cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.7.7.85 By Nicolas Coolman (2015\07\07)
~ Run by HP (Administrator) (2015/07/08 13:56:17)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\HP\Desktop\ZHPDiag.txt
~ Report: C:\Users\HP\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
~ Windows 8, 64-bit (Build 9200)

---\\ Internet Browsers (2) - 0s
MFIE: Mozilla v39.0
MSIE: Internet Explorer v10.0.9200.17377

---\\ Windows Product Information (3) - 19s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Activation Technologies : OK

---\\ System protection software (1) - 1s
Kaspersky Anti-Virus v14.0.0.4651

---\\ Surveillance software (1) - 1s
Adobe Flash Player 18 NPAPI

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 4074328
~ System Restore: Activé (Enable)
~ System drive C: has 115 GB free of 460 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: ADMIN
~ User Name: HP
~ Logged in as Administrator

---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 115 GB free of 460 GB (System)
~ Drive D: has 2 GB free of 2 GB
~ Drive F: has 2 GB free of 13 GB

---\\ Search Generic System Files (22) - 5s
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2391280]
[MD5.3A6209AC494296C24C2065CB4392B5F4] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [51712]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [132608]
[MD5.5F448285F3C91222B670D4130A101B08] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [2237440]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [118784]
[MD5.58CC013EFA9893057160EDA018D8ADCE] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [145920]
[MD5.14EE56050E1637926F5CFA65B1F4209B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [404480]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [117248]
[MD5.AA37946941ED3805AB3A924965907147] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [328000]

---\\ Process running (29) - 10s
[MD5.FEB02219C74A594894C95AF65C602EF9] - (.DigitalPersona, Inc. - DigitalPersona Local Host.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [488824] [PID.928]
[MD5.634C0CDC3F63AED52982A15C21FA9939] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\stacsv64.exe [327680] [PID.716]
[MD5.9F0B4584F9AB393CA599CB0D6191FD46] - (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) -- C:\Windows\System32\vcsFPService.exe [2714232] [PID.1244]
[MD5.2BB7E9A887F26CDB5C19C76636E85394] - (.APN LLC. - APN Updater.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [178568] [PID.1676] =>Toolbar.Ask
[MD5.0D2F8F4055903A762AD46204E5A42E86] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512] [PID.1916]
[MD5.8920E111F8FED2D8CB986EFD0A241148] - (.Bandoo Media Inc. - Datamngr Coordinator.) -- C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe [3204296] [PID.848] =>PUP.Optional.CrossRider
[MD5.C6128F2E3DC6156C6F8828F9F1B96010] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160] [PID.1284]
[MD5.2098AF12149789FA6608422C8796F77C] - (.IBM Corp - IBM Lotus Notes/Domino.) -- C:\Lotus\Notes\SUService.exe [189832] [PID.2200]
[MD5.E4FA829273FDF5BD20FC9804FD5F9C20] - (.IBM - wnsd.) -- C:\Lotus\Notes\nsd.exe [4453768] [PID.2224]
[MD5.FF54EA1617D15711690D5EF054512C21] - (.IBM Corp - IBM Lotus Notes/Domino.) -- C:\Lotus\Notes\ntmulti.exe [71048] [PID.2256]
[MD5.3B7809B1516E4EE23F9E36B9FA3DAD54] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1135752] [PID.2288]
[MD5.0A002153EC354442AAAB3C447971EC47] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976] [PID.5812]
[MD5.C9E2D38B73524AF3B281299BA04E5205] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe [1005352] [PID.4632]
[MD5.2E560F042E48C1A01D44B6FF31D9DE2C] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe [1060216] [PID.4124]
[MD5.9D8D9550FCF2CCBA9A29ECD56902A0E6] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe [1664000] [PID.5196]
[MD5.0A7E2E2B10CE1F3530148E6824E79C53] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\x64\3\E_IATIEFE.EXE [221696] [PID.6096]
[MD5.451C1EE6B7BDF5010C3F84DEBCDEC37D] - (.DigitalPersona, Inc. - DigitalPersona 64-bit Helper Process.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe [352152] [PID.3164]
[MD5.67272527C5ACBA8DBE7F64CA1313DFE4] - (.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\HP\AppData\Local\iLivid\iLivid.exe [8146632] [PID.3012] =>PUP.Optional.Bandoo
[MD5.8DACA62F3E15E45EBAF7AE51A609CBC1] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [2892992] [PID.4500]
[MD5.B7995C675014EEBE77A0BEB7AFCCFC08] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432] [PID.6112]
[MD5.A1741C3B79F9DF8895E05EF43579E74B] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.1496]
[MD5.CDFC99A7EE69D8134DF01D02BD9F7D2D] - (.CyberLink Corp. - CyberLink YouCam Tray.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167024] [PID.3192]
[MD5.CDB517386A26AE420CB24BDB3CD88779] - (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448] [PID.2040]
[MD5.4E9AF25BA5E8219310E384AEA5B0EED8] - (.CyberLink - CyberLink MediaLibrary Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576] [PID.2884]
[MD5.B1227EEFFA56DA6D374169FFFFD17228] - (.APN - Ask Toolbar Notifier.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1684360] [PID.2724] =>Toolbar.Ask
[MD5.14D6542607ACD4B2D1DDB1A36E0D8813] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744] [PID.4164]
[MD5.D471F27FE3414238839979D4203143B3] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [1853632] [PID.4292]
[MD5.0A3544D7E9AF7D8C991C904339157EDC] - (.Valve Corporation - Steam Client Service.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe [837312] [PID.1252]
[MD5.322E14EB5937F4769A44042D1F5EDF52] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [182000] [PID.6424]

---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) (10) - 2s
G2 - GCE: Extension [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [blbkdnmdcafmfhinpmnlhhddbepgkeaa] __MSG_ExtensionName__
G2 - GCE: Extension [User Data\Default] [dchlnpcodkpfdpacogkljefecpegganj] __MSG_ExtensionName__
G2 - GCE: Extension [User Data\Default] [gmlllbghnfkpflemihljekbapjopfjik] Bookmark Manager
G2 - GCE: Extension [User Data\Default] [hghkgaeecgjhjkannahfamoehjmkjail] __MSG_ExtensionName__
G2 - GCE: Extension [User Data\Default] [jagncdcchgajhfhijbbhecadmaiegcmh] __MSG_ExtensionName__
G2 - GCE: Extension [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Extension [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call
G2 - GCE: Extension [User Data\Default] [ncffjdbbodifgldkcbhmiiljfcnbgjab] DigitalPersona Extension
G2 - GCE: Extension [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) (18) - 5s
M0 - MFSP: prefs.js [HP - s4yfl5uu.default-1377281913100] http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1184&v=n15946-707&t=4 =>Toolbar.Ask
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazondotcom.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\twitter.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited.) -- C:\Users\HP\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.71.2] - (.Oracle Corporation.) -- C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.71.2] - (.Oracle Corporation.) -- C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Skype Technologies S.A..com/Skype Web Plugin] - (.Skype.) -- C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin.dll
P2 - FPN: [HKLM] [digitalpersona.com/ChromeDPAgent] - (.DigitalPersona, Inc..) -- C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (19) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/ =>Toolbar.Ask
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} Orphean
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Proxy Management (R5) (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.0.0.2:80
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 1s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Object (BHO) (O2) (10) - 1s
O2 - BHO: ContentBlockerBrowserHelperObject [64Bits] - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} . (.Kaspersky Lab ZAO - Content Blocker Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: (no name) [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Orphean)
O2 - BHO: VirtualKeyboardBrowserHelperObject [64Bits] - {73455575-E40C-433C-9784-C78DC7761455} . (.Kaspersky Lab ZAO - Virtual Keyboard Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: (no name) [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (Orphean)
O2 - BHO: (no name) [64Bits] - {95B7759C-8C7F-4BF1-B163-73684A933233} (Orphean)
O2 - BHO: Safe Money Plugin [64Bits] - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} . (.Kaspersky Lab ZAO - Safe Money Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: (no name) [64Bits] - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} (Orphean)
O2 - BHO: Movies Search App (Dist. by Bandoo Media, Inc.) [64Bits] - {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} . (.IAC Search and Media, Inc. - dtx Dynamic Link Library.) -- C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll =>PUP.Optional.Bandoo
O2 - BHO: (no name) [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} (Orphean)
O2 - BHO: link filter bho [64Bits] - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab ZAO - URL Advisor Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll

---\\ Internet Explorer Toolbars (O3) (2) - 0s
O3 - Toolbar: MyAshampoo Toolbar - [HKLM]{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} . (...) -- (.not file.) =>Toolbar.Agent
O3 - Toolbar: Movies Search App (Dist. by Bandoo Media, Inc.) - [HKLM]{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} . (.IAC Search and Media, Inc. - dtx Dynamic Link Library.) -- C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx.dll =>PUP.Optional.Bandoo

---\\ Auto loading programs from Registry and folders (O4) (28) - 2s
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [Power2GoExpress8] (Orphean)
O4 - HKCU\..\Run: [EPSON Stylus SX200 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEFE.EXE
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\HP\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [iLivid] . (.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [YouCam Mirage] . (.CyberLink - YouCam Mirage.) -- c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
O4 - HKLM\..\Wow6432Node\Run: [YouCam Tray] . (.CyberLink Corp. - CyberLink YouCam Tray.) -- c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Wow6432Node\Run: [RIMBBLaunchAgent.exe] . (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer_For_P2G8] . (.CyberLink - CyberLink MediaLibrary Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
O4 - HKLM\..\Wow6432Node\Run: [CLVirtualDrive] . (.CyberLink Corp. - CyberLink Virtual Drive.) -- C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
O4 - HKLM\..\Wow6432Node\Run: [QLBController] . (.Hewlett-Packard Company - QLBController.) -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
O4 - HKUS\S-1-5-21-3526586236-2254187543-317414105-1002\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-3526586236-2254187543-317414105-1002\..\Run: [Power2GoExpress8] (Orphean)
O4 - HKUS\S-1-5-21-3526586236-2254187543-317414105-1002\..\Run: [EPSON Stylus SX200 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEFE.EXE
O4 - HKUS\S-1-5-21-3526586236-2254187543-317414105-1002\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\HP\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-3526586236-2254187543-317414105-1002\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-3526586236-2254187543-317414105-1002\..\Run: [iLivid] . (.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - HKUS\S-1-5-21-3526586236-2254187543-317414105-1002\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe

---\\ Global shortcuts Startup (O4G) (7) - 17s
O4 - GS\Desktop [Administrator]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - GS\Quicklaunch [Administrator]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - GS\Desktop [Guest]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - GS\Quicklaunch [Guest]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - GS\Desktop [HP]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - GS\Quicklaunch [HP]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - GS\Programs [Public]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo

---\\ Lop.com/Domain Hijackers (O17) (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.35.96.66 212.35.96.98
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 212.35.96.66 212.35.96.98
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) (22) - 2s
O23 - Service: Ask Update Service (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask
O23 - Service: Kaspersky Anti-Virus Service (avp) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) . (.Bandoo Media Inc. - Datamngr Coordinator.) - C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe =>PUP.Optional.MoviesToolbar
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security (DpHost) . (.DigitalPersona, Inc. - DigitalPersona Local Host.) - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: F06DEFF2-5B9C-490D-910F-35D3A9119622 (F06DEFF2-5B9C-490D-910F-35D3A9119622) . (...) - C:\Program Files (x86)\Movies App\Datamngr\x64\setmgrc3.cfg (.not file.) =>PUP.Optional.CrossRider
O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: hpHotkeyMonitor (hpHotkeyMonitor) . (.Hewlett-Packard Company - hpHotkeyMonitor Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: @oem27.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\system32\Hpservice.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lotus Notes Smart Upgrade Service (LNSUSvc) . (.IBM Corp - IBM Lotus Notes/Domino.) - C:\Lotus\Notes\SUService.exe
O23 - Service: Lotus Notes Diagnostics (Lotus Notes Diagnostics) . (.IBM - wnsd.) - C:\Lotus\Notes\nsd.exe
O23 - Service: Multi-user Cleanup Service (Multi-user Cleanup Service) . (.IBM Corp - IBM Lotus Notes/Domino.) - C:\Lotus\Notes\ntmulti.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) . (.PDF Complete Inc - Dispatcher.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @C:\Windows\system32\stlang64.dll,-10101 (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\stacsv64.exe
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) . (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) - C:\Windows\System32\vcsFPService.exe

---\\ Task Planned Automatically (O39) (14) - 1s
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3526586236-2254187543-317414105-1002Core.job [906]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3526586236-2254187543-317414105-1002UA.job [928]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3526586236-2254187543-317414105-1002Core.job [856]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3526586236-2254187543-317414105-1002UA.job [908]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\HPCeeScheduleForHP.job [332]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3718]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3526586236-2254187543-317414105-1002Core [3420]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3526586236-2254187543-317414105-1002UA [3770]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3526586236-2254187543-317414105-1002Core [3468]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3526586236-2254187543-317414105-1002UA [3848]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\HPCeeScheduleForHP [3140]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements [2990]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{FAD92F42-A4B0-4A92-BA79-82B6BEDB75F5} [3128]

