Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2015.7.31.106 By Nicolas Coolman (2015/07/31)
~ Run by EIAD (Administrator) (2015/08/01 14:19:28)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\EIAD\Desktop\ZHPDiag.txt
~ Report: C:\Users\EIAD\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
~ Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
---\\ Internet Browsers (2) - 0s
MFIE: Mozilla Firefox 39.0 (x86 en-US) v39.0
MSIE: Internet Explorer v11.0.9600.16428
---\\ Windows Product Information (4) - 40s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : KO
Windows Activation Technologies : KO
---\\ System protection software (1) - 2s
ESET NOD32 Antivirus v7.0.302.26
---\\ System optimization software (1) - 3s
CCleaner v5.01
---\\ Surveillance software (2) - 3s
Adobe Flash Player 18 NPAPI
Adobe Reader XI
---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4123.312 MB (19% free)
~ System Restore: Activé (Enable)
~ System drive C: has 22 GB free of 101 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: EIAD-PC
~ User Name: EIAD
~ Logged in as Administrator
---\\ Enumeration of the disk units (5) - 0s
~ Drive C: has 22 GB free of 101 GB (System)
~ Drive D: has 20 GB free of 181 GB
~ Drive E: has 13 GB free of 183 GB
~ Drive F: has 9 GB free of 131 GB
~ Drive H: has GB free of 6 GB
---\\ State of the Windows Security Center (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Search Generic System Files (23) - 4s
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2871808]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [129024]
[MD5.E6CB36B85BE59095337427E853A5B65A] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [2332160]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [295808]
---\\ Process running (27) - 5s
[MD5.DABD4AB3D049ECA6AFFD61B63A997728] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496] [PID.1264]
[MD5.CAEEA721785050E43EE05BAD3B5E97B4] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1360600] [PID.1288]
[MD5.C9646479FB4A5DB8330E246ECA9408C3] - (...) -- C:\Program Files\Atomic Alarm Clock\timeserv.exe [2007040] [PID.1300]
[MD5.4CB575D97653FA91FFB02DA3105EB084] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752] [PID.2156]
[MD5.18A1B092C7C4E71E38F195917D6D977B] - (.EnablerService - EnablerService.) -- C:\Program Files (x86)\Addon Enabler\EnablerService.exe [627200] [PID.2216] =>PUP.Optional.HDStreamer
[MD5.A527E6181F1E58BDF9134DE04AAC2B02] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304] [PID.2264]
[MD5.1EB4061EA92513FD8ECB8F0DB5B5D5CD] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392] [PID.2272]
[MD5.5A2772DA712495F2A60348DE9F32D0A6] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456] [PID.2280]
[MD5.804D2FD64AFA10ADC3C7D7995E1B572D] - (.TOSHIBA Corporation - TRCMan.exe.) -- C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [718720] [PID.2344]
[MD5.557D1714ABAC67714686173C6379D61E] - (.Intel® Corporation - Intel® PROSet/Wireless WiMAX Connection Uti.) -- C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1626112] [PID.2368]
[MD5.DDDAFD371E2541DB3AFBB5EA481B4ADD] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3903056] [PID.2472]
[MD5.A39D51B1A6A2DB8DB764601AED6165FB] - (.Nitro PDF Software - Nitro PDF Spool Service.) -- C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920] [PID.2640]
[MD5.3CE0123A96A41588627C8E870020FACD] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\Windows\SysWOW64\NLSSRV32.EXE [69640] [PID.2680]
[MD5.4358CA811E35BAB5C8E35E7E1BDB3684] - (...) -- C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [1609728] [PID.2796]
[MD5.836266D31F9B7920ED04C4775E401FBC] - (.Pandora.TV - Pandora.TV service file.) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600] [PID.1840]
[MD5.01B08D0C71661BE0B2C903B02AB2B72E] - (.PU-App - PU-App.) -- C:\Users\EIAD\AppData\Local\zfblvtytnek1bjl\zhblbzzwnf81dtl.exe [113083] [PID.1992]
[MD5.FBA61BB4C484A01A655AFB18FF86C417] - (.Copyright 2004 - RichVideo Module.) -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632] [PID.3144]
[MD5.A903E5C565A2677F3960E4AAB7B42280] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056] [PID.3820]
[MD5.B2A9D4E3FA88F22DB1518B93D7AE8B9D] - (.Universal Updater © 2014 - Universal Updater.) -- C:\Program Files (x86)\Universal Updater\UpdaterService.exe [402872] [PID.3864] =>PUP.Optional.UniversalUpdater
[MD5.F7A7AF65BAF707FC713912DDE4B22C95] - (...) -- C:\Program Files (x86)\My WIFI Router\bmser.exe [1656416] [PID.3956]
[MD5.C4A7030F0D7409EC1816F45AC73D80A3] - (.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wirel.) -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [979456] [PID.4016]
[MD5.DFDEAFFB47094E80493114C874216809] - (.Red Bend Ltd. - Red Bend Device Management Service for Inte.) -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [514048] [PID.4076]
[MD5.18CC3B3DB8840C6776A69E758A2B8A77] - (.TOSHIBA Corporation - TOSHIBA eco Utility Service.) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe [342464] [PID.3200]
[MD5.360959BBD4F451E1AB811F4304232766] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2568120] [PID.4100]
[MD5.544D66CE8C715EE5F18E2E4E7CAAE27E] - (.PandoraTV - .) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe [1798696] [PID.1240]
[MD5.FB1096AB46B84957AAB9070994FF5202] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [121128] [PID.4216]
[MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.5644]
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) (29) - 2s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://ar.hao123.com/ =>PUP.Optional.Browser
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aglknbjahjkcidaiepeaakeoechddghn] Facebook Emoticons 2013
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [bpgpffljkgjmijjdmjbdppndoojdgboe] Facebook Secret Emoticons
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [dlkmfkjmlldmpanlblcdijbombpeenoi] Twitter Emoticons
G2 - GCE: Preference [User Data\Default] [egaicdjagfbejjeihijpnelohejdhhjd] Custom Hangout Emoticons
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [fjbbjfdilbioabojmcplalojlmdngbjl] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [gdalhedleemkkdjddjgfjmcnbpejpapp] Facebook for Chrome
G2 - GCE: Preference [User Data\Default] [gigempibmkmpklaojfkmgaeflckfdohp] Facebook One
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock
G2 - GCE: Preference [User Data\Default] [gponajbpomilcmbmfoipobkikeopjjhp] i2Symbol - Emoticons Smileys Symbols
G2 - GCE: Preference [User Data\Default] [hbepadcdhpahlikldbochnhfleejiokp] hbepadcdhpahlikldbochnhfleejiokp
G2 - GCE: Preference [User Data\Default] [hehijbfgiekmjfkfjpbkbammjbdenadd] IE Tab
G2 - GCE: Preference [User Data\Default] [hkdlcejbjnnmjgajjjfenejacioiimpp] Facebook Emoticons
G2 - GCE: Preference [User Data\Default] [igobkilpjmifphjheejimhghjnpnabmj] iKute Emoticons for Facebook Chat
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [ldipcbpaocekfooobnbcddclnhejkcpn] __MSG_853__
G2 - GCE: Preference [User Data\Default] [lfpjkncokllnfokkgpkobnkbkmelfefj] Linkclump
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [obhlfmheblhjhkmacldlhdnbgbaiigba] APK Downloader
G2 - GCE: Preference [User Data\Default] [oleglodmkonbpfmlffapjfednjopbeeh] {name:HD Streamerversion:1.1.7.0description:High d =>PUP.Optional.HDStreamer
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) (26) - 5s
M0 - MFSP: prefs.js [EIAD - x4s0ky9r.default] http://www.google.com.eg/
M1 - SPR:Search Page Redirection - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
P2 - EXT: (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppl3260.dll
P2 - EXT: (.RealNetworks, Inc. - 6.0.12.46.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - EXT FILE: (...) -- C:\Users\EIAD\AppData\Roaming\Mozilla\Firefox\Profiles\x4s0ky9r.default\extensions\jid1-8J7ayxTha4KqKQ@jetpack.xpi
P2 - EXT FILE: (...) -- C:\Users\EIAD\AppData\Roaming\Mozilla\Firefox\Profiles\x4s0ky9r.default\extensions\jsdeobfuscator@adblockplus.org.xpi
P2 - EXT FILE: (...) -- C:\Users\EIAD\AppData\Roaming\Mozilla\Firefox\Profiles\x4s0ky9r.default\extensions\langpack-de@venkman.mozilla.org.xpi
P2 - EXT FILE: (...) -- C:\Users\EIAD\AppData\Roaming\Mozilla\Firefox\Profiles\x4s0ky9r.default\extensions\multilinks@plugin.xpi
P2 - EXT FILE: (...) -- C:\Users\EIAD\AppData\Roaming\Mozilla\Firefox\Profiles\x4s0ky9r.default\extensions\tinyjsdebugger@enigmail.net.xpi
P2 - EXT FILE: (...) -- C:\Users\EIAD\AppData\Roaming\Mozilla\Firefox\Profiles\x4s0ky9r.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazondotcom.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\twitter.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - EXT: (.HD Streamer - HD Streamer.) -- C:\Users\EIAD\AppData\Roaming\Mozilla\Firefox\Profiles\x4s0ky9r.default\extensions\hd_streamer@iMedia
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
P2 - FPN: [HKLM] [@nitropdf.com/NitroPDF] - (.Nitro PDF.) -- C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.11.2852] - (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real Alternative\Browser\Plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.46] - (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real Alternative\Browser\Plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1662] - (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real Alternative\Browser\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.46] - (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real Alternative\Browser\Plugins\nprpjplug.dll
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (15) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ar.hao123.com/ =>PUP.Optional.Browser
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)
---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (48)
---\\ Browser Helper Object (BHO) (O2) (3) - 1s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2 - BHO: (no name) [64Bits] - {02478D38-C3F9-4efb-9B51-7695ECA05670} (Orphean)
O2 - BHO: HD Streamer [64Bits] - {E6062A33-016E-4BDA-A6F1-890D989F8656} . (.HD Streamer - ScriptHost.) -- C:\Program Files (x86)\HD Streamer\ScriptHost64.dll =>PUP.Optional.HDStreamer
---\\ Auto loading programs from Registry and folders (O4) (10) - 1s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - HKLM\..\Run: [Teco] %ProgramFiles%\TOSHIBA\TECO\Teco.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-2941451498-3517355130-2503662560-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
---\\ Global shortcuts Startup (O4G) (3) - 13s
O4 - GS\Desktop [Administrator]: QQPlayer.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
O4 - GS\Desktop [EIAD]: QQPlayer.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
O4 - GS\Desktop [Guest]: QQPlayer.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
---\\ Lop.com/Domain Hijackers (O17) (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) (20) - 2s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Atomic Alarm Clock Time (AtomicAlarmClock) . (...) - C:\Program Files\Atomic Alarm Clock\timeserv.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Ser (DMAgent) . (.Red Bend Ltd. - Red Bend Device Management Service for Inte.) - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Enabler Service (EnablerService) . (.EnablerService - EnablerService.) - C:\Program Files (x86)\Addon Enabler\EnablerService.exe =>PUP.Optional.HDStreamer
O23 - Service: NitroPDFDriverCreatorReadSpool9 (NitroDriverReadSpool9) . (.Nitro PDF Software - Nitro PDF Spool Service.) - C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation - NVIDIA Network Service.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation - NVIDIA Streamer Service.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.8.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: PandoraService (PanService) . (.Pandora.TV - Pandora.TV service file.) - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) . (.Copyright 2004 - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 10.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TOSHIBA eco Utility Service (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation - TOSHIBA eco Utility Service.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: Universal Updater Service (UniversalUpdater) . (.Universal Updater © 2014 - Universal Updater.) - C:\Program Files (x86)\Universal Updater\UpdaterService.exe =>PUP.Optional.Salus
O23 - Service: WIFIGXENDHCPSER (WIFIGXENDHCPSER) . (...) - C:\Program Files (x86)\My WIFI Router\bmser.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) . (.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wirel.) - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
---\\ Task Planned Automatically (O39) (70) - 8s
[MD5.00000000000000000000000000000000] [APT] [54b401e8-a303-4041-98f8-5a2e48f84f3b-1] (...) -- C:\Program Files (x86)\Apps Hat\Apps Hat-codedownloader.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [54b401e8-a303-4041-98f8-5a2e48f84f3b-5] (...) -- C:\Program Files (x86)\Apps Hat\54b401e8-a303-4041-98f8-5a2e48f84f3b-5.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.E3FB05F33E1404AD606B1E1FE7C323C3] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998104]
[MD5.9B3355B29942AF67F014EA90CE1EA960] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268976]
[MD5.805210C8DB11D5799E7172923959BF98] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5489944]
[MD5.00000000000000000000000000000000] [APT] [Crossbrowse] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe (.not file.) [0] =>PUP.Optional.CrossBrowse
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-6] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-6.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-7] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-7.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10_user] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-3] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-3.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-4] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-4.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5_user] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-7] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-7.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core] (.Facebook Inc..) -- C:\Users\EIAD\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d010cc9c44dc5e] (.Facebook Inc..) -- C:\Users\EIAD\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1cf9247f16e6bd5] (.Google Inc..) -- C:\Users\EIAD\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0423da9c6f6b0] (.Google Inc..) -- C:\Users\EIAD\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0c01447ca7430] (.Google Inc..) -- C:\Users\EIAD\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1cf6aea87c2ceb2] (.Google Inc..) -- C:\Users\EIAD\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0423daa53a85f] (.Google Inc..) -- C:\Users\EIAD\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d08fb75bd7b784] (.Google Inc..) -- C:\Users\EIAD\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0c014486752bc] (.Google Inc..) -- C:\Users\EIAD\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.AB6818A7FF17230A6E5119F6CDD1F85B] [APT] [pLNMD5hEPKK4tJw5zgS0AihLT5j] (.Copyright 2001.) -- C:\Users\EIAD\AppData\Roaming\pLNMD5hEPKK4tJw5zgS0AihLT5j.exe [1246720] =>PUP.Optional.Pirrit
[MD5.00000000000000000000000000000000] [APT] [temp_54b401e8-a303-4041-98f8-5a2e48f84f3b-2] (...) -- C:\Users\EIAD\AppData\Local\Temp\nse48C4.tmp\54b401e8-a303-4041-98f8-5a2e48f84f3b-2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [temp_f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10_user] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [temp_f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.8148E859A8C771ACFC8C13881A657C75] [APT] [{719E5B8C-1EE8-4531-B429-0F1C5331E6EA}] (.Google Inc..) -- c:\Users\EIAD\AppData\Local\Google\Chrome\application\chrome.exe [813896]
O39 - APT: Adobe Flash Player Updater - (...) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core - (...) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core.job [902]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d010cc9c44dc5e - (...) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d010cc9c44dc5e.job [924]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1cf9247f16e6bd5 - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1cf9247f16e6bd5.job [796]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0423da9c6f6b0 - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0423da9c6f6b0.job [796]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0c01447ca7430 - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0c01447ca7430.job [796]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1cf6aea87c2ceb2 - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1cf6aea87c2ceb2.job [848]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0423daa53a85f - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0423daa53a85f.job [848]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d08fb75bd7b784 - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d08fb75bd7b784.job [848]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0c014486752bc - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0c014486752bc.job [848]
O39 - APT: pLNMD5hEPKK4tJw5zgS0AihLT5j - (...) -- C:\Windows\Tasks\pLNMD5hEPKK4tJw5zgS0AihLT5j.job [1022]
O39 - APT: 54b401e8-a303-4041-98f8-5a2e48f84f3b-1 - (...) -- C:\Windows\System32\Tasks\54b401e8-a303-4041-98f8-5a2e48f84f3b-1 [3424] =>PUP.Optional.CrossRider
O39 - APT: 54b401e8-a303-4041-98f8-5a2e48f84f3b-5 - (...) -- C:\Windows\System32\Tasks\54b401e8-a303-4041-98f8-5a2e48f84f3b-5 [3496] =>PUP.Optional.CrossRider
O39 - APT: Adobe Acrobat Update Task - (...) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886]
O39 - APT: Adobe Flash Player Updater - (...) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3768]
O39 - APT: CCleanerSkipUAC - (...) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2770]
O39 - APT: Crossbrowse - (...) -- C:\Windows\System32\Tasks\Crossbrowse [3082] =>PUP.Optional.CrossBrowse
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-6 - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-6 [5166] =>PUP.Optional.CrossRider
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-7 - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-7 [5502] =>PUP.Optional.CrossRider
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10_user - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10_user [4132] =>PUP.Optional.CrossRider
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-3 - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-3 [6522] =>PUP.Optional.CrossRider
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-4 - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-4 [6186] =>PUP.Optional.CrossRider
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5 - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5 [4474] =>PUP.Optional.CrossRider
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5_user - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5_user [4466] =>PUP.Optional.CrossRider
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6 - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6 [7890] =>PUP.Optional.CrossRider
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-7 - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-7 [7546] =>PUP.Optional.CrossRider
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core - (...) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core [3530]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d010cc9c44dc5e - (...) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d010cc9c44dc5e [3898]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1cf9247f16e6bd5 - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1cf9247f16e6bd5 [3420]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0423da9c6f6b0 - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0423da9c6f6b0 [3420]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0c01447ca7430 - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0c01447ca7430 [3420]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1cf6aea87c2ceb2 - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1cf6aea87c2ceb2 [3816]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0423daa53a85f - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0423daa53a85f [3816]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d08fb75bd7b784 - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d08fb75bd7b784 [3816]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0c014486752bc - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0c014486752bc [3816]
O39 - APT: pLNMD5hEPKK4tJw5zgS0AihLT5j - (...) -- C:\Windows\System32\Tasks\pLNMD5hEPKK4tJw5zgS0AihLT5j [3050]
O39 - APT: temp_54b401e8-a303-4041-98f8-5a2e48f84f3b-2 - (...) -- C:\Windows\System32\Tasks\temp_54b401e8-a303-4041-98f8-5a2e48f84f3b-2 [3330]
O39 - APT: temp_f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10_user - (...) -- C:\Windows\System32\Tasks\temp_f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10_user [4132]
O39 - APT: temp_f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6 - (...) -- C:\Windows\System32\Tasks\temp_f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6 [7210]
O39 - APT: {719E5B8C-1EE8-4531-B429-0F1C5331E6EA} - (.Google Inc..) -- C:\Windows\System32\Tasks\{719E5B8C-1EE8-4531-B429-0F1C5331E6EA} [3172]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{82638733-3C24-484C-B191-E67C6D1A3EC0} [3168]
---\\ Software installed (O42) (125) - 26s
O42 - Logiciel: Atomic Alarm Clock 6.20 - (.Drive Software Company.) [HKLM][64Bits] -- Atomic Alarm Clock_is1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: n-Track Studio 7 x64 - (.n-Track.) [HKLM][64Bits] -- n-Track Studio 7
O42 - Logiciel: Art Effects for PDR10 - (.NewBlue.) [HKLM][64Bits] -- NewBlue Art Effects for PDR10
O42 - Logiciel: Intel PROSet Wireless - (...) [HKLM][64Bits] -- ProInst
O42 - Logiciel: SAM CoDeC Pack - (.www.SamLab.ws.) [HKLM][64Bits] -- SAM CoDeC Pack
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: Ut Video Codec Suite - (.UMEZAWA Takeshi.) [HKLM][64Bits] -- utvideo_is1
O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: WinRAR 5.01 beta 1 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Xvid MPEG-4 Video Codec - (...) [HKLM][64Bits] -- Xvid_is1
