cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.8.13.118 By Nicolas Coolman (2015/08/13)
~ Run by sameh (Administrator) (2015/08/14 14:03:59)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\sameh\Desktop\ZHPDiag.txt
~ Report: C:\Users\sameh\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 8.1, 64-bit (Build 9600)

---\\ Internet Browsers (4) - 0s
GCIE: Google Chrome v44.0.2403.155
MFIE: Mozilla Firefox 39.0 (x86 ar) v39.0
OPIE: Opera 31.0.1889.99 v31.0.1889.99
MSIE: Internet Explorer v11.0.9600.17937

---\\ Windows Product Information (4) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK

---\\ System protection software (3) - 3s
Kaspersky Internet Security v15.0.1.415
Malwarebytes Anti-Malware version 2.1.8.1057
Panda Cloud Cleaner v1.0.107

---\\ System optimization software (1) - 3s
CCleaner v4.18

---\\ Surveillance software (1) - 3s
Adobe Reader XI

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 16707.608 MB (81% free)
~ System Restore: Activé (Enable)
~ System drive C: has 30 GB free of 128 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: SAMEH
~ User Name: sameh
~ Logged in as Administrator

---\\ Enumeration of the disk units (5) - 0s
~ Drive C: has 30 GB free of 128 GB (System)
~ Drive D: has 368 GB free of 799 GB
~ Drive E: has 2 GB free of 24 GB
~ Drive F: has 53 GB free of 646 GB
~ Drive G: has 141 GB free of 307 GB

---\\ State of the Windows Security Center (13) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (22) - 1s
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2501368]
[MD5.6C308D32AFA41D26CE2A0EA8F7B79565] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [54784]
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [145920]
[MD5.C555B5C8142844DED9E3BD94E6313000] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [2427904]
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [572416]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [76800]
[MD5.49EE0AE9E5B64FFBBD06D55C4984B598] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [108544]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [142848]
[MD5.6FBDF2B1B025A8E6E069234362FFFFB7] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [401408]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [282624]
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [2025792]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [310080]

---\\ Process running (102) - 22s
[MD5.D768CA15B379A9611B22719A1364D3C0] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 352.8.) -- C:\Windows\system32\nvvsvc.exe [937288] [PID.988]
[MD5.3B728A134A470D51910B8090AA626F97] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [1252168] [PID.340]
[MD5.D768CA15B379A9611B22719A1364D3C0] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 352.8.) -- C:\Windows\system32\nvvsvc.exe [937288] [PID.752]
[MD5.DEE40211AA700A0A9D7F95EC38DE0714] - (...) -- C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568] [PID.1032]
[MD5.1300D100EF891C98504DE38624D3F639] - (.Softex Inc. - HP SimplePass Service.) -- C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552] [PID.1084]
[MD5.D67F951F6BA708812420195B8D0AB8B6] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\stacsv64.exe [339456] [PID.1428]
[MD5.0865F178E272C682B0689F1AA269128D] - (.Hewlett-Packard Company - HpService.) -- C:\Windows\system32\Hpservice.exe [43320] [PID.1604]
[MD5.013697369EAFFA675D0671607F036020] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1752]
[MD5.748085AED9A6CD403E962719E57F1CFB] - (...) -- C:\ProgramData\CersIuo\ciiuwte.exe [124880] [PID.2084]
[MD5.A41997333CFBBFD8A08714F6423A68C0] - (.CyberLink - CyberLink Media Server Monitor Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576] [PID.2392]
[MD5.F8CF3A993692786D56872DD8B0F8C900] - (.CyberLink - CyberLink Media Server Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760] [PID.2440]
[MD5.7523BCDB084836BA3E44ED8EC31F2E50] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [631024] [PID.2516]
[MD5.46EFBA3474801D260925671B42170AF2] - (.Copyright © 2015 - .) -- C:\Program Files\fchk32\fchk32.exe [379904] [PID.2544]
[MD5.11CE87BFED28457EC4A2FA264C83312E] - (.NVIDIA Corporation - NVIDIA GeForce Experience Service.) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760] [PID.2752]
[MD5.022A29AAC0154C3DE8A9A4F0922E8005] - (.Hewlett-Packard Development Company, L.P. - HP WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160] [PID.2772]
[MD5.38341B379EEE49779CDE89B305FE8FB4] - (. - file.) -- C:\Users\sameh\AppData\Local\NVIDIANetwork\nvidia.exe [38400] [PID.2916]
[MD5.0DB1E3F6189C628675F855C0EB510419] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696] [PID.2968]
[MD5.AB62699812B02E9268F4DA68F2791512] - (.Intel Corporation - Intel(R) Wireless Bluetooth(R) Radio Manage.) -- C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128] [PID.3004]
[MD5.03A3CE57926257CBBF60A1FF189C177B] - (.Copyright© 2011-2013 Intel Corporation - ISCT Agent Application.) -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120] [PID.2328]
[MD5.C4EFFA3554FA1B6E924209721A5ECD4E] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928] [PID.2972]
[MD5.E1796D8A3E01D77C8DD41C99B835B8F8] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256] [PID.3192]
[MD5.DC2BCA9336EBBA582AE346C9DAB996A4] - (.Cinema PlusV13.08 - CinemaP-1.9cV13.08 exe.) -- C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-6.exe [1348176] [PID.3388] =>PUP.Optional.CrossRider
[MD5.592A305F4A51E6FE3DB5444A23F025EA] - (.Cinema PlusV13.08 - CinemaP-1.9cV13.08 exe.) -- C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-1-6.exe [1599056] [PID.3400] =>PUP.Optional.CrossRider
[MD5.44C0A1E14797E2FC0CB0E8869C8E8FA8] - (.Cinema PlusV13.08 - CinemaP-1.9cV13.08 exe.) -- C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-10.exe [1528400] [PID.3424] =>PUP.Optional.CrossRider
[MD5.34878C9CFF0F0B95082A92F3A03A3F7B] - (.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960] [PID.3476]
[MD5.E7D9B291A1094A2DA28A5CB57B4F064F] - (.Copyright (C) 2015 - Update Platform Application.) -- C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe [635128] [PID.3644]
[MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\Windows\SysWOW64\IoctlSvc.exe [81920] [PID.3672]
[MD5.71A9AC57F462366BB2E33F4A7D1477FA] - (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056] [PID.3740]
[MD5.D4857EC6958172845F261D4E55CB6D6E] - (.RealNetworks, Inc. - RealPlayer Cloud Service.) -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141336] [PID.3840]
[MD5.34878C9CFF0F0B95082A92F3A03A3F7B] - (.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960] [PID.3564]
[MD5.34878C9CFF0F0B95082A92F3A03A3F7B] - (.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960] [PID.1152]
[MD5.DA2B52BE7AC31FD61DB4A5B966402281] - (...) -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552] [PID.4020]
[MD5.3B7B76483547F07944DAADAEF6E28664] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [154864] [PID.4008]
[MD5.9DA3B55B17B54789AFB8C657D4ACE4D7] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688] [PID.4052]
[MD5.476D9CEC2F1C57D5DDB8C2134F224866] - (.Copyright (C) 2015 - The Calendar Service.) -- C:\Program Files (x86)\CalendarTool\2.0.0.10764\CalendarServ.exe [149432] [PID.3704]
[MD5.258C050D197D923668B36C8D3F6A2353] - (.TuneUp Software - TuneUp Utilities Service.) -- C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080] [PID.3896]
[MD5.E21D325AF3D32A68112D71D9968A01FF] - (.Validity Sensors, Inc. - ValidityWBF Policy Service (EEM).) -- C:\Windows\system32\valWBFPolicyService.exe [32768] [PID.3924]
[MD5.DD0042F0C3B606A6A8B92D49AFB18AD6] - (.Yahoo! Inc. - AutoUpater Service Module.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392] [PID.4108]
[MD5.819594D26957FF2F1A1EDFBDD556DFC8] - (.Copyright (C) 2015 - calendar Application.) -- C:\Program Files (x86)\CalendarTool\2.0.0.10764\calendar.exe [3925432] [PID.4260]
[MD5.16B4F400DA428802E8B4DF2CF1D96EDE] - (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3668208] [PID.4272]
[MD5.046CA262E8D521A1B050566E330B7178] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504] [PID.5540]
[MD5.6AE3DE3E0A564A978260A64033EF0B40] - (...) -- C:\ProgramData\CersIuo\ciiuate.exe [124880] [PID.5564]
[MD5.CDFEAA94AD3E362BCE09E0556B92EC84] - (...) -- C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe [65024] [PID.3288]
[MD5.F5D595BBAC654CD391E824043F7FEDFB] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144] [PID.3124]
[MD5.D1C8B0DC04347B6B9B5B3B9204DF6756] - (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904] [PID.5848]
[MD5.99185A2D885F539387A6B75469948F06] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [2448016] [PID.6124]
[MD5.EA379CAAACEC9E5419B4027F3D25DCDB] - (.Copyright © 2015 - .) -- C:\Program Files\fchk32\packages\56f17cfe-ddcd-4313-a6bf-4db3eef3a209\fchk.exe [855040] [PID.2424]
[MD5.61E19C82125DFF3A83B445152A048AE6] - (.TuneUp Software - TuneUp Utilities.) -- C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe [2040120] [PID.3184]
[MD5.CF1512F9E9359BA3C1C095E3C125E55E] - (...) -- C:\ProgramData\CersIuo\ciiu3te.exe [98816] [PID.6376]
[MD5.DD5A9FBD9284564567C68D2354BAD893] - (...) -- C:\ProgramData\CersIuo\ciiu6te.exe [118272] [PID.6928]
[MD5.B6A5CC0A311B9199DEB65D25E881D03D] - (...) -- C:\ProgramData\CersIuo\ciiudte.exe [382976] [PID.7044]
[MD5.08B83DDFFFD1FE1034A1DA14463DC956] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [771056] [PID.7152]
[MD5.C8436438BAFB888E566C54B4C1177813] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [843248] [PID.5600]
[MD5.8C7AC51124D83A0386FB15066E6E3CCD] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [769520] [PID.5660]
[MD5.88DA2E50CBCD4C062632EE34923C5913] - (.Hewlett-Packard - HP SimplePass Application.) -- C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200] [PID.6264]
[MD5.E7429ECD0C47CC065EEACF7E9D0E6341] - (.Motorola Solutions, Inc. - Bluetooth Device Monitor.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [1132920] [PID.1288]
[MD5.9C0FDB0E3CFE542847E5140FAF17E89F] - (.Motorola Solutions, Inc. - Bluetooth OBEX Service.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [1157496] [PID.1472]
[MD5.B5F08FCC816B933D8EC1FACCE62B2A12] - (.Hewlett-Packard - HP SimplePass BHO Broker.) -- C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe [155704] [PID.6632]
[MD5.1C8F76268DE368A288C6AFB2F00F348F] - (.Hewlett-Packard - HP SimplePass BHO Broker.) -- C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exe [155704] [PID.6728]
[MD5.4A57AB2D5E3624D63E7F8854C79F3D8C] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe [1703424] [PID.6804]
[MD5.D0F6CEE6D18959935C39C28540B35F0F] - (...) -- C:\Windows\System32\cpuminer-gw64.exe [4268128] [PID.7164]
[MD5.1B31D1266691EDD4224B0036449F14B4] - (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872] [PID.4240]
[MD5.193FA51DDDD0BFFDED1C340F0434999A] - (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752] [PID.6696]
[MD5.21D46B6328DB6C221194772C669FB581] - (.Leap Motion, Inc. - Leap Motion Control Panel.) -- C:\Program Files (x86)\Leap Motion\Core Services\LeapControlPanel.exe [3609936] [PID.6636]
[MD5.96E8CF4D3731D90058DE39A3BECAD707] - (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe [1201448] [PID.6880]
[MD5.F919CCE9F470FDB97313270A7FCDF96A] - (.Open Source - SG Miner.) -- C:\Users\sameh\AppData\Roaming\cpuminer\sgminer\sgminer.exe [2749760] [PID.7432]
[MD5.D31062FA77E3463A753B7968C5712665] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [182000] [PID.7824]
[MD5.D2946D9F020AE76E9CEF9B4A6DF838C0] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [1129760] [PID.7916]
[MD5.9C9943220F8F94B917D8C4C9618074CC] - (.Hewlett-Packard Company - HP Support Assistant Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160] [PID.7252]
[MD5.9D7AFC77C928460336642D6EFDB5BDEA] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720] [PID.3660]
[MD5.57739E742ABC085C2A4340D4404B4A8B] - (.Intel Corporation - Intel(R) ME Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544] [PID.6208]
[MD5.52069AEB42D3D0F97CBCA1085EBF55E6] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.6720]
[MD5.B16F2A40E738277AB75515D4B024305E] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616] [PID.1292]
[MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.584]
[MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.7356]
[MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.5308]
[MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.5184]
[MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.5924]
[MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.3720]
[MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.8812]
[MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.4484]
[MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.3024]
[MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.2236]
[MD5.D1C53571A33FD49DDC1F20D09B3DBCD8] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3890768] [PID.5128]
[MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.3500]
[MD5.8F97EDDF827C64AB2C42971095BF2F76] - (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [456576] [PID.8144]
[MD5.AA1600118E222FCBE3F3BFEC1ABEC309] - (...) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe [113024] [PID.2040]
[MD5.2B3F1432B255E79209DEEDF089AA9791] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\sameh\Desktop\ZHPDiag2_2.exe [1902080] [PID.7772]
[MD5.F3E6F5BD7F120A7FE5968FB07435BF30] - (.ASUS - PCLinkService.) -- C:\Program Files (x86)\ASUS\PC Link\PCLinkService.exe [1203352] [PID.8940]
[MD5.C4BE24DF324EE7892EFA1FA1871B9BC0] - (...) -- C:\Program Files (x86)\ASUS\PC Link\tools\adb.exe [1009664] [PID.5264]
[MD5.51D61F5DE897B6EA6D858B38DC4F4641] - (...) -- C:\Program Files (x86)\ASUS\PC Link\tools\pclink_connect.exe [5467527] [PID.9148]
[MD5.6BCFCFA512A003A8043CF2F370B0B479] - (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [637440] [PID.6568] =>PUP.Optional.CrossBrowse
[MD5.813688AFB45E431D15F2F1114B508076] - (.Intel Corporation - ISCT SysTray.) -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5545448] [PID.5672]
[MD5.55FE859162C05E90C6A7A7855BB2EC89] - (.RealNetworks, Inc. - RealPlayer Cloud Service UI.) -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe [1227360] [PID.2840]
[MD5.56C262B2CFDE9A101455CE6A60762C6C] - (.Hewlett-Packard Company - Hp Accelerometer System Tray.) -- C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe [77088] [PID.2400]
[MD5.249348AC5BF38938B713756DBA286956] - (.CyberLink Corp. - CyberLink YouCam Service.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224] [PID.8224]
[MD5.6BCFCFA512A003A8043CF2F370B0B479] - (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [637440] [PID.4468] =>PUP.Optional.CrossBrowse
[MD5.3B328976E4DEDE1B87B246D16DBDFFF9] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304] [PID.6456]
[MD5.38D507CB7E1D627DBD8EF04AB4555A58] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296008] [PID.9108]
[MD5.9E99764C0274E90139F4A0C665AC3523] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE [408888] [PID.8668]
[MD5.34D296AFC913E302953C70463EF09A48] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [96056] [PID.7452]
[MD5.D6EE8CA225CAEF6E4B069D14B441502D] - (.CyberLink Corp. - YouCam.) -- C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video.exe [179776] [PID.2948]

