 11/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wampserver64
O43 - CFD: 24/12/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 14/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 19/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
O43 - CFD: 15/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77
O43 - CFD: 20/02/2016 - [] D -- C:\ProgramData\AomeiBR
O43 - CFD: 27/02/2017 - [] D -- C:\ProgramData\Apple
O43 - CFD: 03/03/2016 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 26/10/2016 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 14/03/2017 - [] D -- C:\ProgramData\Applications
O43 - CFD: 07/03/2017 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 06/05/2017 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\BDLogging
O43 - CFD: 08/02/2016 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 06/05/2017 - [0] D -- C:\ProgramData\ByteFence =>.Superfluous.ByteTechnologies
O43 - CFD: 26/10/2016 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 19/10/2016 - [] D -- C:\ProgramData\DwinpD
O43 - CFD: 23/04/2017 - [] D -- C:\ProgramData\F-Secure
O43 - CFD: 16/04/2016 - [] D -- C:\ProgramData\HP
O43 - CFD: 06/05/2017 - [] D -- C:\ProgramData\HTC
O43 - CFD: 06/05/2017 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 03/04/2017 - [] D -- C:\ProgramData\Intel
O43 - CFD: 11/05/2017 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 17/01/2017 - [] D -- C:\ProgramData\KB Piano
O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\LGMOBILEAX
O43 - CFD: 14/10/2016 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 08/02/2016 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 14/12/2016 - [] D -- C:\ProgramData\Microleaves
O43 - CFD: 06/05/2017 - [] ASD -- C:\ProgramData\Microsoft
O43 - CFD: 15/02/2017 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 08/02/2016 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 10/02/2016 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 03/04/2017 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 28/04/2017 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 20/04/2017 - [] D -- C:\ProgramData\Research In Motion
O43 - CFD: 24/12/2016 - [] D -- C:\ProgramData\Skype
O43 - CFD: 10/02/2016 - [] D -- C:\ProgramData\Sun
O43 - CFD: 09/02/2016 - [] D -- C:\ProgramData\Synaptics
O43 - CFD: 04/04/2017 - [] D -- C:\ProgramData\Thunder Network
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 11/05/2017 - [] AD -- C:\ProgramData\VMware
O43 - CFD: 18/02/2016 - [] D -- C:\ProgramData\VS Revo Group
O43 - CFD: 04/04/2017 - [] D -- C:\ProgramData\Wondershare
O43 - CFD: 21/06/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 14/03/2017 - [] AD -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 21/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Corel
O43 - CFD: 11/02/2017 - [] D -- C:\Program Files (x86)\Common Files\Digidesign
O43 - CFD: 21/04/2017 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 26/10/2016 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 26/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 22/04/2017 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 03/10/2016 - [] D -- C:\Program Files (x86)\Common Files\Propellerhead Software
O43 - CFD: 05/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Qualcomm Atheros
O43 - CFD: 20/04/2017 - [] AD -- C:\Program Files (x86)\Common Files\Research In Motion
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 24/12/2016 - [] AD -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 08/04/2017 - [] AD -- C:\Program Files (x86)\Common Files\ThinPrint
O43 - CFD: 08/04/2017 - [] D -- C:\Program Files (x86)\Common Files\VMware
O43 - CFD: 24/12/2016 - [] D -- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files (x86)\Common Files\XCPCSync.OEM
O43 - CFD: 20/04/2017 - [] D -- C:\Users\user\AppData\Roaming\AC3Filter
O43 - CFD: 24/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Adobe
O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Roaming\AIMP
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Andy
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Roaming\Apple Computer
O43 - CFD: 02/03/2017 - [] D -- C:\Users\user\AppData\Roaming\Baidu
O43 - CFD: 04/05/2017 - [0] D -- C:\Users\user\AppData\Roaming\BitLord =>PUP.Optional.WhenUSave
O43 - CFD: 22/05/2016 - [] D -- C:\Users\user\AppData\Roaming\Cambridge
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Corel
O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Roaming\DMCache
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\DRPSu
O43 - CFD: 08/06/2016 - [] D -- C:\Users\user\AppData\Roaming\dvdcss
O43 - CFD: 20/04/2016 - [] D -- C:\Users\user\AppData\Roaming\Edulang
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Emjysoft
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\EssentialGrammarInUse
O43 - CFD: 27/02/2017 - [] D -- C:\Users\user\AppData\Roaming\Firefox
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Foxit Software