O42 - Logiciel: Nitro Pro 9 - (.Nitro.) [HKLM][64Bits] -- {02EB7080-8735-4D75-9380-A07D25DA06D2}
O42 - Logiciel: Java 8 Update 51 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418051F0}
O42 - Logiciel: Intel® PROSet/Wireless WiMAX Software - (.Intel Corporation.) [HKLM][64Bits] -- {5F588B19-C575-4750-86FD-6ED2B76E61F1}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Access MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Access MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Excel MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Excel MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft SharePoint Designer MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0017-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Publisher MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Publisher MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Outlook MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Outlook MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Word MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Word MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft InfoPath MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft InfoPath MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft DCF MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft DCF MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft OneNote MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft OneNote MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Groove MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Groove MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft X MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0101-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Access Setup Metadata MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0117-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Lync MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Lync MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0409-1000-0000000FF1CE}
O42 - Logiciel: TOSHIBA Desktop Assist - (.Toshiba Corporation.) [HKLM][64Bits] -- {95CCACF0-010D-45F0-82BF-858643D8BC02}
O42 - Logiciel: TOSHIBA PC Health Monitor - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: NVIDIA Graphics Driver 337.88 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA GeForce Experience 2.0.1 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience
O42 - Logiciel: NVIDIA PhysX System Software 9.13.1220 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA HD Audio Driver 1.3.30.1 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {C14518AF-1A0F-4D39-8011-69BAA01CD380}
O42 - Logiciel: TOSHIBA eco Utility - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {F5AFF327-9B52-4E96-B5A0-BD2488A8EEC9}
O42 - Logiciel: KMP Service - (.KMP.) [HKLM][64Bits] -- 4F6D5E84-5826-4394-9F40-3A9A19165651_is1
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 18 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Shockwave Player 12.1 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Advanced PDF Password Remover 5.0 - (.Avanced PDF Converter.) [HKLM][64Bits] -- Advanced PDF Password Remover
O42 - Logiciel: Advanced RAR Repair v1.2 - (...) [HKLM][64Bits] -- Advanced RAR Repair v1.2
O42 - Logiciel: Autorun Virus Remover 3.2 - (.Autorun Remover.) [HKLM][64Bits] -- Autorun Virus Remover_is1
O42 - Logiciel: Cool Record Edit Deluxe - (.CoolRecordEdit Inc..) [HKLM][64Bits] -- Cool Record Edit Deluxe
O42 - Logiciel: EaseUS Partition Master 9.3.0 - (.EaseUS.) [HKLM][64Bits] -- EaseUS Partition Master_is1
O42 - Logiciel: FormatFactory 3.7.0.0 - (.Format Factory.) [HKLM][64Bits] -- FormatFactory
O42 - Logiciel: HD Streamer - (.HD Streamer.) [HKLM][64Bits] -- HD Streamer =>PUP.Optional.HDStreamer
O42 - Logiciel: Hetman Partition Recovery 2.0 - (...) [HKLM][64Bits] -- Hetman Partition Recovery
O42 - Logiciel: SmartSound Quicktracks 5 - (.SmartSound Software Inc..) [HKLM][64Bits] -- InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}
O42 - Logiciel: CyberLink WaveEditor - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: 18 WoS Across America - (.ValuSoft.) [HKLM][64Bits] -- InstallShield_{BF9BA346-27AA-4EE0-8333-FEA5400D2AA0}
O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager
O42 - Logiciel: K-Lite Mega Codec Pack 9.7.0 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: Mac Blu-ray Player - (.Macgo Inc..) [HKLM][64Bits] -- Mac Blu-ray Player
O42 - Logiciel: Mendeley Desktop 1.12.4 - (.Mendeley Ltd..) [HKLM][64Bits] -- Mendeley Desktop
O42 - Logiciel: Mortal Kombat Komplete Edition - (.Warner Bros. Interactive Entertainment.) [HKLM][64Bits] -- Mortal Kombat Komplete Edition_is1
O42 - Logiciel: Mozilla Firefox 39.0 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0 (x86 en-US)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: My WIFI Router 2014.05.20.001 - (.TX Network Inc..) [HKLM][64Bits] -- My WIFI Router
O42 - Logiciel: n-Track Studio 7 - (.n-Track.) [HKLM][64Bits] -- n-Track Studio 7
O42 - Logiciel: Nero 11 - (...) [HKLM][64Bits] -- Nero 11
O42 - Logiciel: PDF Password Remover v3.1 - (.VeryPDF.com Inc.) [HKLM][64Bits] -- PDF Password Remover v3.1_is1
O42 - Logiciel: Pesgalaxy.com Patch 2015 - (.Pesgalaxy.) [HKLM][64Bits] -- Pesgalaxy.com Patch 2015 4.50
O42 - Logiciel: Pesgalaxy.com Patch 2015 DLC Installer - (.Pesgalaxy.) [HKLM][64Bits] -- Pesgalaxy.com Patch 2015 DLC Installer 4.00
O42 - Logiciel: post - (.mahmoud.) [HKLM][64Bits] -- post1.0
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM][64Bits] -- PowerISO
O42 - Logiciel: Raise Data Recovery for NTFS, version 5.15 - (.LLC "SysDev Laboratories".) [HKLM][64Bits] -- Raise Data Recovery for NTFS_is1
O42 - Logiciel: RAR Repair Tool v.4.0 - (.ZRT Labs.) [HKLM][64Bits] -- RAR Repair Tool_is1
O42 - Logiciel: Readiris Corporate 12 Middle East Edition - (...) [HKLM][64Bits] -- Readiris Corporate 12 Middle East Edition
O42 - Logiciel: Real Alternative 1.8.0 - (...) [HKLM][64Bits] -- RealAlt_is1
O42 - Logiciel: Recover My Files - (.GetData Pty Ltd.) [HKLM][64Bits] -- Recover My Files v5_is1
O42 - Logiciel: Recovery Toolbox for RAR 1.1 - (.Recovery Toolbox, Inc..) [HKLM][64Bits] -- Recovery Toolbox for RAR_is1
O42 - Logiciel: ResearchSoft Direct Export Helper - (.Thomson Reuters.) [HKLM][64Bits] -- ResearchSoft Direct Export Helper
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam
O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer
O42 - Logiciel: The KMPlayer (remove only) - (.PandoraTV.) [HKLM][64Bits] -- The KMPlayer
O42 - Logiciel: Train Simulator 2014 Steam Edition version 0.0.0.9 - (.WaLMaRT.) [HKLM][64Bits] -- Train Simulator 2014 Steam Edition_is1
O42 - Logiciel: Pro Evolution Soccer 2015 - (...) [HKLM][64Bits] -- UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1
O42 - Logiciel: VLC media player 2.0.4 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: WebcamMax - (.COOLWAREMAX.) [HKLM][64Bits] -- WebcamMax
O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM][64Bits] -- Winamp
O42 - Logiciel: Microsoft Windows Media Video 9 VCM - (...) [HKLM][64Bits] -- WMV9_VCM
O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM][64Bits] -- Yahoo! Messenger
O42 - Logiciel: Visual C++ 9.0 CRT (x86) WinSXS MSM - (.Microsoft Corporation.) [HKLM][64Bits] -- {0138F525-6C8A-333F-A105-14AE030B9A54}
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: Google Books Downloader version 2.3 - (.GBOOKSDOWNLOADER.COM.) [HKLM][64Bits] -- {216729B6-014A-F413-814F-F17F74FBA113}_is1
O42 - Logiciel: Skype 7.6 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Java 8 Update 51 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218051F0}
O42 - Logiciel: SmartSound Quicktracks 5 - (.SmartSound Software Inc..) [HKLM][64Bits] -- {2F8BA3FD-1FA9-4279-B696-712ABB12F09F}
O42 - Logiciel: CyberLink WaveEditor - (.CyberLink Corp..) [HKLM][64Bits] -- {324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}
O42 - Logiciel: Aid file recovery software professional version 3.6.7.2 - (.Mitusoft, Inc..) [HKLM][64Bits] -- {456B239A-C1E0-4178-810E-8E8F09B06877}_is1
O42 - Logiciel: Visual C++ 9.0 CRT (x86) WinSXS MSM - (.Microsoft Corporation.) [HKLM][64Bits] -- {50FC30FE-9758-3B08-B886-7BAABC047B61}
O42 - Logiciel: System Requirements Lab Detection - (.Husdawg, LLC.) [HKLM][64Bits] -- {5629F0ED-1A39-4C61-9656-ABDC8FF93757}
O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {5E6F6CF3-BACC-4144-868C-E14622C658F3}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {80407BA7-7763-4395-AB98-5233F1B34E65}
O42 - Logiciel: EndNote X7 - (.Thomson Reuters.) [HKLM][64Bits] -- {86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Etisalat USB modem - (.Etisalat.) [HKLM][64Bits] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D}
O42 - Logiciel: System Requirements Lab - (.Husdawg, LLC.) [HKLM][64Bits] -- {A92D0DBB-834A-4CAD-A434-F2232C692516}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824147215}
O42 - Logiciel: Adobe Reader XI (11.0.12) - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AB0000000001}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B92C2C6C-F70E-497B-88A7-1FEF9888272B}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Lagarith Lossless Codec (1.3.27) - (...) [HKLM][64Bits] -- {F59AC46C-10C3-4023-882C-4212A92283B3}_is1
O42 - Logiciel: TOSHIBA Remote Control Manager - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {FEB650EB-7639-444E-9FC2-C33EE6ED1A37}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
O42 - Logiciel: QQ??3.7 - (.????(??)????.) [HKCU][64Bits] -- QQPlayer
---\\ HKCU & HKLM Software Keys (219) - 26s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\AMD
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Auslogics
HKLM\SOFTWARE\Wow6432Node\AviSynth
HKLM\SOFTWARE\Wow6432Node\Baidu
HKLM\SOFTWARE\Wow6432Node\Baidu Security
HKLM\SOFTWARE\Wow6432Node\Baidu_Drp_pos
HKLM\SOFTWARE\Wow6432Node\Black Sea Studios
HKLM\SOFTWARE\Wow6432Node\Caphyon
HKLM\SOFTWARE\Wow6432Node\ccktr.exe
HKLM\SOFTWARE\Wow6432Node\CDDB
HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\EASEUS
HKLM\SOFTWARE\Wow6432Node\ESET
HKLM\SOFTWARE\Wow6432Node\Etisalat
HKLM\SOFTWARE\Wow6432Node\EVP
HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Wow6432Node\GN2
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\GRETECH
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\I.R.I.S.
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\InterVideo
HKLM\SOFTWARE\Wow6432Node\ISI ResearchSoft
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\KLCodecPack
HKLM\SOFTWARE\Wow6432Node\KMPlayer
HKLM\SOFTWARE\Wow6432Node\KONAMI
HKLM\SOFTWARE\Wow6432Node\lameme
HKLM\SOFTWARE\Wow6432Node\LAV
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\McAfee.com
HKLM\SOFTWARE\Wow6432Node\mcafeeupdater
HKLM\SOFTWARE\Wow6432Node\Mendeley Ltd.
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\n-Track7
HKLM\SOFTWARE\Wow6432Node\Nalpeiron
HKLM\SOFTWARE\Wow6432Node\Nero
HKLM\SOFTWARE\Wow6432Node\Nitro
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\Nullsoft
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Pandora.TV
HKLM\SOFTWARE\Wow6432Node\PowerISO
HKLM\SOFTWARE\Wow6432Node\PowerPivot
HKLM\SOFTWARE\Wow6432Node\R-TT
HKLM\SOFTWARE\Wow6432Node\RealAlternative
HKLM\SOFTWARE\Wow6432Node\RealNetworks
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Remo Software
HKLM\SOFTWARE\Wow6432Node\Rocket Division Software
HKLM\SOFTWARE\Wow6432Node\Rockstar Games
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SmartSound Software
HKLM\SOFTWARE\Wow6432Node\SourceTec
HKLM\SOFTWARE\Wow6432Node\Stellar Data Recovery
HKLM\SOFTWARE\Wow6432Node\Symantec
HKLM\SOFTWARE\Wow6432Node\SystemSafe
HKLM\SOFTWARE\Wow6432Node\TeamViewer
HKLM\SOFTWARE\Wow6432Node\Tencent =>PUP.Optional.TencentAddressBar
HKLM\SOFTWARE\Wow6432Node\TOSHIBA
HKLM\SOFTWARE\Wow6432Node\TOSHIBA Corporation
HKLM\SOFTWARE\Wow6432Node\Trymedia Systems =>PUP.Optional.Trymedia
HKLM\SOFTWARE\Wow6432Node\TuneUp
HKLM\SOFTWARE\Wow6432Node\Universal
HKLM\SOFTWARE\Wow6432Node\ValuSoft
HKLM\SOFTWARE\Wow6432Node\Valve
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\VST
HKLM\SOFTWARE\Wow6432Node\WebcamMax
HKLM\SOFTWARE\Wow6432Node\WIBU-SYSTEMS
HKLM\SOFTWARE\Wow6432Node\Wise Solutions
HKLM\SOFTWARE\Wow6432Node\Yahoo
HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\ZTEUSBDriverFlag
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\3rd Eye Solutions
HKCU\SOFTWARE\8.1
HKCU\SOFTWARE\A0 Digital Audio
HKCU\SOFTWARE\AC3Filter
HKCU\SOFTWARE\ACE Compression Software
HKCU\SOFTWARE\Active@ File Preview
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Aidfile recovery professional
HKCU\SOFTWARE\AnchorFree
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\apple
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\ARAR
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AtomicAlarmClock60
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\Baidu Security
HKCU\SOFTWARE\BugSplat
HKCU\SOFTWARE\Camfrog
HKCU\SOFTWARE\Cheat Engine
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Cineform
HKCU\SOFTWARE\CinemaP-1.9cV21.07-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CoinisRS =>PUP.Optional.InstallCore
HKCU\SOFTWARE\Cool Record Edit Deluxe
HKCU\SOFTWARE\CoreAAC
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\DashSignature.com
HKCU\SOFTWARE\DirectShow
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\DRPSu Updater
HKCU\SOFTWARE\DSP-worx
HKCU\SOFTWARE\EaseUS
HKCU\SOFTWARE\Epic MegaGames
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\Flash Player Pro
HKCU\SOFTWARE\FLT
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GameHouse
HKCU\SOFTWARE\GameSpy
HKCU\SOFTWARE\GetData
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\GN2
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GRETECH
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\Hetman Software
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Icaros
HKCU\SOFTWARE\IE Tab
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\Iris
HKCU\SOFTWARE\ISI ResearchSoft
HKCU\SOFTWARE\Jae Lee productions
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\kde.org
HKCU\SOFTWARE\KMPlayer
HKCU\SOFTWARE\KraiSoft
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Loons
HKCU\SOFTWARE\MacGo
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\Mendeley Ltd.
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-BE
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\n-Track7
HKCU\SOFTWARE\Nero
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NewBlue
HKCU\SOFTWARE\Nitro
HKCU\SOFTWARE\Nitro PDF
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PlayfulAge
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\QuickPar
HKCU\SOFTWARE\R-TT
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\Recovery Toolbox for RAR
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\RLZer
HKCU\SOFTWARE\SamLab.ws
HKCU\SOFTWARE\Sierra On-Line
HKCU\SOFTWARE\skype
HKCU\SOFTWARE\SkypeRS
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
HKCU\SOFTWARE\SourceTec
HKCU\SOFTWARE\Stellar
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\System Requirements Lab
HKCU\SOFTWARE\SystemSafe
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\Tencent =>PUP.Optional.TencentAddressBar
HKCU\SOFTWARE\TOSHIBA
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TrongCorp
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\Ut Video Codec Suite
HKCU\SOFTWARE\ValuSoft
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\VST
HKCU\SOFTWARE\Winamp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Yahoo
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\ZRT Labs
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Adobe
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Yahoo
---\\ Contents of the Common Files folders (O43) (322) - 21s
O43 - CFD: 2014/09/13 08:00:23 - [] D -- C:\Program Files (x86)\18 WoS Across America
O43 - CFD: 2014/06/09 22:57:20 - [] D -- C:\Program Files (x86)\Addon Enabler =>PUP.Optional.HDStreamer
O43 - CFD: 2014/01/30 22:38:37 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2013/12/20 10:32:06 - [] D -- C:\Program Files (x86)\Advanced PDF Password Remover 5.0
O43 - CFD: 2014/04/21 12:58:23 - [0] D -- C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 2015/01/05 20:16:47 - [] D -- C:\Program Files (x86)\Aid file recovery Professional
O43 - CFD: 2015/02/20 23:15:03 - [] D -- C:\Program Files (x86)\ARAR
O43 - CFD: 2013/12/25 22:10:23 - [] D -- C:\Program Files (x86)\AutorunRemover
O43 - CFD: 2013/12/13 14:20:23 - [] D -- C:\Program Files (x86)\Babylon =>PUP.Optional.Babylon
O43 - CFD: 2014/12/15 21:31:17 - [] D -- C:\Program Files (x86)\baidu
O43 - CFD: 2014/04/20 22:32:10 - [] D -- C:\Program Files (x86)\Baidu Security
O43 - CFD: 2015/01/27 23:24:49 - [0] D -- C:\Program Files (x86)\Cheatbook Database 2011
O43 - CFD: 2015/01/25 14:28:18 - [] D -- C:\Program Files (x86)\CodeMeter
O43 - CFD: 2015/08/01 13:31:20 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2014/03/06 21:34:52 - [] D -- C:\Program Files (x86)\Cool Record Edit Deluxe
O43 - CFD: 2014/12/07 14:48:20 - [] D -- C:\Program Files (x86)\Cyberlink
O43 - CFD: 2014/08/01 22:19:54 - [] D -- C:\Program Files (x86)\Data Recovery
O43 - CFD: 2014/03/08 20:48:13 - [] D -- C:\Program Files (x86)\DriverUninstall
O43 - CFD: 2015/07/20 00:47:43 - [] D -- C:\Program Files (x86)\EaseUS
O43 - CFD: 2015/07/02 21:46:48 - [] D -- C:\Program Files (x86)\EndNote X7
O43 - CFD: 2015/07/19 19:02:26 - [] D -- C:\Program Files (x86)\Etisalat USB modem
O43 - CFD: 2013/11/22 00:11:01 - [] D -- C:\Program Files (x86)\FreeTime
O43 - CFD: 2015/01/25 14:28:04 - [] D -- C:\Program Files (x86)\GetData
O43 - CFD: 2015/07/23 00:18:11 - [] D -- C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2014/02/18 00:12:26 - [] D -- C:\Program Files (x86)\Google Books Downloader
O43 - CFD: 2014/12/11 21:41:49 - [0] D -- C:\Program Files (x86)\GRETECH
O43 - CFD: 2014/04/29 20:38:08 - [] D -- C:\Program Files (x86)\HD Streamer =>PUP.Optional.HDStreamer
O43 - CFD: 2015/01/27 14:08:53 - [] D -- C:\Program Files (x86)\Hetman Software
O43 - CFD: 2014/12/07 14:51:35 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2013/11/22 22:44:54 - [0] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/05/30 12:22:24 - [] D -- C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 2013/11/16 23:39:59 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/08/01 13:32:03 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2014/06/27 21:54:43 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 2015/07/05 16:28:31 - [] D -- C:\Program Files (x86)\MacGo
O43 - CFD: 2015/03/17 00:11:47 - [] D -- C:\Program Files (x86)\Martial.Arts.Capoeira-KaOs
O43 - CFD: 2014/12/13 21:56:27 - [] D -- C:\Program Files (x86)\Mendeley Desktop
O43 - CFD: 2013/11/23 10:52:56 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 2013/11/23 10:52:37 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2013/11/22 19:34:39 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2013/11/23 10:57:23 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 2013/11/23 10:57:23 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/07/09 20:44:23 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/07/09 20:44:23 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2013/12/04 22:14:52 - [] D -- C:\Program Files (x86)\MSECache
O43 - CFD: 2015/07/29 00:47:01 - [] D -- C:\Program Files (x86)\My WIFI Router
O43 - CFD: 2014/03/31 20:38:01 - [] D -- C:\Program Files (x86)\n-Track
O43 - CFD: 2014/03/08 19:43:39 - [] D -- C:\Program Files (x86)\Nero
O43 - CFD: 2013/11/22 00:14:13 - [] D -- C:\Program Files (x86)\Nitro
O43 - CFD: 2014/07/25 23:32:48 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 2013/11/23 14:14:13 - [] D -- C:\Program Files (x86)\PANDORA.TV
O43 - CFD: 2014/04/17 20:31:32 - [] D -- C:\Program Files (x86)\PDF Password Remover v3.1
O43 - CFD: 2015/07/23 01:30:01 - [] D -- C:\Program Files (x86)\PicosmosTools
O43 - CFD: 2015/02/19 12:00:59 - [] D -- C:\Program Files (x86)\R-Studio
O43 - CFD: 2015/01/27 13:14:23 - [] D -- C:\Program Files (x86)\R.G. Mechanics
O43 - CFD: 2015/02/27 00:11:16 - [] D -- C:\Program Files (x86)\Rar Repair Tool
O43 - CFD: 2014/03/01 15:23:13 - [] D -- C:\Program Files (x86)\Readiris Corporate 12 Middle East Edition
O43 - CFD: 2014/06/27 21:46:21 - [] D -- C:\Program Files (x86)\Real Alternative
O43 - CFD: 2013/11/22 22:46:13 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2015/02/26 22:07:20 - [] D -- C:\Program Files (x86)\Recovery Toolbox for RAR
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2013/11/22 19:32:19 - [] D -- C:\Program Files (x86)\SAM CoDeC Pack
O43 - CFD: 2015/07/09 03:27:14 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2014/12/07 14:47:04 - [] D -- C:\Program Files (x86)\SmartSound Software
O43 - CFD: 2014/01/28 11:05:15 - [0] D -- C:\Program Files (x86)\SourceTec
O43 - CFD: 2015/08/01 13:21:54 - [] D -- C:\Program Files (x86)\Steam
O43 - CFD: 2015/02/27 00:08:15 - [] D -- C:\Program Files (x86)\Stronghold Crusader 2
O43 - CFD: 2015/04/24 15:46:09 - [] D -- C:\Program Files (x86)\SystemRequirementsLab
O43 - CFD: 2015/07/24 16:57:04 - [] D -- C:\Program Files (x86)\TeamViewer
O43 - CFD: 2014/12/17 22:05:38 - [] D -- C:\Program Files (x86)\Tencent =>PUP.Optional.TencentAddressBar
O43 - CFD: 2014/09/08 09:32:08 - [] D -- C:\Program Files (x86)\The KMPlayer
O43 - CFD: 2013/11/22 22:43:48 - [] D -- C:\Program Files (x86)\TOSHIBA
O43 - CFD: 2009/07/14 06:57:06 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 2014/04/20 22:52:25 - [] D -- C:\Program Files (x86)\Universal Updater =>PUP.Optional.UniversalUpdater
O43 - CFD: 2014/09/09 03:08:31 - [] D -- C:\Program Files (x86)\Valusoft
O43 - CFD: 2014/06/27 21:54:52 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 2015/01/27 14:42:15 - [] D -- C:\Program Files (x86)\WebcamMax
O43 - CFD: 2013/11/23 22:39:22 - [] D -- C:\Program Files (x86)\Winamp
O43 - CFD: 2013/11/16 23:55:48 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2013/04/20 21:25:28 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2013/04/20 21:25:28 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2013/04/20 21:25:28 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2010/11/21 05:31:38 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2013/04/20 21:25:28 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2014/12/31 14:37:09 - [] D -- C:\Program Files (x86)\Yahoo!
