cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.9.7.137 By Nicolas Coolman (2015/09/7)
~ Run by AML Family (Administrator) (2015/09/08 18:19:40)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\AML Family\Desktop\ZHPDiag.txt
~ Report: C:\Users\AML Family\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 10240)

---\\ Internet Browsers (2) - 0s
GCIE: Google Chrome v45.0.2454.85
MSIE: Internet Explorer v11.0.10240.16431

---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Automatic Updates : OK

---\\ System protection software (2) - 9s
Malwarebytes Anti-Malware version 2.1.8.1057
Windows Defender W10 (Deactivate)

---\\ System optimization software (1) - 9s
CCleaner v5.00

---\\ Surveillance software (1) - 9s
Adobe Flash Player 16 PPAPI

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4021.568 MB (30% free)
~ System Restore: Activé (Enable)
~ System drive C: has 5 GB free of 73 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: AML
~ User Name: AML Family
~ Logged in as Administrator

---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 5 GB free of 73 GB (System)
~ Drive D: has 22 GB free of 77 GB

---\\ State of the Windows Security Center (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Search Generic System Files (25) - 2s
[MD5.F1CBCB7FA6F3B309639AA2D4EF74469C] - (.Microsoft Corporation - Windows Explorer.) () -- C:\WINDOWS\Explorer.exe [4532304] ©
[MD5.5DED2A3F11AE916C8F2724947E736261] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\WINDOWS\System32\rundll32.exe [59392] ©
[MD5.7718A2A9B2BFB2C8E2BAEB03310CA3FD] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\WINDOWS\System32\Wininit.exe [290312] ©
[MD5.FE32B8423711B4B4378C0BA3C3560ED4] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [2741760] ©
[MD5.26EFEFD877A84EE9FBDE6DEE630892C9] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\WINDOWS\System32\Winlogon.exe [578048] ©
[MD5.ECB1943967424DFB96E03F6A098434EF] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\WINDOWS\System32\sppcomapi.dll [430592] ©
[MD5.C287D0E32771E3222A444DC527A29477] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\WINDOWS\System32\dnsapi.dll [680256] ©
[MD5.BB5BBD0E4D04047585E4ED0F07AA51E7] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\WINDOWS\Syswow64\dnsapi.dll [534064] ©
[MD5.8C795953726C7D2DE72CE4748208C5ED] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\WINDOWS\System32\fr-FR\user32.dll.mui [20480] ©
[MD5.6C12C7E01A4F64E0AA9C88AF66955CC9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [577888] ©
[MD5.8921DF6060DB5C7700AA48CB12E9EA08] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [28512] ©
[MD5.F2829DC6D292DCAC5029893BB2E9FEE3] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] ©
[MD5.CA160E02F35A61C6F5C681FB4669C519] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [174080] ©
[MD5.25435407D97419627F4B10653433BF2B] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\WINDOWS\System32\drivers\DfsC.sys [138240] ©
[MD5.C277A49F8A8295840DEBC9240B75A282] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [80896] ©
[MD5.D4CDEE4A62BDFFF6E8558A9552148EA7] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] ©
[MD5.5D3744E6FDEC1A6FB3FA9B1DD4AF0694] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] ©
[MD5.1DF2C5FD2710A13B07E663A12F0E0EEA] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [415232] ©
[MD5.F0D791348AD254360CC3C3E501CCB745] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [273408] ©
[MD5.466EC5659C02ED53DBD47DC1BC2B8086] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [2116448] ©
[MD5.38F1AE32339731F6E5A7281AE8042545] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\WINDOWS\System32\drivers\Parport.sys [96768] ©
[MD5.CA60F6C03611AF1710BC903ED9F566FB] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] ©
[MD5.A32AED8C644734B283A7C9D08D76064D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [176128] ©
[MD5.28E1E63A1AC65E17B3194238FA2CF3BF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\WINDOWS\System32\drivers\tdx.sys [116576] ©
[MD5.823A237D871CD652C6BFD47BECB6810A] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [378720] ©

---\\ Process running (39) - 1s
[MD5.3D6257C095AAFB05577339418CA11EEF] - (.Bitdefender - Bitdefender Security Service.) -- C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1545376] [PID.1040] ©
[MD5.3BDB13C79CC8C06E2F8182595903ED69] - (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) -- C:\WINDOWS\system32\AEADISRV.EXE [111616] [PID.1468] ©
[MD5.2763A02188FFB04287F5034EC5B6B451] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\AMT\LMS.exe [174616] [PID.2160] ©
[MD5.360959BBD4F451E1AB811F4304232766] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2568120] [PID.2280]
[MD5.83C982A395D00BAFF6515FB38424EA76] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880] [PID.2352] ©
[MD5.301E3FDFCF33640BB8763BA444BC5093] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.2388] ©
[MD5.A1F19195A5E78501AC1C0AC40B3BA577] - (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4408888] [PID.2408]
[MD5.CC465ECBC1700B2D91E152ED9165994A] - (.Rosetta Stone Ltd. - Rosetta Stone Ltd. application.) -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [1646608] [PID.2420]
[MD5.C1C2C9231EBD263DB9C4F34DBB080B32] - (.Bitdefender - Bitdefender Update Service.) -- C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320] [PID.2660] ©
[MD5.D47E82866A6FF02DAE9CEDF127C4BEE0] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2066968] [PID.2836] ©
[MD5.A0FFCF6391B5270B2A34E379DE446878] - (.Hewlett-Packard Company - HP Support Solutions Framework Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888] [PID.4692] ©
[MD5.78F7BB9F4924BE164294C59B8C3FC096] - (.Nokia - ServiceLayer Module.) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [737616] [PID.8136] ©
[MD5.7B7DE6B3DC30F3246958F42C67A6F7BB] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [1102472] [PID.5564] ©
[MD5.ABFF2B3A80AA5348BE5E43EFD6B415D1] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6554424] [PID.6316] ©
[MD5.F84E84534021A0B52931B9FC9D773FB9] - (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1695744] [PID.7256] ©
[MD5.FDD3B6C9108210413E6659A7BD49CFDC] - (.Nokia - USB Media Server.) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe [224080] [PID.11104] ©
[MD5.1E69319B2F7C46070DC8E6BAF0941FE2] - (.Intel Corporation - Intel(R) Management and Security.) -- C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [796696] [PID.9272] ©
[MD5.BCD3D63304E96B023DDADE00204F2031] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [162584] [PID.8924] ©
[MD5.DFCA0E9868F98B565CE512D1F74D77D8] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [386840] [PID.12188] ©
[MD5.77DE46E7DC1292EF3389691C51F1AD07] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [417560] [PID.6220] ©
[MD5.533765F5243B1C6EE719BEAC322E53ED] - (.Bitdefender - Bitdefender Wallet Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880] [PID.8576] ©
[MD5.44A9229022A519ED45294A1934C05EEC] - (.Flux Software LLC - f.lux.) -- C:\Users\AML Family\AppData\Local\FluxSoftware\Flux\flux.exe [1017224] [PID.7552]
[MD5.77C01F1850E55373280A1B865D824F58] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\AML Family\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.3596] ©
[MD5.2481529EC3A9A030481545B70B119CCB] - (.Nokia - Nokia Suite.) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448] [PID.9484] ©
[MD5.AFD15F701B550037FFDDE6B18171479D] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816] [PID.9584] ©
[MD5.D34B8E9BD27C19AB66DCA54C3DC38BA7] - (.Visicom Media Inc. (Powered by Panda Security) - Visicom Media Anti-phishing Domain Advisor.) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [232104] [PID.952] =>PUP.Optional.VisicomAntiPhishing
[MD5.F67991C4EE448C5FF03F148E0A79EF9D] - (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day f.) -- C:\Program Files (x86)\Athan\Athan.exe [1216512] [PID.10504]
[MD5.58FBD16C4BB84D9F69C25F30DAA4CE31] - (.Nokia - Microsoft Bluetooth Media Server.) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe [158032] [PID.9236] ©
[MD5.4407C4437A2899A4A13ED021DE765A4F] - (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Spark\spark.exe [981184] [PID.3920]
[MD5.4407C4437A2899A4A13ED021DE765A4F] - (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Spark\spark.exe [981184] [PID.4276]
[MD5.4407C4437A2899A4A13ED021DE765A4F] - (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Spark\spark.exe [981184] [PID.11080]
[MD5.4407C4437A2899A4A13ED021DE765A4F] - (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Spark\spark.exe [981184] [PID.11052]
[MD5.4407C4437A2899A4A13ED021DE765A4F] - (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Spark\spark.exe [981184] [PID.11572]
[MD5.86BF17A265E1B4BA41325623EC132E66] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [2899136] [PID.9336] ©
[MD5.1EBCD1FBC4E7B443CE8E6A9A66B88EA1] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [1862848] [PID.9064] ©
[MD5.2A6EDC2FBB4B9C11BB21BE3881C7A692] - (.Valve Corporation - Steam Client Service.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe [838336] [PID.8692] ©
[MD5.1EBCD1FBC4E7B443CE8E6A9A66B88EA1] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [1862848] [PID.9776] ©
[MD5.4407C4437A2899A4A13ED021DE765A4F] - (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Spark\spark.exe [981184] [PID.4376]
[MD5.277789334263C78BD58231766AD7C015] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\AML Family\AppData\Roaming\ZHP\ZHPDiag3.exe [1923072] [PID.5612] ©

---\\ Google Chrome, Start,Search,Extensions (18) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://r4---sn-p5h-gc5e.gvt1.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://redirector.gvt1.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://chrome.google.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.google.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.googleusercontent.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.googleapis.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com/
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [fabcmochhfpldjekobfaaggijgohadih] Bitdefender Wallet
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (1) - 0s
P2 - FPN: [HKLM] [@nokia.com/EnablerPlugin] - (.Nokia.) -- C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ©

---\\ Internet Explorer Extensions, Start, Search (13) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Proxy Management (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (24)

---\\ Browser Helper Object (BHO) (4) - 1s
O2 - BHO: Bitdefender Wallet [64Bits] - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} . (.Bitdefender - Bitdefender Password Manager Internet Explo.) -- C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll ©
O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files\Microsoft Office\Office15\OCHelper.dll ©
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll ©
O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL ©

---\\ Internet Explorer Toolbars (1) - 0s
O3 - Toolbar: Complete Bar - [HKLM]{64c54209-175c-454d-9291-ac46d4d952cf} . (.© 2011 Visicom Media Inc. - Complete Bar Link Library.) -- C:\Program Files (x86)\completebartb\completebarDx.dll