O43 - CFD: 04/04/2017 - [] D -- C:\Users\user\AppData\Roaming\HaiYuInst
O43 - CFD: 07/05/2016 - [] D -- C:\Users\user\AppData\Roaming\hpqLog
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Roaming\HTC
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Roaming\IDM
O43 - CFD: 03/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Image-Line
O43 - CFD: 03/03/2016 - [] D -- C:\Users\user\AppData\Roaming\ImTOO
O43 - CFD: 22/05/2016 - [] D -- C:\Users\user\AppData\Roaming\InterchangeFourthEditionSelfstudyLevel1
O43 - CFD: 05/04/2017 - [] D -- C:\Users\user\AppData\Roaming\JetBrains
O43 - CFD: 15/11/2016 - [] D -- C:\Users\user\AppData\Roaming\Keolab
O43 - CFD: 10/02/2016 - [] D -- C:\Users\user\AppData\Roaming\Macromedia
O43 - CFD: 06/05/2017 - [] SD -- C:\Users\user\AppData\Roaming\Microsoft
O43 - CFD: 04/05/2017 - [] D -- C:\Users\user\AppData\Roaming\Mozilla
O43 - CFD: 10/02/2016 - [] D -- C:\Users\user\AppData\Roaming\NetBeans
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Notepad++
O43 - CFD: 15/03/2017 - [] D -- C:\Users\user\AppData\Roaming\PC Remote
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Roaming\PotPlayerMini
O43 - CFD: 09/07/2016 - [] D -- C:\Users\user\AppData\Roaming\Profiles
O43 - CFD: 04/05/2017 - [] D -- C:\Users\user\AppData\Roaming\Python-Eggs
O43 - CFD: 25/03/2016 - [] D -- C:\Users\user\AppData\Roaming\reaper
O43 - CFD: 20/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Research In Motion
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Skype
O43 - CFD: 25/02/2016 - [] D -- C:\Users\user\AppData\Roaming\SpringFiles
O43 - CFD: 01/04/2016 - [] D -- C:\Users\user\AppData\Roaming\Steam
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\SynciOS Data Transfer
O43 - CFD: 24/12/2016 - [] D -- C:\Users\user\AppData\Roaming\Tenorshare
O43 - CFD: 23/02/2016 - [] D -- C:\Users\user\AppData\Roaming\Thinstall
O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Roaming\Usenet.nl
O43 - CFD: 11/05/2017 - [] D -- C:\Users\user\AppData\Roaming\uTorrent
O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Roaming\vlc
O43 - CFD: 17/03/2016 - [] D -- C:\Users\user\AppData\Roaming\Webcam Simulator
O43 - CFD: 09/02/2016 - [] D -- C:\Users\user\AppData\Roaming\WinRAR
O43 - CFD: 04/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Wondershare
O43 - CFD: 11/05/2017 - [] D -- C:\Users\user\AppData\Roaming\ZHP
O43 - CFD: 09/07/2016 - [] D -- C:\Users\user\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
O43 - CFD: 16/04/2017 - [] D -- C:\Users\user\AppData\Local\Adobe
O43 - CFD: 05/04/2017 - [] D -- C:\Users\user\AppData\Local\Android
O43 - CFD: 09/07/2016 - [] D -- C:\Users\user\AppData\Local\app =>PUP.Optional.CrossRider
O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Local\Apple
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Apple Computer
O43 - CFD: 26/10/2016 - [0] SHD -- C:\Users\user\AppData\Local\Application Data
O43 - CFD: 07/05/2017 - [] D -- C:\Users\user\AppData\Local\background_fault
O43 - CFD: 27/02/2017 - [] D -- C:\Users\user\AppData\Local\Bangcar
O43 - CFD: 10/04/2016 - [] D -- C:\Users\user\AppData\Local\Bluestacks
O43 - CFD: 05/05/2017 - [] D -- C:\Users\user\AppData\Local\CEF
O43 - CFD: 09/05/2017 - [] D -- C:\Users\user\AppData\Local\Comms
O43 - CFD: 29/10/2016 - [] D -- C:\Users\user\AppData\Local\ConnectedDevicesPlatform
O43 - CFD: 07/05/2016 - [] D -- C:\Users\user\AppData\Local\CounterPath
O43 - CFD: 03/03/2016 - [] D -- C:\Users\user\AppData\Local\CrashRpt =>.Superfluous.CrashReports
O43 - CFD: 28/04/2017 - [] D -- C:\Users\user\AppData\Local\Diagnostics
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Downloaded Installations
O43 - CFD: 09/05/2017 - [] D -- C:\Users\user\AppData\Local\Droid4X
O43 - CFD: 13/02/2017 - [] D -- C:\Users\user\AppData\Local\Edraw
O43 - CFD: 23/04/2017 - [] D -- C:\Users\user\AppData\Local\ElevatedDiagnostics
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Local\Emjysoft
O43 - CFD: 23/04/2017 - [] D -- C:\Users\user\AppData\Local\F-Secure
O43 - CFD: 27/02/2017 - [] D -- C:\Users\user\AppData\Local\Firefox
O43 - CFD: 16/12/2016 - [] D -- C:\Users\user\AppData\Local\Foxit Reader
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Google
O43 - CFD: 26/10/2016 - [0] SHD -- C:\Users\user\AppData\Local\Historique
O43 - CFD: 11/05/2017 - [] D -- C:\Users\user\AppData\Local\HTC MediaHub
O43 - CFD: 16/03/2017 - [] D -- C:\Users\user\AppData\Local\IIIQF
O43 - CFD: 11/05/2016 - [] D -- C:\Users\user\AppData\Local\Lenovo
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Microsoft
O43 - CFD: 30/11/2016 - [] D -- C:\Users\user\AppData\Local\Microsoft Help
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Local\MicrosoftEdge
O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Local\Movavi
O43 - CFD: 01/03/2017 - [] D -- C:\Users\user\AppData\Local\MSfree Inc
O43 - CFD: 10/02/2016 - [] D -- C:\Users\user\AppData\Local\NetBeans