O43 - CFD: 2014/05/24 16:44:58 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
O43 - CFD: 2014/09/13 07:59:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\18 WoS Across America
O43 - CFD: 2013/11/17 00:19:48 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/11/16 23:24:17 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2013/12/20 10:30:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced PDF Password Remover 5.0
O43 - CFD: 2015/02/20 23:14:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair
O43 - CFD: 2015/01/05 20:16:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aid file recovery Professional
O43 - CFD: 2013/12/09 19:02:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atomic Alarm Clock
O43 - CFD: 2013/12/25 22:10:23 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutorunRemover
O43 - CFD: 2014/12/30 14:45:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2014/12/07 14:46:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
O43 - CFD: 2014/08/01 22:19:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Data Recovery
O43 - CFD: 2015/07/20 00:48:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 9.3.0
O43 - CFD: 2015/07/02 21:46:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote
O43 - CFD: 2013/11/23 12:20:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 2014/03/08 20:48:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Etisalat USB modem
O43 - CFD: 2014/06/23 22:43:52 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2014/02/18 00:12:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Books Downloader
O43 - CFD: 2015/02/19 12:00:32 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTASAConsole
O43 - CFD: 2015/03/28 14:47:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Egypt
O43 - CFD: 2015/01/27 14:09:04 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hetman Software
O43 - CFD: 2013/11/22 19:59:20 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
O43 - CFD: 2015/05/30 12:21:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2014/11/05 20:26:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2014/06/27 21:54:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 2009/07/14 06:57:09 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2014/12/13 21:56:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mendeley Desktop
O43 - CFD: 2013/11/23 10:58:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2013/11/22 19:35:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2015/05/31 13:41:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mortal Kombat Komplete Edition
O43 - CFD: 2014/03/08 19:44:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 11
O43 - CFD: 2014/12/07 14:47:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
O43 - CFD: 2013/11/22 23:20:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 2013/11/23 14:14:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PANDORATV
O43 - CFD: 2014/04/17 20:29:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Password Remover v3.1
O43 - CFD: 2014/07/03 11:14:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PESEdit.com 2013 Patch
O43 - CFD: 2015/07/15 02:52:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pesgalaxy.com Patch 2015
O43 - CFD: 2015/07/15 02:03:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pesgalaxy.com Patch 2015 DLC Installer
O43 - CFD: 2014/12/11 22:33:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\post
O43 - CFD: 2013/11/21 23:43:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 2015/02/26 23:35:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
O43 - CFD: 2015/02/27 00:11:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rar Repair Tool
O43 - CFD: 2014/06/27 21:46:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative
O43 - CFD: 2015/02/26 22:07:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Toolbox for RAR
O43 - CFD: 2013/11/22 19:32:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAM CoDeC Pack
O43 - CFD: 2014/12/01 20:20:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/05/30 21:18:19 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/05/15 01:17:51 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 2011/04/12 10:28:08 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2013/11/22 22:42:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
O43 - CFD: 2014/09/09 01:53:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valusoft
O43 - CFD: 2014/09/26 19:42:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/01/27 14:42:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebcamMax
O43 - CFD: 2013/11/22 00:12:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2014/01/03 22:29:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
O43 - CFD: 2014/01/30 22:38:40 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2015/01/27 14:42:16 - [] D -- C:\ProgramData\APN =>Toolbar.Ask
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2014/06/23 23:44:04 - [] D -- C:\ProgramData\Auslogics
O43 - CFD: 2015/02/24 00:27:12 - [0] D -- C:\ProgramData\Babylon =>PUP.Optional.Babylon
O43 - CFD: 2014/12/15 21:30:24 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 2014/05/22 11:22:07 - [] D -- C:\ProgramData\Baidu Security
O43 - CFD: 2013/11/22 22:39:36 - [] D -- C:\ProgramData\Blio
O43 - CFD: 2014/04/21 00:42:12 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 2014/12/07 14:43:26 - [] D -- C:\ProgramData\CLSK
O43 - CFD: 2014/11/07 13:24:54 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2014/12/07 16:03:32 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2014/12/07 14:47:04 - [] D -- C:\ProgramData\eSellerate
O43 - CFD: 2013/11/23 12:20:11 - [] D -- C:\ProgramData\ESET
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/01/23 14:38:13 - [] D -- C:\ProgramData\Firefly Studios
O43 - CFD: 2013/11/22 00:05:32 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 2013/11/22 20:00:55 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2014/11/20 21:01:41 - [] D -- C:\ProgramData\KONAMI
O43 - CFD: 2014/04/20 22:51:29 - [0] D -- C:\ProgramData\Log
O43 - CFD: 2014/01/31 14:22:17 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2015/06/10 22:29:57 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/03/28 14:44:15 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2015/03/19 11:44:02 - [] D -- C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
O43 - CFD: 2013/11/22 00:21:14 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2013/11/22 00:14:12 - [] D -- C:\ProgramData\Nitro
O43 - CFD: 2015/01/02 20:37:22 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 2014/07/25 23:37:50 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 2015/08/01 13:32:09 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 2015/07/15 02:01:58 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2014/12/22 20:19:32 - [] D -- C:\ProgramData\PlayFirst
O43 - CFD: 2014/12/31 13:25:23 - [] D -- C:\ProgramData\PlayfulAge
O43 - CFD: 2014/06/27 21:46:16 - [0] D -- C:\ProgramData\Real
O43 - CFD: 2013/11/23 10:56:48 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/07/09 03:27:01 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2014/12/07 14:47:30 - [] D -- C:\ProgramData\SmartSound Software Inc
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2014/11/20 21:00:55 - [] D -- C:\ProgramData\Steam
O43 - CFD: 2014/02/02 21:41:46 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2015/04/24 16:09:43 - [] D -- C:\ProgramData\SystemRequirementsLab
O43 - CFD: 2015/02/23 23:47:33 - [] AD -- C:\ProgramData\Temp
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/01/05 20:28:15 - [] D -- C:\ProgramData\Tencent =>PUP.Optional.TencentAddressBar
O43 - CFD: 2015/07/02 21:47:15 - [] D -- C:\ProgramData\Thomson.ResearchSoft.Installers
O43 - CFD: 2015/07/31 11:59:58 - [] D -- C:\ProgramData\ToolsUpdatePlatform
O43 - CFD: 2014/09/09 01:56:15 - [] D -- C:\ProgramData\Trymedia =>PUP.Optional.Trymedia
O43 - CFD: 2014/11/08 18:33:55 - [] D -- C:\ProgramData\TuneUp Software
O43 - CFD: 2013/12/25 22:10:46 - [] D -- C:\ProgramData\USBSecurity
O43 - CFD: 2015/01/27 14:42:31 - [] D -- C:\ProgramData\WebcamMax
O43 - CFD: 2014/12/31 14:37:09 - [] D -- C:\ProgramData\Yahoo!
O43 - CFD: 2014/11/07 13:36:25 - [] SHD -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 2014/05/18 12:43:54 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2014/01/30 22:38:36 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 2014/09/13 07:58:33 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2015/08/01 13:31:20 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2014/08/01 22:19:21 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 2014/03/08 19:44:44 - [] D -- C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 2013/11/22 00:14:13 - [] D -- C:\Program Files (x86)\Common Files\Nitro
O43 - CFD: 2014/03/31 20:39:10 - [] D -- C:\Program Files (x86)\Common Files\Propellerhead Software
O43 - CFD: 2013/11/23 22:36:59 - [] D -- C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 2015/07/02 21:47:11 - [] D -- C:\Program Files (x86)\Common Files\Risxtd
O43 - CFD: 2009/07/14 05:20:08 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2014/12/01 20:20:08 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2009/07/14 05:20:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 2015/06/07 19:28:11 - [] D -- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 2014/08/01 22:19:21 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/07/02 21:44:20 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 2014/01/30 22:38:19 - [] D -- C:\Users\EIAD\AppData\Roaming\Adobe
O43 - CFD: 2015/01/03 12:32:37 - [] D -- C:\Users\EIAD\AppData\Roaming\Alawar
O43 - CFD: 2014/08/01 22:19:54 - [] D -- C:\Users\EIAD\AppData\Roaming\Atomic Alarm Clock 6
O43 - CFD: 2015/02/24 00:27:12 - [] D -- C:\Users\EIAD\AppData\Roaming\Babylon =>PUP.Optional.Babylon
O43 - CFD: 2014/12/15 21:30:09 - [] D -- C:\Users\EIAD\AppData\Roaming\baidu
O43 - CFD: 2014/04/20 22:51:38 - [] D -- C:\Users\EIAD\AppData\Roaming\Baidu Security
O43 - CFD: 2015/02/03 21:39:51 - [0] D -- C:\Users\EIAD\AppData\Roaming\Black Sea Studios
O43 - CFD: 2014/01/30 22:38:44 - [] D -- C:\Users\EIAD\AppData\Roaming\com.wiziq.wiziqdesktop
O43 - CFD: 2014/03/31 20:23:00 - [] D -- C:\Users\EIAD\AppData\Roaming\Cool Record Edit Deluxe
O43 - CFD: 2014/12/01 20:22:06 - [] D -- C:\Users\EIAD\AppData\Roaming\CrystalIdea Software
O43 - CFD: 2015/06/28 21:05:50 - [] D -- C:\Users\EIAD\AppData\Roaming\CyberLink
O43 - CFD: 2015/08/01 13:38:28 - [] D -- C:\Users\EIAD\AppData\Roaming\DMCache
O43 - CFD: 2013/11/22 00:10:21 - [] D -- C:\Users\EIAD\AppData\Roaming\Downloaded Installations
O43 - CFD: 2014/12/31 14:28:56 - [0] D -- C:\Users\EIAD\AppData\Roaming\DRPSu
O43 - CFD: 2015/07/04 23:07:33 - [] D -- C:\Users\EIAD\AppData\Roaming\EndNote
O43 - CFD: 2013/11/21 23:41:23 - [] D -- C:\Users\EIAD\AppData\Roaming\Identities
O43 - CFD: 2015/07/23 16:43:51 - [] D -- C:\Users\EIAD\AppData\Roaming\IDM
O43 - CFD: 2013/11/22 22:39:57 - [] D -- C:\Users\EIAD\AppData\Roaming\InstallShield
O43 - CFD: 2013/11/22 00:04:45 - [] D -- C:\Users\EIAD\AppData\Roaming\Macromedia
O43 - CFD: 2011/04/12 10:28:08 - [0] D -- C:\Users\EIAD\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/02/08 18:42:16 - [0] D -- C:\Users\EIAD\AppData\Roaming\Media Player Classic
O43 - CFD: 2015/07/04 13:37:26 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft
O43 - CFD: 2015/05/31 14:00:15 - [] D -- C:\Users\EIAD\AppData\Roaming\MKKE
O43 - CFD: 2013/11/22 00:21:26 - [] D -- C:\Users\EIAD\AppData\Roaming\Mozilla
O43 - CFD: 2013/11/23 22:07:04 - [] D -- C:\Users\EIAD\AppData\Roaming\MPC-HC
O43 - CFD: 2014/12/22 20:17:12 - [] D -- C:\Users\EIAD\AppData\Roaming\My Games
O43 - CFD: 2014/03/31 20:53:40 - [] D -- C:\Users\EIAD\AppData\Roaming\n-Track Drums
O43 - CFD: 2014/03/31 20:53:41 - [] D -- C:\Users\EIAD\AppData\Roaming\n-Track Software Data
O43 - CFD: 2014/04/20 21:17:45 - [] D -- C:\Users\EIAD\AppData\Roaming\n-Track Studio 7
O43 - CFD: 2014/03/08 19:44:19 - [] D -- C:\Users\EIAD\AppData\Roaming\Nero
O43 - CFD: 2015/06/14 19:18:19 - [] D -- C:\Users\EIAD\AppData\Roaming\Nitro
O43 - CFD: 2015/06/26 14:21:49 - [] D -- C:\Users\EIAD\AppData\Roaming\Nitro PDF
O43 - CFD: 2014/05/24 17:17:14 - [] D -- C:\Users\EIAD\AppData\Roaming\NVIDIA
O43 - CFD: 2014/05/22 22:28:46 - [] D -- C:\Users\EIAD\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy
O43 - CFD: 2014/08/30 20:59:15 - [] D -- C:\Users\EIAD\AppData\Roaming\Oracle
O43 - CFD: 2014/12/22 20:19:32 - [] D -- C:\Users\EIAD\AppData\Roaming\PlayFirst
O43 - CFD: 2013/11/21 23:48:02 - [] D -- C:\Users\EIAD\AppData\Roaming\PowerISO
O43 - CFD: 2015/02/14 14:38:48 - [] D -- C:\Users\EIAD\AppData\Roaming\R-TT
O43 - CFD: 2015/03/12 14:14:34 - [] D -- C:\Users\EIAD\AppData\Roaming\Real
O43 - CFD: 2015/08/01 13:23:25 - [] D -- C:\Users\EIAD\AppData\Roaming\Skype
O43 - CFD: 2014/12/31 13:35:16 - [] D -- C:\Users\EIAD\AppData\Roaming\smc
O43 - CFD: 2015/01/23 14:38:12 - [] D -- C:\Users\EIAD\AppData\Roaming\Steam
O43 - CFD: 2015/01/03 12:42:46 - [] D -- C:\Users\EIAD\AppData\Roaming\SunRay Games
O43 - CFD: 2014/11/07 14:03:53 - [] D -- C:\Users\EIAD\AppData\Roaming\SysDev Laboratories
O43 - CFD: 2015/03/30 23:14:49 - [] D -- C:\Users\EIAD\AppData\Roaming\TeamViewer
O43 - CFD: 2015/01/05 20:28:15 - [] D -- C:\Users\EIAD\AppData\Roaming\Tencent =>PUP.Optional.TencentAddressBar
O43 - CFD: 2013/12/15 02:01:15 - [] D -- C:\Users\EIAD\AppData\Roaming\Toshiba
O43 - CFD: 2014/11/07 14:44:41 - [] D -- C:\Users\EIAD\AppData\Roaming\TuneUp Software
O43 - CFD: 2015/02/17 22:40:38 - [] D -- C:\Users\EIAD\AppData\Roaming\vlc
O43 - CFD: 2015/01/27 14:42:22 - [] D -- C:\Users\EIAD\AppData\Roaming\WebcamMax
O43 - CFD: 2013/11/23 22:39:58 - [] D -- C:\Users\EIAD\AppData\Roaming\Winamp
O43 - CFD: 2013/11/22 19:58:02 - [] D -- C:\Users\EIAD\AppData\Roaming\WinBatch
O43 - CFD: 2013/11/22 00:15:47 - [] D -- C:\Users\EIAD\AppData\Roaming\WinRAR
O43 - CFD: 2014/04/27 21:11:42 - [] D -- C:\Users\EIAD\AppData\Roaming\Yahoo!
O43 - CFD: 2015/08/01 14:20:46 - [] D -- C:\Users\EIAD\AppData\Roaming\ZHP
O43 - CFD: 2015/05/30 19:31:26 - [] D -- C:\Users\EIAD\AppData\Local\Adobe
O43 - CFD: 2014/04/20 22:53:23 - [0] D -- C:\Users\EIAD\AppData\Local\Alnaddy =>PUP.Optional.Alnaddy
O43 - CFD: 2013/11/21 23:41:08 - [0] D -- C:\Users\EIAD\AppData\Local\Application Data
O43 - CFD: 2014/05/22 13:19:06 - [] D -- C:\Users\EIAD\AppData\Local\cache
O43 - CFD: 2015/07/22 13:10:03 - [] D -- C:\Users\EIAD\AppData\Local\Crossbrowse =>PUP.Optional.CrossBrowse
O43 - CFD: 2015/07/14 18:44:15 - [0] D -- C:\Users\EIAD\AppData\Local\Diagnostics
O43 - CFD: 2013/11/22 22:38:22 - [] D -- C:\Users\EIAD\AppData\Local\Downloaded Installations
O43 - CFD: 2013/11/28 01:01:02 - [] D -- C:\Users\EIAD\AppData\Local\ESET
O43 - CFD: 2014/12/07 13:51:45 - [] D -- C:\Users\EIAD\AppData\Local\Facebook
O43 - CFD: 2015/05/31 14:00:41 - [] D -- C:\Users\EIAD\AppData\Local\FLT
O43 - CFD: 2015/07/22 00:13:21 - [] D -- C:\Users\EIAD\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2014/01/24 18:57:26 - [] D -- C:\Users\EIAD\AppData\Local\Google
O43 - CFD: 2014/04/29 20:39:34 - [0] D -- C:\Users\EIAD\AppData\Local\HD Streamer =>PUP.Optional.HDStreamer
O43 - CFD: 2013/11/21 23:41:08 - [0] D -- C:\Users\EIAD\AppData\Local\History
O43 - CFD: 2015/04/14 13:46:34 - [] D -- C:\Users\EIAD\AppData\Local\IE Tab
O43 - CFD: 2015/07/05 16:29:17 - [] D -- C:\Users\EIAD\AppData\Local\MacGo
O43 - CFD: 2013/11/22 19:23:51 - [] D -- C:\Users\EIAD\AppData\Local\Macromedia
O43 - CFD: 2014/12/13 21:56:31 - [] D -- C:\Users\EIAD\AppData\Local\Mendeley Ltd
O43 - CFD: 2014/12/12 22:10:31 - [] D -- C:\Users\EIAD\AppData\Local\Microsoft
O43 - CFD: 2015/04/05 14:29:23 - [] D -- C:\Users\EIAD\AppData\Local\Microsoft Help
O43 - CFD: 2014/12/30 14:52:42 - [0] DC -- C:\Users\EIAD\AppData\Local\MigWiz
O43 - CFD: 2014/12/15 21:00:27 - [] D -- C:\Users\EIAD\AppData\Local\MiniService
O43 - CFD: 2014/05/22 14:34:16 - [] D -- C:\Users\EIAD\AppData\Local\Mobogenie =>PUP.Optional.Mobogenie
O43 - CFD: 2013/12/18 00:14:14 - [] D -- C:\Users\EIAD\AppData\Local\Mozilla
O43 - CFD: 2014/01/07 20:21:48 - [] D -- C:\Users\EIAD\AppData\Local\NVIDIA
O43 - CFD: 2014/07/25 23:37:54 - [] D -- C:\Users\EIAD\AppData\Local\NVIDIA Corporation
O43 - CFD: 2013/11/22 00:03:18 - [] D -- C:\Users\EIAD\AppData\Local\Programs
O43 - CFD: 2015/02/26 23:36:26 - [] D -- C:\Users\EIAD\AppData\Local\QuickPar
O43 - CFD: 2014/06/27 21:46:16 - [0] D -- C:\Users\EIAD\AppData\Local\Real
O43 - CFD: 2014/12/01 20:20:17 - [] D -- C:\Users\EIAD\AppData\Local\Skype
O43 - CFD: 2015/02/24 23:23:42 - [] D -- C:\Users\EIAD\AppData\Local\Steam
O43 - CFD: 2015/08/01 14:21:25 - [] D -- C:\Users\EIAD\AppData\Local\Temp
O43 - CFD: 2013/11/21 23:41:08 - [0] D -- C:\Users\EIAD\AppData\Local\Temporary Internet Files
O43 - CFD: 2014/05/20 00:06:50 - [] D -- C:\Users\EIAD\AppData\Local\VirtualStore
O43 - CFD: 2015/07/02 00:41:42 - [] D -- C:\Users\EIAD\AppData\Local\zexlbzzvng41czk
O43 - CFD: 2015/07/22 19:41:40 - [] D -- C:\Users\EIAD\AppData\Local\zfblvtytnek1bjl
O43 - CFD: 2009/07/14 06:54:32 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/07/22 19:10:26 - [] RD -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/02/20 23:14:59 - [0] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair
O43 - CFD: 2014/03/06 21:34:46 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cool Record Edit Deluxe
O43 - CFD: 2014/12/07 14:48:29 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor
O43 - CFD: 2015/07/18 18:26:50 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 2015/02/18 13:41:21 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/01/06 23:28:45 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/01/27 14:09:04 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hetman Software
O43 - CFD: 2015/05/30 12:21:09 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2015/07/05 16:28:58 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macgo Windows Blu-ray Player
O43 - CFD: 2009/07/14 06:49:38 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/01/04 23:34:32 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My WIFI Router
O43 - CFD: 2014/03/01 15:23:13 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Readiris Corporate 12 Middle East Edition
O43 - CFD: 2015/01/25 14:28:20 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recover My Files v5
O43 - CFD: 2015/08/01 13:31:03 - [] RD -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2014/12/17 22:05:59 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tencent =>PUP.Optional.TencentAddressBar
O43 - CFD: 2013/11/23 14:14:03 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
O43 - CFD: 2013/11/22 00:12:48 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/03/17 00:08:40 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WMV9 VCM
---\\ ShareTools MSconfig StartupReg (SMSR) (O53) (25) - 2s
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\AtomicAlarmClock6 [Key] . (...) -- C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
O53 - SMSR:HKLM\...\startupreg\autodetect [Key] . (...) -- C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\AutorunRemover.exe [Key] . (...) -- C:\Program Files (x86)\AutorunRemover\AutorunRemover.exe
O53 - SMSR:HKLM\...\startupreg\Babylon Client [Key] . (...) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe (.not file.) =>PUP.Optional.Babylon
O53 - SMSR:HKLM\...\startupreg\CCleaner Monitoring [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe
O53 - SMSR:HKLM\...\startupreg\DrvUpdater [Key] . (...) -- C:\Users\EIAD\AppData\Roaming\DRPSu\DrvUpdater.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Facebook Update [Key] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\EIAD\AppData\Local\Facebook\Update\FacebookUpdate.exe
O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Google Installer.) -- C:\Users\EIAD\AppData\Local\Google\Update\GoogleUpdate.exe
O53 - SMSR:HKLM\...\startupreg\IntelWirelessWiMAX [Key] . (.Intel® Corporation - Intel® PROSet/Wireless WiMAX Connection Uti.) -- C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
O53 - SMSR:HKLM\...\startupreg\Messenger (Yahoo!) [Key] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O53 - SMSR:HKLM\...\startupreg\mobilegeni daemon [Key] . (...) -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Optional.Mobogenie
O53 - SMSR:HKLM\...\startupreg\NvBackend [Key] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O53 - SMSR:HKLM\...\startupreg\Nvtmru [Key] . (...) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\PWRISOVM.EXE [Key] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O53 - SMSR:HKLM\...\startupreg\ShadowPlay [Key] . (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O53 - SMSR:HKLM\...\startupreg\Steam [Key] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O53 - SMSR:HKLM\...\startupreg\TosNC [Key] . (...) -- %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\TosWaitSrv [Key] . (...) -- %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\TRCMan [Key] . (.TOSHIBA Corporation - TRCMan.exe.) -- C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
O53 - SMSR:HKLM\...\startupreg\TWebCamera [Key] . (.TOSHIBA CORPORATION. - .) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
O53 - SMSR:HKLM\...\startupreg\WebcamMaxAutoRun [Key] . (...) -- C:\Program Files (x86)\WebcamMax\wcmmon.exe
---\\ System Drivers List (SDL) (O58) (76) - 51s
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864]
O58 - SDL:2009/07/14 03:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440]