---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) (14) - 1s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.google.com.eg/
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb] __MSG_name__
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] __MSG_ExtensionName__
G2 - GCE: Preference [User Data\Default] [dphfngjamcomlehblpblaacingmaojnm] Java API Search
G2 - GCE: Preference [User Data\Default] [idhngdhcfkoamngbedgpaokgjbnpdiji] RealPlayer Downloader
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call
G2 - GCE: Preference [User Data\Default] [lkadffjmnaiokkdncgdlecdegajoiemi] CinemaP-1.9cV13.08 =>PUP.Optional.CrossRider
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) (18) - 6s
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazondotcom.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-ar.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - EXT: (.Cinema PlusV13.08 - CinemaP-1.9cV13.08.) -- C:\Users\sameh\AppData\Roaming\Mozilla\Firefox\Profiles\64akzrf1.default\extensions\AVJYFVOD75109374@HCDE39471360.com
P2 - EXT: (.Yahoo! - Yahoo! Toolbar.) -- C:\Users\sameh\AppData\Roaming\Mozilla\Firefox\Profiles\64akzrf1.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
P2 - FPN: [HKCU] [@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5] - (.RocketLife, LLP.) -- C:\Users\sameh\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll
P2 - FPN: [HKLM] [@kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC] - (.kaspersky.com.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
P2 - FPN: [HKLM] [@kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82] - (.kaspersky.com.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
P2 - FPN: [HKLM] [@kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB] - (.kaspersky.com.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
P2 - FPN: [HKLM] [@real.com/nprpplugin;version=17.0.4.61] - (.RealPlayer.) -- C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
P2 - FPN: [HKLM] [@realnetworks.com/npdlplugin;version=1] - (.RealDownloader.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate

---\\ Opera, Plugins,Start,Search (P1,B0,B1) (1) - 0s
B2 - EXT: [CinemaP-1.9cV13.08] C:\Users\sameh\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (17) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 0
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 0

---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 1s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Object (BHO) (O2) (4) - 3s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2 - BHO: (no name) [64Bits] - {02478D38-C3F9-4efb-9B51-7695ECA05670} (Orphean)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer [64Bits] - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealDownloader - RealPlayer Download and Record Plugin.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (...) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (.not file.)

---\\ Auto loading programs from Registry and folders (O4) (38) - 5s
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe
O4 - HKLM\..\Run: [SimplePass] . (.Hewlett-Packard - HP SimplePass Application.) -- C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
O4 - HKLM\..\Run: [OPBHOBroker] . (.Hewlett-Packard - HP SimplePass BHO Broker.) -- C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
O4 - HKLM\..\Run: [OPBHOBrokerDesktop] . (.Hewlett-Packard - HP SimplePass BHO Broker.) -- C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe
O4 - HKLM\..\Run: [gpuminer] . (...) -- C:\Users\sameh\AppData\Roaming\cpuminer\sgminer\sgminer.cmd
O4 - HKLM\..\Run: [cpuminer] . (...) -- C:\Windows\system32\cpuminer-gw64.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
O4 - HKCU\..\Run: [Leap Control Panel] . (.Leap Motion, Inc. - Leap Motion Control Panel.) -- C:\Program Files (x86)\Leap Motion\Core Services\LeapControlPanel.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
O4 - HKCU\..\Run: [Kies3PDLR.exe] C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe (.not file.)
O4 - HKCU\..\Run: [PCLink] . (.ASUSTek Computer Inc. - .) -- C:\Program Files (x86)\ASUS\PC Link\PCLink.exe
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_D176A0D9105B5921C75031F620F08348] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse
O4 - HKLM\..\Wow6432Node\Run: [AccelerometerSysTrayApplet] . (.Hewlett-Packard Company - Hp Accelerometer System Tray.) -- C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Wow6432Node\Run: [YouCam Service] . (.CyberLink Corp. - CyberLink YouCam Service.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
O4 - HKLM\..\Wow6432Node\Run: [HPMessageService] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
O4 - HKLM\..\Wow6432Node\Run: [PWRISOVM.EXE] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKUS\S-1-5-21-714430725-4008368064-3161557589-1002\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
O4 - HKUS\S-1-5-21-714430725-4008368064-3161557589-1002\..\Run: [Leap Control Panel] . (.Leap Motion, Inc. - Leap Motion Control Panel.) -- C:\Program Files (x86)\Leap Motion\Core Services\LeapControlPanel.exe
O4 - HKUS\S-1-5-21-714430725-4008368064-3161557589-1002\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe
O4 - HKUS\S-1-5-21-714430725-4008368064-3161557589-1002\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKUS\S-1-5-21-714430725-4008368064-3161557589-1002\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-714430725-4008368064-3161557589-1002\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
O4 - HKUS\S-1-5-21-714430725-4008368064-3161557589-1002\..\Run: [Kies3PDLR.exe] C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe (.not file.)
O4 - HKUS\S-1-5-21-714430725-4008368064-3161557589-1002\..\Run: [PCLink] . (.ASUSTek Computer Inc. - .) -- C:\Program Files (x86)\ASUS\PC Link\PCLink.exe
O4 - HKUS\S-1-5-21-714430725-4008368064-3161557589-1002\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe
O4 - HKUS\S-1-5-21-714430725-4008368064-3161557589-1002\..\Run: [GoogleChromeAutoLaunch_D176A0D9105B5921C75031F620F08348] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse

---\\ Global shortcuts Startup (O4G) (10) - 12s
O4 - GS\Quicklaunch [Administrator]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse
O4 - GS\TaskBar [Administrator]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse
O4 - GS\Startup [Administrator]: crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse
O4 - GS\Quicklaunch [Guest]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse
O4 - GS\TaskBar [Guest]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse
O4 - GS\Startup [Guest]: crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse
O4 - GS\Quicklaunch [sameh]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse
O4 - GS\TaskBar [sameh]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse
O4 - GS\Startup [sameh]: crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse
O4 - GS\CommonDesktop [Public]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse

---\\ Lop.com/Domain Hijackers (O17) (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 158.43.240.4,212.127.151.92
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 5.152.219.52 5.152.219.51
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 158.43.240.4,212.127.151.92
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 5.152.219.52 5.152.219.51

---\\ Extra protocols (O18) (1) - 1s
O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (...) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (.not file.)

---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) (41) - 8s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Bluetooth Device Monitor (Bluetooth Device Monitor) . (.Motorola Solutions, Inc. - Bluetooth Device Monitor.) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service (Bluetooth OBEX Service) . (.Motorola Solutions, Inc. - Bluetooth OBEX Service.) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: bolvejrij (bolvejrij) . (...) - C:\ProgramData\CersIuo\ciiuwte.exe
O23 - Service: HP SimplePass Cachedrv Service (Cachedrv server) . (...) - C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service (CyberLink PowerDVD 12 Media Server Monitor Service) . (.CyberLink - CyberLink Media Server Monitor Service.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service (CyberLink PowerDVD 12 Media Server Service) . (.CyberLink - CyberLink Media Server Service.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: dokriuwliu (dokriuwliu) . (...) - C:\ProgramData\CersIuo\ciiuate.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Check Service (fchk32) . (.Copyright © 2015 - .) - C:\Program Files\fchk32\fchk32.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation - NVIDIA GeForce Experience Service.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.Optional.GlobalUpdate
O23 - Service: خدمة Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: @oem18.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\system32\Hpservice.exe
O23 - Service: HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P. - HP WMI Service.) - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: NVIDIA Network Service 1.60.13 (icmui) . (. - file.) - C:\Users\sameh\AppData\Local\NVIDIANetwork\nvidia.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management (Intel(R) Wireless Bluetooth(R) 4.0 Radio Management) . (.Intel Corporation - Intel(R) Wireless Bluetooth(R) Radio Manage.) - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) . (.Copyright© 2011-2013 Intel Corporation - ISCT Agent Application.) - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation - NVIDIA Network Service.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation - NVIDIA Streamer Service.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 352.8.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: HP SimplePass Service (omniserv) . (.Softex Inc. - HP SimplePass Service.) - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service (RealPlayer Cloud Service) . (.RealNetworks, Inc. - RealPlayer Cloud Service.) - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) . (...) - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (...) - C:\Program Files (x86)\Skype\Updater\Updater.exe (.not file.)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @C:\Windows\system32\stlang64.dll,-10101 (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\stacsv64.exe
O23 - Service: The Calendar Service (TheCalendarService) . (.Copyright (C) 2015 - The Calendar Service.) - C:\Program Files (x86)\CalendarTool\2.0.0.10764\CalendarServ.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) . (.Validity Sensors, Inc. - ValidityWBF Policy Service (EEM).) - C:\Windows\system32\valWBFPolicyService.exe
O23 - Service: Yahoo! Updater (YahooAUService) . (.Yahoo! Inc. - AutoUpater Service Module.) - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

---\\ BootExecute (BEX) (O34) (1) - 0s
O34 - HKLM BootExecute: (PCloudBroom64.exe \systemroot\system32\BroomData.bit)