---\\ Auto loading programs from Registry and folders (28) - 0s
O4 - HKLM\..\Run: [picon] . (.Intel Corporation - Intel(R) Management and Security.) -- C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe ©
O4 - HKLM\..\Run: [SoftEther VPN Client UI Helper] . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe ©
O4 - HKLM\..\Run: [Bdagent] . (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe ©
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe ©
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe ©
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe ©
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe ©
O4 - HKCU\..\Run: [Bitdefender Wallet Agent] . (.Bitdefender - Bitdefender Wallet Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe ©
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe ©
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe ©
O4 - HKCU\..\Run: [f.lux] . (.Flux Software LLC - f.lux.) -- C:\Users\AML Family\AppData\Local\FluxSoftware\Flux\flux.exe
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe ©
O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\AML Family\AppData\Local\Microsoft\BingSvc\BingSvc.exe ©
O4 - HKLM\..\Wow6432Node\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe ©
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- D:\QuickTime\QTTask.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Coin Miner] . (.Sonera Corporative OU - Coin Miner by CoIntellect.) -- C:\Program Files (x86)\CoinMiner\coinminer.exe
O4 - HKLM\..\Wow6432Node\Run: [Anti-phishing Domain Advisor] . (.Visicom Media Inc. (Powered by Panda Security) - Visicom Media Anti-phishing Domain Advisor.) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe =>PUP.Optional.VisicomAntiPhishing
O4 - HKLM\..\Wow6432Node\Run: [Athan] . (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day f.) -- C:\Program Files (x86)\Athan\Athan.exe
O4 - HKLM\..\Wow6432Node\Run: [Wallpapers Bot] . (.Teriks Group Corp. - WallapersBot.) -- C:\Program Files (x86)\Wallpapers Bot\wallpapers_bot.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe ©
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe ©
O4 - HKUS\S-1-5-21-109482411-359201058-2826818355-1001\..\Run: [Bitdefender Wallet Agent] . (.Bitdefender - Bitdefender Wallet Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe ©
O4 - HKUS\S-1-5-21-109482411-359201058-2826818355-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe ©
O4 - HKUS\S-1-5-21-109482411-359201058-2826818355-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe ©
O4 - HKUS\S-1-5-21-109482411-359201058-2826818355-1001\..\Run: [f.lux] . (.Flux Software LLC - f.lux.) -- C:\Users\AML Family\AppData\Local\FluxSoftware\Flux\flux.exe
O4 - HKUS\S-1-5-21-109482411-359201058-2826818355-1001\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe ©
O4 - HKUS\S-1-5-21-109482411-359201058-2826818355-1001\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\AML Family\AppData\Local\Microsoft\BingSvc\BingSvc.exe ©

---\\ Lop.com/Domain Hijackers (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Extra protocols (25) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: osf [64Bits] - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files\Microsoft Office\Office15\MSOSB.DLL ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll ©
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL ©

---\\ Non Microsoft non disabled Windows Services (14) - 1s
O23 - Service: @oem16.inf,%AEADISRV.SvcDesc%;Andrea ADI Filters Service (AEADIFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\WINDOWS\system32\AEADISRV.EXE ©
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company - HP Support Solutions Framework Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe ©
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\AMT\LMS.exe ©
O23 - Service: MBAMScheduler (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe ©
O23 - Service: MBAMService (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe ©
O23 - Service: RosettaStoneDaemon (RosettaStoneDaemon) . (.Rosetta Stone Ltd. - Rosetta Stone Ltd. application.) - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
O23 - Service: SoftEther VPN Client (SEVPNCLIENT) . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) - C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
O23 - Service: Baidu Spark Service (SparkSvc) . (.Baidu Inc. - spark.) - C:\Program Files (x86)\baidu\Spark\sparkservice.exe
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe ©
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) . (.Bitdefender - Bitdefender Update Service.) - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe ©
O23 - Service: Bitdefender Virus Shield (VSSERV) . (.Bitdefender - Bitdefender Security Service.) - C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe ©

---\\ Task Planned Automatically (26) - 4s
[MD5.C746CD166372F3C6F364B62F2C2C8B20] [APT] [AutoKMS] (.CODYQX4.) -- C:\Windows\AutoKMS\AutoKMS.exe [3738624] =>HackTool.AutoKMS
[MD5.BC14706D68E7F855735369CFEE4028C7] [APT] [Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8] (.Bitdefender.) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe [98208] ©
[MD5.2E4EE47FBD9BB663A5220DBC38579986] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5282584] ©
[MD5.4F8D119BC0413246FDDED623C0A68D28] [APT] [Driver Booster Scan] (.IObit.) -- C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [67904] ©
[MD5.019280AC54EB8C7DF48765A5C86B76C0] [APT] [Driver Booster SkipUAC (AML Family)] (.IObit.) -- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [4366144] ©
[MD5.AD613DE74A1A3DF1082EF684407155A0] [APT] [Driver Booster Update] (.IObit.) -- C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [1439040] ©
[MD5.00000000000000000000000000000000] [APT] [DriverNavigator Scheduled Scan] (...) -- C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe (.not file.) [0]
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] ©
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] ©
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineUA1d04186d2ff4095] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] ©
[MD5.D6A5594FE9C1FD3D9D8F443CFE056509] [APT] [SparkUpdater] (.Baidu.com, Inc..) -- C:\Program Files (x86)\baidu\Spark\SparkUpdate.exe [1359040]
[MD5.36627DE002363526B49D860333F36483] [APT] [Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [174904] ©
O39 - APT: DriverNavigator Scheduled Scan - (...) -- C:\WINDOWS\Tasks\DriverNavigator Scheduled Scan.job [454]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [854] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [858] ©
O39 - APT: AutoKMS - (.CODYQX4.) -- C:\WINDOWS\System32\Tasks\AutoKMS [3808] =>HackTool.AutoKMS
O39 - APT: Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 - (.Bitdefender.) -- C:\WINDOWS\System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 [3628] ©
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\WINDOWS\System32\Tasks\CCleanerSkipUAC [2892] ©
O39 - APT: Driver Booster Scan - (.IObit.) -- C:\WINDOWS\System32\Tasks\Driver Booster Scan [3348] ©
O39 - APT: Driver Booster SkipUAC (AML Family) - (.IObit.) -- C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (AML Family) [3082] ©
O39 - APT: Driver Booster Update - (.IObit.) -- C:\WINDOWS\System32\Tasks\Driver Booster Update [3296] ©
O39 - APT: DriverNavigator Scheduled Scan - (...) -- C:\WINDOWS\System32\Tasks\DriverNavigator Scheduled Scan [3958]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3684] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3916] ©
O39 - APT: GoogleUpdateTaskMachineUA1d04186d2ff4095 - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d04186d2ff4095 [3940] ©
O39 - APT: SparkUpdater - (.Baidu.com, Inc..) -- C:\WINDOWS\System32\Tasks\SparkUpdater [4206]