O58 - SDL:2011/03/11 08:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904]
O58 - SDL:2009/07/14 03:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128]
O58 - SDL:2011/03/11 08:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856]
O58 - SDL:2009/06/10 22:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848]
O58 - SDL:2012/07/03 15:10:00 A . (.Intel Corporation - Intel® WiMax Link 5050 Series Enumerator.) -- C:\Windows\System32\drivers\bpenum.sys [84480]
O58 - SDL:2012/07/03 15:10:10 A . (.Intel Corporation - Intel® WiMax Link 5050 Series Driver.) -- C:\Windows\System32\drivers\bpmp.sys [182272]
O58 - SDL:2012/07/03 15:10:02 A . (.Intel Corporation - Intel® WiMax Link 5050 Series Function Driv.) -- C:\Windows\System32\drivers\bpusb.sys [84992]
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432]
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704]
O58 - SDL:2009/07/14 03:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720]
O58 - SDL:2009/06/10 22:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480]
O58 - SDL:2009/07/14 03:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488]
O58 - SDL:2009/06/10 22:35:09 A . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserializ.) -- C:\Windows\System32\drivers\E1G6032E.sys [145792]
O58 - SDL:2013/09/17 15:17:38 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys [239320]
O58 - SDL:2013/09/17 15:17:38 A . (.ESET - Devmon monitor.) -- C:\Windows\System32\drivers\edevmon.sys [239296]
O58 - SDL:2013/09/17 15:17:38 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys [168256]
O58 - SDL:2009/07/14 03:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496]
O58 - SDL:2013/09/17 15:17:38 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfpr.sys [157432]
O58 - SDL:2009/06/10 22:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016]
O58 - SDL:2009/06/10 22:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232]
O58 - SDL:2013/02/19 10:59:38 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [57848]
O58 - SDL:2010/11/21 05:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720]
O58 - SDL:2013/09/20 14:41:20 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [630632]
O58 - SDL:2013/09/20 14:41:16 A . (.Intel Corporation - Intel Rapid Storage Technology Filter drive.) -- C:\Windows\System32\drivers\iaStorF.sys [28008]
O58 - SDL:2011/03/11 08:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496]
O58 - SDL:2015/05/20 14:55:54 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [197616]
O58 - SDL:2009/07/14 03:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112]
O58 - SDL:2013/07/17 23:43:40 A . (.Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Dri.) -- C:\Windows\System32\drivers\iusb3hcs.sys [20464]
O58 - SDL:2013/04/26 09:40:22 A . (.JMicron Technology Corporation - JMicron PCIe Flash Media Controller Driver.) -- C:\Windows\System32\drivers\jmcr.sys [176880]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776]
O58 - SDL:2011/03/26 10:37:12 A . (.MBB Incorporated - CDROM Filter.) -- C:\Windows\System32\drivers\massfilter.sys [11776]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736]
O58 - SDL:2013/05/29 04:10:52 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETwsw00.sys [11524096]
O58 - SDL:2009/07/14 03:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264]
O58 - SDL:2013/03/01 03:49:12 A . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\drivers\npf.sys [36600]
O58 - SDL:2013/11/28 15:38:18 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\drivers\nvhda64v.sys [197408]
O58 - SDL:2014/05/20 04:44:03 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [12688328]
O58 - SDL:2011/03/11 08:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352]
O58 - SDL:2011/03/11 08:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272]
O58 - SDL:2014/03/31 18:42:44 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\Windows\System32\drivers\nvvad64v.sys [40392]
O58 - SDL:2009/06/22 17:06:38 A . (.TOSHIBA Corporation - TOSHIBA Universal Camera Filter Driver.) -- C:\Windows\System32\drivers\PGEffect.sys [35008]
O58 - SDL:2009/07/14 03:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816]
O58 - SDL:2009/07/14 03:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592]
O58 - SDL:2013/08/27 12:08:42 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [883928]
O58 - SDL:2013/10/22 18:38:24 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [3692632]
O58 - SDL:2013/10/23 16:11:22 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [129944]
O58 - SDL:2009/06/10 22:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040]
O58 - SDL:2009/07/14 02:00:40 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\serial.sys [94208]
O58 - SDL:2009/07/14 03:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584]
O58 - SDL:2009/07/14 03:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464]
O58 - SDL:2009/07/14 03:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656]
O58 - SDL:2010/03/10 18:51:32 A . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\drivers\SynTP.sys [316464]
O58 - SDL:2014/05/17 02:42:38 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\drivers\taphss6.sys [42184]
O58 - SDL:2009/06/29 08:16:20 A . (.TOSHIBA Corporation - TOSHIBA HDD Protection - Shock Sensor Drive.) -- C:\Windows\System32\drivers\Thpevm.sys [14784]
O58 - SDL:2009/06/19 19:15:22 A . (.TOSHIBA Corporation - TOSHIBA TVALZ Filter Driver for x64.) -- C:\Windows\System32\drivers\TVALZFL.sys [14472]
O58 - SDL:2009/07/14 13:31:18 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\Windows\System32\drivers\TVALZ_O.SYS [26840]
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488]
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872]
O58 - SDL:2011/03/26 10:37:12 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys [123520]
O58 - SDL:2011/03/26 10:37:12 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbnmea.sys [123520]
O58 - SDL:2011/03/26 10:37:12 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbser6k.sys [123520]
O58 - SDL:2013/03/07 09:49:18 A . (...) -- C:\Windows\System32\epmntdrv.sys [17480]
O58 - SDL:2013/03/07 09:49:18 A . (...) -- C:\Windows\System32\EuGdiDrv.sys [9800]
---\\ Last modified or created user files (O61) (20) - 100s
O61 - LFC: 2015/07/31 23:42:20 A . (..) -- C:\Users\EIAD\Documents\KONAMI\Pro Evolution Soccer 2015\save\CUP 01.bin [6044898]
O61 - LFC: 2015/07/31 23:42:20 A . (..) -- C:\Users\EIAD\Documents\KONAMI\Pro Evolution Soccer 2015\save\SYSTEM.bin [136577]
O61 - LFC: 2015/08/01 13:21:29 A . (.Tonec Inc..) -- C:\Users\EIAD\AppData\Roaming\IDM\idmmzcc5\components2\idmcchandler2.dll [332824]
O61 - LFC: 2015/08/01 13:21:29 A . (.Tonec Inc..) -- C:\Users\EIAD\AppData\Roaming\IDM\idmmzcc5\components2\idmcchandler2_64.dll [460824]
O61 - LFC: 2015/08/01 13:21:29 A . (.Tonec Inc..) -- C:\Users\EIAD\AppData\Roaming\IDM\idmmzcc5\components2\idmmzcc.dll [34216]
O61 - LFC: 2015/08/01 13:21:29 A . (.Tonec Inc..) -- C:\Users\EIAD\AppData\Roaming\IDM\idmmzcc5\components2\idmmzcc64.dll [28512]
O61 - LFC: 2015/08/01 13:21:25 A . (.Tonec Inc..) -- C:\Users\EIAD\AppData\Roaming\IDM\idmmzcc5\components12\idmmzcc.dll [26648]
O61 - LFC: 2015/08/01 13:21:27 A . (.Tonec Inc..) -- C:\Users\EIAD\AppData\Roaming\IDM\idmmzcc5\components12\idmmzcc64.dll [31768]
O61 - LFC: 2015/08/01 13:21:25 A . (.Tonec Inc..) -- C:\Users\EIAD\AppData\Roaming\IDM\idmmzcc5\components\idmmzcc.dll [34216]
O61 - LFC: 2015/07/29 14:30:14 A . (..) -- C:\Users\EIAD\AppData\Local\NVIDIA\NvBackend\UMDShim\nvcoproc.bin [5125685]
O61 - LFC: 2015/07/29 18:21:01 A . (..) -- C:\Users\EIAD\AppData\Local\NVIDIA\NvBackend\Packages\00007b9c\DAO.19811313.exe [5918368]
O61 - LFC: 2015/07/29 18:20:28 A . (..) -- C:\Users\EIAD\AppData\Local\NVIDIA\NvBackend\Packages\00007b99\CoProc update.19811111.exe [515016]
O61 - LFC: 2015/07/24 18:35:00 A . (..) -- C:\Users\EIAD\AppData\Local\Google\Update\Install\{A77BC0FE-BE70-419A-9520-E38E6C47703A}\44.0.2403.107_44.0.2403.89_chrome_updater.exe [1070160]
O61 - LFC: 2015/07/29 19:51:48 A . (..) -- C:\Users\EIAD\AppData\Local\Google\Update\Install\{96D12479-680A-4D94-B1E6-8E0AD8470588}\44.0.2403.125_44.0.2403.107_chrome_updater.exe [794192]
O61 - LFC: 2015/07/29 19:51:48 A . (..) -- C:\Users\EIAD\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\44.0.2403.125\44.0.2403.125_44.0.2403.107_chrome_updater.exe [794192]
O61 - LFC: 2015/08/01 13:22:54 A . (..) -- C:\Users\EIAD\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/25 10:46:40 A . (..) -- C:\Users\EIAD\AppData\Local\Google\Chrome\Application\44.0.2403.125\libexif.dll [310088]
O61 - LFC: 2015/07/25 09:09:50 A . (..) -- C:\Users\EIAD\AppData\Local\Google\Chrome\Application\44.0.2403.125\natives_blob.bin [396173]
O61 - LFC: 2015/07/25 09:09:51 A . (..) -- C:\Users\EIAD\AppData\Local\Google\Chrome\Application\44.0.2403.125\snapshot_blob.bin [436812]
O61 - LFC: 2015/07/25 10:46:43 A . (..) -- C:\Users\EIAD\AppData\Local\Google\Chrome\Application\44.0.2403.125\PepperFlash\pepflashplayer.dll [16308040]
---\\ File Associations Shell Spawning (O67) (1) - 0s
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe
---\\ Start Menu Internet (SMI) (O68) (12) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\EIAD\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Users\EIAD\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Users\EIAD\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Users\EIAD\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
---\\ Search Browser Infection (SBI) (O69) (1) - 6s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
---\\ Search Svchost Services (SSS) (O83) (33) - 2s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [193536]
---\\ Firewall Active Exception List (FirewallRules) (O87) (40) - 5s
O87 - FAEL: "{B696751E-FE32-4E7D-979E-E085ACDC81E5}" [In-None-P6-TRUE] .(.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wirel.) -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O87 - FAEL: "{1BF958E9-4230-4309-A269-76A962B20F57}" [In-None-P6-TRUE] .(.Red Bend Ltd. - Red Bend Device Management Service for Inte.) -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O87 - FAEL: "{CD0FC881-E79E-41BD-9524-252B611DDC32}" [In-None-P17-TRUE] .(.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wirel.) -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O87 - FAEL: "{36426860-24C7-409C-A8FC-D738E8045DB1}" [In-None-P17-TRUE] .(.Red Bend Ltd. - Red Bend Device Management Service for Inte.) -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O87 - FAEL: "{1528E808-43BA-48E5-91F3-0461F37EAFE7}" [In-None-P6-TRUE] .(.Nullsoft, Inc. - Winamp.) -- C:\Program Files (x86)\Winamp\winamp.exe
O87 - FAEL: "{2C4DDA6C-874C-4126-8A95-D25384BBAF3D}" [In-None-P17-TRUE] .(.Nullsoft, Inc. - Winamp.) -- C:\Program Files (x86)\Winamp\winamp.exe
O87 - FAEL: "{CB6A23B2-6D27-489A-A8CB-4314235A2BE1}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Tango\Tango.exe (.not file.)
O87 - FAEL: "{3AFBC7E2-8072-412A-8462-0EF2D0694951}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Tango\Tango.exe (.not file.)
O87 - FAEL: "{5FC8D4A7-FA53-4FAD-B361-7DE0FBFFF35B}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (.not file.)
O87 - FAEL: "{2CF6315D-D816-4584-B354-BDF4F8C8AB7D}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (.not file.)
O87 - FAEL: "{FCA084D1-5557-45AD-9A14-8018BC2D6E09}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (.not file.)
O87 - FAEL: "{7E8C96BD-297B-4657-9DC0-AE2A907ABEB8}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (.not file.)
O87 - FAEL: "{9684AC55-1217-43B4-B9C1-32CD9F315AF7}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2015\PES2015.exe (.not file.)
O87 - FAEL: "{975257EC-0931-4819-98C5-7298E9A2540D}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2015\PES2015.exe (.not file.)
O87 - FAEL: "{67D40152-3ADF-46A3-9A52-2BF6DFDCE25D}" [In-None-P6-FALSE] .(...) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2015\PES2015.exe (.not file.)
O87 - FAEL: "{F9E4FC14-5E61-4E6A-81BC-AE1F7B5ED452}" [In-None-P17-FALSE] .(...) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2015\PES2015.exe (.not file.)
O87 - FAEL: "{CE038004-1FD4-458A-8A5F-0A801AC230A1}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll (.not file.)
O87 - FAEL: "{28443067-2276-4539-B806-316BC655BA83}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll (.not file.)
O87 - FAEL: "{92B70020-3837-4316-A110-E032DCD96011}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe
O87 - FAEL: "{1C18E270-BB39-49CD-95C0-D8ADAF36F4A0}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe
O87 - FAEL: "{2AE09628-8BCC-4BC6-BE65-A710DA8653A5}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe
O87 - FAEL: "{D6D15F90-FAD6-44E1-9F48-C3E7BADE7DF5}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe
O87 - FAEL: "{92A4059E-DBED-4CA5-A0D9-71EFACF20C65}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe
O87 - FAEL: "{54B17BFD-C2A5-4A01-B7A0-414D240B7108}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe
O87 - FAEL: "{4CD70C9F-6132-4CB6-AFA6-614FDACD9DBB}" [In-None-P6-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O87 - FAEL: "{1CE2E9E4-273C-4D51-95FD-4C2DD000785B}" [In-None-P17-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O87 - FAEL: "{DB65FC03-D960-4B98-A110-C956843A40D2}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer.exe
O87 - FAEL: "{AFB72E72-5A82-43A8-A354-B00AC935516E}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer.exe
O87 - FAEL: "{2D540835-DF59-4509-A7FA-C2377F25DFBB}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O87 - FAEL: "{CAE0C55B-84BF-4DC7-B3E6-592A35CB915C}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O87 - FAEL: "{30860A4E-FAEC-4D06-ABB2-20D321B5EC0A}" [In-None-P6-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O87 - FAEL: "{C59E26CB-177C-4121-B4EA-4E403C7088E2}" [In-None-P17-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O87 - FAEL: "{200E4A90-792F-4927-8495-998D753BC389}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer.exe
O87 - FAEL: "{A447B2F0-83CD-44F1-9A72-6404B57F6216}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer.exe
O87 - FAEL: "{701DB759-4BAA-4A6E-802E-C717AF76DA6A}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O87 - FAEL: "{4CB65CE0-4646-4830-969A-E7F42B76AD97}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O87 - FAEL: "{FE2A311C-98D5-4791-AFF9-DFA6B312AD7D}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
O87 - FAEL: "{6BBE0646-8500-4C41-A4EF-73BF687F5F5B}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
O87 - FAEL: "{C9E88D01-817F-4173-AA1A-B2B01DA2386E}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
O87 - FAEL: "{FA85AB14-18E4-4E50-8678-A931939A24EC}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
---\\ Search Tracing Registry Key (O100) (2) - 2s
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASAPI32 =>PUP.Optional.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASMANCS =>PUP.Optional.Babylon
---\\ Additional Scan (O88) (62) - 0s
C:\Program Files (x86)\Addon Enabler\EnablerService.exe =>PUP.Optional.HDStreamer
C:\Program Files (x86)\Universal Updater\UpdaterService.exe =>PUP.Optional.UniversalUpdater
C:\Users\EIAD\AppData\Local\Google\Chrome\User Data\Default\Extensions\oleglodmkonbpfmlffapjfednjopbeeh
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
C:\Program Files (x86)\HD Streamer\ScriptHost64.dll =>PUP.Optional.HDStreamer
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6062A33-016E-4BDA-A6F1-890D989F8656} =>PUP.Optional.HDStreamer
HKLM\SYSTEM\CurrentControlSet\Services\EnablerService =>PUP.Optional.HDStreamer
HKLM\SYSTEM\CurrentControlSet\Services\UniversalUpdater =>PUP.Optional.Salus
C:\Program Files (x86)\Universal Updater\UpdaterService.exe =>PUP.Optional.Salus
C:\Users\EIAD\AppData\Roaming\pLNMD5hEPKK4tJw5zgS0AihLT5j.exe =>PUP.Optional.Pirrit
C:\Windows\System32\Tasks\54b401e8-a303-4041-98f8-5a2e48f84f3b-1 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\54b401e8-a303-4041-98f8-5a2e48f84f3b-5 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\Crossbrowse =>PUP.Optional.CrossBrowse
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-6 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-7 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10_user =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-3 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-4 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5_user =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-7 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HD Streamer =>PUP.Optional.HDStreamer
HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse
HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Tencent =>PUP.Optional.TencentAddressBar
HKLM\SOFTWARE\Wow6432Node\Trymedia Systems =>PUP.Optional.Trymedia
HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaP-1.9cV21.07-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CoinisRS =>PUP.Optional.InstallCore
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
HKCU\SOFTWARE\Tencent =>PUP.Optional.TencentAddressBar
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider =>PUP.Optional.CrossRider
C:\Program Files (x86)\Addon Enabler =>PUP.Optional.HDStreamer
C:\Program Files (x86)\Babylon =>PUP.Optional.Babylon
C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Program Files (x86)\HD Streamer =>PUP.Optional.HDStreamer
C:\Program Files (x86)\Tencent =>PUP.Optional.TencentAddressBar
C:\Program Files (x86)\Universal Updater =>PUP.Optional.UniversalUpdater
C:\ProgramData\APN =>Toolbar.Ask
C:\ProgramData\Babylon =>PUP.Optional.Babylon
C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
C:\ProgramData\Tencent =>PUP.Optional.TencentAddressBar
C:\ProgramData\Trymedia =>PUP.Optional.Trymedia
C:\Users\EIAD\AppData\Roaming\Babylon =>PUP.Optional.Babylon
C:\Users\EIAD\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy
C:\Users\EIAD\AppData\Roaming\Tencent =>PUP.Optional.TencentAddressBar
C:\Users\EIAD\AppData\Local\Alnaddy =>PUP.Optional.Alnaddy
C:\Users\EIAD\AppData\Local\Crossbrowse =>PUP.Optional.CrossBrowse
C:\Users\EIAD\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Users\EIAD\AppData\Local\HD Streamer =>PUP.Optional.HDStreamer
C:\Users\EIAD\AppData\Local\Mobogenie =>PUP.Optional.Mobogenie
C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tencent =>PUP.Optional.TencentAddressBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASAPI32 =>PUP.Optional.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASMANCS =>PUP.Optional.Babylon
---\\ Summary of the elements found on your workstation (19) - 0s
http://www.nicolascoolman.fr/pup-hdstreamer/ =>PUP.Optional.HDStreamer
http://www.nicolascoolman.fr/blog =>PUP.Optional.UniversalUpdater
http://www.nicolascoolman.fr/hijacker-browsers/ =>PUP.Optional.Browser
http://www.nicolascoolman.fr/blog =>PUP.Optional.BDYahoo
http://www.nicolascoolman.fr/adware-tencentaddressbar/ =>PUP.Optional.TencentAddressBar
http://www.nicolascoolman.fr/pup-salus/ =>PUP.Optional.Salus
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowse
http://www.nicolascoolman.fr/pup-pirritsuggestor/ =>PUP.Optional.Pirrit
http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate
http://www.nicolascoolman.fr/adware-trymedia/ =>PUP.Optional.Trymedia
http://www.nicolascoolman.fr/adware-installcore/ =>PUP.Optional.InstallCore
http://www.nicolascoolman.fr/blog =>PUP.Optional.Softonic
http://www.nicolascoolman.fr/pup-babylon/ =>PUP.Optional.Babylon
http://www.nicolascoolman.fr/toolbar-ask/ =>Toolbar.Ask
http://www.nicolascoolman.fr/trojan-autokms/ =>HackTool.AutoKMS
http://www.nicolascoolman.fr/adware-opencandy/ =>PUP.Optional.OpenCandy
http://www.nicolascoolman.fr/hijacker-alnaddy/ =>PUP.Optional.Alnaddy
http://www.nicolascoolman.fr/pup-mobogenie/ =>PUP.Optional.Mobogenie
~ End of the scan, 37008 items in 411 seconds (1265)(0)()
~ Run by EIAD (Administrator) (2015/08/01 14:19:28)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\EIAD\Desktop\ZHPDiag.txt
~ Report: C:\Users\EIAD\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
~ Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
---\\ Internet Browsers (2) - 0s
MFIE: Mozilla Firefox 39.0 (x86 en-US) v39.0
MSIE: Internet Explorer v11.0.9600.16428
---\\ Windows Product Information (4) - 40s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : KO
Windows Activation Technologies : KO
---\\ System protection software (1) - 2s
ESET NOD32 Antivirus v7.0.302.26
---\\ System optimization software (1) - 3s
CCleaner v5.01
---\\ Surveillance software (2) - 3s
Adobe Flash Player 18 NPAPI
Adobe Reader XI
---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4123.312 MB (19% free)
~ System Restore: Activé (Enable)
~ System drive C: has 22 GB free of 101 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: EIAD-PC
~ User Name: EIAD
~ Logged in as Administrator
---\\ Enumeration of the disk units (5) - 0s
~ Drive C: has 22 GB free of 101 GB (System)
~ Drive D: has 20 GB free of 181 GB
~ Drive E: has 13 GB free of 183 GB
~ Drive F: has 9 GB free of 131 GB
~ Drive H: has GB free of 6 GB
---\\ State of the Windows Security Center (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Search Generic System Files (23) - 4s
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2871808]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [129024]
[MD5.E6CB36B85BE59095337427E853A5B65A] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [2332160]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [295808]
---\\ Process running (27) - 5s
[MD5.DABD4AB3D049ECA6AFFD61B63A997728] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496] [PID.1264]
