cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.7.17.92 By Nicolas Coolman (2015/07/17)
~ Run by User (Administrator) (2015/07/18 00:08:42)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\User\Desktop\ZHPDiag.txt
~ Report: C:\Users\User\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
~ Windows 8.1, 64-bit (Build 9600)

---\\ Internet Browsers (4) - 0s
GCIE: Google Chrome v43.0.2357.134
MFIE: Mozilla Firefox 38.0.1 (x86 en-US) v38.0.1
OPIE: Opera 30.0.1835.125 v30.0.1835.125
MSIE: Internet Explorer v11.0.9600.17631

---\\ Windows Product Information (3) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Generation : OK
Windows Activation Technologies : OK

---\\ System protection software (1) - 1s
Malwarebytes Anti-Malware version 2.1.8.1057

---\\ Surveillance software (2) - 1s
Adobe Flash Player 10 ActiveX
Adobe Reader XI

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 8266092
~ System Restore: Active (Enable)
~ System drive C: has 20 GB free of 114 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: ADMIN
~ User Name: User
~ Logged in as Administrator

---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 20 GB free of 114 GB (System)
~ Drive F: has 727 GB free of 953 GB
~ Drive H: has 114 GB free of 114 GB

---\\ Search Generic System Files (22) - 0s
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2501368]
[MD5.6E0BDFBEEED65B017F2E4C2C910B0520] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [52736]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [144384]
[MD5.9DFE41A69DF70AAB75CB5BA8C1109EA2] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [2358272]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [76800]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [142848]
[MD5.7A1A3F213CDB3363D179D5014272025D] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [282624]
[MD5.038C77D577900EE39410662478BB0D50] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [2009920]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [310080]

---\\ Process running (26) - 1s
[MD5.E1CE82592245B9E9621F17FBF457DB4E] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 344.7.) -- C:\Windows\system32\nvvsvc.exe [934032] [PID.1004]
[MD5.B1F2D06DD129C900A172EF4466A3A4AB] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [1247432] [PID.372]
[MD5.E1CE82592245B9E9621F17FBF457DB4E] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 344.7.) -- C:\Windows\system32\nvvsvc.exe [934032] [PID.392]
[MD5.7736CDCCA38519FD637C82638A06B4FF] - (.Acronis - Acronis Scheduler 2.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1143720] [PID.1648]
[MD5.051B0369593D350A0610FC2E3F1F8AFD] - (.Acronis - File Level CDP Manager Service.) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [3783672] [PID.1732]
[MD5.BBBC59715AA9EFD1BAE7B048AACC0B24] - (.ELAN Microelectronics Corp. - Elan Service.) -- C:\Program Files\Elantech\ETDService.exe [101192] [PID.1896]
[MD5.34E75903D327D9D02AA5F92F87C808EF] - (.NVIDIA Corporation - NVIDIA GeForce Experience Service.) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744] [PID.1940]
[MD5.0DB1E3F6189C628675F855C0EB510419] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696] [PID.1992]
[MD5.086DA58F38AB4C690D594D223F6C4BC4] - (.Nalpeiron Ltd. - Nalpeiron LAN Service Build March 20th 2012.) -- C:\Windows\SysWOW64\nalserv.exe [135168] [PID.2044]
[MD5.F1F1614043902683EF88991E1F9428AA] - (...) -- C:\Program Files (x86)\Nervous Stroke\Nervous Stroke.exe [8016018] [PID.1484]
[MD5.B1EF4686961986DFFB7FE8F18E6FCB5B] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\Windows\SysWOW64\nlssrv32.exe [66560] [PID.2088]
[MD5.9EA1D43D68AAAE216CDA9C89CEF24D9E] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912] [PID.2120]
[MD5.8EB877DD871935DF1074BFF18CB301AB] - (.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848] [PID.2144]
[MD5.8EB877DD871935DF1074BFF18CB301AB] - (.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848] [PID.2568]
[MD5.083277D852E22BBC3EB83BB6A6B53C2D] - (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe [2890056] [PID.3044]
[MD5.8EB877DD871935DF1074BFF18CB301AB] - (.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848] [PID.3060]
[MD5.FCB9BBDA6424D46D7463B9CC6A49E041] - (.ELAN Microelectronics Corp. - ETDTouch.) -- C:\Program Files\Elantech\ETDTouch.exe [85832] [PID.3580]
[MD5.982E78DB8D18FE4E7235071A22F5C389] - (.ELAN Microelectronics Corp. - ETD Control Center Helper.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe [2249032] [PID.3700]
[MD5.90AC42BBCDF908DD576853CB5CACA761] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072] [PID.4056]
[MD5.0011163AC036C71E03883DD10C626F81] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576] [PID.4908]
[MD5.8AF9F5700E5AA71303FD98D3DA976345] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [2445512] [PID.600]
[MD5.59F8DA04498B80D58FD8638370C5C84F] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688] [PID.4508]
[MD5.E429410581E60535B555DDA729424885] - (.DuckLink Software - DuckLink Screen Capture.) -- C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe [436736] [PID.5768]
[MD5.7FFF753D3392CC6271432C2A476C4240] - (.Evernote Corp., 305 Walnut Street, Redwood City, CA 9 - Evernote Clipper.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe [1210376] [PID.5180]
[MD5.E903DA0A3B4F2204351F1B5EBDFA4C47] - (.Dolby Laboratories Inc. - Dolby Digital Plus Profile Selector.) -- C:\Program Files\Dolby Digital Plus\ddp.exe [585600] [PID.5884]
[MD5.430D7B719DD345E305DF94529FFD183D] - (.Acronis - TrueImage Sync Agent Service.) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7084672] [PID.2960]

---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) (5) - 0s
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [bcipapbfhdnmgihoimbjiadmhpcgcnil] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [efaidnbmnnnibpcajpcglclefindmkaj] __MSG_web2pdfExtnName__
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call
G2 - GCE: Preference [User Data\Default] [lmjegmlicamnimmfhcmpkclmigmmcbeh] Application Launcher for Drive (by Google)

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) (15) - 1s
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazondotcom.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\twitter.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited.) -- C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- D:\Installed in disc D\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.45.2] - (.Oracle Corporation.) -- C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corp..) -- C:\Program Files (x86)\Java\jre1.8.0_45\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.45.2] - (.Oracle Corporation.) -- C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (21) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mysearch.avg.com?cid={1C716764-5FD3-46E1-B51A-3436033B5DE1}&mid=e3bfa8ea2a9d47d2a1e8ed3ea0b81c67-afd7ee93c7decd14b54b174b37b46d73ab89cece&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-25 19:09:52&v=18.1.7.598&pid=safeguard&sg=&sap=hp
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hote est sain (The hosts file is clean) (24)

---\\ Browser Helper Object (BHO) (O2) (2) - 0s
O2 - BHO: (no name) [64Bits] - {074C1DC5-9320-4A9A-947D-C042949C6216} (Orphean)
O2 - BHO: Evernote extension [64Bits] - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} . (.Evernote Corp., 305 Walnut Street, Redwood City, CA 9 - Evernote Clipper for Microsoft Internet Exp.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteIEx64.dll