O43 - CFD: 09/07/2016 - [] D -- C:\Users\user\AppData\Local\niughfujuiedghergadom
O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Local\Packages
O43 - CFD: 06/05/2017 - [0] D -- C:\Users\user\AppData\Local\PeerDistRepub
O43 - CFD: 09/07/2016 - [] D -- C:\Users\user\AppData\Local\Profiles
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Programs
O43 - CFD: 21/06/2016 - [] D -- C:\Users\user\AppData\Local\PTE_Patch
O43 - CFD: 09/02/2016 - [] D -- C:\Users\user\AppData\Local\Publishers
O43 - CFD: 20/04/2017 - [] D -- C:\Users\user\AppData\Local\Research In Motion
O43 - CFD: 27/05/2016 - [] D -- C:\Users\user\AppData\Local\ScreenCapture
O43 - CFD: 27/05/2016 - [] D -- C:\Users\user\AppData\Local\ScreenCaptureStudio
O43 - CFD: 03/05/2017 - [] D -- C:\Users\user\AppData\Local\SNAREA
O43 - CFD: 15/11/2016 - [] D -- C:\Users\user\AppData\Local\speech
O43 - CFD: 03/11/2016 - [] D -- C:\Users\user\AppData\Local\SquirrelTemp
O43 - CFD: 11/05/2017 - [] D -- C:\Users\user\AppData\Local\Temp
O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Local\TempOfficeC2R3B4A8167-42E0-41D9-80E9-B6BBE6284DF1
O43 - CFD: 30/08/2016 - [] D -- C:\Users\user\AppData\Local\TempOfficeC2R8FA960D3-3AFC-437B-8F04-CFEF69CAAACB
O43 - CFD: 26/10/2016 - [0] SHD -- C:\Users\user\AppData\Local\Temporary Internet Files
O43 - CFD: 09/02/2016 - [] D -- C:\Users\user\AppData\Local\TileDataLayer
O43 - CFD: 27/05/2016 - [] D -- C:\Users\user\AppData\Local\VideoEditor
O43 - CFD: 12/04/2016 - [] D -- C:\Users\user\AppData\Local\VirtualStore
O43 - CFD: 18/02/2016 - [] D -- C:\Users\user\AppData\Local\VS Revo Group
O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Windows Live
O43 - CFD: 25/12/2016 - [] D -- C:\Users\user\AppData\Local\Windows Live Writer
O43 - CFD: 10/03/2017 - [] D -- C:\Users\user\AppData\Local\__SHARED
O43 - CFD: 16/07/2016 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/10/2016 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/04/2017 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 10/12/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cambridge
O43 - CFD: 23/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GDHO
O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
O43 - CFD: 19/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 16/07/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 07/03/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NoteWorthy Composer
O43 - CFD: 15/03/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Remote
O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PotPlayer
O43 - CFD: 19/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 05/05/2017 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 05/05/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Survey Remover Trial
O43 - CFD: 16/07/2016 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Test Simulator
O43 - CFD: 24/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Universal Advance Unlocker
O43 - CFD: 16/07/2016 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
---\\ ShellIconOverlayIdentifiers (SIOI) (8) - 0s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation
---\\ System Drivers List (124) - 8s
O58 - SDL:2016/07/16 11:41:53 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] =>.Microsoft Windows®
O58 - SDL:2012/09/24 09:40:56 A . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\WINDOWS\System32\drivers\Accelerometer.sys [43840] =>.Hewlett-Packard Company®
O58 - SDL:2016/07/16 11:41:53 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2016/07/16 11:41:53 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2016/07/16 11:41:52 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [533856] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\cht4dx64.sys [102752] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) -- C:\WINDOWS\System32\drivers\cht4sx64.sys [346976] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T4 Chipset.) -- C:\WINDOWS\System32\drivers\cht4vx64.sys [2104160] =>.Microsoft Windows®
O58 - SDL:2015/07/06 00:10:20 A . (.Kaspersky Lab ZAO - Cryptographic Module Driver x64 (Weak).) -- C:\WINDOWS\System32\drivers\cm_km.sys [389816] =>.Kaspersky Lab®
O58 - SDL:2016/10/14 15:58:30 A . (.Connectify - NDISRD helper driver.) -- C:\WINDOWS\System32\drivers\cnnctfy3.sys [35352] =>.Connectify®
O58 - SDL:2016/07/16 11:41:52 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3418976] =>.Microsoft Windows®
O58 - SDL:2009/09/09 09:23:46 A . (.Intel Corporation - BIOS Update Driver.) -- C:\WINDOWS\System32\drivers\flashud.sys [51712] =>.Intel Corporation
O58 - SDL:2017/04/23 01:50:57 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\fsfreedometap.sys [36480] {3300000012B05493EADDCEEB4B000000000012} =>.The OpenVPN Project
O58 - SDL:2016/03/10 08:03:16 A . (.VMware, Inc. - VMware USB monitor.) -- C:\WINDOWS\System32\drivers\hcmon.sys [57536] =>.VMware, Inc.®