[MD5.CAEEA721785050E43EE05BAD3B5E97B4] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1360600] [PID.1288]
[MD5.C9646479FB4A5DB8330E246ECA9408C3] - (...) -- C:\Program Files\Atomic Alarm Clock\timeserv.exe [2007040] [PID.1300]
[MD5.4CB575D97653FA91FFB02DA3105EB084] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752] [PID.2156]
[MD5.18A1B092C7C4E71E38F195917D6D977B] - (.EnablerService - EnablerService.) -- C:\Program Files (x86)\Addon Enabler\EnablerService.exe [627200] [PID.2216] =>PUP.Optional.HDStreamer
[MD5.A527E6181F1E58BDF9134DE04AAC2B02] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304] [PID.2264]
[MD5.1EB4061EA92513FD8ECB8F0DB5B5D5CD] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392] [PID.2272]
[MD5.5A2772DA712495F2A60348DE9F32D0A6] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456] [PID.2280]
[MD5.804D2FD64AFA10ADC3C7D7995E1B572D] - (.TOSHIBA Corporation - TRCMan.exe.) -- C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [718720] [PID.2344]
[MD5.557D1714ABAC67714686173C6379D61E] - (.Intel® Corporation - Intel® PROSet/Wireless WiMAX Connection Uti.) -- C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1626112] [PID.2368]
[MD5.DDDAFD371E2541DB3AFBB5EA481B4ADD] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3903056] [PID.2472]
[MD5.A39D51B1A6A2DB8DB764601AED6165FB] - (.Nitro PDF Software - Nitro PDF Spool Service.) -- C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920] [PID.2640]
[MD5.3CE0123A96A41588627C8E870020FACD] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\Windows\SysWOW64\NLSSRV32.EXE [69640] [PID.2680]
[MD5.4358CA811E35BAB5C8E35E7E1BDB3684] - (...) -- C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [1609728] [PID.2796]
[MD5.836266D31F9B7920ED04C4775E401FBC] - (.Pandora.TV - Pandora.TV service file.) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600] [PID.1840]
[MD5.01B08D0C71661BE0B2C903B02AB2B72E] - (.PU-App - PU-App.) -- C:\Users\EIAD\AppData\Local\zfblvtytnek1bjl\zhblbzzwnf81dtl.exe [113083] [PID.1992]
[MD5.FBA61BB4C484A01A655AFB18FF86C417] - (.Copyright 2004 - RichVideo Module.) -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632] [PID.3144]
[MD5.A903E5C565A2677F3960E4AAB7B42280] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056] [PID.3820]
[MD5.B2A9D4E3FA88F22DB1518B93D7AE8B9D] - (.Universal Updater © 2014 - Universal Updater.) -- C:\Program Files (x86)\Universal Updater\UpdaterService.exe [402872] [PID.3864] =>PUP.Optional.UniversalUpdater
[MD5.F7A7AF65BAF707FC713912DDE4B22C95] - (...) -- C:\Program Files (x86)\My WIFI Router\bmser.exe [1656416] [PID.3956]
[MD5.C4A7030F0D7409EC1816F45AC73D80A3] - (.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wirel.) -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [979456] [PID.4016]
[MD5.DFDEAFFB47094E80493114C874216809] - (.Red Bend Ltd. - Red Bend Device Management Service for Inte.) -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [514048] [PID.4076]
[MD5.18CC3B3DB8840C6776A69E758A2B8A77] - (.TOSHIBA Corporation - TOSHIBA eco Utility Service.) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe [342464] [PID.3200]
[MD5.360959BBD4F451E1AB811F4304232766] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2568120] [PID.4100]
[MD5.544D66CE8C715EE5F18E2E4E7CAAE27E] - (.PandoraTV - .) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe [1798696] [PID.1240]
[MD5.FB1096AB46B84957AAB9070994FF5202] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [121128] [PID.4216]
[MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.5644]
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) (29) - 2s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://ar.hao123.com/ =>PUP.Optional.Browser
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aglknbjahjkcidaiepeaakeoechddghn] Facebook Emoticons 2013
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [bpgpffljkgjmijjdmjbdppndoojdgboe] Facebook Secret Emoticons
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [dlkmfkjmlldmpanlblcdijbombpeenoi] Twitter Emoticons
G2 - GCE: Preference [User Data\Default] [egaicdjagfbejjeihijpnelohejdhhjd] Custom Hangout Emoticons
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [fjbbjfdilbioabojmcplalojlmdngbjl] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [gdalhedleemkkdjddjgfjmcnbpejpapp] Facebook for Chrome
G2 - GCE: Preference [User Data\Default] [gigempibmkmpklaojfkmgaeflckfdohp] Facebook One
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock
G2 - GCE: Preference [User Data\Default] [gponajbpomilcmbmfoipobkikeopjjhp] i2Symbol - Emoticons Smileys Symbols
G2 - GCE: Preference [User Data\Default] [hbepadcdhpahlikldbochnhfleejiokp] hbepadcdhpahlikldbochnhfleejiokp
G2 - GCE: Preference [User Data\Default] [hehijbfgiekmjfkfjpbkbammjbdenadd] IE Tab
G2 - GCE: Preference [User Data\Default] [hkdlcejbjnnmjgajjjfenejacioiimpp] Facebook Emoticons
G2 - GCE: Preference [User Data\Default] [igobkilpjmifphjheejimhghjnpnabmj] iKute Emoticons for Facebook Chat
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [ldipcbpaocekfooobnbcddclnhejkcpn] __MSG_853__
G2 - GCE: Preference [User Data\Default] [lfpjkncokllnfokkgpkobnkbkmelfefj] Linkclump
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [obhlfmheblhjhkmacldlhdnbgbaiigba] APK Downloader
G2 - GCE: Preference [User Data\Default] [oleglodmkonbpfmlffapjfednjopbeeh] {name:HD Streamerversion:1.1.7.0description:High d =>PUP.Optional.HDStreamer
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) (26) - 5s
M0 - MFSP: prefs.js [EIAD - x4s0ky9r.default] http://www.google.com.eg/
M1 - SPR:Search Page Redirection - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
P2 - EXT: (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppl3260.dll
P2 - EXT: (.RealNetworks, Inc. - 6.0.12.46.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - EXT FILE: (...) -- C:\Users\EIAD\AppData\Roaming\Mozilla\Firefox\Profiles\x4s0ky9r.default\extensions\jid1-8J7ayxTha4KqKQ@jetpack.xpi
P2 - EXT FILE: (...) -- C:\Users\EIAD\AppData\Roaming\Mozilla\Firefox\Profiles\x4s0ky9r.default\extensions\jsdeobfuscator@adblockplus.org.xpi
P2 - EXT FILE: (...) -- C:\Users\EIAD\AppData\Roaming\Mozilla\Firefox\Profiles\x4s0ky9r.default\extensions\langpack-de@venkman.mozilla.org.xpi
P2 - EXT FILE: (...) -- C:\Users\EIAD\AppData\Roaming\Mozilla\Firefox\Profiles\x4s0ky9r.default\extensions\multilinks@plugin.xpi
P2 - EXT FILE: (...) -- C:\Users\EIAD\AppData\Roaming\Mozilla\Firefox\Profiles\x4s0ky9r.default\extensions\tinyjsdebugger@enigmail.net.xpi
P2 - EXT FILE: (...) -- C:\Users\EIAD\AppData\Roaming\Mozilla\Firefox\Profiles\x4s0ky9r.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazondotcom.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\twitter.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - EXT: (.HD Streamer - HD Streamer.) -- C:\Users\EIAD\AppData\Roaming\Mozilla\Firefox\Profiles\x4s0ky9r.default\extensions\hd_streamer@iMedia
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
P2 - FPN: [HKLM] [@nitropdf.com/NitroPDF] - (.Nitro PDF.) -- C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.11.2852] - (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real Alternative\Browser\Plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.46] - (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real Alternative\Browser\Plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1662] - (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real Alternative\Browser\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.46] - (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real Alternative\Browser\Plugins\nprpjplug.dll
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (15) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ar.hao123.com/ =>PUP.Optional.Browser
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)
---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (48)
---\\ Browser Helper Object (BHO) (O2) (3) - 1s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2 - BHO: (no name) [64Bits] - {02478D38-C3F9-4efb-9B51-7695ECA05670} (Orphean)
O2 - BHO: HD Streamer [64Bits] - {E6062A33-016E-4BDA-A6F1-890D989F8656} . (.HD Streamer - ScriptHost.) -- C:\Program Files (x86)\HD Streamer\ScriptHost64.dll =>PUP.Optional.HDStreamer
---\\ Auto loading programs from Registry and folders (O4) (10) - 1s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - HKLM\..\Run: [Teco] %ProgramFiles%\TOSHIBA\TECO\Teco.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-2941451498-3517355130-2503662560-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
---\\ Global shortcuts Startup (O4G) (3) - 13s
O4 - GS\Desktop [Administrator]: QQPlayer.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
O4 - GS\Desktop [EIAD]: QQPlayer.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
O4 - GS\Desktop [Guest]: QQPlayer.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
---\\ Lop.com/Domain Hijackers (O17) (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) (20) - 2s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Atomic Alarm Clock Time (AtomicAlarmClock) . (...) - C:\Program Files\Atomic Alarm Clock\timeserv.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Ser (DMAgent) . (.Red Bend Ltd. - Red Bend Device Management Service for Inte.) - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Enabler Service (EnablerService) . (.EnablerService - EnablerService.) - C:\Program Files (x86)\Addon Enabler\EnablerService.exe =>PUP.Optional.HDStreamer
O23 - Service: NitroPDFDriverCreatorReadSpool9 (NitroDriverReadSpool9) . (.Nitro PDF Software - Nitro PDF Spool Service.) - C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation - NVIDIA Network Service.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation - NVIDIA Streamer Service.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.8.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: PandoraService (PanService) . (.Pandora.TV - Pandora.TV service file.) - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) . (.Copyright 2004 - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 10.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TOSHIBA eco Utility Service (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation - TOSHIBA eco Utility Service.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: Universal Updater Service (UniversalUpdater) . (.Universal Updater © 2014 - Universal Updater.) - C:\Program Files (x86)\Universal Updater\UpdaterService.exe =>PUP.Optional.Salus
O23 - Service: WIFIGXENDHCPSER (WIFIGXENDHCPSER) . (...) - C:\Program Files (x86)\My WIFI Router\bmser.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) . (.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wirel.) - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
---\\ Task Planned Automatically (O39) (70) - 8s
[MD5.00000000000000000000000000000000] [APT] [54b401e8-a303-4041-98f8-5a2e48f84f3b-1] (...) -- C:\Program Files (x86)\Apps Hat\Apps Hat-codedownloader.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [54b401e8-a303-4041-98f8-5a2e48f84f3b-5] (...) -- C:\Program Files (x86)\Apps Hat\54b401e8-a303-4041-98f8-5a2e48f84f3b-5.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.E3FB05F33E1404AD606B1E1FE7C323C3] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998104]
[MD5.9B3355B29942AF67F014EA90CE1EA960] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268976]
[MD5.805210C8DB11D5799E7172923959BF98] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5489944]
[MD5.00000000000000000000000000000000] [APT] [Crossbrowse] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe (.not file.) [0] =>PUP.Optional.CrossBrowse
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-6] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-6.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-7] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-7.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10_user] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-3] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-3.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-4] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-4.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5_user] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-7] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-7.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core] (.Facebook Inc..) -- C:\Users\EIAD\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d010cc9c44dc5e] (.Facebook Inc..) -- C:\Users\EIAD\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1cf9247f16e6bd5] (.Google Inc..) -- C:\Users\EIAD\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0423da9c6f6b0] (.Google Inc..) -- C:\Users\EIAD\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0c01447ca7430] (.Google Inc..) -- C:\Users\EIAD\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1cf6aea87c2ceb2] (.Google Inc..) -- C:\Users\EIAD\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0423daa53a85f] (.Google Inc..) -- C:\Users\EIAD\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d08fb75bd7b784] (.Google Inc..) -- C:\Users\EIAD\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0c014486752bc] (.Google Inc..) -- C:\Users\EIAD\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.AB6818A7FF17230A6E5119F6CDD1F85B] [APT] [pLNMD5hEPKK4tJw5zgS0AihLT5j] (.Copyright 2001.) -- C:\Users\EIAD\AppData\Roaming\pLNMD5hEPKK4tJw5zgS0AihLT5j.exe [1246720] =>PUP.Optional.Pirrit
[MD5.00000000000000000000000000000000] [APT] [temp_54b401e8-a303-4041-98f8-5a2e48f84f3b-2] (...) -- C:\Users\EIAD\AppData\Local\Temp\nse48C4.tmp\54b401e8-a303-4041-98f8-5a2e48f84f3b-2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [temp_f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10_user] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [temp_f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6] (...) -- C:\Program Files (x86)\CinemaP-1.9cV21.07\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6.exe (.not file.) [0] =>PUP.Optional.CrossRider
[MD5.8148E859A8C771ACFC8C13881A657C75] [APT] [{719E5B8C-1EE8-4531-B429-0F1C5331E6EA}] (.Google Inc..) -- c:\Users\EIAD\AppData\Local\Google\Chrome\application\chrome.exe [813896]
O39 - APT: Adobe Flash Player Updater - (...) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core - (...) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core.job [902]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d010cc9c44dc5e - (...) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d010cc9c44dc5e.job [924]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1cf9247f16e6bd5 - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1cf9247f16e6bd5.job [796]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0423da9c6f6b0 - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0423da9c6f6b0.job [796]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0c01447ca7430 - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0c01447ca7430.job [796]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1cf6aea87c2ceb2 - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1cf6aea87c2ceb2.job [848]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0423daa53a85f - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0423daa53a85f.job [848]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d08fb75bd7b784 - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d08fb75bd7b784.job [848]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0c014486752bc - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0c014486752bc.job [848]
O39 - APT: pLNMD5hEPKK4tJw5zgS0AihLT5j - (...) -- C:\Windows\Tasks\pLNMD5hEPKK4tJw5zgS0AihLT5j.job [1022]
O39 - APT: 54b401e8-a303-4041-98f8-5a2e48f84f3b-1 - (...) -- C:\Windows\System32\Tasks\54b401e8-a303-4041-98f8-5a2e48f84f3b-1 [3424] =>PUP.Optional.CrossRider
O39 - APT: 54b401e8-a303-4041-98f8-5a2e48f84f3b-5 - (...) -- C:\Windows\System32\Tasks\54b401e8-a303-4041-98f8-5a2e48f84f3b-5 [3496] =>PUP.Optional.CrossRider
O39 - APT: Adobe Acrobat Update Task - (...) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886]
O39 - APT: Adobe Flash Player Updater - (...) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3768]
O39 - APT: CCleanerSkipUAC - (...) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2770]
O39 - APT: Crossbrowse - (...) -- C:\Windows\System32\Tasks\Crossbrowse [3082] =>PUP.Optional.CrossBrowse
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-6 - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-6 [5166] =>PUP.Optional.CrossRider
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-7 - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-7 [5502] =>PUP.Optional.CrossRider
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10_user - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10_user [4132] =>PUP.Optional.CrossRider
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-3 - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-3 [6522] =>PUP.Optional.CrossRider
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-4 - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-4 [6186] =>PUP.Optional.CrossRider
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5 - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5 [4474] =>PUP.Optional.CrossRider
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5_user - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5_user [4466] =>PUP.Optional.CrossRider
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6 - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6 [7890] =>PUP.Optional.CrossRider
O39 - APT: f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-7 - (...) -- C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-7 [7546] =>PUP.Optional.CrossRider
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core - (...) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core [3530]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d010cc9c44dc5e - (...) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d010cc9c44dc5e [3898]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1cf9247f16e6bd5 - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1cf9247f16e6bd5 [3420]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0423da9c6f6b0 - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0423da9c6f6b0 [3420]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0c01447ca7430 - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000Core1d0c01447ca7430 [3420]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1cf6aea87c2ceb2 - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1cf6aea87c2ceb2 [3816]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0423daa53a85f - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0423daa53a85f [3816]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d08fb75bd7b784 - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d08fb75bd7b784 [3816]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0c014486752bc - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2941451498-3517355130-2503662560-1000UA1d0c014486752bc [3816]
O39 - APT: pLNMD5hEPKK4tJw5zgS0AihLT5j - (...) -- C:\Windows\System32\Tasks\pLNMD5hEPKK4tJw5zgS0AihLT5j [3050]
O39 - APT: temp_54b401e8-a303-4041-98f8-5a2e48f84f3b-2 - (...) -- C:\Windows\System32\Tasks\temp_54b401e8-a303-4041-98f8-5a2e48f84f3b-2 [3330]
O39 - APT: temp_f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10_user - (...) -- C:\Windows\System32\Tasks\temp_f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10_user [4132]
O39 - APT: temp_f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6 - (...) -- C:\Windows\System32\Tasks\temp_f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6 [7210]
O39 - APT: {719E5B8C-1EE8-4531-B429-0F1C5331E6EA} - (.Google Inc..) -- C:\Windows\System32\Tasks\{719E5B8C-1EE8-4531-B429-0F1C5331E6EA} [3172]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{82638733-3C24-484C-B191-E67C6D1A3EC0} [3168]
---\\ Software installed (O42) (125) - 26s
O42 - Logiciel: Atomic Alarm Clock 6.20 - (.Drive Software Company.) [HKLM][64Bits] -- Atomic Alarm Clock_is1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: n-Track Studio 7 x64 - (.n-Track.) [HKLM][64Bits] -- n-Track Studio 7
O42 - Logiciel: Art Effects for PDR10 - (.NewBlue.) [HKLM][64Bits] -- NewBlue Art Effects for PDR10
O42 - Logiciel: Intel PROSet Wireless - (...) [HKLM][64Bits] -- ProInst
O42 - Logiciel: SAM CoDeC Pack - (.www.SamLab.ws.) [HKLM][64Bits] -- SAM CoDeC Pack
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: Ut Video Codec Suite - (.UMEZAWA Takeshi.) [HKLM][64Bits] -- utvideo_is1
O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: WinRAR 5.01 beta 1 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Xvid MPEG-4 Video Codec - (...) [HKLM][64Bits] -- Xvid_is1
O42 - Logiciel: Nitro Pro 9 - (.Nitro.) [HKLM][64Bits] -- {02EB7080-8735-4D75-9380-A07D25DA06D2}
O42 - Logiciel: Java 8 Update 51 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418051F0}