---\\ Software installed (O42) (85) - 9s
O42 - Logiciel: EPSON Stylus SX200 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM][64Bits] -- EPSON Stylus SX200 Series
O42 - Logiciel: Face Recognition for HP ProtectTools - (.Hewlett-Packard Company.) [HKLM][64Bits] -- Face Recognition for HP ProtectTools
O42 - Logiciel: HP ProtectTools Security Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- HPProtectTools
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Energy Star - (.Hewlett-Packard.) [HKLM][64Bits] -- {0FA995CC-C849-4755-B14B-5404CC75DC24}
O42 - Logiciel: Visual Studio 2010 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {21B133D6-5979-47F0-BE1C-F6A6B304693F}
O42 - Logiciel: HP ProtectTools Security Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {29EACA23-7D93-4F6E-B179-752C70CBF296}
O42 - Logiciel: Device Access Manager for HP ProtectTools - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {55B52830-024A-443E-AF61-61E1E71AFA1B}
O42 - Logiciel: HP Postscript Converter - (.Hewlett-Packard.) [HKLM][64Bits] -- {6E14E6D6-3175-4E1A-B934-CAB5A86367CD}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Validity Fingerprint Sensor Driver - (.Validity Sensors, Inc..) [HKLM][64Bits] -- {AA51ED2E-DCE7-415F-9C32-CB9B561D216D}
O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {C35A147C-5037-443A-9BF8-A5E7C2154CE4}
O42 - Logiciel: Face Recognition for HP ProtectTools - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {D3A775F2-2674-4452-8D80-1FC1446052EE}
O42 - Logiciel: HP Registration Service - (.Hewlett-Packard.) [HKLM][64Bits] -- {E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {FA00A3CC-7440-4938-A271-F186F50DD40D}
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Ashampoo Burning Studio 10.0.3 - (.ashampoo GmbH & Co. KG.) [HKLM][64Bits] -- Ashampoo Burning Studio 10_is1
O42 - Logiciel: BlackBerry Device Manager 7.1 - (.Research In Motion Ltd..) [HKLM][64Bits] -- BlackBerry_HandheldManager
O42 - Logiciel: EPSON Scan - (...) [HKLM][64Bits] -- EPSON Scanner
O42 - Logiciel: EPSON Stylus SX200_SX400_TX200_TX400 Manual - (...) [HKLM][64Bits] -- EPSON Stylus SX200_SX400_TX200_TX400 User’s Guide
O42 - Logiciel: Movies Search App for Firefox (Dist. by Bandoo Media, Inc.) - (.IAC Search and Media, Inc..) [HKLM][64Bits] -- ilividbandoomoviestoolbarFF =>PUP.Optional.Bandoo
O42 - Logiciel: Movies Search App for Internet Explorer (Dist. by Bandoo Media, Inc.) - (.IAC Search and Media, Inc..) [HKLM][64Bits] -- ilividbandoomoviestoolbarIE =>PUP.Optional.Bandoo
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Theft Recovery for HP ProtectTools - (.Hewlett-Packard Company.) [HKLM][64Bits] -- InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}
O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM][64Bits] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}
O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
O42 - Logiciel: CyberLink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: CyberLink PowerDVD - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: Kaspersky Anti-Virus - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}
O42 - Logiciel: Mozilla Firefox 39.0 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0 (x86 en-US)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: MyAshampoo Toolbar - (...) [HKLM][64Bits] -- MyAshampoo Toolbar
O42 - Logiciel: PDF Complete Corporate Edition - (.PDF Complete, Inc.) [HKLM][64Bits] -- PDF Complete
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: Theft Recovery for HP ProtectTools - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}
O42 - Logiciel: Skype Web Plugin - (.Skype Technologies S.A..) [HKLM][64Bits] -- {15AF46DB-9EBA-4662-AA52-29EF23585035}
O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: Skype™ 7.5 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: JMicron Flash Media Controller Driver - (.JMicron Technology Corp..) [HKLM][64Bits] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C}
O42 - Logiciel: Java 7 Update 71 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F03217071FF}
O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
O42 - Logiciel: EPSON Scan Assistant - (...) [HKLM][64Bits] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}
O42 - Logiciel: HP ESU for Microsoft Windows 8 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {2F8A00FC-1F12-44B2-AA37-F9A358EDC161}
O42 - Logiciel: HP Wireless Button Driver - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {30B2D1D8-0A07-4B71-9553-0710C5D31E35}
O42 - Logiciel: HP System Default Settings - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {357FE1E9-5890-4697-95DD-B15E01B4AA2A}
O42 - Logiciel: HP HD Webcam Driver - (.Sonix.) [HKLM][64Bits] -- {399C37FB-08AF-493B-BFED-20FBD85EDF7F}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {42EDF895-158C-484E-A7F2-42B90759F281}
O42 - Logiciel: EPSON File Manager - (...) [HKLM][64Bits] -- {46CBBDF8-55B5-40DB-B459-7B848394309C}
O42 - Logiciel: CyberLink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {4862344A-A39C-4897-ACD4-A1BED5163C5A}
O42 - Logiciel: Search App by Ask - (.APN, LLC.) [HKLM][64Bits] -- {4F524A2D-5350-4500-76A7-A758B70C1D00} =>PUP.Optional.BrowserTabSearch
O42 - Logiciel: HP Quick Start - (.Hewlett-Packard.) [HKLM][64Bits] -- {574F0207-8E98-46CD-8F79-318348C98C46}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {675D093B-815D-47FD-AB2C-192EC751E8E2}
O42 - Logiciel: InstallVC90Support - (.Novatel Wireless.) [HKLM][64Bits] -- {6B9C32DB-DBCD-45A8-B901-3A92A99A2474}
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.2.3 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: Kaspersky Anti-Virus - (.Kaspersky Lab.) [HKLM][64Bits] -- {6F6873E3-5C92-4049-B511-231A138DD090}
O42 - Logiciel: HP Hotkey Support - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {7F7E2060-7212-4A53-9875-55173E4BA3F0}
O42 - Logiciel: EPSON Easy Photo Print - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {8A8F8391-4C2C-4BE1-A984-CD4A5A546467}
O42 - Logiciel: Ralink RT5390R 802.11b/g/n Wi-Fi Adapter - (.Mediatek.) [HKLM][64Bits] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}
O42 - Logiciel: Evernote v. 4.6 - (.Evernote Corp..) [HKLM][64Bits] -- {A23AADDA-3DBF-11E2-A6F2-984BE15F174E}
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM][64Bits] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: HP SoftPaq Download Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {B50981AD-95E8-4E4D-912A-7C4B738387CA}
O42 - Logiciel: WinZip 16.5 - (.WinZip Computing, S.L. .) [HKLM][64Bits] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240D2}
O42 - Logiciel: HP Software Setup - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {D1E7D876-6B86-4B35-A93D-15B0D6C43EAF}
O42 - Logiciel: CyberLink PowerDVD - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: BlackBerry Device Manager 7.1 - (.Research In Motion Ltd..) [HKLM][64Bits] -- {DEDCB237-C4A0-42DD-A03B-F1006942D730}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}
O42 - Logiciel: Lotus Notes 8.5.3 - (.IBM.) [HKLM][64Bits] -- {E36FB5F6-94FE-47BF-9FBE-6D8CBCFB0269}
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM][64Bits] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Realtek Ethernet Controller All-In-One Windows Driver - (.Realtek.) [HKLM][64Bits] -- {F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {FCD58C04-324A-40D1-BA9E-1A754DF1736D}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
O42 - Logiciel: iLivid - (.Bandoo Media Inc.) [HKCU][64Bits] -- iLivid =>PUP.Optional.Bandoo

---\\ HKCU & HKLM Software Keys (104) - 9s
HKLM\SOFTWARE\Wow6432Node\ABBYY
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Ashampoo
HKLM\SOFTWARE\Wow6432Node\AskPartnerNetwork =>Toolbar.Ask
HKLM\SOFTWARE\Wow6432Node\Avg Secure Update
HKLM\SOFTWARE\Wow6432Node\Caphyon
HKLM\SOFTWARE\Wow6432Node\Cogent Inc.
HKLM\SOFTWARE\Wow6432Node\Conduit =>PUP.Optional.Conduit
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\Datamngr =>PUP.Optional.Datamngr
HKLM\SOFTWARE\Wow6432Node\Dell
HKLM\SOFTWARE\Wow6432Node\DigitalPersona
HKLM\SOFTWARE\Wow6432Node\EPSON
HKLM\SOFTWARE\Wow6432Node\Evernote
HKLM\SOFTWARE\Wow6432Node\FLEXnet
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard Company
HKLM\SOFTWARE\Wow6432Node\HPQ
HKLM\SOFTWARE\Wow6432Node\IBM
HKLM\SOFTWARE\Wow6432Node\IDT
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\IVTUPDATE
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Lake
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\LogMeInRescueCallingCard
HKLM\SOFTWARE\Wow6432Node\Lotus
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Mediatek
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\MyAshampoo =>Toolbar.Agent
HKLM\SOFTWARE\Wow6432Node\Nico Mak Computing
HKLM\SOFTWARE\Wow6432Node\Novatel Wireless
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\One Time Password Providers
HKLM\SOFTWARE\Wow6432Node\PDFComplete
HKLM\SOFTWARE\Wow6432Node\Ralink
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Research In Motion
HKLM\SOFTWARE\Wow6432Node\Sierra Wireless Inc
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SkypeWebPlugin
HKLM\SOFTWARE\Wow6432Node\Sonix
HKLM\SOFTWARE\Wow6432Node\Validity
HKLM\SOFTWARE\Wow6432Node\Valve
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\ABBYY
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\APNDTX
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Ashampoo
HKCU\SOFTWARE\AskPartnerNetwork =>Toolbar.Ask
HKCU\SOFTWARE\Avg Secure Update
HKCU\SOFTWARE\AVG Security Toolbar =>Toolbar.AVGSearch
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\DigitalPersona
HKCU\SOFTWARE\EPSON
HKCU\SOFTWARE\Evernote
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\FLEXnet
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\iLivid =>PUP.Optional.Bandoo
HKCU\SOFTWARE\ilividbandoomoviestoolbar =>PUP.Optional.Bandoo
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\KasperskyLab
HKCU\SOFTWARE\Lake
HKCU\SOFTWARE\Lotus
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nico Mak Computing
HKCU\SOFTWARE\Novatel Wireless
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\PDFComplete
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Research In Motion
HKCU\SOFTWARE\SEIKO EPSON
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\The Creative Assembly
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\WinZip Computing
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Monitored
HKCU\SOFTWARE\AppDataLow\Software\MyAshampoo =>Toolbar.Agent
HKCU\SOFTWARE\AppDataLow\Software\settings