O58 - SDL:2012/09/24 09:40:56 A . (.Hewlett-Packard Company - HP Disk Filter - SATA/RAID.) -- C:\WINDOWS\System32\drivers\hpdskflt.sys [31040] =>.Hewlett-Packard Company®
O58 - SDL:2015/06/17 19:40:54 A . (.Hewlett-Packard Company - Keyboard Filter Driver.) -- C:\WINDOWS\System32\drivers\HpqKbFiltr64.sys [37112] =>.Hewlett-Packard Company®
O58 - SDL:2016/07/16 11:41:53 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:54 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys [33280] =>.Intel(R) Corporation
O58 - SDL:2016/07/16 11:41:54 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation
O58 - SDL:2016/07/16 11:41:54 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [64512] =>.Intel Corporation
O58 - SDL:2016/07/16 11:41:54 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [176384] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group®
O58 - SDL:2016/07/16 11:41:52 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2016/07/16 11:41:50 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2015/05/29 14:05:32 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorA.sys [646408] =>.Intel Corporation - Rapid Storage Technology®
O58 - SDL:2016/07/16 11:41:53 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [526176] =>.Microsoft Windows®
O58 - SDL:2016/10/17 15:35:48 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\WINDOWS\System32\drivers\idmwfp.sys [223464] {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc.
O58 - SDL:2016/05/12 16:49:30 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [3793872] {330000B898AA86B5A39E5A1BBD00020000B898} =>.Intel Corporation
O58 - SDL:2015/08/21 11:50:48 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [463112] =>.Intel Corporation - Client Components Group®
O58 - SDL:2015/12/01 19:46:03 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\intelaud.sys [50160] {330000B7E741A34024FC3AB6E700020000B7E7} =>.Intel Corporation
O58 - SDL:2015/12/01 19:46:03 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\iwdbus.sys [38896] {330000B7E741A34024FC3AB6E700020000B7E7} =>.Intel Corporation
O58 - SDL:2015/06/22 20:40:04 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\WINDOWS\System32\drivers\kl1.sys [478392] =>.Kaspersky Lab®
O58 - SDL:2015/06/06 08:48:24 A . (.Kaspersky Lab ZAO - Backup Disk Filter [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\klbackupdisk.sys [53432] =>.Kaspersky Lab®
O58 - SDL:2015/06/27 01:30:00 A . (.Kaspersky Lab ZAO - Backup File Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klbackupflt.sys [70512] =>.Kaspersky Lab®
O58 - SDL:2016/10/14 16:01:31 A . (.AO Kaspersky Lab - Virtual Disk [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\kldisk.sys [77728] {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab
O58 - SDL:2015/06/24 01:28:32 A . (.Kaspersky Lab - Klelam Mini-Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klelam.sys [30328] =>.Microsoft Windows Early Launch Anti-malware Publisher®
O58 - SDL:2016/10/14 16:01:31 A . (.AO Kaspersky Lab - Filter Core [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klflt.sys [181640] =>.Kaspersky Lab®
O58 - SDL:2016/10/14 15:31:10 A . (.AO Kaspersky Lab - klhk [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klhk.sys [238000] {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab
O58 - SDL:2016/10/14 16:01:35 A . (.AO Kaspersky Lab - Core System Interceptors [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klif.sys [933808] {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab
O58 - SDL:2016/11/03 11:38:11 A . (.AO Kaspersky Lab - Kaspersky Lab Intermediate Network Driver [.) -- C:\WINDOWS\System32\drivers\klim6.sys [49240] {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab
O58 - SDL:2015/06/06 08:31:42 A . (.Kaspersky Lab ZAO - Keyboard Device Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klkbdflt.sys [41656] =>.Kaspersky Lab®
O58 - SDL:2015/06/07 01:52:56 A . (.Kaspersky Lab ZAO - Mouse Device Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klmouflt.sys [41656] =>.Kaspersky Lab®
O58 - SDL:2016/10/14 16:01:35 A . (.AO Kaspersky Lab - Format Recognizer [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\klpd.sys [41352] =>.Kaspersky Lab®
O58 - SDL:2016/10/14 16:01:35 A . (.AO Kaspersky Lab - WFP Network Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klwfp.sys [87984] {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab
O58 - SDL:2015/06/16 21:56:32 A . (.Kaspersky Lab ZAO - WFP Network Connection Filter Driver [fre_w.) -- C:\WINDOWS\System32\drivers\klwtp.sys [102584] =>.Kaspersky Lab®
O58 - SDL:2015/06/23 18:30:50 A . (.Kaspersky Lab ZAO - Network Processor [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\kneps.sys [187056] =>.Kaspersky Lab®
O58 - SDL:2013/02/21 11:23:06 A . (.Google Inc - ADB Interface.) -- C:\WINDOWS\System32\drivers\lgandadb.sys [31744] =>.Google Inc
O58 - SDL:2014/10/10 09:20:36 A . (.LG Electronics Inc. - LGE AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgandnetbus64.sys [20992] =>.LG Electronics Inc.