---\\ Software installed (98) - 8s
O42 - Logiciel: Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) - (.Nokia.) [HKLM][64Bits] -- 62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F ©
O42 - Logiciel: Bitdefender Total Security 2015 - (.Bitdefender.) [HKLM][64Bits] -- Bitdefender ©
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner ©
O42 - Logiciel: Intel(R) Management Engine Interface - (.Intel Corporation.) [HKLM][64Bits] -- HECI ©
O42 - Logiciel: Intel® Active Management Technology - (.Intel Corporation.) [HKLM][64Bits] -- MESOL ©
O42 - Logiciel: SoftEther VPN Client - (.SoftEther VPN Project.) [HKLM][64Bits] -- softether_sevpnclient
O42 - Logiciel: WinRAR 5.20 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver ©
O42 - Logiciel: Windows Software Development Kit for Windows Store Apps DirectX x64 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {27EF252D-800C-ED42-9904-459FE0046225} ©
O42 - Logiciel: SoftPerfect WiFi Guard version 1.0.5 - (.SoftPerfect Research.) [HKLM][64Bits] -- {38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1 ©
O42 - Logiciel: Windows App Certification Kit Native Components - (.Microsoft Corporation.) [HKLM][64Bits] -- {3FA063D7-EDC1-AFA8-54AF-0563C7DEE070} ©
O42 - Logiciel: MSVC80_x64_v2 - (.Nokia.) [HKLM][64Bits] -- {4D668D4F-FAA2-4726-834C-31F4614F312E} ©
O42 - Logiciel: Windows Software Development Kit DirectX x64 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {5FB4C443-6BD6-1514-2717-3827D65AE6FB} ©
O42 - Logiciel: Application Verifier x64 External Package - (.Microsoft.) [HKLM][64Bits] -- {7346C35D-942D-3CCE-94CB-7008BA8D63CB} ©
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} ©
O42 - Logiciel: Microsoft Access MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Excel MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft PowerPoint MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Publisher MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Outlook MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Word MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft InfoPath MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft DCF MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft OneNote MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Groove MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Security Update for Skype for Business 2015 (KB3055014) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8C2B62DE-0BBD-421A-A0F8-4517146C7725} ©
O42 - Logiciel: Microsoft Lync MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Security Update for Skype for Business 2015 (KB3055014) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{8C2B62DE-0BBD-421A-A0F8-4517146C7725} ©
O42 - Logiciel: Update for Skype for Business 2015 (KB2889853) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{DD51BA84-F589-4939-B5FE-5538B3DCC12E} ©
O42 - Logiciel: Security Update for Skype for Business 2015 (KB3055014) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8C2B62DE-0BBD-421A-A0F8-4517146C7725} ©
O42 - Logiciel: ALPS Touch Pad Driver - (.Alps Electric.) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} ©
O42 - Logiciel: MSVC90_x64 - (.Nokia.) [HKLM][64Bits] -- {AB071C8B-873C-459F-ACA9-9EBE03C3E89B} ©
O42 - Logiciel: Vegas Pro 13.0 (64-bit) - (.Sony.) [HKLM][64Bits] -- {CDA02BF0-BFBC-11E3-AFA0-F04DA23A5C58} ©
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {D4BD27CF-BFBC-11E3-9B8F-F04DA23A5C58} ©
O42 - Logiciel: Adobe Flash Player 16 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI ©
O42 - Logiciel: Anti-phishing Domain Advisor - (.Visicom Media Inc. (Powered by Panda Security).) [HKLM][64Bits] -- Anti-phishing Domain Advisor
O42 - Logiciel: Athan Basic 4.5 - (...) [HKLM][64Bits] -- Athan
O42 - Logiciel: CompitlyEngine - (...) [HKLM][64Bits] -- CompitlyEngine_is1
O42 - Logiciel: Complete Bar - (.Visicom Media Inc..) [HKLM][64Bits] -- completebartb
O42 - Logiciel: Driver Booster 2.2 - (.IObit.) [HKLM][64Bits] -- Driver Booster_is1 ©
O42 - Logiciel: Freemake Video Converter version 4.1.5 - (.Ellora Assets Corporation.) [HKLM][64Bits] -- Freemake Video Converter_is1 ©
O42 - Logiciel: GameSpy Arcade - (...) [HKLM][64Bits] -- GameSpy Arcade
O42 - Logiciel: Google Chrome - (.Google Inc‎.‎.) [HKLM][64Bits] -- Google Chrome ©
O42 - Logiciel: SWAT 4 - (.Nom de votre société.) [HKLM][64Bits] -- InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 ©
O42 - Logiciel: Action! - (.Mirillis.) [HKLM][64Bits] -- Mirillis Action! ©
O42 - Logiciel: Nokia Suite - (.Nokia.) [HKLM][64Bits] -- Nokia Suite ©
O42 - Logiciel: OpenAL - (...) [HKLM][64Bits] -- OpenAL
O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin ©
O42 - Logiciel: Baidu Browser - (.Baidu Inc..) [HKLM][64Bits] -- Spark
O42 - Logiciel: Spintires - (...) [HKLM][64Bits] -- Spintires_is1
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam ©
O42 - Logiciel: Killing Floor 2 - (.Tripwire Interactive.) [HKLM][64Bits] -- Steam App 232090 ©
O42 - Logiciel: TechPowerUp GPU-Z - (.TechPowerUp.) [HKLM][64Bits] -- TechPowerUp GPU-Z
O42 - Logiciel: Tunngle - (.Tunngle.net GmbH.) [HKLM][64Bits] -- Tunngle_is1
O42 - Logiciel: Uplay - (.Ubisoft.) [HKLM][64Bits] -- Uplay ©
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player ©
O42 - Logiciel: Wallpapers Bot - (.DK Digital Labs.) [HKLM][64Bits] -- Wallpapers Bot
O42 - Logiciel: Rosetta Stone Language Training - (.Rosetta Stone, Ltd.) [HKLM][64Bits] -- {00384623-4937-4D7D-BDD9-23513D1C50AB}
O42 - Logiciel: Windows App Certification Kit x64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {02213A81-CB13-7262-5ABE-1FFA2C75559F} ©
O42 - Logiciel: redist - (.redist.) [HKLM][64Bits] -- {153C7D89-9CF4-4719-A551-C5BF45236DB5}
O42 - Logiciel: Windows Software Development Kit DirectX x86 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {23176E97-26CB-C72A-19EB-BFB21AC1D15A} ©
O42 - Logiciel: Skype™ 7.7 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} ©
O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM][64Bits] -- {29373274-977E-413C-A4DE-DC0F8E80C429} ©
O42 - Logiciel: Rosetta Stone Ltd Services - (.Rosetta Stone Ltd..) [HKLM][64Bits] -- {3165E4A6-D5DE-46B0-8597-D55E2B826B84}
O42 - Logiciel: HitLeap Viewer 2.8 - (.HitLeap Ltd..) [HKLM][64Bits] -- {31B12C11-AE4E-479F-8D6D-242DC265368D}
O42 - Logiciel: LG EV-DOM USB MODEM - (...) [HKLM][64Bits] -- {3314870F-4DEB-4E38-A9D8-B978945CEF01}
O42 - Logiciel: Windows Software Development Kit - (.Microsoft Corporation.) [HKLM][64Bits] -- {363a2c1e-637f-45ce-933b-5a5463efd945} ©
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM][64Bits] -- {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E} ©
O42 - Logiciel: DriverIdentifier 4.2.9 - (.DriverIdentifier.) [HKLM][64Bits] -- {40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1
O42 - Logiciel: Windows Software Development Kit for Windows Store Apps DirectX x86 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {42F61556-29ED-8122-F39E-6F04EA5FF279} ©
O42 - Logiciel: Modem LG LDU-1900D - (.LG Electronics.) [HKLM][64Bits] -- {43DB077F-C85F-42CC-8302-17CBEE4A6BC6} ©
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} ©
O42 - Logiciel: Windows Software Development Kit Redistributables - (.Microsoft Corporation.) [HKLM][64Bits] -- {512957F0-B211-C50A-C1FC-6867FC3348A1} ©
O42 - Logiciel: GRID - (.Codemasters.) [HKLM][64Bits] -- {5A0B7BA5-4682-4273-81C2-69B17E649103} ©
O42 - Logiciel: Windows Software Development Kit - (.Microsoft Corporation.) [HKLM][64Bits] -- {60D5EF2A-4E0C-2C30-38F6-59C26E134F4A} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ©
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM][64Bits] -- {6D01D1B1-17BD-4F10-BB11-F08F0C47D42B} ©
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} ©
O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM][64Bits] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} ©
O42 - Logiciel: Coin Miner version 2.1.3 - (.Sonera Corporative OU.) [HKLM][64Bits] -- {887F6843-E3D1-407C-9B01-20569DF78F0C}_is1
O42 - Logiciel: Nokia Suite - (.Nokia.) [HKLM][64Bits] -- {88B6F9DE-C80F-4A70-ACF6-BEE933679170} ©
O42 - Logiciel: WPTx64 - (.Microsoft.) [HKLM][64Bits] -- {986EABFC-92F6-CECD-9E5A-B13CAC40BB1D} ©
O42 - Logiciel: WPT Redistributables - (.Microsoft.) [HKLM][64Bits] -- {A5D42D71-4036-5F88-5085-657C9DF9F1DD} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ©
O42 - Logiciel: System Requirements Lab Detection - (.Husdawg, LLC.) [HKLM][64Bits] -- {AA3B37E4-01B9-481E-A713-6F412DD32B7B} ©
O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM][64Bits] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D} ©
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B455E95A-B804-439F-B533-336B1635AE97} ©
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {C9EF1AAF-B542-41C8-A537-1142DA5D4AEC} ©
O42 - Logiciel: Windows Software Development Kit for Windows Store Apps - (.Microsoft Corporation.) [HKLM][64Bits] -- {D11F66FF-82B3-DDB8-1146-525370552BE1} ©
O42 - Logiciel: Windows Software Development Kit EULA - (.Microsoft Corporations.) [HKLM][64Bits] -- {D4F102C5-EEA1-CAE1-8E67-1A7FCE27F673}
O42 - Logiciel: Kits Configuration Installer - (.Microsoft.) [HKLM][64Bits] -- {E14DDED2-919B-FCCB-84AC-5ABB6D182D46} ©
O42 - Logiciel: HP Support Solutions Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {E4B931AF-C59A-4D92-8767-8E2D5F53144E} ©
O42 - Logiciel: SDK Debuggers - (.Microsoft Corporation.) [HKLM][64Bits] -- {E63A3353-003C-E4C2-230B-F155212D1479} ©
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} ©
O42 - Logiciel: Smart View 2.0 - (.Samsung.) [HKLM][64Bits] -- {FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1} ©
O42 - Logiciel: «Euro Truck Simulator 2» v.1.4.8s - (...) [HKLM][64Bits] -- «Euro Truck Simulator 2»_is1
O42 - Logiciel: f.lux - (...) [HKCU][64Bits] -- Flux
O42 - Logiciel: XBMC - (.Team XBMC.) [HKCU][64Bits] -- XBMC

---\\ HKCU & HKLM Software Keys (127) - 8s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\Analog Devices
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\Baidu
HKLM\SOFTWARE\Wow6432Node\Bitdefender
HKLM\SOFTWARE\Wow6432Node\CDDB
HKLM\SOFTWARE\Wow6432Node\Chicony
HKLM\SOFTWARE\Wow6432Node\Codemasters
HKLM\SOFTWARE\Wow6432Node\DeskSoft
HKLM\SOFTWARE\Wow6432Node\DevID
HKLM\SOFTWARE\Wow6432Node\EA Games
HKLM\SOFTWARE\Wow6432Node\Electronic Arts
HKLM\SOFTWARE\Wow6432Node\FabPlayer
HKLM\SOFTWARE\Wow6432Node\Freemake
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\IObit
HKLM\SOFTWARE\Wow6432Node\LG Electronics
HKLM\SOFTWARE\Wow6432Node\LogMeInRescueCallingCard
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Macrovision
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nokia
HKLM\SOFTWARE\Wow6432Node\Nokia Mobile Phones
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OpenAL
HKLM\SOFTWARE\Wow6432Node\Origin
HKLM\SOFTWARE\Wow6432Node\Origin Games
HKLM\SOFTWARE\Wow6432Node\PC Connectivity Solution
HKLM\SOFTWARE\Wow6432Node\PCSuite
HKLM\SOFTWARE\Wow6432Node\PowerPivot
HKLM\SOFTWARE\Wow6432Node\Rockstar Games
HKLM\SOFTWARE\Wow6432Node\SCS Software
HKLM\SOFTWARE\Wow6432Node\SEGA
HKLM\SOFTWARE\Wow6432Node\Sierra
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SoftEther Project
HKLM\SOFTWARE\Wow6432Node\SOFTWARE
HKLM\SOFTWARE\Wow6432Node\Sony Creative Software
HKLM\SOFTWARE\Wow6432Node\Stardock
HKLM\SOFTWARE\Wow6432Node\TechSmith
HKLM\SOFTWARE\Wow6432Node\Trymedia Systems =>PUP.Optional.Trymedia
HKLM\SOFTWARE\Wow6432Node\Tunngle.net
HKLM\SOFTWARE\Wow6432Node\Ubisoft
HKLM\SOFTWARE\Wow6432Node\Valve
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\Wallpapers Bot
HKLM\SOFTWARE\Wow6432Node\WIBU-SYSTEMS
HKLM\SOFTWARE\Wow6432Node\Wow6432Node
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Analog Devices
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\ASProtect
HKCU\SOFTWARE\Axialis
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\BDUSBImmunizer
HKCU\SOFTWARE\Bitdefender
HKCU\SOFTWARE\Bohemia Interactive
HKCU\SOFTWARE\CEZEO software
HKCU\SOFTWARE\Complitly =>PUP.Optional.PredictAd
HKCU\SOFTWARE\DesktopPaints.com
HKCU\SOFTWARE\DevID
HKCU\SOFTWARE\DirectShow
HKCU\SOFTWARE\Drivers
HKCU\SOFTWARE\DriverToolkit
HKCU\SOFTWARE\Freemake
HKCU\SOFTWARE\GameSpy
HKCU\SOFTWARE\GetData
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\HitLeap
HKCU\SOFTWARE\ICSW
HKCU\SOFTWARE\IGA
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\LG Electronics
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\Michael Herf
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\Mirillis
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NewFreeScreensavers
HKCU\SOFTWARE\Nokia
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Samsung
HKCU\SOFTWARE\SeriousBit
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SoftEther Project
HKCU\SOFTWARE\Sony Creative Software
HKCU\SOFTWARE\System32
HKCU\SOFTWARE\techPowerUp
HKCU\SOFTWARE\TechSmith
HKCU\SOFTWARE\The Creative Assembly
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Tunngle.net
HKCU\SOFTWARE\University of Tsukuba
HKCU\SOFTWARE\Unwinder
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\Wallpapers Bot
HKCU\SOFTWARE\Win
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\XBMC
HKCU\SOFTWARE\Xilisoft
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\antiphishing-completebar1_0dn