---\\ Task Planned Automatically (O39) (85) - 25s
[MD5.592A305F4A51E6FE3DB5444A23F025EA] [APT] [15fba21d-9756-481b-984c-9daf84d000d2-1-6] (.Cinema PlusV13.08.) -- C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-1-6.exe [1599056] =>PUP.Optional.CrossRider
[MD5.F5CFF9C46C788D97C93B2D8E4A59252F] [APT] [15fba21d-9756-481b-984c-9daf84d000d2-1-7] (.Cinema PlusV13.08.) -- C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-1-7.exe [1162832] =>PUP.Optional.CrossRider
[MD5.44C0A1E14797E2FC0CB0E8869C8E8FA8] [APT] [15fba21d-9756-481b-984c-9daf84d000d2-10_user] (.Cinema PlusV13.08.) -- C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-10.exe [1528400] =>PUP.Optional.CrossRider
[MD5.09AC9604CADF99BAE158DD4B3BCBD025] [APT] [15fba21d-9756-481b-984c-9daf84d000d2-11] (.Cinema PlusV13.08.) -- C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-11.exe [1485392] =>PUP.Optional.CrossRider
[MD5.09AC9604CADF99BAE158DD4B3BCBD025] [APT] [15fba21d-9756-481b-984c-9daf84d000d2-3] (.Cinema PlusV13.08.) -- C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-3.exe [1485392] =>PUP.Optional.CrossRider
[MD5.C68AB468273F7C783C862F6AD7C0E5CB] [APT] [15fba21d-9756-481b-984c-9daf84d000d2-4] (.Cinema PlusV13.08.) -- C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-4.exe [1504336] =>PUP.Optional.CrossRider
[MD5.E549DED7E02F7DA97B2BD5897BDF01E7] [APT] [15fba21d-9756-481b-984c-9daf84d000d2-5] (.Cinema PlusV13.08.) -- C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-5.exe [1215056] =>PUP.Optional.CrossRider
[MD5.E549DED7E02F7DA97B2BD5897BDF01E7] [APT] [15fba21d-9756-481b-984c-9daf84d000d2-5_user] (.Cinema PlusV13.08.) -- C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-5.exe [1215056] =>PUP.Optional.CrossRider
[MD5.DC2BCA9336EBBA582AE346C9DAB996A4] [APT] [15fba21d-9756-481b-984c-9daf84d000d2-6] (.Cinema PlusV13.08.) -- C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-6.exe [1348176] =>PUP.Optional.CrossRider
[MD5.F5CFF9C46C788D97C93B2D8E4A59252F] [APT] [15fba21d-9756-481b-984c-9daf84d000d2-7] (.Cinema PlusV13.08.) -- C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-7.exe [1162832] =>PUP.Optional.CrossRider
[MD5.3A1D89B89C9D62951957F0839578DD9B] [APT] [8HF8bKGF5yed8dNTj] (.Copyright 2001.) -- C:\Users\sameh\AppData\Roaming\8HF8bKGF5yed8dNTj.exe [1579520] =>PUP.Optional.CrossRider
[MD5.E3FB05F33E1404AD606B1E1FE7C323C3] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998104]
[MD5.F5D595BBAC654CD391E824043F7FEDFB] [APT] [CLMLSvc_P2G8] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144]
[MD5.227E138E4A6D8D3A1CC9C3EA0D1874A5] [APT] [CLVDLauncher] (.CyberLink Corp..) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008]
[MD5.59433FE179A54E675F2CAC141DA1731C] [APT] [Crossbrowse] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [1957976] =>PUP.Optional.CrossBrowse
[MD5.3C14AAE26EA06BADAC98520773772CEB] [APT] [globalUpdateUpdateTaskMachineCore] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608] =>PUP.Optional.GlobalUpdate
[MD5.3C14AAE26EA06BADAC98520773772CEB] [APT] [globalUpdateUpdateTaskMachineUA] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608] =>PUP.Optional.GlobalUpdate
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912]
[MD5.57A2664E14863B90056E0DE510D05AA8] [APT] [HPCustParticipation HP Deskjet 1510 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5745672]
[MD5.AB6818A7FF17230A6E5119F6CDD1F85B] [APT] [hPmIEBAx] (.Copyright 2001.) -- C:\Users\sameh\AppData\Roaming\hPmIEBAx.exe [1246720] =>PUP.Optional.CrossRider
[MD5.2A5C656B0A364580E578B26EAE2EE889] [APT] [klcp_update] (...) -- C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1173504]
[MD5.CD9E638EFC321B1856E1F3CCCCCCA478] [APT] [Opera scheduled Autoupdate 1428106484] (.Opera Software.) -- C:\Program Files (x86)\Opera\launcher.exe [930936]
[MD5.A88B90C53495D50B5DB966B161EC9B66] [APT] [RealDownloaderDownloaderScheduledTaskS-1-5-21-714430725-4008368064-3161557589-1002] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [247384]
[MD5.0E8691C0A6EF746B5E423A509896B1CB] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-714430725-4008368064-3161557589-1002] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [146504]
[MD5.0E8691C0A6EF746B5E423A509896B1CB] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-714430725-4008368064-3161557589-1002] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [146504]
[MD5.E08E7A826BEAFA5F5BF23821F6813F45] [APT] [RealPlayerRealUpgradeLogonTaskS-1-5-21-714430725-4008368064-3161557589-1002] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [140800]
[MD5.E08E7A826BEAFA5F5BF23821F6813F45] [APT] [RealPlayerRealUpgradeScheduledTaskS-1-5-21-714430725-4008368064-3161557589-1002] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [140800]
[MD5.E1796D8A3E01D77C8DD41C99B835B8F8] [APT] [Synaptics TouchPad Enhancements] (.Synaptics Incorporated.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256]
[MD5.E7D9B291A1094A2DA28A5CB57B4F064F] [APT] [ToolsUpdatePlatform_ScheduledTask] (.Copyright (C) 2015.) -- C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe [635128]
[MD5.3631801F974FDD3B1C5FF77C889BD326] [APT] [TuneUpUtilities_Task_BkGndMaintenance2013] (.TuneUp Software.) -- C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [459576]
[MD5.00000000000000000000000000000000] [APT] [{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}] (...) -- C:\Program Files (x86)\CalendarTool\1.3.1.10384\InstallHelper.exe (.not file.) [0]
[MD5.D1C8B0DC04347B6B9B5B3B9204DF6756] [APT] [Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon] (.Hewlett-Packard Development Company, L.P..) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904]
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-1-6 - (.Cinema PlusV13.08.) -- C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-1-6.job [3144] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-1-7 - (.Cinema PlusV13.08.) -- C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-1-7.job [3144] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-10_user - (.Cinema PlusV13.08.) -- C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-10_user.job [2118] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-11 - (.Cinema PlusV13.08.) -- C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-11.job [5190] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-3 - (.Cinema PlusV13.08.) -- C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-3.job [4164] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-4 - (.Cinema PlusV13.08.) -- C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-4.job [4164] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-5 - (.Cinema PlusV13.08.) -- C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-5.job [2452] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-5_user - (.Cinema PlusV13.08.) -- C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-5_user.job [2452] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-6 - (.Cinema PlusV13.08.) -- C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-6.job [5524] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-7 - (.Cinema PlusV13.08.) -- C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-7.job [5188] =>PUP.Optional.CrossRider
O39 - APT: 8HF8bKGF5yed8dNTj - (.Copyright 2001.) -- C:\Windows\Tasks\8HF8bKGF5yed8dNTj.job [1018] =>PUP.Optional.CrossRider
O39 - APT: Crossbrowse - (...) -- C:\Windows\Tasks\Crossbrowse.job [1068] =>PUP.Optional.CrossBrowse
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [982] =>PUP.Optional.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [986] =>PUP.Optional.GlobalUpdate
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [858] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [862] =>.Google Inc.
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\HP Photo Creations Communicator.job [414]
O39 - APT: hPmIEBAx - (.Copyright 2001.) -- C:\Windows\Tasks\hPmIEBAx.job [1000] =>PUP.Optional.CrossRider
O39 - APT: ToolsUpdatePlatform_ScheduledTask - (.Copyright (C) 2015.) -- C:\Windows\Tasks\ToolsUpdatePlatform_ScheduledTask.job [442]
O39 - APT: {D9BAB2C9-5236-48c3-AF02-67E799F09BBD}{19F8DB95-4D78-4ddb-AC71-C610654FE37F} - (...) -- C:\Windows\Tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}.job [634]
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-1-6 - (.Cinema PlusV13.08.) -- C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-1-6 [6148] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-1-7 - (.Cinema PlusV13.08.) -- C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-1-7 [6148] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-10_user - (.Cinema PlusV13.08.) -- C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-10_user [5112] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-11 - (.Cinema PlusV13.08.) -- C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-11 [8194] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-3 - (.Cinema PlusV13.08.) -- C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-3 [7168] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-4 - (.Cinema PlusV13.08.) -- C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-4 [7168] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-5 - (.Cinema PlusV13.08.) -- C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-5 [5456] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-5_user - (.Cinema PlusV13.08.) -- C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-5_user [5446] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-6 - (.Cinema PlusV13.08.) -- C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-6 [8528] =>PUP.Optional.CrossRider
O39 - APT: 15fba21d-9756-481b-984c-9daf84d000d2-7 - (.Cinema PlusV13.08.) -- C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-7 [8192] =>PUP.Optional.CrossRider
O39 - APT: 8HF8bKGF5yed8dNTj - (.Copyright 2001.) -- C:\Windows\System32\Tasks\8HF8bKGF5yed8dNTj [4020] =>PUP.Optional.CrossRider
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886] =>.Adobe Systems Incorporated
O39 - APT: CLMLSvc_P2G8 - (.CyberLink.) -- C:\Windows\System32\Tasks\CLMLSvc_P2G8 [3160] =>.CyberLink
O39 - APT: CLVDLauncher - (.CyberLink Corp..) -- C:\Windows\System32\Tasks\CLVDLauncher [3160] =>.CyberLink Corp.
O39 - APT: Crossbrowse - (...) -- C:\Windows\System32\Tasks\Crossbrowse [4062] =>PUP.Optional.CrossBrowse
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [3722] =>PUP.Optional.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [3958] =>PUP.Optional.GlobalUpdate
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3598] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [3834] =>.Google Inc.
O39 - APT: HPCustParticipation HP Deskjet 1510 series - (.Hewlett-Packard Co..) -- C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 1510 series [3608] =>.Hewlett-Packard Co.
O39 - APT: hPmIEBAx - (.Copyright 2001.) -- C:\Windows\System32\Tasks\hPmIEBAx [4000] =>PUP.Optional.CrossRider
O39 - APT: klcp_update - (...) -- C:\Windows\System32\Tasks\klcp_update [3672]
O39 - APT: Opera scheduled Autoupdate 1428106484 - (.Opera Software.) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1428106484 [3824] =>.Opera Software
O39 - APT: RealDownloaderDownloaderScheduledTaskS-1-5-21-714430725-4008368064-3161557589-1002 - (.RealNetworks, Inc..) -- C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-714430725-4008368064-3161557589-1002 [3376] =>.RealNetworks, Inc.
O39 - APT: RealDownloaderRealUpgradeLogonTaskS-1-5-21-714430725-4008368064-3161557589-1002 - (.RealNetworks, Inc..) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-714430725-4008368064-3161557589-1002 [3302] =>.RealNetworks, Inc.
O39 - APT: RealDownloaderRealUpgradeScheduledTaskS-1-5-21-714430725-4008368064-3161557589-1002 - (.RealNetworks, Inc..) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-714430725-4008368064-3161557589-1002 [3356] =>.RealNetworks, Inc.
O39 - APT: RealPlayerRealUpgradeLogonTaskS-1-5-21-714430725-4008368064-3161557589-1002 - (.RealNetworks, Inc..) -- C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-714430725-4008368064-3161557589-1002 [3280] =>.RealNetworks, Inc.
O39 - APT: RealPlayerRealUpgradeScheduledTaskS-1-5-21-714430725-4008368064-3161557589-1002 - (.RealNetworks, Inc..) -- C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-714430725-4008368064-3161557589-1002 [3334] =>.RealNetworks, Inc.
O39 - APT: Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements [2990] =>.Synaptics Incorporated
O39 - APT: ToolsUpdatePlatform_ScheduledTask - (.Copyright (C) 2015.) -- C:\Windows\System32\Tasks\ToolsUpdatePlatform_ScheduledTask [3508]
O39 - APT: TuneUpUtilities_Task_BkGndMaintenance2013 - (.TuneUp Software.) -- C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 [2770] =>.TuneUp Software
O39 - APT: {D9BAB2C9-5236-48c3-AF02-67E799F09BBD}{19F8DB95-4D78-4ddb-AC71-C610654FE37F} - (...) -- C:\Windows\System32\Tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}{19F8DB95-4D78-4ddb-AC71-C610654FE37F} [3604]

---\\ Software installed (O42) (134) - 54s
O42 - Logiciel: Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/2 - (.Google, Inc..) [HKLM][64Bits] -- 9CA77E2A8332A0824C54DA611BBE4CA24AB1F750
O42 - Logiciel: AutoHotkey 1.1.09.04 - (.Lexikos.) [HKLM][64Bits] -- AutoHotkey
O42 - Logiciel: Windows Driver Package - Leap Motion USB Device (01/16/2014 1.1.1.1) - (.Leap Motion.) [HKLM][64Bits] -- BFBC98C50D10E8ECA434741031F21086BA8C35E2
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: CPU Miner - (.Open Source.) [HKLM][64Bits] -- cpuminer
O42 - Logiciel: Intel Android Device USB driver - (.Intel.) [HKLM][64Bits] -- Intel Android Device USB driver
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TAP-Windows 9.9.2 - (...) [HKLM][64Bits] -- TAP-Windows
O42 - Logiciel: WinRAR 5.20 beta 1 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Kinect for Windows Drivers v1.7 - (.Microsoft Corporation.) [HKLM][64Bits] -- {075687FF-27E5-4713-9E1A-704B768811D3}
O42 - Logiciel: Validity WBF DDK - (.Validity Sensors, Inc..) [HKLM][64Bits] -- {21498212-1146-4540-8A81-6A1328BA19F2}
O42 - Logiciel: Inst5675 - (.Softex Inc..) [HKLM][64Bits] -- {2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}
O42 - Logiciel: HP SimplePass - (.Hewlett-Packard.) [HKLM][64Bits] -- {314FAD12-F785-4471-BCE8-AB506642B9A1}
O42 - Logiciel: Product Improvement Study for HP Deskjet 1510 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {35DB2630-846E-47C5-AF84-9D6AC3629F55}
O42 - Logiciel: Microsoft Server Speech Platform Runtime (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B433087-E62E-4BF5-97F9-4AF6E1C2409C}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140}
O42 - Logiciel: Intel® PROSet/Wireless WiFi Software - (.Intel Corporation.) [HKLM][64Bits] -- {604B90C8-B653-4306-A4C1-BA5B06ABA94C}
O42 - Logiciel: HP Postscript Converter - (.Hewlett-Packard.) [HKLM][64Bits] -- {6E14E6D6-3175-4E1A-B934-CAB5A86367CD}
O42 - Logiciel: Kinect for Windows Runtime v1.7 - (.Microsoft Corporation.) [HKLM][64Bits] -- {7DC40FDF-C442-4E5A-AD50-1AAFDCA9DC37}
O42 - Logiciel: Inst5676 - (.Softex Inc..) [HKLM][64Bits] -- {878F6913-7421-4713-97F7-0A736EE2A188}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {89AFB053-A343-46EF-97E4-D593AD7184E6}
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE}
O42 - Logiciel: Intel(R) Smart Connect Technology - (.Intel Corporation.) [HKLM][64Bits] -- {9B5FD763-5074-474C-B898-24567E6450C8}
O42 - Logiciel: HP Utility Center - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {AED1C141-3AFC-47FE-AE90-C820AA60B103}
O42 - Logiciel: NVIDIA Graphics Driver 352.86 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA GeForce Experience 2.1.2 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience
O42 - Logiciel: NVIDIA PhysX System Software 9.15.0428 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: HP Deskjet 1510 series Basic Device Software - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {D17E60E8-478A-4D4A-8147-21D481B5CA55}
O42 - Logiciel: HP Registration Service - (.Hewlett-Packard.) [HKLM][64Bits] -- {D1E8F2D7-7794-4245-B286-87ED86C1893C}
O42 - Logiciel: Advanced Calendar 2.0 - (.TopTools100.) [HKLM][64Bits] -- {D9BAB2C9-5236-48c3-AF02-67E799F09BBD}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {E5FAF48A-145F-4B33-A062-DCFAAFAE5D41}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Any Video Converter Ultimate 5.7.2 - (.Any-Video-Converter.com.) [HKLM][64Bits] -- Any Video Converter Ultimate_is1
O42 - Logiciel: CinemaP-1.9cV13.08 - (.Cinema PlusV13.08.) [HKLM][64Bits] -- CinemaP-1.9cV13.08 =>PUP.Optional.CrossRider
O42 - Logiciel: Crossbrowse - (.The Crossbrowse Authors.) [HKLM][64Bits] -- Crossbrowse =>PUP.Optional.CrossBrowse
O42 - Logiciel: FIFA 14 Ultimate Edition MULTI-14 1.2.0 - (...) [HKLM][64Bits] -- FIFA 14 Ultimate Edition MULTI-14 1.2.0
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM][64Bits] -- GOM Player
O42 - Logiciel: GOM Audio - (.Gretech Corporation.) [HKLM][64Bits] -- GomAudio
O42 - Logiciel: Google Chrome - (.Google Inc‎.‎.) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: HP Photo Creations - (.HP.) [HKLM][64Bits] -- HP Photo Creations
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
O42 - Logiciel: HP SimplePass - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}
O42 - Logiciel: Cyberlink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager
O42 - Logiciel: K-Lite Mega Codec Pack 10.8.0 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: LG PC Suite IV - (.LG Electronics.) [HKLM][64Bits] -- LG PC Suite IV
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Mozilla Firefox 39.0 (x86 ar) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0 (x86 ar)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Opera Stable 31.0.1889.99 - (.Opera Software.) [HKLM][64Bits] -- Opera 31.0.1889.99
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM][64Bits] -- PowerISO
O42 - Logiciel: RealPlayer Cloud - (.RealNetworks.) [HKLM][64Bits] -- RealPlayer 17.0
O42 - Logiciel: Rockstar Games Social Club - (.Rockstar Games.) [HKLM][64Bits] -- Rockstar Games Social Club
O42 - Logiciel: HP Connected Music (Meridian - installer) - (.Meridian Audio Ltd.) [HKLM][64Bits] -- StartHPConnectedMusic
O42 - Logiciel: Subway Surfers - (...) [HKLM][64Bits] -- Subway Surfers
O42 - Logiciel: Thief version v 1.0 build 4107.3 - (.Rick Deckard.) [HKLM][64Bits] -- Thief_Rick Deckard_is1
O42 - Logiciel: TuneUp Utilities 2014 - (.TuneUp Software.) [HKLM][64Bits] -- TuneUp Utilities
O42 - Logiciel: Pro Evolution Soccer 2015 - (...) [HKLM][64Bits] -- UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1
O42 - Logiciel: Sony Mobile Update Engine - (.Sony Mobile Communications Inc..) [HKLM][64Bits] -- Update Engine
O42 - Logiciel: Remote Desktop Access (VuuPC) - (.CMI Limited.) [HKLM][64Bits] -- VOPackage =>PUP.Optional.Downware
O42 - Logiciel: WinRAR 5.11 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Yahoo! Toolbar - (.Yahoo! Inc..) [HKLM][64Bits] -- Yahoo! Companion
O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM][64Bits] -- Yahoo! Messenger
O42 - Logiciel: Yahoo! Software Update - (...) [HKLM][64Bits] -- Yahoo! Software Update
O42 - Logiciel: YouWave for Android - (...) [HKLM][64Bits] -- YouWave
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}
O42 - Logiciel: MiniTool Partition Wizard Free 9.0 - (.MiniTool Solution Ltd..) [HKLM][64Bits] -- {05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1
O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM][64Bits] -- {0765012B-51F6-4868-875E-9C14755B338C}
O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {07F6DC37-0857-4B68-A675-4E35989E85E3}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {1154543C-D5D0-49BE-A004-82EE0A3746AE}
O42 - Logiciel: Max Payne 3 - (.Rockstar Games.) [HKLM][64Bits] -- {1AA94747-3BF6-4237-9E1A-7B3067738FE1}
O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: Microsoft Server Speech Platform Runtime (x86) - (.Microsoft Corporation.) [HKLM][64Bits] -- {22CB8ED7-DF57-4864-BD04-F63B9CE4B494}
O42 - Logiciel: HP System Event Utility - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {23EF407B-E7D0-4CB6-8916-43E5B9EEFDED}
O42 - Logiciel: Skype™ 7.6 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM][64Bits] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
O42 - Logiciel: HP Deskjet 1510 series Help - (.Hewlett Packard.) [HKLM][64Bits] -- {2E25FCEB-EFCB-4696-AA01-D3CBAC721831}
O42 - Logiciel: HP Wireless Button Driver - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {30B2D1D8-0A07-4B71-9553-0710C5D31E35}
O42 - Logiciel: Cyberlink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {39337565-330E-4ab6-A9AE-AC81E0720B10}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}
O42 - Logiciel: Crysis®3 - (.Electronic Arts.) [HKLM][64Bits] -- {4198AE83-A3C6-4C41-85C8-EC63E990696E}
O42 - Logiciel: Call of Duty Black Ops 2 - (.Treyarch.) [HKLM][64Bits] -- {47D6F3E4-D158-4E47-84C4-0D6452DB2488}_is1
O42 - Logiciel: ASUS PC Link - (.ASUSTEK.) [HKLM][64Bits] -- {52AE8601-EA55-456E-80A9-7FB48E82CF81}_is1
O42 - Logiciel: Intel® PROSet/Wireless Software - (.Intel Corporation.) [HKLM][64Bits] -- {5586ea81-c047-4609-b47a-4bad18347b44}
O42 - Logiciel: HP CoolSense - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {59F8C5AA-91BD-423D-BF05-09A80F39898F}
O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A}
O42 - Logiciel: LG United Mobile Drivers - (.LG Electronics.) [HKLM][64Bits] -- {5DB849D6-9392-4FB7-9ABB-87ED433152E5}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Tools Update Platform - (.Beijing Zhihuimen Techology co,.Ltd.) [HKLM][64Bits] -- {6A128791-4857-4484-9BB2-71D4C1257200}
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.2.3 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM][64Bits] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {88547073-C566-4895-9005-EBE98EA3F7C7}
O42 - Logiciel: Kinect for Windows Speech Recognition Language Pack (en-US) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8AAA44BB-487E-4D01-AF76-484ACB90DBFE}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- {8ED07EBD-22AD-415A-B71E-C1AD86862C2E}
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0409-0000-0000000FF1CE}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {912D30CF-F39E-4B31-AD9A-123C6B794EE2}
O42 - Logiciel: Panda Cloud Cleaner - (.Panda Security.) [HKLM][64Bits] -- {92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1
O42 - Logiciel: adblocker - (.adblocker.) [HKLM][64Bits] -- {A87E0B90-9CD8-4A19-9F83-03BBB16EE0B5}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824147215}
O42 - Logiciel: Adobe Reader XI (11.0.12) - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AB0000000001}
O42 - Logiciel: LG Bluetooth Drivers - (.LG Electronics.) [HKLM][64Bits] -- {AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM][64Bits] -- {B46BEA36-0B71-4A4E-AE41-87241643FA0A}
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: Nero 7 Ultra Edition - (.Nero AG.) [HKLM][64Bits] -- {C6115A28-F277-4E82-B067-84D28BF21033}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM][64Bits] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: UpdateService - (.RealNetworks, Inc..) [HKLM][64Bits] -- {E3AE96D6-E196-45B4-AF62-2B41998B9E37}
O42 - Logiciel: HP Recovery Manager - (.Hewlett-Packard.) [HKLM][64Bits] -- {E849965E-4771-440C-936F-AF5BFD144416}
O42 - Logiciel: Sony PC Companion 2.10.275 - (.Sony.) [HKLM][64Bits] -- {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: HP Photo Creations - (.HP.) [HKCU][64Bits] -- HP Photo Creations
O42 - Logiciel: HP Connected Music (Meridian - player) - (.Meridian Audio Ltd.) [HKCU][64Bits] -- HPConnectedMusic
O42 - Logiciel: Viber - (.Viber Media Inc.) [HKCU][64Bits] -- Viber