O42 - Logiciel: Intel® PROSet/Wireless WiMAX Software - (.Intel Corporation.) [HKLM][64Bits] -- {5F588B19-C575-4750-86FD-6ED2B76E61F1}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Access MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Access MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Excel MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Excel MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft SharePoint Designer MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0017-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Publisher MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Publisher MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Outlook MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Outlook MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Word MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Word MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft InfoPath MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft InfoPath MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft DCF MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft DCF MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft OneNote MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft OneNote MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Groove MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Groove MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft X MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0101-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Access Setup Metadata MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0117-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Lync MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Lync MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0409-1000-0000000FF1CE}
O42 - Logiciel: TOSHIBA Desktop Assist - (.Toshiba Corporation.) [HKLM][64Bits] -- {95CCACF0-010D-45F0-82BF-858643D8BC02}
O42 - Logiciel: TOSHIBA PC Health Monitor - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: NVIDIA Graphics Driver 337.88 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA GeForce Experience 2.0.1 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience
O42 - Logiciel: NVIDIA PhysX System Software 9.13.1220 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA HD Audio Driver 1.3.30.1 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {C14518AF-1A0F-4D39-8011-69BAA01CD380}
O42 - Logiciel: TOSHIBA eco Utility - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {F5AFF327-9B52-4E96-B5A0-BD2488A8EEC9}
O42 - Logiciel: KMP Service - (.KMP.) [HKLM][64Bits] -- 4F6D5E84-5826-4394-9F40-3A9A19165651_is1
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 18 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Shockwave Player 12.1 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Advanced PDF Password Remover 5.0 - (.Avanced PDF Converter.) [HKLM][64Bits] -- Advanced PDF Password Remover
O42 - Logiciel: Advanced RAR Repair v1.2 - (...) [HKLM][64Bits] -- Advanced RAR Repair v1.2
O42 - Logiciel: Autorun Virus Remover 3.2 - (.Autorun Remover.) [HKLM][64Bits] -- Autorun Virus Remover_is1
O42 - Logiciel: Cool Record Edit Deluxe - (.CoolRecordEdit Inc..) [HKLM][64Bits] -- Cool Record Edit Deluxe
O42 - Logiciel: EaseUS Partition Master 9.3.0 - (.EaseUS.) [HKLM][64Bits] -- EaseUS Partition Master_is1
O42 - Logiciel: FormatFactory 3.7.0.0 - (.Format Factory.) [HKLM][64Bits] -- FormatFactory
O42 - Logiciel: HD Streamer - (.HD Streamer.) [HKLM][64Bits] -- HD Streamer =>PUP.Optional.HDStreamer
O42 - Logiciel: Hetman Partition Recovery 2.0 - (...) [HKLM][64Bits] -- Hetman Partition Recovery
O42 - Logiciel: SmartSound Quicktracks 5 - (.SmartSound Software Inc..) [HKLM][64Bits] -- InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}
O42 - Logiciel: CyberLink WaveEditor - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: 18 WoS Across America - (.ValuSoft.) [HKLM][64Bits] -- InstallShield_{BF9BA346-27AA-4EE0-8333-FEA5400D2AA0}
O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager
O42 - Logiciel: K-Lite Mega Codec Pack 9.7.0 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: Mac Blu-ray Player - (.Macgo Inc..) [HKLM][64Bits] -- Mac Blu-ray Player
O42 - Logiciel: Mendeley Desktop 1.12.4 - (.Mendeley Ltd..) [HKLM][64Bits] -- Mendeley Desktop
O42 - Logiciel: Mortal Kombat Komplete Edition - (.Warner Bros. Interactive Entertainment.) [HKLM][64Bits] -- Mortal Kombat Komplete Edition_is1
O42 - Logiciel: Mozilla Firefox 39.0 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0 (x86 en-US)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: My WIFI Router 2014.05.20.001 - (.TX Network Inc..) [HKLM][64Bits] -- My WIFI Router
O42 - Logiciel: n-Track Studio 7 - (.n-Track.) [HKLM][64Bits] -- n-Track Studio 7
O42 - Logiciel: Nero 11 - (...) [HKLM][64Bits] -- Nero 11
O42 - Logiciel: PDF Password Remover v3.1 - (.VeryPDF.com Inc.) [HKLM][64Bits] -- PDF Password Remover v3.1_is1
O42 - Logiciel: Pesgalaxy.com Patch 2015 - (.Pesgalaxy.) [HKLM][64Bits] -- Pesgalaxy.com Patch 2015 4.50
O42 - Logiciel: Pesgalaxy.com Patch 2015 DLC Installer - (.Pesgalaxy.) [HKLM][64Bits] -- Pesgalaxy.com Patch 2015 DLC Installer 4.00
O42 - Logiciel: post - (.mahmoud.) [HKLM][64Bits] -- post1.0
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM][64Bits] -- PowerISO
O42 - Logiciel: Raise Data Recovery for NTFS, version 5.15 - (.LLC "SysDev Laboratories".) [HKLM][64Bits] -- Raise Data Recovery for NTFS_is1
O42 - Logiciel: RAR Repair Tool v.4.0 - (.ZRT Labs.) [HKLM][64Bits] -- RAR Repair Tool_is1
O42 - Logiciel: Readiris Corporate 12 Middle East Edition - (...) [HKLM][64Bits] -- Readiris Corporate 12 Middle East Edition
O42 - Logiciel: Real Alternative 1.8.0 - (...) [HKLM][64Bits] -- RealAlt_is1
O42 - Logiciel: Recover My Files - (.GetData Pty Ltd.) [HKLM][64Bits] -- Recover My Files v5_is1
O42 - Logiciel: Recovery Toolbox for RAR 1.1 - (.Recovery Toolbox, Inc..) [HKLM][64Bits] -- Recovery Toolbox for RAR_is1
O42 - Logiciel: ResearchSoft Direct Export Helper - (.Thomson Reuters.) [HKLM][64Bits] -- ResearchSoft Direct Export Helper
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam
O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer
O42 - Logiciel: The KMPlayer (remove only) - (.PandoraTV.) [HKLM][64Bits] -- The KMPlayer
O42 - Logiciel: Train Simulator 2014 Steam Edition version 0.0.0.9 - (.WaLMaRT.) [HKLM][64Bits] -- Train Simulator 2014 Steam Edition_is1
O42 - Logiciel: Pro Evolution Soccer 2015 - (...) [HKLM][64Bits] -- UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1
O42 - Logiciel: VLC media player 2.0.4 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: WebcamMax - (.COOLWAREMAX.) [HKLM][64Bits] -- WebcamMax
O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM][64Bits] -- Winamp
O42 - Logiciel: Microsoft Windows Media Video 9 VCM - (...) [HKLM][64Bits] -- WMV9_VCM
O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM][64Bits] -- Yahoo! Messenger
O42 - Logiciel: Visual C++ 9.0 CRT (x86) WinSXS MSM - (.Microsoft Corporation.) [HKLM][64Bits] -- {0138F525-6C8A-333F-A105-14AE030B9A54}
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: Google Books Downloader version 2.3 - (.GBOOKSDOWNLOADER.COM.) [HKLM][64Bits] -- {216729B6-014A-F413-814F-F17F74FBA113}_is1
O42 - Logiciel: Skype 7.6 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Java 8 Update 51 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218051F0}
O42 - Logiciel: SmartSound Quicktracks 5 - (.SmartSound Software Inc..) [HKLM][64Bits] -- {2F8BA3FD-1FA9-4279-B696-712ABB12F09F}
O42 - Logiciel: CyberLink WaveEditor - (.CyberLink Corp..) [HKLM][64Bits] -- {324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}
O42 - Logiciel: Aid file recovery software professional version 3.6.7.2 - (.Mitusoft, Inc..) [HKLM][64Bits] -- {456B239A-C1E0-4178-810E-8E8F09B06877}_is1
O42 - Logiciel: Visual C++ 9.0 CRT (x86) WinSXS MSM - (.Microsoft Corporation.) [HKLM][64Bits] -- {50FC30FE-9758-3B08-B886-7BAABC047B61}
O42 - Logiciel: System Requirements Lab Detection - (.Husdawg, LLC.) [HKLM][64Bits] -- {5629F0ED-1A39-4C61-9656-ABDC8FF93757}
O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {5E6F6CF3-BACC-4144-868C-E14622C658F3}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {80407BA7-7763-4395-AB98-5233F1B34E65}
O42 - Logiciel: EndNote X7 - (.Thomson Reuters.) [HKLM][64Bits] -- {86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Etisalat USB modem - (.Etisalat.) [HKLM][64Bits] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D}
O42 - Logiciel: System Requirements Lab - (.Husdawg, LLC.) [HKLM][64Bits] -- {A92D0DBB-834A-4CAD-A434-F2232C692516}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824147215}
O42 - Logiciel: Adobe Reader XI (11.0.12) - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AB0000000001}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B92C2C6C-F70E-497B-88A7-1FEF9888272B}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Lagarith Lossless Codec (1.3.27) - (...) [HKLM][64Bits] -- {F59AC46C-10C3-4023-882C-4212A92283B3}_is1
O42 - Logiciel: TOSHIBA Remote Control Manager - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {FEB650EB-7639-444E-9FC2-C33EE6ED1A37}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
O42 - Logiciel: QQ??3.7 - (.????(??)????.) [HKCU][64Bits] -- QQPlayer
---\\ HKCU & HKLM Software Keys (219) - 26s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\AMD
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Auslogics
HKLM\SOFTWARE\Wow6432Node\AviSynth
HKLM\SOFTWARE\Wow6432Node\Baidu
HKLM\SOFTWARE\Wow6432Node\Baidu Security
HKLM\SOFTWARE\Wow6432Node\Baidu_Drp_pos
HKLM\SOFTWARE\Wow6432Node\Black Sea Studios
HKLM\SOFTWARE\Wow6432Node\Caphyon
HKLM\SOFTWARE\Wow6432Node\ccktr.exe
HKLM\SOFTWARE\Wow6432Node\CDDB
HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\EASEUS
HKLM\SOFTWARE\Wow6432Node\ESET
HKLM\SOFTWARE\Wow6432Node\Etisalat
HKLM\SOFTWARE\Wow6432Node\EVP
HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Wow6432Node\GN2
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\GRETECH
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\I.R.I.S.
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\InterVideo
HKLM\SOFTWARE\Wow6432Node\ISI ResearchSoft
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\KLCodecPack
HKLM\SOFTWARE\Wow6432Node\KMPlayer
HKLM\SOFTWARE\Wow6432Node\KONAMI
HKLM\SOFTWARE\Wow6432Node\lameme
HKLM\SOFTWARE\Wow6432Node\LAV
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\McAfee.com
HKLM\SOFTWARE\Wow6432Node\mcafeeupdater
HKLM\SOFTWARE\Wow6432Node\Mendeley Ltd.
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\n-Track7
HKLM\SOFTWARE\Wow6432Node\Nalpeiron
HKLM\SOFTWARE\Wow6432Node\Nero
HKLM\SOFTWARE\Wow6432Node\Nitro
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\Nullsoft
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Pandora.TV
HKLM\SOFTWARE\Wow6432Node\PowerISO
HKLM\SOFTWARE\Wow6432Node\PowerPivot
HKLM\SOFTWARE\Wow6432Node\R-TT
HKLM\SOFTWARE\Wow6432Node\RealAlternative
HKLM\SOFTWARE\Wow6432Node\RealNetworks
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Remo Software
HKLM\SOFTWARE\Wow6432Node\Rocket Division Software
HKLM\SOFTWARE\Wow6432Node\Rockstar Games
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SmartSound Software
HKLM\SOFTWARE\Wow6432Node\SourceTec
HKLM\SOFTWARE\Wow6432Node\Stellar Data Recovery
HKLM\SOFTWARE\Wow6432Node\Symantec
HKLM\SOFTWARE\Wow6432Node\SystemSafe
HKLM\SOFTWARE\Wow6432Node\TeamViewer
HKLM\SOFTWARE\Wow6432Node\Tencent =>PUP.Optional.TencentAddressBar
HKLM\SOFTWARE\Wow6432Node\TOSHIBA
HKLM\SOFTWARE\Wow6432Node\TOSHIBA Corporation
HKLM\SOFTWARE\Wow6432Node\Trymedia Systems =>PUP.Optional.Trymedia
HKLM\SOFTWARE\Wow6432Node\TuneUp
HKLM\SOFTWARE\Wow6432Node\Universal
HKLM\SOFTWARE\Wow6432Node\ValuSoft
HKLM\SOFTWARE\Wow6432Node\Valve
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\VST
HKLM\SOFTWARE\Wow6432Node\WebcamMax
HKLM\SOFTWARE\Wow6432Node\WIBU-SYSTEMS
HKLM\SOFTWARE\Wow6432Node\Wise Solutions
HKLM\SOFTWARE\Wow6432Node\Yahoo
HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\ZTEUSBDriverFlag
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\3rd Eye Solutions
HKCU\SOFTWARE\8.1
HKCU\SOFTWARE\A0 Digital Audio
HKCU\SOFTWARE\AC3Filter
HKCU\SOFTWARE\ACE Compression Software
HKCU\SOFTWARE\Active@ File Preview
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Aidfile recovery professional
HKCU\SOFTWARE\AnchorFree
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\apple
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\ARAR
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AtomicAlarmClock60
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\Baidu Security
HKCU\SOFTWARE\BugSplat
HKCU\SOFTWARE\Camfrog
HKCU\SOFTWARE\Cheat Engine
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Cineform
HKCU\SOFTWARE\CinemaP-1.9cV21.07-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CoinisRS =>PUP.Optional.InstallCore
HKCU\SOFTWARE\Cool Record Edit Deluxe
HKCU\SOFTWARE\CoreAAC
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\DashSignature.com
HKCU\SOFTWARE\DirectShow
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\DRPSu Updater
HKCU\SOFTWARE\DSP-worx
HKCU\SOFTWARE\EaseUS
HKCU\SOFTWARE\Epic MegaGames
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\Flash Player Pro
HKCU\SOFTWARE\FLT
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GameHouse
HKCU\SOFTWARE\GameSpy
HKCU\SOFTWARE\GetData
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\GN2
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GRETECH
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\Hetman Software
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Icaros
HKCU\SOFTWARE\IE Tab
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\Iris
HKCU\SOFTWARE\ISI ResearchSoft
HKCU\SOFTWARE\Jae Lee productions
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\kde.org
HKCU\SOFTWARE\KMPlayer
HKCU\SOFTWARE\KraiSoft
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Loons
HKCU\SOFTWARE\MacGo
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\Mendeley Ltd.
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-BE
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\n-Track7
HKCU\SOFTWARE\Nero
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NewBlue
HKCU\SOFTWARE\Nitro
HKCU\SOFTWARE\Nitro PDF
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PlayfulAge
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\QuickPar
HKCU\SOFTWARE\R-TT
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\Recovery Toolbox for RAR
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\RLZer
HKCU\SOFTWARE\SamLab.ws
HKCU\SOFTWARE\Sierra On-Line
HKCU\SOFTWARE\skype
HKCU\SOFTWARE\SkypeRS
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
HKCU\SOFTWARE\SourceTec
HKCU\SOFTWARE\Stellar
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\System Requirements Lab
HKCU\SOFTWARE\SystemSafe
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\Tencent =>PUP.Optional.TencentAddressBar
HKCU\SOFTWARE\TOSHIBA
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TrongCorp
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\Ut Video Codec Suite
HKCU\SOFTWARE\ValuSoft
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\VST
HKCU\SOFTWARE\Winamp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Yahoo
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\ZRT Labs
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Adobe
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Yahoo
---\\ Contents of the Common Files folders (O43) (322) - 21s
O43 - CFD: 2014/09/13 08:00:23 - [] D -- C:\Program Files (x86)\18 WoS Across America
O43 - CFD: 2014/06/09 22:57:20 - [] D -- C:\Program Files (x86)\Addon Enabler =>PUP.Optional.HDStreamer
O43 - CFD: 2014/01/30 22:38:37 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2013/12/20 10:32:06 - [] D -- C:\Program Files (x86)\Advanced PDF Password Remover 5.0
O43 - CFD: 2014/04/21 12:58:23 - [0] D -- C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 2015/01/05 20:16:47 - [] D -- C:\Program Files (x86)\Aid file recovery Professional
O43 - CFD: 2015/02/20 23:15:03 - [] D -- C:\Program Files (x86)\ARAR
O43 - CFD: 2013/12/25 22:10:23 - [] D -- C:\Program Files (x86)\AutorunRemover
O43 - CFD: 2013/12/13 14:20:23 - [] D -- C:\Program Files (x86)\Babylon =>PUP.Optional.Babylon
O43 - CFD: 2014/12/15 21:31:17 - [] D -- C:\Program Files (x86)\baidu
O43 - CFD: 2014/04/20 22:32:10 - [] D -- C:\Program Files (x86)\Baidu Security
O43 - CFD: 2015/01/27 23:24:49 - [0] D -- C:\Program Files (x86)\Cheatbook Database 2011
O43 - CFD: 2015/01/25 14:28:18 - [] D -- C:\Program Files (x86)\CodeMeter
O43 - CFD: 2015/08/01 13:31:20 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2014/03/06 21:34:52 - [] D -- C:\Program Files (x86)\Cool Record Edit Deluxe
O43 - CFD: 2014/12/07 14:48:20 - [] D -- C:\Program Files (x86)\Cyberlink
O43 - CFD: 2014/08/01 22:19:54 - [] D -- C:\Program Files (x86)\Data Recovery
O43 - CFD: 2014/03/08 20:48:13 - [] D -- C:\Program Files (x86)\DriverUninstall
O43 - CFD: 2015/07/20 00:47:43 - [] D -- C:\Program Files (x86)\EaseUS
O43 - CFD: 2015/07/02 21:46:48 - [] D -- C:\Program Files (x86)\EndNote X7
O43 - CFD: 2015/07/19 19:02:26 - [] D -- C:\Program Files (x86)\Etisalat USB modem
O43 - CFD: 2013/11/22 00:11:01 - [] D -- C:\Program Files (x86)\FreeTime
O43 - CFD: 2015/01/25 14:28:04 - [] D -- C:\Program Files (x86)\GetData
O43 - CFD: 2015/07/23 00:18:11 - [] D -- C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2014/02/18 00:12:26 - [] D -- C:\Program Files (x86)\Google Books Downloader
O43 - CFD: 2014/12/11 21:41:49 - [0] D -- C:\Program Files (x86)\GRETECH
O43 - CFD: 2014/04/29 20:38:08 - [] D -- C:\Program Files (x86)\HD Streamer =>PUP.Optional.HDStreamer
O43 - CFD: 2015/01/27 14:08:53 - [] D -- C:\Program Files (x86)\Hetman Software
O43 - CFD: 2014/12/07 14:51:35 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2013/11/22 22:44:54 - [0] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/05/30 12:22:24 - [] D -- C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 2013/11/16 23:39:59 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/08/01 13:32:03 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2014/06/27 21:54:43 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 2015/07/05 16:28:31 - [] D -- C:\Program Files (x86)\MacGo
O43 - CFD: 2015/03/17 00:11:47 - [] D -- C:\Program Files (x86)\Martial.Arts.Capoeira-KaOs
O43 - CFD: 2014/12/13 21:56:27 - [] D -- C:\Program Files (x86)\Mendeley Desktop
O43 - CFD: 2013/11/23 10:52:56 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 2013/11/23 10:52:37 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2013/11/22 19:34:39 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2013/11/23 10:57:23 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 2013/11/23 10:57:23 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/07/09 20:44:23 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/07/09 20:44:23 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2013/12/04 22:14:52 - [] D -- C:\Program Files (x86)\MSECache
O43 - CFD: 2015/07/29 00:47:01 - [] D -- C:\Program Files (x86)\My WIFI Router
O43 - CFD: 2014/03/31 20:38:01 - [] D -- C:\Program Files (x86)\n-Track
O43 - CFD: 2014/03/08 19:43:39 - [] D -- C:\Program Files (x86)\Nero
O43 - CFD: 2013/11/22 00:14:13 - [] D -- C:\Program Files (x86)\Nitro
O43 - CFD: 2014/07/25 23:32:48 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 2013/11/23 14:14:13 - [] D -- C:\Program Files (x86)\PANDORA.TV
O43 - CFD: 2014/04/17 20:31:32 - [] D -- C:\Program Files (x86)\PDF Password Remover v3.1
O43 - CFD: 2015/07/23 01:30:01 - [] D -- C:\Program Files (x86)\PicosmosTools
O43 - CFD: 2015/02/19 12:00:59 - [] D -- C:\Program Files (x86)\R-Studio
O43 - CFD: 2015/01/27 13:14:23 - [] D -- C:\Program Files (x86)\R.G. Mechanics
O43 - CFD: 2015/02/27 00:11:16 - [] D -- C:\Program Files (x86)\Rar Repair Tool
O43 - CFD: 2014/03/01 15:23:13 - [] D -- C:\Program Files (x86)\Readiris Corporate 12 Middle East Edition
O43 - CFD: 2014/06/27 21:46:21 - [] D -- C:\Program Files (x86)\Real Alternative
O43 - CFD: 2013/11/22 22:46:13 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2015/02/26 22:07:20 - [] D -- C:\Program Files (x86)\Recovery Toolbox for RAR
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2013/11/22 19:32:19 - [] D -- C:\Program Files (x86)\SAM CoDeC Pack
O43 - CFD: 2015/07/09 03:27:14 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2014/12/07 14:47:04 - [] D -- C:\Program Files (x86)\SmartSound Software
O43 - CFD: 2014/01/28 11:05:15 - [0] D -- C:\Program Files (x86)\SourceTec
O43 - CFD: 2015/08/01 13:21:54 - [] D -- C:\Program Files (x86)\Steam
O43 - CFD: 2015/02/27 00:08:15 - [] D -- C:\Program Files (x86)\Stronghold Crusader 2
O43 - CFD: 2015/04/24 15:46:09 - [] D -- C:\Program Files (x86)\SystemRequirementsLab
O43 - CFD: 2015/07/24 16:57:04 - [] D -- C:\Program Files (x86)\TeamViewer
O43 - CFD: 2014/12/17 22:05:38 - [] D -- C:\Program Files (x86)\Tencent =>PUP.Optional.TencentAddressBar
O43 - CFD: 2014/09/08 09:32:08 - [] D -- C:\Program Files (x86)\The KMPlayer
O43 - CFD: 2013/11/22 22:43:48 - [] D -- C:\Program Files (x86)\TOSHIBA
O43 - CFD: 2009/07/14 06:57:06 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 2014/04/20 22:52:25 - [] D -- C:\Program Files (x86)\Universal Updater =>PUP.Optional.UniversalUpdater
O43 - CFD: 2014/09/09 03:08:31 - [] D -- C:\Program Files (x86)\Valusoft
O43 - CFD: 2014/06/27 21:54:52 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 2015/01/27 14:42:15 - [] D -- C:\Program Files (x86)\WebcamMax
O43 - CFD: 2013/11/23 22:39:22 - [] D -- C:\Program Files (x86)\Winamp
O43 - CFD: 2013/11/16 23:55:48 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2013/04/20 21:25:28 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2013/04/20 21:25:28 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2013/04/20 21:25:28 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2010/11/21 05:31:38 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2013/04/20 21:25:28 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2014/12/31 14:37:09 - [] D -- C:\Program Files (x86)\Yahoo!