O58 - SDL:2014/10/10 09:20:34 N . (.LG Electronics Inc. - LGE AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgandnetdiag64.sys [30720] =>.LG Electronics Inc.
O58 - SDL:2014/10/10 09:20:34 N . (.LG Electronics Inc. - LGE AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgandnetmodem64.sys [37376] =>.LG Electronics Inc.
O58 - SDL:2013/05/06 14:48:18 A . (.LG Electronics Inc. - LGE VZW AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgvzandnetdiag64.sys [29696] =>.LG Electronics Inc.
O58 - SDL:2013/05/06 14:48:52 A . (.LG Electronics Inc. - LGE VZW AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgvzandnetmdm64.sys [36864] =>.LG Electronics Inc.
O58 - SDL:2016/07/16 11:41:53 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108896] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [105824] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [101216] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82776] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] =>.Microsoft Windows®
O58 - SDL:2016/10/05 10:09:07 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] =>.Microsoft Windows®
O58 - SDL:2012/08/29 10:50:38 A . (.MusicLab, Inc. - MusicLab Virtual MIDI Device.) -- C:\WINDOWS\System32\drivers\mlkumidi.sys [57408] {0100000000012E75558FAC}
O58 - SDL:2016/07/16 11:41:53 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [842584] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [108896] =>.Microsoft Windows®
O58 - SDL:2012/12/07 10:28:06 A . (.Khalil Azzouzi - Azzouzi HotSpot helper driver.) -- C:\WINDOWS\System32\drivers\ndiskhaz.sys [30536] {112143B4795DF5D1366AD8607B2770CC1649}
O58 - SDL:2016/07/16 11:42:03 A . (...) -- C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624]
O58 - SDL:2015/06/11 20:59:24 A . (.MediaTek Inc. - MediaTek 802.11 Wireless Adapter Driver.) -- C:\WINDOWS\System32\drivers\netr28x.sys [2554528] =>.MEDIATEK INC.®
O58 - SDL:2010/06/25 17:07:26 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\WINDOWS\System32\drivers\npf.sys [35344] =>.CACE Technologies, Inc.®
O58 - SDL:2016/07/16 11:41:53 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58720] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [61792] =>.Microsoft Windows®
O58 - SDL:2011/11/25 00:25:52 A . (.June Fabrics Technology Inc. - PdaNet Broadband Adapter Driver.) -- C:\WINDOWS\System32\drivers\pneteth.sys [15360]
O58 - SDL:2012/12/10 15:48:02 A . (.Research in Motion Ltd - RIM Virtual Serial Driver.) -- C:\WINDOWS\System32\drivers\RimSerial_AMD64.sys [44544] =>.Research in Motion Ltd
O58 - SDL:2013/01/03 13:50:48 A . (.Research In Motion Limited - BlackBerry Device Driver.) -- C:\WINDOWS\System32\drivers\RimUsb_AMD64.sys [78336] =>.Research In Motion Limited
O58 - SDL:2015/05/29 02:14:22 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Dr.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [886528] =>.Realtek Semiconductor Corp®
O58 - SDL:2014/11/24 23:49:46 A . (.Ralink Technology, Corp. - Ralink Bluetooth Adapter.) -- C:\WINDOWS\System32\drivers\rtbth.sys [1206384] =>.MEDIATEK INC.®
O58 - SDL:2015/06/01 14:44:54 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\WINDOWS\System32\drivers\RtsP2Stor.sys [301784] =>.Realtek Semiconductor Corp®
O58 - SDL:2016/07/16 11:41:53 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows®
O58 - SDL:2016/06/27 18:07:35 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys [52392] =>.Synaptics Incorporated®
O58 - SDL:2016/06/27 18:07:35 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [52904] =>.Synaptics Incorporated®
O58 - SDL:2016/06/27 18:07:35 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys [52904] =>.Synaptics Incorporated®
O58 - SDL:2016/10/26 12:00:50 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [131712] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2016/10/26 12:00:45 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [165504] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2016/07/16 11:41:53 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows®
O58 - SDL:2016/06/27 18:07:41 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [622784] =>.Synaptics Incorporated®
O58 - SDL:2016/04/12 19:32:03 A . (.Tencent Technology(Shenzhen) Company Limited - TAOKernel.) -- C:\WINDOWS\System32\drivers\TAOKernelEx64.sys [132344] {52048B9C8A67E28F0CC8CC75813DDC5A} =>.Superfluous.Tencent
O58 - SDL:2011/04/25 13:37:38 A . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\tap0901.sys [31232] =>.The OpenVPN Project
O58 - SDL:2016/03/28 22:01:56 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [186424] {5600000027396847078B466FFF000000000027} =>.Intel Corporation
O58 - SDL:2016/04/25 10:32:07 A . (.Huorong Borui (Beijing) Technology Co., Ltd. - Huorong Network Security Core Kext.) -- C:\WINDOWS\System32\drivers\ucguard.sys [80768] {348A4D46C9A1A9EDC2B4818465A66BED} =>.Huorong Borui (Beijing) Technology Co., Ltd.