---\\ Auto loading programs from Registry and folders (O4) (38) - 1s
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Run: [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe
O4 - HKLM\..\Run: [Logitech Download Assistant] . (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] D:\Installed in disc D\DAEMON Tools Lite\DTLite.exe (.not file.)
O4 - HKCU\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [Viber] C:\Users\User\AppData\Local\Viber\Viber.exe (.not file.)
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] . (.Adobe Systems Incorporated - Adobe Collaboration Synchronizer 15.7.) -- C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
O4 - HKCU\..\Run: [DuckCapture] . (.DuckLink Software - DuckLink Screen Capture.) -- C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe
O4 - HKCU\..\Run: [Dropbox Update] . (.Dropbox, Inc. - Dropbox Update.) -- C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Sticky Notes.) -- C:\Windows\System32\StikyNot.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] D:\Installed in disc D\iTunesHelper.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [TrueImageMonitor.exe] . (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [AcronisTibMounterMonitor] . (.Acronis - Acronis TIB Monitor.) -- C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKUS\S-1-5-21-2821764334-1850713081-2027466748-1001\..\Run: [DAEMON Tools Lite] D:\Installed in disc D\DAEMON Tools Lite\DTLite.exe (.not file.)
O4 - HKUS\S-1-5-21-2821764334-1850713081-2027466748-1001\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
O4 - HKUS\S-1-5-21-2821764334-1850713081-2027466748-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2821764334-1850713081-2027466748-1001\..\Run: [Viber] C:\Users\User\AppData\Local\Viber\Viber.exe (.not file.)
O4 - HKUS\S-1-5-21-2821764334-1850713081-2027466748-1001\..\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-2821764334-1850713081-2027466748-1001\..\Run: [Adobe Acrobat Synchronizer] . (.Adobe Systems Incorporated - Adobe Collaboration Synchronizer 15.7.) -- C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
O4 - HKUS\S-1-5-21-2821764334-1850713081-2027466748-1001\..\Run: [DuckCapture] . (.DuckLink Software - DuckLink Screen Capture.) -- C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe
O4 - HKUS\S-1-5-21-2821764334-1850713081-2027466748-1001\..\Run: [Dropbox Update] . (.Dropbox, Inc. - Dropbox Update.) -- C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe
O4 - HKUS\S-1-5-21-2821764334-1850713081-2027466748-1001\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Sticky Notes.) -- C:\Windows\System32\StikyNot.exe

---\\ Lop.com/Domain Hijackers (O17) (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

---\\ AppInit_DLLs Registry value Autorun (O20) (1) - 0s
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 344.) - C:\Windows\system32\nvinitx.dll

---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) (21) - 1s
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) . (.Acronis - Acronis Scheduler 2.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - YSLoader.exe.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Elan Service (ETDService) . (.ELAN Microelectronics Corp. - Elan Service.) - C:\Program Files\Elantech\ETDService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation - NVIDIA GeForce Experience Service.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Nalpeiron Control Service (NalServ) . (.Nalpeiron Ltd. - Nalpeiron LAN Service Build March 20th 2012.) - C:\Windows\SysWOW64\nalserv.exe
O23 - Service: Nervous Stroke (Nervous Stroke) . (...) - C:\Program Files (x86)\Nervous Stroke\Nervous Stroke.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation - NVIDIA Network Service.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation - NVIDIA Streamer Service.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 344.7.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: Service KMSELDI (Service KMSELDI) . (. - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) . (.Acronis - TrueImage Sync Agent Service.) - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

---\\ Task Planned Automatically (O39) (37) - 2s
[MD5.E3FB05F33E1404AD606B1E1FE7C323C3] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998104]
[MD5.D0E69BC0FE8F77067237AE4900017A0D] [APT] [Adobe Flash Player PPAPI Notifier] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe [1155760]
[MD5.011BD8A49AF856E8A8EE32652D1CFC05] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268976]
[MD5.51B634D617073986FA73417318F7C121] [APT] [AdobeAAMUpdater-1.0-MicrosoftAccount-daniella.atanasova@hotmail.com] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936]
[MD5.E3FEA8060978EAB6FA5D40E74DE6308B] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe [1051416] =>PUA.KMSpico
[MD5.7C6D524C78A1722AD987B9E47AC1FEE2] [APT] [DropboxUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001Core] (.Dropbox, Inc..) -- C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512]
[MD5.7C6D524C78A1722AD987B9E47AC1FEE2] [APT] [DropboxUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001UA] (.Dropbox, Inc..) -- C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001Core] (.Facebook Inc..) -- C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001UA] (.Facebook Inc..) -- C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.28405F60CCF4023CD253B0EB3640C078] [APT] [HPCustParticipation HP Deskjet 3070 B611 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [4119656]
[MD5.00000000000000000000000000000000] [APT] [LiveToRead] (.Hewlett-Packard Co..) -- c:\programdata\{435d80fe-85b9-4a71-435d-d80fe85b03fa}\8496398093982811925b.exe (.not file.) [0]
[MD5.EF1E82732B47957D33EEB74844F213AD] [APT] [Opera scheduled Autoupdate 1422464805] (.Opera Software.) -- C:\Program Files (x86)\Opera\launcher.exe [908408]
[MD5.3BBEC4CC2A388B4C5D1EFE20EAD7D98F] [APT] [{9AA081E5-A6E6-4DE3-AFAC-8C4A5068B396}] (.Google Inc..) -- c:\program files (x86)\Google\Chrome\application\chrome.exe [813896]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job [892]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830]
O39 - APT: DropboxUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001Core - (.Dropbox, Inc..) -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001Core.job [874]
O39 - APT: DropboxUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001UA - (.Dropbox, Inc..) -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001UA.job [926]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001Core.job [914]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001UA.job [936]
O39 - APT: LiveToRead - (.Hewlett-Packard Co..) -- C:\Windows\Tasks\LiveToRead.job [364]
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886]
O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier [3848]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3718]
O39 - APT: AdobeAAMUpdater-1.0-MicrosoftAccount-daniella.atanasova@hotmail.com - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-daniella.atanasova@hotmail.com [3494] =>PUP.Optional.CrossRider
O39 - APT: AutoPico Daily Restart - (..) -- C:\Windows\System32\Tasks\AutoPico Daily Restart [3702] =>PUA.KMSpico
O39 - APT: Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\CreateChoiceProcessTask [3542]
O39 - APT: Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Dolby Selector [3118]
O39 - APT: DropboxUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001Core - (.Dropbox, Inc..) -- C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001Core [3490]
O39 - APT: DropboxUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001UA - (.Dropbox, Inc..) -- C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001UA [3870]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001Core [3432]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2821764334-1850713081-2027466748-1001UA [3782]
O39 - APT: HPCustParticipation HP Deskjet 3070 B611 series - (.Hewlett-Packard Co..) -- C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 3070 B611 series [3612]
O39 - APT: LiveToRead - (.Hewlett-Packard Co..) -- C:\Windows\System32\Tasks\LiveToRead [3244]
O39 - APT: Opera scheduled Autoupdate 1422464805 - (.Opera Software.) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1422464805 [3824]
O39 - APT: {9AA081E5-A6E6-4DE3-AFAC-8C4A5068B396} - (.Google Inc..) -- C:\Windows\System32\Tasks\{9AA081E5-A6E6-4DE3-AFAC-8C4A5068B396} [3114]
O39 - APT: Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{C69E69C8-A6C1-457C-AE8B-7D0D91DDA366} [3142]