---\\ Contents of the Common Files folders (O43) (187) - 16s
O43 - CFD: 2014/09/04 10:32:06 - [] D -- C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
O43 - CFD: 2013/06/29 19:30:47 - [] D -- C:\Program Files (x86)\Ashampoo
O43 - CFD: 2014/08/04 12:20:14 - [] D -- C:\Program Files (x86)\AskPartnerNetwork =>Toolbar.Ask
O43 - CFD: 2014/08/27 20:54:38 - [] D -- C:\Program Files (x86)\AVG Security Toolbar =>Toolbar.AVGSearch
O43 - CFD: 2013/03/10 13:30:07 - [] D -- C:\Program Files (x86)\Bonjour
O43 - CFD: 2015/05/11 20:52:56 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2014/07/24 13:43:16 - [] D -- C:\Program Files (x86)\CyberLink
O43 - CFD: 2014/09/04 10:32:16 - [] D -- C:\Program Files (x86)\epson
O43 - CFD: 2013/07/26 14:42:53 - [] D -- C:\Program Files (x86)\Evernote
O43 - CFD: 2014/07/24 13:57:52 - [] D -- C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 2014/09/04 10:35:54 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2013/03/10 13:21:30 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/06/19 18:38:30 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2014/12/16 21:02:11 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2013/03/10 13:12:30 - [] D -- C:\Program Files (x86)\JMicron
O43 - CFD: 2014/08/24 09:29:17 - [] D -- C:\Program Files (x86)\Kaspersky Lab
O43 - CFD: 2014/09/03 23:54:46 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/05/17 09:45:22 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2013/06/29 19:35:35 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 2013/06/29 19:31:28 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 2014/06/08 09:16:55 - [] D -- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 2013/06/29 19:34:57 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/05/10 01:35:28 - [] D -- C:\Program Files (x86)\Movies App =>PUP.Optional.CrossRider
O43 - CFD: 2015/07/07 22:02:59 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/07/07 22:03:02 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2013/06/29 19:35:52 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2013/06/29 19:31:47 - [] D -- C:\Program Files (x86)\MyAshampoo
O43 - CFD: 2013/06/29 19:25:56 - [] RD -- C:\Program Files (x86)\Online Services
O43 - CFD: 2013/07/26 16:15:25 - [] D -- C:\Program Files (x86)\PDF Complete
O43 - CFD: 2012/11/21 16:03:55 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2012/08/02 00:35:12 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2014/03/02 13:58:19 - [] D -- C:\Program Files (x86)\Research In Motion
O43 - CFD: 2015/06/15 19:17:47 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2014/12/13 22:59:10 - [] D -- C:\Program Files (x86)\SkypeWebPlugin
O43 - CFD: 2015/07/07 20:19:54 - [] D -- C:\Program Files (x86)\Steam
O43 - CFD: 2015/05/20 06:36:52 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2013/06/29 22:24:33 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2013/07/08 15:24:08 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2012/07/26 11:13:01 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2012/07/26 11:12:59 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2013/07/07 00:22:59 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2012/07/26 11:13:01 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2012/07/26 11:12:59 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2013/06/29 19:29:50 - [] D -- C:\Program Files (x86)\WinZip
O43 - CFD: 2014/09/04 10:32:02 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
O43 - CFD: 2012/07/26 11:13:01 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2014/10/20 23:16:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/10/16 11:48:56 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2013/06/29 19:31:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
O43 - CFD: 2014/03/02 13:58:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry
O43 - CFD: 2013/06/29 19:29:35 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
O43 - CFD: 2014/09/04 10:29:10 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
O43 - CFD: 2014/09/04 10:35:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Creativity Suite
O43 - CFD: 2013/03/10 13:31:04 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 2014/04/29 23:37:08 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
O43 - CFD: 2013/03/10 13:21:35 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 2014/12/16 21:02:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2015/01/08 16:02:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lotus Applications
O43 - CFD: 2012/07/26 11:13:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2013/06/29 19:36:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2015/05/16 20:12:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2013/07/26 16:06:16 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
O43 - CFD: 2014/07/24 13:45:03 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
O43 - CFD: 2014/09/09 08:48:45 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
O43 - CFD: 2014/09/16 22:10:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2013/06/29 19:30:06 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2015/05/11 20:52:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 2013/07/08 15:22:34 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2012/07/26 10:52:44 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2014/12/07 07:02:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2013/06/29 19:30:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
O43 - CFD: 2014/09/04 09:02:57 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2014/08/04 12:20:02 - [] D -- C:\ProgramData\APN
O43 - CFD: 2013/03/10 13:30:03 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2012/07/26 10:22:08 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2013/06/29 19:31:43 - [] D -- C:\ProgramData\ashampoo
O43 - CFD: 2014/08/04 12:20:14 - [] D -- C:\ProgramData\AskPartnerNetwork =>Toolbar.Ask
O43 - CFD: 2014/08/27 20:54:28 - [] D -- C:\ProgramData\Avg_Update_0814tb
O43 - CFD: 2013/06/29 19:37:54 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2015/01/04 18:50:02 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2015/06/19 18:51:01 - [] D -- C:\ProgramData\Datamngr =>PUP.Optional.Datamngr
O43 - CFD: 2012/07/26 10:22:08 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2012/07/26 10:22:08 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2014/09/04 10:28:50 - [] D -- C:\ProgramData\EPSON
O43 - CFD: 2013/03/10 13:01:17 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 2014/04/29 23:32:03 - [] D -- C:\ProgramData\Hewlett-Packard
O43 - CFD: 2013/07/26 14:13:27 - [] D -- C:\ProgramData\HPQLOG
O43 - CFD: 2014/07/24 13:46:21 - [] D -- C:\ProgramData\install_clap
O43 - CFD: 2013/03/10 13:12:14 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2015/07/08 12:45:04 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 2013/03/10 13:02:10 - [] D -- C:\ProgramData\Macrovision
O43 - CFD: 2014/09/03 23:36:41 - [] D -- C:\ProgramData\MFAData
O43 - CFD: 2015/01/30 19:19:33 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/06/15 17:41:59 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2013/06/29 19:32:27 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2013/11/27 20:39:58 - [] D -- C:\ProgramData\Novatel Wireless
O43 - CFD: 2014/12/16 21:02:41 - [0] D -- C:\ProgramData\Oracle
O43 - CFD: 2015/07/06 14:29:41 - [] D -- C:\ProgramData\PDFC
O43 - CFD: 2013/07/10 10:36:25 - [] D -- C:\ProgramData\PRICache
O43 - CFD: 2013/03/10 13:24:34 - [] D -- C:\ProgramData\Qualcomm Atheros
O43 - CFD: 2013/03/10 13:17:24 - [] D -- C:\ProgramData\Ralink Driver
O43 - CFD: 2012/07/26 10:52:44 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/06/15 17:38:20 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2012/07/26 10:22:08 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2013/08/22 20:50:41 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2013/03/10 13:41:04 - [] D -- C:\ProgramData\Temp
O43 - CFD: 2012/07/26 10:22:08 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2014/09/04 10:33:57 - [] D -- C:\ProgramData\UDL
O43 - CFD: 2013/03/10 13:43:37 - [0] D -- C:\ProgramData\Validity
O43 - CFD: 2013/06/29 19:31:33 - [] D -- C:\ProgramData\WinZip
O43 - CFD: 2014/04/29 23:33:21 - [] D -- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
O43 - CFD: 2014/07/24 13:44:58 - [] D -- C:\Program Files (x86)\Common Files\CyberLink
O43 - CFD: 2014/06/10 18:09:42 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2014/09/04 10:34:11 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2013/03/10 13:21:22 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2012/11/21 16:05:13 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 2014/12/16 21:02:34 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2014/06/08 09:17:02 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2013/03/10 13:29:07 - [] D -- C:\Program Files (x86)\Common Files\Nikon
O43 - CFD: 2013/03/10 13:10:44 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 2014/03/02 13:58:20 - [] D -- C:\Program Files (x86)\Common Files\Research In Motion
O43 - CFD: 2012/07/26 11:13:01 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2014/09/16 22:10:35 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2013/07/26 14:26:18 - [] D -- C:\Program Files (x86)\Common Files\SNP2UVC
O43 - CFD: 2015/07/07 20:20:54 - [] D -- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 2014/06/12 18:56:36 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2013/07/01 09:33:38 - [] D -- C:\Users\HP\AppData\Roaming\Adobe
O43 - CFD: 2014/07/24 18:57:46 - [] D -- C:\Users\HP\AppData\Roaming\CyberLink
O43 - CFD: 2013/06/29 19:26:00 - [] D -- C:\Users\HP\AppData\Roaming\DigitalPersona
O43 - CFD: 2015/05/27 17:15:22 - [] D -- C:\Users\HP\AppData\Roaming\dvdcss
O43 - CFD: 2014/09/04 11:27:50 - [] D -- C:\Users\HP\AppData\Roaming\EPSON
O43 - CFD: 2013/07/26 14:16:23 - [] D -- C:\Users\HP\AppData\Roaming\FLEXnet
O43 - CFD: 2013/07/26 14:29:17 - [] D -- C:\Users\HP\AppData\Roaming\Hewlett-Packard
O43 - CFD: 2014/07/24 13:50:45 - [] D -- C:\Users\HP\AppData\Roaming\hpqlog
O43 - CFD: 2013/06/29 19:26:01 - [] D -- C:\Users\HP\AppData\Roaming\Identities
O43 - CFD: 2014/08/11 12:34:02 - [] D -- C:\Users\HP\AppData\Roaming\IDT
O43 - CFD: 2014/09/03 21:58:18 - [] D -- C:\Users\HP\AppData\Roaming\InstallShield
O43 - CFD: 2013/06/29 19:27:52 - [] D -- C:\Users\HP\AppData\Roaming\Intel Corporation
O43 - CFD: 2013/07/01 12:08:40 - [] D -- C:\Users\HP\AppData\Roaming\Macromedia
O43 - CFD: 2013/07/26 14:16:26 - [] D -- C:\Users\HP\AppData\Roaming\Macrovision
O43 - CFD: 2014/09/09 00:16:52 - [] SD -- C:\Users\HP\AppData\Roaming\Microsoft
O43 - CFD: 2013/06/29 18:28:15 - [] D -- C:\Users\HP\AppData\Roaming\Mozilla
O43 - CFD: 2014/12/16 21:15:18 - [] D -- C:\Users\HP\AppData\Roaming\Oracle
O43 - CFD: 2015/07/08 13:49:33 - [] D -- C:\Users\HP\AppData\Roaming\Skype
O43 - CFD: 2013/06/29 19:28:11 - [] D -- C:\Users\HP\AppData\Roaming\Synaptics
O43 - CFD: 2015/05/14 19:28:39 - [] D -- C:\Users\HP\AppData\Roaming\The Creative Assembly
O43 - CFD: 2013/06/29 19:39:17 - [] D -- C:\Users\HP\AppData\Roaming\TuneUp Software
O43 - CFD: 2015/05/27 22:43:51 - [] D -- C:\Users\HP\AppData\Roaming\vlc
O43 - CFD: 2015/07/08 13:51:48 - [] D -- C:\Users\HP\AppData\Roaming\ZHP
O43 - CFD: 2015/07/08 13:11:22 - [] D -- C:\Users\HP\AppData\Local\Adobe
O43 - CFD: 2013/06/29 19:24:41 - [0] SHD -- C:\Users\HP\AppData\Local\Application Data
O43 - CFD: 2013/06/29 19:31:43 - [] D -- C:\Users\HP\AppData\Local\ashampoo
O43 - CFD: 2014/08/04 12:20:19 - [] D -- C:\Users\HP\AppData\Local\AskPartnerNetwork =>Toolbar.Ask
O43 - CFD: 2013/06/29 18:57:37 - [] D -- C:\Users\HP\AppData\Local\Cyberlink
O43 - CFD: 2015/05/15 19:50:48 - [0] D -- C:\Users\HP\AppData\Local\Diagnostics
O43 - CFD: 2013/06/29 19:26:00 - [] D -- C:\Users\HP\AppData\Local\DigitalPersona
O43 - CFD: 2013/11/18 02:40:36 - [] D -- C:\Users\HP\AppData\Local\Downloaded Installations
O43 - CFD: 2014/10/23 20:42:13 - [0] D -- C:\Users\HP\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2014/09/08 23:48:50 - [] D -- C:\Users\HP\AppData\Local\Facebook
O43 - CFD: 2013/11/12 20:51:09 - [] D -- C:\Users\HP\AppData\Local\Google
O43 - CFD: 2014/07/24 14:33:20 - [] D -- C:\Users\HP\AppData\Local\Hewlett-Packard
O43 - CFD: 2013/06/29 19:24:41 - [0] SHD -- C:\Users\HP\AppData\Local\History
O43 - CFD: 2013/07/26 15:10:53 - [0] D -- C:\Users\HP\AppData\Local\HP Quick Start
O43 - CFD: 2015/05/10 01:37:29 - [] D -- C:\Users\HP\AppData\Local\iLivid =>PUP.Optional.Bandoo
O43 - CFD: 2013/08/23 21:59:01 - [] D -- C:\Users\HP\AppData\Local\Macromedia
O43 - CFD: 2013/06/29 19:37:54 - [] D -- C:\Users\HP\AppData\Local\MFAData
O43 - CFD: 2014/09/04 11:52:29 - [] D -- C:\Users\HP\AppData\Local\Microsoft
O43 - CFD: 2013/12/11 19:21:46 - [] D -- C:\Users\HP\AppData\Local\Microsoft Help
O43 - CFD: 2013/10/22 22:45:05 - [] D -- C:\Users\HP\AppData\Local\Mozilla
O43 - CFD: 2014/09/09 00:26:39 - [] D -- C:\Users\HP\AppData\Local\Packages
O43 - CFD: 2015/05/01 12:41:41 - [] D -- C:\Users\HP\AppData\Local\PDFC
O43 - CFD: 2013/06/29 19:26:57 - [] D -- C:\Users\HP\AppData\Local\Power2Go8
O43 - CFD: 2013/07/26 14:15:12 - [] D -- C:\Users\HP\AppData\Local\Programs
O43 - CFD: 2014/03/12 21:15:32 - [] D -- C:\Users\HP\AppData\Local\Skype
O43 - CFD: 2014/12/14 12:38:00 - [] D -- C:\Users\HP\AppData\Local\SkypeWebPlugin
O43 - CFD: 2015/05/11 21:16:51 - [] D -- C:\Users\HP\AppData\Local\Steam
O43 - CFD: 2015/07/08 13:49:43 - [] D -- C:\Users\HP\AppData\Local\Temp
O43 - CFD: 2013/06/29 19:24:41 - [0] SHD -- C:\Users\HP\AppData\Local\Temporary Internet Files
O43 - CFD: 2013/09/28 08:33:53 - [] D -- C:\Users\HP\AppData\Local\VirtualStore
O43 - CFD: 2013/06/29 19:30:04 - [] D -- C:\Users\HP\AppData\Local\WinZip
O43 - CFD: 2012/07/26 11:13:00 - [] RD -- C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2012/07/26 11:13:00 - [] RD -- C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/03/14 12:21:50 - [] RD -- C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2013/06/29 19:34:02 - [] D -- C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2012/07/26 11:13:00 - [] D -- C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/03/14 12:21:50 - [] RD -- C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2012/07/26 11:13:00 - [] RD -- C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

---\\ System Drivers List (SDL) (O58) (70) - 12s
O58 - SDL:2012/07/26 08:00:49 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [106736]
O58 - SDL:2012/09/07 20:11:00 A . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\drivers\Accelerometer.sys [43328]
O58 - SDL:2012/07/26 08:00:49 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [492272]
O58 - SDL:2012/07/26 08:00:48 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [340720]
O58 - SDL:2012/07/26 08:00:49 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [184048]
O58 - SDL:2012/07/26 08:00:49 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [76016]
O58 - SDL:2012/07/26 08:00:49 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [258288]
O58 - SDL:2012/07/26 08:00:48 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [26352]
O58 - SDL:2012/07/26 08:00:49 A . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [104688]
O58 - SDL:2012/07/26 08:00:48 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [108272]
O58 - SDL:2012/07/26 01:53:22 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [11926528]
O58 - SDL:2012/06/29 05:00:48 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [360448]
O58 - SDL:2012/09/20 10:55:24 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [533224]
O58 - SDL:2013/03/05 12:01:42 A . (.CyberLink - It is a virtual device driver which could c.) -- C:\Windows\System32\drivers\CLVirtualDrive.sys [91712]
O58 - SDL:2012/11/09 21:03:16 A . (.Hewlett-Packard Company - HP ProtectTools Device Access Manager Drive.) -- C:\Windows\System32\drivers\DAMDrv64.sys [64832]
O58 - SDL:2012/06/02 17:31:38 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -- C:\Windows\System32\drivers\e1i63x64.sys [333824]
O58 - SDL:2012/09/20 10:55:27 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3265256]
O58 - SDL:2013/12/22 23:27:22 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [62784]
O58 - SDL:2012/09/07 20:11:00 A . (.Hewlett-Packard Company - HP Disk Filter - SATA/RAID.) -- C:\Windows\System32\drivers\hpdskflt.sys [31040]
O58 - SDL:2012/08/28 01:15:20 A . (.Hewlett-Packard Company - Keyboard Filter Driver.) -- C:\Windows\System32\drivers\HpqKbFiltr.sys [26504]
O58 - SDL:2012/07/26 08:00:52 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64752]
O58 - SDL:2012/08/28 04:01:12 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [646712]
O58 - SDL:2012/07/26 08:00:52 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [411888]
O58 - SDL:2012/08/23 22:09:02 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [9000256]
O58 - SDL:2012/07/26 08:00:52 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [45296]
O58 - SDL:2012/06/19 05:40:50 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [342528]
O58 - SDL:2014/06/23 16:35:00 A . (.JMicron Technology Corporation - JMicron PCIe Flash Media Controller Driver.) -- C:\Windows\System32\drivers\jmcr.sys [176880]
O58 - SDL:2014/08/24 10:58:33 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\drivers\kl1.sys [458336]
O58 - SDL:2014/08/24 10:58:33 A . (.Kaspersky Lab - Klelam Mini-Filter [fre_win8_x64].) -- C:\Windows\System32\drivers\klelam.sys [29792]
O58 - SDL:2014/08/24 10:58:34 A . (.Kaspersky Lab ZAO - Filter Core [fre_win8_x64].) -- C:\Windows\System32\drivers\klflt.sys [115296]
O58 - SDL:2014/08/24 10:58:35 A . (.Kaspersky Lab ZAO - Klif Mini-Filter [fre_win8_x64].) -- C:\Windows\System32\drivers\klif.sys [625760]
O58 - SDL:2014/08/24 10:58:35 A . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) -- C:\Windows\System32\drivers\klim6.sys [30304]
O58 - SDL:2014/08/24 10:58:36 A . (.Kaspersky Lab ZAO - KLKBDFLT Keyboard Device Filter [fre_win8_x.) -- C:\Windows\System32\drivers\klkbdflt.sys [29280]
O58 - SDL:2014/08/24 10:58:36 A . (.Kaspersky Lab ZAO - KLMOUFLT Mouse Device Filter [fre_win8_x64].) -- C:\Windows\System32\drivers\klmouflt.sys [29280]
O58 - SDL:2013/04/12 15:34:48 A . (.Kaspersky Lab ZAO - KLPD [fre_wnet_x64].) -- C:\Windows\System32\drivers\klpd.sys [15456]
O58 - SDL:2014/08/24 10:58:36 A . (.Kaspersky Lab ZAO - Network filtering component [RC_BUILD_OPT].) -- C:\Windows\System32\drivers\klwfp.sys [65120]
O58 - SDL:2014/08/24 10:58:37 A . (.Kaspersky Lab ZAO - KNEPS Power [fre_wnet_amd64].) -- C:\Windows\System32\drivers\kneps.sys [178272]
O58 - SDL:2012/07/26 08:00:52 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [108784]
O58 - SDL:2012/07/26 08:00:52 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [92400]
O58 - SDL:2012/07/26 08:00:52 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [116976]
O58 - SDL:2012/07/26 08:00:52 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [81136]
O58 - SDL:2012/07/26 08:00:52 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [51952]
O58 - SDL:2012/07/26 08:00:52 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [353008]
O58 - SDL:2012/07/26 08:00:55 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [64240]
O58 - SDL:2014/03/29 14:11:06 A . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28x.sys [2532552]
O58 - SDL:2012/07/26 08:00:55 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [52464]
O58 - SDL:2012/07/26 08:00:55 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150256]
O58 - SDL:2012/07/26 08:00:55 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168176]
O58 - SDL:2009/05/15 14:34:30 A . (.Novatel Wireless Inc. - Novatel Wireless USB Modem/Serial Device Dr.) -- C:\Windows\System32\drivers\nwvmmdm.sys [213376]
O58 - SDL:2009/05/15 14:34:30 A . (.Novatel Wireless Inc. - Novatel Wireless USB Modem/Serial Device Dr.) -- C:\Windows\System32\drivers\nwvmser.sys [213376]
O58 - SDL:2009/05/15 14:34:30 A . (.Novatel Wireless Inc. - Novatel Wireless USB Modem/Serial Device Dr.) -- C:\Windows\System32\drivers\nwvmser2.sys [213376]
O58 - SDL:2009/08/24 18:53:24 A . (.Printing Communications Assoc., Inc. (PCAUSA) - PCAUSA NDIS 5.0 SPR Protocol Driver (AMD64).) -- C:\Windows\System32\drivers\PCASp50a64.sys [41280]
O58 - SDL:2011/07/20 13:58:22 A . (.Research in Motion Ltd - RIM Virtual Serial Driver.) -- C:\Windows\System32\drivers\RimSerial_AMD64.sys [44032]
O58 - SDL:2011/07/25 17:44:46 A . (.Research In Motion Limited - BlackBerry Device Driver.) -- C:\Windows\System32\drivers\RimUsb_AMD64.sys [74752]
O58 - SDL:2012/06/13 08:41:22 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\Windows\System32\drivers\Rt630x64.sys [683664]
O58 - SDL:2012/07/26 11:11:43 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040]
O58 - SDL:2012/07/26 08:00:55 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44784]
O58 - SDL:2012/07/26 08:00:56 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81648]
O58 - SDL:2012/08/15 05:39:28 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272]
O58 - SDL:2012/08/15 05:39:28 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832]
O58 - SDL:2012/11/20 14:14:40 A . (.Copyright 2001-2012 - UVC Camera Streaming Driver.) -- C:\Windows\System32\drivers\snp2uvc.sys [1866080]
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [108800]
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys [206080]
O58 - SDL:2012/07/26 08:00:55 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [30960]
O58 - SDL:2013/07/26 14:31:58 A . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\drivers\stwrt64.sys [543744]
O58 - SDL:2013/10/30 03:52:48 A . (.Synaptics Incorporated - Synaptics Touchpad 64-bit Driver.) -- C:\Windows\System32\drivers\SynTP.sys [549104]
O58 - SDL:2012/07/26 08:00:58 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19184]
O58 - SDL:2012/07/26 08:00:58 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [164080]
O58 - SDL:2012/07/26 08:00:58 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [322800]
O58 - SDL:2015/06/18 02:27:54 A . (.HP Inc. - HP Wireless Button Driver.) -- C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384]