O43 - CFD: 2014/05/24 16:44:58 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
O43 - CFD: 2014/09/13 07:59:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\18 WoS Across America
O43 - CFD: 2013/11/17 00:19:48 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/11/16 23:24:17 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2013/12/20 10:30:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced PDF Password Remover 5.0
O43 - CFD: 2015/02/20 23:14:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair
O43 - CFD: 2015/01/05 20:16:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aid file recovery Professional
O43 - CFD: 2013/12/09 19:02:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atomic Alarm Clock
O43 - CFD: 2013/12/25 22:10:23 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutorunRemover
O43 - CFD: 2014/12/30 14:45:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2014/12/07 14:46:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
O43 - CFD: 2014/08/01 22:19:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Data Recovery
O43 - CFD: 2015/07/20 00:48:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 9.3.0
O43 - CFD: 2015/07/02 21:46:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote
O43 - CFD: 2013/11/23 12:20:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 2014/03/08 20:48:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Etisalat USB modem
O43 - CFD: 2014/06/23 22:43:52 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2014/02/18 00:12:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Books Downloader
O43 - CFD: 2015/02/19 12:00:32 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTASAConsole
O43 - CFD: 2015/03/28 14:47:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Egypt
O43 - CFD: 2015/01/27 14:09:04 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hetman Software
O43 - CFD: 2013/11/22 19:59:20 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
O43 - CFD: 2015/05/30 12:21:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2014/11/05 20:26:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2014/06/27 21:54:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 2009/07/14 06:57:09 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2014/12/13 21:56:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mendeley Desktop
O43 - CFD: 2013/11/23 10:58:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2013/11/22 19:35:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2015/05/31 13:41:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mortal Kombat Komplete Edition
O43 - CFD: 2014/03/08 19:44:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 11
O43 - CFD: 2014/12/07 14:47:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
O43 - CFD: 2013/11/22 23:20:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 2013/11/23 14:14:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PANDORATV
O43 - CFD: 2014/04/17 20:29:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Password Remover v3.1
O43 - CFD: 2014/07/03 11:14:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PESEdit.com 2013 Patch
O43 - CFD: 2015/07/15 02:52:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pesgalaxy.com Patch 2015
O43 - CFD: 2015/07/15 02:03:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pesgalaxy.com Patch 2015 DLC Installer
O43 - CFD: 2014/12/11 22:33:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\post
O43 - CFD: 2013/11/21 23:43:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 2015/02/26 23:35:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
O43 - CFD: 2015/02/27 00:11:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rar Repair Tool
O43 - CFD: 2014/06/27 21:46:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative
O43 - CFD: 2015/02/26 22:07:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Toolbox for RAR
O43 - CFD: 2013/11/22 19:32:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAM CoDeC Pack
O43 - CFD: 2014/12/01 20:20:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/05/30 21:18:19 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/05/15 01:17:51 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 2011/04/12 10:28:08 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2013/11/22 22:42:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
O43 - CFD: 2014/09/09 01:53:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valusoft
O43 - CFD: 2014/09/26 19:42:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/01/27 14:42:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebcamMax
O43 - CFD: 2013/11/22 00:12:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2014/01/03 22:29:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
O43 - CFD: 2014/01/30 22:38:40 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2015/01/27 14:42:16 - [] D -- C:\ProgramData\APN =>Toolbar.Ask
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2014/06/23 23:44:04 - [] D -- C:\ProgramData\Auslogics
O43 - CFD: 2015/02/24 00:27:12 - [0] D -- C:\ProgramData\Babylon =>PUP.Optional.Babylon
O43 - CFD: 2014/12/15 21:30:24 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 2014/05/22 11:22:07 - [] D -- C:\ProgramData\Baidu Security
O43 - CFD: 2013/11/22 22:39:36 - [] D -- C:\ProgramData\Blio
O43 - CFD: 2014/04/21 00:42:12 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 2014/12/07 14:43:26 - [] D -- C:\ProgramData\CLSK
O43 - CFD: 2014/11/07 13:24:54 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2014/12/07 16:03:32 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2014/12/07 14:47:04 - [] D -- C:\ProgramData\eSellerate
O43 - CFD: 2013/11/23 12:20:11 - [] D -- C:\ProgramData\ESET
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/01/23 14:38:13 - [] D -- C:\ProgramData\Firefly Studios
O43 - CFD: 2013/11/22 00:05:32 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 2013/11/22 20:00:55 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2014/11/20 21:01:41 - [] D -- C:\ProgramData\KONAMI
O43 - CFD: 2014/04/20 22:51:29 - [0] D -- C:\ProgramData\Log
O43 - CFD: 2014/01/31 14:22:17 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2015/06/10 22:29:57 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/03/28 14:44:15 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2015/03/19 11:44:02 - [] D -- C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
O43 - CFD: 2013/11/22 00:21:14 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2013/11/22 00:14:12 - [] D -- C:\ProgramData\Nitro
O43 - CFD: 2015/01/02 20:37:22 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 2014/07/25 23:37:50 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 2015/08/01 13:32:09 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 2015/07/15 02:01:58 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2014/12/22 20:19:32 - [] D -- C:\ProgramData\PlayFirst
O43 - CFD: 2014/12/31 13:25:23 - [] D -- C:\ProgramData\PlayfulAge
O43 - CFD: 2014/06/27 21:46:16 - [0] D -- C:\ProgramData\Real
O43 - CFD: 2013/11/23 10:56:48 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/07/09 03:27:01 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2014/12/07 14:47:30 - [] D -- C:\ProgramData\SmartSound Software Inc
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2014/11/20 21:00:55 - [] D -- C:\ProgramData\Steam
O43 - CFD: 2014/02/02 21:41:46 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2015/04/24 16:09:43 - [] D -- C:\ProgramData\SystemRequirementsLab
O43 - CFD: 2015/02/23 23:47:33 - [] AD -- C:\ProgramData\Temp
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/01/05 20:28:15 - [] D -- C:\ProgramData\Tencent =>PUP.Optional.TencentAddressBar
O43 - CFD: 2015/07/02 21:47:15 - [] D -- C:\ProgramData\Thomson.ResearchSoft.Installers
O43 - CFD: 2015/07/31 11:59:58 - [] D -- C:\ProgramData\ToolsUpdatePlatform
O43 - CFD: 2014/09/09 01:56:15 - [] D -- C:\ProgramData\Trymedia =>PUP.Optional.Trymedia
O43 - CFD: 2014/11/08 18:33:55 - [] D -- C:\ProgramData\TuneUp Software
O43 - CFD: 2013/12/25 22:10:46 - [] D -- C:\ProgramData\USBSecurity
O43 - CFD: 2015/01/27 14:42:31 - [] D -- C:\ProgramData\WebcamMax
O43 - CFD: 2014/12/31 14:37:09 - [] D -- C:\ProgramData\Yahoo!
O43 - CFD: 2014/11/07 13:36:25 - [] SHD -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 2014/05/18 12:43:54 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2014/01/30 22:38:36 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 2014/09/13 07:58:33 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2015/08/01 13:31:20 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2014/08/01 22:19:21 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 2014/03/08 19:44:44 - [] D -- C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 2013/11/22 00:14:13 - [] D -- C:\Program Files (x86)\Common Files\Nitro
O43 - CFD: 2014/03/31 20:39:10 - [] D -- C:\Program Files (x86)\Common Files\Propellerhead Software
O43 - CFD: 2013/11/23 22:36:59 - [] D -- C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 2015/07/02 21:47:11 - [] D -- C:\Program Files (x86)\Common Files\Risxtd
O43 - CFD: 2009/07/14 05:20:08 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2014/12/01 20:20:08 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2009/07/14 05:20:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 2015/06/07 19:28:11 - [] D -- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 2014/08/01 22:19:21 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/07/02 21:44:20 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 2014/01/30 22:38:19 - [] D -- C:\Users\EIAD\AppData\Roaming\Adobe
O43 - CFD: 2015/01/03 12:32:37 - [] D -- C:\Users\EIAD\AppData\Roaming\Alawar
O43 - CFD: 2014/08/01 22:19:54 - [] D -- C:\Users\EIAD\AppData\Roaming\Atomic Alarm Clock 6
O43 - CFD: 2015/02/24 00:27:12 - [] D -- C:\Users\EIAD\AppData\Roaming\Babylon =>PUP.Optional.Babylon
O43 - CFD: 2014/12/15 21:30:09 - [] D -- C:\Users\EIAD\AppData\Roaming\baidu
O43 - CFD: 2014/04/20 22:51:38 - [] D -- C:\Users\EIAD\AppData\Roaming\Baidu Security
O43 - CFD: 2015/02/03 21:39:51 - [0] D -- C:\Users\EIAD\AppData\Roaming\Black Sea Studios
O43 - CFD: 2014/01/30 22:38:44 - [] D -- C:\Users\EIAD\AppData\Roaming\com.wiziq.wiziqdesktop
O43 - CFD: 2014/03/31 20:23:00 - [] D -- C:\Users\EIAD\AppData\Roaming\Cool Record Edit Deluxe
O43 - CFD: 2014/12/01 20:22:06 - [] D -- C:\Users\EIAD\AppData\Roaming\CrystalIdea Software
O43 - CFD: 2015/06/28 21:05:50 - [] D -- C:\Users\EIAD\AppData\Roaming\CyberLink
O43 - CFD: 2015/08/01 13:38:28 - [] D -- C:\Users\EIAD\AppData\Roaming\DMCache
O43 - CFD: 2013/11/22 00:10:21 - [] D -- C:\Users\EIAD\AppData\Roaming\Downloaded Installations
O43 - CFD: 2014/12/31 14:28:56 - [0] D -- C:\Users\EIAD\AppData\Roaming\DRPSu
O43 - CFD: 2015/07/04 23:07:33 - [] D -- C:\Users\EIAD\AppData\Roaming\EndNote
O43 - CFD: 2013/11/21 23:41:23 - [] D -- C:\Users\EIAD\AppData\Roaming\Identities
O43 - CFD: 2015/07/23 16:43:51 - [] D -- C:\Users\EIAD\AppData\Roaming\IDM
O43 - CFD: 2013/11/22 22:39:57 - [] D -- C:\Users\EIAD\AppData\Roaming\InstallShield
O43 - CFD: 2013/11/22 00:04:45 - [] D -- C:\Users\EIAD\AppData\Roaming\Macromedia
O43 - CFD: 2011/04/12 10:28:08 - [0] D -- C:\Users\EIAD\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/02/08 18:42:16 - [0] D -- C:\Users\EIAD\AppData\Roaming\Media Player Classic
O43 - CFD: 2015/07/04 13:37:26 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft
O43 - CFD: 2015/05/31 14:00:15 - [] D -- C:\Users\EIAD\AppData\Roaming\MKKE
O43 - CFD: 2013/11/22 00:21:26 - [] D -- C:\Users\EIAD\AppData\Roaming\Mozilla
O43 - CFD: 2013/11/23 22:07:04 - [] D -- C:\Users\EIAD\AppData\Roaming\MPC-HC
O43 - CFD: 2014/12/22 20:17:12 - [] D -- C:\Users\EIAD\AppData\Roaming\My Games
O43 - CFD: 2014/03/31 20:53:40 - [] D -- C:\Users\EIAD\AppData\Roaming\n-Track Drums
O43 - CFD: 2014/03/31 20:53:41 - [] D -- C:\Users\EIAD\AppData\Roaming\n-Track Software Data
O43 - CFD: 2014/04/20 21:17:45 - [] D -- C:\Users\EIAD\AppData\Roaming\n-Track Studio 7
O43 - CFD: 2014/03/08 19:44:19 - [] D -- C:\Users\EIAD\AppData\Roaming\Nero
O43 - CFD: 2015/06/14 19:18:19 - [] D -- C:\Users\EIAD\AppData\Roaming\Nitro
O43 - CFD: 2015/06/26 14:21:49 - [] D -- C:\Users\EIAD\AppData\Roaming\Nitro PDF
O43 - CFD: 2014/05/24 17:17:14 - [] D -- C:\Users\EIAD\AppData\Roaming\NVIDIA
O43 - CFD: 2014/05/22 22:28:46 - [] D -- C:\Users\EIAD\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy
O43 - CFD: 2014/08/30 20:59:15 - [] D -- C:\Users\EIAD\AppData\Roaming\Oracle
O43 - CFD: 2014/12/22 20:19:32 - [] D -- C:\Users\EIAD\AppData\Roaming\PlayFirst
O43 - CFD: 2013/11/21 23:48:02 - [] D -- C:\Users\EIAD\AppData\Roaming\PowerISO
O43 - CFD: 2015/02/14 14:38:48 - [] D -- C:\Users\EIAD\AppData\Roaming\R-TT
O43 - CFD: 2015/03/12 14:14:34 - [] D -- C:\Users\EIAD\AppData\Roaming\Real
O43 - CFD: 2015/08/01 13:23:25 - [] D -- C:\Users\EIAD\AppData\Roaming\Skype
O43 - CFD: 2014/12/31 13:35:16 - [] D -- C:\Users\EIAD\AppData\Roaming\smc
O43 - CFD: 2015/01/23 14:38:12 - [] D -- C:\Users\EIAD\AppData\Roaming\Steam
O43 - CFD: 2015/01/03 12:42:46 - [] D -- C:\Users\EIAD\AppData\Roaming\SunRay Games
O43 - CFD: 2014/11/07 14:03:53 - [] D -- C:\Users\EIAD\AppData\Roaming\SysDev Laboratories
O43 - CFD: 2015/03/30 23:14:49 - [] D -- C:\Users\EIAD\AppData\Roaming\TeamViewer
O43 - CFD: 2015/01/05 20:28:15 - [] D -- C:\Users\EIAD\AppData\Roaming\Tencent =>PUP.Optional.TencentAddressBar
O43 - CFD: 2013/12/15 02:01:15 - [] D -- C:\Users\EIAD\AppData\Roaming\Toshiba
O43 - CFD: 2014/11/07 14:44:41 - [] D -- C:\Users\EIAD\AppData\Roaming\TuneUp Software
O43 - CFD: 2015/02/17 22:40:38 - [] D -- C:\Users\EIAD\AppData\Roaming\vlc
O43 - CFD: 2015/01/27 14:42:22 - [] D -- C:\Users\EIAD\AppData\Roaming\WebcamMax
O43 - CFD: 2013/11/23 22:39:58 - [] D -- C:\Users\EIAD\AppData\Roaming\Winamp
O43 - CFD: 2013/11/22 19:58:02 - [] D -- C:\Users\EIAD\AppData\Roaming\WinBatch
O43 - CFD: 2013/11/22 00:15:47 - [] D -- C:\Users\EIAD\AppData\Roaming\WinRAR
O43 - CFD: 2014/04/27 21:11:42 - [] D -- C:\Users\EIAD\AppData\Roaming\Yahoo!
O43 - CFD: 2015/08/01 14:20:46 - [] D -- C:\Users\EIAD\AppData\Roaming\ZHP
O43 - CFD: 2015/05/30 19:31:26 - [] D -- C:\Users\EIAD\AppData\Local\Adobe
O43 - CFD: 2014/04/20 22:53:23 - [0] D -- C:\Users\EIAD\AppData\Local\Alnaddy =>PUP.Optional.Alnaddy
O43 - CFD: 2013/11/21 23:41:08 - [0] D -- C:\Users\EIAD\AppData\Local\Application Data
O43 - CFD: 2014/05/22 13:19:06 - [] D -- C:\Users\EIAD\AppData\Local\cache
O43 - CFD: 2015/07/22 13:10:03 - [] D -- C:\Users\EIAD\AppData\Local\Crossbrowse =>PUP.Optional.CrossBrowse
O43 - CFD: 2015/07/14 18:44:15 - [0] D -- C:\Users\EIAD\AppData\Local\Diagnostics
O43 - CFD: 2013/11/22 22:38:22 - [] D -- C:\Users\EIAD\AppData\Local\Downloaded Installations
O43 - CFD: 2013/11/28 01:01:02 - [] D -- C:\Users\EIAD\AppData\Local\ESET
O43 - CFD: 2014/12/07 13:51:45 - [] D -- C:\Users\EIAD\AppData\Local\Facebook
O43 - CFD: 2015/05/31 14:00:41 - [] D -- C:\Users\EIAD\AppData\Local\FLT
O43 - CFD: 2015/07/22 00:13:21 - [] D -- C:\Users\EIAD\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2014/01/24 18:57:26 - [] D -- C:\Users\EIAD\AppData\Local\Google
O43 - CFD: 2014/04/29 20:39:34 - [0] D -- C:\Users\EIAD\AppData\Local\HD Streamer =>PUP.Optional.HDStreamer
O43 - CFD: 2013/11/21 23:41:08 - [0] D -- C:\Users\EIAD\AppData\Local\History
O43 - CFD: 2015/04/14 13:46:34 - [] D -- C:\Users\EIAD\AppData\Local\IE Tab
O43 - CFD: 2015/07/05 16:29:17 - [] D -- C:\Users\EIAD\AppData\Local\MacGo
O43 - CFD: 2013/11/22 19:23:51 - [] D -- C:\Users\EIAD\AppData\Local\Macromedia
O43 - CFD: 2014/12/13 21:56:31 - [] D -- C:\Users\EIAD\AppData\Local\Mendeley Ltd
O43 - CFD: 2014/12/12 22:10:31 - [] D -- C:\Users\EIAD\AppData\Local\Microsoft
O43 - CFD: 2015/04/05 14:29:23 - [] D -- C:\Users\EIAD\AppData\Local\Microsoft Help
O43 - CFD: 2014/12/30 14:52:42 - [0] DC -- C:\Users\EIAD\AppData\Local\MigWiz
O43 - CFD: 2014/12/15 21:00:27 - [] D -- C:\Users\EIAD\AppData\Local\MiniService
O43 - CFD: 2014/05/22 14:34:16 - [] D -- C:\Users\EIAD\AppData\Local\Mobogenie =>PUP.Optional.Mobogenie
O43 - CFD: 2013/12/18 00:14:14 - [] D -- C:\Users\EIAD\AppData\Local\Mozilla
O43 - CFD: 2014/01/07 20:21:48 - [] D -- C:\Users\EIAD\AppData\Local\NVIDIA
O43 - CFD: 2014/07/25 23:37:54 - [] D -- C:\Users\EIAD\AppData\Local\NVIDIA Corporation
O43 - CFD: 2013/11/22 00:03:18 - [] D -- C:\Users\EIAD\AppData\Local\Programs
O43 - CFD: 2015/02/26 23:36:26 - [] D -- C:\Users\EIAD\AppData\Local\QuickPar
O43 - CFD: 2014/06/27 21:46:16 - [0] D -- C:\Users\EIAD\AppData\Local\Real
O43 - CFD: 2014/12/01 20:20:17 - [] D -- C:\Users\EIAD\AppData\Local\Skype
O43 - CFD: 2015/02/24 23:23:42 - [] D -- C:\Users\EIAD\AppData\Local\Steam
O43 - CFD: 2015/08/01 14:21:25 - [] D -- C:\Users\EIAD\AppData\Local\Temp
O43 - CFD: 2013/11/21 23:41:08 - [0] D -- C:\Users\EIAD\AppData\Local\Temporary Internet Files
O43 - CFD: 2014/05/20 00:06:50 - [] D -- C:\Users\EIAD\AppData\Local\VirtualStore
O43 - CFD: 2015/07/02 00:41:42 - [] D -- C:\Users\EIAD\AppData\Local\zexlbzzvng41czk
O43 - CFD: 2015/07/22 19:41:40 - [] D -- C:\Users\EIAD\AppData\Local\zfblvtytnek1bjl
O43 - CFD: 2009/07/14 06:54:32 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/07/22 19:10:26 - [] RD -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/02/20 23:14:59 - [0] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair
O43 - CFD: 2014/03/06 21:34:46 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cool Record Edit Deluxe
O43 - CFD: 2014/12/07 14:48:29 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor
O43 - CFD: 2015/07/18 18:26:50 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 2015/02/18 13:41:21 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/01/06 23:28:45 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/01/27 14:09:04 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hetman Software
O43 - CFD: 2015/05/30 12:21:09 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2015/07/05 16:28:58 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macgo Windows Blu-ray Player
O43 - CFD: 2009/07/14 06:49:38 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/01/04 23:34:32 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My WIFI Router
O43 - CFD: 2014/03/01 15:23:13 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Readiris Corporate 12 Middle East Edition
O43 - CFD: 2015/01/25 14:28:20 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recover My Files v5
O43 - CFD: 2015/08/01 13:31:03 - [] RD -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2014/12/17 22:05:59 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tencent =>PUP.Optional.TencentAddressBar
O43 - CFD: 2013/11/23 14:14:03 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
O43 - CFD: 2013/11/22 00:12:48 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/03/17 00:08:40 - [] D -- C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WMV9 VCM
---\\ ShareTools MSconfig StartupReg (SMSR) (O53) (25) - 2s
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\AtomicAlarmClock6 [Key] . (...) -- C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
O53 - SMSR:HKLM\...\startupreg\autodetect [Key] . (...) -- C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\AutorunRemover.exe [Key] . (...) -- C:\Program Files (x86)\AutorunRemover\AutorunRemover.exe
O53 - SMSR:HKLM\...\startupreg\Babylon Client [Key] . (...) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe (.not file.) =>PUP.Optional.Babylon
O53 - SMSR:HKLM\...\startupreg\CCleaner Monitoring [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe
O53 - SMSR:HKLM\...\startupreg\DrvUpdater [Key] . (...) -- C:\Users\EIAD\AppData\Roaming\DRPSu\DrvUpdater.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Facebook Update [Key] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\EIAD\AppData\Local\Facebook\Update\FacebookUpdate.exe
O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Google Installer.) -- C:\Users\EIAD\AppData\Local\Google\Update\GoogleUpdate.exe
O53 - SMSR:HKLM\...\startupreg\IntelWirelessWiMAX [Key] . (.Intel® Corporation - Intel® PROSet/Wireless WiMAX Connection Uti.) -- C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
O53 - SMSR:HKLM\...\startupreg\Messenger (Yahoo!) [Key] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O53 - SMSR:HKLM\...\startupreg\mobilegeni daemon [Key] . (...) -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Optional.Mobogenie