---\\ Software installed (O42) (96) - 6s
O42 - Logiciel: ETDWare PS/2-X64 11.6.28.201_WHQL - (.ELAN Microelectronic Corp..) [HKLM][64Bits] -- Elantech
O42 - Logiciel: KMSpico v9.1.3 - (...) [HKLM][64Bits] -- KMSpico_is1 =>PUA.KMSpico
O42 - Logiciel: Sublime Text 2.0.2 - (...) [HKLM][64Bits] -- Sublime Text 2_is1
O42 - Logiciel: WinRAR 5.00 (64-áèòîâà âåðñèÿ) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140}
O42 - Logiciel: HP Deskjet 3070 B611 series Product Improvement Study - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {5FC9F9EE-C530-4DB7-8509-C166E42355CD}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Dolby Digital Plus Home Theater - (.Dolby Laboratories Inc.) [HKLM][64Bits] -- {7E3D8FA1-6092-469A-955B-68FC4A2C67CA}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {89AFB053-A343-46EF-97E4-D593AD7184E6}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Visual Studio 2012 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {8C775E70-A791-4DA8-BCC3-6AB7136F4484}
O42 - Logiciel: Microsoft Access MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Excel MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Publisher MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Outlook MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Word MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft InfoPath MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft DCF MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft OneNote MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Groove MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Access Setup Metadata MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0117-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Lync MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0409-1000-0000000FF1CE}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {93F692D4-0C4D-4EED-9BFE-657C1D5959FE}
O42 - Logiciel: HP Deskjet 3070 B611 series Basic Device Software - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {B08ED12B-F101-45D1-B13C-B203EA67AD6B}
O42 - Logiciel: NVIDIA Graphics Driver 344.75 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA GeForce Experience 2.1.4 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience
O42 - Logiciel: NVIDIA PhysX System Software 9.14.0702 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Flash Player 18 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI
O42 - Logiciel: BB FlashBack Pro 5 - (.Blueberry.) [HKLM][64Bits] -- BB FlashBack Pro 5
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite
O42 - Logiciel: DuckCapture Standard 2.7 - (.DuckLink.) [HKLM][64Bits] -- DuckCapture_is1
O42 - Logiciel: FileZilla Client 3.11.0.2 - (.Tim Kosse.) [HKLM][64Bits] -- FileZilla Client
O42 - Logiciel: foobar2000 v1.3.7 - (.Peter Pawlowski.) [HKLM][64Bits] -- foobar2000
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM][64Bits] -- GOM Player
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Heroes of Might and Magic® III Complete - (...) [HKLM][64Bits] -- Heroes of Might and Magic® III
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Mozilla Firefox 38.0.1 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.1 (x86 en-US)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++
O42 - Logiciel: Opera Stable 30.0.1835.125 - (.Opera Software.) [HKLM][64Bits] -- Opera 30.0.1835.125
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3
O42 - Logiciel: StartIsBack+ - (.startisback.com.) [HKLM][64Bits] -- StartIsBack
O42 - Logiciel: SDL Trados 2011 SP2 - Remove suite of products - (.SDL.) [HKLM][64Bits] -- TranslationStudio2011
O42 - Logiciel: WampServer 2.5 - (.Hervé Leclerc (HeL).) [HKLM][64Bits] -- WampServer 2_is1
O42 - Logiciel: PxMergeModule - (.Your Company Name.) [HKLM][64Bits] -- {024521CF-C07E-4F8E-8481-0D75695E03AF}
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM][64Bits] -- {111EE7DF-FC45-40C7-98A7-753AC46B12FB}
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}
O42 - Logiciel: Skype™ 7.1 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Java 8 Update 45 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218045F0}
O42 - Logiciel: Adobe Creative Suite 5 Master Collection - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {288DB08D-0708-4A94-B055-55B99E39EB62}
O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM][64Bits] -- {4EE2EF4B-25D3-4D44-8384-A2B96F811F55}
O42 - Logiciel: Data Lifeguard Diagnostic for Windows 1.28 - (.Western Digital Corporation.) [HKLM][64Bits] -- {519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1
O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: SDL Passolo Essential 2011 SP6 - (.SDL.) [HKLM][64Bits] -- {627163CD-8116-4982-9AC1-8C6DE4A499A0}
O42 - Logiciel: Prezi - (.Prezi.com.) [HKLM][64Bits] -- {63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems, Inc..) [HKLM][64Bits] -- {6E9EF98E-259E-416D-B5F8-0ABDB99942CE}
O42 - Logiciel: SDL Trados Studio 2011 SP2 - (.SDL.) [HKLM][64Bits] -- {7205B6D1-2975-4DDC-85D4-30AECFBFC138}
O42 - Logiciel: SDL Trados Compatibility module - (.SDL.) [HKLM][64Bits] -- {7230BA04-AE1B-4C17-91A0-E7DF6DF6E05C}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: True Image WD Edition - (.Acronis.) [HKLM][64Bits] -- {85CB1512-2D4A-4469-AC21-6B111D169CEB}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {912D30CF-F39E-4B31-AD9A-123C6B794EE2}
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM][64Bits] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
O42 - Logiciel: HP Deskjet 3070 B611 series Help - (.Hewlett Packard.) [HKLM][64Bits] -- {9F20CE56-3828-432D-A3C5-3EC6A2ED93C6}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824147215}
O42 - Logiciel: Adobe Acrobat DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-1033-FFFF-7760-0C0F074E4100}
O42 - Logiciel: Adobe Reader XI (11.0.10) - Francais - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B455E95A-B804-439F-B533-336B1635AE97}
O42 - Logiciel: Evernote v. 5.8.11 - (.Evernote Corp..) [HKLM][64Bits] -- {B6B185C8-1C37-11E5-A35A-0050569584E9}
O42 - Logiciel: The Sims™ 3 - (.Electronic Arts.) [HKLM][64Bits] -- {C05D8CDB-417D-4335-A38C-A0659EDFD6B8}
O42 - Logiciel: WD Black? Dual Drive - (.Western Digital.) [HKLM][64Bits] -- {CA4C4325-B9D0-45A2-A32A-7AE2BC204D78}
O42 - Logiciel: WD Black? Dual Drive - (.Western Digital.) [HKLM][64Bits] -- {CA4C4325-B9D0-45A2-A32A-7AE2BC204D78}Visible
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
O42 - Logiciel: Microsoft WSE 3.0 Runtime - (.Microsoft Corp..) [HKLM][64Bits] -- {E3E71D07-CD27-46CB-8448-16D4FB29AA13}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Microsoft WSE 2.0 SP3 Runtime - (.Microsoft Corp..) [HKLM][64Bits] -- {F3CA9611-CD42-4562-ADAB-A554CF8E17F1}
O42 - Logiciel: GitHub - (.GitHub, Inc..) [HKCU][64Bits] -- 5f7eb300e2ea4ebf
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent

---\\ HKCU & HKLM Software Keys (117) - 6s
HKLM\SOFTWARE\Wow6432Node\Acronis
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Blueberry Software
HKLM\SOFTWARE\Wow6432Node\Disc Soft
HKLM\SOFTWARE\Wow6432Node\DivXNetworks
HKLM\SOFTWARE\Wow6432Node\Electronic Arts
HKLM\SOFTWARE\Wow6432Node\Evernote
HKLM\SOFTWARE\Wow6432Node\FileZilla 3
HKLM\SOFTWARE\Wow6432Node\FileZilla Client
HKLM\SOFTWARE\Wow6432Node\foobar2000
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\GRETECH
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Lamantine
HKLM\SOFTWARE\Wow6432Node\LogSys
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\MAXSOFT-OCRON
HKLM\SOFTWARE\Wow6432Node\McAfee.com
HKLM\SOFTWARE\Wow6432Node\mcafeeupdater
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\NeoSmart Technologies
HKLM\SOFTWARE\Wow6432Node\New World Computing
HKLM\SOFTWARE\Wow6432Node\Notepad++
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OpenOffice.org
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\PowerPivot
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\SDL
HKLM\SOFTWARE\Wow6432Node\Sims
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Sonic
HKLM\SOFTWARE\Wow6432Node\Sun Microsystems
HKLM\SOFTWARE\Wow6432Node\Trados
HKLM\SOFTWARE\Wow6432Node\Valve
HKLM\SOFTWARE\Wow6432Node\Western Digital
HKLM\SOFTWARE\Wow6432Node\Windows
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Acronis
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Alarm
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Avg
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Blueberry Software
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\Dolby
HKCU\SOFTWARE\Dropbox
HKCU\SOFTWARE\DropboxUpdate
HKCU\SOFTWARE\Elantech
HKCU\SOFTWARE\Electronic Arts
HKCU\SOFTWARE\Evernote
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\foobar2000
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GRETECH
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\HP
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Lamantine
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\LogiShrd
HKCU\SOFTWARE\LogSys
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\Minnetonka Audio Software
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\New World Computing
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\OpenOffice.org
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\PACE Anti-Piracy
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\SDL
HKCU\SOFTWARE\ShutDownControl
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SkypeRS
HKCU\SOFTWARE\SourceForge
HKCU\SOFTWARE\StartIsBack
HKCU\SOFTWARE\Stefan Angelov
HKCU\SOFTWARE\SubSystems
HKCU\SOFTWARE\SYNCJM
HKCU\SOFTWARE\Trados
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\Viber
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft

---\\ Contents of the Common Files folders (O43) (238) - 6s
O43 - CFD: 2014/08/30 21:47:50 - [] D -- C:\Program Files (x86)\3DO
O43 - CFD: 2015/01/27 22:11:35 - [] D -- C:\Program Files (x86)\Acronis
O43 - CFD: 2015/04/20 23:25:16 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2014/06/15 21:21:42 - [] D -- C:\Program Files (x86)\Adobe Media Player
O43 - CFD: 2014/11/18 22:51:14 - [0] D -- C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 2014/06/15 21:35:05 - [] D -- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 2014/07/10 22:02:40 - [] D -- C:\Program Files (x86)\Bonjour
O43 - CFD: 2015/06/27 16:41:44 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2014/08/30 21:47:18 - [] D -- C:\Program Files (x86)\directx
O43 - CFD: 2015/05/17 00:40:19 - [] D -- C:\Program Files (x86)\DuckLink
O43 - CFD: 2014/08/31 21:20:01 - [] D -- C:\Program Files (x86)\Electronic Arts
O43 - CFD: 2014/06/18 09:35:54 - [] D -- C:\Program Files (x86)\Evernote
O43 - CFD: 2014/09/01 21:25:05 - [] D -- C:\Program Files (x86)\Firefly Studios
O43 - CFD: 2014/07/01 22:15:57 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/01/28 20:06:12 - [] D -- C:\Program Files (x86)\GRETECH
O43 - CFD: 2015/03/29 11:54:08 - [] D -- C:\Program Files (x86)\HP
O43 - CFD: 2014/08/31 21:20:01 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2014/06/14 23:15:23 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/03/13 20:21:32 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/04/14 22:34:20 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2014/06/15 20:49:20 - [] D -- C:\Program Files (x86)\JRE
O43 - CFD: 2015/07/17 23:42:30 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 2014/06/14 23:29:33 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 2014/10/15 08:15:43 - [] D -- C:\Program Files (x86)\Microsoft ASP.NET
O43 - CFD: 2014/06/14 23:29:29 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2014/12/14 18:35:19 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2014/06/14 23:31:09 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 2014/09/09 11:03:28 - [] D -- C:\Program Files (x86)\Microsoft WSE
O43 - CFD: 2014/06/15 08:28:43 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/07/17 23:35:32 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/05/28 07:33:35 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2014/09/09 11:04:13 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2014/09/03 09:42:52 - [] D -- C:\Program Files (x86)\MSECache
O43 - CFD: 2014/06/15 21:21:38 - [] D -- C:\Program Files (x86)\My Company Name
O43 - CFD: 2015/01/31 17:34:33 - [0] D -- C:\Program Files (x86)\NeoSmart Technologies
O43 - CFD: 2015/07/06 20:02:17 - [] D -- C:\Program Files (x86)\Nervous Stroke
O43 - CFD: 2015/06/28 14:24:38 - [] D -- C:\Program Files (x86)\Notepad++
O43 - CFD: 2014/11/18 22:50:44 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 2014/09/09 11:03:27 - [] D -- C:\Program Files (x86)\Open XML SDK
O43 - CFD: 2014/06/15 20:49:20 - [] D -- C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 2015/07/14 21:31:10 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 2015/03/23 00:10:48 - [] D -- C:\Program Files (x86)\Prezi
O43 - CFD: 2014/06/15 21:35:31 - [] D -- C:\Program Files (x86)\QuickTime
O43 - CFD: 2014/06/14 23:13:03 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2014/06/30 23:14:20 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2014/09/09 11:03:59 - [] D -- C:\Program Files (x86)\SDL
O43 - CFD: 2015/05/28 07:34:12 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2014/06/14 23:04:36 - [] D -- C:\Program Files (x86)\StartIsBack
O43 - CFD: 2014/06/14 23:12:57 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 2015/01/27 22:15:51 - [] D -- C:\Program Files (x86)\Western Digital
O43 - CFD: 2015/01/29 23:31:41 - [] D -- C:\Program Files (x86)\Western Digital Corporation
O43 - CFD: 2015/03/13 20:21:32 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2015/03/13 20:21:32 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/03/13 20:21:32 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2015/03/13 20:21:32 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2013/08/22 18:36:30 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2015/03/13 20:21:32 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2015/03/13 20:21:32 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2013/08/22 18:36:30 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2013/08/22 18:36:30 - [] D -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 2014/08/30 21:47:58 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3DO
O43 - CFD: 2015/03/13 20:21:32 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/03/13 20:21:32 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/01/27 22:11:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
O43 - CFD: 2015/03/13 20:21:32 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2014/06/15 21:21:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
O43 - CFD: 2014/06/15 21:29:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5
O43 - CFD: 2015/06/27 16:41:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blueberry Software
O43 - CFD: 2014/08/30 20:20:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
O43 - CFD: 2015/05/17 00:40:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DuckLink
O43 - CFD: 2015/06/28 14:00:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
O43 - CFD: 2015/06/30 22:12:02 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
O43 - CFD: 2014/07/14 18:00:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
O43 - CFD: 2015/03/13 20:21:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/06/06 09:16:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
O43 - CFD: 2015/03/29 11:54:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 2014/06/14 23:15:23 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 2014/07/10 22:03:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 2015/04/14 22:29:04 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2014/06/14 23:07:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico
O43 - CFD: 2013/08/22 18:36:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/07/17 23:42:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2015/03/13 20:21:24 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2014/12/14 12:14:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2014/09/03 20:20:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2014/06/14 23:21:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 2014/06/15 20:49:36 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.2
O43 - CFD: 2015/03/29 13:36:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
O43 - CFD: 2014/06/15 21:35:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 2014/09/09 11:03:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDL
O43 - CFD: 2014/09/16 22:24:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/05/27 10:07:38 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2015/03/13 20:21:32 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2013/08/23 02:30:57 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2014/06/15 20:47:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer
O43 - CFD: 2015/01/29 23:31:41 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
O43 - CFD: 2014/06/14 23:06:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2014/07/10 22:03:13 - [] D -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 2015/01/27 22:11:43 - [] D -- C:\ProgramData\Acronis
O43 - CFD: 2015/04/20 23:27:13 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2014/06/15 21:27:33 - [0] D -- C:\ProgramData\ALM
O43 - CFD: 2014/07/10 22:02:44 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2014/07/10 22:03:08 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2013/08/22 17:45:52 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2014/08/30 20:37:18 - [] D -- C:\ProgramData\AVG2014
O43 - CFD: 2015/07/01 23:50:13 - [] D -- C:\ProgramData\Blueberry
O43 - CFD: 2014/06/15 15:15:15 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2014/06/29 15:14:53 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 2013/08/22 17:45:52 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2013/08/22 17:45:52 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/06/19 07:22:27 - [] D -- C:\ProgramData\Dropbox
O43 - CFD: 2014/07/14 18:01:41 - [] D -- C:\ProgramData\GRETECH
O43 - CFD: 2015/03/29 11:52:56 - [] D -- C:\ProgramData\HP
O43 - CFD: 2014/06/14 23:13:32 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2015/06/27 16:41:47 - [] D -- C:\ProgramData\LogSys
O43 - CFD: 2015/06/29 20:09:21 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2014/07/08 20:40:30 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2014/08/30 20:37:18 - [] D -- C:\ProgramData\MFAData
O43 - CFD: 2015/03/14 01:51:10 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/03/14 02:43:50 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2015/05/12 20:16:56 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2014/11/18 22:51:06 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 2014/11/18 22:50:48 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 2015/04/14 22:28:50 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 2014/06/15 21:44:19 - [] D -- C:\ProgramData\PACE Anti-Piracy
O43 - CFD: 2014/09/09 11:02:51 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2014/06/14 23:17:34 - [] D -- C:\ProgramData\Qualcomm Atheros
O43 - CFD: 2015/04/20 23:26:15 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 2015/03/13 20:21:32 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2014/09/09 11:03:59 - [] D -- C:\ProgramData\SDL
O43 - CFD: 2014/09/09 11:03:36 - [] D -- C:\ProgramData\SDL International
O43 - CFD: 2015/04/09 22:50:55 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2013/08/22 17:45:52 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2014/06/15 20:49:09 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2013/08/22 17:45:52 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2014/08/30 21:47:50 - [] D -- C:\Program Files (x86)\Common Files\3DO Shared
O43 - CFD: 2015/01/27 22:11:55 - [] D -- C:\Program Files (x86)\Common Files\Acronis
O43 - CFD: 2015/04/20 23:26:15 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2014/06/15 21:20:10 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 2014/07/10 22:03:08 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 2015/06/27 16:41:45 - [] D -- C:\Program Files (x86)\Common Files\Blueberry Software
O43 - CFD: 2014/06/14 23:12:01 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2014/06/14 23:15:03 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2014/06/14 23:14:20 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 2014/06/15 20:49:09 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2015/02/12 11:25:57 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2014/06/14 23:13:51 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 2014/06/15 21:21:38 - [] D -- C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 2014/09/09 11:04:26 - [] D -- C:\Program Files (x86)\Common Files\SDL
O43 - CFD: 2015/03/13 20:21:32 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2014/09/16 22:24:01 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2014/06/15 21:21:38 - [] D -- C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 2015/01/24 15:07:29 - [] D -- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 2015/03/13 20:21:32 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/01/27 22:12:44 - [] D -- C:\Users\User\AppData\Roaming\Acronis
O43 - CFD: 2015/05/24 11:34:56 - [] D -- C:\Users\User\AppData\Roaming\Adobe
O43 - CFD: 2014/07/10 22:03:39 - [] D -- C:\Users\User\AppData\Roaming\Apple Computer
O43 - CFD: 2014/06/15 15:17:21 - [] D -- C:\Users\User\AppData\Roaming\AVG2014
O43 - CFD: 2015/07/01 23:57:07 - [] D -- C:\Users\User\AppData\Roaming\Blueberry
O43 - CFD: 2015/05/24 12:59:02 - [] D -- C:\Users\User\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O43 - CFD: 2015/03/31 22:04:34 - [] D -- C:\Users\User\AppData\Roaming\com.prezi.PreziDesktop
O43 - CFD: 2014/06/29 15:16:10 - [] D -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 2015/07/18 00:00:33 - [] D -- C:\Users\User\AppData\Roaming\Dropbox
O43 - CFD: 2015/05/17 00:40:22 - [] D -- C:\Users\User\AppData\Roaming\DuckLink
O43 - CFD: 2015/07/01 20:46:35 - [] D -- C:\Users\User\AppData\Roaming\FileZilla
O43 - CFD: 2015/07/08 21:00:49 - [] D -- C:\Users\User\AppData\Roaming\foobar2000
O43 - CFD: 2015/02/25 23:10:15 - [] D -- C:\Users\User\AppData\Roaming\GitHub
O43 - CFD: 2014/07/14 18:00:51 - [] D -- C:\Users\User\AppData\Roaming\GRETECH
O43 - CFD: 2015/06/30 21:44:26 - [] D -- C:\Users\User\AppData\Roaming\HpUpdate
O43 - CFD: 2015/03/13 19:46:07 - [] D -- C:\Users\User\AppData\Roaming\Identities
O43 - CFD: 2014/06/14 23:13:34 - [] D -- C:\Users\User\AppData\Roaming\Intel Corporation
O43 - CFD: 2015/06/27 16:41:57 - [] D -- C:\Users\User\AppData\Roaming\LogSys
O43 - CFD: 2014/06/14 23:30:35 - [] D -- C:\Users\User\AppData\Roaming\Macromedia
O43 - CFD: 2015/05/18 09:13:17 - [] SD -- C:\Users\User\AppData\Roaming\Microsoft
O43 - CFD: 2015/05/12 20:17:13 - [] D -- C:\Users\User\AppData\Roaming\Mozilla
O43 - CFD: 2015/06/28 14:24:39 - [] D -- C:\Users\User\AppData\Roaming\Notepad++
O43 - CFD: 2015/01/04 17:06:43 - [] D -- C:\Users\User\AppData\Roaming\NVIDIA
O43 - CFD: 2014/07/15 13:11:34 - [] D -- C:\Users\User\AppData\Roaming\OpenOffice.org
O43 - CFD: 2015/01/28 20:06:47 - [] D -- C:\Users\User\AppData\Roaming\Opera Software
O43 - CFD: 2015/04/14 22:27:46 - [] D -- C:\Users\User\AppData\Roaming\Oracle
O43 - CFD: 2014/06/15 21:44:19 - [] D -- C:\Users\User\AppData\Roaming\PACE Anti-Piracy
O43 - CFD: 2015/04/20 23:27:49 - [] D -- C:\Users\User\AppData\Roaming\PDAppFlex
O43 - CFD: 2014/06/15 21:31:06 - [] D -- C:\Users\User\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
O43 - CFD: 2014/09/09 11:08:58 - [] D -- C:\Users\User\AppData\Roaming\SDL
O43 - CFD: 2015/07/15 23:28:56 - [] D -- C:\Users\User\AppData\Roaming\Skype
O43 - CFD: 2014/09/02 14:13:39 - [] D -- C:\Users\User\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 2014/10/12 10:22:46 - [] D -- C:\Users\User\AppData\Roaming\Sublime Text 2
O43 - CFD: 2014/06/15 15:16:52 - [] D -- C:\Users\User\AppData\Roaming\TuneUp Software
O43 - CFD: 2015/06/28 23:44:18 - [] D -- C:\Users\User\AppData\Roaming\uTorrent
O43 - CFD: 2014/06/14 23:06:38 - [] D -- C:\Users\User\AppData\Roaming\WinRAR
O43 - CFD: 2015/07/18 00:08:45 - [] D -- C:\Users\User\AppData\Roaming\ZHP
O43 - CFD: 2015/07/17 23:45:03 - [] D -- C:\Users\User\AppData\Local\Adobe
O43 - CFD: 2014/06/15 21:35:06 - [] D -- C:\Users\User\AppData\Local\Apple
O43 - CFD: 2014/07/10 22:03:18 - [] D -- C:\Users\User\AppData\Local\Apple Computer
O43 - CFD: 2014/10/11 21:03:12 - [] D -- C:\Users\User\AppData\Local\Apps
O43 - CFD: 2014/08/30 20:36:11 - [] D -- C:\Users\User\AppData\Local\Avg2014
O43 - CFD: 2015/06/30 21:17:05 - [] D -- C:\Users\User\AppData\Local\CrashDumps
O43 - CFD: 2015/02/25 23:05:20 - [0] D -- C:\Users\User\AppData\Local\Deployment
O43 - CFD: 2015/06/19 07:22:27 - [] D -- C:\Users\User\AppData\Local\Dropbox
O43 - CFD: 2015/04/13 10:25:20 - [0] D -- C:\Users\User\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2014/11/16 23:37:22 - [] SHD -- C:\Users\User\AppData\Local\EmieBrowserModeList
O43 - CFD: 2014/06/18 21:51:10 - [] SHD -- C:\Users\User\AppData\Local\EmieSiteList
O43 - CFD: 2014/06/18 21:51:10 - [] SHD -- C:\Users\User\AppData\Local\EmieUserList
O43 - CFD: 2014/06/18 09:36:00 - [] D -- C:\Users\User\AppData\Local\Evernote
O43 - CFD: 2015/01/12 02:16:01 - [] D -- C:\Users\User\AppData\Local\EvernoteNW
O43 - CFD: 2014/07/28 21:21:35 - [] D -- C:\Users\User\AppData\Local\Facebook
O43 - CFD: 2015/02/25 23:10:15 - [] D -- C:\Users\User\AppData\Local\GitHub
O43 - CFD: 2014/07/01 22:16:09 - [] D -- C:\Users\User\AppData\Local\Google
O43 - CFD: 2015/03/29 11:35:14 - [] D -- C:\Users\User\AppData\Local\HP
O43 - CFD: 2015/03/08 22:56:34 - [] D -- C:\Users\User\AppData\Local\Intel_Corporation
O43 - CFD: 2014/06/15 15:15:15 - [] D -- C:\Users\User\AppData\Local\MFAData
O43 - CFD: 2015/03/13 20:19:39 - [] D -- C:\Users\User\AppData\Local\Microsoft
O43 - CFD: 2015/02/26 00:29:20 - [] D -- C:\Users\User\AppData\Local\Microsoft Help
O43 - CFD: 2015/05/12 20:17:13 - [] D -- C:\Users\User\AppData\Local\Mozilla
O43 - CFD: 2015/01/27 23:10:00 - [] D -- C:\Users\User\AppData\Local\NeoSmart_Technologies
O43 - CFD: 2014/06/14 23:21:09 - [] D -- C:\Users\User\AppData\Local\NVIDIA
O43 - CFD: 2014/07/30 22:10:47 - [] D -- C:\Users\User\AppData\Local\NVIDIA Corporation
O43 - CFD: 2015/01/28 20:06:47 - [] D -- C:\Users\User\AppData\Local\Opera Software
O43 - CFD: 2014/06/15 21:44:19 - [0] D -- C:\Users\User\AppData\Local\PACE Anti-Piracy
O43 - CFD: 2015/06/17 21:09:54 - [] D -- C:\Users\User\AppData\Local\Packages
O43 - CFD: 2014/06/14 23:07:05 - [] D -- C:\Users\User\AppData\Local\Programs
O43 - CFD: 2014/09/09 11:29:14 - [] D -- C:\Users\User\AppData\Local\SDL
O43 - CFD: 2014/09/01 21:26:34 - [] D -- C:\Users\User\AppData\Local\SKIDROW
O43 - CFD: 2014/06/14 23:37:28 - [] D -- C:\Users\User\AppData\Local\Skype
O43 - CFD: 2015/07/18 00:08:40 - [] D -- C:\Users\User\AppData\Local\Temp
O43 - CFD: 2015/02/01 14:00:30 - [] D -- C:\Users\User\AppData\Local\VirtualStore
O43 - CFD: 2014/06/15 21:44:19 - [] HD -- C:\Users\User\AppData\Local\WrXrMbAE
O43 - CFD: 2013/08/22 18:36:32 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2013/08/22 18:36:32 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/03/16 08:58:24 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/10 07:28:35 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 2014/10/12 10:26:43 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
O43 - CFD: 2015/02/12 20:10:49 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2013/08/22 18:36:32 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2014/09/03 20:20:01 - [0] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2015/07/10 07:28:41 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2013/08/22 18:36:32 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2014/06/14 23:06:01 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ Latest files created in Windows Prefetcher (O45) (4) - 5s
O45 - LFCP:[MD5.B18532F70A450435C0E8784B9C0A0CB4] 2015/05/27 09:47:13 A -- C:\Windows\Prefetch\OLBPRE.EXE-F96A542C.pf =>PUP.Optional.MyPCBackup
O45 - LFCP:[MD5.3D326D558AEBAFCC46D2431F5BCB9A63] 2015/01/28 01:21:17 A -- C:\Windows\Prefetch\REIMAGE.EXE-8A509CAA.pf =>PUP.Optional.ReImageRepair
O45 - LFCP:[MD5.8928379060E88FBBECC94431CCE84133] 2015/01/28 01:20:36 A -- C:\Windows\Prefetch\REIMAGEPACKAGE.EXE-FEDE767D.pf =>PUP.Optional.ReImageRepair
O45 - LFCP:[MD5.FCF5790CF0EF7A7D68EE1D3AE986DFAD] 2015/01/28 01:19:56 A -- C:\Windows\Prefetch\REIMAGEREPAIR.EXE-C986C47E.pf =>PUP.Optional.ReImageRepair