---\\ Last modified or created user files (O61) (6) - 319s
O61 - LFC: 2015/07/08 10:43:55 A . (..) -- C:\Users\HP\AppData\Local\Google\Update\Install\{37E6D7AA-187F-4820-9EA7-1D275090C5AA}\43.0.2357.132_43.0.2357.124_chrome_updater.exe [2952784]
O61 - LFC: 2015/07/08 10:43:55 A . (..) -- C:\Users\HP\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.132\43.0.2357.132_43.0.2357.124_chrome_updater.exe [2952784]
O61 - LFC: 2015/07/07 06:49:03 A . (..) -- C:\Users\HP\AppData\Local\Google\Chrome\Application\43.0.2357.132\libexif.dll [310088]
O61 - LFC: 2015/07/07 05:25:11 A . (..) -- C:\Users\HP\AppData\Local\Google\Chrome\Application\43.0.2357.132\natives_blob.bin [410937]
O61 - LFC: 2015/07/07 05:25:12 A . (..) -- C:\Users\HP\AppData\Local\Google\Chrome\Application\43.0.2357.132\snapshot_blob.bin [449780]
O61 - LFC: 2015/07/07 06:49:05 A . (..) -- C:\Users\HP\AppData\Local\Google\Chrome\Application\43.0.2357.132\PepperFlash\pepflashplayer.dll [16285512]

---\\ File Associations Shell Spawning (O67) (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

---\\ Start Menu Internet (SMI) (O68) (8) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe

---\\ Search Browser Infection (SBI) (O69) (9) - 8s
O69 - SBI: prefs.js [HP - s4yfl5uu.default-1377281913100] user_pref("browser.search.defaultenginename", "Ask.com"); =>Toolbar.Ask
O69 - SBI: prefs.js [HP - s4yfl5uu.default-1377281913100] user_pref("browser.search.order.1", "Ask.com"); =>Toolbar.Ask
O69 - SBI: prefs.js [HP - s4yfl5uu.default-1377281913100] user_pref("browser.search.selectedEngine", "Ask.com"); =>Toolbar.Ask
O69 - SBI: prefs.js [HP - s4yfl5uu.default-1377281913100] user_pref("browser.startup.homepage", "http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1184&v=n15946-707&t=4"); =>Toolbar.Ask
O69 - SBI: prefs.js [HP - s4yfl5uu.default-1377281913100] user_pref("keyword.URL", "http://dts.search.ask.com/sr?src=ffb&gct=ds&appid=1184&systemid=406&v=n15946-707&apn_dtid=BND406&apn_ptn[...] =>PUP.Optional.Bandoo
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} [DefaultScope] - (AVG Secure Search) - http://mysearch.avg.com/
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Ask.com) - http://dts.search.ask.com/ =>PUP.Optional.Bandoo
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (MyAshampoo Customized Web Search) - http://search.conduit.com/ =>PUP.Optional.Conduit

---\\ Search Svchost Services (SSS) (O83) (34) - 7s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [204288]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [305664]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [1160192]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\sens.dll [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [3286016]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1287680]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\system32\wlidsvc.dll [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\ncasvc.dll [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - System Events Broker.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224]

---\\ Firewall Active Exception List (FirewallRules) (O87) (4) - 6s
O87 - FAEL: "{1D88C071-07D2-4434-95FC-FC56007D72BF}" [In-None-P6-TRUE] .(.IAC Search and Media, Inc. - DtUser.) -- C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\dtuser.exe =>PUP.Optional.CrossRider
O87 - FAEL: "{BDC870F9-BF5A-40A6-B0EE-E9B03F4F67B0}" [In-None-P17-TRUE] .(.IAC Search and Media, Inc. - DtUser.) -- C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\dtuser.exe =>PUP.Optional.CrossRider
O87 - FAEL: "{6E32781F-86F3-4622-BF05-8F14A6594061}" [In-None-P6-TRUE] .(.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O87 - FAEL: "{573E6F38-C062-4A13-B55F-C67C4C531FC8}" [In-None-P17-TRUE] .(.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo

---\\ Windows Installer Scan (WIS)(NTFS)(O93) (1) - 14s
[MD5.] [WIS][2015/05/26 22:43:38] (.APN, LLC - Ask.com ® - Install Builder.) -- C:\Windows\Installer\8d55a0ec.msi [528384] =>PUP.Optional.Bandoo

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) (28) - 21s
SS - Demand [2015/07/08 13:09:44] [ 268976] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - Auto [2015/04/28 09:22:04] [ 178568] Ask Update Service (APNMCP) . (.APN LLC..) - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
SR - Auto [2014/08/24 09:50:10] [ 214512] Kaspersky Anti-Virus Service (avp) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
SR - Auto [2011/08/31 09:05:32] [ 462184] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - Demand [2012/08/25 22:52:04] [ 276288] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe
SR - Auto [2015/03/22 08:05:08] [ 3204296] Datamngr Coordinator (DatamngrCoordinator) . (.Bandoo Media Inc..) - C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe
SR - Auto [2012/10/26 13:50:32] [ 488824] @C:\Program Files\Hewlett-Packard\HP ProtectTools Security (DpHost) . (.DigitalPersona, Inc..) - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
SS - Demand [2012/11/19 20:13:00] [ 477056] HP ProtectTools Device Locking / Auditing (FLCDLOCK) . (.Hewlett-Packard Company.) - c:\Windows\SysWOW64\flcdlock.exe
SR - Auto [2013/11/04 18:31:56] [ 92160] HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
SR - Auto [2013/10/16 10:45:20] [ 681760] hpHotkeyMonitor (hpHotkeyMonitor) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
SR - Demand [2013/05/13 20:09:20] [ 1129760] HP Software Framework Service (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SR - Auto [// ::] [ 33600] @oem27.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\system32\Hpservice.exe
SR - Auto [2012/08/28 04:05:12] [ 7168] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - Auto [2012/12/10 14:31:28] [ 732160] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SS - Demand [2012/12/10 14:31:44] [ 803872] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SR - Auto [2013/12/22 23:27:22] [ 131032] Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - Auto [2013/12/22 23:27:22] [ 165336] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - Auto [2013/12/22 23:27:22] [ 279000] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - Auto [2011/09/16 08:31:34] [ 189832] Lotus Notes Smart Upgrade Service (LNSUSvc) . (.IBM Corp.) - C:\Lotus\Notes\SUService.exe
SR - Auto [2011/09/16 08:28:26] [ 4453768] Lotus Notes Diagnostics (Lotus Notes Diagnostics) . (.IBM.) - C:\Lotus\Notes\nsd.exe
SS - Demand [2015/07/07 21:24:21] [ 148136] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - Auto [2011/09/16 08:29:18] [ 71048] Multi-user Cleanup Service (Multi-user Cleanup Service) . (.IBM Corp.) - C:\Lotus\Notes\ntmulti.exe
SR - Auto [2013/02/07 11:37:38] [ 1135752] PDF Document Manager (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
SS - Auto [2015/02/18 19:11:32] [ 315488] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - Auto [2013/07/26 14:31:58] [ 327680] @C:\Windows\system32\stlang64.dll,-10101 (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\stacsv64.exe
SR - Demand [2015/06/04 21:56:54] [ 837312] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - Auto [2013/12/22 23:27:29] [ 366040] Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - Auto [2012/07/19 18:29:58] [ 2714232] Validity VCS Fingerprint Service (vcsFPService) . (.Validity Sensors, Inc..) - C:\Windows\System32\vcsFPService.exe

---\\ Additional Scan (O88) (33) - 0s
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask
C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe =>PUP.Optional.CrossRider
C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.Ask
C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll =>PUP.Optional.Bandoo
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} =>PUP.Optional.Bandoo
C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx.dll =>PUP.Optional.Bandoo
HKLM\SYSTEM\CurrentControlSet\Services\APNMCP =>Toolbar.Ask
HKLM\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator =>PUP.Optional.MoviesToolbar
C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe =>PUP.Optional.MoviesToolbar
HKLM\SYSTEM\CurrentControlSet\Services\F06DEFF2-5B9C-490D-910F-35D3A9119622 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividbandoomoviestoolbarFF =>PUP.Optional.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividbandoomoviestoolbarIE =>PUP.Optional.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C1D00} =>PUP.Optional.BrowserTabSearch
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iLivid =>PUP.Optional.Bandoo
HKLM\SOFTWARE\Wow6432Node\AskPartnerNetwork =>Toolbar.Ask
HKLM\SOFTWARE\Wow6432Node\Conduit =>PUP.Optional.Conduit
HKLM\SOFTWARE\Wow6432Node\Datamngr =>PUP.Optional.Datamngr
HKLM\SOFTWARE\Wow6432Node\MyAshampoo =>Toolbar.Agent
HKCU\SOFTWARE\AskPartnerNetwork =>Toolbar.Ask
HKCU\SOFTWARE\AVG Security Toolbar =>Toolbar.AVGSearch
HKCU\SOFTWARE\iLivid =>PUP.Optional.Bandoo
HKCU\SOFTWARE\ilividbandoomoviestoolbar =>PUP.Optional.Bandoo
HKCU\SOFTWARE\AppDataLow\Software\MyAshampoo =>Toolbar.Agent =>Toolbar.Agent
C:\Program Files (x86)\AskPartnerNetwork =>Toolbar.Ask
C:\Program Files (x86)\AVG Security Toolbar =>Toolbar.AVGSearch
C:\Program Files (x86)\Movies App =>PUP.Optional.CrossRider
C:\ProgramData\AskPartnerNetwork =>Toolbar.Ask
C:\ProgramData\Datamngr =>PUP.Optional.Datamngr
C:\Users\HP\AppData\Local\AskPartnerNetwork =>Toolbar.Ask
C:\Users\HP\AppData\Local\iLivid =>PUP.Optional.Bandoo
C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\dtuser.exe =>PUP.Optional.CrossRider
C:\Windows\Installer\8d55a0ec.msi =>PUP.Optional.Bandoo

---\\ Summary of the detections found on your workstation (9) - 0s
http://www.nicolascoolman.fr/toolbar-ask/ =>Toolbar.Ask
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/adware-bandoo/ =>PUP.Optional.Bandoo
http://www.nicolascoolman.fr/blog =>Toolbar.Agent
http://www.nicolascoolman.fr/blog =>PUP.Optional.MoviesToolbar
http://www.nicolascoolman.fr/pup-browsertabsearch/ =>PUP.Optional.BrowserTabSearch
http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/pup-datamngr/ =>PUP.Optional.Datamngr
http://www.nicolascoolman.fr/blog =>Toolbar.AVGSearch