---\\ Contents of the Common Files folders (293) - 10s
O43 - CFD: 2015/09/06 14:30:28 - [0] D -- C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 2015/07/30 18:21:59 - [] D -- C:\Program Files (x86)\Analog Devices
O43 - CFD: 2015/08/26 16:01:43 - [] D -- C:\Program Files (x86)\Application Verifier
O43 - CFD: 2015/02/13 16:40:20 - [] D -- C:\Program Files (x86)\Athan
O43 - CFD: 2014/12/25 21:38:38 - [] D -- C:\Program Files (x86)\baidu
O43 - CFD: 2014/12/07 13:10:45 - [] D -- C:\Program Files (x86)\CodeMeter
O43 - CFD: 2015/03/06 16:41:10 - [] AD -- C:\Program Files (x86)\CoinMiner
O43 - CFD: 2015/09/06 14:30:28 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/02/03 17:30:50 - [] AD -- C:\Program Files (x86)\CompitlyEngine
O43 - CFD: 2015/02/03 17:32:55 - [] AD -- C:\Program Files (x86)\completebartb
O43 - CFD: 2015/07/18 18:44:22 - [] D -- C:\Program Files (x86)\Cracked Steam
O43 - CFD: 2015/08/22 15:03:26 - [] D -- C:\Program Files (x86)\DevID Agent
O43 - CFD: 2015/08/22 19:19:41 - [] AD -- C:\Program Files (x86)\Driver Identifier
O43 - CFD: 2015/08/21 20:47:34 - [] D -- C:\Program Files (x86)\EarthView
O43 - CFD: 2014/12/12 20:11:13 - [] AD -- C:\Program Files (x86)\Freemake
O43 - CFD: 2015/09/08 16:20:48 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2014/12/27 14:39:12 - [] D -- C:\Program Files (x86)\GPU-Z
O43 - CFD: 2015/08/25 17:22:25 - [] AD -- C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 2015/01/11 14:20:34 - [] D -- C:\Program Files (x86)\HitLeap
O43 - CFD: 2015/08/25 17:22:44 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/08/24 15:25:57 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/09/08 18:05:05 - [] D -- C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 2015/08/07 11:10:48 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/08/22 15:07:23 - [] D -- C:\Program Files (x86)\IObit
O43 - CFD: 2015/08/26 16:41:26 - [] D -- C:\Program Files (x86)\IU DLL Fixer
O43 - CFD: 2015/08/11 11:35:56 - [] D -- C:\Program Files (x86)\LG Electronics
O43 - CFD: 2015/07/16 18:51:11 - [] AD -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 2014/12/07 13:30:34 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 2014/12/07 13:30:18 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/08/26 16:01:48 - [] D -- C:\Program Files (x86)\Microsoft SDKs
O43 - CFD: 2015/08/19 18:21:39 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2014/12/07 13:34:32 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 2015/07/30 18:27:15 - [] AD -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/09/01 14:30:50 - [] D -- C:\Program Files (x86)\Mirillis
O43 - CFD: 2015/07/26 21:45:32 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/07/31 03:10:45 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2015/08/21 20:48:16 - [] D -- C:\Program Files (x86)\MSI Afterburner
O43 - CFD: 2015/07/18 18:45:38 - [0] D -- C:\Program Files (x86)\NewFreeScreensavers
O43 - CFD: 2015/08/14 12:00:27 - [] D -- C:\Program Files (x86)\Nokia
O43 - CFD: 2015/09/06 14:30:28 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 2015/08/24 16:07:26 - [] D -- C:\Program Files (x86)\OpenAL
O43 - CFD: 2015/08/26 12:32:45 - [] AD -- C:\Program Files (x86)\Origin
O43 - CFD: 2015/08/26 12:35:00 - [0] D -- C:\Program Files (x86)\Origin Games
O43 - CFD: 2015/08/14 11:55:46 - [] AD -- C:\Program Files (x86)\PC Connectivity Solution
O43 - CFD: 2014/12/07 17:06:10 - [] D -- C:\Program Files (x86)\QuickTime
O43 - CFD: 2015/07/31 03:10:45 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/08/09 21:09:30 - [] D -- C:\Program Files (x86)\Rosetta Stone
O43 - CFD: 2015/08/09 21:09:17 - [] AD -- C:\Program Files (x86)\RosettaStoneLtdServices
O43 - CFD: 2015/08/08 21:51:42 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2015/01/05 14:27:05 - [] AD -- C:\Program Files (x86)\SmartView2
O43 - CFD: 2014/12/07 17:16:49 - [] D -- C:\Program Files (x86)\Sony
O43 - CFD: 2015/09/08 17:30:14 - [] D -- C:\Program Files (x86)\Steam
O43 - CFD: 2015/09/04 14:47:53 - [] D -- C:\Program Files (x86)\SystemRequirementsLab
O43 - CFD: 2014/12/07 17:05:42 - [] D -- C:\Program Files (x86)\TechSmith
O43 - CFD: 2015/01/24 17:51:57 - [] AD -- C:\Program Files (x86)\Tunngle
O43 - CFD: 2015/08/26 16:17:03 - [] D -- C:\Program Files (x86)\Ubisoft
O43 - CFD: 2014/12/12 17:40:17 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 2015/08/29 16:57:24 - [] D -- C:\Program Files (x86)\Wallpapers Bot
O43 - CFD: 2015/08/02 13:51:33 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2015/08/26 15:58:11 - [] D -- C:\Program Files (x86)\Windows Kits
O43 - CFD: 2015/07/10 14:11:49 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/08/02 13:51:33 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2015/07/10 12:04:26 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2015/07/10 12:04:22 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2015/08/02 13:51:33 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2015/07/10 12:04:26 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2015/07/10 12:04:22 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2015/07/10 12:04:22 - [] SD -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 2014/12/06 19:20:46 - [] D -- C:\Program Files (x86)\XBMC
O43 - CFD: 2015/01/03 21:44:11 - [] D -- C:\Program Files (x86)\Xilisoft
O43 - CFD: 2015/07/10 12:04:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/07/10 14:14:55 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/07/10 14:14:55 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/30 18:31:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Athan
O43 - CFD: 2015/07/30 18:31:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Browser
O43 - CFD: 2015/07/31 15:40:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
O43 - CFD: 2015/08/23 16:46:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Black Ops 2
O43 - CFD: 2015/07/30 18:31:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2015/07/30 18:31:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coin Miner
O43 - CFD: 2015/08/22 15:07:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
O43 - CFD: 2015/08/22 19:19:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Identifier
O43 - CFD: 2015/07/30 18:27:19 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager
O43 - CFD: 2015/07/30 18:31:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
O43 - CFD: 2015/09/08 16:21:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/07/30 18:31:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
O43 - CFD: 2015/08/25 17:22:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
O43 - CFD: 2015/07/30 18:31:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Management and Security
O43 - CFD: 2015/07/10 12:04:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/07/30 18:31:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2015/08/23 17:59:24 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2015/08/13 20:05:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2015/09/01 14:30:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
O43 - CFD: 2015/08/11 11:35:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modem LG LDU-1900D
O43 - CFD: 2015/07/16 18:44:46 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed Most Wanted
O43 - CFD: 2015/08/14 12:01:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
O43 - CFD: 2015/08/26 12:28:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
O43 - CFD: 2015/07/30 18:31:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 2015/08/28 19:09:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst
O43 - CFD: 2015/08/09 21:09:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone
O43 - CFD: 2015/07/30 18:27:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
O43 - CFD: 2015/07/30 18:31:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/07/30 18:31:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client
O43 - CFD: 2015/07/30 18:31:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftPerfect WiFi Guard
O43 - CFD: 2015/07/30 18:27:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
O43 - CFD: 2015/08/27 16:31:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spintires
O43 - CFD: 2015/07/30 18:31:11 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2015/08/07 15:55:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 2015/07/10 12:04:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/07/10 14:14:53 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/07/30 18:31:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
O43 - CFD: 2015/07/30 18:31:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/08/26 16:02:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
O43 - CFD: 2015/07/30 18:31:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/01/12 19:52:24 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2015/02/03 17:33:17 - [] AD -- C:\ProgramData\Anti-phishing Domain Advisor =>PUP.Optional.VisicomAntiPhishing
O43 - CFD: 2015/01/12 23:02:49 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2015/01/12 23:07:55 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2015/07/10 13:21:38 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/01/10 18:28:04 - [] D -- C:\ProgramData\Ashampoo
O43 - CFD: 2015/02/09 14:57:28 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 2014/12/20 20:45:35 - [] D -- C:\ProgramData\BDLogging
O43 - CFD: 2015/07/31 16:45:33 - [] D -- C:\ProgramData\Bitdefender
O43 - CFD: 2014/12/26 16:42:41 - [] D -- C:\ProgramData\Bohemia Interactive
O43 - CFD: 2015/08/24 16:18:35 - [] D -- C:\ProgramData\Codemasters
O43 - CFD: 2015/07/10 12:04:22 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 2015/07/10 13:21:38 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2015/07/10 13:21:38 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/07/31 15:15:45 - [0] D -- C:\ProgramData\Dumps
O43 - CFD: 2015/08/21 21:54:12 - [] D -- C:\ProgramData\EA Core
O43 - CFD: 2015/08/22 14:42:11 - [] D -- C:\ProgramData\EA Logs
O43 - CFD: 2015/08/21 21:57:01 - [] D -- C:\ProgramData\Electronic Arts
O43 - CFD: 2015/08/05 13:50:02 - [] D -- C:\ProgramData\FaceOffMax
O43 - CFD: 2015/08/09 21:12:01 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 2014/12/12 20:12:13 - [] D -- C:\ProgramData\Freemake
O43 - CFD: 2015/09/04 05:33:42 - [] D -- C:\ProgramData\Hewlett-Packard
O43 - CFD: 2015/09/08 16:09:08 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 2015/08/08 12:49:50 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2015/08/22 15:07:27 - [] D -- C:\ProgramData\IObit
O43 - CFD: 2015/08/21 22:10:51 - [] D -- C:\ProgramData\ma-config.com
O43 - CFD: 2014/12/07 12:45:39 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2015/07/30 20:59:13 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/08/23 18:00:00 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2015/07/30 20:20:52 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 2014/12/06 16:37:29 - [] D -- C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
O43 - CFD: 2015/09/01 14:22:50 - [] D -- C:\ProgramData\Mirillis
O43 - CFD: 2015/08/14 12:01:18 - [] D -- C:\ProgramData\Nokia
O43 - CFD: 2015/08/14 11:49:26 - [] D -- C:\ProgramData\NokiaInstallerCache
O43 - CFD: 2015/08/27 16:54:51 - [] D -- C:\ProgramData\Origin
O43 - CFD: 2015/08/26 15:57:05 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2015/08/16 14:03:41 - [] D -- C:\ProgramData\PC Suite
O43 - CFD: 2015/08/22 15:07:37 - [] D -- C:\ProgramData\ProductData
O43 - CFD: 2015/07/30 18:31:11 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 2015/07/30 18:31:11 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/08/09 21:09:30 - [] D -- C:\ProgramData\Rosetta Stone
O43 - CFD: 2015/08/09 21:09:30 - [] D -- C:\ProgramData\Rosetta Stone Backups
O43 - CFD: 2015/08/09 21:09:17 - [] D -- C:\ProgramData\RosettaStoneLtdServices
O43 - CFD: 2015/02/03 17:29:59 - [] D -- C:\ProgramData\SearchOnline
O43 - CFD: 2014/12/13 19:13:55 - [] D -- C:\ProgramData\SeriousBit
O43 - CFD: 2015/08/08 21:45:39 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2015/08/22 12:35:23 - [] D -- C:\ProgramData\SoftwareDistribution
O43 - CFD: 2015/07/30 18:22:00 - [] D -- C:\ProgramData\SonicFocus
O43 - CFD: 2014/12/07 17:16:49 - [] D -- C:\ProgramData\Sony
O43 - CFD: 2015/01/10 21:28:59 - [] D -- C:\ProgramData\Stardock
O43 - CFD: 2015/07/10 13:21:38 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2014/12/26 16:42:41 - [] D -- C:\ProgramData\Steam
O43 - CFD: 2015/09/02 12:56:04 - [] AD -- C:\ProgramData\TechSmith
O43 - CFD: 2015/08/23 20:36:13 - [0] D -- C:\ProgramData\TEMP
O43 - CFD: 2015/07/10 13:21:38 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/07/19 17:43:30 - [] D -- C:\ProgramData\Trymedia =>PUP.Optional.Trymedia
O43 - CFD: 2015/04/07 10:50:17 - [] D -- C:\ProgramData\Tunngle
O43 - CFD: 2015/07/10 13:22:45 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 2015/07/10 13:22:45 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 2015/07/23 13:41:33 - [0] D -- C:\ProgramData\VideoCopilot
O43 - CFD: 2015/08/26 16:02:22 - [] D -- C:\ProgramData\Windows App Certification Kit
O43 - CFD: 2015/08/25 17:21:14 - [] AD -- C:\ProgramData\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5}
O43 - CFD: 2015/01/12 19:50:08 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/08/11 11:33:21 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2014/12/06 19:33:20 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2015/08/09 21:12:00 - [] D -- C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 2015/08/26 15:58:12 - [] D -- C:\Program Files (x86)\Common Files\Microsoft
O43 - CFD: 2015/07/30 18:27:14 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2015/08/14 12:00:30 - [] AD -- C:\Program Files (x86)\Common Files\Nokia
O43 - CFD: 2014/12/06 19:33:25 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 2015/07/10 12:04:26 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2015/07/19 18:02:11 - [] AD -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2015/08/23 14:09:38 - [] D -- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 2015/08/02 13:51:33 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/01/12 20:03:35 - [] D -- C:\Users\AML Family\AppData\Roaming\Adobe
O43 - CFD: 2015/01/13 14:21:46 - [] D -- C:\Users\AML Family\AppData\Roaming\Apple Computer
O43 - CFD: 2014/12/22 21:41:41 - [] D -- C:\Users\AML Family\AppData\Roaming\Baidu
O43 - CFD: 2015/07/31 15:40:53 - [] D -- C:\Users\AML Family\AppData\Roaming\Bitdefender
O43 - CFD: 2015/01/25 12:38:00 - [] D -- C:\Users\AML Family\AppData\Roaming\CoinMiner
O43 - CFD: 2015/08/09 21:33:12 - [] D -- C:\Users\AML Family\AppData\Roaming\com.rosettastone.languagetraining
O43 - CFD: 2015/04/04 21:31:30 - [] D -- C:\Users\AML Family\AppData\Roaming\CompitlyEngine
O43 - CFD: 2015/08/21 20:47:35 - [0] D -- C:\Users\AML Family\AppData\Roaming\DeskSoft
O43 - CFD: 2015/09/08 18:05:03 - [0] D -- C:\Users\AML Family\AppData\Roaming\DMCache
O43 - CFD: 2015/08/22 19:20:55 - [] D -- C:\Users\AML Family\AppData\Roaming\driveridentifier
O43 - CFD: 2014/12/06 18:16:09 - [] D -- C:\Users\AML Family\AppData\Roaming\Easeware
O43 - CFD: 2015/08/05 13:47:48 - [] D -- C:\Users\AML Family\AppData\Roaming\FaceOffMax
O43 - CFD: 2015/08/14 17:13:31 - [] D -- C:\Users\AML Family\AppData\Roaming\FiraxisLive
O43 - CFD: 2015/08/25 17:28:52 - [] D -- C:\Users\AML Family\AppData\Roaming\Hewlett-Packard
O43 - CFD: 2015/08/25 17:21:29 - [] D -- C:\Users\AML Family\AppData\Roaming\hpqLog
O43 - CFD: 2015/07/24 11:43:39 - [] D -- C:\Users\AML Family\AppData\Roaming\Identities
O43 - CFD: 2015/08/22 15:07:27 - [] D -- C:\Users\AML Family\AppData\Roaming\IObit
O43 - CFD: 2014/12/07 18:03:11 - [] D -- C:\Users\AML Family\AppData\Roaming\Macromedia
O43 - CFD: 2015/09/04 14:48:54 - [] SD -- C:\Users\AML Family\AppData\Roaming\Microsoft
O43 - CFD: 2015/09/01 14:22:50 - [] D -- C:\Users\AML Family\AppData\Roaming\Mirillis
O43 - CFD: 2015/08/26 16:46:36 - [] D -- C:\Users\AML Family\AppData\Roaming\Origin
O43 - CFD: 2015/08/14 12:01:52 - [] D -- C:\Users\AML Family\AppData\Roaming\PC Suite
O43 - CFD: 2014/12/07 17:59:33 - [0] D -- C:\Users\AML Family\AppData\Roaming\Publish Providers
O43 - CFD: 2014/12/06 17:53:14 - [0] D -- C:\Users\AML Family\AppData\Roaming\QuickScan
O43 - CFD: 2015/08/10 22:13:58 - [] D -- C:\Users\AML Family\AppData\Roaming\Skype
O43 - CFD: 2015/03/09 19:07:12 - [] D -- C:\Users\AML Family\AppData\Roaming\Sony
O43 - CFD: 2015/03/09 15:24:58 - [] D -- C:\Users\AML Family\AppData\Roaming\Sony Creative Software Inc
O43 - CFD: 2015/08/27 16:43:59 - [] D -- C:\Users\AML Family\AppData\Roaming\SpinTires
O43 - CFD: 2014/12/07 17:12:18 - [] D -- C:\Users\AML Family\AppData\Roaming\TechSmith
O43 - CFD: 2014/12/21 12:41:35 - [] D -- C:\Users\AML Family\AppData\Roaming\The Creative Assembly
O43 - CFD: 2015/02/03 21:11:48 - [] D -- C:\Users\AML Family\AppData\Roaming\Tunngle
O43 - CFD: 2015/09/08 16:44:48 - [] D -- C:\Users\AML Family\AppData\Roaming\vlc
O43 - CFD: 2015/09/08 15:38:45 - [] D -- C:\Users\AML Family\AppData\Roaming\Wallpapers Bot
O43 - CFD: 2014/12/06 17:48:24 - [] D -- C:\Users\AML Family\AppData\Roaming\WinRAR
O43 - CFD: 2015/09/07 14:04:18 - [] D -- C:\Users\AML Family\AppData\Roaming\XBMC
O43 - CFD: 2015/01/03 21:49:52 - [] D -- C:\Users\AML Family\AppData\Roaming\Xilisoft
O43 - CFD: 2015/09/08 18:20:00 - [] D -- C:\Users\AML Family\AppData\Roaming\ZHP
O43 - CFD: 2015/07/18 19:58:32 - [] D -- C:\Users\AML Family\AppData\Local\Activision
O43 - CFD: 2015/01/13 22:03:10 - [] D -- C:\Users\AML Family\AppData\Local\Adobe
O43 - CFD: 2015/02/03 17:33:23 - [] D -- C:\Users\AML Family\AppData\Local\antiphishing-completebar1_0dn
O43 - CFD: 2015/01/12 23:02:59 - [] D -- C:\Users\AML Family\AppData\Local\Apple
O43 - CFD: 2015/01/12 23:08:02 - [] D -- C:\Users\AML Family\AppData\Local\Apple Computer
O43 - CFD: 2015/07/30 18:25:21 - [0] SHD -- C:\Users\AML Family\AppData\Local\Application Data
O43 - CFD: 2015/01/13 22:15:17 - [] D -- C:\Users\AML Family\AppData\Local\Arma 3
O43 - CFD: 2014/12/21 20:27:10 - [0] D -- C:\Users\AML Family\AppData\Local\Axialis
O43 - CFD: 2012/11/13 16:01:10 - [] D -- C:\Users\AML Family\AppData\Local\CEF
O43 - CFD: 2015/07/30 21:06:04 - [] D -- C:\Users\AML Family\AppData\Local\Comms
O43 - CFD: 2015/08/24 15:45:59 - [0] D -- C:\Users\AML Family\AppData\Local\CrashDumps
O43 - CFD: 2015/08/22 16:20:53 - [] D -- C:\Users\AML Family\AppData\Local\Diagnostics
O43 - CFD: 2015/08/22 14:53:18 - [0] D -- C:\Users\AML Family\AppData\Local\DriverToolkit
O43 - CFD: 2015/08/26 16:52:05 - [] D -- C:\Users\AML Family\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2015/07/26 19:51:44 - [0] SHD -- C:\Users\AML Family\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015/07/26 19:51:44 - [0] SHD -- C:\Users\AML Family\AppData\Local\EmieSiteList
O43 - CFD: 2015/07/26 19:51:44 - [0] SHD -- C:\Users\AML Family\AppData\Local\EmieUserList
O43 - CFD: 2015/07/24 19:31:18 - [] D -- C:\Users\AML Family\AppData\Local\FluxSoftware
O43 - CFD: 2015/09/08 16:21:09 - [] D -- C:\Users\AML Family\AppData\Local\Google
O43 - CFD: 2015/07/27 21:50:25 - [] D -- C:\Users\AML Family\AppData\Local\GWX
O43 - CFD: 2015/08/26 11:50:01 - [] D -- C:\Users\AML Family\AppData\Local\Hewlett-Packard
O43 - CFD: 2015/07/30 18:25:21 - [0] SHD -- C:\Users\AML Family\AppData\Local\History
O43 - CFD: 2014/12/27 14:26:30 - [] D -- C:\Users\AML Family\AppData\Local\Intel
O43 - CFD: 2015/08/29 12:55:49 - [] D -- C:\Users\AML Family\AppData\Local\Microsoft
O43 - CFD: 2014/12/07 13:30:23 - [0] D -- C:\Users\AML Family\AppData\Local\Microsoft Help
O43 - CFD: 2015/07/30 20:52:01 - [] D -- C:\Users\AML Family\AppData\Local\MicrosoftEdge
O43 - CFD: 2015/09/01 14:22:50 - [] D -- C:\Users\AML Family\AppData\Local\Mirillis
O43 - CFD: 2014/12/07 14:44:47 - [0] D -- C:\Users\AML Family\AppData\Local\MSfree Inc
O43 - CFD: 2015/08/14 17:13:26 - [] D -- C:\Users\AML Family\AppData\Local\My Games
O43 - CFD: 2015/07/30 23:04:02 - [0] D -- C:\Users\AML Family\AppData\Local\NetworkTiles
O43 - CFD: 2015/08/14 12:05:59 - [] D -- C:\Users\AML Family\AppData\Local\Nokia
O43 - CFD: 2015/08/26 12:35:00 - [] D -- C:\Users\AML Family\AppData\Local\Origin
O43 - CFD: 2015/09/05 16:53:18 - [] D -- C:\Users\AML Family\AppData\Local\Packages
O43 - CFD: 2015/07/30 20:27:57 - [0] D -- C:\Users\AML Family\AppData\Local\PeerDistRepub
O43 - CFD: 2015/01/10 18:36:00 - [] D -- C:\Users\AML Family\AppData\Local\photoOptimizeHistoryDataBase
O43 - CFD: 2014/12/06 18:15:14 - [] D -- C:\Users\AML Family\AppData\Local\Programs
O43 - CFD: 2015/07/30 20:19:32 - [] D -- C:\Users\AML Family\AppData\Local\Publishers
O43 - CFD: 2015/07/23 17:33:45 - [] D -- C:\Users\AML Family\AppData\Local\Rockstar Games
O43 - CFD: 2015/07/31 17:36:16 - [] D -- C:\Users\AML Family\AppData\Local\SKIDROW
O43 - CFD: 2015/07/19 18:06:05 - [] D -- C:\Users\AML Family\AppData\Local\Skype
O43 - CFD: 2015/02/21 19:50:31 - [] D -- C:\Users\AML Family\AppData\Local\SmartView2
O43 - CFD: 2014/12/07 17:59:07 - [] D -- C:\Users\AML Family\AppData\Local\Sony
O43 - CFD: 2015/08/02 12:38:55 - [] D -- C:\Users\AML Family\AppData\Local\speech
O43 - CFD: 2012/11/13 16:01:05 - [] D -- C:\Users\AML Family\AppData\Local\Steam
O43 - CFD: 2014/12/07 17:11:42 - [] D -- C:\Users\AML Family\AppData\Local\TechSmith
O43 - CFD: 2015/01/27 14:51:19 - [] D -- C:\Users\AML Family\AppData\Local\TeknoGods
O43 - CFD: 2015/09/08 18:19:29 - [] AD -- C:\Users\AML Family\AppData\Local\Temp
O43 - CFD: 2015/07/30 18:25:21 - [0] SHD -- C:\Users\AML Family\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/07/30 20:18:01 - [] D -- C:\Users\AML Family\AppData\Local\TileDataLayer
O43 - CFD: 2015/08/26 16:17:03 - [] D -- C:\Users\AML Family\AppData\Local\Ubisoft Game Launcher
O43 - CFD: 2015/08/29 20:30:21 - [] D -- C:\Users\AML Family\AppData\Local\VirtualStore
O43 - CFD: 2014/12/21 14:58:33 - [] D -- C:\Users\AML Family\AppData\Local\WiFi Guard
O43 - CFD: 2015/07/10 12:04:26 - [] RD -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/07/30 20:18:00 - [] RD -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/08/19 19:10:29 - [] RD -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/08/22 14:54:12 - [] D -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DevID Agent
O43 - CFD: 2015/07/30 18:31:10 - [] D -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
O43 - CFD: 2015/07/30 18:26:15 - [] D -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
O43 - CFD: 2015/07/10 12:04:26 - [] D -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/07/30 18:26:15 - [] D -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sierra
O43 - CFD: 2015/08/19 19:10:29 - [] RD -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/09/04 14:43:13 - [] D -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 2015/07/10 12:04:26 - [] RD -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/07/30 18:31:10 - [] D -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
O43 - CFD: 2015/08/26 16:17:06 - [] D -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
O43 - CFD: 2015/08/29 16:57:03 - [] D -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wallpapers Bot
O43 - CFD: 2015/07/10 12:04:45 - [] RSD -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
O43 - CFD: 2015/07/30 18:31:10 - [] D -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/07/30 18:31:10 - [] D -- C:\Users\AML Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC

---\\ System Drivers List (74) - 7s
O58 - SDL:2015/08/24 19:59:15 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\1DAF0324.sys [113880] ©
O58 - SDL:2015/08/27 14:11:56 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\25AE63B6.sys [113880] ©
O58 - SDL:2015/07/10 11:59:38 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] ©
O58 - SDL:2015/08/26 11:40:43 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\57E321D8.sys [113880] ©
O58 - SDL:2014/12/11 13:45:39 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\667F4324.sys [129752] ©
O58 - SDL:2009/07/01 11:06:22 A . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\WINDOWS\System32\drivers\ADIHdAud.sys [497152] ©
O58 - SDL:2015/07/10 11:59:38 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] ©
O58 - SDL:2015/07/10 11:59:38 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] ©
O58 - SDL:2015/07/10 11:59:38 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] ©
O58 - SDL:2015/07/10 11:59:38 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] ©
O58 - SDL:2013/02/22 15:52:20 A . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\WINDOWS\System32\drivers\Apfiltr.sys [489264] ©
O58 - SDL:2015/07/10 11:59:38 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] ©
O58 - SDL:2015/07/31 16:11:14 A . (.BitDefender - Active Virus Control filter driver.) -- C:\WINDOWS\System32\drivers\avc3.sys [1369288] ©
O58 - SDL:2015/07/31 16:11:09 A . (.BitDefender - BitDefender AntiVirus Active Virus Control.) -- C:\WINDOWS\System32\drivers\avchv.sys [271272] ©
O58 - SDL:2015/07/31 16:11:15 A . (.BitDefender - Active Virus Control Kernel Filtering drive.) -- C:\WINDOWS\System32\drivers\avckf.sys [747120] ©
O58 - SDL:2015/07/10 11:59:38 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [17624] ©
O58 - SDL:2013/09/08 20:04:56 A . (.Bitdefender - Bitdefender Early Launch Anti-Malware Drive.) -- C:\WINDOWS\System32\drivers\bdelam.sys [23568] ©
O58 - SDL:2013/11/19 15:44:02 A . (.BitDefender LLC - BitDefender Firewall NDIS6 Filter Driver.) -- C:\WINDOWS\System32\drivers\bdfndisf6.sys [98768] ©
O58 - SDL:2015/01/09 11:59:25 A . (.BitDefender SRL - BitDefender SandBox Filter Driver.) -- C:\WINDOWS\System32\drivers\bdsandbox.sys [82824]
O58 - SDL:2015/07/31 16:11:16 A . (.BitDefender - FileVault Disk Driver.) -- C:\WINDOWS\System32\drivers\bdvedisk.sys [79192] ©
O58 - SDL:2015/07/10 11:59:38 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] ©
O58 - SDL:2013/01/23 10:31:52 A . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\System32\drivers\ccdcmbox64.sys [27136] ©
O58 - SDL:2013/01/23 10:31:52 A . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\System32\drivers\ccdcmbx64.sys [19968] ©
O58 - SDL:2015/07/10 11:59:36 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -- C:\WINDOWS\System32\drivers\e1i63x64.sys [482328] ©
O58 - SDL:2015/07/10 11:59:38 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] ©
O58 - SDL:2015/07/31 16:11:09 A . (.BitDefender LLC - BitDefender Gonzales FileSystem Driver.) -- C:\WINDOWS\System32\drivers\gzflt.sys [160032] ©
O58 - SDL:2009/06/24 05:28:54 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECIx64.sys [56344] ©
O58 - SDL:2015/07/10 11:59:38 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] ©
O58 - SDL:2009/08/15 05:58:04 A . (.Windows (R) Codename Longhorn DDK provider - Example Keyboard Filter Driver.) -- C:\WINDOWS\System32\drivers\i8042HDR.sys [15920] ©
O58 - SDL:2015/07/10 11:59:36 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] ©
O58 - SDL:2015/07/10 11:59:36 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [122608] ©
O58 - SDL:2015/07/10 11:59:38 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] ©
O58 - SDL:2015/07/10 11:59:38 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] ©
O58 - SDL:2015/04/18 02:06:24 N . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\WINDOWS\System32\drivers\idmwfp.sys [195056] ©
O58 - SDL:2011/06/03 13:34:10 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [10628800] ©
O58 - SDL:2012/08/29 02:34:34 A . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\System32\drivers\igxpmp64.sys [2712576] ©
O58 - SDL:2008/08/26 00:39:30 A . (.LG Electronics Inc. - LG EVDOM USB ATC Driver.) -- C:\WINDOWS\System32\drivers\lgevdom64atc.sys [27136]
O58 - SDL:2008/08/26 00:39:32 A . (.LG Electronics Inc. - LG EVDOM USB Multi function Driver.) -- C:\WINDOWS\System32\drivers\lgevdom64bus.sys [18432]
O58 - SDL:2008/08/26 00:39:34 A . (.LG Electronics Inc. - LG EVDOM USB Diagnostics Driver.) -- C:\WINDOWS\System32\drivers\lgevdom64diag.sys [27136]
O58 - SDL:2008/08/26 00:39:34 A . (.LG Electronics Inc. - LG EVDOM USB Modem Driver.) -- C:\WINDOWS\System32\drivers\lgevdom64modem.sys [29696]
O58 - SDL:2015/07/10 11:59:38 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108896] ©
O58 - SDL:2015/07/10 11:59:38 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] ©
O58 - SDL:2015/07/10 11:59:38 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] ©
O58 - SDL:2015/07/10 11:59:38 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] ©
O58 - SDL:2015/06/18 08:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [25816] ©
O58 - SDL:2015/06/18 08:41:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [109272] ©
O58 - SDL:2015/09/08 18:02:37 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [113880] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] ©
O58 - SDL:2015/07/10 11:59:39 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] ©
O58 - SDL:2015/06/18 08:42:02 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\drivers\mwac.sys [64216] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] ©
O58 - SDL:2014/12/21 10:44:06 A . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\WINDOWS\System32\drivers\Neo_VPN.sys [28768]
O58 - SDL:2015/07/10 11:59:36 A . (.MediaTek Inc. - MediaTek 802.11n Wireless Adapter Driver.) -- C:\WINDOWS\System32\drivers\netr28ux.sys [2204304]
O58 - SDL:2015/07/10 11:59:39 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] ©
O58 - SDL:2015/07/10 11:59:39 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] ©
O58 - SDL:2012/10/17 14:53:46 A . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\System32\drivers\pccsmcfdx64.sys [26112] ©
O58 - SDL:2015/07/10 11:59:39 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] ©
O58 - SDL:2014/12/07 12:26:50 A . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\WINDOWS\System32\drivers\SeLow_x64.sys [38368]
O58 - SDL:2015/07/10 11:59:39 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] ©
O58 - SDL:2009/09/16 08:02:42 A . (.Tunngle.net - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\tap0901t.sys [31232]
O58 - SDL:2015/07/31 16:11:09 A . (.BitDefender S.R.L. - Trufos Kernel Module.) -- C:\WINDOWS\System32\drivers\trufos.sys [477272] ©
O58 - SDL:2015/07/10 11:59:48 A . (...) -- C:\WINDOWS\System32\drivers\Udecx.sys [44032]
O58 - SDL:2013/01/23 10:31:52 A . (.Nokia - Filter Driver for Nokia USB Phone Bus Drive.) -- C:\WINDOWS\System32\drivers\usbser_lowerfltjx64.sys [9216] ©
O58 - SDL:2013/01/23 10:31:52 A . (.Nokia - Filter Driver for Nokia USB Phone Bus Drive.) -- C:\WINDOWS\System32\drivers\usbser_lowerfltx64.sys [9216] ©
O58 - SDL:2015/07/10 11:59:39 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] ©
O58 - SDL:2015/07/10 11:59:39 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] ©