O53 - SMSR:HKLM\...\startupreg\NvBackend [Key] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O53 - SMSR:HKLM\...\startupreg\Nvtmru [Key] . (...) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\PWRISOVM.EXE [Key] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O53 - SMSR:HKLM\...\startupreg\ShadowPlay [Key] . (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O53 - SMSR:HKLM\...\startupreg\Steam [Key] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O53 - SMSR:HKLM\...\startupreg\TosNC [Key] . (...) -- %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\TosWaitSrv [Key] . (...) -- %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\TRCMan [Key] . (.TOSHIBA Corporation - TRCMan.exe.) -- C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
O53 - SMSR:HKLM\...\startupreg\TWebCamera [Key] . (.TOSHIBA CORPORATION. - .) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
O53 - SMSR:HKLM\...\startupreg\WebcamMaxAutoRun [Key] . (...) -- C:\Program Files (x86)\WebcamMax\wcmmon.exe
---\\ System Drivers List (SDL) (O58) (76) - 51s
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864]
O58 - SDL:2009/07/14 03:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440]
O58 - SDL:2011/03/11 08:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904]
O58 - SDL:2009/07/14 03:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128]
O58 - SDL:2011/03/11 08:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856]
O58 - SDL:2009/06/10 22:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848]
O58 - SDL:2012/07/03 15:10:00 A . (.Intel Corporation - Intel® WiMax Link 5050 Series Enumerator.) -- C:\Windows\System32\drivers\bpenum.sys [84480]
O58 - SDL:2012/07/03 15:10:10 A . (.Intel Corporation - Intel® WiMax Link 5050 Series Driver.) -- C:\Windows\System32\drivers\bpmp.sys [182272]
O58 - SDL:2012/07/03 15:10:02 A . (.Intel Corporation - Intel® WiMax Link 5050 Series Function Driv.) -- C:\Windows\System32\drivers\bpusb.sys [84992]
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432]
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704]
O58 - SDL:2009/07/14 03:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720]
O58 - SDL:2009/06/10 22:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480]
O58 - SDL:2009/07/14 03:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488]
O58 - SDL:2009/06/10 22:35:09 A . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserializ.) -- C:\Windows\System32\drivers\E1G6032E.sys [145792]
O58 - SDL:2013/09/17 15:17:38 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys [239320]
O58 - SDL:2013/09/17 15:17:38 A . (.ESET - Devmon monitor.) -- C:\Windows\System32\drivers\edevmon.sys [239296]
O58 - SDL:2013/09/17 15:17:38 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys [168256]
O58 - SDL:2009/07/14 03:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496]
O58 - SDL:2013/09/17 15:17:38 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfpr.sys [157432]
O58 - SDL:2009/06/10 22:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016]
O58 - SDL:2009/06/10 22:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232]
O58 - SDL:2013/02/19 10:59:38 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [57848]
O58 - SDL:2010/11/21 05:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720]
O58 - SDL:2013/09/20 14:41:20 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [630632]
O58 - SDL:2013/09/20 14:41:16 A . (.Intel Corporation - Intel Rapid Storage Technology Filter drive.) -- C:\Windows\System32\drivers\iaStorF.sys [28008]
O58 - SDL:2011/03/11 08:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496]
O58 - SDL:2015/05/20 14:55:54 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [197616]
O58 - SDL:2009/07/14 03:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112]
O58 - SDL:2013/07/17 23:43:40 A . (.Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Dri.) -- C:\Windows\System32\drivers\iusb3hcs.sys [20464]
O58 - SDL:2013/04/26 09:40:22 A . (.JMicron Technology Corporation - JMicron PCIe Flash Media Controller Driver.) -- C:\Windows\System32\drivers\jmcr.sys [176880]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776]
O58 - SDL:2011/03/26 10:37:12 A . (.MBB Incorporated - CDROM Filter.) -- C:\Windows\System32\drivers\massfilter.sys [11776]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736]
O58 - SDL:2013/05/29 04:10:52 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETwsw00.sys [11524096]
O58 - SDL:2009/07/14 03:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264]
O58 - SDL:2013/03/01 03:49:12 A . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\drivers\npf.sys [36600]
O58 - SDL:2013/11/28 15:38:18 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\drivers\nvhda64v.sys [197408]
O58 - SDL:2014/05/20 04:44:03 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [12688328]
O58 - SDL:2011/03/11 08:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352]
O58 - SDL:2011/03/11 08:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272]
O58 - SDL:2014/03/31 18:42:44 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\Windows\System32\drivers\nvvad64v.sys [40392]
O58 - SDL:2009/06/22 17:06:38 A . (.TOSHIBA Corporation - TOSHIBA Universal Camera Filter Driver.) -- C:\Windows\System32\drivers\PGEffect.sys [35008]
O58 - SDL:2009/07/14 03:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816]
O58 - SDL:2009/07/14 03:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592]
O58 - SDL:2013/08/27 12:08:42 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [883928]
O58 - SDL:2013/10/22 18:38:24 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [3692632]
O58 - SDL:2013/10/23 16:11:22 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [129944]
O58 - SDL:2009/06/10 22:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040]
O58 - SDL:2009/07/14 02:00:40 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\serial.sys [94208]
O58 - SDL:2009/07/14 03:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584]
O58 - SDL:2009/07/14 03:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464]
O58 - SDL:2009/07/14 03:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656]
O58 - SDL:2010/03/10 18:51:32 A . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\drivers\SynTP.sys [316464]
O58 - SDL:2014/05/17 02:42:38 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\drivers\taphss6.sys [42184]
O58 - SDL:2009/06/29 08:16:20 A . (.TOSHIBA Corporation - TOSHIBA HDD Protection - Shock Sensor Drive.) -- C:\Windows\System32\drivers\Thpevm.sys [14784]
O58 - SDL:2009/06/19 19:15:22 A . (.TOSHIBA Corporation - TOSHIBA TVALZ Filter Driver for x64.) -- C:\Windows\System32\drivers\TVALZFL.sys [14472]
O58 - SDL:2009/07/14 13:31:18 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\Windows\System32\drivers\TVALZ_O.SYS [26840]
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488]
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872]
O58 - SDL:2011/03/26 10:37:12 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys [123520]
O58 - SDL:2011/03/26 10:37:12 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbnmea.sys [123520]
O58 - SDL:2011/03/26 10:37:12 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbser6k.sys [123520]
O58 - SDL:2013/03/07 09:49:18 A . (...) -- C:\Windows\System32\epmntdrv.sys [17480]
O58 - SDL:2013/03/07 09:49:18 A . (...) -- C:\Windows\System32\EuGdiDrv.sys [9800]
---\\ Last modified or created user files (O61) (20) - 100s
O61 - LFC: 2015/07/31 23:42:20 A . (..) -- C:\Users\EIAD\Documents\KONAMI\Pro Evolution Soccer 2015\save\CUP 01.bin [6044898]
O61 - LFC: 2015/07/31 23:42:20 A . (..) -- C:\Users\EIAD\Documents\KONAMI\Pro Evolution Soccer 2015\save\SYSTEM.bin [136577]
O61 - LFC: 2015/08/01 13:21:29 A . (.Tonec Inc..) -- C:\Users\EIAD\AppData\Roaming\IDM\idmmzcc5\components2\idmcchandler2.dll [332824]
O61 - LFC: 2015/08/01 13:21:29 A . (.Tonec Inc..) -- C:\Users\EIAD\AppData\Roaming\IDM\idmmzcc5\components2\idmcchandler2_64.dll [460824]
O61 - LFC: 2015/08/01 13:21:29 A . (.Tonec Inc..) -- C:\Users\EIAD\AppData\Roaming\IDM\idmmzcc5\components2\idmmzcc.dll [34216]
O61 - LFC: 2015/08/01 13:21:29 A . (.Tonec Inc..) -- C:\Users\EIAD\AppData\Roaming\IDM\idmmzcc5\components2\idmmzcc64.dll [28512]
O61 - LFC: 2015/08/01 13:21:25 A . (.Tonec Inc..) -- C:\Users\EIAD\AppData\Roaming\IDM\idmmzcc5\components12\idmmzcc.dll [26648]
O61 - LFC: 2015/08/01 13:21:27 A . (.Tonec Inc..) -- C:\Users\EIAD\AppData\Roaming\IDM\idmmzcc5\components12\idmmzcc64.dll [31768]
O61 - LFC: 2015/08/01 13:21:25 A . (.Tonec Inc..) -- C:\Users\EIAD\AppData\Roaming\IDM\idmmzcc5\components\idmmzcc.dll [34216]
O61 - LFC: 2015/07/29 14:30:14 A . (..) -- C:\Users\EIAD\AppData\Local\NVIDIA\NvBackend\UMDShim\nvcoproc.bin [5125685]
O61 - LFC: 2015/07/29 18:21:01 A . (..) -- C:\Users\EIAD\AppData\Local\NVIDIA\NvBackend\Packages\00007b9c\DAO.19811313.exe [5918368]
O61 - LFC: 2015/07/29 18:20:28 A . (..) -- C:\Users\EIAD\AppData\Local\NVIDIA\NvBackend\Packages\00007b99\CoProc update.19811111.exe [515016]
O61 - LFC: 2015/07/24 18:35:00 A . (..) -- C:\Users\EIAD\AppData\Local\Google\Update\Install\{A77BC0FE-BE70-419A-9520-E38E6C47703A}\44.0.2403.107_44.0.2403.89_chrome_updater.exe [1070160]
O61 - LFC: 2015/07/29 19:51:48 A . (..) -- C:\Users\EIAD\AppData\Local\Google\Update\Install\{96D12479-680A-4D94-B1E6-8E0AD8470588}\44.0.2403.125_44.0.2403.107_chrome_updater.exe [794192]
O61 - LFC: 2015/07/29 19:51:48 A . (..) -- C:\Users\EIAD\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\44.0.2403.125\44.0.2403.125_44.0.2403.107_chrome_updater.exe [794192]
O61 - LFC: 2015/08/01 13:22:54 A . (..) -- C:\Users\EIAD\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/25 10:46:40 A . (..) -- C:\Users\EIAD\AppData\Local\Google\Chrome\Application\44.0.2403.125\libexif.dll [310088]
O61 - LFC: 2015/07/25 09:09:50 A . (..) -- C:\Users\EIAD\AppData\Local\Google\Chrome\Application\44.0.2403.125\natives_blob.bin [396173]
O61 - LFC: 2015/07/25 09:09:51 A . (..) -- C:\Users\EIAD\AppData\Local\Google\Chrome\Application\44.0.2403.125\snapshot_blob.bin [436812]
O61 - LFC: 2015/07/25 10:46:43 A . (..) -- C:\Users\EIAD\AppData\Local\Google\Chrome\Application\44.0.2403.125\PepperFlash\pepflashplayer.dll [16308040]
---\\ File Associations Shell Spawning (O67) (1) - 0s
O67 - Shell Spawning: <.evt>
---\\ Start Menu Internet (SMI) (O68) (12) - 1s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Search Browser Infection (SBI) (O69) (1) - 6s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
---\\ Search Svchost Services (SSS) (O83) (33) - 2s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [193536]
---\\ Firewall Active Exception List (FirewallRules) (O87) (40) - 5s
O87 - FAEL: "{B696751E-FE32-4E7D-979E-E085ACDC81E5}" [In-None-P6-TRUE] .(.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wirel.) -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O87 - FAEL: "{1BF958E9-4230-4309-A269-76A962B20F57}" [In-None-P6-TRUE] .(.Red Bend Ltd. - Red Bend Device Management Service for Inte.) -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O87 - FAEL: "{CD0FC881-E79E-41BD-9524-252B611DDC32}" [In-None-P17-TRUE] .(.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wirel.) -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O87 - FAEL: "{36426860-24C7-409C-A8FC-D738E8045DB1}" [In-None-P17-TRUE] .(.Red Bend Ltd. - Red Bend Device Management Service for Inte.) -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O87 - FAEL: "{1528E808-43BA-48E5-91F3-0461F37EAFE7}" [In-None-P6-TRUE] .(.Nullsoft, Inc. - Winamp.) -- C:\Program Files (x86)\Winamp\winamp.exe
O87 - FAEL: "{2C4DDA6C-874C-4126-8A95-D25384BBAF3D}" [In-None-P17-TRUE] .(.Nullsoft, Inc. - Winamp.) -- C:\Program Files (x86)\Winamp\winamp.exe
O87 - FAEL: "{CB6A23B2-6D27-489A-A8CB-4314235A2BE1}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Tango\Tango.exe (.not file.)
O87 - FAEL: "{3AFBC7E2-8072-412A-8462-0EF2D0694951}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Tango\Tango.exe (.not file.)
O87 - FAEL: "{5FC8D4A7-FA53-4FAD-B361-7DE0FBFFF35B}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (.not file.)
O87 - FAEL: "{2CF6315D-D816-4584-B354-BDF4F8C8AB7D}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (.not file.)
O87 - FAEL: "{FCA084D1-5557-45AD-9A14-8018BC2D6E09}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (.not file.)
O87 - FAEL: "{7E8C96BD-297B-4657-9DC0-AE2A907ABEB8}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (.not file.)
O87 - FAEL: "{9684AC55-1217-43B4-B9C1-32CD9F315AF7}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2015\PES2015.exe (.not file.)
O87 - FAEL: "{975257EC-0931-4819-98C5-7298E9A2540D}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2015\PES2015.exe (.not file.)
O87 - FAEL: "{67D40152-3ADF-46A3-9A52-2BF6DFDCE25D}" [In-None-P6-FALSE] .(...) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2015\PES2015.exe (.not file.)
O87 - FAEL: "{F9E4FC14-5E61-4E6A-81BC-AE1F7B5ED452}" [In-None-P17-FALSE] .(...) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2015\PES2015.exe (.not file.)
O87 - FAEL: "{CE038004-1FD4-458A-8A5F-0A801AC230A1}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll (.not file.)
O87 - FAEL: "{28443067-2276-4539-B806-316BC655BA83}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll (.not file.)
O87 - FAEL: "{92B70020-3837-4316-A110-E032DCD96011}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe
O87 - FAEL: "{1C18E270-BB39-49CD-95C0-D8ADAF36F4A0}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe
O87 - FAEL: "{2AE09628-8BCC-4BC6-BE65-A710DA8653A5}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe
O87 - FAEL: "{D6D15F90-FAD6-44E1-9F48-C3E7BADE7DF5}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe
O87 - FAEL: "{92A4059E-DBED-4CA5-A0D9-71EFACF20C65}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe
O87 - FAEL: "{54B17BFD-C2A5-4A01-B7A0-414D240B7108}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe
O87 - FAEL: "{4CD70C9F-6132-4CB6-AFA6-614FDACD9DBB}" [In-None-P6-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O87 - FAEL: "{1CE2E9E4-273C-4D51-95FD-4C2DD000785B}" [In-None-P17-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O87 - FAEL: "{DB65FC03-D960-4B98-A110-C956843A40D2}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer.exe
O87 - FAEL: "{AFB72E72-5A82-43A8-A354-B00AC935516E}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer.exe
O87 - FAEL: "{2D540835-DF59-4509-A7FA-C2377F25DFBB}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O87 - FAEL: "{CAE0C55B-84BF-4DC7-B3E6-592A35CB915C}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O87 - FAEL: "{30860A4E-FAEC-4D06-ABB2-20D321B5EC0A}" [In-None-P6-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O87 - FAEL: "{C59E26CB-177C-4121-B4EA-4E403C7088E2}" [In-None-P17-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O87 - FAEL: "{200E4A90-792F-4927-8495-998D753BC389}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer.exe
O87 - FAEL: "{A447B2F0-83CD-44F1-9A72-6404B57F6216}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer.exe
O87 - FAEL: "{701DB759-4BAA-4A6E-802E-C717AF76DA6A}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O87 - FAEL: "{4CB65CE0-4646-4830-969A-E7F42B76AD97}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O87 - FAEL: "{FE2A311C-98D5-4791-AFF9-DFA6B312AD7D}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
O87 - FAEL: "{6BBE0646-8500-4C41-A4EF-73BF687F5F5B}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
O87 - FAEL: "{C9E88D01-817F-4173-AA1A-B2B01DA2386E}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
O87 - FAEL: "{FA85AB14-18E4-4E50-8678-A931939A24EC}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
---\\ Search Tracing Registry Key (O100) (2) - 2s
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASAPI32 =>PUP.Optional.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASMANCS =>PUP.Optional.Babylon
---\\ Additional Scan (O88) (62) - 0s
C:\Program Files (x86)\Addon Enabler\EnablerService.exe =>PUP.Optional.HDStreamer
C:\Program Files (x86)\Universal Updater\UpdaterService.exe =>PUP.Optional.UniversalUpdater
C:\Users\EIAD\AppData\Local\Google\Chrome\User Data\Default\Extensions\oleglodmkonbpfmlffapjfednjopbeeh
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
C:\Program Files (x86)\HD Streamer\ScriptHost64.dll =>PUP.Optional.HDStreamer
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6062A33-016E-4BDA-A6F1-890D989F8656} =>PUP.Optional.HDStreamer
HKLM\SYSTEM\CurrentControlSet\Services\EnablerService =>PUP.Optional.HDStreamer
HKLM\SYSTEM\CurrentControlSet\Services\UniversalUpdater =>PUP.Optional.Salus
C:\Program Files (x86)\Universal Updater\UpdaterService.exe =>PUP.Optional.Salus
C:\Users\EIAD\AppData\Roaming\pLNMD5hEPKK4tJw5zgS0AihLT5j.exe =>PUP.Optional.Pirrit
C:\Windows\System32\Tasks\54b401e8-a303-4041-98f8-5a2e48f84f3b-1 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\54b401e8-a303-4041-98f8-5a2e48f84f3b-5 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\Crossbrowse =>PUP.Optional.CrossBrowse
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-6 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-1-7 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-10_user =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-3 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-4 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-5_user =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-6 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\f2fd4710-26e9-4477-abba-8e3c2fe5a0fe-7 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HD Streamer =>PUP.Optional.HDStreamer
HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse
HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Tencent =>PUP.Optional.TencentAddressBar
HKLM\SOFTWARE\Wow6432Node\Trymedia Systems =>PUP.Optional.Trymedia
HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaP-1.9cV21.07-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CoinisRS =>PUP.Optional.InstallCore
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
HKCU\SOFTWARE\Tencent =>PUP.Optional.TencentAddressBar
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider =>PUP.Optional.CrossRider
C:\Program Files (x86)\Addon Enabler =>PUP.Optional.HDStreamer
C:\Program Files (x86)\Babylon =>PUP.Optional.Babylon
C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Program Files (x86)\HD Streamer =>PUP.Optional.HDStreamer
C:\Program Files (x86)\Tencent =>PUP.Optional.TencentAddressBar
C:\Program Files (x86)\Universal Updater =>PUP.Optional.UniversalUpdater
C:\ProgramData\APN =>Toolbar.Ask
C:\ProgramData\Babylon =>PUP.Optional.Babylon
C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
C:\ProgramData\Tencent =>PUP.Optional.TencentAddressBar
C:\ProgramData\Trymedia =>PUP.Optional.Trymedia
C:\Users\EIAD\AppData\Roaming\Babylon =>PUP.Optional.Babylon
C:\Users\EIAD\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy
C:\Users\EIAD\AppData\Roaming\Tencent =>PUP.Optional.TencentAddressBar
C:\Users\EIAD\AppData\Local\Alnaddy =>PUP.Optional.Alnaddy
C:\Users\EIAD\AppData\Local\Crossbrowse =>PUP.Optional.CrossBrowse
C:\Users\EIAD\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Users\EIAD\AppData\Local\HD Streamer =>PUP.Optional.HDStreamer
C:\Users\EIAD\AppData\Local\Mobogenie =>PUP.Optional.Mobogenie
C:\Users\EIAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tencent =>PUP.Optional.TencentAddressBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASAPI32 =>PUP.Optional.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASMANCS =>PUP.Optional.Babylon
---\\ Summary of the elements found on your workstation (19) - 0s
http://www.nicolascoolman.fr/pup-hdstreamer/ =>PUP.Optional.HDStreamer
http://www.nicolascoolman.fr/blog =>PUP.Optional.UniversalUpdater
http://www.nicolascoolman.fr/hijacker-browsers/ =>PUP.Optional.Browser
http://www.nicolascoolman.fr/blog =>PUP.Optional.BDYahoo
http://www.nicolascoolman.fr/adware-tencentaddressbar/ =>PUP.Optional.TencentAddressBar
http://www.nicolascoolman.fr/pup-salus/ =>PUP.Optional.Salus
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowse
http://www.nicolascoolman.fr/pup-pirritsuggestor/ =>PUP.Optional.Pirrit
http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate
http://www.nicolascoolman.fr/adware-trymedia/ =>PUP.Optional.Trymedia
http://www.nicolascoolman.fr/adware-installcore/ =>PUP.Optional.InstallCore
http://www.nicolascoolman.fr/blog =>PUP.Optional.Softonic
http://www.nicolascoolman.fr/pup-babylon/ =>PUP.Optional.Babylon
http://www.nicolascoolman.fr/toolbar-ask/ =>Toolbar.Ask
http://www.nicolascoolman.fr/trojan-autokms/ =>HackTool.AutoKMS
http://www.nicolascoolman.fr/adware-opencandy/ =>PUP.Optional.OpenCandy
http://www.nicolascoolman.fr/hijacker-alnaddy/ =>PUP.Optional.Alnaddy
http://www.nicolascoolman.fr/pup-mobogenie/ =>PUP.Optional.Mobogenie
~ End of the scan, 37008 items in 411 seconds (1265)(0)()