~ End of the scan, 100339 items in 482 seconds (837)(0)()
---\\ Internet Browsers (2) - 0s
MFIE: Mozilla v39.0
MSIE: Internet Explorer v10.0.9200.17377

---\\ Windows Product Information (3) - 1s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Activation Technologies : OK

---\\ System protection software (1) - 1s
Kaspersky Anti-Virus v14.0.0.4651

---\\ Surveillance software (1) - 1s
Adobe Flash Player 18 NPAPI

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 4074328
~ System Restore: Activé (Enable)
~ System drive C: has 114 GB free of 460 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: ADMIN
~ User Name: HP
~ Logged in as Administrator

---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 114 GB free of 460 GB (System)
~ Drive D: has 2 GB free of 2 GB
~ Drive F: has 2 GB free of 13 GB

---\\ Search Generic System Files (22) - 0s
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2391280]
[MD5.3A6209AC494296C24C2065CB4392B5F4] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [51712]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [132608]
[MD5.5F448285F3C91222B670D4130A101B08] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [2237440]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [118784]
[MD5.58CC013EFA9893057160EDA018D8ADCE] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [145920]
[MD5.14EE56050E1637926F5CFA65B1F4209B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [404480]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [117248]
[MD5.AA37946941ED3805AB3A924965907147] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [328000]

---\\ Process running (29) - 2s
[MD5.FEB02219C74A594894C95AF65C602EF9] - (.DigitalPersona, Inc. - DigitalPersona Local Host.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [488824] [PID.928]
[MD5.634C0CDC3F63AED52982A15C21FA9939] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\stacsv64.exe [327680] [PID.716]
[MD5.9F0B4584F9AB393CA599CB0D6191FD46] - (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) -- C:\Windows\System32\vcsFPService.exe [2714232] [PID.1244]
[MD5.2BB7E9A887F26CDB5C19C76636E85394] - (.APN LLC. - APN Updater.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [178568] [PID.1676] =>Toolbar.Ask
[MD5.0D2F8F4055903A762AD46204E5A42E86] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512] [PID.1916]
[MD5.8920E111F8FED2D8CB986EFD0A241148] - (.Bandoo Media Inc. - Datamngr Coordinator.) -- C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe [3204296] [PID.848] =>PUP.Optional.CrossRider
[MD5.C6128F2E3DC6156C6F8828F9F1B96010] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160] [PID.1284]
[MD5.2098AF12149789FA6608422C8796F77C] - (.IBM Corp - IBM Lotus Notes/Domino.) -- C:\Lotus\Notes\SUService.exe [189832] [PID.2200]
[MD5.E4FA829273FDF5BD20FC9804FD5F9C20] - (.IBM - wnsd.) -- C:\Lotus\Notes\nsd.exe [4453768] [PID.2224]
[MD5.FF54EA1617D15711690D5EF054512C21] - (.IBM Corp - IBM Lotus Notes/Domino.) -- C:\Lotus\Notes\ntmulti.exe [71048] [PID.2256]
[MD5.3B7809B1516E4EE23F9E36B9FA3DAD54] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1135752] [PID.2288]
[MD5.0A002153EC354442AAAB3C447971EC47] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976] [PID.5812]
[MD5.C9E2D38B73524AF3B281299BA04E5205] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe [1005352] [PID.4632]
[MD5.2E560F042E48C1A01D44B6FF31D9DE2C] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe [1060216] [PID.4124]
[MD5.9D8D9550FCF2CCBA9A29ECD56902A0E6] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe [1664000] [PID.5196]
[MD5.0A7E2E2B10CE1F3530148E6824E79C53] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\x64\3\E_IATIEFE.EXE [221696] [PID.6096]
[MD5.451C1EE6B7BDF5010C3F84DEBCDEC37D] - (.DigitalPersona, Inc. - DigitalPersona 64-bit Helper Process.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe [352152] [PID.3164]
[MD5.67272527C5ACBA8DBE7F64CA1313DFE4] - (.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\HP\AppData\Local\iLivid\iLivid.exe [8146632] [PID.3012] =>PUP.Optional.Bandoo
[MD5.8DACA62F3E15E45EBAF7AE51A609CBC1] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [2892992] [PID.4500]
[MD5.B7995C675014EEBE77A0BEB7AFCCFC08] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432] [PID.6112]
[MD5.A1741C3B79F9DF8895E05EF43579E74B] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.1496]
[MD5.CDFC99A7EE69D8134DF01D02BD9F7D2D] - (.CyberLink Corp. - CyberLink YouCam Tray.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167024] [PID.3192]
[MD5.CDB517386A26AE420CB24BDB3CD88779] - (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448] [PID.2040]
[MD5.4E9AF25BA5E8219310E384AEA5B0EED8] - (.CyberLink - CyberLink MediaLibrary Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576] [PID.2884]
[MD5.B1227EEFFA56DA6D374169FFFFD17228] - (.APN - Ask Toolbar Notifier.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1684360] [PID.2724] =>Toolbar.Ask
[MD5.14D6542607ACD4B2D1DDB1A36E0D8813] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744] [PID.4164]
[MD5.D471F27FE3414238839979D4203143B3] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [1853632] [PID.4292]
[MD5.0A3544D7E9AF7D8C991C904339157EDC] - (.Valve Corporation - Steam Client Service.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe [837312] [PID.1252]
[MD5.322E14EB5937F4769A44042D1F5EDF52] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [182000] [PID.6424]

---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) (10) - 0s
G2 - GCE: Extension [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [blbkdnmdcafmfhinpmnlhhddbepgkeaa] __MSG_ExtensionName__
G2 - GCE: Extension [User Data\Default] [dchlnpcodkpfdpacogkljefecpegganj] __MSG_ExtensionName__
G2 - GCE: Extension [User Data\Default] [gmlllbghnfkpflemihljekbapjopfjik] Bookmark Manager
G2 - GCE: Extension [User Data\Default] [hghkgaeecgjhjkannahfamoehjmkjail] __MSG_ExtensionName__
G2 - GCE: Extension [User Data\Default] [jagncdcchgajhfhijbbhecadmaiegcmh] __MSG_ExtensionName__
G2 - GCE: Extension [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Extension [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call
G2 - GCE: Extension [User Data\Default] [ncffjdbbodifgldkcbhmiiljfcnbgjab] DigitalPersona Extension
G2 - GCE: Extension [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) (18) - 1s
M0 - MFSP: prefs.js [HP - s4yfl5uu.default-1377281913100] http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1184&v=n15946-707&t=4 =>Toolbar.Ask
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazondotcom.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\twitter.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited.) -- C:\Users\HP\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.71.2] - (.Oracle Corporation.) -- C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.71.2] - (.Oracle Corporation.) -- C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Skype Technologies S.A..com/Skype Web Plugin] - (.Skype.) -- C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin.dll
P2 - FPN: [HKLM] [digitalpersona.com/ChromeDPAgent] - (.DigitalPersona, Inc..) -- C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (19) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/ =>Toolbar.Ask
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} Orphean
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Proxy Management (R5) (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.0.0.2:80
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Object (BHO) (O2) (10) - 0s
O2 - BHO: ContentBlockerBrowserHelperObject [64Bits] - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} . (.Kaspersky Lab ZAO - Content Blocker Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: (no name) [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Orphean)
O2 - BHO: VirtualKeyboardBrowserHelperObject [64Bits] - {73455575-E40C-433C-9784-C78DC7761455} . (.Kaspersky Lab ZAO - Virtual Keyboard Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: (no name) [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (Orphean)
O2 - BHO: (no name) [64Bits] - {95B7759C-8C7F-4BF1-B163-73684A933233} (Orphean)
O2 - BHO: Safe Money Plugin [64Bits] - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} . (.Kaspersky Lab ZAO - Safe Money Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: (no name) [64Bits] - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} (Orphean)
O2 - BHO: Movies Search App (Dist. by Bandoo Media, Inc.) [64Bits] - {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} . (.IAC Search and Media, Inc. - dtx Dynamic Link Library.) -- C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll =>PUP.Optional.Bandoo
O2 - BHO: (no name) [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} (Orphean)
O2 - BHO: link filter bho [64Bits] - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab ZAO - URL Advisor Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll

---\\ Internet Explorer Toolbars (O3) (2) - 0s
O3 - Toolbar: MyAshampoo Toolbar - [HKLM]{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} . (...) -- (.not file.) =>Toolbar.Agent
O3 - Toolbar: Movies Search App (Dist. by Bandoo Media, Inc.) - [HKLM]{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} . (.IAC Search and Media, Inc. - dtx Dynamic Link Library.) -- C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx.dll =>PUP.Optional.Bandoo

---\\ Auto loading programs from Registry and folders (O4) (28) - 1s
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [Power2GoExpress8] (Orphean)
O4 - HKCU\..\Run: [EPSON Stylus SX200 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEFE.EXE
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\HP\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [iLivid] . (.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [YouCam Mirage] . (.CyberLink - YouCam Mirage.) -- c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
O4 - HKLM\..\Wow6432Node\Run: [YouCam Tray] . (.CyberLink Corp. - CyberLink YouCam Tray.) -- c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Wow6432Node\Run: [RIMBBLaunchAgent.exe] . (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer_For_P2G8] . (.CyberLink - CyberLink MediaLibrary Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
O4 - HKLM\..\Wow6432Node\Run: [CLVirtualDrive] . (.CyberLink Corp. - CyberLink Virtual Drive.) -- C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
O4 - HKLM\..\Wow6432Node\Run: [QLBController] . (.Hewlett-Packard Company - QLBController.) -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
O4 - HKUS\S-1-5-21-3526586236-2254187543-317414105-1002\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-3526586236-2254187543-317414105-1002\..\Run: [Power2GoExpress8] (Orphean)
O4 - HKUS\S-1-5-21-3526586236-2254187543-317414105-1002\..\Run: [EPSON Stylus SX200 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEFE.EXE
O4 - HKUS\S-1-5-21-3526586236-2254187543-317414105-1002\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\HP\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-3526586236-2254187543-317414105-1002\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-3526586236-2254187543-317414105-1002\..\Run: [iLivid] . (.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - HKUS\S-1-5-21-3526586236-2254187543-317414105-1002\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe

---\\ Global shortcuts Startup (O4G) (7) - 2s
O4 - GS\Desktop [Administrator]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - GS\Quicklaunch [Administrator]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - GS\Desktop [Guest]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - GS\Quicklaunch [Guest]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - GS\Desktop [HP]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - GS\Quicklaunch [HP]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - GS\Programs [Public]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo

---\\ Lop.com/Domain Hijackers (O17) (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.35.96.66 212.35.96.98
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 212.35.96.66 212.35.96.98
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) (22) - 1s
O23 - Service: Ask Update Service (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask
O23 - Service: Kaspersky Anti-Virus Service (avp) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) . (.Bandoo Media Inc. - Datamngr Coordinator.) - C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe =>PUP.Optional.MoviesToolbar
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security (DpHost) . (.DigitalPersona, Inc. - DigitalPersona Local Host.) - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: F06DEFF2-5B9C-490D-910F-35D3A9119622 (F06DEFF2-5B9C-490D-910F-35D3A9119622) . (...) - C:\Program Files (x86)\Movies App\Datamngr\x64\setmgrc3.cfg (.not file.) =>PUP.Optional.CrossRider
O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: hpHotkeyMonitor (hpHotkeyMonitor) . (.Hewlett-Packard Company - hpHotkeyMonitor Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: @oem27.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\system32\Hpservice.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lotus Notes Smart Upgrade Service (LNSUSvc) . (.IBM Corp - IBM Lotus Notes/Domino.) - C:\Lotus\Notes\SUService.exe
O23 - Service: Lotus Notes Diagnostics (Lotus Notes Diagnostics) . (.IBM - wnsd.) - C:\Lotus\Notes\nsd.exe
O23 - Service: Multi-user Cleanup Service (Multi-user Cleanup Service) . (.IBM Corp - IBM Lotus Notes/Domino.) - C:\Lotus\Notes\ntmulti.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) . (.PDF Complete Inc - Dispatcher.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @C:\Windows\system32\stlang64.dll,-10101 (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\stacsv64.exe
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) . (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) - C:\Windows\System32\vcsFPService.exe

---\\ Task Planned Automatically (O39) (9) - 3s
[MD5.B8F7DF2DD3AA8A5AA865162F011636AD] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268976]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3526586236-2254187543-317414105-1002Core] (.Facebook Inc..) -- C:\Users\HP\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3526586236-2254187543-317414105-1002UA] (.Facebook Inc..) -- C:\Users\HP\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-3526586236-2254187543-317414105-1002Core] (.Google Inc..) -- C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-3526586236-2254187543-317414105-1002UA] (.Google Inc..) -- C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.8AA3B22B716A04AC8DD13318A40D708D] [APT] [HPCeeScheduleForHP] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [95800]
[MD5.0A002153EC354442AAAB3C447971EC47] [APT] [Synaptics TouchPad Enhancements] (.Synaptics Incorporated.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976]
O39 - APT: Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements [2990]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{FAD92F42-A4B0-4A92-BA79-82B6BEDB75F5} [3128]