O58 - SDL:2016/08/07 04:53:25 A . (.MBB - USB Modem/Serial Device Driver.) -- C:\WINDOWS\System32\drivers\usb2ser.sys [151184] {7FE63AB8AB9D36964BC29EAD7641180A} =>.MBB
O58 - SDL:2015/06/17 17:04:24 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\drivers\usbaapl64.sys [54784] =>.Apple, Inc.
O58 - SDL:2014/05/16 14:04:46 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\WINDOWS\System32\drivers\VBoxDrv.sys [254240] =>.Oracle Corporation®
O58 - SDL:2015/10/02 14:36:10 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Host-Only Network Adapt.) -- C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [117768] =>.Oracle Corporation®
O58 - SDL:2015/10/02 14:36:10 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Lightweight Filter Driv.) -- C:\WINDOWS\System32\drivers\VBoxNetLwf.sys [146584] =>.Oracle Corporation®
O58 - SDL:2015/11/05 19:25:42 A . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\WINDOWS\System32\drivers\vmci.sys [90816] =>.VMware, Inc.®
O58 - SDL:2016/04/14 16:53:32 A . (.VMware, Inc. - VMware virtual network driver (64-bit).) -- C:\WINDOWS\System32\drivers\vmnet.sys [27328] =>.VMware, Inc.®
O58 - SDL:2016/04/14 16:53:32 A . (.VMware, Inc. - VMware virtual network adapter driver (64-b.) -- C:\WINDOWS\System32\drivers\vmnetadapter.sys [28864] =>.VMware, Inc.®
O58 - SDL:2016/04/14 16:53:32 A . (.VMware, Inc. - VMware bridge driver (64-bit).) -- C:\WINDOWS\System32\drivers\vmnetbridge.sys [48832] =>.VMware, Inc.®
O58 - SDL:2016/04/14 16:53:42 A . (.VMware, Inc. - VMware network application interface driver.) -- C:\WINDOWS\System32\drivers\vmnetuserif.sys [26816] =>.VMware, Inc.®
O58 - SDL:2016/04/14 17:17:44 A . (.VMware, Inc. - VMware kernel driver.) -- C:\WINDOWS\System32\drivers\vmx86.sys [66752] =>.VMware, Inc.®
O58 - SDL:2016/07/16 11:41:53 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] =>.Microsoft Windows®
O58 - SDL:2015/11/05 19:25:42 A . (.VMware, Inc. - VMware vSockets Service.) -- C:\WINDOWS\System32\drivers\vsock.sys [75512] =>.VMware, Inc.®
O58 - SDL:2016/07/16 11:41:53 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows®
O58 - SDL:2016/02/19 01:23:38 A . (.Western Digital Technologies, Inc. - Western Digital SCSI Architecture Model (SA.) -- C:\WINDOWS\System32\drivers\wdcsam64.sys [26880] =>.WDKTestCert wdclab,130885612892544312®
O58 - SDL:2016/07/16 11:41:53 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [32096] =>.Microsoft Windows®
O58 - SDL:2016/07/16 11:41:53 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [64864] =>.Microsoft Windows®
O58 - SDL:2015/06/23 18:24:48 A . (.HP Inc. - HP Wireless Button Driver.) -- C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384] =>.Hewlett-Packard Company®
O58 - SDL:2017/05/06 22:05:02 A . (.Google Inc - ADB Interface.) -- C:\WINDOWS\System32\drivers\wsadb.sys [40720] =>.Shenzhen Wondershare Information Technology Co., Ltd.®
O58 - SDL:2012/11/22 20:05:58 A . (.MBB Incorporated - CDROM Filter.) -- C:\WINDOWS\System32\drivers\ztembbmassfilter.sys [15360] =>.MBB Incorporated
O58 - SDL:2012/11/23 11:06:10 A . (.ZTE Incorporated - ZTE Incorporated.) -- C:\WINDOWS\System32\drivers\ztembbusbmdm.sys [123264] =>.ZTE Incorporated
O58 - SDL:2012/11/23 11:06:16 A . (.ZTE Incorporated - ZTE Incorporated.) -- C:\WINDOWS\System32\drivers\ztembbusbnmea.sys [123264] =>.ZTE Incorporated
O58 - SDL:2012/11/23 11:06:24 A . (.ZTE Incorporated - ZTE Incorporated.) -- C:\WINDOWS\System32\drivers\ztembbusbser6k.sys [123264] =>.ZTE Incorporated
O58 - SDL:2013/05/07 14:27:12 A . (...) -- C:\WINDOWS\System32\ambakdrv.sys [30648]
O58 - SDL:2013/05/07 14:27:12 A . (...) -- C:\WINDOWS\System32\ammntdrv.sys [151480]
O58 - SDL:2013/02/06 15:52:48 A . (...) -- C:\WINDOWS\System32\amwrtdrv.sys [17848]
O58 - SDL:2013/09/30 15:26:50 N . (...) -- C:\WINDOWS\System32\pwdrvio.sys [19152] =>.MiniTool Solution Ltd®
O58 - SDL:2013/09/30 15:26:48 N . (...) -- C:\WINDOWS\System32\pwdspio.sys [12504] =>.MiniTool Solution Ltd®
---\\ Last modified or created user files (11) - 83s
O61 - LFC: 2017/05/04 20:24:33 A . (..) -- C:\Users\user\Downloads\Programs\BitLord-Installer.exe [441408] {7D10B220FDFA59C2BD4E1AF300EBA218} =>PUP.Optional.WhenUSave
O61 - LFC: 2017/05/04 20:42:23 A . (..) -- C:\Users\user\Downloads\Programs\BitLord_v2.3.2.exe [36929416] =>PUP.Optional.WhenUSave
O61 - LFC: 2017/05/04 20:49:29 A . (.Hekomacidi.) -- C:\Users\user\Downloads\Programs\intel-r-extreme-graphics-driver.exe [1265608] {4BA54A70AEBC69BFA87C05E1}
O61 - LFC: 2017/05/06 22:36:19 A . (.Copyright (c) 2016 HTC Corporation.) -- C:\Users\user\Downloads\Programs\setup_3.1.77.0_htc_NO_EULA.exe [147561816] {075A2ADEE8FFDBE2C3B45353F62202DC}
O61 - LFC: 2017/05/06 18:13:55 RA . (..) -- C:\Users\user\AppData\Roaming\Microsoft\Installer\{76C39E3D-0A9D-453C-80E3-D4FA454BE16B}\_B03BBBBDCA6E22E5A7F457.exe [32038]