---\\ System Drivers List (SDL) (O58) (60) - 1s
O58 - SDL:2013/08/22 15:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [108896]
O58 - SDL:2015/07/12 22:54:53 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\4B210E00.sys [113880]
O58 - SDL:2013/08/22 15:43:41 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [782176]
O58 - SDL:2015/01/27 22:11:56 A . (.Acronis - File Level CDP Kernel Helper.) -- C:\Windows\System32\drivers\afcdp.sys [367200]
O58 - SDL:2013/08/22 15:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79200]
O58 - SDL:2013/08/22 15:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [259424]
O58 - SDL:2013/08/22 15:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [25952]
O58 - SDL:2013/08/22 15:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [114016]
O58 - SDL:2013/06/18 17:45:02 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\Windows\System32\drivers\athw8x.sys [3680256]
O58 - SDL:2013/08/13 02:25:46 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [17624]
O58 - SDL:2014/04/28 06:33:30 A . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\Windows\System32\drivers\btfilter.sys [599240]
O58 - SDL:2013/08/22 15:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [531296]
O58 - SDL:2009/06/23 03:00:00 N . (.Sonic Solutions - CDR4 64-bit CD and DVD Place Holder Driver.) -- C:\Windows\System32\drivers\cdr4_xp.sys [10224]
O58 - SDL:2009/06/23 03:00:00 N . (.Sonic Solutions - CDRAL 64-bit Place Holder Driver (see PxHel.) -- C:\Windows\System32\drivers\cdralw2k.sys [10224]
O58 - SDL:2013/10/02 04:31:08 A . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\drivers\ETD.sys [370504]
O58 - SDL:2013/08/22 15:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3357024]
O58 - SDL:2015/01/27 22:11:43 A . (.Acronis International GmbH - Acronis Storage Filter Management Driver.) -- C:\Windows\System32\drivers\fltsrv.sys [108832]
O58 - SDL:2012/08/21 13:01:20 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [33240]
O58 - SDL:2013/08/22 15:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64352]
O58 - SDL:2013/07/30 21:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568]
O58 - SDL:2013/07/25 22:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320]
O58 - SDL:2013/08/07 14:23:46 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [644968]
O58 - SDL:2013/08/10 03:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys [651248]
O58 - SDL:2013/08/22 15:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [412000]
O58 - SDL:2013/08/20 02:20:18 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [4165120]
O58 - SDL:2013/08/20 02:25:01 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [449528]
O58 - SDL:2013/08/09 00:25:13 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\drivers\intelaud.sys [39320]
O58 - SDL:2013/08/09 00:25:13 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\drivers\iwdbus.sys [26008]
O58 - SDL:2013/06/18 17:45:14 A . (.Broadcom Corporation - Broadcom NetLink (TM) Gigabit Ethernet NDIS.) -- C:\Windows\System32\drivers\k57nd60a.sys [425984]
O58 - SDL:2013/08/22 15:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [109408]
O58 - SDL:2013/08/22 15:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [93536]
O58 - SDL:2013/08/22 15:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys [81760]
O58 - SDL:2013/08/22 15:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [82784]
O58 - SDL:2015/06/18 08:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [25816]
O58 - SDL:2015/06/18 08:41:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [109272]
O58 - SDL:2015/07/18 00:02:06 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [113880]
O58 - SDL:2013/08/22 15:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [56672]
O58 - SDL:2013/08/22 15:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [575840]
O58 - SDL:2013/08/22 15:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [63840]
O58 - SDL:2015/06/18 08:42:02 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [64216]
O58 - SDL:2014/11/13 03:20:36 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [13213512]
O58 - SDL:2014/11/13 03:20:36 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvpciflt.sys [31560]
O58 - SDL:2013/08/22 15:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150368]
O58 - SDL:2013/08/22 15:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168288]
O58 - SDL:2014/10/03 22:23:02 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\Windows\System32\drivers\nvvad64v.sys [38216]
O58 - SDL:2009/07/09 03:00:00 N . (.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) -- C:\Windows\System32\drivers\PxHlpa64.sys [55280]
O58 - SDL:2013/08/27 15:37:54 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [3613528]
O58 - SDL:2013/08/30 13:05:34 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\Windows\System32\drivers\RtsPStor.sys [356056]
O58 - SDL:2013/08/22 18:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040]
O58 - SDL:2013/08/22 15:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44896]
O58 - SDL:2013/08/22 15:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81760]
O58 - SDL:2015/01/27 22:11:44 A . (.Acronis - Acronis Snapshot API.) -- C:\Windows\System32\drivers\snapman.sys [233760]
O58 - SDL:2013/08/22 15:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [31072]
O58 - SDL:2015/01/27 22:11:53 A . (.Acronis International GmbH - Acronis Try&Decide Volume Filter Driver.) -- C:\Windows\System32\drivers\tdrpman.sys [1462560]
O58 - SDL:2013/09/04 02:53:52 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [99288]
O58 - SDL:2015/01/27 22:11:53 A . (.Acronis International GmbH - Acronis Backup Archive Explorer.) -- C:\Windows\System32\drivers\tib.sys [1120032]
O58 - SDL:2015/01/27 22:11:54 A . (.Acronis - Acronis Backup Archive Mounter.) -- C:\Windows\System32\drivers\tib_mounter.sys [183224]
O58 - SDL:2013/08/22 15:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19808]
O58 - SDL:2013/08/22 15:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [168800]
O58 - SDL:2013/08/22 15:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [305504]