---\\ Software installed (O42) (85) - 9s
O42 - Logiciel: EPSON Stylus SX200 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM][64Bits] -- EPSON Stylus SX200 Series
O42 - Logiciel: Face Recognition for HP ProtectTools - (.Hewlett-Packard Company.) [HKLM][64Bits] -- Face Recognition for HP ProtectTools
O42 - Logiciel: HP ProtectTools Security Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- HPProtectTools
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Energy Star - (.Hewlett-Packard.) [HKLM][64Bits] -- {0FA995CC-C849-4755-B14B-5404CC75DC24}
O42 - Logiciel: Visual Studio 2010 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {21B133D6-5979-47F0-BE1C-F6A6B304693F}
O42 - Logiciel: HP ProtectTools Security Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {29EACA23-7D93-4F6E-B179-752C70CBF296}
O42 - Logiciel: Device Access Manager for HP ProtectTools - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {55B52830-024A-443E-AF61-61E1E71AFA1B}
O42 - Logiciel: HP Postscript Converter - (.Hewlett-Packard.) [HKLM][64Bits] -- {6E14E6D6-3175-4E1A-B934-CAB5A86367CD}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Validity Fingerprint Sensor Driver - (.Validity Sensors, Inc..) [HKLM][64Bits] -- {AA51ED2E-DCE7-415F-9C32-CB9B561D216D}
O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {C35A147C-5037-443A-9BF8-A5E7C2154CE4}
O42 - Logiciel: Face Recognition for HP ProtectTools - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {D3A775F2-2674-4452-8D80-1FC1446052EE}
O42 - Logiciel: HP Registration Service - (.Hewlett-Packard.) [HKLM][64Bits] -- {E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {FA00A3CC-7440-4938-A271-F186F50DD40D}
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Ashampoo Burning Studio 10.0.3 - (.ashampoo GmbH & Co. KG.) [HKLM][64Bits] -- Ashampoo Burning Studio 10_is1
O42 - Logiciel: BlackBerry Device Manager 7.1 - (.Research In Motion Ltd..) [HKLM][64Bits] -- BlackBerry_HandheldManager
O42 - Logiciel: EPSON Scan - (...) [HKLM][64Bits] -- EPSON Scanner
O42 - Logiciel: EPSON Stylus SX200_SX400_TX200_TX400 Manual - (...) [HKLM][64Bits] -- EPSON Stylus SX200_SX400_TX200_TX400 User’s Guide
O42 - Logiciel: Movies Search App for Firefox (Dist. by Bandoo Media, Inc.) - (.IAC Search and Media, Inc..) [HKLM][64Bits] -- ilividbandoomoviestoolbarFF =>PUP.Optional.Bandoo
O42 - Logiciel: Movies Search App for Internet Explorer (Dist. by Bandoo Media, Inc.) - (.IAC Search and Media, Inc..) [HKLM][64Bits] -- ilividbandoomoviestoolbarIE =>PUP.Optional.Bandoo
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Theft Recovery for HP ProtectTools - (.Hewlett-Packard Company.) [HKLM][64Bits] -- InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}
O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM][64Bits] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}
O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
O42 - Logiciel: CyberLink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: CyberLink PowerDVD - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: Kaspersky Anti-Virus - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}
O42 - Logiciel: Mozilla Firefox 39.0 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0 (x86 en-US)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: MyAshampoo Toolbar - (...) [HKLM][64Bits] -- MyAshampoo Toolbar
O42 - Logiciel: PDF Complete Corporate Edition - (.PDF Complete, Inc.) [HKLM][64Bits] -- PDF Complete
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: Theft Recovery for HP ProtectTools - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}
O42 - Logiciel: Skype Web Plugin - (.Skype Technologies S.A..) [HKLM][64Bits] -- {15AF46DB-9EBA-4662-AA52-29EF23585035}
O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: Skype™ 7.5 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: JMicron Flash Media Controller Driver - (.JMicron Technology Corp..) [HKLM][64Bits] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C}
O42 - Logiciel: Java 7 Update 71 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F03217071FF}
O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
O42 - Logiciel: EPSON Scan Assistant - (...) [HKLM][64Bits] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}
O42 - Logiciel: HP ESU for Microsoft Windows 8 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {2F8A00FC-1F12-44B2-AA37-F9A358EDC161}
O42 - Logiciel: HP Wireless Button Driver - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {30B2D1D8-0A07-4B71-9553-0710C5D31E35}
O42 - Logiciel: HP System Default Settings - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {357FE1E9-5890-4697-95DD-B15E01B4AA2A}
O42 - Logiciel: HP HD Webcam Driver - (.Sonix.) [HKLM][64Bits] -- {399C37FB-08AF-493B-BFED-20FBD85EDF7F}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {42EDF895-158C-484E-A7F2-42B90759F281}
O42 - Logiciel: EPSON File Manager - (...) [HKLM][64Bits] -- {46CBBDF8-55B5-40DB-B459-7B848394309C}
O42 - Logiciel: CyberLink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {4862344A-A39C-4897-ACD4-A1BED5163C5A}
O42 - Logiciel: Search App by Ask - (.APN, LLC.) [HKLM][64Bits] -- {4F524A2D-5350-4500-76A7-A758B70C1D00} =>PUP.Optional.BrowserTabSearch
O42 - Logiciel: HP Quick Start - (.Hewlett-Packard.) [HKLM][64Bits] -- {574F0207-8E98-46CD-8F79-318348C98C46}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {675D093B-815D-47FD-AB2C-192EC751E8E2}
O42 - Logiciel: InstallVC90Support - (.Novatel Wireless.) [HKLM][64Bits] -- {6B9C32DB-DBCD-45A8-B901-3A92A99A2474}
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.2.3 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: Kaspersky Anti-Virus - (.Kaspersky Lab.) [HKLM][64Bits] -- {6F6873E3-5C92-4049-B511-231A138DD090}
O42 - Logiciel: HP Hotkey Support - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {7F7E2060-7212-4A53-9875-55173E4BA3F0}
O42 - Logiciel: EPSON Easy Photo Print - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {8A8F8391-4C2C-4BE1-A984-CD4A5A546467}
O42 - Logiciel: Ralink RT5390R 802.11b/g/n Wi-Fi Adapter - (.Mediatek.) [HKLM][64Bits] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}
O42 - Logiciel: Evernote v. 4.6 - (.Evernote Corp..) [HKLM][64Bits] -- {A23AADDA-3DBF-11E2-A6F2-984BE15F174E}
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM][64Bits] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: HP SoftPaq Download Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {B50981AD-95E8-4E4D-912A-7C4B738387CA}
O42 - Logiciel: WinZip 16.5 - (.WinZip Computing, S.L. .) [HKLM][64Bits] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240D2}
O42 - Logiciel: HP Software Setup - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {D1E7D876-6B86-4B35-A93D-15B0D6C43EAF}
O42 - Logiciel: CyberLink PowerDVD - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: BlackBerry Device Manager 7.1 - (.Research In Motion Ltd..) [HKLM][64Bits] -- {DEDCB237-C4A0-42DD-A03B-F1006942D730}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}
O42 - Logiciel: Lotus Notes 8.5.3 - (.IBM.) [HKLM][64Bits] -- {E36FB5F6-94FE-47BF-9FBE-6D8CBCFB0269}
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM][64Bits] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Realtek Ethernet Controller All-In-One Windows Driver - (.Realtek.) [HKLM][64Bits] -- {F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {FCD58C04-324A-40D1-BA9E-1A754DF1736D}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
O42 - Logiciel: iLivid - (.Bandoo Media Inc.) [HKCU][64Bits] -- iLivid =>PUP.Optional.Bandoo

---\\ HKCU & HKLM Software Keys (104) - 9s
HKLM\SOFTWARE\Wow6432Node\ABBYY
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Ashampoo
HKLM\SOFTWARE\Wow6432Node\AskPartnerNetwork =>Toolbar.Ask
HKLM\SOFTWARE\Wow6432Node\Avg Secure Update
HKLM\SOFTWARE\Wow6432Node\Caphyon
HKLM\SOFTWARE\Wow6432Node\Cogent Inc.
HKLM\SOFTWARE\Wow6432Node\Conduit =>PUP.Optional.Conduit
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\Datamngr =>PUP.Optional.Datamngr
HKLM\SOFTWARE\Wow6432Node\Dell
HKLM\SOFTWARE\Wow6432Node\DigitalPersona
HKLM\SOFTWARE\Wow6432Node\EPSON
HKLM\SOFTWARE\Wow6432Node\Evernote
HKLM\SOFTWARE\Wow6432Node\FLEXnet
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard Company
HKLM\SOFTWARE\Wow6432Node\HPQ
HKLM\SOFTWARE\Wow6432Node\IBM
HKLM\SOFTWARE\Wow6432Node\IDT
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\IVTUPDATE
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Lake
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\LogMeInRescueCallingCard
HKLM\SOFTWARE\Wow6432Node\Lotus
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Mediatek
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\MyAshampoo =>Toolbar.Agent
HKLM\SOFTWARE\Wow6432Node\Nico Mak Computing
HKLM\SOFTWARE\Wow6432Node\Novatel Wireless
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\One Time Password Providers
HKLM\SOFTWARE\Wow6432Node\PDFComplete
HKLM\SOFTWARE\Wow6432Node\Ralink
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Research In Motion
HKLM\SOFTWARE\Wow6432Node\Sierra Wireless Inc
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SkypeWebPlugin
HKLM\SOFTWARE\Wow6432Node\Sonix
HKLM\SOFTWARE\Wow6432Node\Validity
HKLM\SOFTWARE\Wow6432Node\Valve
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\ABBYY
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\APNDTX
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Ashampoo
HKCU\SOFTWARE\AskPartnerNetwork =>Toolbar.Ask
HKCU\SOFTWARE\Avg Secure Update
HKCU\SOFTWARE\AVG Security Toolbar =>Toolbar.AVGSearch
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\DigitalPersona
HKCU\SOFTWARE\EPSON
HKCU\SOFTWARE\Evernote
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\FLEXnet
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\iLivid =>PUP.Optional.Bandoo
HKCU\SOFTWARE\ilividbandoomoviestoolbar =>PUP.Optional.Bandoo
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\KasperskyLab
HKCU\SOFTWARE\Lake
HKCU\SOFTWARE\Lotus
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nico Mak Computing
HKCU\SOFTWARE\Novatel Wireless
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\PDFComplete
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Research In Motion
HKCU\SOFTWARE\SEIKO EPSON
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\The Creative Assembly
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\WinZip Computing
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Monitored
HKCU\SOFTWARE\AppDataLow\Software\MyAshampoo =>Toolbar.Agent
HKCU\SOFTWARE\AppDataLow\Software\settings