---\\ Last modified or created user files (26) - 44s
O61 - LFC: 2015/09/01 14:20:20 A . (.Mirillis Ltd..) -- C:\Users\AML Family\Downloads\action_1_26_1_setup.exe [19849960]
O61 - LFC: 2015/09/07 14:17:23 A . (..) -- C:\Users\AML Family\AppData\Roaming\Mirillis\Action\back.bin [20]
O61 - LFC: 2015/09/02 12:46:16 A . (..) -- C:\Users\AML Family\AppData\Local\Sony\Vegas Pro\13.0\Media Pool Thumbnails\media_thumbnail_cache.bin [128]
O61 - LFC: 2015/09/02 16:59:39 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\TuneIn.TuneInRadio_6bhtb546zcxnj\AC\Microsoft\CLR_v4.0_32\NativeImages\nVentive.Um9106121c#\c88c633a11e427c30c46abee93db4659\nVentive.Umbrella.Web.WinRT.ni.dll [805888] =>PUP.Optional.IMBouster
O61 - LFC: 2015/09/02 16:59:46 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\TuneIn.TuneInRadio_6bhtb546zcxnj\AC\Microsoft\CLR_v4.0_32\NativeImages\nVentive.Um3acd8db2#\359e23737922e3899e5fb7489eebfa0e\nVentive.Umbrella.Utilities.Ads.WinRT.ni.dll [122880] =>PUP.Optional.IMBouster
O61 - LFC: 2015/09/02 16:59:24 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\TuneIn.TuneInRadio_6bhtb546zcxnj\AC\Microsoft\CLR_v4.0_32\NativeImages\nVentive.Um114fe9fe#\0f1ac9f3c88868dd604641cb56c6f535\nVentive.Umbrella.Services.Contract.WinRT.ni.dll [81408] =>PUP.Optional.IMBouster
O61 - LFC: 2015/09/02 16:59:27 A . (.Clarius Consulting.) -- C:\Users\AML Family\AppData\Local\Packages\TuneIn.TuneInRadio_6bhtb546zcxnj\AC\Microsoft\CLR_v4.0_32\NativeImages\Funq\011ad909c21fee6b39b7f14dbee1b806\Funq.ni.dll [206848]
O61 - LFC: 2015/09/03 14:39:08 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\Microsoft.XboxApp_8wekyb3d8bbwe\LocalState\GameDVR\KnownGameList.bin [38492]
O61 - LFC: 2015/09/08 17:46:01 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\Microsoft.WindowsMaps_8wekyb3d8bbwe\LocalState\speech_onecorereg.bin [8192]
O61 - LFC: 2015/09/06 15:30:27 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_100_0_Header.bin [19624]
O61 - LFC: 2015/09/08 15:43:24 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Contacts_01.0409.digest.bin [1740]
O61 - LFC: 2015/09/08 15:43:41 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Contacts_02.0409.digest.bin [1740]
O61 - LFC: 2015/09/07 14:18:14 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\MusicPlaylist_01.0409.digest.bin [124]
O61 - LFC: 2015/09/06 14:21:19 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\MusicPlaylist_02.0409.digest.bin [124]
O61 - LFC: 2015/09/07 14:20:53 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\PointsOfInterest2_01.0409.digest.bin [56]
O61 - LFC: 2015/09/05 14:19:44 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\PointsOfInterest2_02.0409.digest.bin [56]
O61 - LFC: 2015/09/06 14:22:04 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\PointsOfInterest_01.0409.digest.bin [56]
O61 - LFC: 2015/09/07 14:19:48 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\PointsOfInterest_02.0409.digest.bin [56]
O61 - LFC: 2015/09/08 16:22:12 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\speech_onecorereg.bin [8192]
O61 - LFC: 2015/09/07 14:19:27 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\VaStartMenu_01.0409.digest.bin [20404]
O61 - LFC: 2015/09/06 14:22:00 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\VaStartMenu_02.0409.digest.bin [20404]
O61 - LFC: 2015/09/08 18:11:13 A . (..) -- C:\Users\AML Family\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\cache\proactive\proactive-cache.bin [210827]
O61 - LFC: 2015/09/05 17:03:29 A . (.Copyright © 2013.) -- C:\Users\AML Family\AppData\Local\Packages\57897RuthJ.Reed.HowtoBuildMuscle_tkwp5bfw1ssbe\AC\Microsoft\CLR_v4.0_32\NativeImages\UmengAnalyticsWinRT\d8da33e08a4a294a7c9e1345dd2fc58a\UmengAnalyticsWinRT.ni.dll [272896]
O61 - LFC: 2015/09/05 17:02:56 A . (.Copyright © 2013.) -- C:\Users\AML Family\AppData\Local\Packages\57897RuthJ.Reed.HowtoBuildMuscle_tkwp5bfw1ssbe\AC\Microsoft\CLR_v4.0_32\NativeImages\HowtoBuildMuscle\0b482e3ce795bbcb013a6c55e71a6a42\HowtoBuildMuscle.ni.exe [271360]
O61 - LFC: 2015/09/05 17:02:48 A . (.Ace of Dotcom, LLC..) -- C:\Users\AML Family\AppData\Local\Packages\32940RyanW.Fiorini.OneHundredPushups_rwf0bzkj6qnsm\AC\Microsoft\CLR_v4.0\NativeImages\OneHundredPushups\8129ecec3c7df908e10789735bbf49e6\OneHundredPushups.ni.exe [980992]
O61 - LFC: 2015/09/08 16:13:08 A . (..) -- C:\Users\AML Family\AppData\Local\Microsoft\Internet Explorer\UrlBlock\urlblock_635773154948484439.bin [108409]