O61 - LFC: 2017/05/06 18:13:55 RA . (..) -- C:\Users\user\AppData\Roaming\Microsoft\Installer\{76C39E3D-0A9D-453C-80E3-D4FA454BE16B}\_E4A40A3216341D7F72DB1C.exe [32038]
O61 - LFC: 2017/05/03 11:32:38 A . (.InterSect Alliance Pty Ltd.) -- C:\Users\user\AppData\Local\SNAREA\Snare.dll [826368]
O61 - LFC: 2017/05/11 00:15:23 A . (..) -- C:\Users\user\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin [16148]
O61 - LFC: 2017/05/03 06:30:56 A . (..) -- C:\Users\user\AppData\Local\background_fault\cfsa_blob.bin [365056]
O61 - LFC: 2017/05/07 20:17:32 A . (..) -- C:\Users\user\AndroidStudioProjects\MyApplication2\gradlew.bat [2404]
O61 - LFC: 2017/05/07 19:55:33 N . (.Java(TM) Native Access (JNA).) -- C:\Users\user\.AndroidStudio2.3\system\tmp\jna3765821241993789922.dll [198144]
---\\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
---\\ Start Menu Internet (16) - 0s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Search Browser Infection (7) - 1s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (yoursites123) - http://yoursites123.com/ =>PUP.Optional.YourSites123
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {33BB0A4E-99AF-4226-BDF6-49120163DE86} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
---\\ Search Svchost Services (46) - 2s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [193536] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [193536] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [305152] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\WINDOWS\System32\gpsvc.dll [1227264] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\WINDOWS\System32\ikeext.dll [932352] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\WINDOWS\System32\iphlpsvc.dll [945664] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\WINDOWS\System32\appinfo.dll [125952] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\WINDOWS\system32\iscsiexe.dll [151552] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\WINDOWS\System32\eapsvc.dll [112128] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\WINDOWS\system32\schedsvc.dll [948224] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [222720] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [134656] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [387072] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\WINDOWS\System32\wercplsupport.dll [94208] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll [161792] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\WINDOWS\system32\themeservice.dll [70656] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\WINDOWS\System32\lfsvc.dll [37376] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [407552] =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infrared Monitor.) -- C:\WINDOWS\System32\irmon.dll [25088] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [105472] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [658432] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [496128] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\System32\sens.dll [70656] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\System32\ipnathlp.dll [541696] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [309248] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2316288] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll [1054208] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [617472] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [57344] =>.Microsoft Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) -- C:\WINDOWS\system32\WpnService.dll [234496] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1025536] =>.Microsoft Corporation
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [183808] =>.Microsoft Corporation
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [650752] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\WINDOWS\System32\bdesvc.dll [361472] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [197632] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\WINDOWS\System32\ncasvc.dll [167936] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [197632] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [358400] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [1020928] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1159680] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight Settings.) -- C:\WINDOWS\system32\flightsettings.dll [635904] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [1016320] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [549376] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\WINDOWS\system32\wlidsvc.dll [2104320] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\WINDOWS\System32\NetSetupSvc.dll [265728] =>.Microsoft Corporation
---\\ Firewall Active Exception List (11) - 2s
O87 - FAEL: "UDP Query User{3D6EDC27-3C16-4793-A44C-68793171A281}C:\program files (x86)\cisco packet tracer 6.0.1\bin\packettracer6.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\cisco packet tracer 6.0.1\bin\packettracer6.exe