---\\ Last modified or created user files (O61) (10) - 65s
O61 - LFC: 2015/07/16 18:43:17 A . (..) -- C:\Users\User\AppData\Roaming\appdataFr25.bin [24]
O61 - LFC: 2015/07/14 13:00:18 A . (..) -- C:\Users\User\AppData\Local\NVIDIA\NvBackend\UMDShim\nvcoproc.bin [5119797]
O61 - LFC: 2015/07/17 23:28:19 A . (..) -- C:\Users\User\AppData\Local\NVIDIA\NvBackend\Packages\00007aae\DAO.19774245.exe [5915664]
O61 - LFC: 2015/07/14 23:06:15 A . (..) -- C:\Users\User\AppData\Local\NVIDIA\NvBackend\Packages\00007a87\CoProc update.19763320.exe [514472]
O61 - LFC: 2015/07/17 15:01:02 A . (.NVIDIA Corporation.) -- C:\Users\User\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe [628664]
O61 - LFC: 2015/07/17 15:01:00 A . (.NVIDIA Corporation.) -- C:\Users\User\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe [172984]
O61 - LFC: 2015/07/17 15:00:56 A . (.NVIDIA Corporation.) -- C:\Users\User\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\Ontology.dll [1357240]
O61 - LFC: 2015/07/14 20:48:53 A . (..) -- C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\EL53SS6Q\SkypeSetupFull[1].exe [4892672]
O61 - LFC: 2015/07/18 00:00:37 A . (..) -- C:\Users\User\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/13 10:14:22 A . (..) -- C:\Users\User\AppData\Local\Google\Chrome\User Data\PepperFlash\18.0.0.209\pepflashplayer.dll [16307888]

---\\ File Associations Shell Spawning (O67) (9) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (SMI) (O68) (16) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe

---\\ Search Browser Infection (SBI) (O69) (3) - 2s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {14672F25-22A1-4895-820D-57AA80D750ED} - (Google) - http://www.google.com/
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com/

---\\ Search Svchost Services (SSS) (O83) (36) - 0s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [208896]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [155136]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [155136]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [324096]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1261056]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [1063424]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [914432]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [110080]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [150528]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [107008]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1212928]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [220672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [70656]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [225280]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [324096]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [81408]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [339456]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Windows Location Framework Service.) -- C:\Windows\System32\GeofenceMonitorService.dll [491520]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\system32\wlidsvc.dll [1576960]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [50688]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [201728]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\ncasvc.dll [164352]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [101376]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [534528]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [223744]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\sens.dll [71680]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [433664]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [306688]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [3557376]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [1017856]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [629760]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [183296]
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) -- C:\Windows\System32\KeyboardFilterSvc.dll [90464]