---\\ Contents of the Common Files folders (O43) (187) - 7s
O43 - CFD: 2014/09/04 10:32:06 - [] D -- C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
O43 - CFD: 2013/06/29 19:30:47 - [] D -- C:\Program Files (x86)\Ashampoo
O43 - CFD: 2014/08/04 12:20:14 - [] D -- C:\Program Files (x86)\AskPartnerNetwork =>Toolbar.Ask
O43 - CFD: 2014/08/27 20:54:38 - [] D -- C:\Program Files (x86)\AVG Security Toolbar =>Toolbar.AVGSearch
O43 - CFD: 2013/03/10 13:30:07 - [] D -- C:\Program Files (x86)\Bonjour
O43 - CFD: 2015/05/11 20:52:56 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2014/07/24 13:43:16 - [] D -- C:\Program Files (x86)\CyberLink
O43 - CFD: 2014/09/04 10:32:16 - [] D -- C:\Program Files (x86)\epson
O43 - CFD: 2013/07/26 14:42:53 - [] D -- C:\Program Files (x86)\Evernote
O43 - CFD: 2014/07/24 13:57:52 - [] D -- C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 2014/09/04 10:35:54 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2013/03/10 13:21:30 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/06/19 18:38:30 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2014/12/16 21:02:11 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2013/03/10 13:12:30 - [] D -- C:\Program Files (x86)\JMicron
O43 - CFD: 2014/08/24 09:29:17 - [] D -- C:\Program Files (x86)\Kaspersky Lab
O43 - CFD: 2014/09/03 23:54:46 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/05/17 09:45:22 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2013/06/29 19:35:35 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 2013/06/29 19:31:28 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 2014/06/08 09:16:55 - [] D -- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 2013/06/29 19:34:57 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/05/10 01:35:28 - [] D -- C:\Program Files (x86)\Movies App =>PUP.Optional.CrossRider
O43 - CFD: 2015/07/07 22:02:59 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/07/07 22:03:02 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2013/06/29 19:35:52 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2013/06/29 19:31:47 - [] D -- C:\Program Files (x86)\MyAshampoo
O43 - CFD: 2013/06/29 19:25:56 - [] RD -- C:\Program Files (x86)\Online Services
O43 - CFD: 2013/07/26 16:15:25 - [] D -- C:\Program Files (x86)\PDF Complete
O43 - CFD: 2012/11/21 16:03:55 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2012/08/02 00:35:12 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2014/03/02 13:58:19 - [] D -- C:\Program Files (x86)\Research In Motion
O43 - CFD: 2015/06/15 19:17:47 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2014/12/13 22:59:10 - [] D -- C:\Program Files (x86)\SkypeWebPlugin
O43 - CFD: 2015/07/07 20:19:54 - [] D -- C:\Program Files (x86)\Steam
O43 - CFD: 2015/05/20 06:36:52 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2013/06/29 22:24:33 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2013/07/08 15:24:08 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2012/07/26 11:13:01 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2012/07/26 11:12:59 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2013/07/07 00:22:59 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2012/07/26 11:13:01 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2012/07/26 11:12:59 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2013/06/29 19:29:50 - [] D -- C:\Program Files (x86)\WinZip
O43 - CFD: 2014/09/04 10:32:02 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
O43 - CFD: 2012/07/26 11:13:01 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2014/10/20 23:16:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/10/16 11:48:56 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2013/06/29 19:31:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
O43 - CFD: 2014/03/02 13:58:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry
O43 - CFD: 2013/06/29 19:29:35 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
O43 - CFD: 2014/09/04 10:29:10 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
O43 - CFD: 2014/09/04 10:35:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Creativity Suite
O43 - CFD: 2013/03/10 13:31:04 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 2014/04/29 23:37:08 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
O43 - CFD: 2013/03/10 13:21:35 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 2014/12/16 21:02:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2015/01/08 16:02:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lotus Applications
O43 - CFD: 2012/07/26 11:13:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2013/06/29 19:36:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2015/05/16 20:12:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2013/07/26 16:06:16 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
O43 - CFD: 2014/07/24 13:45:03 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
O43 - CFD: 2014/09/09 08:48:45 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
O43 - CFD: 2014/09/16 22:10:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2013/06/29 19:30:06 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2015/05/11 20:52:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 2013/07/08 15:22:34 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2012/07/26 10:52:44 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2014/12/07 07:02:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2013/06/29 19:30:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
O43 - CFD: 2014/09/04 09:02:57 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2014/08/04 12:20:02 - [] D -- C:\ProgramData\APN
O43 - CFD: 2013/03/10 13:30:03 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2012/07/26 10:22:08 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2013/06/29 19:31:43 - [] D -- C:\ProgramData\ashampoo
O43 - CFD: 2014/08/04 12:20:14 - [] D -- C:\ProgramData\AskPartnerNetwork =>Toolbar.Ask
O43 - CFD: 2014/08/27 20:54:28 - [] D -- C:\ProgramData\Avg_Update_0814tb
O43 - CFD: 2013/06/29 19:37:54 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2015/01/04 18:50:02 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2015/06/19 18:51:01 - [] D -- C:\ProgramData\Datamngr =>PUP.Optional.Datamngr
O43 - CFD: 2012/07/26 10:22:08 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2012/07/26 10:22:08 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2014/09/04 10:28:50 - [] D -- C:\ProgramData\EPSON
O43 - CFD: 2013/03/10 13:01:17 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 2014/04/29 23:32:03 - [] D -- C:\ProgramData\Hewlett-Packard
O43 - CFD: 2013/07/26 14:13:27 - [] D -- C:\ProgramData\HPQLOG
O43 - CFD: 2014/07/24 13:46:21 - [] D -- C:\ProgramData\install_clap
O43 - CFD: 2013/03/10 13:12:14 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2015/07/08 12:45:04 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 2013/03/10 13:02:10 - [] D -- C:\ProgramData\Macrovision
O43 - CFD: 2014/09/03 23:36:41 - [] D -- C:\ProgramData\MFAData
O43 - CFD: 2015/01/30 19:19:33 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/06/15 17:41:59 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2013/06/29 19:32:27 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2013/11/27 20:39:58 - [] D -- C:\ProgramData\Novatel Wireless
O43 - CFD: 2014/12/16 21:02:41 - [0] D -- C:\ProgramData\Oracle
O43 - CFD: 2015/07/06 14:29:41 - [] D -- C:\ProgramData\PDFC
O43 - CFD: 2013/07/10 10:36:25 - [] D -- C:\ProgramData\PRICache
O43 - CFD: 2013/03/10 13:24:34 - [] D -- C:\ProgramData\Qualcomm Atheros
O43 - CFD: 2013/03/10 13:17:24 - [] D -- C:\ProgramData\Ralink Driver
O43 - CFD: 2012/07/26 10:52:44 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/06/15 17:38:20 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2012/07/26 10:22:08 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2013/08/22 20:50:41 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2013/03/10 13:41:04 - [] D -- C:\ProgramData\Temp
O43 - CFD: 2012/07/26 10:22:08 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2014/09/04 10:33:57 - [] D -- C:\ProgramData\UDL
O43 - CFD: 2013/03/10 13:43:37 - [0] D -- C:\ProgramData\Validity
O43 - CFD: 2013/06/29 19:31:33 - [] D -- C:\ProgramData\WinZip
O43 - CFD: 2014/04/29 23:33:21 - [] D -- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
O43 - CFD: 2014/07/24 13:44:58 - [] D -- C:\Program Files (x86)\Common Files\CyberLink
O43 - CFD: 2014/06/10 18:09:42 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2014/09/04 10:34:11 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2013/03/10 13:21:22 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2012/11/21 16:05:13 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 2014/12/16 21:02:34 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2014/06/08 09:17:02 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2013/03/10 13:29:07 - [] D -- C:\Program Files (x86)\Common Files\Nikon
O43 - CFD: 2013/03/10 13:10:44 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 2014/03/02 13:58:20 - [] D -- C:\Program Files (x86)\Common Files\Research In Motion
O43 - CFD: 2012/07/26 11:13:01 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2014/09/16 22:10:35 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2013/07/26 14:26:18 - [] D -- C:\Program Files (x86)\Common Files\SNP2UVC
O43 - CFD: 2015/07/07 20:20:54 - [] D -- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 2014/06/12 18:56:36 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2013/07/01 09:33:38 - [] D -- C:\Users\HP\AppData\Roaming\Adobe
O43 - CFD: 2014/07/24 18:57:46 - [] D -- C:\Users\HP\AppData\Roaming\CyberLink
O43 - CFD: 2013/06/29 19:26:00 - [] D -- C:\Users\HP\AppData\Roaming\DigitalPersona
O43 - CFD: 2015/05/27 17:15:22 - [] D -- C:\Users\HP\AppData\Roaming\dvdcss
O43 - CFD: 2014/09/04 11:27:50 - [] D -- C:\Users\HP\AppData\Roaming\EPSON
O43 - CFD: 2013/07/26 14:16:23 - [] D -- C:\Users\HP\AppData\Roaming\FLEXnet
O43 - CFD: 2013/07/26 14:29:17 - [] D -- C:\Users\HP\AppData\Roaming\Hewlett-Packard
O43 - CFD: 2014/07/24 13:50:45 - [] D -- C:\Users\HP\AppData\Roaming\hpqlog
O43 - CFD: 2013/06/29 19:26:01 - [] D -- C:\Users\HP\AppData\Roaming\Identities
O43 - CFD: 2014/08/11 12:34:02 - [] D -- C:\Users\HP\AppData\Roaming\IDT
O43 - CFD: 2014/09/03 21:58:18 - [] D -- C:\Users\HP\AppData\Roaming\InstallShield
O43 - CFD: 2013/06/29 19:27:52 - [] D -- C:\Users\HP\AppData\Roaming\Intel Corporation
O43 - CFD: 2013/07/01 12:08:40 - [] D -- C:\Users\HP\AppData\Roaming\Macromedia
O43 - CFD: 2013/07/26 14:16:26 - [] D -- C:\Users\HP\AppData\Roaming\Macrovision
O43 - CFD: 2014/09/09 00:16:52 - [] SD -- C:\Users\HP\AppData\Roaming\Microsoft
O43 - CFD: 2013/06/29 18:28:15 - [] D -- C:\Users\HP\AppData\Roaming\Mozilla
O43 - CFD: 2014/12/16 21:15:18 - [] D -- C:\Users\HP\AppData\Roaming\Oracle
O43 - CFD: 2015/07/08 13:49:33 - [] D -- C:\Users\HP\AppData\Roaming\Skype
O43 - CFD: 2013/06/29 19:28:11 - [] D -- C:\Users\HP\AppData\Roaming\Synaptics
O43 - CFD: 2015/05/14 19:28:39 - [] D -- C:\Users\HP\AppData\Roaming\The Creative Assembly
O43 - CFD: 2013/06/29 19:39:17 - [] D -- C:\Users\HP\AppData\Roaming\TuneUp Software
O43 - CFD: 2015/05/27 22:43:51 - [] D -- C:\Users\HP\AppData\Roaming\vlc
O43 - CFD: 2015/07/08 13:56:22 - [] D -- C:\Users\HP\AppData\Roaming\ZHP
O43 - CFD: 2015/07/08 13:11:22 - [] D -- C:\Users\HP\AppData\Local\Adobe
O43 - CFD: 2013/06/29 19:24:41 - [0] SHD -- C:\Users\HP\AppData\Local\Application Data
O43 - CFD: 2013/06/29 19:31:43 - [] D -- C:\Users\HP\AppData\Local\ashampoo
O43 - CFD: 2014/08/04 12:20:19 - [] D -- C:\Users\HP\AppData\Local\AskPartnerNetwork =>Toolbar.Ask
O43 - CFD: 2013/06/29 18:57:37 - [] D -- C:\Users\HP\AppData\Local\Cyberlink
O43 - CFD: 2015/05/15 19:50:48 - [0] D -- C:\Users\HP\AppData\Local\Diagnostics
O43 - CFD: 2013/06/29 19:26:00 - [] D -- C:\Users\HP\AppData\Local\DigitalPersona
O43 - CFD: 2013/11/18 02:40:36 - [] D -- C:\Users\HP\AppData\Local\Downloaded Installations
O43 - CFD: 2014/10/23 20:42:13 - [0] D -- C:\Users\HP\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2014/09/08 23:48:50 - [] D -- C:\Users\HP\AppData\Local\Facebook
O43 - CFD: 2013/11/12 20:51:09 - [] D -- C:\Users\HP\AppData\Local\Google
O43 - CFD: 2014/07/24 14:33:20 - [] D -- C:\Users\HP\AppData\Local\Hewlett-Packard
O43 - CFD: 2013/06/29 19:24:41 - [0] SHD -- C:\Users\HP\AppData\Local\History
O43 - CFD: 2013/07/26 15:10:53 - [0] D -- C:\Users\HP\AppData\Local\HP Quick Start
O43 - CFD: 2015/05/10 01:37:29 - [] D -- C:\Users\HP\AppData\Local\iLivid =>PUP.Optional.Bandoo
O43 - CFD: 2013/08/23 21:59:01 - [] D -- C:\Users\HP\AppData\Local\Macromedia
O43 - CFD: 2013/06/29 19:37:54 - [] D -- C:\Users\HP\AppData\Local\MFAData
O43 - CFD: 2014/09/04 11:52:29 - [] D -- C:\Users\HP\AppData\Local\Microsoft
O43 - CFD: 2013/12/11 19:21:46 - [] D -- C:\Users\HP\AppData\Local\Microsoft Help
O43 - CFD: 2013/10/22 22:45:05 - [] D -- C:\Users\HP\AppData\Local\Mozilla
O43 - CFD: 2014/09/09 00:26:39 - [] D -- C:\Users\HP\AppData\Local\Packages
O43 - CFD: 2015/05/01 12:41:41 - [] D -- C:\Users\HP\AppData\Local\PDFC
O43 - CFD: 2013/06/29 19:26:57 - [] D -- C:\Users\HP\AppData\Local\Power2Go8
O43 - CFD: 2013/07/26 14:15:12 - [] D -- C:\Users\HP\AppData\Local\Programs
O43 - CFD: 2014/03/12 21:15:32 - [] D -- C:\Users\HP\AppData\Local\Skype
O43 - CFD: 2014/12/14 12:38:00 - [] D -- C:\Users\HP\AppData\Local\SkypeWebPlugin
O43 - CFD: 2015/05/11 21:16:51 - [] D -- C:\Users\HP\AppData\Local\Steam
O43 - CFD: 2015/07/08 13:56:05 - [] D -- C:\Users\HP\AppData\Local\Temp
O43 - CFD: 2013/06/29 19:24:41 - [0] SHD -- C:\Users\HP\AppData\Local\Temporary Internet Files
O43 - CFD: 2013/09/28 08:33:53 - [] D -- C:\Users\HP\AppData\Local\VirtualStore
O43 - CFD: 2013/06/29 19:30:04 - [] D -- C:\Users\HP\AppData\Local\WinZip
O43 - CFD: 2012/07/26 11:13:00 - [] RD -- C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2012/07/26 11:13:00 - [] RD -- C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/03/14 12:21:50 - [] RD -- C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2013/06/29 19:34:02 - [] D -- C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2012/07/26 11:13:00 - [] D -- C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/03/14 12:21:50 - [] RD -- C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2012/07/26 11:13:00 - [] RD -- C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

---\\ System Drivers List (SDL) (O58) (70) - 3s
O58 - SDL:2012/07/26 08:00:49 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [106736]
O58 - SDL:2012/09/07 20:11:00 A . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\drivers\Accelerometer.sys [43328]
O58 - SDL:2012/07/26 08:00:49 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [492272]
O58 - SDL:2012/07/26 08:00:48 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [340720]
O58 - SDL:2012/07/26 08:00:49 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [184048]
O58 - SDL:2012/07/26 08:00:49 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [76016]
O58 - SDL:2012/07/26 08:00:49 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [258288]
O58 - SDL:2012/07/26 08:00:48 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [26352]
O58 - SDL:2012/07/26 08:00:49 A . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [104688]
O58 - SDL:2012/07/26 08:00:48 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [108272]
O58 - SDL:2012/07/26 01:53:22 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [11926528]
O58 - SDL:2012/06/29 05:00:48 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [360448]
O58 - SDL:2012/09/20 10:55:24 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [533224]
O58 - SDL:2013/03/05 12:01:42 A . (.CyberLink - It is a virtual device driver which could c.) -- C:\Windows\System32\drivers\CLVirtualDrive.sys [91712]
O58 - SDL:2012/11/09 21:03:16 A . (.Hewlett-Packard Company - HP ProtectTools Device Access Manager Drive.) -- C:\Windows\System32\drivers\DAMDrv64.sys [64832]
O58 - SDL:2012/06/02 17:31:38 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -- C:\Windows\System32\drivers\e1i63x64.sys [333824]
O58 - SDL:2012/09/20 10:55:27 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3265256]
O58 - SDL:2013/12/22 23:27:22 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [62784]
O58 - SDL:2012/09/07 20:11:00 A . (.Hewlett-Packard Company - HP Disk Filter - SATA/RAID.) -- C:\Windows\System32\drivers\hpdskflt.sys [31040]
O58 - SDL:2012/08/28 01:15:20 A . (.Hewlett-Packard Company - Keyboard Filter Driver.) -- C:\Windows\System32\drivers\HpqKbFiltr.sys [26504]
O58 - SDL:2012/07/26 08:00:52 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64752]
O58 - SDL:2012/08/28 04:01:12 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [646712]
O58 - SDL:2012/07/26 08:00:52 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [411888]
O58 - SDL:2012/08/23 22:09:02 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [9000256]
O58 - SDL:2012/07/26 08:00:52 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [45296]
O58 - SDL:2012/06/19 05:40:50 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [342528]
O58 - SDL:2014/06/23 16:35:00 A . (.JMicron Technology Corporation - JMicron PCIe Flash Media Controller Driver.) -- C:\Windows\System32\drivers\jmcr.sys [176880]
O58 - SDL:2014/08/24 10:58:33 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\drivers\kl1.sys [458336]
O58 - SDL:2014/08/24 10:58:33 A . (.Kaspersky Lab - Klelam Mini-Filter [fre_win8_x64].) -- C:\Windows\System32\drivers\klelam.sys [29792]
O58 - SDL:2014/08/24 10:58:34 A . (.Kaspersky Lab ZAO - Filter Core [fre_win8_x64].) -- C:\Windows\System32\drivers\klflt.sys [115296]
O58 - SDL:2014/08/24 10:58:35 A . (.Kaspersky Lab ZAO - Klif Mini-Filter [fre_win8_x64].) -- C:\Windows\System32\drivers\klif.sys [625760]
O58 - SDL:2014/08/24 10:58:35 A . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) -- C:\Windows\System32\drivers\klim6.sys [30304]
O58 - SDL:2014/08/24 10:58:36 A . (.Kaspersky Lab ZAO - KLKBDFLT Keyboard Device Filter [fre_win8_x.) -- C:\Windows\System32\drivers\klkbdflt.sys [29280]
O58 - SDL:2014/08/24 10:58:36 A . (.Kaspersky Lab ZAO - KLMOUFLT Mouse Device Filter [fre_win8_x64].) -- C:\Windows\System32\drivers\klmouflt.sys [29280]
O58 - SDL:2013/04/12 15:34:48 A . (.Kaspersky Lab ZAO - KLPD [fre_wnet_x64].) -- C:\Windows\System32\drivers\klpd.sys [15456]
O58 - SDL:2014/08/24 10:58:36 A . (.Kaspersky Lab ZAO - Network filtering component [RC_BUILD_OPT].) -- C:\Windows\System32\drivers\klwfp.sys [65120]
O58 - SDL:2014/08/24 10:58:37 A . (.Kaspersky Lab ZAO - KNEPS Power [fre_wnet_amd64].) -- C:\Windows\System32\drivers\kneps.sys [178272]
O58 - SDL:2012/07/26 08:00:52 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [108784]
O58 - SDL:2012/07/26 08:00:52 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [92400]
O58 - SDL:2012/07/26 08:00:52 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [116976]
O58 - SDL:2012/07/26 08:00:52 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [81136]
O58 - SDL:2012/07/26 08:00:52 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [51952]
O58 - SDL:2012/07/26 08:00:52 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [353008]
O58 - SDL:2012/07/26 08:00:55 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [64240]
O58 - SDL:2014/03/29 14:11:06 A . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28x.sys [2532552]
O58 - SDL:2012/07/26 08:00:55 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [52464]
O58 - SDL:2012/07/26 08:00:55 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150256]
O58 - SDL:2012/07/26 08:00:55 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168176]
O58 - SDL:2009/05/15 14:34:30 A . (.Novatel Wireless Inc. - Novatel Wireless USB Modem/Serial Device Dr.) -- C:\Windows\System32\drivers\nwvmmdm.sys [213376]
O58 - SDL:2009/05/15 14:34:30 A . (.Novatel Wireless Inc. - Novatel Wireless USB Modem/Serial Device Dr.) -- C:\Windows\System32\drivers\nwvmser.sys [213376]
O58 - SDL:2009/05/15 14:34:30 A . (.Novatel Wireless Inc. - Novatel Wireless USB Modem/Serial Device Dr.) -- C:\Windows\System32\drivers\nwvmser2.sys [213376]
O58 - SDL:2009/08/24 18:53:24 A . (.Printing Communications Assoc., Inc. (PCAUSA) - PCAUSA NDIS 5.0 SPR Protocol Driver (AMD64).) -- C:\Windows\System32\drivers\PCASp50a64.sys [41280]
O58 - SDL:2011/07/20 13:58:22 A . (.Research in Motion Ltd - RIM Virtual Serial Driver.) -- C:\Windows\System32\drivers\RimSerial_AMD64.sys [44032]
O58 - SDL:2011/07/25 17:44:46 A . (.Research In Motion Limited - BlackBerry Device Driver.) -- C:\Windows\System32\drivers\RimUsb_AMD64.sys [74752]
O58 - SDL:2012/06/13 08:41:22 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\Windows\System32\drivers\Rt630x64.sys [683664]
O58 - SDL:2012/07/26 11:11:43 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040]
O58 - SDL:2012/07/26 08:00:55 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44784]
O58 - SDL:2012/07/26 08:00:56 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81648]
O58 - SDL:2012/08/15 05:39:28 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272]
O58 - SDL:2012/08/15 05:39:28 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832]
O58 - SDL:2012/11/20 14:14:40 A . (.Copyright 2001-2012 - UVC Camera Streaming Driver.) -- C:\Windows\System32\drivers\snp2uvc.sys [1866080]
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [108800]
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys [206080]
O58 - SDL:2012/07/26 08:00:55 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [30960]
O58 - SDL:2013/07/26 14:31:58 A . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\drivers\stwrt64.sys [543744]
O58 - SDL:2013/10/30 03:52:48 A . (.Synaptics Incorporated - Synaptics Touchpad 64-bit Driver.) -- C:\Windows\System32\drivers\SynTP.sys [549104]
O58 - SDL:2012/07/26 08:00:58 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19184]
O58 - SDL:2012/07/26 08:00:58 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [164080]
O58 - SDL:2012/07/26 08:00:58 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [322800]
O58 - SDL:2015/06/18 02:27:54 A . (.HP Inc. - HP Wireless Button Driver.) -- C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384]