O87 - FAEL: "TCP Query User{AFDE4892-E83D-4CA6-AEE7-6784084FC9DA}C:\program files (x86)\cisco packet tracer 6.0.1\bin\packettracer6.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\cisco packet tracer 6.0.1\bin\packettracer6.exe
O87 - FAEL: "{1FC1D3AF-6852-4C8E-BAA5-19743ABA7C06}" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe (.not file.) =>.Superfluous.Tencent
O87 - FAEL: "{C2243631-B50D-4FC7-85AC-13C73FDC34F0}" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe (.not file.) =>.Superfluous.Tencent
O87 - FAEL: "UDP Query User{B151C79D-A79C-46D6-84BD-DE27B56C7282}C:\users\user\documents\mes cours\isig international\semestre 5\infographie\info\eclipse-standard-kepler-sr1-win32-x86_64\eclipse\eclipse.exe" [In-None-P17-TRUE] .(...) -- C:\users\user\documents\mes cours\isig international\semestre 5\infographie\info\eclipse-standard-kepler-sr1-win32-x86_64\eclipse\eclipse.exe
O87 - FAEL: "TCP Query User{79228387-395D-4280-BBFE-185E71B100BC}C:\users\user\documents\mes cours\isig international\semestre 5\infographie\info\eclipse-standard-kepler-sr1-win32-x86_64\eclipse\eclipse.exe" [In-None-P6-TRUE] .(...) -- C:\users\user\documents\mes cours\isig international\semestre 5\infographie\info\eclipse-standard-kepler-sr1-win32-x86_64\eclipse\eclipse.exe
O87 - FAEL: "{C0E1C359-D28A-4444-B473-B76CBFFC9FFB}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC}
O87 - FAEL: "{CEA24433-EA03-4CF2-81E5-6EDEBC1A8870}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC}
O87 - FAEL: "{4A5FCDAD-77D8-4760-BC5B-8C39F2BB6F40}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O87 - FAEL: "{0D0041D1-49FC-46E5-B938-2C39A9E4EC6A}" [In-None-P6-TRUE] .(.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe {5FAEE9E83F32948F3B2040AC6DF0145C}
O87 - FAEL: "{CD70F6FD-0B21-4556-BD39-B2642F74A8E9}" [In-None-P17-TRUE] .(.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe {5FAEE9E83F32948F3B2040AC6DF0145C}
---\\ Search Tracing Registry Key (2) - 1s
HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 =>.Superfluous.ByteTechnologies
HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS =>.Superfluous.ByteTechnologies
---\\ Additional Scan (O88) (28) - 0s
HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI =>HackTool.KMSpico
C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
C:\WINDOWS\Tasks\UCBrowserUpdater.job =>PUP.Optional.CertifiedToolbar
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart =>HackTool.KMSpico
C:\WINDOWS\System32\Tasks\Browser Updater Task(Core) =>.Superfluous.Tencent
C:\WINDOWS\System32\Tasks\UCBrowserUpdater =>PUP.Optional.CertifiedToolbar
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 =>HackTool.KMSpico
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\doulCi™ Activator tool 2.0.14 =>.Superfluous.DoulCiActivator
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\doulCi™ Activator tool 2.0.14 =>.Superfluous.DoulCiActivator
HKLM\SOFTWARE\Wow6432Node\3B878D788DA34B0EA09AC0543ABB3821 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\ihpmserver =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\RayDld =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\3B878D788DA34B0EA09AC0543ABB3821 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
C:\ProgramData\ByteFence =>.Superfluous.ByteTechnologies
C:\Users\user\AppData\Roaming\BitLord =>PUP.Optional.WhenUSave
C:\Users\user\AppData\Local\app =>PUP.Optional.CrossRider
C:\Users\user\AppData\Local\CrashRpt =>.Superfluous.CrashReports
C:\WINDOWS\System32\drivers\TAOKernelEx64.sys =>.Superfluous.Tencent
C:\Users\user\Downloads\Programs\BitLord-Installer.exe =>PUP.Optional.WhenUSave
C:\Users\user\Downloads\Programs\BitLord_v2.3.2.exe =>PUP.Optional.WhenUSave
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} =>PUP.Optional.YourSites123
HKLM64\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 =>.Superfluous.ByteTechnologies
HKLM64\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS =>.Superfluous.ByteTechnologies
---\\ Summary of the elements found (11) - 0s
http://www.nicolascoolman.fr/?p=989 =>HackTool.KMSpico
http://www.nicolascoolman.fr/?p=577 =>PUP.Optional.CertifiedToolbar
http://www.nicolascoolman.fr/?p=368 =>.Superfluous.Tencent
http://www.nicolascoolman.fr/?p=316 =>PUP.Optional.MyPCBackup
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.DoulCiActivator
http://www.nicolascoolman.fr/?p=180 =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Downloader
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.ByteTechnologies
http://www.nicolascoolman.fr/?p=880 =>PUP.Optional.WhenUSave
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.CrashReports
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.YourSites123
~ End of the scan, 64016 items in 05h58mn32s (1419)(0)