---\\ HKCU & HKLM Software Keys (169) - 54s
HKLM\SOFTWARE\Wow6432Node\121_31
HKLM\SOFTWARE\Wow6432Node\667ec687-5a35-458c-aea9-cdc4f4c1e2b0 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\Ahead
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Audible
HKLM\SOFTWARE\Wow6432Node\Caphyon
HKLM\SOFTWARE\Wow6432Node\CDDB
HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV13.08 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV13.08-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV13.08-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse
HKLM\SOFTWARE\Wow6432Node\Crytek
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\Disc Soft
HKLM\SOFTWARE\Wow6432Node\downchecker =>PUP.Optional.DownChecker
HKLM\SOFTWARE\Wow6432Node\DT Soft
HKLM\SOFTWARE\Wow6432Node\EVP
HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\GRETECH
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\HP
HKLM\SOFTWARE\Wow6432Node\IDT
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\Wow6432Node\Installer Software
HKLM\SOFTWARE\Wow6432Node\Insyde
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\KLCodecPack
HKLM\SOFTWARE\Wow6432Node\KONAMI
HKLM\SOFTWARE\Wow6432Node\Lake
HKLM\SOFTWARE\Wow6432Node\LAV
HKLM\SOFTWARE\Wow6432Node\LAV64
HKLM\SOFTWARE\Wow6432Node\LG Electronics
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\McAfee
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nero
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\Panda Security
HKLM\SOFTWARE\Wow6432Node\Panda Software
HKLM\SOFTWARE\Wow6432Node\PluginHp
HKLM\SOFTWARE\Wow6432Node\PowerISO
HKLM\SOFTWARE\Wow6432Node\RealNetworks
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\RocketLife
HKLM\SOFTWARE\Wow6432Node\Rockstar Games
HKLM\SOFTWARE\Wow6432Node\Samsung
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Sony
HKLM\SOFTWARE\Wow6432Node\Sony Mobile
HKLM\SOFTWARE\Wow6432Node\ToolsUpdatePlatform
HKLM\SOFTWARE\Wow6432Node\TuneUp
HKLM\SOFTWARE\Wow6432Node\Validity
HKLM\SOFTWARE\Wow6432Node\Valve
HKLM\SOFTWARE\Wow6432Node\Visan
HKLM\SOFTWARE\Wow6432Node\WildTangent
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\Wow6432Node
HKLM\SOFTWARE\Wow6432Node\Xing Technology Corp.
HKLM\SOFTWARE\Wow6432Node\yahoo
HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\8HF8bKGF5yed8dNTj
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Ahead
HKCU\SOFTWARE\AnvSoft
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ASUS
HKCU\SOFTWARE\BVRP Software
HKCU\SOFTWARE\Chedot
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\CinemaP-1.9cV13.08 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaP-1.9cV13.08-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaP-1.9cV13.08-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\CrossBrowser =>PUP.Optional.CrossBrowser
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\Cygwin
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\DT Soft
HKCU\SOFTWARE\Eidos Montreal
HKCU\SOFTWARE\FLT
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GRETECH
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\HP
HKCU\SOFTWARE\hPmIEBAx
HKCU\SOFTWARE\Icaros
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\KasperskyLab
HKCU\SOFTWARE\Kiloo Games
HKCU\SOFTWARE\Leap Motion
HKCU\SOFTWARE\LG Electronics
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\LowRegistry
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\madshi
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\MiniTool Solution Ltd.
HKCU\SOFTWARE\MLSync
HKCU\SOFTWARE\MOHWSplash
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\OB
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\RocketLife
HKCU\SOFTWARE\Samsung
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SMMMM Installer
HKCU\SOFTWARE\Softex
HKCU\SOFTWARE\SOG
HKCU\SOFTWARE\Sony
HKCU\SOFTWARE\Square Enix
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\Ubisoft
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\Viber
HKCU\SOFTWARE\Visan
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\yahoo
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\YouWave Android
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Adobe
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\kuuoaazfe
HKCU\SOFTWARE\AppDataLow\Software\Yahoo