---\\ Last modified or created user files (O61) (6) - 68s
O61 - LFC: 2015/07/08 10:43:55 A . (..) -- C:\Users\HP\AppData\Local\Google\Update\Install\{37E6D7AA-187F-4820-9EA7-1D275090C5AA}\43.0.2357.132_43.0.2357.124_chrome_updater.exe [2952784]
O61 - LFC: 2015/07/08 10:43:55 A . (..) -- C:\Users\HP\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.132\43.0.2357.132_43.0.2357.124_chrome_updater.exe [2952784]
O61 - LFC: 2015/07/07 06:49:03 A . (..) -- C:\Users\HP\AppData\Local\Google\Chrome\Application\43.0.2357.132\libexif.dll [310088]
O61 - LFC: 2015/07/07 05:25:11 A . (..) -- C:\Users\HP\AppData\Local\Google\Chrome\Application\43.0.2357.132\natives_blob.bin [410937]
O61 - LFC: 2015/07/07 05:25:12 A . (..) -- C:\Users\HP\AppData\Local\Google\Chrome\Application\43.0.2357.132\snapshot_blob.bin [449780]
O61 - LFC: 2015/07/07 06:49:05 A . (..) -- C:\Users\HP\AppData\Local\Google\Chrome\Application\43.0.2357.132\PepperFlash\pepflashplayer.dll [16285512]

---\\ File Associations Shell Spawning (O67) (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

---\\ Start Menu Internet (SMI) (O68) (8) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe

---\\ Search Browser Infection (SBI) (O69) (9) - 7s
O69 - SBI: prefs.js [HP - s4yfl5uu.default-1377281913100] user_pref("browser.search.defaultenginename", "Ask.com"); =>Toolbar.Ask
O69 - SBI: prefs.js [HP - s4yfl5uu.default-1377281913100] user_pref("browser.search.order.1", "Ask.com"); =>Toolbar.Ask
O69 - SBI: prefs.js [HP - s4yfl5uu.default-1377281913100] user_pref("browser.search.selectedEngine", "Ask.com"); =>Toolbar.Ask
O69 - SBI: prefs.js [HP - s4yfl5uu.default-1377281913100] user_pref("browser.startup.homepage", "http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1184&v=n15946-707&t=4"); =>Toolbar.Ask
O69 - SBI: prefs.js [HP - s4yfl5uu.default-1377281913100] user_pref("keyword.URL", "http://dts.search.ask.com/sr?src=ffb&gct=ds&appid=1184&systemid=406&v=n15946-707&apn_dtid=BND406&apn_ptn[...] =>PUP.Optional.Bandoo
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} [DefaultScope] - (AVG Secure Search) - http://mysearch.avg.com/
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Ask.com) - http://dts.search.ask.com/ =>PUP.Optional.Bandoo
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (MyAshampoo Customized Web Search) - http://search.conduit.com/ =>PUP.Optional.Conduit

---\\ Search Svchost Services (SSS) (O83) (34) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [204288]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [305664]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [1160192]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\sens.dll [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [3286016]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1287680]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\system32\wlidsvc.dll [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\ncasvc.dll [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - System Events Broker.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224]

---\\ Firewall Active Exception List (FirewallRules) (O87) (4) - 2s
O87 - FAEL: "{1D88C071-07D2-4434-95FC-FC56007D72BF}" [In-None-P6-TRUE] .(.IAC Search and Media, Inc. - DtUser.) -- C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\dtuser.exe =>PUP.Optional.CrossRider
O87 - FAEL: "{BDC870F9-BF5A-40A6-B0EE-E9B03F4F67B0}" [In-None-P17-TRUE] .(.IAC Search and Media, Inc. - DtUser.) -- C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\dtuser.exe =>PUP.Optional.CrossRider
O87 - FAEL: "{6E32781F-86F3-4622-BF05-8F14A6594061}" [In-None-P6-TRUE] .(.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O87 - FAEL: "{573E6F38-C062-4A13-B55F-C67C4C531FC8}" [In-None-P17-TRUE] .(.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo

---\\ Windows Installer Scan (WIS)(NTFS)(O93) (1) - 14s
[MD5.] [WIS][2015/05/26 22:43:38] (.APN, LLC - Ask.com ® - Install Builder.) -- C:\Windows\Installer\8d55a0ec.msi [528384] =>PUP.Optional.Bandoo

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) (28) - 21s
SS - Demand [2015/07/08 13:09:44] [ 268976] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - Auto [2015/04/28 09:22:04] [ 178568] Ask Update Service (APNMCP) . (.APN LLC..) - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
SR - Auto [2014/08/24 09:50:10] [ 214512] Kaspersky Anti-Virus Service (avp) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
SR - Auto [2011/08/31 09:05:32] [ 462184] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - Demand [2012/08/25 22:52:04] [ 276288] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe
SR - Auto [2015/03/22 08:05:08] [ 3204296] Datamngr Coordinator (DatamngrCoordinator) . (.Bandoo Media Inc..) - C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe
SR - Auto [2012/10/26 13:50:32] [ 488824] @C:\Program Files\Hewlett-Packard\HP ProtectTools Security (DpHost) . (.DigitalPersona, Inc..) - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
SS - Demand [2012/11/19 20:13:00] [ 477056] HP ProtectTools Device Locking / Auditing (FLCDLOCK) . (.Hewlett-Packard Company.) - c:\Windows\SysWOW64\flcdlock.exe
SR - Auto [2013/11/04 18:31:56] [ 92160] HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
SR - Auto [2013/10/16 10:45:20] [ 681760] hpHotkeyMonitor (hpHotkeyMonitor) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
SR - Demand [2013/05/13 20:09:20] [ 1129760] HP Software Framework Service (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SR - Auto [// ::] [ 33600] @oem27.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\system32\Hpservice.exe
SR - Auto [2012/08/28 04:05:12] [ 7168] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - Auto [2012/12/10 14:31:28] [ 732160] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SS - Demand [2012/12/10 14:31:44] [ 803872] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SR - Auto [2013/12/22 23:27:22] [ 131032] Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - Auto [2013/12/22 23:27:22] [ 165336] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - Auto [2013/12/22 23:27:22] [ 279000] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - Auto [2011/09/16 08:31:34] [ 189832] Lotus Notes Smart Upgrade Service (LNSUSvc) . (.IBM Corp.) - C:\Lotus\Notes\SUService.exe
SR - Auto [2011/09/16 08:28:26] [ 4453768] Lotus Notes Diagnostics (Lotus Notes Diagnostics) . (.IBM.) - C:\Lotus\Notes\nsd.exe
SS - Demand [2015/07/07 21:24:21] [ 148136] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - Auto [2011/09/16 08:29:18] [ 71048] Multi-user Cleanup Service (Multi-user Cleanup Service) . (.IBM Corp.) - C:\Lotus\Notes\ntmulti.exe
SR - Auto [2013/02/07 11:37:38] [ 1135752] PDF Document Manager (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
SS - Auto [2015/02/18 19:11:32] [ 315488] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - Auto [2013/07/26 14:31:58] [ 327680] @C:\Windows\system32\stlang64.dll,-10101 (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\stacsv64.exe
SR - Demand [2015/06/04 21:56:54] [ 837312] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - Auto [2013/12/22 23:27:29] [ 366040] Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - Auto [2012/07/19 18:29:58] [ 2714232] Validity VCS Fingerprint Service (vcsFPService) . (.Validity Sensors, Inc..) - C:\Windows\System32\vcsFPService.exe

---\\ Additional Scan (O88) (33) - 0s
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask
C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe =>PUP.Optional.CrossRider
C:\Users\HP\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.Ask
C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll =>PUP.Optional.Bandoo
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} =>PUP.Optional.Bandoo
C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\searchresultsDx.dll =>PUP.Optional.Bandoo
HKLM\SYSTEM\CurrentControlSet\Services\APNMCP =>Toolbar.Ask
HKLM\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator =>PUP.Optional.MoviesToolbar
C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe =>PUP.Optional.MoviesToolbar
HKLM\SYSTEM\CurrentControlSet\Services\F06DEFF2-5B9C-490D-910F-35D3A9119622 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividbandoomoviestoolbarFF =>PUP.Optional.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividbandoomoviestoolbarIE =>PUP.Optional.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C1D00} =>PUP.Optional.BrowserTabSearch
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iLivid =>PUP.Optional.Bandoo
HKLM\SOFTWARE\Wow6432Node\AskPartnerNetwork =>Toolbar.Ask
HKLM\SOFTWARE\Wow6432Node\Conduit =>PUP.Optional.Conduit
HKLM\SOFTWARE\Wow6432Node\Datamngr =>PUP.Optional.Datamngr
HKLM\SOFTWARE\Wow6432Node\MyAshampoo =>Toolbar.Agent
HKCU\SOFTWARE\AskPartnerNetwork =>Toolbar.Ask
HKCU\SOFTWARE\AVG Security Toolbar =>Toolbar.AVGSearch
HKCU\SOFTWARE\iLivid =>PUP.Optional.Bandoo
HKCU\SOFTWARE\ilividbandoomoviestoolbar =>PUP.Optional.Bandoo
HKCU\SOFTWARE\AppDataLow\Software\MyAshampoo =>Toolbar.Agent =>Toolbar.Agent
C:\Program Files (x86)\AskPartnerNetwork =>Toolbar.Ask
C:\Program Files (x86)\AVG Security Toolbar =>Toolbar.AVGSearch
C:\Program Files (x86)\Movies App =>PUP.Optional.CrossRider
C:\ProgramData\AskPartnerNetwork =>Toolbar.Ask
C:\ProgramData\Datamngr =>PUP.Optional.Datamngr
C:\Users\HP\AppData\Local\AskPartnerNetwork =>Toolbar.Ask
C:\Users\HP\AppData\Local\iLivid =>PUP.Optional.Bandoo
C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\dtuser.exe =>PUP.Optional.CrossRider
C:\Windows\Installer\8d55a0ec.msi =>PUP.Optional.Bandoo

---\\ Summary of the detections found on your workstation (9) - 0s
http://www.nicolascoolman.fr/toolbar-ask/ =>Toolbar.Ask
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/adware-bandoo/ =>PUP.Optional.Bandoo
http://www.nicolascoolman.fr/blog =>Toolbar.Agent
http://www.nicolascoolman.fr/blog =>PUP.Optional.MoviesToolbar
http://www.nicolascoolman.fr/pup-browsertabsearch/ =>PUP.Optional.BrowserTabSearch
http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/pup-datamngr/ =>PUP.Optional.Datamngr
http://www.nicolascoolman.fr/blog =>Toolbar.AVGSearch

~ End of the scan, 100558 items in 146 seconds (832)(0)()

Publicité


Signaler le contenu de ce document

Publicité