---\\ File Associations Shell Spawning (11) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ©
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Spark\spark.exe

---\\ Start Menu Internet (12) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Spark\Spark.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Spark\spark.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Spark\spark.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Spark\spark.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©

---\\ Search Browser Infection (2) - 0s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} - (Search The Web) - http://search.searchcompletion.com/

---\\ Crack & Keygen Files (2) - 23s
O82 - LFC: 2015/08/23 20:47:16 A . (...) -- C:\Users\AML Family\Downloads\City Car Driving Keygen+Crack.rar [3354745] =>.Crack,Keygen
O82 - LFC: 2015/08/23 20:47:07 A . (...) -- C:\Users\AML Family\AppData\Local\Temp\City Car Driving Keygen+Crack.rar [0] =>.Crack,Keygen

---\\ Search Svchost Services (42) - 0s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [192000] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [192000] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [283136] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\WINDOWS\System32\gpsvc.dll [1335296] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\WINDOWS\System32\ikeext.dll [954368] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\WINDOWS\System32\iphlpsvc.dll [954880] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [31232] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\WINDOWS\System32\appinfo.dll [93696] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\WINDOWS\system32\iscsiexe.dll [151040] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\WINDOWS\System32\eapsvc.dll [106496] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\WINDOWS\system32\schedsvc.dll [1008640] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [226304] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [133120] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [324608] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [371200] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\WINDOWS\System32\wercplsupport.dll [95744] ©
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\WINDOWS\system32\wlidsvc.dll [2093056] ©
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [196096] ©
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\WINDOWS\System32\ncasvc.dll [167424] ©
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\WINDOWS\System32\NetSetupSvc.dll [187392] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [106496] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [679936] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [497152] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\System32\sens.dll [72192] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\System32\ipnathlp.dll [452608] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [311808] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2235904] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll [1168896] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [593920] ©
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [63488] ©
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1149440] ©
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1019392] ©
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [343040] ©
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [717312] ©
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll [27136] ©
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [267776] ©
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [918016] ©
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [996352] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\WINDOWS\System32\bdesvc.dll [359936] ©
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [237568] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\WINDOWS\system32\themeservice.dll [58368] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [200192] ©