---\\ Contents of the Common Files folders (O43) (297) - 42s
O43 - CFD: 2015/08/13 23:45:31 - [] D -- C:\Program Files (x86)\521abff7-0410-4522-96a4-a3c4e9d1e836 =>PUP.Optional.CrossRider
O43 - CFD: 2015/08/13 23:52:59 - [] D -- C:\Program Files (x86)\542F210B-1439502761-BD9F-82B4-7A9D287B8137 =>PUP.Optional.CrossRider
O43 - CFD: 2014/10/17 23:31:51 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/08/13 23:45:31 - [] D -- C:\Program Files (x86)\AnvSoft
O43 - CFD: 2015/07/08 02:12:19 - [] D -- C:\Program Files (x86)\ASUS
O43 - CFD: 2015/08/13 23:33:45 - [] D -- C:\Program Files (x86)\CalendarTool
O43 - CFD: 2015/08/13 23:46:15 - [] D -- C:\Program Files (x86)\CinemaP-1.9cV13.08 =>PUP.Optional.CrossRider
O43 - CFD: 2013/12/15 19:11:17 - [] D -- C:\Program Files (x86)\Cisco
O43 - CFD: 2015/07/22 13:00:52 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/08/13 23:48:12 - [] D -- C:\Program Files (x86)\Crossbrowse =>PUP.Optional.CrossBrowse
O43 - CFD: 2013/12/15 19:39:03 - [] D -- C:\Program Files (x86)\CyberLink
O43 - CFD: 2014/10/17 02:11:16 - [0] D -- C:\Program Files (x86)\DAEMON Tools Lite
O43 - CFD: 2015/08/13 23:45:00 - [] D -- C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2014/10/15 12:40:19 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/01/12 01:18:37 - [] D -- C:\Program Files (x86)\GRETECH
O43 - CFD: 2015/07/26 23:56:53 - [] D -- C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 2015/07/27 00:00:36 - [] D -- C:\Program Files (x86)\HP
O43 - CFD: 2015/07/26 23:56:49 - [] D -- C:\Program Files (x86)\HP Photo Creations
O43 - CFD: 2013/09/07 05:02:17 - [] D -- C:\Program Files (x86)\HPConnectedMusic
O43 - CFD: 2015/07/28 17:47:06 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2013/12/15 19:13:15 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/07/08 04:21:44 - [] D -- C:\Program Files (x86)\Intel Android Device USB driver
O43 - CFD: 2015/04/03 13:14:18 - [] D -- C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 2015/08/12 02:34:03 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2014/11/17 22:42:21 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 2014/10/17 02:02:06 - [] D -- C:\Program Files (x86)\Kaspersky Lab
O43 - CFD: 2015/03/26 03:30:33 - [] D -- C:\Program Files (x86)\Leap Motion
O43 - CFD: 2015/05/01 18:45:47 - [] D -- C:\Program Files (x86)\LG Electronics
O43 - CFD: 2015/07/01 02:18:13 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 2013/09/07 04:55:19 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2013/09/07 04:59:20 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 2014/11/01 22:03:22 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/07/25 12:59:03 - [] D -- C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0
O43 - CFD: 2015/07/26 17:58:18 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/07/26 17:58:18 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2013/08/26 08:12:43 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2015/05/01 18:45:18 - [0] D -- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 2014/10/15 13:12:25 - [] D -- C:\Program Files (x86)\Nero
O43 - CFD: 2014/10/17 01:55:12 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 2014/10/15 11:50:35 - [] RD -- C:\Program Files (x86)\Online Services
O43 - CFD: 2015/08/05 17:00:55 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 2015/03/09 22:01:55 - [] D -- C:\Program Files (x86)\Panda Security
O43 - CFD: 2015/01/11 03:41:42 - [] D -- C:\Program Files (x86)\Real
O43 - CFD: 2015/01/11 03:41:33 - [] D -- C:\Program Files (x86)\RealNetworks
O43 - CFD: 2013/12/15 19:18:10 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2013/08/26 08:12:43 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/07/28 17:45:56 - [] D -- C:\Program Files (x86)\Rockstar Games
O43 - CFD: 2015/04/29 22:54:20 - [] D -- C:\Program Files (x86)\Samsung
O43 - CFD: 2015/08/02 15:23:45 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2015/04/04 17:34:44 - [] D -- C:\Program Files (x86)\Sony
O43 - CFD: 2015/04/07 17:43:31 - [] D -- C:\Program Files (x86)\Sony Mobile
O43 - CFD: 2015/08/14 14:03:35 - [] D -- C:\Program Files (x86)\Steam
O43 - CFD: 2014/10/25 19:14:07 - [] D -- C:\Program Files (x86)\Subway Surfers
O43 - CFD: 2015/08/13 23:33:51 - [] D -- C:\Program Files (x86)\ToolsUpdatePlatform
O43 - CFD: 2014/10/17 01:42:02 - [] D -- C:\Program Files (x86)\TuneUp Utilities 2014
O43 - CFD: 2015/03/09 18:45:21 - [] D -- C:\Program Files (x86)\WildGames
O43 - CFD: 2015/03/09 18:44:36 - [] D -- C:\Program Files (x86)\WildTangent Games
O43 - CFD: 2015/08/12 02:34:05 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2013/09/07 04:59:18 - [] D -- C:\Program Files (x86)\Windows Live
O43 - CFD: 2015/03/13 04:12:32 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/03/13 04:12:32 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2015/03/13 04:12:32 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2013/08/22 17:36:30 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2015/03/13 04:12:32 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2015/03/13 04:12:32 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2013/08/22 17:36:30 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2013/08/22 17:36:30 - [] D -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 2014/10/15 12:21:56 - [] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 2015/03/13 21:02:59 - [] D -- C:\Program Files (x86)\Yahoo!
O43 - CFD: 2014/10/17 01:50:24 - [] D -- C:\Program Files (x86)\YouWave Android
O43 - CFD: 2015/03/13 04:14:58 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/03/13 16:07:13 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/03/13 04:14:58 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2014/10/17 02:03:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
O43 - CFD: 2015/07/08 02:12:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
O43 - CFD: 2014/10/25 19:11:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
O43 - CFD: 2015/07/14 11:04:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Black Ops 2
O43 - CFD: 2014/10/18 00:12:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2014/10/15 11:50:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
O43 - CFD: 2015/08/13 23:48:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.Optional.CrossBrowse
O43 - CFD: 2013/09/07 05:28:39 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/01/12 01:18:41 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM
O43 - CFD: 2015/01/12 01:17:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
O43 - CFD: 2015/08/13 23:48:14 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/07/26 23:56:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 2014/10/15 11:50:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
O43 - CFD: 2013/12/15 19:16:31 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 2015/07/08 04:21:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Android Device USB driver
O43 - CFD: 2014/10/17 01:25:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2014/11/17 22:42:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 2014/10/17 02:03:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
O43 - CFD: 2015/05/01 18:45:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite IV
O43 - CFD: 2013/08/22 17:36:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/03/25 16:13:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2015/05/05 14:05:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2015/07/25 12:58:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0
O43 - CFD: 2014/10/15 11:50:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
O43 - CFD: 2014/10/15 13:21:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition
O43 - CFD: 2014/10/17 01:55:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 2015/03/09 22:02:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
O43 - CFD: 2015/04/04 02:13:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 2014/10/17 21:44:16 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
O43 - CFD: 2015/01/11 03:41:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
O43 - CFD: 2014/10/19 21:44:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
O43 - CFD: 2015/07/28 18:06:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
O43 - CFD: 2015/04/29 22:54:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
O43 - CFD: 2014/10/17 01:23:58 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
O43 - CFD: 2015/08/02 15:19:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/07/09 14:40:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
O43 - CFD: 2014/11/06 00:04:02 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
O43 - CFD: 2015/01/11 03:40:52 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2015/07/17 11:41:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 2014/10/17 22:31:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subway Surfers
O43 - CFD: 2015/03/13 04:14:58 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2013/08/22 21:12:21 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/07/31 00:50:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thief
O43 - CFD: 2014/10/17 01:33:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/03/13 21:02:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
O43 - CFD: 2014/10/17 01:50:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouWave Android
O43 - CFD: 2014/12/05 00:12:29 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2014/10/15 13:18:09 - [] D -- C:\ProgramData\Ahead
O43 - CFD: 2013/12/15 19:12:23 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/08/13 23:52:33 - [] D -- C:\ProgramData\CersIuo
O43 - CFD: 2014/10/17 01:40:07 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2014/11/03 21:05:33 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2014/10/15 13:19:24 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 2014/10/17 02:11:04 - [] D -- C:\ProgramData\DAEMON Tools Pro
O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/07/30 23:45:22 - [] D -- C:\ProgramData\EA Core
O43 - CFD: 2015/07/30 23:45:22 - [] D -- C:\ProgramData\Electronic Arts
O43 - CFD: 2015/01/12 01:18:40 - [] D -- C:\ProgramData\GRETECH
O43 - CFD: 2013/12/15 20:00:27 - [] D -- C:\ProgramData\Hewlett-Packard
O43 - CFD: 2015/07/27 00:00:50 - [] D -- C:\ProgramData\HP
O43 - CFD: 2015/07/27 00:09:57 - [] D -- C:\ProgramData\HP Photo Creations
O43 - CFD: 2014/10/17 01:25:11 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 2013/12/15 19:39:01 - [] D -- C:\ProgramData\install_clap
O43 - CFD: 2013/12/15 19:19:42 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2013/12/15 19:11:16 - [] D -- C:\ProgramData\Intel.sav
O43 - CFD: 2014/12/15 02:05:03 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 2015/01/27 21:40:45 - [] D -- C:\ProgramData\KONAMI
O43 - CFD: 2015/03/26 03:29:50 - [] D -- C:\ProgramData\Leap Motion
O43 - CFD: 2015/05/01 19:41:58 - [0] D -- C:\ProgramData\LGMOBILEAX
O43 - CFD: 2014/10/20 15:30:56 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2014/10/16 23:16:37 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2015/04/16 02:45:41 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2014/10/15 12:50:23 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2014/10/15 13:12:28 - [] D -- C:\ProgramData\Nero
O43 - CFD: 2015/05/19 00:36:54 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 2014/10/17 01:55:49 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 2014/10/17 23:10:28 - [] D -- C:\ProgramData\Orbit
O43 - CFD: 2014/10/17 22:24:34 - [] D -- C:\ProgramData\Origin
O43 - CFD: 2015/07/08 02:13:00 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2015/01/29 07:44:50 - [] D -- C:\ProgramData\Real
O43 - CFD: 2015/01/11 03:41:32 - [] D -- C:\ProgramData\RealNetworks
O43 - CFD: 2015/07/22 13:00:53 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2014/10/19 21:45:00 - [] D -- C:\ProgramData\ReviverSoft
O43 - CFD: 2013/12/15 19:11:35 - [] D -- C:\ProgramData\Roaming
O43 - CFD: 2015/07/17 11:02:52 - [] D -- C:\ProgramData\Rockstar Games
O43 - CFD: 2015/04/29 18:56:13 - [] D -- C:\ProgramData\Samsung
O43 - CFD: 2015/08/02 15:19:33 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2015/04/04 17:34:44 - [] D -- C:\ProgramData\Sony
O43 - CFD: 2015/04/07 17:43:31 - [] D -- C:\ProgramData\Sony Mobile
O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2014/10/17 23:10:29 - [] D -- C:\ProgramData\Steam
O43 - CFD: 2014/10/15 11:52:38 - [] D -- C:\ProgramData\Synaptics
O43 - CFD: 2013/12/15 19:39:02 - [] D -- C:\ProgramData\Temp
O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/08/14 13:40:33 - [] D -- C:\ProgramData\ToolsUpdatePlatform
O43 - CFD: 2014/10/17 01:42:08 - [] D -- C:\ProgramData\TuneUp Software
O43 - CFD: 2014/10/17 23:07:10 - [] D -- C:\ProgramData\Ubisoft
O43 - CFD: 2013/12/15 19:17:44 - [] D -- C:\ProgramData\Validity
O43 - CFD: 2015/07/26 23:56:48 - [] D -- C:\ProgramData\Visan
O43 - CFD: 2015/03/09 18:44:26 - [] D -- C:\ProgramData\WildTangent
O43 - CFD: 2015/03/13 21:02:59 - [] D -- C:\ProgramData\Yahoo!
O43 - CFD: 2015/03/13 21:03:05 - [] D -- C:\ProgramData\Yahoo! Companion
O43 - CFD: 2014/10/17 23:31:54 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2014/10/15 13:13:27 - [] D -- C:\Program Files (x86)\Common Files\Ahead
O43 - CFD: 2013/12/15 19:30:00 - [] D -- C:\Program Files (x86)\Common Files\CyberLink
O43 - CFD: 2015/07/22 13:00:52 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2015/07/17 15:26:51 - [] HD -- C:\Program Files (x86)\Common Files\EAInstaller
O43 - CFD: 2015/01/12 01:18:40 - [] D -- C:\Program Files (x86)\Common Files\Gretech Corporation
O43 - CFD: 2013/12/15 19:07:41 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2013/12/15 19:10:49 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 2014/11/01 22:03:24 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2013/12/15 19:39:22 - [] D -- C:\Program Files (x86)\Common Files\Nikon
O43 - CFD: 2013/12/15 19:09:30 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 2013/08/22 17:36:33 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2014/10/18 00:18:59 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2015/07/23 23:06:57 - [] D -- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 2015/03/13 04:12:31 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2013/09/07 04:58:42 - [] D -- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 2015/01/11 03:41:15 - [] D -- C:\Program Files (x86)\Common Files\xing shared
O43 - CFD: 2014/12/05 00:11:38 - [] D -- C:\Users\sameh\AppData\Roaming\Adobe
O43 - CFD: 2014/10/17 01:14:38 - [] D -- C:\Users\sameh\AppData\Roaming\Ahead
O43 - CFD: 2015/07/14 11:22:01 - [] D -- C:\Users\sameh\AppData\Roaming\AirspaceApps
O43 - CFD: 2014/10/17 02:03:19 - [] D -- C:\Users\sameh\AppData\Roaming\Anvsoft
O43 - CFD: 2015/08/13 23:33:48 - [] D -- C:\Users\sameh\AppData\Roaming\CalendarTool
O43 - CFD: 2015/08/13 23:33:25 - [] D -- C:\Users\sameh\AppData\Roaming\cpuminer
O43 - CFD: 2014/11/03 21:05:27 - [] D -- C:\Users\sameh\AppData\Roaming\CyberLink
O43 - CFD: 2014/10/15 13:20:30 - [] D -- C:\Users\sameh\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 2014/10/17 01:06:14 - [0] D -- C:\Users\sameh\AppData\Roaming\DAEMON Tools Pro
O43 - CFD: 2015/08/13 23:52:59 - [] D -- C:\Users\sameh\AppData\Roaming\DMCache
O43 - CFD: 2015/07/17 17:25:24 - [0] D -- C:\Users\sameh\AppData\Roaming\EncryptStick
O43 - CFD: 2014/10/17 01:34:25 - [] D -- C:\Users\sameh\AppData\Roaming\Google
O43 - CFD: 2015/01/12 01:18:45 - [] D -- C:\Users\sameh\AppData\Roaming\GRETECH
O43 - CFD: 2014/10/15 12:41:00 - [] D -- C:\Users\sameh\AppData\Roaming\Hewlett-Packard
O43 - CFD: 2015/07/27 00:10:04 - [] D -- C:\Users\sameh\AppData\Roaming\HP Photo Creations
O43 - CFD: 2014/10/17 21:44:18 - [0] D -- C:\Users\sameh\AppData\Roaming\hpqlog
O43 - CFD: 2015/08/03 00:57:02 - [] D -- C:\Users\sameh\AppData\Roaming\HpUpdate
O43 - CFD: 2015/03/13 13:45:08 - [] D -- C:\Users\sameh\AppData\Roaming\Identities
O43 - CFD: 2015/08/05 01:54:59 - [] D -- C:\Users\sameh\AppData\Roaming\IDM
O43 - CFD: 2014/10/22 20:25:31 - [] D -- C:\Users\sameh\AppData\Roaming\IDT
O43 - CFD: 2014/10/15 11:50:00 - [] D -- C:\Users\sameh\AppData\Roaming\Intel
O43 - CFD: 2015/07/14 11:19:33 - [] D -- C:\Users\sameh\AppData\Roaming\Leap Motion
O43 - CFD: 2014/10/15 11:57:30 - [] D -- C:\Users\sameh\AppData\Roaming\Macromedia
O43 - CFD: 2015/03/24 15:58:14 - [] SD -- C:\Users\sameh\AppData\Roaming\Microsoft
O43 - CFD: 2014/10/15 12:50:42 - [] D -- C:\Users\sameh\AppData\Roaming\Mozilla
O43 - CFD: 2014/10/17 23:25:53 - [] D -- C:\Users\sameh\AppData\Roaming\MPC-HC
O43 - CFD: 2015/08/13 23:33:30 - [] D -- C:\Users\sameh\AppData\Roaming\NVIDIA
O43 - CFD: 2015/04/04 02:13:03 - [] D -- C:\Users\sameh\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy
O43 - CFD: 2015/04/04 02:14:57 - [] D -- C:\Users\sameh\AppData\Roaming\Opera Software
O43 - CFD: 2014/10/15 12:23:24 - [] D -- C:\Users\sameh\AppData\Roaming\PowerISO
O43 - CFD: 2015/01/29 07:44:48 - [] D -- C:\Users\sameh\AppData\Roaming\Real
O43 - CFD: 2015/01/11 03:42:05 - [] D -- C:\Users\sameh\AppData\Roaming\RealNetworks
O43 - CFD: 2014/11/17 22:40:32 - [] D -- C:\Users\sameh\AppData\Roaming\rmi
O43 - CFD: 2014/10/17 01:10:56 - [] D -- C:\Users\sameh\AppData\Roaming\Rovio
O43 - CFD: 2015/04/29 22:53:18 - [] D -- C:\Users\sameh\AppData\Roaming\Samsung
O43 - CFD: 2015/08/02 15:23:03 - [] D -- C:\Users\sameh\AppData\Roaming\Skype
O43 - CFD: 2014/10/15 11:52:26 - [] D -- C:\Users\sameh\AppData\Roaming\Synaptics
O43 - CFD: 2015/07/31 00:50:37 - [] D -- C:\Users\sameh\AppData\Roaming\Thief_unistall
O43 - CFD: 2014/10/17 01:41:54 - [] D -- C:\Users\sameh\AppData\Roaming\TuneUp Software
O43 - CFD: 2015/02/22 22:50:56 - [] D -- C:\Users\sameh\AppData\Roaming\ViberPC
O43 - CFD: 2015/07/27 00:10:10 - [] D -- C:\Users\sameh\AppData\Roaming\Visan
O43 - CFD: 2015/08/13 23:52:41 - [] D -- C:\Users\sameh\AppData\Roaming\VOPackage =>PUP.Optional.Downware
O43 - CFD: 2015/03/09 23:41:01 - [] D -- C:\Users\sameh\AppData\Roaming\Windows Installer
O43 - CFD: 2014/10/15 12:22:33 - [] D -- C:\Users\sameh\AppData\Roaming\WinRAR
O43 - CFD: 2015/03/13 21:02:56 - [] D -- C:\Users\sameh\AppData\Roaming\Yahoo!
O43 - CFD: 2015/08/14 14:05:06 - [] D -- C:\Users\sameh\AppData\Roaming\ZHP
O43 - CFD: 2014/12/05 00:11:38 - [] D -- C:\Users\sameh\AppData\Local\Adobe
O43 - CFD: 2014/10/15 13:28:17 - [] D -- C:\Users\sameh\AppData\Local\Ahead
O43 - CFD: 2015/07/14 14:22:08 - [] D -- C:\Users\sameh\AppData\Local\Airspace
O43 - CFD: 2015/07/14 11:21:59 - [] D -- C:\Users\sameh\AppData\Local\AirspaceApps
O43 - CFD: 2014/10/15 11:47:40 - [0] SHD -- C:\Users\sameh\AppData\Local\Application Data
O43 - CFD: 2014/10/15 12:31:12 - [] D -- C:\Users\sameh\AppData\Local\Apps
O43 - CFD: 2015/07/22 14:02:37 - [] D -- C:\Users\sameh\AppData\Local\CEF
O43 - CFD: 2015/08/14 01:14:45 - [] D -- C:\Users\sameh\AppData\Local\Chedot
O43 - CFD: 2015/07/28 18:10:26 - [] D -- C:\Users\sameh\AppData\Local\Chromium
O43 - CFD: 2015/08/14 02:08:58 - [] D -- C:\Users\sameh\AppData\Local\CrashDumps
O43 - CFD: 2015/08/13 23:48:30 - [] D -- C:\Users\sameh\AppData\Local\Crossbrowse =>PUP.Optional.CrossBrowse
O43 - CFD: 2014/10/24 19:48:00 - [] D -- C:\Users\sameh\AppData\Local\CyberLink
O43 - CFD: 2014/10/15 12:31:35 - [0] D -- C:\Users\sameh\AppData\Local\Deployment
O43 - CFD: 2015/08/11 16:31:34 - [] D -- C:\Users\sameh\AppData\Local\Diagnostics
O43 - CFD: 2015/08/12 15:56:14 - [] D -- C:\Users\sameh\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2015/06/11 00:22:28 - [0] SHD -- C:\Users\sameh\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015/06/11 00:22:28 - [0] SHD -- C:\Users\sameh\AppData\Local\EmieSiteList
O43 - CFD: 2015/06/11 00:22:28 - [0] SHD -- C:\Users\sameh\AppData\Local\EmieUserList
O43 - CFD: 2015/08/13 23:45:00 - [] D -- C:\Users\sameh\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2014/10/15 12:40:26 - [] D -- C:\Users\sameh\AppData\Local\Google
O43 - CFD: 2015/06/10 13:04:32 - [] D -- C:\Users\sameh\AppData\Local\GWX
O43 - CFD: 2014/10/15 11:52:16 - [] D -- C:\Users\sameh\AppData\Local\Hewlett-Packard
O43 - CFD: 2014/10/15 11:47:40 - [0] SHD -- C:\Users\sameh\AppData\Local\History
O43 - CFD: 2015/07/26 23:56:53 - [] D -- C:\Users\sameh\AppData\Local\HP
O43 - CFD: 2014/10/17 03:07:14 - [] D -- C:\Users\sameh\AppData\Local\HPConnectedMusic
O43 - CFD: 2014/11/04 00:39:41 - [] D -- C:\Users\sameh\AppData\Local\Intel_Corporation
O43 - CFD: 2015/05/01 18:45:59 - [] D -- C:\Users\sameh\AppData\Local\LG Electronics
O43 - CFD: 2015/03/24 15:55:18 - [] D -- C:\Users\sameh\AppData\Local\Microsoft
O43 - CFD: 2014/10/15 12:50:43 - [] D -- C:\Users\sameh\AppData\Local\Mozilla
O43 - CFD: 2014/10/17 01:56:25 - [] D -- C:\Users\sameh\AppData\Local\NVIDIA
O43 - CFD: 2014/10/17 01:55:13 - [] D -- C:\Users\sameh\AppData\Local\NVIDIA Corporation
O43 - CFD: 2015/08/13 23:52:41 - [] D -- C:\Users\sameh\AppData\Local\NVIDIANetwork
O43 - CFD: 2015/04/04 02:14:57 - [] D -- C:\Users\sameh\AppData\Local\Opera Software
O43 - CFD: 2015/08/03 17:17:54 - [] D -- C:\Users\sameh\AppData\Local\Packages
O43 - CFD: 2015/07/08 02:12:22 - [] D -- C:\Users\sameh\AppData\Local\PC Link
O43 - CFD: 2014/10/15 11:50:57 - [] D -- C:\Users\sameh\AppData\Local\Power2Go8
O43 - CFD: 2014/10/15 13:07:01 - [] D -- C:\Users\sameh\AppData\Local\Programs
O43 - CFD: 2015/07/17 11:31:14 - [] D -- C:\Users\sameh\AppData\Local\SKIDROW
O43 - CFD: 2014/10/18 00:19:08 - [] D -- C:\Users\sameh\AppData\Local\Skype
O43 - CFD: 2015/07/22 14:02:36 - [] D -- C:\Users\sameh\AppData\Local\Steam
O43 - CFD: 2015/07/28 15:34:59 - [] D -- C:\Users\sameh\AppData\Local\storage
O43 - CFD: 2015/08/14 14:07:02 - [] D -- C:\Users\sameh\AppData\Local\Temp
O43 - CFD: 2014/10/15 11:47:40 - [0] SHD -- C:\Users\sameh\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/05/20 21:27:36 - [0] D -- C:\Users\sameh\AppData\Local\TempTaskUpdateDetection3B38D67D-AC98-445B-AA7D-5E2DCC749261
O43 - CFD: 2014/10/17 01:41:54 - [] D -- C:\Users\sameh\AppData\Local\TuneUp Software
O43 - CFD: 2015/03/09 18:45:34 - [] D -- C:\Users\sameh\AppData\Local\Viber
O43 - CFD: 2014/10/17 18:45:26 - [] D -- C:\Users\sameh\AppData\Local\VirtualStore
O43 - CFD: 2013/08/22 17:36:32 - [] RD -- C:\Users\sameh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2013/08/22 17:36:32 - [] RD -- C:\Users\sameh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/07/22 23:18:13 - [] RD -- C:\Users\sameh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/27 00:10:04 - [] D -- C:\Users\sameh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 2014/10/17 01:25:09 - [] D -- C:\Users\sameh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2013/08/22 17:36:32 - [] D -- C:\Users\sameh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/13 23:48:30 - [] RD -- C:\Users\sameh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2013/08/22 17:36:32 - [] RD -- C:\Users\sameh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/08/13 23:52:44 - [] D -- C:\Users\sameh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>PUP.Optional.Downware
O43 - CFD: 2014/10/17 01:33:48 - [] D -- C:\Users\sameh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ Latest files created in Windows Prefetcher (O45) (4) - 49s
O45 - LFCP:[MD5.B8C9E8A2415803567ECF89ADEF797643] 2015/08/14 14:03:43 A -- C:\Windows\Prefetch\CROSSBROWSE.EXE-6BE4601B.pf =>PUP.Optional.CrossBrowse
O45 - LFCP:[MD5.27BB02BF88650FA4A4B9D1B03D9C0FC6] 2015/08/14 13:42:45 A -- C:\Windows\Prefetch\GLOBALUPDATE.EXE-2956FB3E.pf =>PUP.Optional.GlobalUpdate
O45 - LFCP:[MD5.910764006FA62D13071256C9822D0DEC] 2015/08/13 23:45:09 A -- C:\Windows\Prefetch\GLOBALUPDATE.EXE-E321026A.pf =>PUP.Optional.GlobalUpdate
O45 - LFCP:[MD5.DF51ED53F481EE92907056EA21C128B8] 2015/08/14 13:42:45 A -- C:\Windows\Prefetch\GLOBALUPDATECRASHHANDLER.EXE-0D97AF76.pf =>PUP.Optional.GlobalUpdate