---\\ Firewall Active Exception List (FirewallRules) (O87) (23) - 3s
O87 - FAEL: "{AE582971-F421-4206-B4BA-BD04AB44FB28}" [In-None-P6-TRUE] .(. - KMS GUI ELDI.) -- C:\Program Files\KMSpico\KMSELDI.exe =>PUA.KMSpico
O87 - FAEL: "{797B668A-630B-4AD7-B5AD-3C7550AD5DE0}" [In-None-P17-TRUE] .(. - KMS GUI ELDI.) -- C:\Program Files\KMSpico\KMSELDI.exe =>PUA.KMSpico
O87 - FAEL: "{BEB737BF-899E-4A68-869C-9E67F52A1559}" [In-None-P6-TRUE] .(. - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico
O87 - FAEL: "{8C227E76-7545-428E-A3CF-E59BD2FE2B1E}" [In-None-P17-TRUE] .(. - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico
O87 - FAEL: "{2AC0D285-F70D-442E-9BB4-AA0636C7D361}" [In-None-P6-TRUE] .(. - Service_KMS.) -- C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
O87 - FAEL: "{04A4E22A-D921-487D-8ED9-C9A366F934B1}" [In-None-P17-TRUE] .(. - Service_KMS.) -- C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
O87 - FAEL: "{08BC7BE3-CC76-47EA-8C24-FB9D0D08E3BF}" [In-None-P6-TRUE] .(.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O87 - FAEL: "{C5AB8E01-ABF7-4A53-8DC0-FA02DF7A739B}" [In-None-P6-TRUE] .(.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O87 - FAEL: "{FD32D9A1-2DB8-494E-A75C-08B523BE755E}" [In-None-P6-TRUE] .(.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O87 - FAEL: "{036DBF31-FF23-4AA4-BC7D-024887C1C334}" [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O87 - FAEL: "{F8E89D3D-E6B2-4427-B8D7-629263AF75A8}" [In-None-P6-TRUE] .(.NVIDIA Corporation - NVIDIA Streamer Server Component.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
O87 - FAEL: "{77F9D8FB-7293-4B93-B455-2CC78AD6986B}" [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Streamer Server Component.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
O87 - FAEL: "{04B8FD3E-38D2-4B23-B93A-722D7C9B3BB9}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{201808DC-811E-4C36-96C4-AEBADC71A49B}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{F17AF38B-C152-4253-9E54-87BE311DA9D3}" [In-None-P6-TRUE] .(. - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico
O87 - FAEL: "{A79EE06E-55C8-4CCF-9828-6B355C29F8CF}" [In-None-P17-TRUE] .(. - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico
O87 - FAEL: "{8FDB8C99-1887-46EC-9BA4-B864CE4A4702}" [In-None-P17-TRUE] .(.Skype Limited - Facebook Video Calling.) -- C:\Users\User\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
O87 - FAEL: "TCP Query User{524DC122-106B-4D31-88C7-A6DF4D377882}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe
O87 - FAEL: "UDP Query User{E32FCF82-66F7-4D95-89B2-1A1DD2AB7EB3}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe
O87 - FAEL: "{E7394DBB-10B6-4947-997B-C98127EC59B1}" [In-None-P6-TRUE] .(.Acronis - TrueImage Sync Agent Service.) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O87 - FAEL: "{1C205D30-06EB-449B-8697-4851CCCBA39F}" [In-None-P17-TRUE] .(.Acronis - TrueImage Sync Agent Service.) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O87 - FAEL: "{A067182F-B4B4-49B0-9FA7-7F21B7B4114D}" [In-None-P6-TRUE] .(. - Service_KMS.) -- C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
O87 - FAEL: "{7BCCD3A9-9ED8-41FD-91C4-13CD5606929D}" [In-None-P17-TRUE] .(. - Service_KMS.) -- C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) (29) - 16s
SR - Auto [2013/02/15 14:01:52] [ 1143720] Acronis Scheduler2 Service (AcrSch2Svc) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
SR - Auto [2015/07/07 20:12:28] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - Demand [2015/07/15 22:41:13] [ 268976] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - Auto [2014/06/12 19:32:48] [ 43336] Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - Auto [2011/08/30 23:05:32] [ 462184] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - Demand [2013/08/26 13:10:50] [ 279024] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe
SR - Auto [2013/10/02 04:31:06] [ 101192] Elan Service (ETDService) . (.ELAN Microelectronics Corp..) - C:\Program Files\Elantech\ETDService.exe
SR - Auto [2014/11/06 20:07:54] [ 1148744] NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
SS - Demand [2014/06/06 13:15:46] [ 136120] Google Updater Service (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - Auto [2013/08/07 14:24:00] [ 15720] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - Auto [2013/05/11 17:45:38] [ 733696] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SS - Demand [2013/05/11 17:45:54] [ 822232] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - Demand [2014/07/08 08:49:58] [ 641352] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - Auto [2013/09/04 02:53:52] [ 169432] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - Auto [2013/09/04 02:53:54] [ 390616] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - Auto [2015/06/18 08:39:50] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SS - Demand [2015/05/24 13:38:23] [ 148080] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - Auto [2012/06/29 13:07:20] [ 135168] Nalpeiron Control Service (NalServ) . (.Nalpeiron Ltd..) - C:\Windows\SysWOW64\nalserv.exe
SR - Auto [2015/07/06 20:02:13] [ 8016018] Nervous Stroke (Nervous Stroke) . (...) - C:\Program Files (x86)\Nervous Stroke\Nervous Stroke.exe
SR - Auto [2012/06/29 13:07:20] [ 66560] Nalpeiron Licensing Service (nlsX86cc) . (.Nalpeiron Ltd..) - C:\Windows\SysWOW64\nlssrv32.exe
SR - Auto [2014/11/06 20:07:54] [ 1795912] NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - Auto [2014/11/06 20:07:49] [19819848] NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - Auto [2014/11/13 00:56:42] [ 934032] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SS - Auto [2013/12/11 15:59:12] [ 1050904] Service KMSELDI (Service KMSELDI) . (...) - C:\Program Files\KMSpico\Service_KMS.exe
SS - Auto [2015/01/02 20:45:12] [ 315488] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - Demand [2010/02/19 13:37:14] [ 517096] (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SR - Auto [2013/03/26 19:23:52] [ 7084672] Acronis Sync Agent Service (syncagentsrv) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
SS - Demand [2014/05/01 14:34:30] [ 24576] wampapache64 (wampapache64) . (.Apache Software Foundation.) - c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
SS - Demand [2014/05/01 14:38:12] [12942848] wampmysqld64 (wampmysqld64) . (...) - c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe

---\\ Additional Scan (O88) (12) - 0s
HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI =>PUA.KMSpico
C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico
C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-daniella.atanasova@hotmail.com =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\AutoPico Daily Restart =>PUA.KMSpico
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 =>PUA.KMSpico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico
C:\Windows\Prefetch\OLBPRE.EXE-F96A542C.pf =>PUP.Optional.MyPCBackup
C:\Windows\Prefetch\REIMAGE.EXE-8A509CAA.pf =>PUP.Optional.ReImageRepair
C:\Windows\Prefetch\REIMAGEPACKAGE.EXE-FEDE767D.pf =>PUP.Optional.ReImageRepair
C:\Windows\Prefetch\REIMAGEREPAIR.EXE-C986C47E.pf =>PUP.Optional.ReImageRepair
C:\Program Files\KMSpico\KMSELDI.exe =>PUA.KMSpico

---\\ Summary of the elements found on your workstation (4) - 0s
http://www.nicolascoolman.fr/pup-kmspico/ =>PUA.KMSpico
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/pup-mypcbackup/ =>PUP.Optional.MyPCBackup
http://www.nicolascoolman.fr/rogue-reimagerepair/ =>PUP.Optional.ReImageRepair

~ End of the scan, 138035 items in 113 seconds (913)(0)()

Publicité


Signaler le contenu de ce document

Publicité