---\\ Firewall Active Exception List (52) - 4s
O87 - FAEL: "UDP Query User{CFA2BEB2-B57A-457A-B926-C813265556BF}D:\activision\call of duty - black ops\blackopsmp.exe" [In-None-P17-TRUE] .(...) -- D:\activision\call of duty - black ops\blackopsmp.exe (.not file.)
O87 - FAEL: "TCP Query User{0AB91EFE-8F2D-44AC-9535-D4647E68BFF8}D:\activision\call of duty - black ops\blackopsmp.exe" [In-None-P6-TRUE] .(...) -- D:\activision\call of duty - black ops\blackopsmp.exe (.not file.)
O87 - FAEL: "{2400B20F-0B4E-46EA-9C93-603F9D527C15}" [In-None-P17-TRUE] .(.Sonera Corporative OU - Coin Miner by CoIntellect.) -- C:\Program Files (x86)\CoinMiner\coinminer.exe
O87 - FAEL: "{B3AD640D-8776-4C3A-BE20-79D8184D2555}" [In-None-P6-TRUE] .(.Sonera Corporative OU - Coin Miner by CoIntellect.) -- C:\Program Files (x86)\CoinMiner\coinminer.exe
O87 - FAEL: "{A681C2B8-C45C-4BAA-9309-ADE4E55E7940}" [In-None-P17-TRUE] .(.Sonera Corporative OU - Coin Miner by CoIntellect.) -- C:\Program Files (x86)\CoinMiner\coinminer.exe
O87 - FAEL: "{C32129F1-4687-43FF-B848-2E33015774D4}" [In-None-P6-TRUE] .(.Sonera Corporative OU - Coin Miner by CoIntellect.) -- C:\Program Files (x86)\CoinMiner\coinminer.exe
O87 - FAEL: "{871BB706-7D98-40EA-BFFF-6AE7CF45F81F}" [In-None-P17-TRUE] .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files (x86)\completebartb\dtUser.exe
O87 - FAEL: "{AECA5E71-804F-428F-84BC-1B6C8054EBD3}" [In-None-P6-TRUE] .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files (x86)\completebartb\dtUser.exe
O87 - FAEL: "UDP Query User{A64167C7-A35F-4EAC-B9F9-5CCC1A545B80}C:\program files (x86)\xbmc\xbmc.exe" [In-None-P17-TRUE] .(.Team XBMC - XBMC.) -- C:\program files (x86)\xbmc\xbmc.exe
O87 - FAEL: "TCP Query User{98607C5D-4B7C-4D9C-BB0D-EC7AB6423217}C:\program files (x86)\xbmc\xbmc.exe" [In-None-P6-TRUE] .(.Team XBMC - XBMC.) -- C:\program files (x86)\xbmc\xbmc.exe
O87 - FAEL: "{AEE21E94-6B0C-462A-A38C-A0BC0096FC8D}" [In-None-P17-TRUE] .(.Tunngle.net GmbH - Tunngle GUI.) -- C:\Program Files (x86)\Tunngle\Tunngle.exe
O87 - FAEL: "{23BEDB7D-E043-4081-A571-965C96FF67DF}" [In-None-P6-TRUE] .(.Tunngle.net GmbH - Tunngle GUI.) -- C:\Program Files (x86)\Tunngle\Tunngle.exe
O87 - FAEL: "{AED17F1E-F8D3-474D-AA39-2D5384C9C7DF}" [In-None-P17-TRUE] .(.Tunngle.net GmbH - Tunngle Service.) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O87 - FAEL: "{8887135C-3DCD-469F-8868-365BB00A600A}" [In-None-P6-TRUE] .(.Tunngle.net GmbH - Tunngle Service.) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O87 - FAEL: "{31685F59-A253-4E31-A98D-77FE10CD9566}" [In-None-P17-TRUE] .(.Copyright © 2013 - Smart View 2.0.) -- C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
O87 - FAEL: "{C6A79DF1-4BD7-418C-9D7D-ABDCA7A3E25E}" [In-None-P6-TRUE] .(.Copyright © 2013 - Smart View 2.0.) -- C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
O87 - FAEL: "{A60998F8-8BCF-4963-A7AD-84C40158A932}" [In-None-P17-TRUE] .(.Copyright © 2013 - Smart View 2.0.) -- C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
O87 - FAEL: "{513B2F73-8EB5-4CDA-8F4A-B6BDCE58D3DD}" [In-None-P6-TRUE] .(.Copyright © 2013 - Smart View 2.0.) -- C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
O87 - FAEL: "{B085BC45-DE63-40F4-A66E-00C0F91AC9D5}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Cracked Steam\bin\steamwebhelper.exe (.not file.)
O87 - FAEL: "{DED5FBA6-A704-4C84-8754-FA5907277F76}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Cracked Steam\bin\steamwebhelper.exe (.not file.)
O87 - FAEL: "{C3931519-C8CA-4C90-8C8D-9F39F1CC8825}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Cracked Steam\steam.exe (.not file.)
O87 - FAEL: "{549CE01A-C5E7-4DB3-9A56-981F3C0B82F1}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Cracked Steam\steam.exe (.not file.)
O87 - FAEL: "UDP Query User{601E835D-0283-4858-9E51-41C110DCAE6F}C:\program files (x86)\baidu\spark\bdtray.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\baidu\spark\bdtray.exe
O87 - FAEL: "TCP Query User{7E185BDB-B638-49D2-859E-92F6440206D2}C:\program files (x86)\baidu\spark\bdtray.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\baidu\spark\bdtray.exe
O87 - FAEL: "{EA4B7CC8-B4E6-4DB3-A144-6A8DB7212331}" [In-None-P17-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O87 - FAEL: "{B014FD93-E534-4E1D-87C5-0B80057A8CE1}" [In-None-P6-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O87 - FAEL: "{2170E83E-5E59-4F90-BD9C-691C571A7C62}" [In-None-P17-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O87 - FAEL: "{322F68C4-4BDA-4CD0-A46D-52C30BADF373}" [In-None-P6-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O87 - FAEL: "{56B192C1-CAF8-4BC0-B1E3-01F65403E7E9}" [In-None-P6-TRUE] .(.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
O87 - FAEL: "{B956B016-620F-4ED6-B360-0DEDFB95069A}" [In-None-P6-TRUE] .(.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Program Files\SoftEther VPN Client\vpncmgr.exe
O87 - FAEL: "{BE3C1749-8CAA-4489-ADC7-9AA0387380E6}" [In-None-P6-TRUE] .(.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
O87 - FAEL: "{79091640-596D-427F-B740-C140FF761D06}" [In-None-P6-TRUE] .(.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
O87 - FAEL: "{D3C0843C-5CBA-4606-85B9-2E18AE87904E}" [In-None-P6-TRUE] .(.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Program Files\SoftEther VPN Client\vpncmd.exe
O87 - FAEL: "{D142E080-EC1C-47A6-BA2B-17E55754069F}" [In-None-P6-TRUE] .(.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Program Files\SoftEther VPN Client\vpnclient.exe
O87 - FAEL: "{0B069D79-229B-4413-BBDB-FD413C176DE3}" [In-None-P17-TRUE] .(...) -- C:\Program Files\ma-config.com\MaConfigAgent.exe (.not file.)
O87 - FAEL: "{22A52410-2395-4D6E-8D60-3D65F772CC3A}" [In-None-P6-TRUE] .(...) -- C:\Program Files\ma-config.com\MaConfigAgent.exe (.not file.)
O87 - FAEL: "{4BEB572F-1366-4024-8211-6CD10BF6DD11}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\baidu\Spark\bdtray.exe
O87 - FAEL: "{1D2850C6-98BB-4B76-9BCE-99E268BBB334}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\baidu\Spark\bdtray.exe
O87 - FAEL: "{E57D3C9D-C4C1-463A-BBDD-7BBB0438975A}" [In-None-P17-TRUE] .(.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Spark\Spark.exe
O87 - FAEL: "{DB48BEEC-DF93-4EE3-828B-7082E2CE73A9}" [In-None-P6-TRUE] .(.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Spark\Spark.exe
O87 - FAEL: "{7BB0ECF6-68A3-48E6-8946-603C489CA921}" [In-None-P17-TRUE] .(.Rosetta Stone Ltd. - Rosetta Stone Ltd. application.) -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
O87 - FAEL: "{0B3B0DB3-58CB-41EC-9C95-53E9FF8E6AF3}" [Out-None-P6-TRUE] .(.Rosetta Stone Ltd. - Rosetta Stone Ltd. application.) -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
O87 - FAEL: "{92E03EAB-75D4-4D4A-8A71-03E4E41FEEEA}" [In-None-P6-TRUE] .(.Rosetta Stone Ltd. - Rosetta Stone Ltd. application.) -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
O87 - FAEL: "{132CA032-106E-42A2-8F8B-F92657A86120}" [Out-None-P6-TRUE] .(.Rosetta Stone Ltd. - Rosetta Stone Ltd. application.) -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
O87 - FAEL: "{0E52D89D-7D00-4176-BE77-C72BCB60994A}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe (.not file.)
O87 - FAEL: "{25C9D8F7-0550-4502-A67A-F4F1AE63AEC9}" [In-None-P6-TRUE] .(...) -- C:\Program Files\ma-config.com\MCDetection.exe (.not file.)
O87 - FAEL: "{A0978A74-784C-41B4-896C-0C2976434457}" [In-None-P17-TRUE] .(...) -- C:\Program Files\ma-config.com\MCDetection.exe (.not file.)
O87 - FAEL: "{FDB13A59-18CA-40B2-8E11-85776F05A565}" [In-None-P6-TRUE] .(...) -- C:\Program Files\DriversCloud.com\MCDetection.exe (.not file.)
O87 - FAEL: "{7518AE17-622B-4350-BF31-82AD4CAD4575}" [In-None-P17-TRUE] .(...) -- C:\Program Files\DriversCloud.com\MCDetection.exe (.not file.)
O87 - FAEL: "{6EFA6790-EDC5-4CC3-B824-0E36A87F9828}" [In-None-P6-TRUE] .(...) -- D:\Codemasters\GRID\GRID.exe (.not file.)
O87 - FAEL: "{FFB3944B-13E7-48E6-8B1F-AFD94758A2E8}" [In-None-P17-TRUE] .(...) -- D:\Codemasters\GRID\GRID.exe (.not file.)
O87 - FAEL: "{28B07E7E-819C-4B26-A243-69E651F8EAD1}" [In-None-P6-TRUE] .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe (.not file.)

---\\ Services not Microsoft (SR=Run, SS=Stop) (25) - 18s

SR - Auto [2009/07/01 11:06:24] [ 111616] @oem16.inf,%AEADISRV.SvcDesc%;Andrea ADI Filters Service (AEADIFilters) . (.Andrea Electronics Corporation.) - C:\WINDOWS\system32\AEADISRV.EXE ©
SS - Demand [2014/12/09 18:37:56] [ 78144] Bitdefender Desktop Parental Control (BdDesktopParental) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe ©
SR - Auto [2012/07/19 16:18:38] [ 2568120] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
SS - Demand [2015/08/09 21:12:00] [ 1045256] FLEXnet Licensing Service (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe ©
SS - Auto [2015/09/08 16:19:12] [ 144200] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SS - Demand [2015/09/08 16:19:12] [ 144200] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SR - Demand [2015/04/28 15:39:48] [ 1102472] HP Software Framework Service (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe ©
SR - Auto [2015/07/26 21:38:30] [ 24888] HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe ©
SR - Auto [2009/07/21 15:40:50] [ 174616] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\AMT\LMS.exe ©
SR - Auto [2015/06/18 08:39:46] [ 1871160] MBAMScheduler (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe ©
SR - Auto [2015/06/18 08:39:50] [ 1133880] MBAMService (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe ©
SS - Demand [2015/08/26 12:32:21] [ 2007048] Origin Client Service (Origin Client Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginClientService.exe ©
SR - Auto [2012/06/19 16:21:24] [ 1646608] RosettaStoneDaemon (RosettaStoneDaemon) . (.Rosetta Stone Ltd..) - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
SS - Disabled [2013/07/08 15:59:09] [ 94624] SafeBox (SafeBox) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe ©
SR - Demand [2013/04/18 11:06:42] [ 737616] ServiceLayer (ServiceLayer) . (.Nokia.) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe ©
SR - Auto [2015/02/20 18:50:07] [ 4408888] SoftEther VPN Client (SEVPNCLIENT) . (.SoftEther VPN Project at University of Tsukuba, Japan.) - C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
SS - Auto [2015/06/25 20:09:34] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
SS - Auto [2015/02/09 14:53:56] [ 84160] Baidu Spark Service (SparkSvc) . (.Baidu Inc..) - C:\Program Files (x86)\baidu\Spark\sparkservice.exe
SS - Demand [2014/10/31 03:10:40] [ 1356992] Baidu Spark Updater (SparkUpdater) . (.Baidu.com, Inc..) - C:\Program Files (x86)\baidu\SparkUpdate\Sparkupdate.exe
SR - Demand [2015/08/19 21:39:00] [ 838336] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe ©
SS - Demand [2015/01/17 19:03:18] [ 762320] TunngleService (TunngleService) . (.Tunngle.net GmbH.) - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
SR - Auto [2009/07/21 15:40:56] [ 2066968] Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe ©
SR - Auto [2014/10/27 20:22:19] [ 67320] Bitdefender Desktop Update Service (UPDATESRV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe ©
SR - Auto [2015/06/18 18:47:08] [ 1545376] Bitdefender Virus Shield (VSSERV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe ©

---\\ Additional Scan (O88) (12) - 0s
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe =>PUP.Optional.VisicomAntiPhishing
C:\Windows\AutoKMS\AutoKMS.exe =>HackTool.AutoKMS
C:\WINDOWS\System32\Tasks\AutoKMS =>HackTool.AutoKMS
HKLM\SOFTWARE\Wow6432Node\Trymedia Systems =>PUP.Optional.Trymedia
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\Complitly =>PUP.Optional.PredictAd
C:\ProgramData\Anti-phishing Domain Advisor =>PUP.Optional.VisicomAntiPhishing
C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
C:\ProgramData\Trymedia =>PUP.Optional.Trymedia
C:\Users\AML Family\AppData\Local\Packages\TuneIn.TuneInRadio_6bhtb546zcxnj\AC\Microsoft\CLR_v4.0_32\NativeImages\nVentive.Um9106121c#\c88c633a11e427c30c46abee93db4659\nVentive.Umbrella.Web.WinRT.ni.dll =>PUP.Optional.IMBouster
C:\Users\AML Family\AppData\Local\Packages\TuneIn.TuneInRadio_6bhtb546zcxnj\AC\Microsoft\CLR_v4.0_32\NativeImages\nVentive.Um3acd8db2#\359e23737922e3899e5fb7489eebfa0e\nVentive.Umbrella.Utilities.Ads.WinRT.ni.dll =>PUP.Optional.IMBouster
C:\Users\AML Family\AppData\Local\Packages\TuneIn.TuneInRadio_6bhtb546zcxnj\AC\Microsoft\CLR_v4.0_32\NativeImages\nVentive.Um114fe9fe#\0f1ac9f3c88868dd604641cb56c6f535\nVentive.Umbrella.Services.Contract.WinRT.ni.dll =>PUP.Optional.IMBouster

---\\ Summary of the elements found (6) - 0s
http://www.nicolascoolman.fr/blog =>PUP.Optional.VisicomAntiPhishing
http://www.nicolascoolman.fr/trojan-autokms/ =>HackTool.AutoKMS
http://www.nicolascoolman.fr/adware-trymedia/ =>PUP.Optional.Trymedia
http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/adware-predictad/ =>PUP.Optional.PredictAd
http://www.nicolascoolman.fr/adware-imbooster/ =>PUP.Optional.IMBouster

~ End of the scan, 35815 items in 151 seconds (1053)(2)()

Publicité


Signaler le contenu de ce document

Publicité