---\\ System Drivers List (SDL) (O58) (123) - 22s
O58 - SDL:2014/10/21 22:28:28 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\03BC1499.sys [129752]
O58 - SDL:2014/10/31 23:41:19 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\03EF59AF.sys [129752]
O58 - SDL:2014/11/05 20:42:02 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\18B75721.sys [129752]
O58 - SDL:2014/10/22 01:18:11 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\1ACA167E.sys [129752]
O58 - SDL:2014/11/06 23:53:37 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\208237E5.sys [129752]
O58 - SDL:2014/10/22 14:02:41 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\22E35F9E.sys [129752]
O58 - SDL:2014/10/22 12:24:19 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\29BC1455.sys [129752]
O58 - SDL:2014/10/21 21:00:47 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\2B96517C.sys [129752]
O58 - SDL:2014/11/13 00:42:54 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\2BEF326A.sys [129752]
O58 - SDL:2015/03/09 19:18:53 A . (.Kaspersky Lab ZAO - Kaspersky Lab Mini Driver (64-bit).) -- C:\Windows\System32\drivers\35692055.sys [85600]
O58 - SDL:2014/11/04 19:51:37 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\36056269.sys [129752]
O58 - SDL:2014/11/14 00:47:24 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\374C03FD.sys [129752]
O58 - SDL:2014/11/08 01:53:46 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\387761FD.sys [129752]
O58 - SDL:2013/08/22 14:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [108896]
O58 - SDL:2014/10/30 20:42:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\413F02D1.sys [129752]
O58 - SDL:2014/10/27 23:17:25 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\47710EDC.sys [129752]
O58 - SDL:2014/11/15 02:53:57 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\49DE32FB.sys [129752]
O58 - SDL:2014/11/04 19:41:28 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\54925AA4.sys [129752]
O58 - SDL:2014/10/22 12:25:09 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\5D0914F8.sys [129752]
O58 - SDL:2014/11/02 03:03:19 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\62F84268.sys [129752]
O58 - SDL:2014/10/27 23:43:57 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\67370F10.sys [129752]
O58 - SDL:2014/11/15 15:07:28 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\6E0F6464.sys [129752]
O58 - SDL:2014/10/22 18:13:00 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\6EB15FCC.sys [129752]
O58 - SDL:2014/10/22 01:19:08 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\73FD1738.sys [129752]
O58 - SDL:2014/11/03 00:47:31 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\7A7D289E.sys [129752]
O58 - SDL:2015/03/09 19:18:55 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\drivers\93F36588.sys [457824]
O58 - SDL:2013/07/23 21:28:56 A . (.Hewlett-Packard - HP Accelerometer.) -- C:\Windows\System32\drivers\Accelerometer.sys [43320]
O58 - SDL:2013/08/22 14:43:41 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [782176]
O58 - SDL:2013/08/22 14:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79200]
O58 - SDL:2013/08/22 14:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [259424]
O58 - SDL:2013/08/22 14:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [25952]
O58 - SDL:2011/11/28 14:51:44 A . (.AnvSoft Inc. - AnvSoft Virtual Audio Device.) -- C:\Windows\System32\drivers\anvsnddrv.sys [33872]
O58 - SDL:2013/08/22 14:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [114016]
O58 - SDL:2013/08/13 01:25:46 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [17624]
O58 - SDL:2013/04/24 01:50:24 A . (.Motorola Solutions, Inc. - Bluetooth Auxiliary Driver.) -- C:\Windows\System32\drivers\btmaux.sys [132920]
O58 - SDL:2013/06/27 10:27:30 A . (.Motorola Solutions, Inc. - Bluetooth HighSpeed Filter Driver.) -- C:\Windows\System32\drivers\btmhsf.sys [1385784]
O58 - SDL:2013/08/22 14:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [531296]
O58 - SDL:2013/03/05 22:01:42 A . (.CyberLink - It is a virtual device driver which could c.) -- C:\Windows\System32\drivers\CLVirtualDrive.sys [91712]
O58 - SDL:2013/03/05 08:22:20 A . (.CyberLink Corporation - CyberLink WebCam Virtual Driver.) -- C:\Windows\System32\drivers\clwvd.sys [41408]
O58 - SDL:2013/01/14 21:10:52 A . (.Kaspersky Lab UK Ltd - Cryptographic Module.) -- C:\Windows\System32\drivers\cm_km_w.sys [238288]
O58 - SDL:2013/08/22 14:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3357024]
O58 - SDL:2015/04/07 17:44:16 A . (.Sony Mobile Communications - SOMC USB Flash Driver Filter.) -- C:\Windows\System32\drivers\ggflt.sys [16088]
O58 - SDL:2015/04/07 17:44:16 A . (.Sony Mobile Communications - SOMC USB Flash Driver.) -- C:\Windows\System32\drivers\ggsomc.sys [30424]
O58 - SDL:2013/07/23 21:28:56 A . (.Hewlett-Packard - HP Disk Filter - SATA/RAID.) -- C:\Windows\System32\drivers\hpdskflt.sys [30520]
O58 - SDL:2013/08/22 14:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64352]
O58 - SDL:2013/07/30 20:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568]
O58 - SDL:2013/07/25 21:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320]
O58 - SDL:2013/08/17 11:22:16 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [644968]
O58 - SDL:2013/08/10 02:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys [651248]
O58 - SDL:2013/08/22 14:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [412000]
O58 - SDL:2013/07/01 22:43:30 A . (.Intel Corporation - Intel(R) Wireless Bluetooth(R) Filter Drive.) -- C:\Windows\System32\drivers\ibtusb.sys [114632]
O58 - SDL:2015/03/27 02:10:52 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [192984]
O58 - SDL:2013/08/20 02:20:18 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [4165120]
O58 - SDL:2013/08/09 04:06:40 A . (.Copyright (C) 2011 - 2013 Intel Corporation - Intel Keyboard Class Upper Filter Driver.) -- C:\Windows\System32\drivers\ikbevent.sys [21408]
O58 - SDL:2013/08/09 04:06:40 A . (.Copyright (C) 2011 - 2013 Intel Corporation - Intel Mouse Class Upper Filter Driver.) -- C:\Windows\System32\drivers\imsevent.sys [21920]
O58 - SDL:2013/08/08 04:01:24 A . (...) -- C:\Windows\System32\drivers\INETMON.sys [29088]
O58 - SDL:2013/08/20 02:25:00 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [449528]
O58 - SDL:2013/08/08 23:25:13 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\drivers\intelaud.sys [39320]
O58 - SDL:2013/08/08 04:01:32 A . (.Copyright (C) 2011-2012 - Intel(R) Smart Connect Technology Device Dr.) -- C:\Windows\System32\drivers\ISCTD64.sys [46568]
O58 - SDL:2013/08/08 23:25:13 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\drivers\iwdbus.sys [26008]
O58 - SDL:2014/03/31 11:47:10 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\drivers\kl1.sys [468576]
O58 - SDL:2014/07/02 16:10:42 A . (.Kaspersky Lab ZAO - Virtual Disk fre_win8_x64.) -- C:\Windows\System32\drivers\kldisk.sys [46144]
O58 - SDL:2012/07/27 18:38:24 A . (.Kaspersky Lab - Klelam Mini-Filter [fre_win8_x64].) -- C:\Windows\System32\drivers\klelam.sys [29616]
O58 - SDL:2014/08/18 14:43:16 A . (.Kaspersky Lab ZAO - Filter Core [fre_win8_x64].) -- C:\Windows\System32\drivers\klflt.sys [150536]
O58 - SDL:2014/08/12 18:32:58 A . (.Kaspersky Lab ZAO - KLHK [fre_win8_x64].) -- C:\Windows\System32\drivers\klhk.sys [247480]
O58 - SDL:2014/08/20 18:04:50 A . (.Kaspersky Lab ZAO - Klif Mini-Filter [fre_win8_x64].) -- C:\Windows\System32\drivers\klif.sys [801288]
O58 - SDL:2014/02/25 13:09:02 A . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) -- C:\Windows\System32\drivers\klim6.sys [30304]
O58 - SDL:2014/03/28 17:51:02 A . (.Kaspersky Lab ZAO - KLKBDFLT Keyboard Device Filter [fre_win8_x.) -- C:\Windows\System32\drivers\klkbdflt.sys [28768]
O58 - SDL:2013/08/08 17:11:00 A . (.Kaspersky Lab ZAO - KLMOUFLT Mouse Device Filter [fre_win8_x64].) -- C:\Windows\System32\drivers\klmouflt.sys [29280]
O58 - SDL:2013/04/12 15:34:48 A . (.Kaspersky Lab ZAO - KLPD [fre_wnet_x64].) -- C:\Windows\System32\drivers\klpd.sys [15456]
O58 - SDL:2014/07/25 13:13:48 A . (.Kaspersky Lab ZAO - Network filtering component [fre_win8_x64].) -- C:\Windows\System32\drivers\klwfp.sys [69816]
O58 - SDL:2014/08/13 19:34:20 A . (.Kaspersky Lab ZAO - Network filtering component.) -- C:\Windows\System32\drivers\klwtp.sys [74424]
O58 - SDL:2014/07/09 16:23:54 A . (.Kaspersky Lab ZAO - KNEPS Power [fre_wnet_amd64].) -- C:\Windows\System32\drivers\kneps.sys [179776]
O58 - SDL:2010/08/02 00:00:00 A . (.Google Inc - ADB Interface.) -- C:\Windows\System32\drivers\lgandadb.sys [31744]
O58 - SDL:2012/03/02 16:02:00 A . (.LG Electronics Inc. - LGE Android Platform Driver.) -- C:\Windows\System32\drivers\lgandbus64.sys [19456]
O58 - SDL:2012/03/02 16:02:00 A . (.LG Electronics Inc. - LGE Android Platform Driver.) -- C:\Windows\System32\drivers\lganddiag64.sys [27648]
O58 - SDL:2012/03/02 16:02:00 A . (.LG Electronics Inc. - LGE Android Platform Driver.) -- C:\Windows\System32\drivers\lgandgps64.sys [27136]
O58 - SDL:2012/03/02 16:02:00 A . (.LG Electronics Inc. - LGE Android Platform Driver.) -- C:\Windows\System32\drivers\lgandmodem64.sys [34304]
O58 - SDL:2009/09/29 08:15:00 A . (.LG Electronics Inc. - LG BT 64 Bit Bus Enumerator.) -- C:\Windows\System32\drivers\lgbtbs64.sys [14848]
O58 - SDL:2009/09/29 08:15:02 A . (.LG Electronics Inc. - LG Bluetooth Transport Driver.) -- C:\Windows\System32\drivers\lgbtpt64.sys [16384]
O58 - SDL:2009/09/29 08:15:00 A . (.LG Electronics Inc. - LG 64 bit Virtual Modem Driver.) -- C:\Windows\System32\drivers\lgvmdm64.sys [17408]
O58 - SDL:2013/08/22 14:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [109408]
O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [93536]
O58 - SDL:2013/08/22 14:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys [81760]
O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [82784]
O58 - SDL:2015/06/18 08:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [25816]
O58 - SDL:2015/06/18 08:41:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [109272]
O58 - SDL:2015/07/01 13:27:53 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [113880]
O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [56672]
O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [575840]
O58 - SDL:2013/08/22 14:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [63840]
O58 - SDL:2015/06/18 08:42:02 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [64216]
O58 - SDL:2013/09/25 22:52:42 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETwbw02.sys [3589600]
O58 - SDL:2013/06/18 16:45:43 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETwew02.sys [4649440]
O58 - SDL:2015/05/12 08:27:22 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [10972304]
O58 - SDL:2013/08/22 14:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150368]
O58 - SDL:2013/08/22 14:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168288]
O58 - SDL:2014/09/04 21:14:38 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\Windows\System32\drivers\nvvad64v.sys [38048]
O58 - SDL:2013/04/29 08:17:34 A . (.Panda Security, S.L. - Panda Kernel Memory Access Driver (x86).) -- C:\Windows\System32\drivers\PSKMAD.sys [47632]
O58 - SDL:2013/07/27 01:07:30 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\Windows\System32\drivers\Rt630x64.sys [827096]
O58 - SDL:2013/08/22 01:25:40 A . (.Realsil Semiconductor Corporation - RTS PCIE READER Driver.) -- C:\Windows\System32\drivers\RtsPer.sys [429272]
O58 - SDL:2015/02/28 05:26:36 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [127760]
O58 - SDL:2013/08/22 17:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040]
O58 - SDL:2013/08/22 14:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44896]
O58 - SDL:2013/08/22 14:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81760]
O58 - SDL:2013/08/02 05:57:40 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448]
O58 - SDL:2013/08/02 05:57:42 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544]
O58 - SDL:2014/10/20 13:08:22 A . (...) -- C:\Windows\System32\drivers\SPPD.sys [21976]
O58 - SDL:2014/10/13 07:57:48 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [110336]
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - USB CD Changer Driver (MSS Ver.3).) -- C:\Windows\System32\drivers\ssudcdf.sys [36608]
O58 - SDL:2014/10/13 07:57:48 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys [206080]
O58 - SDL:2013/08/22 14:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [31072]
O58 - SDL:2013/08/15 13:21:10 A . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\drivers\stwrt64.sys [551936]
O58 - SDL:2013/08/02 05:57:42 A . (.Synaptics Incorporated - Synaptics Touchpad 64-bit Driver.) -- C:\Windows\System32\drivers\SynTP.sys [524016]
O58 - SDL:2013/08/22 14:40:24 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [40664]
O58 - SDL:2013/08/09 14:25:14 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [99288]
O58 - SDL:2013/08/22 14:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19808]
O58 - SDL:2013/08/22 14:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [168800]
O58 - SDL:2013/08/22 14:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [305504]
O58 - SDL:2013/07/23 02:45:58 A . (.Hewlett-Packard Development Company, L.P. - HP Wireless Button Driver.) -- C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800]
O58 - SDL:2012/10/09 19:39:52 A . (.Softex Inc - OmniPass PBA Driver.) -- C:\Windows\System32\oprom.sys [5120]
O58 - SDL:2013/09/30 16:26:50 N . (...) -- C:\Windows\System32\pwdrvio.sys [19152]
O58 - SDL:2013/09/30 16:26:48 N . (...) -- C:\Windows\System32\pwdspio.sys [12504]

---\\ Last modified or created user files (O61) (20) - 45s
O61 - LFC: 2015/08/13 23:31:23 A . (.Dummy, Ltd..) -- C:\Users\sameh\Desktop\Echo B1 Vol 2_10924_i44045914_il345.exe [1500688]
O61 - LFC: 2015/08/13 23:52:41 A . (..) -- C:\Users\sameh\AppData\Roaming\VOPackage\Uninstall.exe [64463] =>PUP.Optional.Downware
O61 - LFC: 2015/08/13 23:52:25 A . (..) -- C:\Users\sameh\AppData\Roaming\VOPackage\VOPackage.exe [779805] =>PUP.Optional.Downware
O61 - LFC: 2015/08/12 23:56:43 A . (..) -- C:\Users\sameh\AppData\Roaming\Intel\Wireless\Settings\AlertHistory.bin [7962]
O61 - LFC: 2015/08/13 23:33:47 A . (..) -- C:\Users\sameh\AppData\Roaming\cpuminer\sgminer\darkcoin-modGeForce GT 750Mgw128l4ku0.bin [1935966]
O61 - LFC: 2015/08/13 23:33:30 A . (.Copyright (C) 2014 TopTools100 All Rights Reserved.) -- C:\Users\sameh\AppData\Roaming\CalendarTool\download\calendar_update_2.0.0.10764\CalendarTool_Setup_En_calendarbase[2015-07-21.14.37].exe [7042400]
O61 - LFC: 2015/08/13 23:52:41 A . (..) -- C:\Users\sameh\AppData\Local\NVIDIANetwork\nvidia.exe [38400]
O61 - LFC: 2015/08/07 12:31:08 A . (..) -- C:\Users\sameh\AppData\Local\NVIDIA\NvBackend\UMDShim\nvcoproc.bin [5135280]
O61 - LFC: 2015/08/13 15:29:19 A . (..) -- C:\Users\sameh\AppData\Local\NVIDIA\NvBackend\Packages\00007c2c\DAO.19857078.exe [5951760]
O61 - LFC: 2015/08/08 01:00:47 A . (..) -- C:\Users\sameh\AppData\Local\NVIDIA\NvBackend\Packages\00007c03\CoProc update.19841935.exe [515904]
O61 - LFC: 2015/08/13 23:46:27 A . (..) -- C:\Users\sameh\AppData\Local\Microsoft\Windows\INetCache\IE\LYBR2D73\installer[1].exe [1957976]
O61 - LFC: 2015/08/13 23:52:56 A . (..) -- C:\Users\sameh\AppData\Local\Microsoft\Windows\INetCache\IE\LYBR2D73\runasu[1].exe [147456]
O61 - LFC: 2015/08/07 18:45:00 A . (..) -- C:\Users\sameh\AppData\Local\Microsoft\Windows\INetCache\IE\LYBR2D73\urlblockindex[1].bin [16]
O61 - LFC: 2015/08/13 23:52:25 A . (..) -- C:\Users\sameh\AppData\Local\Microsoft\Windows\INetCache\IE\FLINV2J8\10100015[1].exe [1540504]
O61 - LFC: 2015/08/13 23:52:16 A . (.© 2015.) -- C:\Users\sameh\AppData\Local\Microsoft\Windows\INetCache\IE\FLINV2J8\install[1].exe [372833]
O61 - LFC: 2015/08/13 23:52:47 A . (.OB.) -- C:\Users\sameh\AppData\Local\Microsoft\Windows\INetCache\IE\FLINV2J8\setup[1].exe [12072697]
O61 - LFC: 2015/08/13 23:52:23 A . (..) -- C:\Users\sameh\AppData\Local\Microsoft\Windows\INetCache\IE\FLINV2J8\VOPackage[1].exe [779805] =>PUP.Optional.Downware
O61 - LFC: 2015/08/14 13:59:05 A . (..) -- C:\Users\sameh\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/08/14 00:21:35 A . (..) -- C:\Users\sameh\AppData\Local\Chedot\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/08/07 18:02:13 A . (..) -- C:\Users\sameh\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin [124756]

---\\ File Associations Shell Spawning (O67) (10) - 1s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

---\\ Start Menu Internet (SMI) (O68) (20) - 2s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Launcher.) -- C:\Program Files (x86)\Opera\Launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Launcher.) -- C:\Program Files (x86)\Opera\launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Launcher.) -- C:\Program Files (x86)\Opera\launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Launcher.) -- C:\Program Files (x86)\Opera\launcher.exe

---\\ Search Browser Infection (SBI) (O69) (2) - 14s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {C0DC1A55-38EA-47E0-9A0D-C3AF127E3445} [DefaultScope] - (Amazon (UK) Search Suggestions) - http://www.amazon.co.uk/

---\\ Search Svchost Services (SSS) (O83) (34) - 3s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [214528]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [156160]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [156160]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [329216]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1360896]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [1084416]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [926208]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [31744]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [110080]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [151040]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [110592]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1265152]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [230400]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [71168]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [135168]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [227328]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [339968]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [101376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [348672]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Windows Location Framework Service.) -- C:\Windows\System32\GeofenceMonitorService.dll [522240]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\system32\wlidsvc.dll [1639424]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [59392]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [206848]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\ncasvc.dll [166400]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [102912]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [542208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [226816]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\sens.dll [73728]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [452608]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [313344]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [3704320]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [933376]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [640000]

---\\ Firewall Active Exception List (FirewallRules) (O87) (25) - 6s
O87 - FAEL: "{CD137EB2-3C28-48F1-9326-07E1E93F27C6}" [In-None-P6-TRUE] .(.Copyright (C) 2005-2010 by Achal Dhir - Wireless PAN DHCP and DNS Server.) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O87 - FAEL: "{720B54AE-2C49-4E72-80F9-EF6CFFE6474C}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe =>PUA.Optional.KMSpico
O87 - FAEL: "{7AC3EF2D-D1F7-447C-B4DF-4DC9CEE71206}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe =>PUA.Optional.KMSpico
O87 - FAEL: "{CEFC8A66-E653-4E6B-9A15-34FB7B2C9E60}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>PUA.Optional.KMSpico
O87 - FAEL: "{5C638ED4-547C-4C42-A5C1-C3C92FBC7650}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>PUA.Optional.KMSpico
O87 - FAEL: "TCP Query User{510BF28C-4F04-40D0-9004-587B2DB801C9}D:\prototype2\prototype2.exe" [In-None-P6-TRUE] .(...) -- D:\prototype2\prototype2.exe
O87 - FAEL: "UDP Query User{9C2FFDB3-48A2-41F2-87F4-7C2D2C39F8FB}D:\prototype2\prototype2.exe" [In-None-P17-TRUE] .(...) -- D:\prototype2\prototype2.exe
O87 - FAEL: "TCP Query User{F5B4E43E-F832-4D57-A5F7-D4A7D2ED1CD7}D:\prototype2\prototype2.exe" [In-None-P6-TRUE] .(...) -- D:\prototype2\prototype2.exe
O87 - FAEL: "UDP Query User{26779051-CBFF-4D53-A877-F47218E3FE8E}D:\prototype2\prototype2.exe" [In-None-P17-TRUE] .(...) -- D:\prototype2\prototype2.exe
O87 - FAEL: "TCP Query User{12D0C3AD-155D-46B7-ADC6-64D3CA874FDA}D:\fifa15\fifa.15.ultimate.team.edition-3dm.mr.zaza\fifa15.exe" [In-None-P6-TRUE] .(...) -- D:\fifa15\fifa.15.ultimate.team.edition-3dm.mr.zaza\fifa15.exe (.not file.)
O87 - FAEL: "UDP Query User{C4345EFA-5835-435E-8C0D-FB5F672C10D9}D:\fifa15\fifa.15.ultimate.team.edition-3dm.mr.zaza\fifa15.exe" [In-None-P17-TRUE] .(...) -- D:\fifa15\fifa.15.ultimate.team.edition-3dm.mr.zaza\fifa15.exe (.not file.)
O87 - FAEL: "{B9CA6FA4-CDC2-4434-932E-F30EA8233566}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
O87 - FAEL: "{8F51429E-A037-4DF0-A477-2766ED370B38}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
O87 - FAEL: "TCP Query User{D7FD60F2-DB99-43EA-85B5-F88518294D09}F:\العاب مضغوطه\sssssssssssssssssssssssssssssssssssssssssssssss\c\leap motion apps\dropchord\dropchord_lm.exe" [In-None-P6-TRUE] .(...) -- F:\العاب مضغوطه\sssssssssssssssssssssssssssssssssssssssssssssss\c\leap motion apps\dropchord\dropchord_lm.exe
O87 - FAEL: "UDP Query User{C1A2451F-9F03-4BDF-81DE-02CF3B71D02F}F:\العاب مضغوطه\sssssssssssssssssssssssssssssssssssssssssssssss\c\leap motion apps\dropchord\dropchord_lm.exe" [In-None-P17-TRUE] .(...) -- F:\العاب مضغوطه\sssssssssssssssssssssssssssssssssssssssssssssss\c\leap motion apps\dropchord\dropchord_lm.exe
O87 - FAEL: "TCP Query User{377EFBD0-F16C-4813-A0A1-D4AFCBA3A65D}D:\max\maxpayne3.exe" [In-None-P6-TRUE] .(...) -- D:\max\maxpayne3.exe (.not file.)
O87 - FAEL: "UDP Query User{0ACD0505-6B04-444F-A8C5-2A4561FE428B}D:\max\maxpayne3.exe" [In-None-P17-TRUE] .(...) -- D:\max\maxpayne3.exe (.not file.)
O87 - FAEL: "{DE519955-329C-490D-B8EA-B2AB104684DB}" [In-None-P6-TRUE] .(...) -- D:\Crysis 3\Bin32\Crysis3.exe (.not file.)
O87 - FAEL: "{A4A065F5-CEB1-422A-A11C-4BB173992CD8}" [In-None-P17-TRUE] .(...) -- D:\Crysis 3\Bin32\Crysis3.exe (.not file.)
O87 - FAEL: "TCP Query User{D0917AFC-78E4-4318-86D9-448B470BF065}C:\program files (x86)\skype\phone\skype.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\skype\phone\skype.exe (.not file.)
O87 - FAEL: "UDP Query User{CB9A769D-6FA7-479C-B799-44D4A8749BFF}C:\program files (x86)\skype\phone\skype.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\skype\phone\skype.exe (.not file.)
O87 - FAEL: "{FCDE826B-41CF-4C71-A74A-00E2BFB9315E}" [In-None-P6-TRUE] .(...) -- C:\Users\sameh\AppData\Local\Temp\7zS340F\HPDiagnosticCoreUI.exe (.not file.)
O87 - FAEL: "{70F7F58A-6E3E-499F-B40A-052FE97A93F3}" [In-None-P17-TRUE] .(...) -- C:\Users\sameh\AppData\Local\Temp\7zS340F\HPDiagnosticCoreUI.exe (.not file.)
O87 - FAEL: "TCP Query User{E3761DDB-7823-4943-94E1-7CB920B25910}D:\new folder\prince of persia.exe" [In-None-P6-TRUE] .(...) -- D:\new folder\prince of persia.exe (.not file.)
O87 - FAEL: "UDP Query User{DEB801AC-5B44-4949-AF7D-59F4E11DD509}D:\new folder\prince of persia.exe" [In-None-P17-TRUE] .(...) -- D:\new folder\prince of persia.exe (.not file.)

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) (52) - 58s
SR - Auto [2015/07/07 20:12:28] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - Demand [2014/08/30 17:48:46] [ 234520] Kaspersky Anti-Virus Service 15.0.1 (AVP15.0.1) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
SR - Auto [2013/06/25 19:12:32] [ 1132920] Bluetooth Device Monitor (Bluetooth Device Monitor) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - Auto [2013/07/05 02:07:26] [ 1157496] Bluetooth OBEX Service (Bluetooth OBEX Service) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SR - Auto [2015/08/13 22:06:22] [ 124880] bolvejrij (bolvejrij) . (...) - C:\ProgramData\CersIuo\ciiuwte.exe
SR - Auto [2013/10/14 11:23:20] [ 109568] HP SimplePass Cachedrv Service (Cachedrv server) . (...) - C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
SS - Demand [2013/08/26 12:31:16] [ 279024] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe
SR - Auto [2013/08/12 04:34:05] [ 77576] CyberLink PowerDVD 12 Media Server Monitor Service (CyberLink PowerDVD 12 Media Server Monitor Service) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
SR - Auto [2013/08/12 04:34:07] [ 298760] CyberLink PowerDVD 12 Media Server Service (CyberLink PowerDVD 12 Media Server Service) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
SR - Auto [2015/08/13 22:06:32] [ 124880] dokriuwliu (dokriuwliu) . (...) - C:\ProgramData\CersIuo\ciiuate.exe
SR - Auto [2013/07/30 00:37:10] [ 631024] Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - Auto [2015/08/10 10:20:48] [ 379904] Check Service (fchk32) . (.Copyright © 2015.) - C:\Program Files\fchk32\fchk32.exe
SR - Auto [2014/09/17 04:11:26] [ 1149760] NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
SS - Auto [2015/08/13 23:45:00] [ 68608] globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.Optional.GlobalUpdate
SS - Demand [2015/08/13 23:45:00] [ 68608] globalUpdate Update Service (globalUpdatem) (globalUpdatem) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.Optional.GlobalUpdate
SS - Auto [2014/10/15 12:31:38] [ 107912] خدمة Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - Demand [2014/10/15 12:31:38] [ 107912] خدمة Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - Auto [2013/08/30 03:31:42] [ 92160] HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
SR - Demand [2013/06/07 22:56:48] [ 1129760] HP Software Framework Service (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SR - Auto [2013/07/23 21:28:56] [ 43320] @oem18.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\system32\Hpservice.exe
SR - Auto [2013/07/23 22:38:18] [ 1039160] HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
SR - Auto [2013/08/22 21:08:56] [ 15720] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - Auto [2015/08/13 23:52:41] [ 38400] NVIDIA Network Service 1.60.13 (icmui) . (...) - C:\Users\sameh\AppData\Local\NVIDIANetwork\nvidia.exe
SR - Auto [2013/05/12 03:45:38] [ 733696] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SS - Demand [2013/05/12 03:45:54] [ 822232] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SR - Auto [2013/08/09 14:25:16] [ 131544] Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - Auto [2013/07/01 22:43:24] [ 157128] Intel(R) Wireless Bluetooth(R) 4.0 Radio Management (Intel(R) Wireless Bluetooth(R) 4.0 Radio Management) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
SR - Auto [2013/08/13 05:06:34] [ 198120] Intel(R) Smart Connect Technology Agent (ISCTAgent) . (.Copyright© 2011-2013 Intel Corporation.) - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
SR - Auto [2013/08/09 14:25:12] [ 169432] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - Auto [2013/08/09 14:25:18] [ 390616] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - Demand [2015/07/14 15:19:00] [ 148136] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - Demand [2013/07/30 00:37:26] [ 284912] Wireless PAN DHCP Server (MyWiFiDHCPDNS) . (.Copyright (C) 2005-2010 by Achal Dhir.) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - Demand [2008/04/08 08:56:30] [ 800040] NBService (NBService) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
SR - Demand [2008/01/22 10:13:26] [ 275752] NMIndexingService (NMIndexingService) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
SR - Auto [2014/09/17 04:11:26] [ 1796928] NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - Auto [2014/09/17 04:11:22] [19440960] NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - Auto [2015/05/12 05:30:36] [ 937288] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - Auto [2013/10/14 11:29:40] [ 87552] HP SimplePass Service (omniserv) . (.Softex Inc..) - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
SR - Auto [2006/12/19 09:30:26] [ 81920] PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\SysWOW64\IoctlSvc.exe
SR - Auto [2013/12/14 15:48:22] [ 39056] RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - Auto [2015/01/11 03:40:40] [ 1141336] RealPlayer Cloud Service (RealPlayer Cloud Service) . (.RealNetworks, Inc..) - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
SR - Auto [2013/12/16 17:44:52] [ 23552] RealPlayer Update Service (RealPlayerUpdateSvc) . (...) - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
SR - Auto [2013/07/30 00:36:38] [ 154864] Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SS - Demand [2015/06/10 11:11:26] [ 155520] Sony PC Companion (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
SR - Auto [2014/10/13 07:57:46] [ 743688] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
SR - Auto [2013/08/15 13:21:10] [ 339456] @C:\Windows\system32\stlang64.dll,-10101 (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\stacsv64.exe
SS - Demand [2015/07/21 21:32:26] [ 838336] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - Auto [2015/07/21 08:37:46] [ 149432] The Calendar Service (TheCalendarService) . (.Copyright (C) 2015.) - C:\Program Files (x86)\CalendarTool\2.0.0.10764\CalendarServ.exe
SR - Auto [2014/07/16 10:24:32] [ 2145080] TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
SR - Auto [2013/08/01 18:03:12] [ 32768] Validity WBF Policy Service (valWBFPolicyService) . (.Validity Sensors, Inc..) - C:\Windows\system32\valWBFPolicyService.exe
SR - Auto [2008/11/09 22:48:14] [ 602392] Yahoo! Updater (YahooAUService) . (.Yahoo! Inc..) - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
SR - Auto [2013/07/30 00:37:48] [ 3668208] Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

---\\ Additional Scan (O88) (97) - 0s
C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-6.exe =>PUP.Optional.CrossRider
C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-1-6.exe =>PUP.Optional.CrossRider
C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-10.exe =>PUP.Optional.CrossRider
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse
C:\Users\sameh\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate
HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.Optional.GlobalUpdate
C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-1-7.exe =>PUP.Optional.CrossRider
C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-11.exe =>PUP.Optional.CrossRider
C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-3.exe =>PUP.Optional.CrossRider
C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-4.exe =>PUP.Optional.CrossRider
C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-5.exe =>PUP.Optional.CrossRider
C:\Program Files (x86)\CinemaP-1.9cV13.08\15fba21d-9756-481b-984c-9daf84d000d2-7.exe =>PUP.Optional.CrossRider
HKCU\SOFTWARE\8HF8bKGF5yed8dNTj =>PUP.Optional.CrossRider
C:\Users\sameh\AppData\Roaming\8HF8bKGF5yed8dNTj.exe =>PUP.Optional.CrossRider
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\hPmIEBAx =>PUP.Optional.CrossRider
C:\Users\sameh\AppData\Roaming\hPmIEBAx.exe =>PUP.Optional.CrossRider
C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-1-6.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-1-7.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-10_user.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-11.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-3.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-4.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-5.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-5_user.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-6.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-7.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\8HF8bKGF5yed8dNTj.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\Crossbrowse.job =>PUP.Optional.CrossBrowse
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.Optional.GlobalUpdate
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.Optional.GlobalUpdate
C:\Windows\Tasks\hPmIEBAx.job =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-1-6 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-1-7 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-10_user =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-11 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-3 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-4 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-5 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-5_user =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-6 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\15fba21d-9756-481b-984c-9daf84d000d2-7 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\8HF8bKGF5yed8dNTj =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\Crossbrowse =>PUP.Optional.CrossBrowse
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore =>PUP.Optional.GlobalUpdate
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA =>PUP.Optional.GlobalUpdate
C:\Windows\System32\Tasks\hPmIEBAx =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV13.08 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse =>PUP.Optional.CrossBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage =>PUP.Optional.Downware
HKLM\SOFTWARE\Wow6432Node\667ec687-5a35-458c-aea9-cdc4f4c1e2b0 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV13.08 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV13.08-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV13.08-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse
HKLM\SOFTWARE\Wow6432Node\downchecker =>PUP.Optional.DownChecker
HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaP-1.9cV13.08 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaP-1.9cV13.08-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaP-1.9cV13.08-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\CrossBrowser =>PUP.Optional.CrossBrowser
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider
C:\Program Files (x86)\521abff7-0410-4522-96a4-a3c4e9d1e836 =>PUP.Optional.CrossRider
C:\Program Files (x86)\542F210B-1439502761-BD9F-82B4-7A9D287B8137 =>PUP.Optional.CrossRider
C:\Program Files (x86)\CinemaP-1.9cV13.08 =>PUP.Optional.CrossRider
C:\Program Files (x86)\Crossbrowse =>PUP.Optional.CrossBrowse
C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.Optional.CrossBrowse
C:\Users\sameh\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy
C:\Users\sameh\AppData\Roaming\VOPackage =>PUP.Optional.Downware
C:\Users\sameh\AppData\Local\Crossbrowse =>PUP.Optional.CrossBrowse
C:\Users\sameh\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Users\sameh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>PUP.Optional.Downware
C:\Windows\Prefetch\CROSSBROWSE.EXE-6BE4601B.pf =>PUP.Optional.CrossBrowse
C:\Windows\Prefetch\GLOBALUPDATE.EXE-2956FB3E.pf =>PUP.Optional.GlobalUpdate
C:\Windows\Prefetch\GLOBALUPDATE.EXE-E321026A.pf =>PUP.Optional.GlobalUpdate
C:\Windows\Prefetch\GLOBALUPDATECRASHHANDLER.EXE-0D97AF76.pf =>PUP.Optional.GlobalUpdate
C:\Users\sameh\AppData\Roaming\VOPackage\Uninstall.exe =>PUP.Optional.Downware
C:\Users\sameh\AppData\Roaming\VOPackage\VOPackage.exe =>PUP.Optional.Downware
C:\Users\sameh\AppData\Local\Microsoft\Windows\INetCache\IE\FLINV2J8\VOPackage[1].exe =>PUP.Optional.Downware
C:\Program Files\KMSpico\KMSELDI.exe =>PUA.Optional.KMSpico
C:\Program Files\KMSpico\AutoPico.exe =>PUA.Optional.KMSpico
HKLM\SYSTEM\CurrentControlSet\Services\globalUpdatem =>PUP.Optional.GlobalUpdate

---\\ Summary of the elements found on your workstation (11) - 0s
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowse
http://www.nicolascoolman.fr/blog =>PUP.Optional.BDYahoo
http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate
http://www.nicolascoolman.fr/adware-downware/ =>PUP.Optional.Downware
http://www.nicolascoolman.fr/blog =>PUP.Optional.DownChecker
http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions
http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowser
http://www.nicolascoolman.fr/adware-opencandy/ =>PUP.Optional.OpenCandy
http://www.nicolascoolman.fr/pup-kmspico/ =>PUA.Optional.KMSpico

~ End of the scan, 33323 items in 433 seconds (1443)(0)()

Publicité


Signaler le contenu de ce document

Publicité